2002-04-04 06:51:02 +04:00
/*
Unix SMB / CIFS implementation .
ads ( active directory ) utility library
2003-08-01 19:21:20 +04:00
Copyright ( C ) Jim McDonough < jmcd @ us . ibm . com > 2002
2002-04-04 06:51:02 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2002-04-04 06:51:02 +04:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2002-04-04 06:51:02 +04:00
*/
# include "includes.h"
2010-07-02 02:32:52 +04:00
# include "ads.h"
2010-07-01 01:38:57 +04:00
# include "../libds/common/flags.h"
2002-04-04 06:51:02 +04:00
# ifdef HAVE_ADS
/*
find a user account
*/
2006-09-04 01:07:16 +04:00
ADS_STATUS ads_find_user_acct ( ADS_STRUCT * ads , LDAPMessage * * res ,
const char * user )
2002-04-04 06:51:02 +04:00
{
ADS_STATUS status ;
2003-07-10 12:27:55 +04:00
char * ldap_exp ;
2002-04-04 06:51:02 +04:00
const char * attrs [ ] = { " * " , NULL } ;
2009-07-10 00:03:52 +04:00
char * escaped_user = escape_ldap_string ( talloc_tos ( ) , user ) ;
2003-02-01 10:59:29 +03:00
if ( ! escaped_user ) {
return ADS_ERROR ( LDAP_NO_MEMORY ) ;
}
2002-04-04 06:51:02 +04:00
2008-12-23 22:56:48 +03:00
if ( asprintf ( & ldap_exp , " (samAccountName=%s) " , escaped_user ) = = - 1 ) {
2009-07-10 00:03:52 +04:00
TALLOC_FREE ( escaped_user ) ;
2008-12-23 22:56:48 +03:00
return ADS_ERROR ( LDAP_NO_MEMORY ) ;
}
2003-07-10 12:27:55 +04:00
status = ads_search ( ads , res , ldap_exp , attrs ) ;
SAFE_FREE ( ldap_exp ) ;
2009-07-10 00:03:52 +04:00
TALLOC_FREE ( escaped_user ) ;
2002-04-04 06:51:02 +04:00
return status ;
}
ADS_STATUS ads_add_user_acct ( ADS_STRUCT * ads , const char * user ,
2003-01-15 19:10:57 +03:00
const char * container , const char * fullname )
2002-04-04 06:51:02 +04:00
{
TALLOC_CTX * ctx ;
ADS_MODLIST mods ;
ADS_STATUS status ;
2002-07-15 14:35:28 +04:00
const char * upn , * new_dn , * name , * controlstr ;
2007-03-01 03:49:28 +03:00
char * name_escaped = NULL ;
2002-07-15 14:35:28 +04:00
const char * objectClass [ ] = { " top " , " person " , " organizationalPerson " ,
" user " , NULL } ;
2002-04-04 06:51:02 +04:00
if ( fullname & & * fullname ) name = fullname ;
else name = user ;
2002-12-20 23:21:31 +03:00
if ( ! ( ctx = talloc_init ( " ads_add_user_acct " ) ) )
2002-04-04 06:51:02 +04:00
return ADS_ERROR ( LDAP_NO_MEMORY ) ;
status = ADS_ERROR ( LDAP_NO_MEMORY ) ;
2002-08-17 21:00:51 +04:00
if ( ! ( upn = talloc_asprintf ( ctx , " %s@%s " , user , ads - > config . realm ) ) )
2002-04-04 06:51:02 +04:00
goto done ;
2007-03-01 03:49:28 +03:00
if ( ! ( name_escaped = escape_rdn_val_string_alloc ( name ) ) )
goto done ;
if ( ! ( new_dn = talloc_asprintf ( ctx , " cn=%s,%s,%s " , name_escaped , container ,
2002-08-17 21:00:51 +04:00
ads - > config . bind_path ) ) )
2002-04-04 06:51:02 +04:00
goto done ;
2005-12-21 13:05:39 +03:00
if ( ! ( controlstr = talloc_asprintf ( ctx , " %u " , ( UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE ) ) ) )
2002-04-04 06:51:02 +04:00
goto done ;
if ( ! ( mods = ads_init_mods ( ctx ) ) )
goto done ;
2002-07-15 14:35:28 +04:00
ads_mod_str ( ctx , & mods , " cn " , name ) ;
ads_mod_strlist ( ctx , & mods , " objectClass " , objectClass ) ;
ads_mod_str ( ctx , & mods , " userPrincipalName " , upn ) ;
ads_mod_str ( ctx , & mods , " name " , name ) ;
ads_mod_str ( ctx , & mods , " displayName " , name ) ;
ads_mod_str ( ctx , & mods , " sAMAccountName " , user ) ;
ads_mod_str ( ctx , & mods , " userAccountControl " , controlstr ) ;
status = ads_gen_add ( ads , new_dn , mods ) ;
done :
2007-03-01 03:49:28 +03:00
SAFE_FREE ( name_escaped ) ;
2002-07-15 14:35:28 +04:00
talloc_destroy ( ctx ) ;
return status ;
}
ADS_STATUS ads_add_group_acct ( ADS_STRUCT * ads , const char * group ,
2003-01-15 19:10:57 +03:00
const char * container , const char * comment )
2002-07-15 14:35:28 +04:00
{
TALLOC_CTX * ctx ;
ADS_MODLIST mods ;
ADS_STATUS status ;
char * new_dn ;
2007-03-01 03:49:28 +03:00
char * name_escaped = NULL ;
2002-07-15 14:35:28 +04:00
const char * objectClass [ ] = { " top " , " group " , NULL } ;
2002-12-20 23:21:31 +03:00
if ( ! ( ctx = talloc_init ( " ads_add_group_acct " ) ) )
2002-07-15 14:35:28 +04:00
return ADS_ERROR ( LDAP_NO_MEMORY ) ;
status = ADS_ERROR ( LDAP_NO_MEMORY ) ;
2007-03-01 03:49:28 +03:00
if ( ! ( name_escaped = escape_rdn_val_string_alloc ( group ) ) )
goto done ;
if ( ! ( new_dn = talloc_asprintf ( ctx , " cn=%s,%s,%s " , name_escaped , container ,
2002-08-17 21:00:51 +04:00
ads - > config . bind_path ) ) )
2002-07-15 14:35:28 +04:00
goto done ;
if ( ! ( mods = ads_init_mods ( ctx ) ) )
goto done ;
ads_mod_str ( ctx , & mods , " cn " , group ) ;
ads_mod_strlist ( ctx , & mods , " objectClass " , objectClass ) ;
ads_mod_str ( ctx , & mods , " name " , group ) ;
2003-01-15 19:10:57 +03:00
if ( comment & & * comment )
2002-07-15 14:35:28 +04:00
ads_mod_str ( ctx , & mods , " description " , comment ) ;
ads_mod_str ( ctx , & mods , " sAMAccountName " , group ) ;
2002-04-04 06:51:02 +04:00
status = ads_gen_add ( ads , new_dn , mods ) ;
done :
2007-03-01 03:49:28 +03:00
SAFE_FREE ( name_escaped ) ;
2002-04-04 06:51:02 +04:00
talloc_destroy ( ctx ) ;
return status ;
}
# endif
