sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-09-17 05:44:20 +03:00
Code Activity

s3-ipasam: Add aliases for trusted domain user

Browse Source 
Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb 16 12:58:13 CET 2011 on sn-devel-104
This commit is contained in:
Sumit Bose
2010-09-07 14:30:34 +02:00
committed by Günther Deschner
parent 7763816968
commit bfa7964da8
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
source3/passdb/pdb_ipa.c
View File

@@ -812,6 +812,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
NTSTATUS status; NTSTATUS status;
int ret; int ret;
char *princ; char *princ;
const char *domain;
char *domain_with_dot;
dn = get_account_dn(pdb_get_username(sampass)); dn = get_account_dn(pdb_get_username(sampass));
if (dn == NULL) { if (dn == NULL) {
@@ -823,6 +825,16 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
domain = pdb_get_domain(sampass);
if (domain == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
domain_with_dot = talloc_asprintf(talloc_tos(), "%s.", domain);
if (domain_with_dot == NULL) {
return NT_STATUS_NO_MEMORY;
}
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", LDAP_OBJ_KRB_PRINCIPAL); "objectclass", LDAP_OBJ_KRB_PRINCIPAL);
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -832,7 +844,7 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "ipaHost"); "objectclass", "ipaHost");
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
"fqdn", "dummy.dummy.dummy"); "fqdn", domain);
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "posixAccount"); "objectclass", "posixAccount");
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -841,6 +853,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
"gidNumber", "12345"); "gidNumber", "12345");
smbldap_set_mod(&mods, LDAP_MOD_ADD, smbldap_set_mod(&mods, LDAP_MOD_ADD,
"homeDirectory", "/dev/null"); "homeDirectory", "/dev/null");
smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain_with_dot);
ret = smbldap_modify(ldap_state->smbldap_state, dn, mods); ret = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, true); ldap_mods_free(mods, true);

4
source3/rpc_server/lsa/srv_lsa_nt.c
View File

@@ -1601,6 +1601,7 @@ NTSTATUS _lsa_OpenTrustedDomainByName(struct pipes_struct *p,
static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx, static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx,
const char *netbios_name, const char *netbios_name,
const char *domain_name,
struct trustDomainPasswords auth_struct) struct trustDomainPasswords auth_struct)
{ {
NTSTATUS status; NTSTATUS status;
@@ -1625,7 +1626,7 @@ static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx,
return NT_STATUS_UNSUCCESSFUL; return NT_STATUS_UNSUCCESSFUL;
} }
if (!pdb_set_domain(sam_acct, get_global_sam_name(), PDB_SET)) { if (!pdb_set_domain(sam_acct, domain_name, PDB_SET)) {
return NT_STATUS_UNSUCCESSFUL; return NT_STATUS_UNSUCCESSFUL;
} }
@@ -1787,6 +1788,7 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) { if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
status = add_trusted_domain_user(p->mem_ctx, status = add_trusted_domain_user(p->mem_ctx,
r->in.info->netbios_name.string, r->in.info->netbios_name.string,
r->in.info->domain_name.string,
auth_struct); auth_struct);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
return status; return status;