関数 | |
| static uint32 | get_int_param (const char *param) |
| static char * | get_string_param (const char *param) |
| static BOOL | get_sid_from_input (DOM_SID *sid, char *input) |
| static void | print_map_entry (GROUP_MAP map, BOOL long_list) |
| static int | net_groupmap_list (int argc, const char **argv) |
| static int | net_groupmap_add (int argc, const char **argv) |
| static int | net_groupmap_modify (int argc, const char **argv) |
| static int | net_groupmap_delete (int argc, const char **argv) |
| static int | net_groupmap_set (int argc, const char **argv) |
| static int | net_groupmap_cleanup (int argc, const char **argv) |
| static int | net_groupmap_addmem (int argc, const char **argv) |
| static int | net_groupmap_delmem (int argc, const char **argv) |
| static int | net_groupmap_listmem (int argc, const char **argv) |
| static BOOL | print_alias_memberships (TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, const DOM_SID *member) |
| static int | net_groupmap_memberships (int argc, const char **argv) |
| int | net_help_groupmap (int argc, const char **argv) |
| int | net_groupmap (int argc, const char **argv) |
| static uint32 get_int_param | ( | const char * | param | ) | [static] |
net_groupmap.c の 33 行で定義されています。
参照元 net_groupmap_add().
00034 { 00035 char *p; 00036 00037 p = strchr( param, '=' ); 00038 if ( !p ) 00039 return 0; 00040 00041 return atoi(p+1); 00042 }
| static char* get_string_param | ( | const char * | param | ) | [static] |
net_groupmap.c の 48 行で定義されています。
00049 { 00050 char *p; 00051 00052 p = strchr( param, '=' ); 00053 if ( !p ) 00054 return NULL; 00055 00056 return (p+1); 00057 }
net_groupmap.c の 63 行で定義されています。
参照先 pdb_getgrnam()・printf()・_GROUP_MAP::sid・string_to_sid()・StrnCaseCmp().
参照元 net_groupmap_delete()・net_groupmap_list()・net_groupmap_modify().
00064 { 00065 GROUP_MAP map; 00066 00067 if (StrnCaseCmp( input, "S-", 2)) { 00068 /* Perhaps its the NT group name? */ 00069 if (!pdb_getgrnam(&map, input)) { 00070 printf("NT Group %s doesn't exist in mapping DB\n", input); 00071 return False; 00072 } else { 00073 *sid = map.sid; 00074 } 00075 } else { 00076 if (!string_to_sid(sid, input)) { 00077 printf("converting sid %s from a string failed!\n", input); 00078 return False; 00079 } 00080 } 00081 return True; 00082 }
net_groupmap.c の 88 行で定義されています。
参照先 _GROUP_MAP::comment・d_printf()・_GROUP_MAP::gid・gidtoname()・_GROUP_MAP::nt_name・_GROUP_MAP::sid・_GROUP_MAP::sid_name_use・sid_string_static()・sid_type_lookup().
参照元 net_groupmap_list().
00089 { 00090 if (!long_list) 00091 d_printf("%s (%s) -> %s\n", map.nt_name, 00092 sid_string_static(&map.sid), gidtoname(map.gid)); 00093 else { 00094 d_printf("%s\n", map.nt_name); 00095 d_printf("\tSID : %s\n", sid_string_static(&map.sid)); 00096 d_printf("\tUnix gid : %d\n", map.gid); 00097 d_printf("\tUnix group: %s\n", gidtoname(map.gid)); 00098 d_printf("\tGroup type: %s\n", 00099 sid_type_lookup(map.sid_name_use)); 00100 d_printf("\tComment : %s\n", map.comment); 00101 } 00102 00103 }
| static int net_groupmap_list | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 107 行で定義されています。
参照先 d_fprintf()・get_sid_from_input()・get_string_param()・opt_long_list_entries・opt_verbose・pdb_enum_group_mapping()・pdb_getgrsid()・print_map_entry()・SID_NAME_UNKNOWN・StrCaseCmp()・StrnCaseCmp().
参照元 net_groupmap().
00108 { 00109 size_t entries; 00110 BOOL long_list = False; 00111 size_t i; 00112 fstring ntgroup = ""; 00113 fstring sid_string = ""; 00114 00115 if (opt_verbose || opt_long_list_entries) 00116 long_list = True; 00117 00118 /* get the options */ 00119 for ( i=0; i<argc; i++ ) { 00120 if ( !StrCaseCmp(argv[i], "verbose")) { 00121 long_list = True; 00122 } 00123 else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { 00124 fstrcpy( ntgroup, get_string_param( argv[i] ) ); 00125 if ( !ntgroup[0] ) { 00126 d_fprintf(stderr, "must supply a name\n"); 00127 return -1; 00128 } 00129 } 00130 else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { 00131 fstrcpy( sid_string, get_string_param( argv[i] ) ); 00132 if ( !sid_string[0] ) { 00133 d_fprintf(stderr, "must supply a SID\n"); 00134 return -1; 00135 } 00136 } 00137 else { 00138 d_fprintf(stderr, "Bad option: %s\n", argv[i]); 00139 return -1; 00140 } 00141 } 00142 00143 /* list a single group is given a name */ 00144 if ( ntgroup[0] || sid_string[0] ) { 00145 DOM_SID sid; 00146 GROUP_MAP map; 00147 00148 if ( sid_string[0] ) 00149 fstrcpy( ntgroup, sid_string); 00150 00151 if (!get_sid_from_input(&sid, ntgroup)) { 00152 return -1; 00153 } 00154 00155 /* Get the current mapping from the database */ 00156 if(!pdb_getgrsid(&map, sid)) { 00157 d_fprintf(stderr, "Failure to local group SID in the database\n"); 00158 return -1; 00159 } 00160 00161 print_map_entry( map, long_list ); 00162 } 00163 else { 00164 GROUP_MAP *map=NULL; 00165 /* enumerate all group mappings */ 00166 if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) 00167 return -1; 00168 00169 for (i=0; i<entries; i++) { 00170 print_map_entry( map[i], long_list ); 00171 } 00172 00173 SAFE_FREE(map); 00174 } 00175 00176 return 0; 00177 }
| static int net_groupmap_add | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 183 行で定義されています。
参照先 add_initial_entry()・algorithmic_pdb_gid_to_group_rid()・d_fprintf()・d_printf()・get_global_sam_sid()・get_int_param()・get_string_param()・name_type・nametogid()・pdb_getgrgid()・pdb_new_rid()・pdb_rid_algorithm()・_GROUP_MAP::sid・sid_append_rid()・sid_copy()・SID_NAME_ALIAS・SID_NAME_DOM_GRP・_GROUP_MAP::sid_name_use・SID_NAME_WKN_GRP・sid_string_static()・sid_to_string()・sid_type・StrnCaseCmp()・type.
参照元 net_groupmap().
00184 { 00185 DOM_SID sid; 00186 fstring ntgroup = ""; 00187 fstring unixgrp = ""; 00188 fstring string_sid = ""; 00189 fstring type = ""; 00190 fstring ntcomment = ""; 00191 enum lsa_SidType sid_type = SID_NAME_DOM_GRP; 00192 uint32 rid = 0; 00193 gid_t gid; 00194 int i; 00195 GROUP_MAP map; 00196 00197 const char *name_type; 00198 00199 ZERO_STRUCT(map); 00200 00201 /* Default is domain group. */ 00202 map.sid_name_use = SID_NAME_DOM_GRP; 00203 name_type = "domain group"; 00204 00205 /* get the options */ 00206 for ( i=0; i<argc; i++ ) { 00207 if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) { 00208 rid = get_int_param(argv[i]); 00209 if ( rid < DOMAIN_GROUP_RID_ADMINS ) { 00210 d_fprintf(stderr, "RID must be greater than %d\n", (uint32)DOMAIN_GROUP_RID_ADMINS-1); 00211 return -1; 00212 } 00213 } 00214 else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { 00215 fstrcpy( unixgrp, get_string_param( argv[i] ) ); 00216 if ( !unixgrp[0] ) { 00217 d_fprintf(stderr, "must supply a name\n"); 00218 return -1; 00219 } 00220 } 00221 else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { 00222 fstrcpy( ntgroup, get_string_param( argv[i] ) ); 00223 if ( !ntgroup[0] ) { 00224 d_fprintf(stderr, "must supply a name\n"); 00225 return -1; 00226 } 00227 } 00228 else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { 00229 fstrcpy( string_sid, get_string_param( argv[i] ) ); 00230 if ( !string_sid[0] ) { 00231 d_fprintf(stderr, "must supply a SID\n"); 00232 return -1; 00233 } 00234 } 00235 else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { 00236 fstrcpy( ntcomment, get_string_param( argv[i] ) ); 00237 if ( !ntcomment[0] ) { 00238 d_fprintf(stderr, "must supply a comment string\n"); 00239 return -1; 00240 } 00241 } 00242 else if ( !StrnCaseCmp(argv[i], "type", strlen("type")) ) { 00243 fstrcpy( type, get_string_param( argv[i] ) ); 00244 switch ( type[0] ) { 00245 case 'b': 00246 case 'B': 00247 sid_type = SID_NAME_WKN_GRP; 00248 name_type = "wellknown group"; 00249 break; 00250 case 'd': 00251 case 'D': 00252 sid_type = SID_NAME_DOM_GRP; 00253 name_type = "domain group"; 00254 break; 00255 case 'l': 00256 case 'L': 00257 sid_type = SID_NAME_ALIAS; 00258 name_type = "alias (local) group"; 00259 break; 00260 default: 00261 d_fprintf(stderr, "unknown group type %s\n", type); 00262 return -1; 00263 } 00264 } 00265 else { 00266 d_fprintf(stderr, "Bad option: %s\n", argv[i]); 00267 return -1; 00268 } 00269 } 00270 00271 if ( !unixgrp[0] ) { 00272 d_printf("Usage: net groupmap add {rid=<int>|sid=<string>} unixgroup=<string> [type=<domain|local|builtin>] [ntgroup=<string>] [comment=<string>]\n"); 00273 return -1; 00274 } 00275 00276 if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { 00277 d_fprintf(stderr, "Can't lookup UNIX group %s\n", unixgrp); 00278 return -1; 00279 } 00280 00281 { 00282 if (pdb_getgrgid(&map, gid)) { 00283 d_printf("Unix group %s already mapped to SID %s\n", 00284 unixgrp, sid_string_static(&map.sid)); 00285 return -1; 00286 } 00287 } 00288 00289 if ( (rid == 0) && (string_sid[0] == '\0') ) { 00290 d_printf("No rid or sid specified, choosing a RID\n"); 00291 if (pdb_rid_algorithm()) { 00292 rid = algorithmic_pdb_gid_to_group_rid(gid); 00293 } else { 00294 if (!pdb_new_rid(&rid)) { 00295 d_printf("Could not get new RID\n"); 00296 } 00297 } 00298 d_printf("Got RID %d\n", rid); 00299 } 00300 00301 /* append the rid to our own domain/machine SID if we don't have a full SID */ 00302 if ( !string_sid[0] ) { 00303 sid_copy(&sid, get_global_sam_sid()); 00304 sid_append_rid(&sid, rid); 00305 sid_to_string(string_sid, &sid); 00306 } 00307 00308 if (!ntcomment[0]) { 00309 switch (sid_type) { 00310 case SID_NAME_WKN_GRP: 00311 fstrcpy(ntcomment, "Wellknown Unix group"); 00312 break; 00313 case SID_NAME_DOM_GRP: 00314 fstrcpy(ntcomment, "Domain Unix group"); 00315 break; 00316 case SID_NAME_ALIAS: 00317 fstrcpy(ntcomment, "Local Unix group"); 00318 break; 00319 default: 00320 fstrcpy(ntcomment, "Unix group"); 00321 break; 00322 } 00323 } 00324 00325 if (!ntgroup[0] ) 00326 fstrcpy( ntgroup, unixgrp ); 00327 00328 00329 if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) { 00330 d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup); 00331 return -1; 00332 } 00333 00334 d_printf("Successfully added group %s to the mapping db as a %s\n", 00335 ntgroup, name_type); 00336 return 0; 00337 }
| static int net_groupmap_modify | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 339 行で定義されています。
参照先 _GROUP_MAP::comment・d_fprintf()・d_printf()・get_sid_from_input()・get_string_param()・_GROUP_MAP::gid・nametogid()・_GROUP_MAP::nt_name・pdb_getgrsid()・pdb_update_group_mapping_entry()・SID_NAME_ALIAS・SID_NAME_DOM_GRP・SID_NAME_UNKNOWN・_GROUP_MAP::sid_name_use・SID_NAME_WKN_GRP・sid_type・StrnCaseCmp()・type.
参照元 net_groupmap().
00340 { 00341 DOM_SID sid; 00342 GROUP_MAP map; 00343 fstring ntcomment = ""; 00344 fstring type = ""; 00345 fstring ntgroup = ""; 00346 fstring unixgrp = ""; 00347 fstring sid_string = ""; 00348 enum lsa_SidType sid_type = SID_NAME_UNKNOWN; 00349 int i; 00350 gid_t gid; 00351 00352 /* get the options */ 00353 for ( i=0; i<argc; i++ ) { 00354 if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { 00355 fstrcpy( ntgroup, get_string_param( argv[i] ) ); 00356 if ( !ntgroup[0] ) { 00357 d_fprintf(stderr, "must supply a name\n"); 00358 return -1; 00359 } 00360 } 00361 else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { 00362 fstrcpy( sid_string, get_string_param( argv[i] ) ); 00363 if ( !sid_string[0] ) { 00364 d_fprintf(stderr, "must supply a name\n"); 00365 return -1; 00366 } 00367 } 00368 else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { 00369 fstrcpy( ntcomment, get_string_param( argv[i] ) ); 00370 if ( !ntcomment[0] ) { 00371 d_fprintf(stderr, "must supply a comment string\n"); 00372 return -1; 00373 } 00374 } 00375 else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { 00376 fstrcpy( unixgrp, get_string_param( argv[i] ) ); 00377 if ( !unixgrp[0] ) { 00378 d_fprintf(stderr, "must supply a group name\n"); 00379 return -1; 00380 } 00381 } 00382 else if ( !StrnCaseCmp(argv[i], "type", strlen("type")) ) { 00383 fstrcpy( type, get_string_param( argv[i] ) ); 00384 switch ( type[0] ) { 00385 case 'd': 00386 case 'D': 00387 sid_type = SID_NAME_DOM_GRP; 00388 break; 00389 case 'l': 00390 case 'L': 00391 sid_type = SID_NAME_ALIAS; 00392 break; 00393 } 00394 } 00395 else { 00396 d_fprintf(stderr, "Bad option: %s\n", argv[i]); 00397 return -1; 00398 } 00399 } 00400 00401 if ( !ntgroup[0] && !sid_string[0] ) { 00402 d_printf("Usage: net groupmap modify {ntgroup=<string>|sid=<SID>} [comment=<string>] [unixgroup=<string>] [type=<domain|local>]\n"); 00403 return -1; 00404 } 00405 00406 /* give preference to the SID; if both the ntgroup name and SID 00407 are defined, use the SID and assume that the group name could be a 00408 new name */ 00409 00410 if ( sid_string[0] ) { 00411 if (!get_sid_from_input(&sid, sid_string)) { 00412 return -1; 00413 } 00414 } 00415 else { 00416 if (!get_sid_from_input(&sid, ntgroup)) { 00417 return -1; 00418 } 00419 } 00420 00421 /* Get the current mapping from the database */ 00422 if(!pdb_getgrsid(&map, sid)) { 00423 d_fprintf(stderr, "Failure to local group SID in the database\n"); 00424 return -1; 00425 } 00426 00427 /* 00428 * Allow changing of group type only between domain and local 00429 * We disallow changing Builtin groups !!! (SID problem) 00430 */ 00431 if (sid_type == SID_NAME_UNKNOWN) { 00432 d_fprintf(stderr, "Can't map to an unknown group type.\n"); 00433 return -1; 00434 } 00435 00436 if (map.sid_name_use == SID_NAME_WKN_GRP) { 00437 d_fprintf(stderr, "You can only change between domain and local groups.\n"); 00438 return -1; 00439 } 00440 00441 map.sid_name_use=sid_type; 00442 00443 /* Change comment if new one */ 00444 if ( ntcomment[0] ) 00445 fstrcpy( map.comment, ntcomment ); 00446 00447 if ( ntgroup[0] ) 00448 fstrcpy( map.nt_name, ntgroup ); 00449 00450 if ( unixgrp[0] ) { 00451 gid = nametogid( unixgrp ); 00452 if ( gid == -1 ) { 00453 d_fprintf(stderr, "Unable to lookup UNIX group %s. Make sure the group exists.\n", 00454 unixgrp); 00455 return -1; 00456 } 00457 00458 map.gid = gid; 00459 } 00460 00461 if ( !NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map)) ) { 00462 d_fprintf(stderr, "Could not update group database\n"); 00463 return -1; 00464 } 00465 00466 d_printf("Updated mapping entry for %s\n", map.nt_name); 00467 00468 return 0; 00469 }
| static int net_groupmap_delete | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 471 行で定義されています。
参照先 d_fprintf()・d_printf()・get_sid_from_input()・get_string_param()・pdb_delete_group_mapping_entry()・StrnCaseCmp().
参照元 net_groupmap().
00472 { 00473 DOM_SID sid; 00474 fstring ntgroup = ""; 00475 fstring sid_string = ""; 00476 int i; 00477 00478 /* get the options */ 00479 for ( i=0; i<argc; i++ ) { 00480 if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { 00481 fstrcpy( ntgroup, get_string_param( argv[i] ) ); 00482 if ( !ntgroup[0] ) { 00483 d_fprintf(stderr, "must supply a name\n"); 00484 return -1; 00485 } 00486 } 00487 else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { 00488 fstrcpy( sid_string, get_string_param( argv[i] ) ); 00489 if ( !sid_string[0] ) { 00490 d_fprintf(stderr, "must supply a SID\n"); 00491 return -1; 00492 } 00493 } 00494 else { 00495 d_fprintf(stderr, "Bad option: %s\n", argv[i]); 00496 return -1; 00497 } 00498 } 00499 00500 if ( !ntgroup[0] && !sid_string[0]) { 00501 d_printf("Usage: net groupmap delete {ntgroup=<string>|sid=<SID>}\n"); 00502 return -1; 00503 } 00504 00505 /* give preference to the SID if we have that */ 00506 00507 if ( sid_string[0] ) 00508 fstrcpy( ntgroup, sid_string ); 00509 00510 if ( !get_sid_from_input(&sid, ntgroup) ) { 00511 d_fprintf(stderr, "Unable to resolve group %s to a SID\n", ntgroup); 00512 return -1; 00513 } 00514 00515 if ( !NT_STATUS_IS_OK(pdb_delete_group_mapping_entry(sid)) ) { 00516 d_fprintf(stderr, "Failed to removing group %s from the mapping db!\n", ntgroup); 00517 return -1; 00518 } 00519 00520 d_printf("Sucessfully removed %s from the mapping db\n", ntgroup); 00521 00522 return 0; 00523 }
| static int net_groupmap_set | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 525 行で定義されています。
参照先 algorithmic_pdb_gid_to_group_rid()・_GROUP_MAP::comment・d_fprintf()・d_printf()・get_global_sam_sid()・_GROUP_MAP::gid・_GROUP_MAP::nt_name・opt_comment・opt_domaingroup・opt_localgroup・opt_newntname・opt_rid・pdb_add_group_mapping_entry()・pdb_getgrnam()・pdb_getgrsid()・pdb_new_rid()・pdb_rid_algorithm()・pdb_update_group_mapping_entry()・_GROUP_MAP::sid・sid_append_rid()・sid_copy()・SID_NAME_ALIAS・SID_NAME_DOM_GRP・_GROUP_MAP::sid_name_use・SID_NAME_WKN_GRP・string_to_sid().
参照元 net_groupmap().
00526 { 00527 const char *ntgroup = NULL; 00528 struct group *grp = NULL; 00529 GROUP_MAP map; 00530 BOOL have_map = False; 00531 00532 if ((argc < 1) || (argc > 2)) { 00533 d_printf("Usage: net groupmap set \"NT Group\" " 00534 "[\"unix group\"] [-C \"comment\"] [-L] [-D]\n"); 00535 return -1; 00536 } 00537 00538 if ( opt_localgroup && opt_domaingroup ) { 00539 d_printf("Can only specify -L or -D, not both\n"); 00540 return -1; 00541 } 00542 00543 ntgroup = argv[0]; 00544 00545 if (argc == 2) { 00546 grp = getgrnam(argv[1]); 00547 00548 if (grp == NULL) { 00549 d_fprintf(stderr, "Could not find unix group %s\n", argv[1]); 00550 return -1; 00551 } 00552 } 00553 00554 have_map = pdb_getgrnam(&map, ntgroup); 00555 00556 if (!have_map) { 00557 DOM_SID sid; 00558 have_map = ( (strncmp(ntgroup, "S-", 2) == 0) && 00559 string_to_sid(&sid, ntgroup) && 00560 pdb_getgrsid(&map, sid) ); 00561 } 00562 00563 if (!have_map) { 00564 00565 /* Ok, add it */ 00566 00567 if (grp == NULL) { 00568 d_fprintf(stderr, "Could not find group mapping for %s\n", 00569 ntgroup); 00570 return -1; 00571 } 00572 00573 map.gid = grp->gr_gid; 00574 00575 if (opt_rid == 0) { 00576 if ( pdb_rid_algorithm() ) 00577 opt_rid = algorithmic_pdb_gid_to_group_rid(map.gid); 00578 else { 00579 if ( !pdb_new_rid((uint32*)&opt_rid) ) { 00580 d_fprintf( stderr, "Could not allocate new RID\n"); 00581 return -1; 00582 } 00583 } 00584 } 00585 00586 sid_copy(&map.sid, get_global_sam_sid()); 00587 sid_append_rid(&map.sid, opt_rid); 00588 00589 map.sid_name_use = SID_NAME_DOM_GRP; 00590 fstrcpy(map.nt_name, ntgroup); 00591 fstrcpy(map.comment, ""); 00592 00593 if (!NT_STATUS_IS_OK(pdb_add_group_mapping_entry(&map))) { 00594 d_fprintf(stderr, "Could not add mapping entry for %s\n", 00595 ntgroup); 00596 return -1; 00597 } 00598 } 00599 00600 /* Now we have a mapping entry, update that stuff */ 00601 00602 if ( opt_localgroup || opt_domaingroup ) { 00603 if (map.sid_name_use == SID_NAME_WKN_GRP) { 00604 d_fprintf(stderr, "Can't change type of the BUILTIN group %s\n", 00605 map.nt_name); 00606 return -1; 00607 } 00608 } 00609 00610 if (opt_localgroup) 00611 map.sid_name_use = SID_NAME_ALIAS; 00612 00613 if (opt_domaingroup) 00614 map.sid_name_use = SID_NAME_DOM_GRP; 00615 00616 /* The case (opt_domaingroup && opt_localgroup) was tested for above */ 00617 00618 if (strlen(opt_comment) > 0) 00619 fstrcpy(map.comment, opt_comment); 00620 00621 if (strlen(opt_newntname) > 0) 00622 fstrcpy(map.nt_name, opt_newntname); 00623 00624 if (grp != NULL) 00625 map.gid = grp->gr_gid; 00626 00627 if (!NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map))) { 00628 d_fprintf(stderr, "Could not update group mapping for %s\n", ntgroup); 00629 return -1; 00630 } 00631 00632 return 0; 00633 }
| static int net_groupmap_cleanup | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 635 行で定義されています。
参照先 d_fprintf()・pdb_delete_group_mapping_entry()・pdb_enum_group_mapping()・printf()・sid_check_is_in_our_domain()・SID_NAME_UNKNOWN・sid_string_static().
参照元 net_groupmap().
00636 { 00637 GROUP_MAP *map = NULL; 00638 size_t i, entries; 00639 00640 if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, 00641 ENUM_ALL_MAPPED)) { 00642 d_fprintf(stderr, "Could not list group mappings\n"); 00643 return -1; 00644 } 00645 00646 for (i=0; i<entries; i++) { 00647 00648 if (map[i].gid == -1) 00649 printf("Group %s is not mapped\n", map[i].nt_name); 00650 00651 if (!sid_check_is_in_our_domain(&map[i].sid)) { 00652 printf("Deleting mapping for NT Group %s, sid %s\n", 00653 map[i].nt_name, 00654 sid_string_static(&map[i].sid)); 00655 pdb_delete_group_mapping_entry(map[i].sid); 00656 } 00657 } 00658 00659 SAFE_FREE(map); 00660 00661 return 0; 00662 }
| static int net_groupmap_addmem | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 664 行で定義されています。
参照先 d_fprintf()・d_printf()・pdb_add_aliasmem()・string_to_sid().
参照元 net_groupmap().
00665 { 00666 DOM_SID alias, member; 00667 00668 if ( (argc != 2) || 00669 !string_to_sid(&alias, argv[0]) || 00670 !string_to_sid(&member, argv[1]) ) { 00671 d_printf("Usage: net groupmap addmem alias-sid member-sid\n"); 00672 return -1; 00673 } 00674 00675 if (!NT_STATUS_IS_OK(pdb_add_aliasmem(&alias, &member))) { 00676 d_fprintf(stderr, "Could not add sid %s to alias %s\n", 00677 argv[1], argv[0]); 00678 return -1; 00679 } 00680 00681 return 0; 00682 }
| static int net_groupmap_delmem | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 684 行で定義されています。
参照先 d_fprintf()・d_printf()・pdb_del_aliasmem()・string_to_sid().
参照元 net_groupmap().
00685 { 00686 DOM_SID alias, member; 00687 00688 if ( (argc != 2) || 00689 !string_to_sid(&alias, argv[0]) || 00690 !string_to_sid(&member, argv[1]) ) { 00691 d_printf("Usage: net groupmap delmem alias-sid member-sid\n"); 00692 return -1; 00693 } 00694 00695 if (!NT_STATUS_IS_OK(pdb_del_aliasmem(&alias, &member))) { 00696 d_fprintf(stderr, "Could not delete sid %s from alias %s\n", 00697 argv[1], argv[0]); 00698 return -1; 00699 } 00700 00701 return 0; 00702 }
| static int net_groupmap_listmem | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 704 行で定義されています。
参照先 d_fprintf()・d_printf()・pdb_enum_aliasmem()・printf()・sid_string_static()・string_to_sid().
参照元 net_groupmap().
00705 { 00706 DOM_SID alias; 00707 DOM_SID *members; 00708 size_t i, num; 00709 00710 if ( (argc != 1) || 00711 !string_to_sid(&alias, argv[0]) ) { 00712 d_printf("Usage: net groupmap listmem alias-sid\n"); 00713 return -1; 00714 } 00715 00716 members = NULL; 00717 num = 0; 00718 00719 if (!NT_STATUS_IS_OK(pdb_enum_aliasmem(&alias, &members, &num))) { 00720 d_fprintf(stderr, "Could not list members for sid %s\n", argv[0]); 00721 return -1; 00722 } 00723 00724 for (i = 0; i < num; i++) { 00725 printf("%s\n", sid_string_static(&(members[i]))); 00726 } 00727 00728 SAFE_FREE(members); 00729 00730 return 0; 00731 }
| static BOOL print_alias_memberships | ( | TALLOC_CTX * | mem_ctx, | |
| const DOM_SID * | domain_sid, | |||
| const DOM_SID * | member | |||
| ) | [static] |
net_groupmap.c の 733 行で定義されています。
参照先 d_fprintf()・domain_sid・pdb_enum_alias_memberships()・printf()・sid_append_rid()・sid_copy()・sid_string_static().
参照元 net_groupmap_memberships().
00736 { 00737 uint32 *alias_rids; 00738 size_t i, num_alias_rids; 00739 00740 alias_rids = NULL; 00741 num_alias_rids = 0; 00742 00743 if (!NT_STATUS_IS_OK(pdb_enum_alias_memberships( 00744 mem_ctx, domain_sid, member, 1, 00745 &alias_rids, &num_alias_rids))) { 00746 d_fprintf(stderr, "Could not list memberships for sid %s\n", 00747 sid_string_static(member)); 00748 return False; 00749 } 00750 00751 for (i = 0; i < num_alias_rids; i++) { 00752 DOM_SID alias; 00753 sid_copy(&alias, domain_sid); 00754 sid_append_rid(&alias, alias_rids[i]); 00755 printf("%s\n", sid_string_static(&alias)); 00756 } 00757 00758 return True; 00759 }
| static int net_groupmap_memberships | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_groupmap.c の 761 行で定義されています。
参照先 d_fprintf()・d_printf()・domain_sid・get_global_sam_sid()・print_alias_memberships()・string_sid_talloc()・string_to_sid()・talloc_init().
参照元 net_groupmap().
00762 { 00763 TALLOC_CTX *mem_ctx; 00764 DOM_SID *domain_sid, *builtin_sid, member; 00765 00766 if ( (argc != 1) || 00767 !string_to_sid(&member, argv[0]) ) { 00768 d_printf("Usage: net groupmap memberof sid\n"); 00769 return -1; 00770 } 00771 00772 mem_ctx = talloc_init("net_groupmap_memberships"); 00773 if (mem_ctx == NULL) { 00774 d_fprintf(stderr, "talloc_init failed\n"); 00775 return -1; 00776 } 00777 00778 domain_sid = get_global_sam_sid(); 00779 builtin_sid = string_sid_talloc(mem_ctx, "S-1-5-32"); 00780 if ((domain_sid == NULL) || (builtin_sid == NULL)) { 00781 d_fprintf(stderr, "Could not get domain sid\n"); 00782 return -1; 00783 } 00784 00785 if (!print_alias_memberships(mem_ctx, domain_sid, &member) || 00786 !print_alias_memberships(mem_ctx, builtin_sid, &member)) 00787 return -1; 00788 00789 talloc_destroy(mem_ctx); 00790 00791 return 0; 00792 }
| int net_help_groupmap | ( | int | argc, | |
| const char ** | argv | |||
| ) |
net_groupmap.c の 794 行で定義されています。
参照先 d_printf().
参照元 net_groupmap()・net_help().
00795 { 00796 d_printf("net groupmap add"\ 00797 "\n Create a new group mapping\n"); 00798 d_printf("net groupmap modify"\ 00799 "\n Update a group mapping\n"); 00800 d_printf("net groupmap delete"\ 00801 "\n Remove a group mapping\n"); 00802 d_printf("net groupmap addmem"\ 00803 "\n Add a foreign alias member\n"); 00804 d_printf("net groupmap delmem"\ 00805 "\n Delete a foreign alias member\n"); 00806 d_printf("net groupmap listmem"\ 00807 "\n List foreign group members\n"); 00808 d_printf("net groupmap memberships"\ 00809 "\n List foreign group memberships\n"); 00810 d_printf("net groupmap list"\ 00811 "\n List current group map\n"); 00812 d_printf("net groupmap set"\ 00813 "\n Set group mapping\n"); 00814 d_printf("net groupmap cleanup"\ 00815 "\n Remove foreign group mapping entries\n"); 00816 00817 return -1; 00818 }
| int net_groupmap | ( | int | argc, | |
| const char ** | argv | |||
| ) |
net_groupmap.c の 824 行で定義されています。
参照先 d_fprintf()・net_groupmap_add()・net_groupmap_addmem()・net_groupmap_cleanup()・net_groupmap_delete()・net_groupmap_delmem()・net_groupmap_list()・net_groupmap_listmem()・net_groupmap_memberships()・net_groupmap_modify()・net_groupmap_set()・net_help_groupmap()・net_run_function().
00825 { 00826 struct functable func[] = { 00827 {"add", net_groupmap_add}, 00828 {"modify", net_groupmap_modify}, 00829 {"delete", net_groupmap_delete}, 00830 {"set", net_groupmap_set}, 00831 {"cleanup", net_groupmap_cleanup}, 00832 {"addmem", net_groupmap_addmem}, 00833 {"delmem", net_groupmap_delmem}, 00834 {"listmem", net_groupmap_listmem}, 00835 {"memberships", net_groupmap_memberships}, 00836 {"list", net_groupmap_list}, 00837 {"help", net_help_groupmap}, 00838 {NULL, NULL} 00839 }; 00840 00841 /* we shouldn't have silly checks like this */ 00842 if (getuid() != 0) { 00843 d_fprintf(stderr, "You must be root to edit group mappings.\n"); 00844 return -1; 00845 } 00846 00847 if ( argc ) 00848 return net_run_function(argc, argv, func, net_help_groupmap); 00849 00850 return net_help_groupmap( argc, argv ); 00851 }
1.4.7