sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
ba72b0242e
samba-mirror/source3/libads/ads_utils.c

152 lines
4.9 KiB
C
Raw Normal View History

Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
/*
Unix SMB/CIFS implementation.
ads (active directory) utility library
Copyright (C) Stefan (metze) Metzmacher 2002
syncing up with HEAD. Seems to be a lot of differences creeping in (i ignored the new SAMBA stuff, but the rest of this looks like it should have been merged already). (This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
2002-10-01 22:26:00 +04:00
Copyright (C) Andrew Tridgell 2001
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
/*
translated the ACB_CTRL Flags to UserFlags (userAccountControl)
*/
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
uint32 ads_acb2uf(uint32 acb)
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
{
uint32 uf = 0x00000000;
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
if (acb & ACB_DISABLED) uf |= UF_ACCOUNTDISABLE;
if (acb & ACB_HOMDIRREQ) uf |= UF_HOMEDIR_REQUIRED;
if (acb & ACB_PWNOTREQ) uf |= UF_PASSWD_NOTREQD;
if (acb & ACB_TEMPDUP) uf |= UF_TEMP_DUPLICATE_ACCOUNT;
if (acb & ACB_NORMAL) uf |= UF_NORMAL_ACCOUNT;
if (acb & ACB_MNS) uf |= UF_MNS_LOGON_ACCOUNT;
if (acb & ACB_DOMTRUST) uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
if (acb & ACB_WSTRUST) uf |= UF_WORKSTATION_TRUST_ACCOUNT;
if (acb & ACB_SVRTRUST) uf |= UF_SERVER_TRUST_ACCOUNT;
if (acb & ACB_PWNOEXP) uf |= UF_DONT_EXPIRE_PASSWD;
if (acb & ACB_AUTOLOCK) uf |= UF_LOCKOUT;
if (acb & ACB_USE_DES_KEY_ONLY) uf |= UF_USE_DES_KEY_ONLY;
if (acb & ACB_SMARTCARD_REQUIRED) uf |= UF_SMARTCARD_REQUIRED;
if (acb & ACB_TRUSTED_FOR_DELEGATION) uf |= UF_TRUSTED_FOR_DELEGATION;
if (acb & ACB_DONT_REQUIRE_PREAUTH) uf |= UF_DONT_REQUIRE_PREAUTH;
if (acb & ACB_NO_AUTH_DATA_REQD) uf |= UF_NO_AUTH_DATA_REQUIRED;
if (acb & ACB_NOT_DELEGATED) uf |= UF_NOT_DELEGATED;
if (acb & ACB_ENC_TXT_PWD_ALLOWED) uf |= UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED;
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
return uf;
}
Another patch from metze, towards his work on sam_ads. See mx-ldap.sf.net for his current progress. (This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
2002-09-25 13:40:45 +04:00
/*
translated the UserFlags (userAccountControl) to ACB_CTRL Flags
*/
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
uint32 ads_uf2acb(uint32 uf)
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
{
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
uint32 acb = 0x00000000;
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
if (uf & UF_ACCOUNTDISABLE) acb |= ACB_DISABLED;
if (uf & UF_HOMEDIR_REQUIRED) acb |= ACB_HOMDIRREQ;
if (uf & UF_PASSWD_NOTREQD) acb |= ACB_PWNOTREQ;
if (uf & UF_MNS_LOGON_ACCOUNT) acb |= ACB_MNS;
if (uf & UF_DONT_EXPIRE_PASSWD) acb |= ACB_PWNOEXP;
if (uf & UF_LOCKOUT) acb |= ACB_AUTOLOCK;
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
if (uf & UF_USE_DES_KEY_ONLY) acb |= ACB_USE_DES_KEY_ONLY;
if (uf & UF_SMARTCARD_REQUIRED) acb |= ACB_SMARTCARD_REQUIRED;
if (uf & UF_TRUSTED_FOR_DELEGATION) acb |= ACB_TRUSTED_FOR_DELEGATION;
if (uf & UF_DONT_REQUIRE_PREAUTH) acb |= ACB_DONT_REQUIRE_PREAUTH;
if (uf & UF_NO_AUTH_DATA_REQUIRED) acb |= ACB_NO_AUTH_DATA_REQD;
if (uf & UF_NOT_DELEGATED) acb |= ACB_NOT_DELEGATED;
if (uf & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED) acb |= ACB_ENC_TXT_PWD_ALLOWED;
Seems I missed commiting this when I added the rest of metze's ADS patch. Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06 17:46:36 +04:00
switch (uf & UF_ACCOUNT_TYPE_MASK)
{
case UF_TEMP_DUPLICATE_ACCOUNT: acb |= ACB_TEMPDUP;break;
case UF_NORMAL_ACCOUNT: acb |= ACB_NORMAL;break;
case UF_INTERDOMAIN_TRUST_ACCOUNT: acb |= ACB_DOMTRUST;break;
case UF_WORKSTATION_TRUST_ACCOUNT: acb |= ACB_WSTRUST;break;
case UF_SERVER_TRUST_ACCOUNT: acb |= ACB_SVRTRUST;break;
/*Fix Me: what should we do here? */
default: acb |= ACB_NORMAL;break;
}
return acb;
}
Another patch from metze, towards his work on sam_ads. See mx-ldap.sf.net for his current progress. (This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
2002-09-25 13:40:45 +04:00
/*
get the accountType from the UserFlags
*/
uint32 ads_uf2atype(uint32 uf)
{
uint32 atype = 0x00000000;
if (uf & UF_NORMAL_ACCOUNT) atype = ATYPE_NORMAL_ACCOUNT;
else if (uf & UF_TEMP_DUPLICATE_ACCOUNT) atype = ATYPE_NORMAL_ACCOUNT;
else if (uf & UF_SERVER_TRUST_ACCOUNT) atype = ATYPE_WORKSTATION_TRUST;
else if (uf & UF_WORKSTATION_TRUST_ACCOUNT) atype = ATYPE_WORKSTATION_TRUST;
else if (uf & UF_INTERDOMAIN_TRUST_ACCOUNT) atype = ATYPE_INTERDOMAIN_TRUST;
return atype;
}
/*
get the accountType from the groupType
*/
uint32 ads_gtype2atype(uint32 gtype)
{
uint32 atype = 0x00000000;
switch(gtype) {
case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
atype = ATYPE_SECURITY_LOCAL_GROUP;
break;
case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
atype = ATYPE_SECURITY_LOCAL_GROUP;
break;
case GTYPE_SECURITY_GLOBAL_GROUP:
atype = ATYPE_SECURITY_GLOBAL_GROUP;
break;
case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
atype = ATYPE_DISTRIBUTION_GLOBAL_GROUP;
break;
case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
atype = ATYPE_DISTRIBUTION_UNIVERSAL_GROUP;
break;
case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
atype = ATYPE_DISTRIBUTION_LOCAL_GROUP;
break;
}
return atype;
}
syncing up with HEAD. Seems to be a lot of differences creeping in (i ignored the new SAMBA stuff, but the rest of this looks like it should have been merged already). (This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
2002-10-01 22:26:00 +04:00
/* turn a sAMAccountType into a SID_NAME_USE */
enum SID_NAME_USE ads_atype_map(uint32 atype)
{
switch (atype & 0xF0000000) {
case ATYPE_GLOBAL_GROUP:
return SID_NAME_DOM_GRP;
Patch from Luke Howard <lukeh@PADL.COM> to recognise local groups. Jeremy. (This used to be commit d7a23afe14b0d3ad8ecb7d994768705a32055d9a)
2003-05-15 23:43:21 +04:00
case ATYPE_SECURITY_LOCAL_GROUP:
return SID_NAME_ALIAS;
syncing up with HEAD. Seems to be a lot of differences creeping in (i ignored the new SAMBA stuff, but the rest of this looks like it should have been merged already). (This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
2002-10-01 22:26:00 +04:00
case ATYPE_ACCOUNT:
return SID_NAME_USER;
default:
DEBUG(1,("hmm, need to map account type 0x%x\n", atype));
}
return SID_NAME_UNKNOWN;
}
Copy Permalink