mirror of
https://github.com/samba-team/samba.git
synced 2024-12-27 03:21:53 +03:00
79f6bcd5ae
secrets system, and not the old system from Samba3.
This allowed the code from auth_domain to be shared - we now only
lookup the secrets.ldb in lib/credentials.c.
In order to link the resultant binary, samdb_search() has been moved
from deep inside rpc_server into lib/gendb.c, along with the existing
gendb_search_v(). The vast majority of this patch is the simple
rename that followed,
(Depending on the whole SAMDB for just this function seemed pointless,
and brought in futher dependencies, such as smbencrypt.c).
Andrew Bartlett
(This used to be commit e13c671619)
66 lines
2.3 KiB
C
66 lines
2.3 KiB
C
/*
|
|
* Unix SMB/CIFS implementation.
|
|
* secrets.tdb file format info
|
|
* Copyright (C) Andrew Tridgell 2000
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
* option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
|
* more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with
|
|
* this program; if not, write to the Free Software Foundation, Inc., 675
|
|
* Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
#ifndef _SECRETS_H
|
|
#define _SECRETS_H
|
|
|
|
/* the first one is for the hashed password (NT4 style) the latter
|
|
for plaintext (ADS)
|
|
*/
|
|
#define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
|
|
#define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
|
|
|
|
/* this one is for storing trusted domain account password */
|
|
#define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
|
|
|
|
/* Store the principal name used for Kerberos DES key salt under this key name. */
|
|
#define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL"
|
|
|
|
/* The domain sid and our sid are stored here even though they aren't
|
|
really secret. */
|
|
#define SECRETS_DOMAIN_SID "SECRETS/SID"
|
|
#define SECRETS_SAM_SID "SAM/SID"
|
|
|
|
/* The domain GUID and server GUID (NOT the same) are also not secret */
|
|
#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
|
|
#define SECRETS_SERVER_GUID "SECRETS/GUID"
|
|
|
|
#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
|
|
|
|
/* Authenticated user info is stored in secrets.tdb under these keys */
|
|
|
|
#define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
|
|
#define SECRETS_AUTH_DOMAIN "SECRETS/AUTH_DOMAIN"
|
|
#define SECRETS_AUTH_PASSWORD "SECRETS/AUTH_PASSWORD"
|
|
|
|
/* structure for storing machine account password
|
|
(ie. when samba server is member of a domain */
|
|
struct machine_acct_pass {
|
|
uint8_t hash[16];
|
|
time_t mod_time;
|
|
};
|
|
|
|
#define SECRETS_PRIMARY_DOMAIN_DN "cn=Primary Domains"
|
|
|
|
#define SECRETS_PRIMARY_DOMAIN_FILTER "(&(flatname=%s)(objectclass=primaryDomain))"
|
|
#define SECRETS_PRIMARY_REALM_FILTER "(&(realm=%s)(objectclass=primaryDomain))"
|
|
|
|
#endif /* _SECRETS_H */
|