mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r9854: Finish ldb_map testsuite
Update PLAN
Some more small other fixes
(This used to be commit de2bde2526
)
This commit is contained in:
parent
b19cc95a88
commit
05db3024ba
@ -27,11 +27,15 @@
|
||||
#include "ldb/include/ldb_private.h"
|
||||
#include "ldb/modules/ldb_map.h"
|
||||
|
||||
/* TODO:
|
||||
* - objectclass hint in ldb_map_attribute
|
||||
* for use when multiple remote attributes (independant of each other)
|
||||
* map to one local attribute. E.g.: (uid, gidNumber) -> unixName
|
||||
* (use MAP_GENERATE instead ?)
|
||||
/*
|
||||
* - map_message_outgoing() should:
|
||||
* - modify: not worry about anything simply map and hope everything
|
||||
* will be ok.
|
||||
* - make a list of remote objectclasses that will be used
|
||||
* given the attributes that are available
|
||||
* - only add attribute to the remote message if
|
||||
* it is allowed by the objectclass
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -701,10 +705,6 @@ static int ldb_map_message_outgoing(struct ldb_module *module, const struct ldb_
|
||||
}
|
||||
|
||||
if ((*fb)->num_elements == 0) {
|
||||
/* No elements, discard.. */
|
||||
talloc_free(*fb);
|
||||
*fb = NULL;
|
||||
} else {
|
||||
ldb_msg_add_string(module->ldb, *fb, "isMapped", "TRUE");
|
||||
}
|
||||
|
||||
@ -727,8 +727,8 @@ static int map_rename(struct ldb_module *module, const struct ldb_dn *olddn, con
|
||||
struct ldb_dn *n_olddn, *n_newdn;
|
||||
int ret;
|
||||
|
||||
ret = ldb_next_rename_record(module, olddn, newdn);
|
||||
|
||||
ret = ldb_next_rename_record(module, n_olddn, n_newdn);
|
||||
|
||||
n_olddn = map_local_dn(module, module, olddn);
|
||||
n_newdn = map_local_dn(module, module, newdn);
|
||||
|
||||
@ -753,7 +753,7 @@ static int map_delete(struct ldb_module *module, const struct ldb_dn *dn)
|
||||
|
||||
newdn = map_local_dn(module, module, dn);
|
||||
|
||||
ret = ldb_delete(privdat->mapped_ldb, newdn);
|
||||
ldb_delete(privdat->mapped_ldb, newdn);
|
||||
|
||||
talloc_free(newdn);
|
||||
|
||||
@ -996,7 +996,6 @@ static int map_modify(struct ldb_module *module, const struct ldb_message *msg)
|
||||
|
||||
if (!map_is_mappable(privdat, msg))
|
||||
return ldb_next_modify_record(module, msg);
|
||||
|
||||
|
||||
if (ldb_map_message_outgoing(module, msg, &fb, &mp) == -1)
|
||||
return -1;
|
||||
|
@ -1,2 +1,4 @@
|
||||
TODO (SoC project):
|
||||
- finish ldb_map testsuite
|
||||
- [ldb_map] some more strict checking when sending data to an LDAP server
|
||||
- [ldb_map] fix rename
|
||||
- fix ntPwdHash / lmPwdHash bug
|
||||
|
@ -45,7 +45,6 @@ struct samba3_samaccount {
|
||||
char *profile_path;
|
||||
char *acct_desc;
|
||||
char *workstations;
|
||||
uid_t uid;
|
||||
uint32_t user_rid, group_rid, hours_len, unknown_6;
|
||||
uint16_t acct_ctrl, logon_divs;
|
||||
uint16_t bad_password_count, logon_count;
|
||||
|
@ -228,6 +228,7 @@ NTSTATUS samba3_read_smbpasswd(const char *filename, TALLOC_CTX *ctx, struct sam
|
||||
|
||||
for (i = 0; i < numlines; i++) {
|
||||
char *p = lines[i], *q;
|
||||
uid_t uid;
|
||||
struct samba3_samaccount *acc = &((*accounts)[*count]);
|
||||
|
||||
if (p[0] == '\0' || p[0] == '#')
|
||||
@ -244,7 +245,9 @@ NTSTATUS samba3_read_smbpasswd(const char *filename, TALLOC_CTX *ctx, struct sam
|
||||
acc->username = talloc_strndup(ctx, p, PTR_DIFF(q, p));
|
||||
p = q+1;
|
||||
|
||||
acc->uid = atoi(p);
|
||||
uid = atoi(p);
|
||||
|
||||
/* uid is ignored here.. */
|
||||
|
||||
q = strchr(p, ':');
|
||||
if (!q) {
|
||||
|
@ -94,20 +94,40 @@ samba3RefuseMachinePwdChange: %d
|
||||
samba3.policy.bad_lockout_minutes, samba3.policy.disconnect_time,
|
||||
samba3.policy.refuse_machine_password_change
|
||||
);
|
||||
|
||||
|
||||
return ldif;
|
||||
}
|
||||
|
||||
function upgrade_sam_account(acc,domaindn)
|
||||
function upgrade_sam_account(ldb,acc,domaindn,domainsid)
|
||||
{
|
||||
var ldb = ldb_init();
|
||||
if (acc.nt_username == undefined) {
|
||||
acc.nt_username = acc.username;
|
||||
}
|
||||
|
||||
if (acc.nt_username == "") {
|
||||
acc.nt_username = acc.username;
|
||||
}
|
||||
|
||||
if (acc.fullname == undefined) {
|
||||
var pw = nss.getpwnam(acc.fullname);
|
||||
acc.fullname = pw.pw_gecos;
|
||||
}
|
||||
|
||||
var pts = split(',', acc.fullname);
|
||||
acc.fullname = pts[0];
|
||||
|
||||
assert(acc.fullname != undefined);
|
||||
assert(acc.nt_username != undefined);
|
||||
|
||||
var ldif = sprintf(
|
||||
"dn: cn=%s,%s
|
||||
objectClass: top
|
||||
objectClass: user
|
||||
lastLogon: %d
|
||||
lastLogoff: %d
|
||||
unixName: %s
|
||||
name: %s
|
||||
sAMAccountName: %s
|
||||
cn: %s
|
||||
description: %s
|
||||
primaryGroupID: %d
|
||||
@ -125,15 +145,16 @@ samba3BadPwdTime: %d
|
||||
samba3PassLastSetTime: %d
|
||||
samba3PassCanChangeTime: %d
|
||||
samba3PassMustChangeTime: %d
|
||||
samba3Rid: %d
|
||||
objectSid: %s-%d
|
||||
ntPwdHash:: %s
|
||||
lmPwdHash:: %s
|
||||
|
||||
", acc.fullname, domaindn, acc.logon_time, acc.logoff_time, acc.username, acc.nt_username,
|
||||
", acc.fullname, domaindn, acc.logon_time, acc.logoff_time, acc.username, acc.nt_username, acc.nt_username,
|
||||
|
||||
acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count,
|
||||
acc.domain, acc.dir_drive, acc.munged_dial, acc.homedir, acc.logon_script,
|
||||
acc.profile_path, acc.workstations, acc.kickoff_time, acc.bad_password_time,
|
||||
acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid,
|
||||
acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, domainsid, acc.user_rid,
|
||||
ldb.encode(acc.lm_pw), ldb.encode(acc.nt_pw));
|
||||
|
||||
return ldif;
|
||||
@ -141,6 +162,33 @@ acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc
|
||||
|
||||
function upgrade_sam_group(grp,domaindn)
|
||||
{
|
||||
var nss = nss_init();
|
||||
|
||||
var gr;
|
||||
if (grp.sid_name_use == 5) { // Well-known group
|
||||
return undefined;
|
||||
}
|
||||
|
||||
if (grp.nt_name == "Domain Guests" ||
|
||||
grp.nt_name == "Domain Users" ||
|
||||
grp.nt_name == "Domain Admins") {
|
||||
return undefined;
|
||||
}
|
||||
|
||||
if (grp.gid == -1) {
|
||||
gr = nss.getgrnam(grp.nt_name);
|
||||
} else {
|
||||
gr = nss.getgrgid(grp.gid);
|
||||
}
|
||||
|
||||
if (gr == undefined) {
|
||||
grp.unixname = "UNKNOWN";
|
||||
} else {
|
||||
grp.unixname = gr.gr_name;
|
||||
}
|
||||
|
||||
assert(grp.unixname != undefined);
|
||||
|
||||
var ldif = sprintf(
|
||||
"dn: cn=%s,%s
|
||||
objectClass: top
|
||||
@ -148,10 +196,10 @@ objectClass: group
|
||||
description: %s
|
||||
cn: %s
|
||||
objectSid: %s
|
||||
unixName: FIXME
|
||||
unixName: %s
|
||||
samba3SidNameUse: %d
|
||||
", grp.nt_name, domaindn,
|
||||
grp.comment, grp.nt_name, grp.sid, grp.sid_name_use);
|
||||
grp.comment, grp.nt_name, grp.sid, grp.unixname, grp.sid_name_use);
|
||||
|
||||
return ldif;
|
||||
}
|
||||
@ -421,9 +469,9 @@ function upgrade(subobj, samba3, message, paths)
|
||||
message("Importing users\n");
|
||||
for (var i in samba3.samaccounts) {
|
||||
var msg = "... " + samba3.samaccounts[i].username;
|
||||
var ldif = upgrade_sam_account(samba3.samaccounts[i],subobj.BASEDN);
|
||||
var ldif = upgrade_sam_account(samdb,samba3.samaccounts[i],subobj.BASEDN,subobj.DOMAINSID);
|
||||
ok = samdb.add(ldif);
|
||||
if (!ok) {
|
||||
if (!ok && samdb.errstring() != "Record exists") {
|
||||
msg = msg + "... error: " + samdb.errstring();
|
||||
ret = ret + 1;
|
||||
}
|
||||
@ -434,10 +482,12 @@ function upgrade(subobj, samba3, message, paths)
|
||||
for (var i in samba3.groupmappings) {
|
||||
var msg = "... " + samba3.groupmappings[i].nt_name;
|
||||
var ldif = upgrade_sam_group(samba3.groupmappings[i],subobj.BASEDN);
|
||||
ok = samdb.add(ldif);
|
||||
if (!ok) {
|
||||
msg = msg + "... error: " + samdb.errstring();
|
||||
ret = ret + 1;
|
||||
if (ldif != undefined) {
|
||||
ok = samdb.add(ldif);
|
||||
if (!ok && samdb.errstring() != "Record exists") {
|
||||
msg = msg + "... error: " + samdb.errstring();
|
||||
ret = ret + 1;
|
||||
}
|
||||
}
|
||||
message(msg + "\n");
|
||||
}
|
||||
@ -454,7 +504,7 @@ function upgrade(subobj, samba3, message, paths)
|
||||
for (var j in ldif) {
|
||||
var msg = "... ... " + j;
|
||||
ok = regdb.add(ldif[j]);
|
||||
if (!ok) {
|
||||
if (!ok && regdb.errstring() != "Record exists") {
|
||||
msg = msg + "... error: " + regdb.errstring();
|
||||
ret = ret + 1;
|
||||
}
|
||||
@ -497,10 +547,16 @@ dn: @MAP=samba3sam
|
||||
ok = samdb.add(ldif);
|
||||
assert(ok);
|
||||
|
||||
ok = samdb.modify("dn: @MODULES
|
||||
ok = samdb.modify("
|
||||
dn: @MODULES
|
||||
changetype: modify
|
||||
replace: @LIST
|
||||
@LIST: samldb,timestamps,objectguid,rdn_name,samba3sam");
|
||||
assert(ok);
|
||||
@LIST: samldb,timestamps,objectguid,rdn_name,samba3sam
|
||||
");
|
||||
if (!ok) {
|
||||
message("Error enabling samba3sam module: " + samdb.errstring() + "\n");
|
||||
ret = ret + 1;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
@ -514,6 +570,11 @@ function upgrade_verify(subobj, samba3,paths,message)
|
||||
|
||||
var ok = samldb.connect(paths.samdb);
|
||||
assert(ok);
|
||||
|
||||
for (var i in samba3.samaccounts) {
|
||||
var msg = samldb.search("(&(sAMAccountName=" + samba3.samaccounts[i].nt_username + ")(objectclass=user))");
|
||||
assert(msg.length >= 1);
|
||||
}
|
||||
|
||||
// FIXME
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user