mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
b359b0c160
This patch seems odd, but the pdb_samba_dsdb module has exactly this semantics. That is, the pdb_samba_dsdb is responsible for all IDMAP values, due to backing on to the idmap.ldb allocator. This option is added so we can continue to support the mappings written into that database even when switching winbindd implementations - the source4/ winbind code would only ask the idmap_ldb code, no matter what the SID. Almost all of the behaviour for this is already in winbindd, but we need this extra flag function so as to avoid (currently intentional) errors at startup due to not having a per-domain allocation configured in the smb.conf. Andrew Bartlett Change-Id: I6b0d7a1463fe28dfd36715af0285911ecc07585c Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
130 lines
2.8 KiB
C
130 lines
2.8 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
sid utility functions
|
|
|
|
Copyright (C) Michael Adam 2012
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
#include "lib/util_sid_passdb.h"
|
|
#include "passdb/machine_sid.h"
|
|
#include "passdb.h"
|
|
|
|
/**
|
|
* check whether this is an object-sid that should
|
|
* be treated by the passdb, e.g. for id-mapping.
|
|
*/
|
|
bool sid_check_object_is_for_passdb(const struct dom_sid *sid)
|
|
{
|
|
if (sid_check_is_in_our_sam(sid) && pdb_is_responsible_for_our_sam()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_builtin(sid) && pdb_is_responsible_for_builtin()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_wellknown_domain(sid) &&
|
|
pdb_is_responsible_for_wellknown())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_unix_users(sid) &&
|
|
pdb_is_responsible_for_unix_users())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_unix_groups(sid) &&
|
|
pdb_is_responsible_for_unix_groups())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (pdb_is_responsible_for_everything_else())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
/**
|
|
* check whether this is an object- or domain-sid that should
|
|
* be treated by the passdb, e.g. for id-mapping.
|
|
*/
|
|
bool sid_check_is_for_passdb(const struct dom_sid *sid)
|
|
{
|
|
if (sid_check_is_our_sam(sid) && pdb_is_responsible_for_our_sam()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_our_sam(sid) && pdb_is_responsible_for_our_sam()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_builtin(sid) && pdb_is_responsible_for_builtin()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_builtin(sid) && pdb_is_responsible_for_builtin()) {
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_wellknown_domain(sid, NULL) &&
|
|
pdb_is_responsible_for_wellknown())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_wellknown_domain(sid) &&
|
|
pdb_is_responsible_for_wellknown())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_unix_users(sid) &&
|
|
pdb_is_responsible_for_unix_users())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_unix_users(sid) &&
|
|
pdb_is_responsible_for_unix_users())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_unix_groups(sid) &&
|
|
pdb_is_responsible_for_unix_groups())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (sid_check_is_in_unix_groups(sid) &&
|
|
pdb_is_responsible_for_unix_groups())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
if (pdb_is_responsible_for_everything_else())
|
|
{
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|