utils/net_rpc_samsync.c

ソースコードを見る。

関数

static void display_group_mem_info (uint32 rid, SAM_GROUP_MEM_INFO *g)
static void display_alias_info (uint32 rid, SAM_ALIAS_INFO *a)
static void display_alias_mem (uint32 rid, SAM_ALIAS_MEM_INFO *a)
static void display_account_info (uint32 rid, SAM_ACCOUNT_INFO *a)
static time_t uint64s_nt_time_to_unix_abs (const uint64 *src)
static void display_domain_info (SAM_DOMAIN_INFO *a)
static void display_group_info (uint32 rid, SAM_GROUP_INFO *a)
static void display_sam_entry (SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta)
static void dump_database (struct rpc_pipe_client *pipe_hnd, uint32 db_type)
NTSTATUS rpc_samdump_internals (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv)
static NTSTATUS sam_account_from_delta (struct samu *account, SAM_ACCOUNT_INFO *delta)
static NTSTATUS fetch_account_info (uint32 rid, SAM_ACCOUNT_INFO *delta)
static NTSTATUS fetch_group_info (uint32 rid, SAM_GROUP_INFO *delta)
static NTSTATUS fetch_group_mem_info (uint32 rid, SAM_GROUP_MEM_INFO *delta)
static NTSTATUS fetch_alias_info (uint32 rid, SAM_ALIAS_INFO *delta, DOM_SID dom_sid)
static NTSTATUS fetch_alias_mem (uint32 rid, SAM_ALIAS_MEM_INFO *delta, DOM_SID dom_sid)
static NTSTATUS fetch_domain_info (uint32 rid, SAM_DOMAIN_INFO *delta)
static void fetch_sam_entry (SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, DOM_SID dom_sid)
static NTSTATUS fetch_database (struct rpc_pipe_client *pipe_hnd, uint32 db_type, DOM_SID dom_sid)
static NTSTATUS populate_ldap_for_ldif (fstring sid, const char *suffix, const char *builtin_sid, FILE *add_fd)
static NTSTATUS map_populate_groups (GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, const char *suffix, const char *builtin_sid)
static int fprintf_attr (FILE *add_fd, const char *attr_name, const char *fmt,...)
static NTSTATUS fetch_group_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix)
static NTSTATUS fetch_account_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *add_fd, fstring sid, char *suffix, int alloced)
static NTSTATUS fetch_alias_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix, unsigned db_type)
static NTSTATUS fetch_groupmem_info_to_ldif (SAM_DELTA_CTR *delta, SAM_DELTA_HDR *hdr_delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *mod_fd, int alloced)
static NTSTATUS fetch_database_to_ldif (struct rpc_pipe_client *pipe_hnd, uint32 db_type, DOM_SID dom_sid, const char *user_file)
int rpc_vampire_usage (int argc, const char **argv)
 Basic usage function for 'net rpc vampire'
NTSTATUS rpc_vampire_internals (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv)

変数

static uint32 ldif_gid = 999
static uint32 ldif_uid = 999
static int init_ldap = 1


関数

static void display_group_mem_info ( uint32  rid,
SAM_GROUP_MEM_INFO g 
) [static]

net_rpc_samsync.c35 行で定義されています。

参照先 d_printf()sam_group_mem_info_info::num_memberssam_group_mem_info_info::rids.

参照元 display_sam_entry().

00036 {
00037         int i;
00038         d_printf("Group mem %u: ", rid);
00039         for (i=0;i<g->num_members;i++) {
00040                 d_printf("%u ", g->rids[i]);
00041         }
00042         d_printf("\n");
00043 }

static void display_alias_info ( uint32  rid,
SAM_ALIAS_INFO a 
) [static]

net_rpc_samsync.c45 行で定義されています。

参照先 sam_alias_info_info::als_ridd_printf()sam_alias_info_info::uni_als_descsam_alias_info_info::uni_als_nameunistr2_static().

参照元 display_sam_entry().

00046 {
00047         d_printf("Alias '%s' ", unistr2_static(&a->uni_als_name));
00048         d_printf("desc='%s' rid=%u\n", unistr2_static(&a->uni_als_desc), a->als_rid);
00049 }

static void display_alias_mem ( uint32  rid,
SAM_ALIAS_MEM_INFO a 
) [static]

net_rpc_samsync.c51 行で定義されています。

参照先 d_printf()sam_alias_mem_info_info::num_membersDOM_SID2::sidsid_string_static()sam_alias_mem_info_info::sids.

参照元 display_sam_entry().

00052 {
00053         int i;
00054         d_printf("Alias rid %u: ", rid);
00055         for (i=0;i<a->num_members;i++) {
00056                 d_printf("%s ", sid_string_static(&a->sids[i].sid));
00057         }
00058         d_printf("\n");
00059 }

static void display_account_info ( uint32  rid,
SAM_ACCOUNT_INFO a 
) [static]

net_rpc_samsync.c61 行で定義されています。

参照先 sam_account_info_info::acb_infosam_passwd_info::buf_lm_pwdsam_passwd_info::buf_nt_pwdsam_account_info_info::passpdb_encode_acct_ctrl()pdb_sethexpwd()printf()sam_pwd_hash()sam_account_info_info::uni_acct_nameunistr2_static()sam_account_info_info::user_rid.

参照元 display_sam_entry().

00062 {
00063         fstring hex_nt_passwd, hex_lm_passwd;
00064         uchar lm_passwd[16], nt_passwd[16];
00065         static uchar zero_buf[16];
00066 
00067         /* Decode hashes from password hash (if they are not NULL) */
00068         
00069         if (memcmp(a->pass.buf_lm_pwd, zero_buf, 16) != 0) {
00070                 sam_pwd_hash(a->user_rid, a->pass.buf_lm_pwd, lm_passwd, 0);
00071                 pdb_sethexpwd(hex_lm_passwd, lm_passwd, a->acb_info);
00072         } else {
00073                 pdb_sethexpwd(hex_lm_passwd, NULL, 0);
00074         }
00075 
00076         if (memcmp(a->pass.buf_nt_pwd, zero_buf, 16) != 0) {
00077                 sam_pwd_hash(a->user_rid, a->pass.buf_nt_pwd, nt_passwd, 0);
00078                 pdb_sethexpwd(hex_nt_passwd, nt_passwd, a->acb_info);
00079         } else {
00080                 pdb_sethexpwd(hex_nt_passwd, NULL, 0);
00081         }
00082         
00083         printf("%s:%d:%s:%s:%s:LCT-0\n", unistr2_static(&a->uni_acct_name),
00084                a->user_rid, hex_lm_passwd, hex_nt_passwd,
00085                pdb_encode_acct_ctrl(a->acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN));
00086 }

static time_t uint64s_nt_time_to_unix_abs ( const uint64 *  src  )  [static]

net_rpc_samsync.c88 行で定義されています。

参照先 nt_time_to_unix_abs().

参照元 display_domain_info()fetch_domain_info().

00089 {
00090         NTTIME nttime;
00091         nttime = *src;
00092         return nt_time_to_unix_abs(&nttime);
00093 }

static void display_domain_info ( SAM_DOMAIN_INFO a  )  [static]

net_rpc_samsync.c95 行で定義されています。

参照先 sam_domain_info_info::account_lockoutaccount_lockout_string::bad_attempt_lockoutd_printf()display_time()sam_domain_info_info::force_logoffaccount_lockout_string::lockout_durationsam_domain_info_info::logon_chgpasssam_domain_info_info::max_pwd_agesam_domain_info_info::min_pwd_agesam_domain_info_info::min_pwd_lensam_domain_info_info::pwd_history_lenaccount_lockout_string::reset_countuint64s_nt_time_to_unix_abs()sam_domain_info_info::uni_dom_nameunistr2_static().

参照元 display_sam_entry().

00096 {
00097         time_t u_logout;
00098 
00099         u_logout = uint64s_nt_time_to_unix_abs(&a->force_logoff);
00100 
00101         d_printf("Domain name: %s\n", unistr2_static(&a->uni_dom_name));
00102 
00103         d_printf("Minimal Password Length: %d\n", a->min_pwd_len);
00104         d_printf("Password History Length: %d\n", a->pwd_history_len);
00105 
00106         d_printf("Force Logoff: %d\n", (int)u_logout);
00107 
00108         d_printf("Max Password Age: %s\n", display_time(a->max_pwd_age));
00109         d_printf("Min Password Age: %s\n", display_time(a->min_pwd_age));
00110 
00111         d_printf("Lockout Time: %s\n", display_time(a->account_lockout.lockout_duration));
00112         d_printf("Lockout Reset Time: %s\n", display_time(a->account_lockout.reset_count));
00113 
00114         d_printf("Bad Attempt Lockout: %d\n", a->account_lockout.bad_attempt_lockout);
00115         d_printf("User must logon to change password: %d\n", a->logon_chgpass);
00116 }

static void display_group_info ( uint32  rid,
SAM_GROUP_INFO a 
) [static]

net_rpc_samsync.c118 行で定義されています。

参照先 d_printf()sam_group_info_info::uni_grp_descsam_group_info_info::uni_grp_nameunistr2_static().

参照元 display_sam_entry().

00119 {
00120         d_printf("Group '%s' ", unistr2_static(&a->uni_grp_name));
00121         d_printf("desc='%s', rid=%u\n", unistr2_static(&a->uni_grp_desc), rid);
00122 }

static void display_sam_entry ( SAM_DELTA_HDR hdr_delta,
SAM_DELTA_CTR delta 
) [static]

net_rpc_samsync.c124 行で定義されています。

参照先 sam_delta_ctr_info::account_infosam_delta_ctr_info::alias_infosam_delta_ctr_info::als_mem_infod_printf()display_account_info()display_alias_info()display_alias_mem()display_domain_info()display_group_info()display_group_mem_info()sam_delta_ctr_info::domain_infosam_delta_ctr_info::group_infosam_delta_ctr_info::grp_mem_infosam_delta_hdr_info::target_ridsam_delta_hdr_info::type.

参照元 dump_database().

00125 {
00126         switch (hdr_delta->type) {
00127         case SAM_DELTA_ACCOUNT_INFO:
00128                 display_account_info(hdr_delta->target_rid, &delta->account_info);
00129                 break;
00130         case SAM_DELTA_GROUP_MEM:
00131                 display_group_mem_info(hdr_delta->target_rid, &delta->grp_mem_info);
00132                 break;
00133         case SAM_DELTA_ALIAS_INFO:
00134                 display_alias_info(hdr_delta->target_rid, &delta->alias_info);
00135                 break;
00136         case SAM_DELTA_ALIAS_MEM:
00137                 display_alias_mem(hdr_delta->target_rid, &delta->als_mem_info);
00138                 break;
00139         case SAM_DELTA_DOMAIN_INFO:
00140                 display_domain_info(&delta->domain_info);
00141                 break;
00142         case SAM_DELTA_GROUP_INFO:
00143                 display_group_info(hdr_delta->target_rid, &delta->group_info);
00144                 break;
00145                 /* The following types are recognised but not handled */
00146         case SAM_DELTA_RENAME_GROUP:
00147                 d_printf("SAM_DELTA_RENAME_GROUP not handled\n");
00148                 break;
00149         case SAM_DELTA_RENAME_USER:
00150                 d_printf("SAM_DELTA_RENAME_USER not handled\n");
00151                 break;
00152         case SAM_DELTA_RENAME_ALIAS:
00153                 d_printf("SAM_DELTA_RENAME_ALIAS not handled\n");
00154                 break;
00155         case SAM_DELTA_POLICY_INFO:
00156                 d_printf("SAM_DELTA_POLICY_INFO not handled\n");
00157                 break;
00158         case SAM_DELTA_TRUST_DOMS:
00159                 d_printf("SAM_DELTA_TRUST_DOMS not handled\n");
00160                 break;
00161         case SAM_DELTA_PRIVS_INFO:
00162                 d_printf("SAM_DELTA_PRIVS_INFO not handled\n");
00163                 break;
00164         case SAM_DELTA_SECRET_INFO:
00165                 d_printf("SAM_DELTA_SECRET_INFO not handled\n");
00166                 break;
00167         case SAM_DELTA_DELETE_GROUP:
00168                 d_printf("SAM_DELTA_DELETE_GROUP not handled\n");
00169                 break;
00170         case SAM_DELTA_DELETE_USER:
00171                 d_printf("SAM_DELTA_DELETE_USER not handled\n");
00172                 break;
00173         case SAM_DELTA_MODIFIED_COUNT:
00174                 d_printf("SAM_DELTA_MODIFIED_COUNT not handled\n");
00175                 break;
00176         default:
00177                 d_printf("Unknown delta record type %d\n", hdr_delta->type);
00178                 break;
00179         }
00180 }

static void dump_database ( struct rpc_pipe_client pipe_hnd,
uint32  db_type 
) [static]

net_rpc_samsync.c182 行で定義されています。

参照先 d_printf()display_sam_entry()resultrpccli_netlogon_sam_sync()SAM_DATABASE_BUILTINSAM_DATABASE_DOMAINSAM_DATABASE_PRIVStalloc_init().

参照元 rpc_samdump_internals().

00183 {
00184         uint32 sync_context = 0;
00185         NTSTATUS result;
00186         int i;
00187         TALLOC_CTX *mem_ctx;
00188         SAM_DELTA_HDR *hdr_deltas;
00189         SAM_DELTA_CTR *deltas;
00190         uint32 num_deltas;
00191 
00192         if (!(mem_ctx = talloc_init("dump_database"))) {
00193                 return;
00194         }
00195 
00196         switch( db_type ) {
00197         case SAM_DATABASE_DOMAIN:
00198                 d_printf("Dumping DOMAIN database\n");
00199                 break;
00200         case SAM_DATABASE_BUILTIN:
00201                 d_printf("Dumping BUILTIN database\n");
00202                 break;
00203         case SAM_DATABASE_PRIVS:
00204                 d_printf("Dumping PRIVS databases\n");
00205                 break;
00206         default:
00207                 d_printf("Dumping unknown database type %u\n", db_type );
00208                 break;
00209         }
00210 
00211         do {
00212                 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, db_type,
00213                                                sync_context,
00214                                                &num_deltas, &hdr_deltas, &deltas);
00215                 if (!NT_STATUS_IS_OK(result))
00216                         break;
00217 
00218                 for (i = 0; i < num_deltas; i++) {
00219                         display_sam_entry(&hdr_deltas[i], &deltas[i]);
00220                 }
00221                 sync_context += 1;
00222         } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
00223 
00224         talloc_destroy(mem_ctx);
00225 }

NTSTATUS rpc_samdump_internals ( const DOM_SID domain_sid,
const char *  domain_name,
struct cli_state cli,
struct rpc_pipe_client pipe_hnd,
TALLOC_CTX mem_ctx,
int  argc,
const char **  argv 
)

net_rpc_samsync.c228 行で定義されています。

参照先 clicli_state::desthostdump_database()global_mynamerpccli_netlogon_setup_creds()SAM_DATABASE_BUILTINSAM_DATABASE_DOMAINSAM_DATABASE_PRIVSsecrets_fetch_trust_account_password().

参照元 rpc_samdump().

00235 {
00236 #if 0
00237         /* net_rpc.c now always tries to create an schannel pipe.. */
00238 
00239         NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
00240         uchar trust_password[16];
00241         uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
00242         uint32 sec_channel_type = 0;
00243 
00244         if (!secrets_fetch_trust_account_password(domain_name,
00245                                                   trust_password,
00246                                                   NULL, &sec_channel_type)) {
00247                 DEBUG(0,("Could not fetch trust account password\n"));
00248                 goto fail;
00249         }
00250 
00251         nt_status = rpccli_netlogon_setup_creds(pipe_hnd,
00252                                                 cli->desthost,
00253                                                 domain_name,
00254                                                 global_myname(),
00255                                                 trust_password,
00256                                                 sec_channel_type,
00257                                                 &neg_flags);
00258 
00259         if (!NT_STATUS_IS_OK(nt_status)) {
00260                 DEBUG(0,("Error connecting to NETLOGON pipe\n"));
00261                 goto fail;
00262         }
00263 #endif
00264 
00265         dump_database(pipe_hnd, SAM_DATABASE_DOMAIN);
00266         dump_database(pipe_hnd, SAM_DATABASE_BUILTIN);
00267         dump_database(pipe_hnd, SAM_DATABASE_PRIVS);
00268 
00269         return NT_STATUS_OK;
00270 }

static NTSTATUS sam_account_from_delta ( struct samu account,
SAM_ACCOUNT_INFO delta 
) [static]

net_rpc_samsync.c281 行で定義されています。

参照先 sam_account_info_info::acb_infosam_account_info_info::bad_pwd_countbase64_encode_data_blob()RPC_DATA_BLOB::buf_lensam_passwd_info::buf_lm_pwdsam_account_info_info::buf_logon_hrssam_passwd_info::buf_nt_pwdRPC_DATA_BLOB::bufferUNISTR2::bufferUNIHDR::bufferdata_blob_::datasam_account_info_info::group_ridsam_account_info_info::hdr_acct_descsam_account_info_info::hdr_acct_namesam_account_info_info::hdr_dir_drivesam_account_info_info::hdr_full_namesam_account_info_info::hdr_home_dirsam_account_info_info::hdr_logon_scriptsam_account_info_info::hdr_parameterssam_account_info_info::hdr_profilesam_account_info_info::hdr_workstationsdata_blob_::lengthsam_account_info_info::logoff_timesam_account_info_info::logon_countsam_account_info_info::logon_divssam_account_info_info::logon_timelp_workgroup()nt_time_is_zero()nt_time_to_unix()sam_account_info_info::passPDB_CHANGEDpdb_get_acct_desc()pdb_get_bad_password_count()pdb_get_dir_drive()pdb_get_fullname()pdb_get_group_rid()pdb_get_homedir()pdb_get_hours()pdb_get_hours_len()pdb_get_kickoff_time()pdb_get_logoff_time()pdb_get_logon_count()pdb_get_logon_divs()pdb_get_logon_script()pdb_get_logon_time()pdb_get_munged_dial()pdb_get_nt_username()pdb_get_pass_last_set_time()pdb_get_profile_path()pdb_get_unknown_6()pdb_get_user_rid()pdb_get_username()pdb_get_workstations()pdb_set_acct_ctrl()pdb_set_acct_desc()pdb_set_bad_password_count()pdb_set_dir_drive()pdb_set_domain()pdb_set_fullname()pdb_set_group_sid_from_rid()pdb_set_homedir()pdb_set_hours()pdb_set_hours_len()pdb_set_kickoff_time()pdb_set_lanman_passwd()pdb_set_logoff_time()pdb_set_logon_count()pdb_set_logon_divs()pdb_set_logon_script()pdb_set_logon_time()pdb_set_munged_dial()pdb_set_nt_passwd()pdb_set_nt_username()pdb_set_pass_last_set_time()pdb_set_profile_path()pdb_set_unknown_6()pdb_set_user_sid_from_rid()pdb_set_username()pdb_set_workstations()pdb_sethexhours()sam_account_info_info::pwd_last_set_timesam_pwd_hash()strequal()sam_account_info_info::uni_acct_descsam_account_info_info::uni_acct_namesam_account_info_info::uni_dir_drivesam_account_info_info::uni_full_namesam_account_info_info::uni_home_dirsam_account_info_info::uni_logon_scriptsam_account_info_info::uni_parameterssam_account_info_info::uni_profileUNIHDR::uni_str_lensam_account_info_info::uni_workstationsunistr2_static()sam_account_info_info::unknown1sam_account_info_info::user_rid.

参照元 fetch_account_info().

00282 {
00283         const char *old_string, *new_string;
00284         time_t unix_time, stored_time;
00285         uchar lm_passwd[16], nt_passwd[16];
00286         static uchar zero_buf[16];
00287 
00288         /* Username, fullname, home dir, dir drive, logon script, acct
00289            desc, workstations, profile. */
00290 
00291         if (delta->hdr_acct_name.buffer) {
00292                 old_string = pdb_get_nt_username(account);
00293                 new_string = unistr2_static(&delta->uni_acct_name);
00294 
00295                 if (STRING_CHANGED) {
00296                         pdb_set_nt_username(account, new_string, PDB_CHANGED);
00297               
00298                 }
00299          
00300                 /* Unix username is the same - for sanity */
00301                 old_string = pdb_get_username( account );
00302                 if (STRING_CHANGED) {
00303                         pdb_set_username(account, new_string, PDB_CHANGED);
00304                 }
00305         }
00306 
00307         if (delta->hdr_full_name.buffer) {
00308                 old_string = pdb_get_fullname(account);
00309                 new_string = unistr2_static(&delta->uni_full_name);
00310 
00311                 if (STRING_CHANGED)
00312                         pdb_set_fullname(account, new_string, PDB_CHANGED);
00313         }
00314 
00315         if (delta->hdr_home_dir.buffer) {
00316                 old_string = pdb_get_homedir(account);
00317                 new_string = unistr2_static(&delta->uni_home_dir);
00318 
00319                 if (STRING_CHANGED)
00320                         pdb_set_homedir(account, new_string, PDB_CHANGED);
00321         }
00322 
00323         if (delta->hdr_dir_drive.buffer) {
00324                 old_string = pdb_get_dir_drive(account);
00325                 new_string = unistr2_static(&delta->uni_dir_drive);
00326 
00327                 if (STRING_CHANGED)
00328                         pdb_set_dir_drive(account, new_string, PDB_CHANGED);
00329         }
00330 
00331         if (delta->hdr_logon_script.buffer) {
00332                 old_string = pdb_get_logon_script(account);
00333                 new_string = unistr2_static(&delta->uni_logon_script);
00334 
00335                 if (STRING_CHANGED)
00336                         pdb_set_logon_script(account, new_string, PDB_CHANGED);
00337         }
00338 
00339         if (delta->hdr_acct_desc.buffer) {
00340                 old_string = pdb_get_acct_desc(account);
00341                 new_string = unistr2_static(&delta->uni_acct_desc);
00342 
00343                 if (STRING_CHANGED)
00344                         pdb_set_acct_desc(account, new_string, PDB_CHANGED);
00345         }
00346 
00347         if (delta->hdr_workstations.buffer) {
00348                 old_string = pdb_get_workstations(account);
00349                 new_string = unistr2_static(&delta->uni_workstations);
00350 
00351                 if (STRING_CHANGED)
00352                         pdb_set_workstations(account, new_string, PDB_CHANGED);
00353         }
00354 
00355         if (delta->hdr_profile.buffer) {
00356                 old_string = pdb_get_profile_path(account);
00357                 new_string = unistr2_static(&delta->uni_profile);
00358 
00359                 if (STRING_CHANGED)
00360                         pdb_set_profile_path(account, new_string, PDB_CHANGED);
00361         }
00362 
00363         if (delta->hdr_parameters.buffer) {
00364                 DATA_BLOB mung;
00365                 char *newstr;
00366                 old_string = pdb_get_munged_dial(account);
00367                 mung.length = delta->hdr_parameters.uni_str_len;
00368                 mung.data = (uint8 *) delta->uni_parameters.buffer;
00369                 newstr = (mung.length == 0) ? NULL : base64_encode_data_blob(mung);
00370 
00371                 if (STRING_CHANGED_NC(old_string, newstr))
00372                         pdb_set_munged_dial(account, newstr, PDB_CHANGED);
00373                 SAFE_FREE(newstr);
00374         }
00375 
00376         /* User and group sid */
00377         if (pdb_get_user_rid(account) != delta->user_rid)
00378                 pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED);
00379         if (pdb_get_group_rid(account) != delta->group_rid)
00380                 pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED);
00381 
00382         /* Logon and password information */
00383         if (!nt_time_is_zero(&delta->logon_time)) {
00384                 unix_time = nt_time_to_unix(delta->logon_time);
00385                 stored_time = pdb_get_logon_time(account);
00386                 if (stored_time != unix_time)
00387                         pdb_set_logon_time(account, unix_time, PDB_CHANGED);
00388         }
00389 
00390         if (!nt_time_is_zero(&delta->logoff_time)) {
00391                 unix_time = nt_time_to_unix(delta->logoff_time);
00392                 stored_time = pdb_get_logoff_time(account);
00393                 if (stored_time != unix_time)
00394                         pdb_set_logoff_time(account, unix_time,PDB_CHANGED);
00395         }
00396 
00397         /* Logon Divs */
00398         if (pdb_get_logon_divs(account) != delta->logon_divs)
00399                 pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED);
00400 
00401         /* Max Logon Hours */
00402         if (delta->unknown1 != pdb_get_unknown_6(account)) {
00403                 pdb_set_unknown_6(account, delta->unknown1, PDB_CHANGED);
00404         }
00405 
00406         /* Logon Hours Len */
00407         if (delta->buf_logon_hrs.buf_len != pdb_get_hours_len(account)) {
00408                 pdb_set_hours_len(account, delta->buf_logon_hrs.buf_len, PDB_CHANGED);
00409         }
00410 
00411         /* Logon Hours */
00412         if (delta->buf_logon_hrs.buffer) {
00413                 pstring oldstr, newstr;
00414                 pdb_sethexhours(oldstr, pdb_get_hours(account));
00415                 pdb_sethexhours(newstr, delta->buf_logon_hrs.buffer);
00416                 if (!strequal(oldstr, newstr))
00417                         pdb_set_hours(account, (const uint8 *)delta->buf_logon_hrs.buffer, PDB_CHANGED);
00418         }
00419 
00420         if (pdb_get_bad_password_count(account) != delta->bad_pwd_count)
00421                 pdb_set_bad_password_count(account, delta->bad_pwd_count, PDB_CHANGED);
00422 
00423         if (pdb_get_logon_count(account) != delta->logon_count)
00424                 pdb_set_logon_count(account, delta->logon_count, PDB_CHANGED);
00425 
00426         if (!nt_time_is_zero(&delta->pwd_last_set_time)) {
00427                 unix_time = nt_time_to_unix(delta->pwd_last_set_time);
00428                 stored_time = pdb_get_pass_last_set_time(account);
00429                 if (stored_time != unix_time)
00430                         pdb_set_pass_last_set_time(account, unix_time, PDB_CHANGED);
00431         } else {
00432                 /* no last set time, make it now */
00433                 pdb_set_pass_last_set_time(account, time(NULL), PDB_CHANGED);
00434         }
00435 
00436 #if 0
00437 /*      No kickoff time in the delta? */
00438         if (!nt_time_is_zero(&delta->kickoff_time)) {
00439                 unix_time = nt_time_to_unix(&delta->kickoff_time);
00440                 stored_time = pdb_get_kickoff_time(account);
00441                 if (stored_time != unix_time)
00442                         pdb_set_kickoff_time(account, unix_time, PDB_CHANGED);
00443         }
00444 #endif
00445 
00446         /* Decode hashes from password hash 
00447            Note that win2000 may send us all zeros for the hashes if it doesn't 
00448            think this channel is secure enough - don't set the passwords at all
00449            in that case
00450         */
00451         if (memcmp(delta->pass.buf_lm_pwd, zero_buf, 16) != 0) {
00452                 sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0);
00453                 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED);
00454         }
00455 
00456         if (memcmp(delta->pass.buf_nt_pwd, zero_buf, 16) != 0) {
00457                 sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0);
00458                 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED);
00459         }
00460 
00461         /* TODO: account expiry time */
00462 
00463         pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED);
00464 
00465         pdb_set_domain(account, lp_workgroup(), PDB_CHANGED);
00466 
00467         return NT_STATUS_OK;
00468 }

static NTSTATUS fetch_account_info ( uint32  rid,
SAM_ACCOUNT_INFO delta 
) [static]

net_rpc_samsync.c470 行で定義されています。

参照先 sam_account_info_info::acb_infoall_string_sub()d_fprintf()d_printf()get_global_sam_sid()Get_Pwnam()_GROUP_MAP::gidpdb_add_sam_account()pdb_encode_acct_ctrl()pdb_get_group_sid()pdb_get_username()pdb_getgrsid()pdb_getsampwsid()pdb_update_sam_account()sam_account_from_delta()samu_new()sid_append_rid()sid_copy()sid_string_static()sid_to_string()smb_nscd_flush_user_cache()smb_set_primary_group()smbrun()sam_account_info_info::uni_acct_nameunistr2_static()sam_account_info_info::user_rid.

参照元 fetch_sam_entry().

00471 {
00472         NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL;
00473         fstring account;
00474         pstring add_script;
00475         struct samu *sam_account=NULL;
00476         GROUP_MAP map;
00477         struct group *grp;
00478         DOM_SID user_sid;
00479         DOM_SID group_sid;
00480         struct passwd *passwd;
00481         fstring sid_string;
00482 
00483         fstrcpy(account, unistr2_static(&delta->uni_acct_name));
00484         d_printf("Creating account: %s\n", account);
00485 
00486         if ( !(sam_account = samu_new( NULL )) ) {
00487                 return NT_STATUS_NO_MEMORY;
00488         }
00489 
00490         if (!(passwd = Get_Pwnam(account))) {
00491                 /* Create appropriate user */
00492                 if (delta->acb_info & ACB_NORMAL) {
00493                         pstrcpy(add_script, lp_adduser_script());
00494                 } else if ( (delta->acb_info & ACB_WSTRUST) ||
00495                             (delta->acb_info & ACB_SVRTRUST) ||
00496                             (delta->acb_info & ACB_DOMTRUST) ) {
00497                         pstrcpy(add_script, lp_addmachine_script());
00498                 } else {
00499                         DEBUG(1, ("Unknown user type: %s\n",
00500                                   pdb_encode_acct_ctrl(delta->acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN)));
00501                         nt_ret = NT_STATUS_UNSUCCESSFUL;
00502                         goto done;
00503                 }
00504                 if (*add_script) {
00505                         int add_ret;
00506                         all_string_sub(add_script, "%u", account,
00507                                        sizeof(account));
00508                         add_ret = smbrun(add_script,NULL);
00509                         DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' "
00510                                  "gave %d\n", add_script, add_ret));
00511                         if (add_ret == 0) {
00512                                 smb_nscd_flush_user_cache();
00513                         }
00514                 }
00515                 
00516                 /* try and find the possible unix account again */
00517                 if ( !(passwd = Get_Pwnam(account)) ) {
00518                         d_fprintf(stderr, "Could not create posix account info for '%s'\n", account);
00519                         nt_ret = NT_STATUS_NO_SUCH_USER;
00520                         goto done;
00521                 }
00522         }
00523         
00524         sid_copy(&user_sid, get_global_sam_sid());
00525         sid_append_rid(&user_sid, delta->user_rid);
00526 
00527         DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n", sid_to_string(sid_string, &user_sid), account));
00528         if (!pdb_getsampwsid(sam_account, &user_sid)) {
00529                 sam_account_from_delta(sam_account, delta);
00530                 DEBUG(3, ("Attempting to add user SID %s for user %s in the passdb\n", 
00531                           sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
00532                 if (!NT_STATUS_IS_OK(pdb_add_sam_account(sam_account))) {
00533                         DEBUG(1, ("SAM Account for %s failed to be added to the passdb!\n",
00534                                   account));
00535                         return NT_STATUS_ACCESS_DENIED; 
00536                 }
00537         } else {
00538                 sam_account_from_delta(sam_account, delta);
00539                 DEBUG(3, ("Attempting to update user SID %s for user %s in the passdb\n", 
00540                           sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account)));
00541                 if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_account))) {
00542                         DEBUG(1, ("SAM Account for %s failed to be updated in the passdb!\n",
00543                                   account));
00544                         TALLOC_FREE(sam_account);
00545                         return NT_STATUS_ACCESS_DENIED; 
00546                 }
00547         }
00548 
00549         if (pdb_get_group_sid(sam_account) == NULL) {
00550                 return NT_STATUS_UNSUCCESSFUL;
00551         }
00552 
00553         group_sid = *pdb_get_group_sid(sam_account);
00554 
00555         if (!pdb_getgrsid(&map, group_sid)) {
00556                 DEBUG(0, ("Primary group of %s has no mapping!\n",
00557                           pdb_get_username(sam_account)));
00558         } else {
00559                 if (map.gid != passwd->pw_gid) {
00560                         if (!(grp = getgrgid(map.gid))) {
00561                                 DEBUG(0, ("Could not find unix group %lu for user %s (group SID=%s)\n", 
00562                                           (unsigned long)map.gid, pdb_get_username(sam_account), sid_string_static(&group_sid)));
00563                         } else {
00564                                 smb_set_primary_group(grp->gr_name, pdb_get_username(sam_account));
00565                         }
00566                 }
00567         }       
00568 
00569         if ( !passwd ) {
00570                 DEBUG(1, ("No unix user for this account (%s), cannot adjust mappings\n", 
00571                         pdb_get_username(sam_account)));
00572         }
00573 
00574  done:
00575         TALLOC_FREE(sam_account);
00576         return nt_ret;
00577 }

static NTSTATUS fetch_group_info ( uint32  rid,
SAM_GROUP_INFO delta 
) [static]

net_rpc_samsync.c579 行で定義されています。

参照先 UNIHDR::buffer_GROUP_MAP::commentd_printf()get_global_sam_sid()_GROUP_MAP::gidsam_group_info_info::hdr_grp_descname_GROUP_MAP::nt_namepdb_add_group_mapping_entry()pdb_getgrsid()pdb_update_group_mapping_entry()_GROUP_MAP::sidsid_append_rid()sid_copy()SID_NAME_DOM_GRP_GROUP_MAP::sid_name_usesid_to_string()smb_create_group()sam_group_info_info::uni_grp_descsam_group_info_info::uni_grp_nameunistr2_to_ascii().

参照元 fetch_sam_entry().

00580 {
00581         fstring name;
00582         fstring comment;
00583         struct group *grp = NULL;
00584         DOM_SID group_sid;
00585         fstring sid_string;
00586         GROUP_MAP map;
00587         BOOL insert = True;
00588 
00589         unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1);
00590         unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1);
00591 
00592         /* add the group to the mapping table */
00593         sid_copy(&group_sid, get_global_sam_sid());
00594         sid_append_rid(&group_sid, rid);
00595         sid_to_string(sid_string, &group_sid);
00596 
00597         if (pdb_getgrsid(&map, group_sid)) {
00598                 if ( map.gid != -1 )
00599                         grp = getgrgid(map.gid);
00600                 insert = False;
00601         }
00602 
00603         if (grp == NULL) {
00604                 gid_t gid;
00605 
00606                 /* No group found from mapping, find it from its name. */
00607                 if ((grp = getgrnam(name)) == NULL) {
00608                 
00609                         /* No appropriate group found, create one */
00610                         
00611                         d_printf("Creating unix group: '%s'\n", name);
00612                         
00613                         if (smb_create_group(name, &gid) != 0)
00614                                 return NT_STATUS_ACCESS_DENIED;
00615                                 
00616                         if ((grp = getgrnam(name)) == NULL)
00617                                 return NT_STATUS_ACCESS_DENIED;
00618                 }
00619         }
00620 
00621         map.gid = grp->gr_gid;
00622         map.sid = group_sid;
00623         map.sid_name_use = SID_NAME_DOM_GRP;
00624         fstrcpy(map.nt_name, name);
00625         if (delta->hdr_grp_desc.buffer) {
00626                 fstrcpy(map.comment, comment);
00627         } else {
00628                 fstrcpy(map.comment, "");
00629         }
00630 
00631         if (insert)
00632                 pdb_add_group_mapping_entry(&map);
00633         else
00634                 pdb_update_group_mapping_entry(&map);
00635 
00636         return NT_STATUS_OK;
00637 }

static NTSTATUS fetch_group_mem_info ( uint32  rid,
SAM_GROUP_MEM_INFO delta 
) [static]

net_rpc_samsync.c639 行で定義されています。

参照先 d_printf()get_domain_group_from_sid()get_global_sam_sid()_GROUP_MAP::gidsam_group_mem_info_info::num_memberspdb_get_group_rid()pdb_get_username()pdb_getsampwsid()sam_group_mem_info_info::ridssamu_new()sid_append_rid()sid_copy()sid_string_static()smb_add_user_group()smb_delete_user_group()ttalloc_free()talloc_init()talloc_strdup().

参照元 fetch_sam_entry().

00640 {
00641         int i;
00642         TALLOC_CTX *t = NULL;
00643         char **nt_members = NULL;
00644         char **unix_members;
00645         DOM_SID group_sid;
00646         GROUP_MAP map;
00647         struct group *grp;
00648 
00649         if (delta->num_members == 0) {
00650                 return NT_STATUS_OK;
00651         }
00652 
00653         sid_copy(&group_sid, get_global_sam_sid());
00654         sid_append_rid(&group_sid, rid);
00655 
00656         if (!get_domain_group_from_sid(group_sid, &map)) {
00657                 DEBUG(0, ("Could not find global group %d\n", rid));
00658                 return NT_STATUS_NO_SUCH_GROUP;
00659         }
00660 
00661         if (!(grp = getgrgid(map.gid))) {
00662                 DEBUG(0, ("Could not find unix group %lu\n", (unsigned long)map.gid));
00663                 return NT_STATUS_NO_SUCH_GROUP;
00664         }
00665 
00666         d_printf("Group members of %s: ", grp->gr_name);
00667 
00668         if (!(t = talloc_init("fetch_group_mem_info"))) {
00669                 DEBUG(0, ("could not talloc_init\n"));
00670                 return NT_STATUS_NO_MEMORY;
00671         }
00672 
00673         if (delta->num_members) {
00674                 if ((nt_members = TALLOC_ZERO_ARRAY(t, char *, delta->num_members)) == NULL) {
00675                         DEBUG(0, ("talloc failed\n"));
00676                         talloc_free(t);
00677                         return NT_STATUS_NO_MEMORY;
00678                 }
00679         } else {
00680                 nt_members = NULL;
00681         }
00682 
00683         for (i=0; i<delta->num_members; i++) {
00684                 struct samu *member = NULL;
00685                 DOM_SID member_sid;
00686 
00687                 if ( !(member = samu_new(t)) ) {
00688                         talloc_destroy(t);
00689                         return NT_STATUS_NO_MEMORY;
00690                 }
00691 
00692                 sid_copy(&member_sid, get_global_sam_sid());
00693                 sid_append_rid(&member_sid, delta->rids[i]);
00694 
00695                 if (!pdb_getsampwsid(member, &member_sid)) {
00696                         DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n",
00697                                   delta->rids[i], sid_string_static(&member_sid), grp->gr_name));
00698                         TALLOC_FREE(member);
00699                         continue;
00700                 }
00701 
00702                 if (pdb_get_group_rid(member) == rid) {
00703                         d_printf("%s(primary),", pdb_get_username(member));
00704                         TALLOC_FREE(member);
00705                         continue;
00706                 }
00707                 
00708                 d_printf("%s,", pdb_get_username(member));
00709                 nt_members[i] = talloc_strdup(t, pdb_get_username(member));
00710                 TALLOC_FREE(member);
00711         }
00712 
00713         d_printf("\n");
00714 
00715         unix_members = grp->gr_mem;
00716 
00717         while (*unix_members) {
00718                 BOOL is_nt_member = False;
00719                 for (i=0; i<delta->num_members; i++) {
00720                         if (nt_members[i] == NULL) {
00721                                 /* This was a primary group */
00722                                 continue;
00723                         }
00724 
00725                         if (strcmp(*unix_members, nt_members[i]) == 0) {
00726                                 is_nt_member = True;
00727                                 break;
00728                         }
00729                 }
00730                 if (!is_nt_member) {
00731                         /* We look at a unix group member that is not
00732                            an nt group member. So, remove it. NT is
00733                            boss here. */
00734                         smb_delete_user_group(grp->gr_name, *unix_members);
00735                 }
00736                 unix_members += 1;
00737         }
00738 
00739         for (i=0; i<delta->num_members; i++) {
00740                 BOOL is_unix_member = False;
00741 
00742                 if (nt_members[i] == NULL) {
00743                         /* This was the primary group */
00744                         continue;
00745                 }
00746 
00747                 unix_members = grp->gr_mem;
00748 
00749                 while (*unix_members) {
00750                         if (strcmp(*unix_members, nt_members[i]) == 0) {
00751                                 is_unix_member = True;
00752                                 break;
00753                         }
00754                         unix_members += 1;
00755                 }
00756 
00757                 if (!is_unix_member) {
00758                         /* We look at a nt group member that is not a
00759                            unix group member currently. So, add the nt
00760                            group member. */
00761                         smb_add_user_group(grp->gr_name, nt_members[i]);
00762                 }
00763         }
00764         
00765         talloc_destroy(t);
00766         return NT_STATUS_OK;
00767 }

static NTSTATUS fetch_alias_info ( uint32  rid,
SAM_ALIAS_INFO delta,
DOM_SID  dom_sid 
) [static]

net_rpc_samsync.c769 行で定義されています。

参照先 _GROUP_MAP::commentd_printf()_GROUP_MAP::gidglobal_sid_Builtinname_GROUP_MAP::nt_namepdb_add_group_mapping_entry()pdb_getgrsid()pdb_update_group_mapping_entry()_GROUP_MAP::sidsid_append_rid()sid_copy()sid_equal()SID_NAME_ALIAS_GROUP_MAP::sid_name_useSID_NAME_WKN_GRPsid_to_string()smb_create_group()sam_alias_info_info::uni_als_descsam_alias_info_info::uni_als_nameunistr2_to_ascii().

参照元 fetch_sam_entry().

00771 {
00772         fstring name;
00773         fstring comment;
00774         struct group *grp = NULL;
00775         DOM_SID alias_sid;
00776         fstring sid_string;
00777         GROUP_MAP map;
00778         BOOL insert = True;
00779 
00780         unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1);
00781         unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1);
00782 
00783         /* Find out whether the group is already mapped */
00784         sid_copy(&alias_sid, &dom_sid);
00785         sid_append_rid(&alias_sid, rid);
00786         sid_to_string(sid_string, &alias_sid);
00787 
00788         if (pdb_getgrsid(&map, alias_sid)) {
00789                 grp = getgrgid(map.gid);
00790                 insert = False;
00791         }
00792 
00793         if (grp == NULL) {
00794                 gid_t gid;
00795 
00796                 /* No group found from mapping, find it from its name. */
00797                 if ((grp = getgrnam(name)) == NULL) {
00798                         /* No appropriate group found, create one */
00799                         d_printf("Creating unix group: '%s'\n", name);
00800                         if (smb_create_group(name, &gid) != 0)
00801                                 return NT_STATUS_ACCESS_DENIED;
00802                         if ((grp = getgrgid(gid)) == NULL)
00803                                 return NT_STATUS_ACCESS_DENIED;
00804                 }
00805         }
00806 
00807         map.gid = grp->gr_gid;
00808         map.sid = alias_sid;
00809 
00810         if (sid_equal(&dom_sid, &global_sid_Builtin))
00811                 map.sid_name_use = SID_NAME_WKN_GRP;
00812         else
00813                 map.sid_name_use = SID_NAME_ALIAS;
00814 
00815         fstrcpy(map.nt_name, name);
00816         fstrcpy(map.comment, comment);
00817 
00818         if (insert)
00819                 pdb_add_group_mapping_entry(&map);
00820         else
00821                 pdb_update_group_mapping_entry(&map);
00822 
00823         return NT_STATUS_OK;
00824 }

static NTSTATUS fetch_alias_mem ( uint32  rid,
SAM_ALIAS_MEM_INFO delta,
DOM_SID  dom_sid 
) [static]

net_rpc_samsync.c826 行で定義されています。

参照元 fetch_sam_entry().

00827 {
00828         return NT_STATUS_OK;
00829 }

static NTSTATUS fetch_domain_info ( uint32  rid,
SAM_DOMAIN_INFO delta 
) [static]

net_rpc_samsync.c831 行で定義されています。

参照先 sam_domain_info_info::account_lockoutaccount_lockout_string::bad_attempt_lockoutsam_domain_info_info::force_logoffget_global_sam_name()account_lockout_string::lockout_durationsam_domain_info_info::logon_chgpasssam_domain_info_info::max_pwd_agesam_domain_info_info::min_pwd_agesam_domain_info_info::min_pwd_lenpdb_set_account_policy()printf()sam_domain_info_info::pwd_history_lenaccount_lockout_string::reset_countstrequal()uint64s_nt_time_to_unix_abs()sam_domain_info_info::uni_dom_nameunistr2_to_ascii().

参照元 fetch_sam_entry().

00832 {
00833         time_t u_max_age, u_min_age, u_logout, u_lockoutreset, u_lockouttime;
00834         NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
00835         pstring domname;
00836 
00837         u_max_age = uint64s_nt_time_to_unix_abs(&delta->max_pwd_age);
00838         u_min_age = uint64s_nt_time_to_unix_abs(&delta->min_pwd_age);
00839         u_logout = uint64s_nt_time_to_unix_abs(&delta->force_logoff);
00840         u_lockoutreset = uint64s_nt_time_to_unix_abs(&delta->account_lockout.reset_count);
00841         u_lockouttime = uint64s_nt_time_to_unix_abs(&delta->account_lockout.lockout_duration);
00842 
00843         unistr2_to_ascii(domname, &delta->uni_dom_name, sizeof(domname) - 1);
00844 
00845         /* we don't handle BUILTIN account policies */  
00846         if (!strequal(domname, get_global_sam_name())) {
00847                 printf("skipping SAM_DOMAIN_INFO delta for '%s' (is not my domain)\n", domname);
00848                 return NT_STATUS_OK;
00849         }
00850 
00851 
00852         if (!pdb_set_account_policy(AP_PASSWORD_HISTORY, delta->pwd_history_len))
00853                 return nt_status;
00854 
00855         if (!pdb_set_account_policy(AP_MIN_PASSWORD_LEN, delta->min_pwd_len))
00856                 return nt_status;
00857 
00858         if (!pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (uint32)u_max_age))
00859                 return nt_status;
00860 
00861         if (!pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (uint32)u_min_age))
00862                 return nt_status;
00863 
00864         if (!pdb_set_account_policy(AP_TIME_TO_LOGOUT, (uint32)u_logout))
00865                 return nt_status;
00866 
00867         if (!pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, delta->account_lockout.bad_attempt_lockout))
00868                 return nt_status;
00869 
00870         if (!pdb_set_account_policy(AP_RESET_COUNT_TIME, (uint32)u_lockoutreset/60))
00871                 return nt_status;
00872 
00873         if (u_lockouttime != -1)
00874                 u_lockouttime /= 60;
00875 
00876         if (!pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (uint32)u_lockouttime))
00877                 return nt_status;
00878 
00879         if (!pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, delta->logon_chgpass))
00880                 return nt_status;
00881 
00882         return NT_STATUS_OK;
00883 }

static void fetch_sam_entry ( SAM_DELTA_HDR hdr_delta,
SAM_DELTA_CTR delta,
DOM_SID  dom_sid 
) [static]

net_rpc_samsync.c886 行で定義されています。

参照先 sam_delta_ctr_info::account_infosam_delta_ctr_info::alias_infosam_delta_ctr_info::als_mem_infod_printf()sam_delta_ctr_info::domain_infofetch_account_info()fetch_alias_info()fetch_alias_mem()fetch_domain_info()fetch_group_info()fetch_group_mem_info()sam_delta_ctr_info::group_infosam_delta_ctr_info::grp_mem_infosam_delta_hdr_info::target_ridsam_delta_hdr_info::type.

参照元 fetch_database().

00888 {
00889         switch(hdr_delta->type) {
00890         case SAM_DELTA_ACCOUNT_INFO:
00891                 fetch_account_info(hdr_delta->target_rid,
00892                                    &delta->account_info);
00893                 break;
00894         case SAM_DELTA_GROUP_INFO:
00895                 fetch_group_info(hdr_delta->target_rid,
00896                                  &delta->group_info);
00897                 break;
00898         case SAM_DELTA_GROUP_MEM:
00899                 fetch_group_mem_info(hdr_delta->target_rid,
00900                                      &delta->grp_mem_info);
00901                 break;
00902         case SAM_DELTA_ALIAS_INFO:
00903                 fetch_alias_info(hdr_delta->target_rid,
00904                                  &delta->alias_info, dom_sid);
00905                 break;
00906         case SAM_DELTA_ALIAS_MEM:
00907                 fetch_alias_mem(hdr_delta->target_rid,
00908                                 &delta->als_mem_info, dom_sid);
00909                 break;
00910         case SAM_DELTA_DOMAIN_INFO:
00911                 fetch_domain_info(hdr_delta->target_rid,
00912                                 &delta->domain_info);
00913                 break;
00914         /* The following types are recognised but not handled */
00915         case SAM_DELTA_RENAME_GROUP:
00916                 d_printf("SAM_DELTA_RENAME_GROUP not handled\n");
00917                 break;
00918         case SAM_DELTA_RENAME_USER:
00919                 d_printf("SAM_DELTA_RENAME_USER not handled\n");
00920                 break;
00921         case SAM_DELTA_RENAME_ALIAS:
00922                 d_printf("SAM_DELTA_RENAME_ALIAS not handled\n");
00923                 break;
00924         case SAM_DELTA_POLICY_INFO:
00925                 d_printf("SAM_DELTA_POLICY_INFO not handled\n");
00926                 break;
00927         case SAM_DELTA_TRUST_DOMS:
00928                 d_printf("SAM_DELTA_TRUST_DOMS not handled\n");
00929                 break;
00930         case SAM_DELTA_PRIVS_INFO:
00931                 d_printf("SAM_DELTA_PRIVS_INFO not handled\n");
00932                 break;
00933         case SAM_DELTA_SECRET_INFO:
00934                 d_printf("SAM_DELTA_SECRET_INFO not handled\n");
00935                 break;
00936         case SAM_DELTA_DELETE_GROUP:
00937                 d_printf("SAM_DELTA_DELETE_GROUP not handled\n");
00938                 break;
00939         case SAM_DELTA_DELETE_USER:
00940                 d_printf("SAM_DELTA_DELETE_USER not handled\n");
00941                 break;
00942         case SAM_DELTA_MODIFIED_COUNT:
00943                 d_printf("SAM_DELTA_MODIFIED_COUNT not handled\n");
00944                 break;
00945         default:
00946                 d_printf("Unknown delta record type %d\n", hdr_delta->type);
00947                 break;
00948         }
00949 }

static NTSTATUS fetch_database ( struct rpc_pipe_client pipe_hnd,
uint32  db_type,
DOM_SID  dom_sid 
) [static]

net_rpc_samsync.c951 行で定義されています。

参照先 d_printf()fetch_sam_entry()resultrpccli_netlogon_sam_sync()SAM_DATABASE_BUILTINSAM_DATABASE_DOMAINSAM_DATABASE_PRIVStalloc_init().

参照元 rpc_vampire_internals().

00952 {
00953         uint32 sync_context = 0;
00954         NTSTATUS result;
00955         int i;
00956         TALLOC_CTX *mem_ctx;
00957         SAM_DELTA_HDR *hdr_deltas;
00958         SAM_DELTA_CTR *deltas;
00959         uint32 num_deltas;
00960 
00961         if (!(mem_ctx = talloc_init("fetch_database")))
00962                 return NT_STATUS_NO_MEMORY;
00963 
00964         switch( db_type ) {
00965         case SAM_DATABASE_DOMAIN:
00966                 d_printf("Fetching DOMAIN database\n");
00967                 break;
00968         case SAM_DATABASE_BUILTIN:
00969                 d_printf("Fetching BUILTIN database\n");
00970                 break;
00971         case SAM_DATABASE_PRIVS:
00972                 d_printf("Fetching PRIVS databases\n");
00973                 break;
00974         default:
00975                 d_printf("Fetching unknown database type %u\n", db_type );
00976                 break;
00977         }
00978 
00979         do {
00980                 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx,
00981                                                db_type, sync_context,
00982                                                &num_deltas,
00983                                                &hdr_deltas, &deltas);
00984 
00985                 if (NT_STATUS_IS_OK(result) ||
00986                     NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
00987                         for (i = 0; i < num_deltas; i++) {
00988                                 fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid);
00989                         }
00990                 } else
00991                         return result;
00992 
00993                 sync_context += 1;
00994         } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
00995 
00996         talloc_destroy(mem_ctx);
00997 
00998         return result;
00999 }

static NTSTATUS populate_ldap_for_ldif ( fstring  sid,
const char *  suffix,
const char *  builtin_sid,
FILE *  add_fd 
) [static]

net_rpc_samsync.c1001 行で定義されています。

参照先 fprintf()ldif_gidldif_uidlenlp_ldap_group_suffix()lp_ldap_idmap_suffix()lp_ldap_machine_suffix()lp_ldap_user_suffix()lp_workgroup()sstring_sub().

参照元 fetch_database_to_ldif().

01003 {
01004         const char *user_suffix, *group_suffix, *machine_suffix, *idmap_suffix;
01005         char *user_attr=NULL, *group_attr=NULL;
01006         char *suffix_attr;
01007         int len;
01008 
01009         /* Get the suffix attribute */
01010         suffix_attr = sstring_sub(suffix, '=', ',');
01011         if (suffix_attr == NULL) {
01012                 len = strlen(suffix);
01013                 suffix_attr = (char*)SMB_MALLOC(len+1);
01014                 memcpy(suffix_attr, suffix, len);
01015                 suffix_attr[len] = '\0';
01016         }
01017 
01018         /* Write the base */
01019         fprintf(add_fd, "# %s\n", suffix);
01020         fprintf(add_fd, "dn: %s\n", suffix);
01021         fprintf(add_fd, "objectClass: dcObject\n");
01022         fprintf(add_fd, "objectClass: organization\n");
01023         fprintf(add_fd, "o: %s\n", suffix_attr);
01024         fprintf(add_fd, "dc: %s\n", suffix_attr);
01025         fprintf(add_fd, "\n");
01026         fflush(add_fd);
01027 
01028         user_suffix = lp_ldap_user_suffix();
01029         if (user_suffix == NULL) {
01030                 SAFE_FREE(suffix_attr);
01031                 return NT_STATUS_NO_MEMORY;
01032         }
01033         /* If it exists and is distinct from other containers, 
01034            Write the Users entity */
01035         if (*user_suffix && strcmp(user_suffix, suffix)) {
01036                 user_attr = sstring_sub(lp_ldap_user_suffix(), '=', ',');
01037                 fprintf(add_fd, "# %s\n", user_suffix);
01038                 fprintf(add_fd, "dn: %s\n", user_suffix);
01039                 fprintf(add_fd, "objectClass: organizationalUnit\n");
01040                 fprintf(add_fd, "ou: %s\n", user_attr);
01041                 fprintf(add_fd, "\n");
01042                 fflush(add_fd);
01043         }
01044 
01045 
01046         group_suffix = lp_ldap_group_suffix();
01047         if (group_suffix == NULL) {
01048                 SAFE_FREE(suffix_attr);
01049                 SAFE_FREE(user_attr);
01050                 return NT_STATUS_NO_MEMORY;
01051         }
01052         /* If it exists and is distinct from other containers, 
01053            Write the Groups entity */
01054         if (*group_suffix && strcmp(group_suffix, suffix)) {
01055                 group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');
01056                 fprintf(add_fd, "# %s\n", group_suffix);
01057                 fprintf(add_fd, "dn: %s\n", group_suffix);
01058                 fprintf(add_fd, "objectClass: organizationalUnit\n");
01059                 fprintf(add_fd, "ou: %s\n", group_attr);
01060                 fprintf(add_fd, "\n");
01061                 fflush(add_fd);
01062         }
01063 
01064         /* If it exists and is distinct from other containers, 
01065            Write the Computers entity */
01066         machine_suffix = lp_ldap_machine_suffix();
01067         if (machine_suffix == NULL) {
01068                 SAFE_FREE(suffix_attr);
01069                 SAFE_FREE(user_attr);
01070                 SAFE_FREE(group_attr);
01071                 return NT_STATUS_NO_MEMORY;
01072         }
01073         if (*machine_suffix && strcmp(machine_suffix, user_suffix) &&
01074             strcmp(machine_suffix, suffix)) {
01075                 char *machine_ou = NULL;
01076                 fprintf(add_fd, "# %s\n", machine_suffix);
01077                 fprintf(add_fd, "dn: %s\n", machine_suffix);
01078                 fprintf(add_fd, "objectClass: organizationalUnit\n");
01079                 /* this isn't totally correct as it assumes that
01080                    there _must_ be an ou. just fixing memleak now. jmcd */
01081                 machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ',');
01082                 fprintf(add_fd, "ou: %s\n", machine_ou);
01083                 SAFE_FREE(machine_ou);
01084                 fprintf(add_fd, "\n");
01085                 fflush(add_fd);
01086         }
01087 
01088         /* If it exists and is distinct from other containers, 
01089            Write the IdMap entity */
01090         idmap_suffix = lp_ldap_idmap_suffix();
01091         if (idmap_suffix == NULL) {
01092                 SAFE_FREE(suffix_attr);
01093                 SAFE_FREE(user_attr);
01094                 SAFE_FREE(group_attr);
01095                 return NT_STATUS_NO_MEMORY;
01096         }
01097         if (*idmap_suffix &&
01098             strcmp(idmap_suffix, user_suffix) &&
01099             strcmp(idmap_suffix, suffix)) {
01100                 char *s;
01101                 fprintf(add_fd, "# %s\n", idmap_suffix);
01102                 fprintf(add_fd, "dn: %s\n", idmap_suffix);
01103                 fprintf(add_fd, "ObjectClass: organizationalUnit\n");
01104                 s = sstring_sub(lp_ldap_idmap_suffix(), '=', ',');
01105                 fprintf(add_fd, "ou: %s\n", s);
01106                 SAFE_FREE(s);
01107                 fprintf(add_fd, "\n");
01108                 fflush(add_fd);
01109         }
01110 
01111         /* Write the domain entity */
01112         fprintf(add_fd, "# %s, %s\n", lp_workgroup(), suffix);
01113         fprintf(add_fd, "dn: sambaDomainName=%s,%s\n", lp_workgroup(),
01114                 suffix);
01115         fprintf(add_fd, "objectClass: sambaDomain\n");
01116         fprintf(add_fd, "objectClass: sambaUnixIdPool\n");
01117         fprintf(add_fd, "sambaDomainName: %s\n", lp_workgroup());
01118         fprintf(add_fd, "sambaSID: %s\n", sid);
01119         fprintf(add_fd, "uidNumber: %d\n", ++ldif_uid);
01120         fprintf(add_fd, "gidNumber: %d\n", ++ldif_gid);
01121         fprintf(add_fd, "\n");
01122         fflush(add_fd);
01123 
01124         /* Write the Domain Admins entity */ 
01125         fprintf(add_fd, "# Domain Admins, %s, %s\n", group_attr,
01126                 suffix);
01127         fprintf(add_fd, "dn: cn=Domain Admins,ou=%s,%s\n", group_attr,
01128                 suffix);
01129         fprintf(add_fd, "objectClass: posixGroup\n");
01130         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01131         fprintf(add_fd, "cn: Domain Admins\n");
01132         fprintf(add_fd, "memberUid: Administrator\n");
01133         fprintf(add_fd, "description: Netbios Domain Administrators\n");
01134         fprintf(add_fd, "gidNumber: 512\n");
01135         fprintf(add_fd, "sambaSID: %s-512\n", sid);
01136         fprintf(add_fd, "sambaGroupType: 2\n");
01137         fprintf(add_fd, "displayName: Domain Admins\n");
01138         fprintf(add_fd, "\n");
01139         fflush(add_fd);
01140 
01141         /* Write the Domain Users entity */ 
01142         fprintf(add_fd, "# Domain Users, %s, %s\n", group_attr,
01143                 suffix);
01144         fprintf(add_fd, "dn: cn=Domain Users,ou=%s,%s\n", group_attr,
01145                 suffix);
01146         fprintf(add_fd, "objectClass: posixGroup\n");
01147         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01148         fprintf(add_fd, "cn: Domain Users\n");
01149         fprintf(add_fd, "description: Netbios Domain Users\n");
01150         fprintf(add_fd, "gidNumber: 513\n");
01151         fprintf(add_fd, "sambaSID: %s-513\n", sid);
01152         fprintf(add_fd, "sambaGroupType: 2\n");
01153         fprintf(add_fd, "displayName: Domain Users\n");
01154         fprintf(add_fd, "\n");
01155         fflush(add_fd);
01156 
01157         /* Write the Domain Guests entity */ 
01158         fprintf(add_fd, "# Domain Guests, %s, %s\n", group_attr,
01159                 suffix);
01160         fprintf(add_fd, "dn: cn=Domain Guests,ou=%s,%s\n", group_attr,
01161                 suffix);
01162         fprintf(add_fd, "objectClass: posixGroup\n");
01163         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01164         fprintf(add_fd, "cn: Domain Guests\n");
01165         fprintf(add_fd, "description: Netbios Domain Guests\n");
01166         fprintf(add_fd, "gidNumber: 514\n");
01167         fprintf(add_fd, "sambaSID: %s-514\n", sid);
01168         fprintf(add_fd, "sambaGroupType: 2\n");
01169         fprintf(add_fd, "displayName: Domain Guests\n");
01170         fprintf(add_fd, "\n");
01171         fflush(add_fd);
01172 
01173         /* Write the Domain Computers entity */
01174         fprintf(add_fd, "# Domain Computers, %s, %s\n", group_attr,
01175                 suffix);
01176         fprintf(add_fd, "dn: cn=Domain Computers,ou=%s,%s\n",
01177                 group_attr, suffix);
01178         fprintf(add_fd, "objectClass: posixGroup\n");
01179         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01180         fprintf(add_fd, "gidNumber: 515\n");
01181         fprintf(add_fd, "cn: Domain Computers\n");
01182         fprintf(add_fd, "description: Netbios Domain Computers accounts\n");
01183         fprintf(add_fd, "sambaSID: %s-515\n", sid);
01184         fprintf(add_fd, "sambaGroupType: 2\n");
01185         fprintf(add_fd, "displayName: Domain Computers\n");
01186         fprintf(add_fd, "\n");
01187         fflush(add_fd);
01188 
01189         /* Write the Admininistrators Groups entity */
01190         fprintf(add_fd, "# Administrators, %s, %s\n", group_attr,
01191                 suffix);
01192         fprintf(add_fd, "dn: cn=Administrators,ou=%s,%s\n", group_attr,
01193                 suffix);
01194         fprintf(add_fd, "objectClass: posixGroup\n");
01195         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01196         fprintf(add_fd, "gidNumber: 544\n");
01197         fprintf(add_fd, "cn: Administrators\n");
01198         fprintf(add_fd, "description: Netbios Domain Members can fully administer the computer/sambaDomainName\n");
01199         fprintf(add_fd, "sambaSID: %s-544\n", builtin_sid);
01200         fprintf(add_fd, "sambaGroupType: 5\n");
01201         fprintf(add_fd, "displayName: Administrators\n");
01202         fprintf(add_fd, "\n");
01203 
01204         /* Write the Print Operator entity */
01205         fprintf(add_fd, "# Print Operators, %s, %s\n", group_attr,
01206                 suffix);
01207         fprintf(add_fd, "dn: cn=Print Operators,ou=%s,%s\n",
01208                 group_attr, suffix);
01209         fprintf(add_fd, "objectClass: posixGroup\n");
01210         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01211         fprintf(add_fd, "gidNumber: 550\n");
01212         fprintf(add_fd, "cn: Print Operators\n");
01213         fprintf(add_fd, "description: Netbios Domain Print Operators\n");
01214         fprintf(add_fd, "sambaSID: %s-550\n", builtin_sid);
01215         fprintf(add_fd, "sambaGroupType: 5\n");
01216         fprintf(add_fd, "displayName: Print Operators\n");
01217         fprintf(add_fd, "\n");
01218         fflush(add_fd);
01219 
01220         /* Write the Backup Operators entity */
01221         fprintf(add_fd, "# Backup Operators, %s, %s\n", group_attr,
01222                 suffix);
01223         fprintf(add_fd, "dn: cn=Backup Operators,ou=%s,%s\n",
01224                 group_attr, suffix);
01225         fprintf(add_fd, "objectClass: posixGroup\n");
01226         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01227         fprintf(add_fd, "gidNumber: 551\n");
01228         fprintf(add_fd, "cn: Backup Operators\n");
01229         fprintf(add_fd, "description: Netbios Domain Members can bypass file security to back up files\n");
01230         fprintf(add_fd, "sambaSID: %s-551\n", builtin_sid);
01231         fprintf(add_fd, "sambaGroupType: 5\n");
01232         fprintf(add_fd, "displayName: Backup Operators\n");
01233         fprintf(add_fd, "\n");
01234         fflush(add_fd);
01235 
01236         /* Write the Replicators entity */
01237         fprintf(add_fd, "# Replicators, %s, %s\n", group_attr, suffix);
01238         fprintf(add_fd, "dn: cn=Replicators,ou=%s,%s\n", group_attr,
01239                 suffix);
01240         fprintf(add_fd, "objectClass: posixGroup\n");
01241         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01242         fprintf(add_fd, "gidNumber: 552\n");
01243         fprintf(add_fd, "cn: Replicators\n");
01244         fprintf(add_fd, "description: Netbios Domain Supports file replication in a sambaDomainName\n");
01245         fprintf(add_fd, "sambaSID: %s-552\n", builtin_sid);
01246         fprintf(add_fd, "sambaGroupType: 5\n");
01247         fprintf(add_fd, "displayName: Replicators\n");
01248         fprintf(add_fd, "\n");
01249         fflush(add_fd);
01250 
01251         /* Deallocate memory, and return */
01252         SAFE_FREE(suffix_attr);
01253         SAFE_FREE(user_attr);
01254         SAFE_FREE(group_attr);
01255         return NT_STATUS_OK;
01256 }

static NTSTATUS map_populate_groups ( GROUPMAP groupmap,
ACCOUNTMAP accountmap,
fstring  sid,
const char *  suffix,
const char *  builtin_sid 
) [static]

net_rpc_samsync.c1258 行で定義されています。

参照先 _groupmap::gidNumberlp_ldap_group_suffix()pstr_sprintf()_accountmap::rid_groupmap::ridsstring_sub().

参照元 fetch_database_to_ldif().

01260 {
01261         char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');
01262 
01263         /* Map the groups created by populate_ldap_for_ldif */
01264         groupmap[0].rid = 512;
01265         groupmap[0].gidNumber = 512;
01266         pstr_sprintf(groupmap[0].sambaSID, "%s-512", sid);
01267         pstr_sprintf(groupmap[0].group_dn, "cn=Domain Admins,ou=%s,%s", 
01268                      group_attr, suffix);
01269         accountmap[0].rid = 512;
01270         pstr_sprintf(accountmap[0].cn, "%s", "Domain Admins");
01271 
01272         groupmap[1].rid = 513;
01273         groupmap[1].gidNumber = 513;
01274         pstr_sprintf(groupmap[1].sambaSID, "%s-513", sid);
01275         pstr_sprintf(groupmap[1].group_dn, "cn=Domain Users,ou=%s,%s", 
01276                      group_attr, suffix);
01277         accountmap[1].rid = 513;
01278         pstr_sprintf(accountmap[1].cn, "%s", "Domain Users");
01279 
01280         groupmap[2].rid = 514;
01281         groupmap[2].gidNumber = 514;
01282         pstr_sprintf(groupmap[2].sambaSID, "%s-514", sid);
01283         pstr_sprintf(groupmap[2].group_dn, "cn=Domain Guests,ou=%s,%s", 
01284                      group_attr, suffix);
01285         accountmap[2].rid = 514;
01286         pstr_sprintf(accountmap[2].cn, "%s", "Domain Guests");
01287 
01288         groupmap[3].rid = 515;
01289         groupmap[3].gidNumber = 515;
01290         pstr_sprintf(groupmap[3].sambaSID, "%s-515", sid);
01291         pstr_sprintf(groupmap[3].group_dn, "cn=Domain Computers,ou=%s,%s",
01292                      group_attr, suffix);
01293         accountmap[3].rid = 515;
01294         pstr_sprintf(accountmap[3].cn, "%s", "Domain Computers");
01295 
01296         groupmap[4].rid = 544;
01297         groupmap[4].gidNumber = 544;
01298         pstr_sprintf(groupmap[4].sambaSID, "%s-544", builtin_sid);
01299         pstr_sprintf(groupmap[4].group_dn, "cn=Administrators,ou=%s,%s",
01300                      group_attr, suffix);
01301         accountmap[4].rid = 515;
01302         pstr_sprintf(accountmap[4].cn, "%s", "Administrators");
01303 
01304         groupmap[5].rid = 550;
01305         groupmap[5].gidNumber = 550;
01306         pstr_sprintf(groupmap[5].sambaSID, "%s-550", builtin_sid);
01307         pstr_sprintf(groupmap[5].group_dn, "cn=Print Operators,ou=%s,%s",
01308                      group_attr, suffix);
01309         accountmap[5].rid = 550;
01310         pstr_sprintf(accountmap[5].cn, "%s", "Print Operators");
01311 
01312         groupmap[6].rid = 551;
01313         groupmap[6].gidNumber = 551;
01314         pstr_sprintf(groupmap[6].sambaSID, "%s-551", builtin_sid);
01315         pstr_sprintf(groupmap[6].group_dn, "cn=Backup Operators,ou=%s,%s",
01316                      group_attr, suffix);
01317         accountmap[6].rid = 551;
01318         pstr_sprintf(accountmap[6].cn, "%s", "Backup Operators");
01319 
01320         groupmap[7].rid = 552;
01321         groupmap[7].gidNumber = 552;
01322         pstr_sprintf(groupmap[7].sambaSID, "%s-552", builtin_sid);
01323         pstr_sprintf(groupmap[7].group_dn, "cn=Replicators,ou=%s,%s",
01324                      group_attr, suffix);
01325         accountmap[7].rid = 551;
01326         pstr_sprintf(accountmap[7].cn, "%s", "Replicators");
01327         SAFE_FREE(group_attr);
01328         return NT_STATUS_OK;
01329 }

static int fprintf_attr ( FILE *  add_fd,
const char *  attr_name,
const char *  fmt,
  ... 
) [static]

net_rpc_samsync.c1336 行で定義されています。

参照先 base64_encode_data_blob()data_blob_::datafprintf()data_blob_::lengthtalloc_vasprintf().

参照元 fetch_account_info_to_ldif()fetch_alias_info_to_ldif()fetch_group_info_to_ldif().

01338 {
01339         va_list ap;
01340         char *value, *p, *base64;
01341         DATA_BLOB base64_blob;
01342         BOOL do_base64 = False;
01343         int res;
01344 
01345         va_start(ap, fmt);
01346         value = talloc_vasprintf(NULL, fmt, ap);
01347         va_end(ap);
01348 
01349         SMB_ASSERT(value != NULL);
01350 
01351         for (p=value; *p; p++) {
01352                 if (*p & 0x80) {
01353                         do_base64 = True;
01354                         break;
01355                 }
01356         }
01357 
01358         if (!do_base64) {
01359                 BOOL only_whitespace = True;
01360                 for (p=value; *p; p++) {
01361                         /*
01362                          * I know that this not multibyte safe, but we break
01363                          * on the first non-whitespace character anyway.
01364                          */
01365                         if (!isspace(*p)) {
01366                                 only_whitespace = False;
01367                                 break;
01368                         }
01369                 }
01370                 if (only_whitespace) {
01371                         do_base64 = True;
01372                 }
01373         }
01374 
01375         if (!do_base64) {
01376                 res = fprintf(add_fd, "%s: %s\n", attr_name, value);
01377                 TALLOC_FREE(value);
01378                 return res;
01379         }
01380 
01381         base64_blob.data = (unsigned char *)value;
01382         base64_blob.length = strlen(value);
01383 
01384         base64 = base64_encode_data_blob(base64_blob);
01385         SMB_ASSERT(base64 != NULL);
01386 
01387         res = fprintf(add_fd, "%s:: %s\n", attr_name, base64);
01388         TALLOC_FREE(value);
01389         SAFE_FREE(base64);
01390         return res;
01391 }

static NTSTATUS fetch_group_info_to_ldif ( SAM_DELTA_CTR delta,
GROUPMAP groupmap,
FILE *  add_fd,
fstring  sid,
char *  suffix 
) [static]

net_rpc_samsync.c1393 行で定義されています。

参照先 fprintf()fprintf_attr()DOM_GID::g_ridsam_group_info_info::gid_groupmap::gidNumber_groupmap::group_dnsam_delta_ctr_info::group_infoldif_gidlp_ldap_group_suffix()pstr_sprintf()_groupmap::rid_groupmap::sambaSIDsstring_sub()sam_group_info_info::uni_grp_nameunistr2_to_ascii().

参照元 fetch_database_to_ldif().

01395 {
01396         fstring groupname;
01397         uint32 grouptype = 0, g_rid = 0;
01398         char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');
01399 
01400         /* Get the group name */
01401         unistr2_to_ascii(groupname, 
01402                          &(delta->group_info.uni_grp_name),
01403                          sizeof(groupname)-1);
01404 
01405         /* Set up the group type (always 2 for group info) */
01406         grouptype = 2;
01407 
01408         /* These groups are entered by populate_ldap_for_ldif */
01409         if (strcmp(groupname, "Domain Admins") == 0 ||
01410             strcmp(groupname, "Domain Users") == 0 ||
01411             strcmp(groupname, "Domain Guests") == 0 ||
01412             strcmp(groupname, "Domain Computers") == 0 ||
01413             strcmp(groupname, "Administrators") == 0 ||
01414             strcmp(groupname, "Print Operators") == 0 ||
01415             strcmp(groupname, "Backup Operators") == 0 ||
01416             strcmp(groupname, "Replicators") == 0) {
01417                 SAFE_FREE(group_attr);
01418                 return NT_STATUS_OK;
01419         } else {
01420                 /* Increment the gid for the new group */
01421                 ldif_gid++;
01422         }
01423 
01424         /* Map the group rid, gid, and dn */
01425         g_rid = delta->group_info.gid.g_rid;
01426         groupmap->rid = g_rid;
01427         groupmap->gidNumber = ldif_gid;
01428         pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid);
01429         pstr_sprintf(groupmap->group_dn, 
01430                      "cn=%s,ou=%s,%s", groupname, group_attr, suffix);
01431 
01432         /* Write the data to the temporary add ldif file */
01433         fprintf(add_fd, "# %s, %s, %s\n", groupname, group_attr,
01434                 suffix);
01435         fprintf_attr(add_fd, "dn", "cn=%s,ou=%s,%s", groupname, group_attr,
01436                      suffix);
01437         fprintf(add_fd, "objectClass: posixGroup\n");
01438         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01439         fprintf_attr(add_fd, "cn", "%s", groupname);
01440         fprintf(add_fd, "gidNumber: %d\n", ldif_gid);
01441         fprintf(add_fd, "sambaSID: %s\n", groupmap->sambaSID);
01442         fprintf(add_fd, "sambaGroupType: %d\n", grouptype);
01443         fprintf_attr(add_fd, "displayName", "%s", groupname);
01444         fprintf(add_fd, "\n");
01445         fflush(add_fd);
01446 
01447         SAFE_FREE(group_attr);
01448         /* Return */
01449         return NT_STATUS_OK;
01450 }

static NTSTATUS fetch_account_info_to_ldif ( SAM_DELTA_CTR delta,
GROUPMAP groupmap,
ACCOUNTMAP accountmap,
FILE *  add_fd,
fstring  sid,
char *  suffix,
int  alloced 
) [static]

net_rpc_samsync.c1452 行で定義されています。

参照先 sam_account_info_info::acb_infosam_delta_ctr_info::account_infosam_passwd_info::buf_lm_pwdsam_passwd_info::buf_nt_pwd_accountmap::cndescriptionflagsfprintf()fprintf_attr()_groupmap::gidNumbersam_account_info_info::group_ridldif_uidlp_ldap_machine_suffix()lp_ldap_user_suffix()nt_time_to_unix()sam_account_info_info::passpdb_encode_acct_ctrl()pdb_sethexpwd()pstr_sprintf()sam_account_info_info::pwd_last_set_time_accountmap::ridsam_pwd_hash()sstring_sub()sam_account_info_info::uni_acct_descsam_account_info_info::uni_acct_namesam_account_info_info::uni_dir_drivesam_account_info_info::uni_full_namesam_account_info_info::uni_home_dirsam_account_info_info::uni_logon_scriptsam_account_info_info::uni_profileunistr2_to_ascii()sam_account_info_info::user_ridusername.

参照元 fetch_database_to_ldif().

01458 {
01459         fstring username, logonscript, homedrive, homepath = "", homedir = "";
01460         fstring hex_nt_passwd, hex_lm_passwd;
01461         fstring description, profilepath, fullname, sambaSID;
01462         uchar lm_passwd[16], nt_passwd[16];
01463         char *flags, *user_rdn;
01464         const char *ou;
01465         const char* nopasswd = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
01466         static uchar zero_buf[16];
01467         uint32 rid = 0, group_rid = 0, gidNumber = 0;
01468         time_t unix_time;
01469         int i;
01470 
01471         /* Get the username */
01472         unistr2_to_ascii(username, 
01473                          &(delta->account_info.uni_acct_name),
01474                          sizeof(username)-1);
01475 
01476         /* Get the rid */
01477         rid = delta->account_info.user_rid;
01478 
01479         /* Map the rid and username for group member info later */
01480         accountmap->rid = rid;
01481         pstr_sprintf(accountmap->cn, "%s", username);
01482 
01483         /* Get the home directory */
01484         if (delta->account_info.acb_info & ACB_NORMAL) {
01485                 unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir),
01486                                  sizeof(homedir)-1);
01487                 if (!*homedir) {
01488                         pstr_sprintf(homedir, "/home/%s", username);
01489                 } else {
01490                         pstr_sprintf(homedir, "/nobodyshomedir");
01491                 }
01492                 ou = lp_ldap_user_suffix();
01493         } else {
01494                 ou = lp_ldap_machine_suffix();
01495                 pstr_sprintf(homedir, "/machinehomedir");
01496         }
01497 
01498         /* Get the logon script */
01499         unistr2_to_ascii(logonscript, &(delta->account_info.uni_logon_script),
01500                          sizeof(logonscript)-1);
01501 
01502         /* Get the home drive */
01503         unistr2_to_ascii(homedrive, &(delta->account_info.uni_dir_drive),
01504                          sizeof(homedrive)-1);
01505 
01506         /* Get the home path */
01507         unistr2_to_ascii(homepath, &(delta->account_info.uni_home_dir),
01508                          sizeof(homepath)-1);
01509 
01510         /* Get the description */
01511         unistr2_to_ascii(description, &(delta->account_info.uni_acct_desc),
01512                          sizeof(description)-1);
01513 
01514         /* Get the display name */
01515         unistr2_to_ascii(fullname, &(delta->account_info.uni_full_name),
01516                          sizeof(fullname)-1);
01517 
01518         /* Get the profile path */
01519         unistr2_to_ascii(profilepath, &(delta->account_info.uni_profile),
01520                          sizeof(profilepath)-1);
01521 
01522         /* Get lm and nt password data */
01523         if (memcmp(delta->account_info.pass.buf_lm_pwd, zero_buf, 16) != 0) {
01524                 sam_pwd_hash(delta->account_info.user_rid, 
01525                              delta->account_info.pass.buf_lm_pwd, 
01526                              lm_passwd, 0);
01527                 pdb_sethexpwd(hex_lm_passwd, lm_passwd, 
01528                               delta->account_info.acb_info);
01529         } else {
01530                 pdb_sethexpwd(hex_lm_passwd, NULL, 0);
01531         }
01532         if (memcmp(delta->account_info.pass.buf_nt_pwd, zero_buf, 16) != 0) {
01533                 sam_pwd_hash(delta->account_info.user_rid, 
01534                              delta->account_info.pass.buf_nt_pwd, 
01535                              nt_passwd, 0);
01536                 pdb_sethexpwd(hex_nt_passwd, nt_passwd, 
01537                               delta->account_info.acb_info);
01538         } else {
01539                 pdb_sethexpwd(hex_nt_passwd, NULL, 0);
01540         }
01541         unix_time = nt_time_to_unix(delta->account_info.pwd_last_set_time);
01542 
01543         /* Increment the uid for the new user */
01544         ldif_uid++;
01545 
01546         /* Set up group id and sambaSID for the user */
01547         group_rid = delta->account_info.group_rid;
01548         for (i=0; i<alloced; i++) {
01549                 if (groupmap[i].rid == group_rid) break;
01550         }
01551         if (i == alloced){
01552                 DEBUG(1, ("Could not find rid %d in groupmap array\n", 
01553                           group_rid));
01554                 return NT_STATUS_UNSUCCESSFUL;
01555         }
01556         gidNumber = groupmap[i].gidNumber;
01557         pstr_sprintf(sambaSID, groupmap[i].sambaSID);
01558 
01559         /* Set up sambaAcctFlags */
01560         flags = pdb_encode_acct_ctrl(delta->account_info.acb_info,
01561                                      NEW_PW_FORMAT_SPACE_PADDED_LEN);
01562 
01563         /* Add the user to the temporary add ldif file */
01564         /* this isn't quite right...we can't assume there's just OU=. jmcd */
01565         user_rdn = sstring_sub(ou, '=', ',');
01566         fprintf(add_fd, "# %s, %s, %s\n", username, user_rdn, suffix);
01567         fprintf_attr(add_fd, "dn", "uid=%s,ou=%s,%s", username, user_rdn,
01568                      suffix);
01569         SAFE_FREE(user_rdn);
01570         fprintf(add_fd, "ObjectClass: top\n");
01571         fprintf(add_fd, "objectClass: inetOrgPerson\n");
01572         fprintf(add_fd, "objectClass: posixAccount\n");
01573         fprintf(add_fd, "objectClass: shadowAccount\n");
01574         fprintf(add_fd, "objectClass: sambaSamAccount\n");
01575         fprintf_attr(add_fd, "cn", "%s", username);
01576         fprintf_attr(add_fd, "sn", "%s", username);
01577         fprintf_attr(add_fd, "uid", "%s", username);
01578         fprintf(add_fd, "uidNumber: %d\n", ldif_uid);
01579         fprintf(add_fd, "gidNumber: %d\n", gidNumber);
01580         fprintf_attr(add_fd, "homeDirectory", "%s", homedir);
01581         if (*homepath)
01582                 fprintf_attr(add_fd, "sambaHomePath", "%s", homepath);
01583         if (*homedrive)
01584                 fprintf_attr(add_fd, "sambaHomeDrive", "%s", homedrive);
01585         if (*logonscript)
01586                 fprintf_attr(add_fd, "sambaLogonScript", "%s", logonscript);
01587         fprintf(add_fd, "loginShell: %s\n", 
01588                 ((delta->account_info.acb_info & ACB_NORMAL) ?
01589                  "/bin/bash" : "/bin/false"));
01590         fprintf(add_fd, "gecos: System User\n");
01591         if (*description)
01592                 fprintf_attr(add_fd, "description", "%s", description);
01593         fprintf(add_fd, "sambaSID: %s-%d\n", sid, rid);
01594         fprintf(add_fd, "sambaPrimaryGroupSID: %s\n", sambaSID);
01595         if(*fullname)
01596                 fprintf_attr(add_fd, "displayName", "%s", fullname);
01597         if(*profilepath)
01598                 fprintf_attr(add_fd, "sambaProfilePath", "%s", profilepath);
01599         if (strcmp(nopasswd, hex_lm_passwd) != 0)
01600                 fprintf(add_fd, "sambaLMPassword: %s\n", hex_lm_passwd);
01601         if (strcmp(nopasswd, hex_nt_passwd) != 0)
01602                 fprintf(add_fd, "sambaNTPassword: %s\n", hex_nt_passwd);
01603         fprintf(add_fd, "sambaPwdLastSet: %d\n", (int)unix_time);
01604         fprintf(add_fd, "sambaAcctFlags: %s\n", flags);
01605         fprintf(add_fd, "\n");
01606         fflush(add_fd);
01607 
01608         /* Return */
01609         return NT_STATUS_OK;
01610 }

static NTSTATUS fetch_alias_info_to_ldif ( SAM_DELTA_CTR delta,
GROUPMAP groupmap,
FILE *  add_fd,
fstring  sid,
char *  suffix,
unsigned  db_type 
) [static]

net_rpc_samsync.c1612 行で定義されています。

参照先 sam_delta_ctr_info::alias_infodescriptionfprintf()fprintf_attr()DOM_GID::g_ridsam_group_info_info::gid_groupmap::gidNumbersam_delta_ctr_info::group_infoldif_gidlp_ldap_group_suffix()pstr_sprintf()SAM_DATABASE_BUILTINSAM_DATABASE_DOMAIN_groupmap::sambaSIDsstring_sub()sam_alias_info_info::uni_als_descsam_alias_info_info::uni_als_nameunistr2_to_ascii().

参照元 fetch_database_to_ldif().

01617 {
01618         fstring aliasname, description;
01619         uint32 grouptype = 0, g_rid = 0;
01620         char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');
01621 
01622         /* Get the alias name */
01623         unistr2_to_ascii(aliasname, &(delta->alias_info.uni_als_name),
01624                          sizeof(aliasname)-1);
01625 
01626         /* Get the alias description */
01627         unistr2_to_ascii(description, &(delta->alias_info.uni_als_desc),
01628                          sizeof(description)-1);
01629 
01630         /* Set up the group type */
01631         switch (db_type) {
01632         case SAM_DATABASE_DOMAIN:
01633                 grouptype = 4;
01634                 break;
01635         case SAM_DATABASE_BUILTIN:
01636                 grouptype = 5;
01637                 break;
01638         default:
01639                 grouptype = 4;
01640                 break;
01641         }
01642 
01643         /*
01644           These groups are entered by populate_ldap_for_ldif
01645           Note that populate creates a group called Relicators, 
01646           but NT returns a group called Replicator
01647         */
01648         if (strcmp(aliasname, "Domain Admins") == 0 ||
01649             strcmp(aliasname, "Domain Users") == 0 ||
01650             strcmp(aliasname, "Domain Guests") == 0 ||
01651             strcmp(aliasname, "Domain Computers") == 0 ||
01652             strcmp(aliasname, "Administrators") == 0 ||
01653             strcmp(aliasname, "Print Operators") == 0 ||
01654             strcmp(aliasname, "Backup Operators") == 0 ||
01655             strcmp(aliasname, "Replicator") == 0) {
01656                 SAFE_FREE(group_attr);
01657                 return NT_STATUS_OK;
01658         } else {
01659                 /* Increment the gid for the new group */
01660                 ldif_gid++;
01661         }
01662 
01663         /* Map the group rid and gid */
01664         g_rid = delta->group_info.gid.g_rid;
01665         groupmap->gidNumber = ldif_gid;
01666         pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid);
01667 
01668         /* Write the data to the temporary add ldif file */
01669         fprintf(add_fd, "# %s, %s, %s\n", aliasname, group_attr,
01670                 suffix);
01671         fprintf_attr(add_fd, "dn", "cn=%s,ou=%s,%s", aliasname, group_attr,
01672                      suffix);
01673         fprintf(add_fd, "objectClass: posixGroup\n");
01674         fprintf(add_fd, "objectClass: sambaGroupMapping\n");
01675         fprintf(add_fd, "cn: %s\n", aliasname);
01676         fprintf(add_fd, "gidNumber: %d\n", ldif_gid);
01677         fprintf(add_fd, "sambaSID: %s\n", groupmap->sambaSID);
01678         fprintf(add_fd, "sambaGroupType: %d\n", grouptype);
01679         fprintf_attr(add_fd, "displayName", "%s", aliasname);
01680         if (description[0])
01681                 fprintf_attr(add_fd, "description", "%s", description);
01682         fprintf(add_fd, "\n");
01683         fflush(add_fd);
01684 
01685         SAFE_FREE(group_attr);
01686         /* Return */
01687         return NT_STATUS_OK;
01688 }

static NTSTATUS fetch_groupmem_info_to_ldif ( SAM_DELTA_CTR delta,
SAM_DELTA_HDR hdr_delta,
GROUPMAP groupmap,
ACCOUNTMAP accountmap,
FILE *  mod_fd,
int  alloced 
) [static]

net_rpc_samsync.c1690 行で定義されています。

参照先 fprintf()sam_delta_ctr_info::grp_mem_infosam_group_mem_info_info::num_memberspstr_sprintf()sam_group_mem_info_info::ridssam_delta_hdr_info::target_rid.

参照元 fetch_database_to_ldif().

01695 {
01696         fstring group_dn;
01697         uint32 group_rid = 0, rid = 0;
01698         int i, j, k;
01699 
01700         /* Get the dn for the group */
01701         if (delta->grp_mem_info.num_members > 0) {
01702                 group_rid = hdr_delta->target_rid;
01703                 for (j=0; j<alloced; j++) {
01704                         if (groupmap[j].rid == group_rid) break;
01705                 }
01706                 if (j == alloced){
01707                         DEBUG(1, ("Could not find rid %d in groupmap array\n", 
01708                                   group_rid));
01709                         return NT_STATUS_UNSUCCESSFUL;
01710                 }
01711                 pstr_sprintf(group_dn, "%s", groupmap[j].group_dn);
01712                 fprintf(mod_fd, "dn: %s\n", group_dn);
01713 
01714                 /* Get the cn for each member */
01715                 for (i=0; i<delta->grp_mem_info.num_members; i++) {
01716                         rid = delta->grp_mem_info.rids[i];
01717                         for (k=0; k<alloced; k++) {
01718                                 if (accountmap[k].rid == rid) break;
01719                         }
01720                         if (k == alloced){
01721                                 DEBUG(1, ("Could not find rid %d in "
01722                                           "accountmap array\n", rid));
01723                                 return NT_STATUS_UNSUCCESSFUL;
01724                         }
01725                         fprintf(mod_fd, "memberUid: %s\n", accountmap[k].cn);
01726                 }
01727                 fprintf(mod_fd, "\n");
01728         }
01729         fflush(mod_fd);
01730 
01731         /* Return */
01732         return NT_STATUS_OK;
01733 }

static NTSTATUS fetch_database_to_ldif ( struct rpc_pipe_client pipe_hnd,
uint32  db_type,
DOM_SID  dom_sid,
const char *  user_file 
) [static]

net_rpc_samsync.c1735 行で定義されています。

参照先 add_name()d_fprintf()errnofetch_account_info_to_ldif()fetch_alias_info_to_ldif()fetch_group_info_to_ldif()fetch_groupmem_info_to_ldif()fprintf()init_ldaplp_workgroup()map_populate_groups()populate_ldap_for_ldif()resultrpccli_netlogon_sam_sync()SAM_DATABASE_BUILTINSAM_DATABASE_DOMAINSAM_DATABASE_PRIVSsid_to_string()smb_mkstemp()strerror()talloc_init()talloc_strdup()transfer_file()typeunistr2_to_ascii().

参照元 rpc_vampire_internals().

01739 {
01740         char *suffix;
01741         const char *builtin_sid = "S-1-5-32";
01742         char *add_name = NULL, *mod_name = NULL;
01743         const char *add_template = "/tmp/add.ldif.XXXXXX";
01744         const char *mod_template = "/tmp/mod.ldif.XXXXXX";
01745         fstring sid, domainname;
01746         uint32 sync_context = 0;
01747         NTSTATUS ret = NT_STATUS_OK, result;
01748         int k;
01749         TALLOC_CTX *mem_ctx;
01750         SAM_DELTA_HDR *hdr_deltas;
01751         SAM_DELTA_CTR *deltas;
01752         uint32 num_deltas;
01753         FILE *add_file = NULL, *mod_file = NULL, *ldif_file = NULL;
01754         int num_alloced = 0, g_index = 0, a_index = 0;
01755 
01756         /* Set up array for mapping accounts to groups */
01757         /* Array element is the group rid */
01758         GROUPMAP *groupmap = NULL;
01759 
01760         /* Set up array for mapping account rid's to cn's */
01761         /* Array element is the account rid */
01762         ACCOUNTMAP *accountmap = NULL; 
01763 
01764         if (!(mem_ctx = talloc_init("fetch_database"))) {
01765                 return NT_STATUS_NO_MEMORY;
01766         }
01767 
01768         /* Ensure we have an output file */
01769         if (user_file)
01770                 ldif_file = fopen(user_file, "a");
01771         else
01772                 ldif_file = stdout;
01773 
01774         if (!ldif_file) {
01775                 fprintf(stderr, "Could not open %s\n", user_file);
01776                 DEBUG(1, ("Could not open %s\n", user_file));
01777                 ret = NT_STATUS_UNSUCCESSFUL;
01778                 goto done;
01779         }
01780 
01781         add_name = talloc_strdup(mem_ctx, add_template);
01782         mod_name = talloc_strdup(mem_ctx, mod_template);
01783         if (!add_name || !mod_name) {
01784                 ret = NT_STATUS_NO_MEMORY;
01785                 goto done;
01786         }
01787 
01788         /* Open the add and mod ldif files */
01789         if (!(add_file = fdopen(smb_mkstemp(add_name),"w"))) {
01790                 DEBUG(1, ("Could not open %s\n", add_name));
01791                 ret = NT_STATUS_UNSUCCESSFUL;
01792                 goto done;
01793         }
01794         if (!(mod_file = fdopen(smb_mkstemp(mod_name),"w"))) {
01795                 DEBUG(1, ("Could not open %s\n", mod_name));
01796                 ret = NT_STATUS_UNSUCCESSFUL;
01797                 goto done;
01798         } 
01799 
01800         /* Get the sid */
01801         sid_to_string(sid, &dom_sid);
01802 
01803         /* Get the ldap suffix */
01804         suffix = lp_ldap_suffix();
01805         if (suffix == NULL || strcmp(suffix, "") == 0) {
01806                 DEBUG(0,("ldap suffix missing from smb.conf--exiting\n"));
01807                 exit(1);
01808         }
01809 
01810         /* Get other smb.conf data */
01811         if (!(lp_workgroup()) || !*(lp_workgroup())) {
01812                 DEBUG(0,("workgroup missing from smb.conf--exiting\n"));
01813                 exit(1);
01814         }
01815 
01816         /* Allocate initial memory for groupmap and accountmap arrays */
01817         if (init_ldap == 1) {
01818                 groupmap = SMB_MALLOC_ARRAY(GROUPMAP, 8);
01819                 accountmap = SMB_MALLOC_ARRAY(ACCOUNTMAP, 8);
01820                 if (groupmap == NULL || accountmap == NULL) {
01821                         DEBUG(1,("GROUPMAP malloc failed\n"));
01822                         ret = NT_STATUS_NO_MEMORY;
01823                         goto done;
01824                 }
01825 
01826                 /* Initialize the arrays */
01827                 memset(groupmap, 0, sizeof(GROUPMAP)*8);
01828                 memset(accountmap, 0, sizeof(ACCOUNTMAP)*8);
01829 
01830                 /* Remember how many we malloced */
01831                 num_alloced = 8;
01832 
01833                 /* Initial database population */
01834                 populate_ldap_for_ldif(sid, suffix, builtin_sid, add_file);
01835                 map_populate_groups(groupmap, accountmap, sid, suffix,
01836                                     builtin_sid);
01837 
01838                 /* Don't do this again */
01839                 init_ldap = 0;
01840         }
01841 
01842         /* Announce what we are doing */
01843         switch( db_type ) {
01844         case SAM_DATABASE_DOMAIN:
01845                 d_fprintf(stderr, "Fetching DOMAIN database\n");
01846                 break;
01847         case SAM_DATABASE_BUILTIN:
01848                 d_fprintf(stderr, "Fetching BUILTIN database\n");
01849                 break;
01850         case SAM_DATABASE_PRIVS:
01851                 d_fprintf(stderr, "Fetching PRIVS databases\n");
01852                 break;
01853         default:
01854                 d_fprintf(stderr, 
01855                           "Fetching unknown database type %u\n", 
01856                           db_type );
01857                 break;
01858         }
01859 
01860         do {
01861                 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx,
01862                                                   db_type, sync_context,
01863                                                   &num_deltas, &hdr_deltas, 
01864                                                   &deltas);
01865                 if (!NT_STATUS_IS_OK(result) &&
01866                     !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
01867                         ret = NT_STATUS_OK;
01868                         goto done; /* is this correct? jmcd */
01869                 }
01870 
01871                 /* Re-allocate memory for groupmap and accountmap arrays */
01872                 groupmap = SMB_REALLOC_ARRAY(groupmap, GROUPMAP,
01873                                              num_deltas+num_alloced);
01874                 accountmap = SMB_REALLOC_ARRAY(accountmap, ACCOUNTMAP,
01875                                                num_deltas+num_alloced);
01876                 if (groupmap == NULL || accountmap == NULL) {
01877                         DEBUG(1,("GROUPMAP malloc failed\n"));
01878                         ret = NT_STATUS_NO_MEMORY;
01879                         goto done;
01880                 }
01881 
01882                 /* Initialize the new records */
01883                 memset(&groupmap[num_alloced], 0, 
01884                        sizeof(GROUPMAP)*num_deltas);
01885                 memset(&accountmap[num_alloced], 0,
01886                        sizeof(ACCOUNTMAP)*num_deltas);
01887 
01888                 /* Remember how many we alloced this time */
01889                 num_alloced += num_deltas;
01890 
01891                 /* Loop through the deltas */
01892                 for (k=0; k<num_deltas; k++) {
01893                         switch(hdr_deltas[k].type) {
01894                         case SAM_DELTA_DOMAIN_INFO:
01895                                 /* Is this case needed? */
01896                                 unistr2_to_ascii(
01897                                         domainname, 
01898                                         &deltas[k].domain_info.uni_dom_name,
01899                                         sizeof(domainname)-1);
01900                                 break;
01901 
01902                         case SAM_DELTA_GROUP_INFO:
01903                                 fetch_group_info_to_ldif(
01904                                         &deltas[k], &groupmap[g_index],
01905                                         add_file, sid, suffix);
01906                                 g_index++;
01907                                 break;
01908 
01909                         case SAM_DELTA_ACCOUNT_INFO:
01910                                 fetch_account_info_to_ldif(
01911                                         &deltas[k], groupmap, 
01912                                         &accountmap[a_index], add_file,
01913                                         sid, suffix, num_alloced);
01914                                 a_index++;
01915                                 break;
01916 
01917                         case SAM_DELTA_ALIAS_INFO:
01918                                 fetch_alias_info_to_ldif(
01919                                         &deltas[k], &groupmap[g_index],
01920                                         add_file, sid, suffix, db_type);
01921                                 g_index++;
01922                                 break;
01923 
01924                         case SAM_DELTA_GROUP_MEM:
01925                                 fetch_groupmem_info_to_ldif(
01926                                         &deltas[k], &hdr_deltas[k], 
01927                                         groupmap, accountmap, 
01928                                         mod_file, num_alloced);
01929                                 break;
01930 
01931                         case SAM_DELTA_ALIAS_MEM:
01932                                 break;
01933                         case SAM_DELTA_POLICY_INFO:
01934                                 break;
01935                         case SAM_DELTA_PRIVS_INFO:
01936                                 break;
01937                         case SAM_DELTA_TRUST_DOMS:
01938                                 /* Implemented but broken */
01939                                 break;
01940                         case SAM_DELTA_SECRET_INFO:
01941                                 /* Implemented but broken */
01942                                 break;
01943                         case SAM_DELTA_RENAME_GROUP:
01944                                 /* Not yet implemented */
01945                                 break;
01946                         case SAM_DELTA_RENAME_USER:
01947                                 /* Not yet implemented */
01948                                 break;
01949                         case SAM_DELTA_RENAME_ALIAS:
01950                                 /* Not yet implemented */
01951                                 break;
01952                         case SAM_DELTA_DELETE_GROUP:
01953                                 /* Not yet implemented */
01954                                 break;
01955                         case SAM_DELTA_DELETE_USER:
01956                                 /* Not yet implemented */
01957                                 break;
01958                         case SAM_DELTA_MODIFIED_COUNT:
01959                                 break;
01960                         default:
01961                                 break;
01962                         } /* end of switch */
01963                 } /* end of for loop */
01964 
01965                 /* Increment sync_context */
01966                 sync_context += 1;
01967 
01968         } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
01969 
01970         /* Write ldif data to the user's file */
01971         if (db_type == SAM_DATABASE_DOMAIN) {
01972                 fprintf(ldif_file,
01973                         "# SAM_DATABASE_DOMAIN: ADD ENTITIES\n");
01974                 fprintf(ldif_file,
01975                         "# =================================\n\n");
01976                 fflush(ldif_file);
01977         } else if (db_type == SAM_DATABASE_BUILTIN) {
01978                 fprintf(ldif_file,
01979                         "# SAM_DATABASE_BUILTIN: ADD ENTITIES\n");
01980                 fprintf(ldif_file,
01981                         "# ==================================\n\n");
01982                 fflush(ldif_file);
01983         }
01984         fseek(add_file, 0, SEEK_SET);
01985         transfer_file(fileno(add_file), fileno(ldif_file), (size_t) -1);
01986 
01987         if (db_type == SAM_DATABASE_DOMAIN) {
01988                 fprintf(ldif_file,
01989                         "# SAM_DATABASE_DOMAIN: MODIFY ENTITIES\n");
01990                 fprintf(ldif_file,
01991                         "# ====================================\n\n");
01992                 fflush(ldif_file);
01993         } else if (db_type == SAM_DATABASE_BUILTIN) {
01994                 fprintf(ldif_file,
01995                         "# SAM_DATABASE_BUILTIN: MODIFY ENTITIES\n");
01996                 fprintf(ldif_file,
01997                         "# =====================================\n\n");
01998                 fflush(ldif_file);
01999         }
02000         fseek(mod_file, 0, SEEK_SET);
02001         transfer_file(fileno(mod_file), fileno(ldif_file), (size_t) -1);
02002 
02003 
02004  done:
02005         /* Close and delete the ldif files */
02006         if (add_file) {
02007                 fclose(add_file);
02008         }
02009 
02010         if ((add_name != NULL) &&
02011             strcmp(add_name, add_template) && (unlink(add_name))) {
02012                 DEBUG(1,("unlink(%s) failed, error was (%s)\n",
02013                          add_name, strerror(errno)));
02014         }
02015 
02016         if (mod_file) {
02017                 fclose(mod_file);
02018         }
02019 
02020         if ((mod_name != NULL) &&
02021             strcmp(mod_name, mod_template) && (unlink(mod_name))) {
02022                 DEBUG(1,("unlink(%s) failed, error was (%s)\n",
02023                          mod_name, strerror(errno)));
02024         }
02025         
02026         if (ldif_file && (ldif_file != stdout)) {
02027                 fclose(ldif_file);
02028         }
02029 
02030         /* Deallocate memory for the mapping arrays */
02031         SAFE_FREE(groupmap);
02032         SAFE_FREE(accountmap);
02033 
02034         /* Return */
02035         talloc_destroy(mem_ctx);
02036         return ret;
02037 }

int rpc_vampire_usage ( int  argc,
const char **  argv 
)

Basic usage function for 'net rpc vampire'

引数:
argc Standard main() style argc
argc Standard main() style argv. Initial components are already stripped

net_rpc_samsync.c2046 行で定義されています。

参照先 d_printf()net_common_flags_usage().

参照元 net_rpc_help().

02047 {       
02048         d_printf("net rpc vampire [ldif [<ldif-filename>] [options]\n"
02049                  "\t to pull accounts from a remote PDC where we are a BDC\n"
02050                  "\t\t no args puts accounts in local passdb from smb.conf\n"
02051                  "\t\t ldif - put accounts in ldif format (file defaults to "
02052                  "/tmp/tmp.ldif\n");
02053 
02054         net_common_flags_usage(argc, argv);
02055         return -1;
02056 }

NTSTATUS rpc_vampire_internals ( const DOM_SID domain_sid,
const char *  domain_name,
struct cli_state cli,
struct rpc_pipe_client pipe_hnd,
TALLOC_CTX mem_ctx,
int  argc,
const char **  argv 
)

net_rpc_samsync.c2060 行で定義されています。

参照先 d_fprintf()d_printf()domain_sidfetch_database()fetch_database_to_ldif()get_global_sam_name()get_global_sam_sid()global_sid_Builtinnt_errstr()resultSAM_DATABASE_BUILTINSAM_DATABASE_DOMAINsid_equal()sid_to_string().

参照元 rpc_vampire().

02067 {
02068         NTSTATUS result;
02069         fstring my_dom_sid_str;
02070         fstring rem_dom_sid_str;
02071 
02072         if (!sid_equal(domain_sid, get_global_sam_sid())) {
02073                 d_printf("Cannot import users from %s at this time, "
02074                          "as the current domain:\n\t%s: %s\nconflicts "
02075                          "with the remote domain\n\t%s: %s\n"
02076                          "Perhaps you need to set: \n\n\tsecurity=user\n\t"
02077                          "workgroup=%s\n\n in your smb.conf?\n",
02078                          domain_name,
02079                          get_global_sam_name(),
02080                          sid_to_string(my_dom_sid_str, 
02081                                        get_global_sam_sid()),
02082                          domain_name, sid_to_string(rem_dom_sid_str,
02083                                                     domain_sid),
02084                          domain_name);
02085                 return NT_STATUS_UNSUCCESSFUL;
02086         }
02087 
02088         if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) {
02089                 result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_DOMAIN,
02090                                                 *domain_sid, argv[1]);
02091         } else {
02092                 result = fetch_database(pipe_hnd, SAM_DATABASE_DOMAIN,
02093                                         *domain_sid);
02094         }
02095 
02096         if (!NT_STATUS_IS_OK(result)) {
02097                 d_fprintf(stderr, "Failed to fetch domain database: %s\n",
02098                           nt_errstr(result));
02099                 if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED))
02100                         d_fprintf(stderr, "Perhaps %s is a Windows 2000 "
02101                                   "native mode domain?\n", domain_name);
02102                 goto fail;
02103         }
02104 
02105         if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) {
02106                 result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_BUILTIN,
02107                                                 global_sid_Builtin, argv[1]);
02108         } else {
02109                 result = fetch_database(pipe_hnd, SAM_DATABASE_BUILTIN,
02110                                         global_sid_Builtin);
02111         }
02112 
02113         if (!NT_STATUS_IS_OK(result)) {
02114                 d_fprintf(stderr, "Failed to fetch builtin database: %s\n",
02115                           nt_errstr(result));
02116                 goto fail;
02117         }
02118 
02119         /* Currently we crash on PRIVS somewhere in unmarshalling */
02120         /* Dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); */
02121 
02122  fail:
02123         return result;
02124 }


変数

uint32 ldif_gid = 999 [static]

net_rpc_samsync.c30 行で定義されています。

参照元 fetch_alias_info_to_ldif()fetch_group_info_to_ldif()populate_ldap_for_ldif().

uint32 ldif_uid = 999 [static]

net_rpc_samsync.c31 行で定義されています。

参照元 fetch_account_info_to_ldif()populate_ldap_for_ldif().

int init_ldap = 1 [static]

net_rpc_samsync.c33 行で定義されています。

参照元 fetch_database_to_ldif().


Sambaに対してSat Aug 29 21:24:36 2009に生成されました。  doxygen 1.4.7