Another patch from metze, towards his work on sam_ads.

See mx-ldap.sf.net for his current progress.

source/include/ads.h

@@ -134,6 +134,7 @@ typedef void **ADS_MODLIST;
 #define ADS_PAGE_CTL_OID "1.2.840.113556.1.4.319"
 #define ADS_NO_REFERRALS_OID "1.2.840.113556.1.4.1339"
 #define ADS_SERVER_SORT_OID "1.2.840.113556.1.4.473"
+#define ADS_PERMIT_MODIFY_OID "1.2.840.113556.1.4.1413"
 
 /* UserFlags for userAccountControl */
 #define UF_SCRIPT	 			0x00000001
@@ -163,7 +164,7 @@ typedef void **ADS_MODLIST;
 
 #define UF_NOT_DELEGATED			0x00100000
 #define UF_USE_DES_KEY_ONLY			0x00200000
-#define UF_DONT_REQUIRE_PREAUTH		0x00400000
+#define UF_DONT_REQUIRE_PREAUTH			0x00400000
 #define UF_UNUSED_5				0x00800000
 
 #define UF_UNUSED_6				0x01000000
@@ -210,11 +211,11 @@ typedef void **ADS_MODLIST;
 
 /* sAMAccountType */
 #define ATYPE_NORMAL_ACCOUNT			0x30000000 /* 805306368 */
-#define ATYPE_WORKSTATION_TRUST		0x30000001 /* 805306369 */
-#define ATYPE_INTERDOMAIN_TRUST		0x30000002 /* 805306370 */ 
+#define ATYPE_WORKSTATION_TRUST			0x30000001 /* 805306369 */
+#define ATYPE_INTERDOMAIN_TRUST			0x30000002 /* 805306370 */ 
 #define ATYPE_SECURITY_GLOBAL_GROUP		0x10000000 /* 268435456 */
-#define ATYPE_DISTRIBUTION_GLOBAL_GROUP	0x10000001 /* 268435457 */
-#define ATYPE_DISTRIBUTION_UNIVERSAL_GROUP 	AT_DISTRIBUTION_GLOBAL_GROUP
+#define ATYPE_DISTRIBUTION_GLOBAL_GROUP		0x10000001 /* 268435457 */
+#define ATYPE_DISTRIBUTION_UNIVERSAL_GROUP 	ATYPE_DISTRIBUTION_GLOBAL_GROUP
 #define ATYPE_SECURITY_LOCAL_GROUP		0x20000000 /* 536870912 */
 #define ATYPE_DISTRIBUTION_LOCAL_GROUP		0x20000001 /* 536870913 */
 
@@ -226,7 +227,7 @@ typedef void **ADS_MODLIST;
 #define GTYPE_SECURITY_BUILTIN_LOCAL_GROUP	0x80000005	/* -2147483643 */
 #define GTYPE_SECURITY_DOMAIN_LOCAL_GROUP	0x80000004	/* -2147483644 */
 #define GTYPE_SECURITY_GLOBAL_GROUP		0x80000002	/* -2147483646 */
-#define GTYPE_DISTRIBUTION_GLOBAL_GROUP	0x00000002	/* 2 */
+#define GTYPE_DISTRIBUTION_GLOBAL_GROUP		0x00000002	/* 2 */
 #define GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP	0x00000004	/* 4 */
 #define GTYPE_DISTRIBUTION_UNIVERSAL_GROUP	0x00000008	/* 8 */
 

source/include/sam.h

@@ -152,10 +152,10 @@ typedef struct sam_group_enum {
 
 
 /* bits for group_ctrl: to spezify if the group is global group or alias */
-#define GCB_LOCAL_GROUP	0x0001
-#define GCB_ALIAS_GROUP	GCB_LOCAL_GROUP
+#define GCB_LOCAL_GROUP		0x0001
+#define GCB_ALIAS_GROUP		(GCB_LOCAL_GROUP |GCB_BUILTIN)
 #define GCB_GLOBAL_GROUP	0x0002
-
+#define GCB_BUILTIN		0x1000
 
 typedef struct sam_context 
 {

source/libads/ads_utils.c

@@ -46,7 +46,9 @@ uint32 ads_acb2uf(uint16 acb)
 	return uf;
 }
 
-/* translated the UserFlags (userAccountControl) to ACB_CTRL Flags */
+/*
+translated the UserFlags (userAccountControl) to ACB_CTRL Flags
+*/
 uint16 ads_uf2acb(uint32 uf)
 {
 	uint16 acb = 0x0000;
@@ -72,4 +74,98 @@ uint16 ads_uf2acb(uint32 uf)
 	return acb;
 }
 
+/* 
+get the accountType from the UserFlags
+*/
+uint32 ads_uf2atype(uint32 uf)
+{
+	uint32 atype = 0x00000000;
+		
+	if (uf & UF_NORMAL_ACCOUNT)			atype = ATYPE_NORMAL_ACCOUNT;
+	else if (uf & UF_TEMP_DUPLICATE_ACCOUNT)	atype = ATYPE_NORMAL_ACCOUNT;
+	else if (uf & UF_SERVER_TRUST_ACCOUNT)		atype = ATYPE_WORKSTATION_TRUST;
+	else if (uf & UF_WORKSTATION_TRUST_ACCOUNT)	atype = ATYPE_WORKSTATION_TRUST;
+	else if (uf & UF_INTERDOMAIN_TRUST_ACCOUNT)	atype = ATYPE_INTERDOMAIN_TRUST;
+
+	return atype;
+} 
+
+/* 
+translated the GROUP_CTRL Flags to GroupType (groupType) 
+*/ 
+uint32 ads_gcb2gtype(uint16 gcb)
+{
+	uint32 gtype = 0x00000000;
+
+	if (gcb & GCB_ALIAS_GROUP)	gtype |= GTYPE_SECURITY_BUILTIN_LOCAL_GROUP;
+	else if(gcb & GCB_LOCAL_GROUP)	gtype |= GTYPE_SECURITY_DOMAIN_LOCAL_GROUP;
+	if (gcb & GCB_GLOBAL_GROUP)	gtype |= GTYPE_SECURITY_GLOBAL_GROUP;
+		
+	return gtype;
+}
+
+/*
+translated the GroupType (groupType) to GROUP_CTRL Flags
+*/
+uint16 ads_gtype2gcb(uint32 gtype)
+{
+	uint16 gcb = 0x0000;
+
+	switch(gtype) {
+		case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
+			gcb = GCB_ALIAS_GROUP;
+			break;
+		case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
+			gcb = GCB_LOCAL_GROUP;
+			break;
+		case GTYPE_SECURITY_GLOBAL_GROUP:
+			gcb = GCB_GLOBAL_GROUP;
+			break;
+
+		case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
+			gcb = GCB_GLOBAL_GROUP;
+			break;
+		case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
+			gcb = GCB_LOCAL_GROUP;
+			break;
+		case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
+			gcb = GCB_GLOBAL_GROUP;
+			break;
+	}
+	
+	return gcb;
+}
+
+/* 
+get the accountType from the groupType
+*/
+uint32 ads_gtype2atype(uint32 gtype)
+{
+	uint32 atype = 0x00000000;
+	
+	switch(gtype) {
+		case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
+			atype = ATYPE_SECURITY_LOCAL_GROUP;
+			break;
+		case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
+			atype = ATYPE_SECURITY_LOCAL_GROUP;
+			break;
+		case GTYPE_SECURITY_GLOBAL_GROUP:
+			atype = ATYPE_SECURITY_GLOBAL_GROUP;
+			break;
+	
+		case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
+			atype = ATYPE_DISTRIBUTION_GLOBAL_GROUP;
+			break;
+		case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
+			atype = ATYPE_DISTRIBUTION_UNIVERSAL_GROUP;
+			break;
+		case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
+			atype = ATYPE_DISTRIBUTION_LOCAL_GROUP;
+			break;
+	}
+
+	return atype;
+}
+
 #endif

source/libads/ldap.c

@@ -890,7 +890,7 @@ ADS_STATUS ads_gen_mod(ADS_STRUCT *ads, const char *mod_dn, ADS_MODLIST mods)
 	   non-existent attribute (but allowable for the object) to run
 	*/
 	LDAPControl PermitModify = {
-		"1.2.840.113556.1.4.1413",
+		ADS_PERMIT_MODIFY_OID,
 		{0, NULL},
 		(char) 1};
 	LDAPControl *controls[2];