関数 | |
static void | display_group_mem_info (uint32 rid, SAM_GROUP_MEM_INFO *g) |
static void | display_alias_info (uint32 rid, SAM_ALIAS_INFO *a) |
static void | display_alias_mem (uint32 rid, SAM_ALIAS_MEM_INFO *a) |
static void | display_account_info (uint32 rid, SAM_ACCOUNT_INFO *a) |
static time_t | uint64s_nt_time_to_unix_abs (const uint64 *src) |
static void | display_domain_info (SAM_DOMAIN_INFO *a) |
static void | display_group_info (uint32 rid, SAM_GROUP_INFO *a) |
static void | display_sam_entry (SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta) |
static void | dump_database (struct rpc_pipe_client *pipe_hnd, uint32 db_type) |
NTSTATUS | rpc_samdump_internals (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
static NTSTATUS | sam_account_from_delta (struct samu *account, SAM_ACCOUNT_INFO *delta) |
static NTSTATUS | fetch_account_info (uint32 rid, SAM_ACCOUNT_INFO *delta) |
static NTSTATUS | fetch_group_info (uint32 rid, SAM_GROUP_INFO *delta) |
static NTSTATUS | fetch_group_mem_info (uint32 rid, SAM_GROUP_MEM_INFO *delta) |
static NTSTATUS | fetch_alias_info (uint32 rid, SAM_ALIAS_INFO *delta, DOM_SID dom_sid) |
static NTSTATUS | fetch_alias_mem (uint32 rid, SAM_ALIAS_MEM_INFO *delta, DOM_SID dom_sid) |
static NTSTATUS | fetch_domain_info (uint32 rid, SAM_DOMAIN_INFO *delta) |
static void | fetch_sam_entry (SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, DOM_SID dom_sid) |
static NTSTATUS | fetch_database (struct rpc_pipe_client *pipe_hnd, uint32 db_type, DOM_SID dom_sid) |
static NTSTATUS | populate_ldap_for_ldif (fstring sid, const char *suffix, const char *builtin_sid, FILE *add_fd) |
static NTSTATUS | map_populate_groups (GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, const char *suffix, const char *builtin_sid) |
static int | fprintf_attr (FILE *add_fd, const char *attr_name, const char *fmt,...) |
static NTSTATUS | fetch_group_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix) |
static NTSTATUS | fetch_account_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *add_fd, fstring sid, char *suffix, int alloced) |
static NTSTATUS | fetch_alias_info_to_ldif (SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix, unsigned db_type) |
static NTSTATUS | fetch_groupmem_info_to_ldif (SAM_DELTA_CTR *delta, SAM_DELTA_HDR *hdr_delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *mod_fd, int alloced) |
static NTSTATUS | fetch_database_to_ldif (struct rpc_pipe_client *pipe_hnd, uint32 db_type, DOM_SID dom_sid, const char *user_file) |
int | rpc_vampire_usage (int argc, const char **argv) |
Basic usage function for 'net rpc vampire' | |
NTSTATUS | rpc_vampire_internals (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
変数 | |
static uint32 | ldif_gid = 999 |
static uint32 | ldif_uid = 999 |
static int | init_ldap = 1 |
static void display_group_mem_info | ( | uint32 | rid, | |
SAM_GROUP_MEM_INFO * | g | |||
) | [static] |
net_rpc_samsync.c の 35 行で定義されています。
参照先 d_printf()・sam_group_mem_info_info::num_members・sam_group_mem_info_info::rids.
参照元 display_sam_entry().
00036 { 00037 int i; 00038 d_printf("Group mem %u: ", rid); 00039 for (i=0;i<g->num_members;i++) { 00040 d_printf("%u ", g->rids[i]); 00041 } 00042 d_printf("\n"); 00043 }
static void display_alias_info | ( | uint32 | rid, | |
SAM_ALIAS_INFO * | a | |||
) | [static] |
net_rpc_samsync.c の 45 行で定義されています。
参照先 sam_alias_info_info::als_rid・d_printf()・sam_alias_info_info::uni_als_desc・sam_alias_info_info::uni_als_name・unistr2_static().
参照元 display_sam_entry().
00046 { 00047 d_printf("Alias '%s' ", unistr2_static(&a->uni_als_name)); 00048 d_printf("desc='%s' rid=%u\n", unistr2_static(&a->uni_als_desc), a->als_rid); 00049 }
static void display_alias_mem | ( | uint32 | rid, | |
SAM_ALIAS_MEM_INFO * | a | |||
) | [static] |
net_rpc_samsync.c の 51 行で定義されています。
参照先 d_printf()・sam_alias_mem_info_info::num_members・DOM_SID2::sid・sid_string_static()・sam_alias_mem_info_info::sids.
参照元 display_sam_entry().
00052 { 00053 int i; 00054 d_printf("Alias rid %u: ", rid); 00055 for (i=0;i<a->num_members;i++) { 00056 d_printf("%s ", sid_string_static(&a->sids[i].sid)); 00057 } 00058 d_printf("\n"); 00059 }
static void display_account_info | ( | uint32 | rid, | |
SAM_ACCOUNT_INFO * | a | |||
) | [static] |
net_rpc_samsync.c の 61 行で定義されています。
参照先 sam_account_info_info::acb_info・sam_passwd_info::buf_lm_pwd・sam_passwd_info::buf_nt_pwd・sam_account_info_info::pass・pdb_encode_acct_ctrl()・pdb_sethexpwd()・printf()・sam_pwd_hash()・sam_account_info_info::uni_acct_name・unistr2_static()・sam_account_info_info::user_rid.
参照元 display_sam_entry().
00062 { 00063 fstring hex_nt_passwd, hex_lm_passwd; 00064 uchar lm_passwd[16], nt_passwd[16]; 00065 static uchar zero_buf[16]; 00066 00067 /* Decode hashes from password hash (if they are not NULL) */ 00068 00069 if (memcmp(a->pass.buf_lm_pwd, zero_buf, 16) != 0) { 00070 sam_pwd_hash(a->user_rid, a->pass.buf_lm_pwd, lm_passwd, 0); 00071 pdb_sethexpwd(hex_lm_passwd, lm_passwd, a->acb_info); 00072 } else { 00073 pdb_sethexpwd(hex_lm_passwd, NULL, 0); 00074 } 00075 00076 if (memcmp(a->pass.buf_nt_pwd, zero_buf, 16) != 0) { 00077 sam_pwd_hash(a->user_rid, a->pass.buf_nt_pwd, nt_passwd, 0); 00078 pdb_sethexpwd(hex_nt_passwd, nt_passwd, a->acb_info); 00079 } else { 00080 pdb_sethexpwd(hex_nt_passwd, NULL, 0); 00081 } 00082 00083 printf("%s:%d:%s:%s:%s:LCT-0\n", unistr2_static(&a->uni_acct_name), 00084 a->user_rid, hex_lm_passwd, hex_nt_passwd, 00085 pdb_encode_acct_ctrl(a->acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN)); 00086 }
static time_t uint64s_nt_time_to_unix_abs | ( | const uint64 * | src | ) | [static] |
net_rpc_samsync.c の 88 行で定義されています。
参照元 display_domain_info()・fetch_domain_info().
00089 { 00090 NTTIME nttime; 00091 nttime = *src; 00092 return nt_time_to_unix_abs(&nttime); 00093 }
static void display_domain_info | ( | SAM_DOMAIN_INFO * | a | ) | [static] |
net_rpc_samsync.c の 95 行で定義されています。
参照先 sam_domain_info_info::account_lockout・account_lockout_string::bad_attempt_lockout・d_printf()・display_time()・sam_domain_info_info::force_logoff・account_lockout_string::lockout_duration・sam_domain_info_info::logon_chgpass・sam_domain_info_info::max_pwd_age・sam_domain_info_info::min_pwd_age・sam_domain_info_info::min_pwd_len・sam_domain_info_info::pwd_history_len・account_lockout_string::reset_count・uint64s_nt_time_to_unix_abs()・sam_domain_info_info::uni_dom_name・unistr2_static().
参照元 display_sam_entry().
00096 { 00097 time_t u_logout; 00098 00099 u_logout = uint64s_nt_time_to_unix_abs(&a->force_logoff); 00100 00101 d_printf("Domain name: %s\n", unistr2_static(&a->uni_dom_name)); 00102 00103 d_printf("Minimal Password Length: %d\n", a->min_pwd_len); 00104 d_printf("Password History Length: %d\n", a->pwd_history_len); 00105 00106 d_printf("Force Logoff: %d\n", (int)u_logout); 00107 00108 d_printf("Max Password Age: %s\n", display_time(a->max_pwd_age)); 00109 d_printf("Min Password Age: %s\n", display_time(a->min_pwd_age)); 00110 00111 d_printf("Lockout Time: %s\n", display_time(a->account_lockout.lockout_duration)); 00112 d_printf("Lockout Reset Time: %s\n", display_time(a->account_lockout.reset_count)); 00113 00114 d_printf("Bad Attempt Lockout: %d\n", a->account_lockout.bad_attempt_lockout); 00115 d_printf("User must logon to change password: %d\n", a->logon_chgpass); 00116 }
static void display_group_info | ( | uint32 | rid, | |
SAM_GROUP_INFO * | a | |||
) | [static] |
net_rpc_samsync.c の 118 行で定義されています。
参照先 d_printf()・sam_group_info_info::uni_grp_desc・sam_group_info_info::uni_grp_name・unistr2_static().
参照元 display_sam_entry().
00119 { 00120 d_printf("Group '%s' ", unistr2_static(&a->uni_grp_name)); 00121 d_printf("desc='%s', rid=%u\n", unistr2_static(&a->uni_grp_desc), rid); 00122 }
static void display_sam_entry | ( | SAM_DELTA_HDR * | hdr_delta, | |
SAM_DELTA_CTR * | delta | |||
) | [static] |
net_rpc_samsync.c の 124 行で定義されています。
参照先 sam_delta_ctr_info::account_info・sam_delta_ctr_info::alias_info・sam_delta_ctr_info::als_mem_info・d_printf()・display_account_info()・display_alias_info()・display_alias_mem()・display_domain_info()・display_group_info()・display_group_mem_info()・sam_delta_ctr_info::domain_info・sam_delta_ctr_info::group_info・sam_delta_ctr_info::grp_mem_info・sam_delta_hdr_info::target_rid・sam_delta_hdr_info::type.
参照元 dump_database().
00125 { 00126 switch (hdr_delta->type) { 00127 case SAM_DELTA_ACCOUNT_INFO: 00128 display_account_info(hdr_delta->target_rid, &delta->account_info); 00129 break; 00130 case SAM_DELTA_GROUP_MEM: 00131 display_group_mem_info(hdr_delta->target_rid, &delta->grp_mem_info); 00132 break; 00133 case SAM_DELTA_ALIAS_INFO: 00134 display_alias_info(hdr_delta->target_rid, &delta->alias_info); 00135 break; 00136 case SAM_DELTA_ALIAS_MEM: 00137 display_alias_mem(hdr_delta->target_rid, &delta->als_mem_info); 00138 break; 00139 case SAM_DELTA_DOMAIN_INFO: 00140 display_domain_info(&delta->domain_info); 00141 break; 00142 case SAM_DELTA_GROUP_INFO: 00143 display_group_info(hdr_delta->target_rid, &delta->group_info); 00144 break; 00145 /* The following types are recognised but not handled */ 00146 case SAM_DELTA_RENAME_GROUP: 00147 d_printf("SAM_DELTA_RENAME_GROUP not handled\n"); 00148 break; 00149 case SAM_DELTA_RENAME_USER: 00150 d_printf("SAM_DELTA_RENAME_USER not handled\n"); 00151 break; 00152 case SAM_DELTA_RENAME_ALIAS: 00153 d_printf("SAM_DELTA_RENAME_ALIAS not handled\n"); 00154 break; 00155 case SAM_DELTA_POLICY_INFO: 00156 d_printf("SAM_DELTA_POLICY_INFO not handled\n"); 00157 break; 00158 case SAM_DELTA_TRUST_DOMS: 00159 d_printf("SAM_DELTA_TRUST_DOMS not handled\n"); 00160 break; 00161 case SAM_DELTA_PRIVS_INFO: 00162 d_printf("SAM_DELTA_PRIVS_INFO not handled\n"); 00163 break; 00164 case SAM_DELTA_SECRET_INFO: 00165 d_printf("SAM_DELTA_SECRET_INFO not handled\n"); 00166 break; 00167 case SAM_DELTA_DELETE_GROUP: 00168 d_printf("SAM_DELTA_DELETE_GROUP not handled\n"); 00169 break; 00170 case SAM_DELTA_DELETE_USER: 00171 d_printf("SAM_DELTA_DELETE_USER not handled\n"); 00172 break; 00173 case SAM_DELTA_MODIFIED_COUNT: 00174 d_printf("SAM_DELTA_MODIFIED_COUNT not handled\n"); 00175 break; 00176 default: 00177 d_printf("Unknown delta record type %d\n", hdr_delta->type); 00178 break; 00179 } 00180 }
static void dump_database | ( | struct rpc_pipe_client * | pipe_hnd, | |
uint32 | db_type | |||
) | [static] |
net_rpc_samsync.c の 182 行で定義されています。
参照先 d_printf()・display_sam_entry()・result・rpccli_netlogon_sam_sync()・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・SAM_DATABASE_PRIVS・talloc_init().
00183 { 00184 uint32 sync_context = 0; 00185 NTSTATUS result; 00186 int i; 00187 TALLOC_CTX *mem_ctx; 00188 SAM_DELTA_HDR *hdr_deltas; 00189 SAM_DELTA_CTR *deltas; 00190 uint32 num_deltas; 00191 00192 if (!(mem_ctx = talloc_init("dump_database"))) { 00193 return; 00194 } 00195 00196 switch( db_type ) { 00197 case SAM_DATABASE_DOMAIN: 00198 d_printf("Dumping DOMAIN database\n"); 00199 break; 00200 case SAM_DATABASE_BUILTIN: 00201 d_printf("Dumping BUILTIN database\n"); 00202 break; 00203 case SAM_DATABASE_PRIVS: 00204 d_printf("Dumping PRIVS databases\n"); 00205 break; 00206 default: 00207 d_printf("Dumping unknown database type %u\n", db_type ); 00208 break; 00209 } 00210 00211 do { 00212 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, db_type, 00213 sync_context, 00214 &num_deltas, &hdr_deltas, &deltas); 00215 if (!NT_STATUS_IS_OK(result)) 00216 break; 00217 00218 for (i = 0; i < num_deltas; i++) { 00219 display_sam_entry(&hdr_deltas[i], &deltas[i]); 00220 } 00221 sync_context += 1; 00222 } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); 00223 00224 talloc_destroy(mem_ctx); 00225 }
NTSTATUS rpc_samdump_internals | ( | const DOM_SID * | domain_sid, | |
const char * | domain_name, | |||
struct cli_state * | cli, | |||
struct rpc_pipe_client * | pipe_hnd, | |||
TALLOC_CTX * | mem_ctx, | |||
int | argc, | |||
const char ** | argv | |||
) |
net_rpc_samsync.c の 228 行で定義されています。
参照先 cli・cli_state::desthost・dump_database()・global_myname・rpccli_netlogon_setup_creds()・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・SAM_DATABASE_PRIVS・secrets_fetch_trust_account_password().
参照元 rpc_samdump().
00235 { 00236 #if 0 00237 /* net_rpc.c now always tries to create an schannel pipe.. */ 00238 00239 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; 00240 uchar trust_password[16]; 00241 uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; 00242 uint32 sec_channel_type = 0; 00243 00244 if (!secrets_fetch_trust_account_password(domain_name, 00245 trust_password, 00246 NULL, &sec_channel_type)) { 00247 DEBUG(0,("Could not fetch trust account password\n")); 00248 goto fail; 00249 } 00250 00251 nt_status = rpccli_netlogon_setup_creds(pipe_hnd, 00252 cli->desthost, 00253 domain_name, 00254 global_myname(), 00255 trust_password, 00256 sec_channel_type, 00257 &neg_flags); 00258 00259 if (!NT_STATUS_IS_OK(nt_status)) { 00260 DEBUG(0,("Error connecting to NETLOGON pipe\n")); 00261 goto fail; 00262 } 00263 #endif 00264 00265 dump_database(pipe_hnd, SAM_DATABASE_DOMAIN); 00266 dump_database(pipe_hnd, SAM_DATABASE_BUILTIN); 00267 dump_database(pipe_hnd, SAM_DATABASE_PRIVS); 00268 00269 return NT_STATUS_OK; 00270 }
static NTSTATUS sam_account_from_delta | ( | struct samu * | account, | |
SAM_ACCOUNT_INFO * | delta | |||
) | [static] |
net_rpc_samsync.c の 281 行で定義されています。
参照先 sam_account_info_info::acb_info・sam_account_info_info::bad_pwd_count・base64_encode_data_blob()・RPC_DATA_BLOB::buf_len・sam_passwd_info::buf_lm_pwd・sam_account_info_info::buf_logon_hrs・sam_passwd_info::buf_nt_pwd・RPC_DATA_BLOB::buffer・UNISTR2::buffer・UNIHDR::buffer・data_blob_::data・sam_account_info_info::group_rid・sam_account_info_info::hdr_acct_desc・sam_account_info_info::hdr_acct_name・sam_account_info_info::hdr_dir_drive・sam_account_info_info::hdr_full_name・sam_account_info_info::hdr_home_dir・sam_account_info_info::hdr_logon_script・sam_account_info_info::hdr_parameters・sam_account_info_info::hdr_profile・sam_account_info_info::hdr_workstations・data_blob_::length・sam_account_info_info::logoff_time・sam_account_info_info::logon_count・sam_account_info_info::logon_divs・sam_account_info_info::logon_time・lp_workgroup()・nt_time_is_zero()・nt_time_to_unix()・sam_account_info_info::pass・PDB_CHANGED・pdb_get_acct_desc()・pdb_get_bad_password_count()・pdb_get_dir_drive()・pdb_get_fullname()・pdb_get_group_rid()・pdb_get_homedir()・pdb_get_hours()・pdb_get_hours_len()・pdb_get_kickoff_time()・pdb_get_logoff_time()・pdb_get_logon_count()・pdb_get_logon_divs()・pdb_get_logon_script()・pdb_get_logon_time()・pdb_get_munged_dial()・pdb_get_nt_username()・pdb_get_pass_last_set_time()・pdb_get_profile_path()・pdb_get_unknown_6()・pdb_get_user_rid()・pdb_get_username()・pdb_get_workstations()・pdb_set_acct_ctrl()・pdb_set_acct_desc()・pdb_set_bad_password_count()・pdb_set_dir_drive()・pdb_set_domain()・pdb_set_fullname()・pdb_set_group_sid_from_rid()・pdb_set_homedir()・pdb_set_hours()・pdb_set_hours_len()・pdb_set_kickoff_time()・pdb_set_lanman_passwd()・pdb_set_logoff_time()・pdb_set_logon_count()・pdb_set_logon_divs()・pdb_set_logon_script()・pdb_set_logon_time()・pdb_set_munged_dial()・pdb_set_nt_passwd()・pdb_set_nt_username()・pdb_set_pass_last_set_time()・pdb_set_profile_path()・pdb_set_unknown_6()・pdb_set_user_sid_from_rid()・pdb_set_username()・pdb_set_workstations()・pdb_sethexhours()・sam_account_info_info::pwd_last_set_time・sam_pwd_hash()・strequal()・sam_account_info_info::uni_acct_desc・sam_account_info_info::uni_acct_name・sam_account_info_info::uni_dir_drive・sam_account_info_info::uni_full_name・sam_account_info_info::uni_home_dir・sam_account_info_info::uni_logon_script・sam_account_info_info::uni_parameters・sam_account_info_info::uni_profile・UNIHDR::uni_str_len・sam_account_info_info::uni_workstations・unistr2_static()・sam_account_info_info::unknown1・sam_account_info_info::user_rid.
参照元 fetch_account_info().
00282 { 00283 const char *old_string, *new_string; 00284 time_t unix_time, stored_time; 00285 uchar lm_passwd[16], nt_passwd[16]; 00286 static uchar zero_buf[16]; 00287 00288 /* Username, fullname, home dir, dir drive, logon script, acct 00289 desc, workstations, profile. */ 00290 00291 if (delta->hdr_acct_name.buffer) { 00292 old_string = pdb_get_nt_username(account); 00293 new_string = unistr2_static(&delta->uni_acct_name); 00294 00295 if (STRING_CHANGED) { 00296 pdb_set_nt_username(account, new_string, PDB_CHANGED); 00297 00298 } 00299 00300 /* Unix username is the same - for sanity */ 00301 old_string = pdb_get_username( account ); 00302 if (STRING_CHANGED) { 00303 pdb_set_username(account, new_string, PDB_CHANGED); 00304 } 00305 } 00306 00307 if (delta->hdr_full_name.buffer) { 00308 old_string = pdb_get_fullname(account); 00309 new_string = unistr2_static(&delta->uni_full_name); 00310 00311 if (STRING_CHANGED) 00312 pdb_set_fullname(account, new_string, PDB_CHANGED); 00313 } 00314 00315 if (delta->hdr_home_dir.buffer) { 00316 old_string = pdb_get_homedir(account); 00317 new_string = unistr2_static(&delta->uni_home_dir); 00318 00319 if (STRING_CHANGED) 00320 pdb_set_homedir(account, new_string, PDB_CHANGED); 00321 } 00322 00323 if (delta->hdr_dir_drive.buffer) { 00324 old_string = pdb_get_dir_drive(account); 00325 new_string = unistr2_static(&delta->uni_dir_drive); 00326 00327 if (STRING_CHANGED) 00328 pdb_set_dir_drive(account, new_string, PDB_CHANGED); 00329 } 00330 00331 if (delta->hdr_logon_script.buffer) { 00332 old_string = pdb_get_logon_script(account); 00333 new_string = unistr2_static(&delta->uni_logon_script); 00334 00335 if (STRING_CHANGED) 00336 pdb_set_logon_script(account, new_string, PDB_CHANGED); 00337 } 00338 00339 if (delta->hdr_acct_desc.buffer) { 00340 old_string = pdb_get_acct_desc(account); 00341 new_string = unistr2_static(&delta->uni_acct_desc); 00342 00343 if (STRING_CHANGED) 00344 pdb_set_acct_desc(account, new_string, PDB_CHANGED); 00345 } 00346 00347 if (delta->hdr_workstations.buffer) { 00348 old_string = pdb_get_workstations(account); 00349 new_string = unistr2_static(&delta->uni_workstations); 00350 00351 if (STRING_CHANGED) 00352 pdb_set_workstations(account, new_string, PDB_CHANGED); 00353 } 00354 00355 if (delta->hdr_profile.buffer) { 00356 old_string = pdb_get_profile_path(account); 00357 new_string = unistr2_static(&delta->uni_profile); 00358 00359 if (STRING_CHANGED) 00360 pdb_set_profile_path(account, new_string, PDB_CHANGED); 00361 } 00362 00363 if (delta->hdr_parameters.buffer) { 00364 DATA_BLOB mung; 00365 char *newstr; 00366 old_string = pdb_get_munged_dial(account); 00367 mung.length = delta->hdr_parameters.uni_str_len; 00368 mung.data = (uint8 *) delta->uni_parameters.buffer; 00369 newstr = (mung.length == 0) ? NULL : base64_encode_data_blob(mung); 00370 00371 if (STRING_CHANGED_NC(old_string, newstr)) 00372 pdb_set_munged_dial(account, newstr, PDB_CHANGED); 00373 SAFE_FREE(newstr); 00374 } 00375 00376 /* User and group sid */ 00377 if (pdb_get_user_rid(account) != delta->user_rid) 00378 pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); 00379 if (pdb_get_group_rid(account) != delta->group_rid) 00380 pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); 00381 00382 /* Logon and password information */ 00383 if (!nt_time_is_zero(&delta->logon_time)) { 00384 unix_time = nt_time_to_unix(delta->logon_time); 00385 stored_time = pdb_get_logon_time(account); 00386 if (stored_time != unix_time) 00387 pdb_set_logon_time(account, unix_time, PDB_CHANGED); 00388 } 00389 00390 if (!nt_time_is_zero(&delta->logoff_time)) { 00391 unix_time = nt_time_to_unix(delta->logoff_time); 00392 stored_time = pdb_get_logoff_time(account); 00393 if (stored_time != unix_time) 00394 pdb_set_logoff_time(account, unix_time,PDB_CHANGED); 00395 } 00396 00397 /* Logon Divs */ 00398 if (pdb_get_logon_divs(account) != delta->logon_divs) 00399 pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); 00400 00401 /* Max Logon Hours */ 00402 if (delta->unknown1 != pdb_get_unknown_6(account)) { 00403 pdb_set_unknown_6(account, delta->unknown1, PDB_CHANGED); 00404 } 00405 00406 /* Logon Hours Len */ 00407 if (delta->buf_logon_hrs.buf_len != pdb_get_hours_len(account)) { 00408 pdb_set_hours_len(account, delta->buf_logon_hrs.buf_len, PDB_CHANGED); 00409 } 00410 00411 /* Logon Hours */ 00412 if (delta->buf_logon_hrs.buffer) { 00413 pstring oldstr, newstr; 00414 pdb_sethexhours(oldstr, pdb_get_hours(account)); 00415 pdb_sethexhours(newstr, delta->buf_logon_hrs.buffer); 00416 if (!strequal(oldstr, newstr)) 00417 pdb_set_hours(account, (const uint8 *)delta->buf_logon_hrs.buffer, PDB_CHANGED); 00418 } 00419 00420 if (pdb_get_bad_password_count(account) != delta->bad_pwd_count) 00421 pdb_set_bad_password_count(account, delta->bad_pwd_count, PDB_CHANGED); 00422 00423 if (pdb_get_logon_count(account) != delta->logon_count) 00424 pdb_set_logon_count(account, delta->logon_count, PDB_CHANGED); 00425 00426 if (!nt_time_is_zero(&delta->pwd_last_set_time)) { 00427 unix_time = nt_time_to_unix(delta->pwd_last_set_time); 00428 stored_time = pdb_get_pass_last_set_time(account); 00429 if (stored_time != unix_time) 00430 pdb_set_pass_last_set_time(account, unix_time, PDB_CHANGED); 00431 } else { 00432 /* no last set time, make it now */ 00433 pdb_set_pass_last_set_time(account, time(NULL), PDB_CHANGED); 00434 } 00435 00436 #if 0 00437 /* No kickoff time in the delta? */ 00438 if (!nt_time_is_zero(&delta->kickoff_time)) { 00439 unix_time = nt_time_to_unix(&delta->kickoff_time); 00440 stored_time = pdb_get_kickoff_time(account); 00441 if (stored_time != unix_time) 00442 pdb_set_kickoff_time(account, unix_time, PDB_CHANGED); 00443 } 00444 #endif 00445 00446 /* Decode hashes from password hash 00447 Note that win2000 may send us all zeros for the hashes if it doesn't 00448 think this channel is secure enough - don't set the passwords at all 00449 in that case 00450 */ 00451 if (memcmp(delta->pass.buf_lm_pwd, zero_buf, 16) != 0) { 00452 sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0); 00453 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); 00454 } 00455 00456 if (memcmp(delta->pass.buf_nt_pwd, zero_buf, 16) != 0) { 00457 sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0); 00458 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); 00459 } 00460 00461 /* TODO: account expiry time */ 00462 00463 pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); 00464 00465 pdb_set_domain(account, lp_workgroup(), PDB_CHANGED); 00466 00467 return NT_STATUS_OK; 00468 }
static NTSTATUS fetch_account_info | ( | uint32 | rid, | |
SAM_ACCOUNT_INFO * | delta | |||
) | [static] |
net_rpc_samsync.c の 470 行で定義されています。
参照先 sam_account_info_info::acb_info・all_string_sub()・d_fprintf()・d_printf()・get_global_sam_sid()・Get_Pwnam()・_GROUP_MAP::gid・pdb_add_sam_account()・pdb_encode_acct_ctrl()・pdb_get_group_sid()・pdb_get_username()・pdb_getgrsid()・pdb_getsampwsid()・pdb_update_sam_account()・sam_account_from_delta()・samu_new()・sid_append_rid()・sid_copy()・sid_string_static()・sid_to_string()・smb_nscd_flush_user_cache()・smb_set_primary_group()・smbrun()・sam_account_info_info::uni_acct_name・unistr2_static()・sam_account_info_info::user_rid.
参照元 fetch_sam_entry().
00471 { 00472 NTSTATUS nt_ret = NT_STATUS_UNSUCCESSFUL; 00473 fstring account; 00474 pstring add_script; 00475 struct samu *sam_account=NULL; 00476 GROUP_MAP map; 00477 struct group *grp; 00478 DOM_SID user_sid; 00479 DOM_SID group_sid; 00480 struct passwd *passwd; 00481 fstring sid_string; 00482 00483 fstrcpy(account, unistr2_static(&delta->uni_acct_name)); 00484 d_printf("Creating account: %s\n", account); 00485 00486 if ( !(sam_account = samu_new( NULL )) ) { 00487 return NT_STATUS_NO_MEMORY; 00488 } 00489 00490 if (!(passwd = Get_Pwnam(account))) { 00491 /* Create appropriate user */ 00492 if (delta->acb_info & ACB_NORMAL) { 00493 pstrcpy(add_script, lp_adduser_script()); 00494 } else if ( (delta->acb_info & ACB_WSTRUST) || 00495 (delta->acb_info & ACB_SVRTRUST) || 00496 (delta->acb_info & ACB_DOMTRUST) ) { 00497 pstrcpy(add_script, lp_addmachine_script()); 00498 } else { 00499 DEBUG(1, ("Unknown user type: %s\n", 00500 pdb_encode_acct_ctrl(delta->acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN))); 00501 nt_ret = NT_STATUS_UNSUCCESSFUL; 00502 goto done; 00503 } 00504 if (*add_script) { 00505 int add_ret; 00506 all_string_sub(add_script, "%u", account, 00507 sizeof(account)); 00508 add_ret = smbrun(add_script,NULL); 00509 DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' " 00510 "gave %d\n", add_script, add_ret)); 00511 if (add_ret == 0) { 00512 smb_nscd_flush_user_cache(); 00513 } 00514 } 00515 00516 /* try and find the possible unix account again */ 00517 if ( !(passwd = Get_Pwnam(account)) ) { 00518 d_fprintf(stderr, "Could not create posix account info for '%s'\n", account); 00519 nt_ret = NT_STATUS_NO_SUCH_USER; 00520 goto done; 00521 } 00522 } 00523 00524 sid_copy(&user_sid, get_global_sam_sid()); 00525 sid_append_rid(&user_sid, delta->user_rid); 00526 00527 DEBUG(3, ("Attempting to find SID %s for user %s in the passdb\n", sid_to_string(sid_string, &user_sid), account)); 00528 if (!pdb_getsampwsid(sam_account, &user_sid)) { 00529 sam_account_from_delta(sam_account, delta); 00530 DEBUG(3, ("Attempting to add user SID %s for user %s in the passdb\n", 00531 sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account))); 00532 if (!NT_STATUS_IS_OK(pdb_add_sam_account(sam_account))) { 00533 DEBUG(1, ("SAM Account for %s failed to be added to the passdb!\n", 00534 account)); 00535 return NT_STATUS_ACCESS_DENIED; 00536 } 00537 } else { 00538 sam_account_from_delta(sam_account, delta); 00539 DEBUG(3, ("Attempting to update user SID %s for user %s in the passdb\n", 00540 sid_to_string(sid_string, &user_sid), pdb_get_username(sam_account))); 00541 if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_account))) { 00542 DEBUG(1, ("SAM Account for %s failed to be updated in the passdb!\n", 00543 account)); 00544 TALLOC_FREE(sam_account); 00545 return NT_STATUS_ACCESS_DENIED; 00546 } 00547 } 00548 00549 if (pdb_get_group_sid(sam_account) == NULL) { 00550 return NT_STATUS_UNSUCCESSFUL; 00551 } 00552 00553 group_sid = *pdb_get_group_sid(sam_account); 00554 00555 if (!pdb_getgrsid(&map, group_sid)) { 00556 DEBUG(0, ("Primary group of %s has no mapping!\n", 00557 pdb_get_username(sam_account))); 00558 } else { 00559 if (map.gid != passwd->pw_gid) { 00560 if (!(grp = getgrgid(map.gid))) { 00561 DEBUG(0, ("Could not find unix group %lu for user %s (group SID=%s)\n", 00562 (unsigned long)map.gid, pdb_get_username(sam_account), sid_string_static(&group_sid))); 00563 } else { 00564 smb_set_primary_group(grp->gr_name, pdb_get_username(sam_account)); 00565 } 00566 } 00567 } 00568 00569 if ( !passwd ) { 00570 DEBUG(1, ("No unix user for this account (%s), cannot adjust mappings\n", 00571 pdb_get_username(sam_account))); 00572 } 00573 00574 done: 00575 TALLOC_FREE(sam_account); 00576 return nt_ret; 00577 }
static NTSTATUS fetch_group_info | ( | uint32 | rid, | |
SAM_GROUP_INFO * | delta | |||
) | [static] |
net_rpc_samsync.c の 579 行で定義されています。
参照先 UNIHDR::buffer・_GROUP_MAP::comment・d_printf()・get_global_sam_sid()・_GROUP_MAP::gid・sam_group_info_info::hdr_grp_desc・name・_GROUP_MAP::nt_name・pdb_add_group_mapping_entry()・pdb_getgrsid()・pdb_update_group_mapping_entry()・_GROUP_MAP::sid・sid_append_rid()・sid_copy()・SID_NAME_DOM_GRP・_GROUP_MAP::sid_name_use・sid_to_string()・smb_create_group()・sam_group_info_info::uni_grp_desc・sam_group_info_info::uni_grp_name・unistr2_to_ascii().
参照元 fetch_sam_entry().
00580 { 00581 fstring name; 00582 fstring comment; 00583 struct group *grp = NULL; 00584 DOM_SID group_sid; 00585 fstring sid_string; 00586 GROUP_MAP map; 00587 BOOL insert = True; 00588 00589 unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1); 00590 unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1); 00591 00592 /* add the group to the mapping table */ 00593 sid_copy(&group_sid, get_global_sam_sid()); 00594 sid_append_rid(&group_sid, rid); 00595 sid_to_string(sid_string, &group_sid); 00596 00597 if (pdb_getgrsid(&map, group_sid)) { 00598 if ( map.gid != -1 ) 00599 grp = getgrgid(map.gid); 00600 insert = False; 00601 } 00602 00603 if (grp == NULL) { 00604 gid_t gid; 00605 00606 /* No group found from mapping, find it from its name. */ 00607 if ((grp = getgrnam(name)) == NULL) { 00608 00609 /* No appropriate group found, create one */ 00610 00611 d_printf("Creating unix group: '%s'\n", name); 00612 00613 if (smb_create_group(name, &gid) != 0) 00614 return NT_STATUS_ACCESS_DENIED; 00615 00616 if ((grp = getgrnam(name)) == NULL) 00617 return NT_STATUS_ACCESS_DENIED; 00618 } 00619 } 00620 00621 map.gid = grp->gr_gid; 00622 map.sid = group_sid; 00623 map.sid_name_use = SID_NAME_DOM_GRP; 00624 fstrcpy(map.nt_name, name); 00625 if (delta->hdr_grp_desc.buffer) { 00626 fstrcpy(map.comment, comment); 00627 } else { 00628 fstrcpy(map.comment, ""); 00629 } 00630 00631 if (insert) 00632 pdb_add_group_mapping_entry(&map); 00633 else 00634 pdb_update_group_mapping_entry(&map); 00635 00636 return NT_STATUS_OK; 00637 }
static NTSTATUS fetch_group_mem_info | ( | uint32 | rid, | |
SAM_GROUP_MEM_INFO * | delta | |||
) | [static] |
net_rpc_samsync.c の 639 行で定義されています。
参照先 d_printf()・get_domain_group_from_sid()・get_global_sam_sid()・_GROUP_MAP::gid・sam_group_mem_info_info::num_members・pdb_get_group_rid()・pdb_get_username()・pdb_getsampwsid()・sam_group_mem_info_info::rids・samu_new()・sid_append_rid()・sid_copy()・sid_string_static()・smb_add_user_group()・smb_delete_user_group()・t・talloc_free()・talloc_init()・talloc_strdup().
参照元 fetch_sam_entry().
00640 { 00641 int i; 00642 TALLOC_CTX *t = NULL; 00643 char **nt_members = NULL; 00644 char **unix_members; 00645 DOM_SID group_sid; 00646 GROUP_MAP map; 00647 struct group *grp; 00648 00649 if (delta->num_members == 0) { 00650 return NT_STATUS_OK; 00651 } 00652 00653 sid_copy(&group_sid, get_global_sam_sid()); 00654 sid_append_rid(&group_sid, rid); 00655 00656 if (!get_domain_group_from_sid(group_sid, &map)) { 00657 DEBUG(0, ("Could not find global group %d\n", rid)); 00658 return NT_STATUS_NO_SUCH_GROUP; 00659 } 00660 00661 if (!(grp = getgrgid(map.gid))) { 00662 DEBUG(0, ("Could not find unix group %lu\n", (unsigned long)map.gid)); 00663 return NT_STATUS_NO_SUCH_GROUP; 00664 } 00665 00666 d_printf("Group members of %s: ", grp->gr_name); 00667 00668 if (!(t = talloc_init("fetch_group_mem_info"))) { 00669 DEBUG(0, ("could not talloc_init\n")); 00670 return NT_STATUS_NO_MEMORY; 00671 } 00672 00673 if (delta->num_members) { 00674 if ((nt_members = TALLOC_ZERO_ARRAY(t, char *, delta->num_members)) == NULL) { 00675 DEBUG(0, ("talloc failed\n")); 00676 talloc_free(t); 00677 return NT_STATUS_NO_MEMORY; 00678 } 00679 } else { 00680 nt_members = NULL; 00681 } 00682 00683 for (i=0; i<delta->num_members; i++) { 00684 struct samu *member = NULL; 00685 DOM_SID member_sid; 00686 00687 if ( !(member = samu_new(t)) ) { 00688 talloc_destroy(t); 00689 return NT_STATUS_NO_MEMORY; 00690 } 00691 00692 sid_copy(&member_sid, get_global_sam_sid()); 00693 sid_append_rid(&member_sid, delta->rids[i]); 00694 00695 if (!pdb_getsampwsid(member, &member_sid)) { 00696 DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n", 00697 delta->rids[i], sid_string_static(&member_sid), grp->gr_name)); 00698 TALLOC_FREE(member); 00699 continue; 00700 } 00701 00702 if (pdb_get_group_rid(member) == rid) { 00703 d_printf("%s(primary),", pdb_get_username(member)); 00704 TALLOC_FREE(member); 00705 continue; 00706 } 00707 00708 d_printf("%s,", pdb_get_username(member)); 00709 nt_members[i] = talloc_strdup(t, pdb_get_username(member)); 00710 TALLOC_FREE(member); 00711 } 00712 00713 d_printf("\n"); 00714 00715 unix_members = grp->gr_mem; 00716 00717 while (*unix_members) { 00718 BOOL is_nt_member = False; 00719 for (i=0; i<delta->num_members; i++) { 00720 if (nt_members[i] == NULL) { 00721 /* This was a primary group */ 00722 continue; 00723 } 00724 00725 if (strcmp(*unix_members, nt_members[i]) == 0) { 00726 is_nt_member = True; 00727 break; 00728 } 00729 } 00730 if (!is_nt_member) { 00731 /* We look at a unix group member that is not 00732 an nt group member. So, remove it. NT is 00733 boss here. */ 00734 smb_delete_user_group(grp->gr_name, *unix_members); 00735 } 00736 unix_members += 1; 00737 } 00738 00739 for (i=0; i<delta->num_members; i++) { 00740 BOOL is_unix_member = False; 00741 00742 if (nt_members[i] == NULL) { 00743 /* This was the primary group */ 00744 continue; 00745 } 00746 00747 unix_members = grp->gr_mem; 00748 00749 while (*unix_members) { 00750 if (strcmp(*unix_members, nt_members[i]) == 0) { 00751 is_unix_member = True; 00752 break; 00753 } 00754 unix_members += 1; 00755 } 00756 00757 if (!is_unix_member) { 00758 /* We look at a nt group member that is not a 00759 unix group member currently. So, add the nt 00760 group member. */ 00761 smb_add_user_group(grp->gr_name, nt_members[i]); 00762 } 00763 } 00764 00765 talloc_destroy(t); 00766 return NT_STATUS_OK; 00767 }
static NTSTATUS fetch_alias_info | ( | uint32 | rid, | |
SAM_ALIAS_INFO * | delta, | |||
DOM_SID | dom_sid | |||
) | [static] |
net_rpc_samsync.c の 769 行で定義されています。
参照先 _GROUP_MAP::comment・d_printf()・_GROUP_MAP::gid・global_sid_Builtin・name・_GROUP_MAP::nt_name・pdb_add_group_mapping_entry()・pdb_getgrsid()・pdb_update_group_mapping_entry()・_GROUP_MAP::sid・sid_append_rid()・sid_copy()・sid_equal()・SID_NAME_ALIAS・_GROUP_MAP::sid_name_use・SID_NAME_WKN_GRP・sid_to_string()・smb_create_group()・sam_alias_info_info::uni_als_desc・sam_alias_info_info::uni_als_name・unistr2_to_ascii().
参照元 fetch_sam_entry().
00771 { 00772 fstring name; 00773 fstring comment; 00774 struct group *grp = NULL; 00775 DOM_SID alias_sid; 00776 fstring sid_string; 00777 GROUP_MAP map; 00778 BOOL insert = True; 00779 00780 unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1); 00781 unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1); 00782 00783 /* Find out whether the group is already mapped */ 00784 sid_copy(&alias_sid, &dom_sid); 00785 sid_append_rid(&alias_sid, rid); 00786 sid_to_string(sid_string, &alias_sid); 00787 00788 if (pdb_getgrsid(&map, alias_sid)) { 00789 grp = getgrgid(map.gid); 00790 insert = False; 00791 } 00792 00793 if (grp == NULL) { 00794 gid_t gid; 00795 00796 /* No group found from mapping, find it from its name. */ 00797 if ((grp = getgrnam(name)) == NULL) { 00798 /* No appropriate group found, create one */ 00799 d_printf("Creating unix group: '%s'\n", name); 00800 if (smb_create_group(name, &gid) != 0) 00801 return NT_STATUS_ACCESS_DENIED; 00802 if ((grp = getgrgid(gid)) == NULL) 00803 return NT_STATUS_ACCESS_DENIED; 00804 } 00805 } 00806 00807 map.gid = grp->gr_gid; 00808 map.sid = alias_sid; 00809 00810 if (sid_equal(&dom_sid, &global_sid_Builtin)) 00811 map.sid_name_use = SID_NAME_WKN_GRP; 00812 else 00813 map.sid_name_use = SID_NAME_ALIAS; 00814 00815 fstrcpy(map.nt_name, name); 00816 fstrcpy(map.comment, comment); 00817 00818 if (insert) 00819 pdb_add_group_mapping_entry(&map); 00820 else 00821 pdb_update_group_mapping_entry(&map); 00822 00823 return NT_STATUS_OK; 00824 }
static NTSTATUS fetch_alias_mem | ( | uint32 | rid, | |
SAM_ALIAS_MEM_INFO * | delta, | |||
DOM_SID | dom_sid | |||
) | [static] |
static NTSTATUS fetch_domain_info | ( | uint32 | rid, | |
SAM_DOMAIN_INFO * | delta | |||
) | [static] |
net_rpc_samsync.c の 831 行で定義されています。
参照先 sam_domain_info_info::account_lockout・account_lockout_string::bad_attempt_lockout・sam_domain_info_info::force_logoff・get_global_sam_name()・account_lockout_string::lockout_duration・sam_domain_info_info::logon_chgpass・sam_domain_info_info::max_pwd_age・sam_domain_info_info::min_pwd_age・sam_domain_info_info::min_pwd_len・pdb_set_account_policy()・printf()・sam_domain_info_info::pwd_history_len・account_lockout_string::reset_count・strequal()・uint64s_nt_time_to_unix_abs()・sam_domain_info_info::uni_dom_name・unistr2_to_ascii().
参照元 fetch_sam_entry().
00832 { 00833 time_t u_max_age, u_min_age, u_logout, u_lockoutreset, u_lockouttime; 00834 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; 00835 pstring domname; 00836 00837 u_max_age = uint64s_nt_time_to_unix_abs(&delta->max_pwd_age); 00838 u_min_age = uint64s_nt_time_to_unix_abs(&delta->min_pwd_age); 00839 u_logout = uint64s_nt_time_to_unix_abs(&delta->force_logoff); 00840 u_lockoutreset = uint64s_nt_time_to_unix_abs(&delta->account_lockout.reset_count); 00841 u_lockouttime = uint64s_nt_time_to_unix_abs(&delta->account_lockout.lockout_duration); 00842 00843 unistr2_to_ascii(domname, &delta->uni_dom_name, sizeof(domname) - 1); 00844 00845 /* we don't handle BUILTIN account policies */ 00846 if (!strequal(domname, get_global_sam_name())) { 00847 printf("skipping SAM_DOMAIN_INFO delta for '%s' (is not my domain)\n", domname); 00848 return NT_STATUS_OK; 00849 } 00850 00851 00852 if (!pdb_set_account_policy(AP_PASSWORD_HISTORY, delta->pwd_history_len)) 00853 return nt_status; 00854 00855 if (!pdb_set_account_policy(AP_MIN_PASSWORD_LEN, delta->min_pwd_len)) 00856 return nt_status; 00857 00858 if (!pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (uint32)u_max_age)) 00859 return nt_status; 00860 00861 if (!pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (uint32)u_min_age)) 00862 return nt_status; 00863 00864 if (!pdb_set_account_policy(AP_TIME_TO_LOGOUT, (uint32)u_logout)) 00865 return nt_status; 00866 00867 if (!pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, delta->account_lockout.bad_attempt_lockout)) 00868 return nt_status; 00869 00870 if (!pdb_set_account_policy(AP_RESET_COUNT_TIME, (uint32)u_lockoutreset/60)) 00871 return nt_status; 00872 00873 if (u_lockouttime != -1) 00874 u_lockouttime /= 60; 00875 00876 if (!pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (uint32)u_lockouttime)) 00877 return nt_status; 00878 00879 if (!pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, delta->logon_chgpass)) 00880 return nt_status; 00881 00882 return NT_STATUS_OK; 00883 }
static void fetch_sam_entry | ( | SAM_DELTA_HDR * | hdr_delta, | |
SAM_DELTA_CTR * | delta, | |||
DOM_SID | dom_sid | |||
) | [static] |
net_rpc_samsync.c の 886 行で定義されています。
参照先 sam_delta_ctr_info::account_info・sam_delta_ctr_info::alias_info・sam_delta_ctr_info::als_mem_info・d_printf()・sam_delta_ctr_info::domain_info・fetch_account_info()・fetch_alias_info()・fetch_alias_mem()・fetch_domain_info()・fetch_group_info()・fetch_group_mem_info()・sam_delta_ctr_info::group_info・sam_delta_ctr_info::grp_mem_info・sam_delta_hdr_info::target_rid・sam_delta_hdr_info::type.
参照元 fetch_database().
00888 { 00889 switch(hdr_delta->type) { 00890 case SAM_DELTA_ACCOUNT_INFO: 00891 fetch_account_info(hdr_delta->target_rid, 00892 &delta->account_info); 00893 break; 00894 case SAM_DELTA_GROUP_INFO: 00895 fetch_group_info(hdr_delta->target_rid, 00896 &delta->group_info); 00897 break; 00898 case SAM_DELTA_GROUP_MEM: 00899 fetch_group_mem_info(hdr_delta->target_rid, 00900 &delta->grp_mem_info); 00901 break; 00902 case SAM_DELTA_ALIAS_INFO: 00903 fetch_alias_info(hdr_delta->target_rid, 00904 &delta->alias_info, dom_sid); 00905 break; 00906 case SAM_DELTA_ALIAS_MEM: 00907 fetch_alias_mem(hdr_delta->target_rid, 00908 &delta->als_mem_info, dom_sid); 00909 break; 00910 case SAM_DELTA_DOMAIN_INFO: 00911 fetch_domain_info(hdr_delta->target_rid, 00912 &delta->domain_info); 00913 break; 00914 /* The following types are recognised but not handled */ 00915 case SAM_DELTA_RENAME_GROUP: 00916 d_printf("SAM_DELTA_RENAME_GROUP not handled\n"); 00917 break; 00918 case SAM_DELTA_RENAME_USER: 00919 d_printf("SAM_DELTA_RENAME_USER not handled\n"); 00920 break; 00921 case SAM_DELTA_RENAME_ALIAS: 00922 d_printf("SAM_DELTA_RENAME_ALIAS not handled\n"); 00923 break; 00924 case SAM_DELTA_POLICY_INFO: 00925 d_printf("SAM_DELTA_POLICY_INFO not handled\n"); 00926 break; 00927 case SAM_DELTA_TRUST_DOMS: 00928 d_printf("SAM_DELTA_TRUST_DOMS not handled\n"); 00929 break; 00930 case SAM_DELTA_PRIVS_INFO: 00931 d_printf("SAM_DELTA_PRIVS_INFO not handled\n"); 00932 break; 00933 case SAM_DELTA_SECRET_INFO: 00934 d_printf("SAM_DELTA_SECRET_INFO not handled\n"); 00935 break; 00936 case SAM_DELTA_DELETE_GROUP: 00937 d_printf("SAM_DELTA_DELETE_GROUP not handled\n"); 00938 break; 00939 case SAM_DELTA_DELETE_USER: 00940 d_printf("SAM_DELTA_DELETE_USER not handled\n"); 00941 break; 00942 case SAM_DELTA_MODIFIED_COUNT: 00943 d_printf("SAM_DELTA_MODIFIED_COUNT not handled\n"); 00944 break; 00945 default: 00946 d_printf("Unknown delta record type %d\n", hdr_delta->type); 00947 break; 00948 } 00949 }
static NTSTATUS fetch_database | ( | struct rpc_pipe_client * | pipe_hnd, | |
uint32 | db_type, | |||
DOM_SID | dom_sid | |||
) | [static] |
net_rpc_samsync.c の 951 行で定義されています。
参照先 d_printf()・fetch_sam_entry()・result・rpccli_netlogon_sam_sync()・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・SAM_DATABASE_PRIVS・talloc_init().
00952 { 00953 uint32 sync_context = 0; 00954 NTSTATUS result; 00955 int i; 00956 TALLOC_CTX *mem_ctx; 00957 SAM_DELTA_HDR *hdr_deltas; 00958 SAM_DELTA_CTR *deltas; 00959 uint32 num_deltas; 00960 00961 if (!(mem_ctx = talloc_init("fetch_database"))) 00962 return NT_STATUS_NO_MEMORY; 00963 00964 switch( db_type ) { 00965 case SAM_DATABASE_DOMAIN: 00966 d_printf("Fetching DOMAIN database\n"); 00967 break; 00968 case SAM_DATABASE_BUILTIN: 00969 d_printf("Fetching BUILTIN database\n"); 00970 break; 00971 case SAM_DATABASE_PRIVS: 00972 d_printf("Fetching PRIVS databases\n"); 00973 break; 00974 default: 00975 d_printf("Fetching unknown database type %u\n", db_type ); 00976 break; 00977 } 00978 00979 do { 00980 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, 00981 db_type, sync_context, 00982 &num_deltas, 00983 &hdr_deltas, &deltas); 00984 00985 if (NT_STATUS_IS_OK(result) || 00986 NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { 00987 for (i = 0; i < num_deltas; i++) { 00988 fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid); 00989 } 00990 } else 00991 return result; 00992 00993 sync_context += 1; 00994 } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); 00995 00996 talloc_destroy(mem_ctx); 00997 00998 return result; 00999 }
static NTSTATUS populate_ldap_for_ldif | ( | fstring | sid, | |
const char * | suffix, | |||
const char * | builtin_sid, | |||
FILE * | add_fd | |||
) | [static] |
net_rpc_samsync.c の 1001 行で定義されています。
参照先 fprintf()・ldif_gid・ldif_uid・len・lp_ldap_group_suffix()・lp_ldap_idmap_suffix()・lp_ldap_machine_suffix()・lp_ldap_user_suffix()・lp_workgroup()・sstring_sub().
01003 { 01004 const char *user_suffix, *group_suffix, *machine_suffix, *idmap_suffix; 01005 char *user_attr=NULL, *group_attr=NULL; 01006 char *suffix_attr; 01007 int len; 01008 01009 /* Get the suffix attribute */ 01010 suffix_attr = sstring_sub(suffix, '=', ','); 01011 if (suffix_attr == NULL) { 01012 len = strlen(suffix); 01013 suffix_attr = (char*)SMB_MALLOC(len+1); 01014 memcpy(suffix_attr, suffix, len); 01015 suffix_attr[len] = '\0'; 01016 } 01017 01018 /* Write the base */ 01019 fprintf(add_fd, "# %s\n", suffix); 01020 fprintf(add_fd, "dn: %s\n", suffix); 01021 fprintf(add_fd, "objectClass: dcObject\n"); 01022 fprintf(add_fd, "objectClass: organization\n"); 01023 fprintf(add_fd, "o: %s\n", suffix_attr); 01024 fprintf(add_fd, "dc: %s\n", suffix_attr); 01025 fprintf(add_fd, "\n"); 01026 fflush(add_fd); 01027 01028 user_suffix = lp_ldap_user_suffix(); 01029 if (user_suffix == NULL) { 01030 SAFE_FREE(suffix_attr); 01031 return NT_STATUS_NO_MEMORY; 01032 } 01033 /* If it exists and is distinct from other containers, 01034 Write the Users entity */ 01035 if (*user_suffix && strcmp(user_suffix, suffix)) { 01036 user_attr = sstring_sub(lp_ldap_user_suffix(), '=', ','); 01037 fprintf(add_fd, "# %s\n", user_suffix); 01038 fprintf(add_fd, "dn: %s\n", user_suffix); 01039 fprintf(add_fd, "objectClass: organizationalUnit\n"); 01040 fprintf(add_fd, "ou: %s\n", user_attr); 01041 fprintf(add_fd, "\n"); 01042 fflush(add_fd); 01043 } 01044 01045 01046 group_suffix = lp_ldap_group_suffix(); 01047 if (group_suffix == NULL) { 01048 SAFE_FREE(suffix_attr); 01049 SAFE_FREE(user_attr); 01050 return NT_STATUS_NO_MEMORY; 01051 } 01052 /* If it exists and is distinct from other containers, 01053 Write the Groups entity */ 01054 if (*group_suffix && strcmp(group_suffix, suffix)) { 01055 group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); 01056 fprintf(add_fd, "# %s\n", group_suffix); 01057 fprintf(add_fd, "dn: %s\n", group_suffix); 01058 fprintf(add_fd, "objectClass: organizationalUnit\n"); 01059 fprintf(add_fd, "ou: %s\n", group_attr); 01060 fprintf(add_fd, "\n"); 01061 fflush(add_fd); 01062 } 01063 01064 /* If it exists and is distinct from other containers, 01065 Write the Computers entity */ 01066 machine_suffix = lp_ldap_machine_suffix(); 01067 if (machine_suffix == NULL) { 01068 SAFE_FREE(suffix_attr); 01069 SAFE_FREE(user_attr); 01070 SAFE_FREE(group_attr); 01071 return NT_STATUS_NO_MEMORY; 01072 } 01073 if (*machine_suffix && strcmp(machine_suffix, user_suffix) && 01074 strcmp(machine_suffix, suffix)) { 01075 char *machine_ou = NULL; 01076 fprintf(add_fd, "# %s\n", machine_suffix); 01077 fprintf(add_fd, "dn: %s\n", machine_suffix); 01078 fprintf(add_fd, "objectClass: organizationalUnit\n"); 01079 /* this isn't totally correct as it assumes that 01080 there _must_ be an ou. just fixing memleak now. jmcd */ 01081 machine_ou = sstring_sub(lp_ldap_machine_suffix(), '=', ','); 01082 fprintf(add_fd, "ou: %s\n", machine_ou); 01083 SAFE_FREE(machine_ou); 01084 fprintf(add_fd, "\n"); 01085 fflush(add_fd); 01086 } 01087 01088 /* If it exists and is distinct from other containers, 01089 Write the IdMap entity */ 01090 idmap_suffix = lp_ldap_idmap_suffix(); 01091 if (idmap_suffix == NULL) { 01092 SAFE_FREE(suffix_attr); 01093 SAFE_FREE(user_attr); 01094 SAFE_FREE(group_attr); 01095 return NT_STATUS_NO_MEMORY; 01096 } 01097 if (*idmap_suffix && 01098 strcmp(idmap_suffix, user_suffix) && 01099 strcmp(idmap_suffix, suffix)) { 01100 char *s; 01101 fprintf(add_fd, "# %s\n", idmap_suffix); 01102 fprintf(add_fd, "dn: %s\n", idmap_suffix); 01103 fprintf(add_fd, "ObjectClass: organizationalUnit\n"); 01104 s = sstring_sub(lp_ldap_idmap_suffix(), '=', ','); 01105 fprintf(add_fd, "ou: %s\n", s); 01106 SAFE_FREE(s); 01107 fprintf(add_fd, "\n"); 01108 fflush(add_fd); 01109 } 01110 01111 /* Write the domain entity */ 01112 fprintf(add_fd, "# %s, %s\n", lp_workgroup(), suffix); 01113 fprintf(add_fd, "dn: sambaDomainName=%s,%s\n", lp_workgroup(), 01114 suffix); 01115 fprintf(add_fd, "objectClass: sambaDomain\n"); 01116 fprintf(add_fd, "objectClass: sambaUnixIdPool\n"); 01117 fprintf(add_fd, "sambaDomainName: %s\n", lp_workgroup()); 01118 fprintf(add_fd, "sambaSID: %s\n", sid); 01119 fprintf(add_fd, "uidNumber: %d\n", ++ldif_uid); 01120 fprintf(add_fd, "gidNumber: %d\n", ++ldif_gid); 01121 fprintf(add_fd, "\n"); 01122 fflush(add_fd); 01123 01124 /* Write the Domain Admins entity */ 01125 fprintf(add_fd, "# Domain Admins, %s, %s\n", group_attr, 01126 suffix); 01127 fprintf(add_fd, "dn: cn=Domain Admins,ou=%s,%s\n", group_attr, 01128 suffix); 01129 fprintf(add_fd, "objectClass: posixGroup\n"); 01130 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01131 fprintf(add_fd, "cn: Domain Admins\n"); 01132 fprintf(add_fd, "memberUid: Administrator\n"); 01133 fprintf(add_fd, "description: Netbios Domain Administrators\n"); 01134 fprintf(add_fd, "gidNumber: 512\n"); 01135 fprintf(add_fd, "sambaSID: %s-512\n", sid); 01136 fprintf(add_fd, "sambaGroupType: 2\n"); 01137 fprintf(add_fd, "displayName: Domain Admins\n"); 01138 fprintf(add_fd, "\n"); 01139 fflush(add_fd); 01140 01141 /* Write the Domain Users entity */ 01142 fprintf(add_fd, "# Domain Users, %s, %s\n", group_attr, 01143 suffix); 01144 fprintf(add_fd, "dn: cn=Domain Users,ou=%s,%s\n", group_attr, 01145 suffix); 01146 fprintf(add_fd, "objectClass: posixGroup\n"); 01147 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01148 fprintf(add_fd, "cn: Domain Users\n"); 01149 fprintf(add_fd, "description: Netbios Domain Users\n"); 01150 fprintf(add_fd, "gidNumber: 513\n"); 01151 fprintf(add_fd, "sambaSID: %s-513\n", sid); 01152 fprintf(add_fd, "sambaGroupType: 2\n"); 01153 fprintf(add_fd, "displayName: Domain Users\n"); 01154 fprintf(add_fd, "\n"); 01155 fflush(add_fd); 01156 01157 /* Write the Domain Guests entity */ 01158 fprintf(add_fd, "# Domain Guests, %s, %s\n", group_attr, 01159 suffix); 01160 fprintf(add_fd, "dn: cn=Domain Guests,ou=%s,%s\n", group_attr, 01161 suffix); 01162 fprintf(add_fd, "objectClass: posixGroup\n"); 01163 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01164 fprintf(add_fd, "cn: Domain Guests\n"); 01165 fprintf(add_fd, "description: Netbios Domain Guests\n"); 01166 fprintf(add_fd, "gidNumber: 514\n"); 01167 fprintf(add_fd, "sambaSID: %s-514\n", sid); 01168 fprintf(add_fd, "sambaGroupType: 2\n"); 01169 fprintf(add_fd, "displayName: Domain Guests\n"); 01170 fprintf(add_fd, "\n"); 01171 fflush(add_fd); 01172 01173 /* Write the Domain Computers entity */ 01174 fprintf(add_fd, "# Domain Computers, %s, %s\n", group_attr, 01175 suffix); 01176 fprintf(add_fd, "dn: cn=Domain Computers,ou=%s,%s\n", 01177 group_attr, suffix); 01178 fprintf(add_fd, "objectClass: posixGroup\n"); 01179 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01180 fprintf(add_fd, "gidNumber: 515\n"); 01181 fprintf(add_fd, "cn: Domain Computers\n"); 01182 fprintf(add_fd, "description: Netbios Domain Computers accounts\n"); 01183 fprintf(add_fd, "sambaSID: %s-515\n", sid); 01184 fprintf(add_fd, "sambaGroupType: 2\n"); 01185 fprintf(add_fd, "displayName: Domain Computers\n"); 01186 fprintf(add_fd, "\n"); 01187 fflush(add_fd); 01188 01189 /* Write the Admininistrators Groups entity */ 01190 fprintf(add_fd, "# Administrators, %s, %s\n", group_attr, 01191 suffix); 01192 fprintf(add_fd, "dn: cn=Administrators,ou=%s,%s\n", group_attr, 01193 suffix); 01194 fprintf(add_fd, "objectClass: posixGroup\n"); 01195 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01196 fprintf(add_fd, "gidNumber: 544\n"); 01197 fprintf(add_fd, "cn: Administrators\n"); 01198 fprintf(add_fd, "description: Netbios Domain Members can fully administer the computer/sambaDomainName\n"); 01199 fprintf(add_fd, "sambaSID: %s-544\n", builtin_sid); 01200 fprintf(add_fd, "sambaGroupType: 5\n"); 01201 fprintf(add_fd, "displayName: Administrators\n"); 01202 fprintf(add_fd, "\n"); 01203 01204 /* Write the Print Operator entity */ 01205 fprintf(add_fd, "# Print Operators, %s, %s\n", group_attr, 01206 suffix); 01207 fprintf(add_fd, "dn: cn=Print Operators,ou=%s,%s\n", 01208 group_attr, suffix); 01209 fprintf(add_fd, "objectClass: posixGroup\n"); 01210 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01211 fprintf(add_fd, "gidNumber: 550\n"); 01212 fprintf(add_fd, "cn: Print Operators\n"); 01213 fprintf(add_fd, "description: Netbios Domain Print Operators\n"); 01214 fprintf(add_fd, "sambaSID: %s-550\n", builtin_sid); 01215 fprintf(add_fd, "sambaGroupType: 5\n"); 01216 fprintf(add_fd, "displayName: Print Operators\n"); 01217 fprintf(add_fd, "\n"); 01218 fflush(add_fd); 01219 01220 /* Write the Backup Operators entity */ 01221 fprintf(add_fd, "# Backup Operators, %s, %s\n", group_attr, 01222 suffix); 01223 fprintf(add_fd, "dn: cn=Backup Operators,ou=%s,%s\n", 01224 group_attr, suffix); 01225 fprintf(add_fd, "objectClass: posixGroup\n"); 01226 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01227 fprintf(add_fd, "gidNumber: 551\n"); 01228 fprintf(add_fd, "cn: Backup Operators\n"); 01229 fprintf(add_fd, "description: Netbios Domain Members can bypass file security to back up files\n"); 01230 fprintf(add_fd, "sambaSID: %s-551\n", builtin_sid); 01231 fprintf(add_fd, "sambaGroupType: 5\n"); 01232 fprintf(add_fd, "displayName: Backup Operators\n"); 01233 fprintf(add_fd, "\n"); 01234 fflush(add_fd); 01235 01236 /* Write the Replicators entity */ 01237 fprintf(add_fd, "# Replicators, %s, %s\n", group_attr, suffix); 01238 fprintf(add_fd, "dn: cn=Replicators,ou=%s,%s\n", group_attr, 01239 suffix); 01240 fprintf(add_fd, "objectClass: posixGroup\n"); 01241 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01242 fprintf(add_fd, "gidNumber: 552\n"); 01243 fprintf(add_fd, "cn: Replicators\n"); 01244 fprintf(add_fd, "description: Netbios Domain Supports file replication in a sambaDomainName\n"); 01245 fprintf(add_fd, "sambaSID: %s-552\n", builtin_sid); 01246 fprintf(add_fd, "sambaGroupType: 5\n"); 01247 fprintf(add_fd, "displayName: Replicators\n"); 01248 fprintf(add_fd, "\n"); 01249 fflush(add_fd); 01250 01251 /* Deallocate memory, and return */ 01252 SAFE_FREE(suffix_attr); 01253 SAFE_FREE(user_attr); 01254 SAFE_FREE(group_attr); 01255 return NT_STATUS_OK; 01256 }
static NTSTATUS map_populate_groups | ( | GROUPMAP * | groupmap, | |
ACCOUNTMAP * | accountmap, | |||
fstring | sid, | |||
const char * | suffix, | |||
const char * | builtin_sid | |||
) | [static] |
net_rpc_samsync.c の 1258 行で定義されています。
参照先 _groupmap::gidNumber・lp_ldap_group_suffix()・pstr_sprintf()・_accountmap::rid・_groupmap::rid・sstring_sub().
01260 { 01261 char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); 01262 01263 /* Map the groups created by populate_ldap_for_ldif */ 01264 groupmap[0].rid = 512; 01265 groupmap[0].gidNumber = 512; 01266 pstr_sprintf(groupmap[0].sambaSID, "%s-512", sid); 01267 pstr_sprintf(groupmap[0].group_dn, "cn=Domain Admins,ou=%s,%s", 01268 group_attr, suffix); 01269 accountmap[0].rid = 512; 01270 pstr_sprintf(accountmap[0].cn, "%s", "Domain Admins"); 01271 01272 groupmap[1].rid = 513; 01273 groupmap[1].gidNumber = 513; 01274 pstr_sprintf(groupmap[1].sambaSID, "%s-513", sid); 01275 pstr_sprintf(groupmap[1].group_dn, "cn=Domain Users,ou=%s,%s", 01276 group_attr, suffix); 01277 accountmap[1].rid = 513; 01278 pstr_sprintf(accountmap[1].cn, "%s", "Domain Users"); 01279 01280 groupmap[2].rid = 514; 01281 groupmap[2].gidNumber = 514; 01282 pstr_sprintf(groupmap[2].sambaSID, "%s-514", sid); 01283 pstr_sprintf(groupmap[2].group_dn, "cn=Domain Guests,ou=%s,%s", 01284 group_attr, suffix); 01285 accountmap[2].rid = 514; 01286 pstr_sprintf(accountmap[2].cn, "%s", "Domain Guests"); 01287 01288 groupmap[3].rid = 515; 01289 groupmap[3].gidNumber = 515; 01290 pstr_sprintf(groupmap[3].sambaSID, "%s-515", sid); 01291 pstr_sprintf(groupmap[3].group_dn, "cn=Domain Computers,ou=%s,%s", 01292 group_attr, suffix); 01293 accountmap[3].rid = 515; 01294 pstr_sprintf(accountmap[3].cn, "%s", "Domain Computers"); 01295 01296 groupmap[4].rid = 544; 01297 groupmap[4].gidNumber = 544; 01298 pstr_sprintf(groupmap[4].sambaSID, "%s-544", builtin_sid); 01299 pstr_sprintf(groupmap[4].group_dn, "cn=Administrators,ou=%s,%s", 01300 group_attr, suffix); 01301 accountmap[4].rid = 515; 01302 pstr_sprintf(accountmap[4].cn, "%s", "Administrators"); 01303 01304 groupmap[5].rid = 550; 01305 groupmap[5].gidNumber = 550; 01306 pstr_sprintf(groupmap[5].sambaSID, "%s-550", builtin_sid); 01307 pstr_sprintf(groupmap[5].group_dn, "cn=Print Operators,ou=%s,%s", 01308 group_attr, suffix); 01309 accountmap[5].rid = 550; 01310 pstr_sprintf(accountmap[5].cn, "%s", "Print Operators"); 01311 01312 groupmap[6].rid = 551; 01313 groupmap[6].gidNumber = 551; 01314 pstr_sprintf(groupmap[6].sambaSID, "%s-551", builtin_sid); 01315 pstr_sprintf(groupmap[6].group_dn, "cn=Backup Operators,ou=%s,%s", 01316 group_attr, suffix); 01317 accountmap[6].rid = 551; 01318 pstr_sprintf(accountmap[6].cn, "%s", "Backup Operators"); 01319 01320 groupmap[7].rid = 552; 01321 groupmap[7].gidNumber = 552; 01322 pstr_sprintf(groupmap[7].sambaSID, "%s-552", builtin_sid); 01323 pstr_sprintf(groupmap[7].group_dn, "cn=Replicators,ou=%s,%s", 01324 group_attr, suffix); 01325 accountmap[7].rid = 551; 01326 pstr_sprintf(accountmap[7].cn, "%s", "Replicators"); 01327 SAFE_FREE(group_attr); 01328 return NT_STATUS_OK; 01329 }
static int fprintf_attr | ( | FILE * | add_fd, | |
const char * | attr_name, | |||
const char * | fmt, | |||
... | ||||
) | [static] |
net_rpc_samsync.c の 1336 行で定義されています。
参照先 base64_encode_data_blob()・data_blob_::data・fprintf()・data_blob_::length・talloc_vasprintf().
参照元 fetch_account_info_to_ldif()・fetch_alias_info_to_ldif()・fetch_group_info_to_ldif().
01338 { 01339 va_list ap; 01340 char *value, *p, *base64; 01341 DATA_BLOB base64_blob; 01342 BOOL do_base64 = False; 01343 int res; 01344 01345 va_start(ap, fmt); 01346 value = talloc_vasprintf(NULL, fmt, ap); 01347 va_end(ap); 01348 01349 SMB_ASSERT(value != NULL); 01350 01351 for (p=value; *p; p++) { 01352 if (*p & 0x80) { 01353 do_base64 = True; 01354 break; 01355 } 01356 } 01357 01358 if (!do_base64) { 01359 BOOL only_whitespace = True; 01360 for (p=value; *p; p++) { 01361 /* 01362 * I know that this not multibyte safe, but we break 01363 * on the first non-whitespace character anyway. 01364 */ 01365 if (!isspace(*p)) { 01366 only_whitespace = False; 01367 break; 01368 } 01369 } 01370 if (only_whitespace) { 01371 do_base64 = True; 01372 } 01373 } 01374 01375 if (!do_base64) { 01376 res = fprintf(add_fd, "%s: %s\n", attr_name, value); 01377 TALLOC_FREE(value); 01378 return res; 01379 } 01380 01381 base64_blob.data = (unsigned char *)value; 01382 base64_blob.length = strlen(value); 01383 01384 base64 = base64_encode_data_blob(base64_blob); 01385 SMB_ASSERT(base64 != NULL); 01386 01387 res = fprintf(add_fd, "%s:: %s\n", attr_name, base64); 01388 TALLOC_FREE(value); 01389 SAFE_FREE(base64); 01390 return res; 01391 }
static NTSTATUS fetch_group_info_to_ldif | ( | SAM_DELTA_CTR * | delta, | |
GROUPMAP * | groupmap, | |||
FILE * | add_fd, | |||
fstring | sid, | |||
char * | suffix | |||
) | [static] |
net_rpc_samsync.c の 1393 行で定義されています。
参照先 fprintf()・fprintf_attr()・DOM_GID::g_rid・sam_group_info_info::gid・_groupmap::gidNumber・_groupmap::group_dn・sam_delta_ctr_info::group_info・ldif_gid・lp_ldap_group_suffix()・pstr_sprintf()・_groupmap::rid・_groupmap::sambaSID・sstring_sub()・sam_group_info_info::uni_grp_name・unistr2_to_ascii().
01395 { 01396 fstring groupname; 01397 uint32 grouptype = 0, g_rid = 0; 01398 char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); 01399 01400 /* Get the group name */ 01401 unistr2_to_ascii(groupname, 01402 &(delta->group_info.uni_grp_name), 01403 sizeof(groupname)-1); 01404 01405 /* Set up the group type (always 2 for group info) */ 01406 grouptype = 2; 01407 01408 /* These groups are entered by populate_ldap_for_ldif */ 01409 if (strcmp(groupname, "Domain Admins") == 0 || 01410 strcmp(groupname, "Domain Users") == 0 || 01411 strcmp(groupname, "Domain Guests") == 0 || 01412 strcmp(groupname, "Domain Computers") == 0 || 01413 strcmp(groupname, "Administrators") == 0 || 01414 strcmp(groupname, "Print Operators") == 0 || 01415 strcmp(groupname, "Backup Operators") == 0 || 01416 strcmp(groupname, "Replicators") == 0) { 01417 SAFE_FREE(group_attr); 01418 return NT_STATUS_OK; 01419 } else { 01420 /* Increment the gid for the new group */ 01421 ldif_gid++; 01422 } 01423 01424 /* Map the group rid, gid, and dn */ 01425 g_rid = delta->group_info.gid.g_rid; 01426 groupmap->rid = g_rid; 01427 groupmap->gidNumber = ldif_gid; 01428 pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid); 01429 pstr_sprintf(groupmap->group_dn, 01430 "cn=%s,ou=%s,%s", groupname, group_attr, suffix); 01431 01432 /* Write the data to the temporary add ldif file */ 01433 fprintf(add_fd, "# %s, %s, %s\n", groupname, group_attr, 01434 suffix); 01435 fprintf_attr(add_fd, "dn", "cn=%s,ou=%s,%s", groupname, group_attr, 01436 suffix); 01437 fprintf(add_fd, "objectClass: posixGroup\n"); 01438 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01439 fprintf_attr(add_fd, "cn", "%s", groupname); 01440 fprintf(add_fd, "gidNumber: %d\n", ldif_gid); 01441 fprintf(add_fd, "sambaSID: %s\n", groupmap->sambaSID); 01442 fprintf(add_fd, "sambaGroupType: %d\n", grouptype); 01443 fprintf_attr(add_fd, "displayName", "%s", groupname); 01444 fprintf(add_fd, "\n"); 01445 fflush(add_fd); 01446 01447 SAFE_FREE(group_attr); 01448 /* Return */ 01449 return NT_STATUS_OK; 01450 }
static NTSTATUS fetch_account_info_to_ldif | ( | SAM_DELTA_CTR * | delta, | |
GROUPMAP * | groupmap, | |||
ACCOUNTMAP * | accountmap, | |||
FILE * | add_fd, | |||
fstring | sid, | |||
char * | suffix, | |||
int | alloced | |||
) | [static] |
net_rpc_samsync.c の 1452 行で定義されています。
参照先 sam_account_info_info::acb_info・sam_delta_ctr_info::account_info・sam_passwd_info::buf_lm_pwd・sam_passwd_info::buf_nt_pwd・_accountmap::cn・description・flags・fprintf()・fprintf_attr()・_groupmap::gidNumber・sam_account_info_info::group_rid・ldif_uid・lp_ldap_machine_suffix()・lp_ldap_user_suffix()・nt_time_to_unix()・sam_account_info_info::pass・pdb_encode_acct_ctrl()・pdb_sethexpwd()・pstr_sprintf()・sam_account_info_info::pwd_last_set_time・_accountmap::rid・sam_pwd_hash()・sstring_sub()・sam_account_info_info::uni_acct_desc・sam_account_info_info::uni_acct_name・sam_account_info_info::uni_dir_drive・sam_account_info_info::uni_full_name・sam_account_info_info::uni_home_dir・sam_account_info_info::uni_logon_script・sam_account_info_info::uni_profile・unistr2_to_ascii()・sam_account_info_info::user_rid・username.
01458 { 01459 fstring username, logonscript, homedrive, homepath = "", homedir = ""; 01460 fstring hex_nt_passwd, hex_lm_passwd; 01461 fstring description, profilepath, fullname, sambaSID; 01462 uchar lm_passwd[16], nt_passwd[16]; 01463 char *flags, *user_rdn; 01464 const char *ou; 01465 const char* nopasswd = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; 01466 static uchar zero_buf[16]; 01467 uint32 rid = 0, group_rid = 0, gidNumber = 0; 01468 time_t unix_time; 01469 int i; 01470 01471 /* Get the username */ 01472 unistr2_to_ascii(username, 01473 &(delta->account_info.uni_acct_name), 01474 sizeof(username)-1); 01475 01476 /* Get the rid */ 01477 rid = delta->account_info.user_rid; 01478 01479 /* Map the rid and username for group member info later */ 01480 accountmap->rid = rid; 01481 pstr_sprintf(accountmap->cn, "%s", username); 01482 01483 /* Get the home directory */ 01484 if (delta->account_info.acb_info & ACB_NORMAL) { 01485 unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir), 01486 sizeof(homedir)-1); 01487 if (!*homedir) { 01488 pstr_sprintf(homedir, "/home/%s", username); 01489 } else { 01490 pstr_sprintf(homedir, "/nobodyshomedir"); 01491 } 01492 ou = lp_ldap_user_suffix(); 01493 } else { 01494 ou = lp_ldap_machine_suffix(); 01495 pstr_sprintf(homedir, "/machinehomedir"); 01496 } 01497 01498 /* Get the logon script */ 01499 unistr2_to_ascii(logonscript, &(delta->account_info.uni_logon_script), 01500 sizeof(logonscript)-1); 01501 01502 /* Get the home drive */ 01503 unistr2_to_ascii(homedrive, &(delta->account_info.uni_dir_drive), 01504 sizeof(homedrive)-1); 01505 01506 /* Get the home path */ 01507 unistr2_to_ascii(homepath, &(delta->account_info.uni_home_dir), 01508 sizeof(homepath)-1); 01509 01510 /* Get the description */ 01511 unistr2_to_ascii(description, &(delta->account_info.uni_acct_desc), 01512 sizeof(description)-1); 01513 01514 /* Get the display name */ 01515 unistr2_to_ascii(fullname, &(delta->account_info.uni_full_name), 01516 sizeof(fullname)-1); 01517 01518 /* Get the profile path */ 01519 unistr2_to_ascii(profilepath, &(delta->account_info.uni_profile), 01520 sizeof(profilepath)-1); 01521 01522 /* Get lm and nt password data */ 01523 if (memcmp(delta->account_info.pass.buf_lm_pwd, zero_buf, 16) != 0) { 01524 sam_pwd_hash(delta->account_info.user_rid, 01525 delta->account_info.pass.buf_lm_pwd, 01526 lm_passwd, 0); 01527 pdb_sethexpwd(hex_lm_passwd, lm_passwd, 01528 delta->account_info.acb_info); 01529 } else { 01530 pdb_sethexpwd(hex_lm_passwd, NULL, 0); 01531 } 01532 if (memcmp(delta->account_info.pass.buf_nt_pwd, zero_buf, 16) != 0) { 01533 sam_pwd_hash(delta->account_info.user_rid, 01534 delta->account_info.pass.buf_nt_pwd, 01535 nt_passwd, 0); 01536 pdb_sethexpwd(hex_nt_passwd, nt_passwd, 01537 delta->account_info.acb_info); 01538 } else { 01539 pdb_sethexpwd(hex_nt_passwd, NULL, 0); 01540 } 01541 unix_time = nt_time_to_unix(delta->account_info.pwd_last_set_time); 01542 01543 /* Increment the uid for the new user */ 01544 ldif_uid++; 01545 01546 /* Set up group id and sambaSID for the user */ 01547 group_rid = delta->account_info.group_rid; 01548 for (i=0; i<alloced; i++) { 01549 if (groupmap[i].rid == group_rid) break; 01550 } 01551 if (i == alloced){ 01552 DEBUG(1, ("Could not find rid %d in groupmap array\n", 01553 group_rid)); 01554 return NT_STATUS_UNSUCCESSFUL; 01555 } 01556 gidNumber = groupmap[i].gidNumber; 01557 pstr_sprintf(sambaSID, groupmap[i].sambaSID); 01558 01559 /* Set up sambaAcctFlags */ 01560 flags = pdb_encode_acct_ctrl(delta->account_info.acb_info, 01561 NEW_PW_FORMAT_SPACE_PADDED_LEN); 01562 01563 /* Add the user to the temporary add ldif file */ 01564 /* this isn't quite right...we can't assume there's just OU=. jmcd */ 01565 user_rdn = sstring_sub(ou, '=', ','); 01566 fprintf(add_fd, "# %s, %s, %s\n", username, user_rdn, suffix); 01567 fprintf_attr(add_fd, "dn", "uid=%s,ou=%s,%s", username, user_rdn, 01568 suffix); 01569 SAFE_FREE(user_rdn); 01570 fprintf(add_fd, "ObjectClass: top\n"); 01571 fprintf(add_fd, "objectClass: inetOrgPerson\n"); 01572 fprintf(add_fd, "objectClass: posixAccount\n"); 01573 fprintf(add_fd, "objectClass: shadowAccount\n"); 01574 fprintf(add_fd, "objectClass: sambaSamAccount\n"); 01575 fprintf_attr(add_fd, "cn", "%s", username); 01576 fprintf_attr(add_fd, "sn", "%s", username); 01577 fprintf_attr(add_fd, "uid", "%s", username); 01578 fprintf(add_fd, "uidNumber: %d\n", ldif_uid); 01579 fprintf(add_fd, "gidNumber: %d\n", gidNumber); 01580 fprintf_attr(add_fd, "homeDirectory", "%s", homedir); 01581 if (*homepath) 01582 fprintf_attr(add_fd, "sambaHomePath", "%s", homepath); 01583 if (*homedrive) 01584 fprintf_attr(add_fd, "sambaHomeDrive", "%s", homedrive); 01585 if (*logonscript) 01586 fprintf_attr(add_fd, "sambaLogonScript", "%s", logonscript); 01587 fprintf(add_fd, "loginShell: %s\n", 01588 ((delta->account_info.acb_info & ACB_NORMAL) ? 01589 "/bin/bash" : "/bin/false")); 01590 fprintf(add_fd, "gecos: System User\n"); 01591 if (*description) 01592 fprintf_attr(add_fd, "description", "%s", description); 01593 fprintf(add_fd, "sambaSID: %s-%d\n", sid, rid); 01594 fprintf(add_fd, "sambaPrimaryGroupSID: %s\n", sambaSID); 01595 if(*fullname) 01596 fprintf_attr(add_fd, "displayName", "%s", fullname); 01597 if(*profilepath) 01598 fprintf_attr(add_fd, "sambaProfilePath", "%s", profilepath); 01599 if (strcmp(nopasswd, hex_lm_passwd) != 0) 01600 fprintf(add_fd, "sambaLMPassword: %s\n", hex_lm_passwd); 01601 if (strcmp(nopasswd, hex_nt_passwd) != 0) 01602 fprintf(add_fd, "sambaNTPassword: %s\n", hex_nt_passwd); 01603 fprintf(add_fd, "sambaPwdLastSet: %d\n", (int)unix_time); 01604 fprintf(add_fd, "sambaAcctFlags: %s\n", flags); 01605 fprintf(add_fd, "\n"); 01606 fflush(add_fd); 01607 01608 /* Return */ 01609 return NT_STATUS_OK; 01610 }
static NTSTATUS fetch_alias_info_to_ldif | ( | SAM_DELTA_CTR * | delta, | |
GROUPMAP * | groupmap, | |||
FILE * | add_fd, | |||
fstring | sid, | |||
char * | suffix, | |||
unsigned | db_type | |||
) | [static] |
net_rpc_samsync.c の 1612 行で定義されています。
参照先 sam_delta_ctr_info::alias_info・description・fprintf()・fprintf_attr()・DOM_GID::g_rid・sam_group_info_info::gid・_groupmap::gidNumber・sam_delta_ctr_info::group_info・ldif_gid・lp_ldap_group_suffix()・pstr_sprintf()・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・_groupmap::sambaSID・sstring_sub()・sam_alias_info_info::uni_als_desc・sam_alias_info_info::uni_als_name・unistr2_to_ascii().
01617 { 01618 fstring aliasname, description; 01619 uint32 grouptype = 0, g_rid = 0; 01620 char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); 01621 01622 /* Get the alias name */ 01623 unistr2_to_ascii(aliasname, &(delta->alias_info.uni_als_name), 01624 sizeof(aliasname)-1); 01625 01626 /* Get the alias description */ 01627 unistr2_to_ascii(description, &(delta->alias_info.uni_als_desc), 01628 sizeof(description)-1); 01629 01630 /* Set up the group type */ 01631 switch (db_type) { 01632 case SAM_DATABASE_DOMAIN: 01633 grouptype = 4; 01634 break; 01635 case SAM_DATABASE_BUILTIN: 01636 grouptype = 5; 01637 break; 01638 default: 01639 grouptype = 4; 01640 break; 01641 } 01642 01643 /* 01644 These groups are entered by populate_ldap_for_ldif 01645 Note that populate creates a group called Relicators, 01646 but NT returns a group called Replicator 01647 */ 01648 if (strcmp(aliasname, "Domain Admins") == 0 || 01649 strcmp(aliasname, "Domain Users") == 0 || 01650 strcmp(aliasname, "Domain Guests") == 0 || 01651 strcmp(aliasname, "Domain Computers") == 0 || 01652 strcmp(aliasname, "Administrators") == 0 || 01653 strcmp(aliasname, "Print Operators") == 0 || 01654 strcmp(aliasname, "Backup Operators") == 0 || 01655 strcmp(aliasname, "Replicator") == 0) { 01656 SAFE_FREE(group_attr); 01657 return NT_STATUS_OK; 01658 } else { 01659 /* Increment the gid for the new group */ 01660 ldif_gid++; 01661 } 01662 01663 /* Map the group rid and gid */ 01664 g_rid = delta->group_info.gid.g_rid; 01665 groupmap->gidNumber = ldif_gid; 01666 pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid); 01667 01668 /* Write the data to the temporary add ldif file */ 01669 fprintf(add_fd, "# %s, %s, %s\n", aliasname, group_attr, 01670 suffix); 01671 fprintf_attr(add_fd, "dn", "cn=%s,ou=%s,%s", aliasname, group_attr, 01672 suffix); 01673 fprintf(add_fd, "objectClass: posixGroup\n"); 01674 fprintf(add_fd, "objectClass: sambaGroupMapping\n"); 01675 fprintf(add_fd, "cn: %s\n", aliasname); 01676 fprintf(add_fd, "gidNumber: %d\n", ldif_gid); 01677 fprintf(add_fd, "sambaSID: %s\n", groupmap->sambaSID); 01678 fprintf(add_fd, "sambaGroupType: %d\n", grouptype); 01679 fprintf_attr(add_fd, "displayName", "%s", aliasname); 01680 if (description[0]) 01681 fprintf_attr(add_fd, "description", "%s", description); 01682 fprintf(add_fd, "\n"); 01683 fflush(add_fd); 01684 01685 SAFE_FREE(group_attr); 01686 /* Return */ 01687 return NT_STATUS_OK; 01688 }
static NTSTATUS fetch_groupmem_info_to_ldif | ( | SAM_DELTA_CTR * | delta, | |
SAM_DELTA_HDR * | hdr_delta, | |||
GROUPMAP * | groupmap, | |||
ACCOUNTMAP * | accountmap, | |||
FILE * | mod_fd, | |||
int | alloced | |||
) | [static] |
net_rpc_samsync.c の 1690 行で定義されています。
参照先 fprintf()・sam_delta_ctr_info::grp_mem_info・sam_group_mem_info_info::num_members・pstr_sprintf()・sam_group_mem_info_info::rids・sam_delta_hdr_info::target_rid.
01695 { 01696 fstring group_dn; 01697 uint32 group_rid = 0, rid = 0; 01698 int i, j, k; 01699 01700 /* Get the dn for the group */ 01701 if (delta->grp_mem_info.num_members > 0) { 01702 group_rid = hdr_delta->target_rid; 01703 for (j=0; j<alloced; j++) { 01704 if (groupmap[j].rid == group_rid) break; 01705 } 01706 if (j == alloced){ 01707 DEBUG(1, ("Could not find rid %d in groupmap array\n", 01708 group_rid)); 01709 return NT_STATUS_UNSUCCESSFUL; 01710 } 01711 pstr_sprintf(group_dn, "%s", groupmap[j].group_dn); 01712 fprintf(mod_fd, "dn: %s\n", group_dn); 01713 01714 /* Get the cn for each member */ 01715 for (i=0; i<delta->grp_mem_info.num_members; i++) { 01716 rid = delta->grp_mem_info.rids[i]; 01717 for (k=0; k<alloced; k++) { 01718 if (accountmap[k].rid == rid) break; 01719 } 01720 if (k == alloced){ 01721 DEBUG(1, ("Could not find rid %d in " 01722 "accountmap array\n", rid)); 01723 return NT_STATUS_UNSUCCESSFUL; 01724 } 01725 fprintf(mod_fd, "memberUid: %s\n", accountmap[k].cn); 01726 } 01727 fprintf(mod_fd, "\n"); 01728 } 01729 fflush(mod_fd); 01730 01731 /* Return */ 01732 return NT_STATUS_OK; 01733 }
static NTSTATUS fetch_database_to_ldif | ( | struct rpc_pipe_client * | pipe_hnd, | |
uint32 | db_type, | |||
DOM_SID | dom_sid, | |||
const char * | user_file | |||
) | [static] |
net_rpc_samsync.c の 1735 行で定義されています。
参照先 add_name()・d_fprintf()・errno・fetch_account_info_to_ldif()・fetch_alias_info_to_ldif()・fetch_group_info_to_ldif()・fetch_groupmem_info_to_ldif()・fprintf()・init_ldap・lp_workgroup()・map_populate_groups()・populate_ldap_for_ldif()・result・rpccli_netlogon_sam_sync()・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・SAM_DATABASE_PRIVS・sid_to_string()・smb_mkstemp()・strerror()・talloc_init()・talloc_strdup()・transfer_file()・type・unistr2_to_ascii().
01739 { 01740 char *suffix; 01741 const char *builtin_sid = "S-1-5-32"; 01742 char *add_name = NULL, *mod_name = NULL; 01743 const char *add_template = "/tmp/add.ldif.XXXXXX"; 01744 const char *mod_template = "/tmp/mod.ldif.XXXXXX"; 01745 fstring sid, domainname; 01746 uint32 sync_context = 0; 01747 NTSTATUS ret = NT_STATUS_OK, result; 01748 int k; 01749 TALLOC_CTX *mem_ctx; 01750 SAM_DELTA_HDR *hdr_deltas; 01751 SAM_DELTA_CTR *deltas; 01752 uint32 num_deltas; 01753 FILE *add_file = NULL, *mod_file = NULL, *ldif_file = NULL; 01754 int num_alloced = 0, g_index = 0, a_index = 0; 01755 01756 /* Set up array for mapping accounts to groups */ 01757 /* Array element is the group rid */ 01758 GROUPMAP *groupmap = NULL; 01759 01760 /* Set up array for mapping account rid's to cn's */ 01761 /* Array element is the account rid */ 01762 ACCOUNTMAP *accountmap = NULL; 01763 01764 if (!(mem_ctx = talloc_init("fetch_database"))) { 01765 return NT_STATUS_NO_MEMORY; 01766 } 01767 01768 /* Ensure we have an output file */ 01769 if (user_file) 01770 ldif_file = fopen(user_file, "a"); 01771 else 01772 ldif_file = stdout; 01773 01774 if (!ldif_file) { 01775 fprintf(stderr, "Could not open %s\n", user_file); 01776 DEBUG(1, ("Could not open %s\n", user_file)); 01777 ret = NT_STATUS_UNSUCCESSFUL; 01778 goto done; 01779 } 01780 01781 add_name = talloc_strdup(mem_ctx, add_template); 01782 mod_name = talloc_strdup(mem_ctx, mod_template); 01783 if (!add_name || !mod_name) { 01784 ret = NT_STATUS_NO_MEMORY; 01785 goto done; 01786 } 01787 01788 /* Open the add and mod ldif files */ 01789 if (!(add_file = fdopen(smb_mkstemp(add_name),"w"))) { 01790 DEBUG(1, ("Could not open %s\n", add_name)); 01791 ret = NT_STATUS_UNSUCCESSFUL; 01792 goto done; 01793 } 01794 if (!(mod_file = fdopen(smb_mkstemp(mod_name),"w"))) { 01795 DEBUG(1, ("Could not open %s\n", mod_name)); 01796 ret = NT_STATUS_UNSUCCESSFUL; 01797 goto done; 01798 } 01799 01800 /* Get the sid */ 01801 sid_to_string(sid, &dom_sid); 01802 01803 /* Get the ldap suffix */ 01804 suffix = lp_ldap_suffix(); 01805 if (suffix == NULL || strcmp(suffix, "") == 0) { 01806 DEBUG(0,("ldap suffix missing from smb.conf--exiting\n")); 01807 exit(1); 01808 } 01809 01810 /* Get other smb.conf data */ 01811 if (!(lp_workgroup()) || !*(lp_workgroup())) { 01812 DEBUG(0,("workgroup missing from smb.conf--exiting\n")); 01813 exit(1); 01814 } 01815 01816 /* Allocate initial memory for groupmap and accountmap arrays */ 01817 if (init_ldap == 1) { 01818 groupmap = SMB_MALLOC_ARRAY(GROUPMAP, 8); 01819 accountmap = SMB_MALLOC_ARRAY(ACCOUNTMAP, 8); 01820 if (groupmap == NULL || accountmap == NULL) { 01821 DEBUG(1,("GROUPMAP malloc failed\n")); 01822 ret = NT_STATUS_NO_MEMORY; 01823 goto done; 01824 } 01825 01826 /* Initialize the arrays */ 01827 memset(groupmap, 0, sizeof(GROUPMAP)*8); 01828 memset(accountmap, 0, sizeof(ACCOUNTMAP)*8); 01829 01830 /* Remember how many we malloced */ 01831 num_alloced = 8; 01832 01833 /* Initial database population */ 01834 populate_ldap_for_ldif(sid, suffix, builtin_sid, add_file); 01835 map_populate_groups(groupmap, accountmap, sid, suffix, 01836 builtin_sid); 01837 01838 /* Don't do this again */ 01839 init_ldap = 0; 01840 } 01841 01842 /* Announce what we are doing */ 01843 switch( db_type ) { 01844 case SAM_DATABASE_DOMAIN: 01845 d_fprintf(stderr, "Fetching DOMAIN database\n"); 01846 break; 01847 case SAM_DATABASE_BUILTIN: 01848 d_fprintf(stderr, "Fetching BUILTIN database\n"); 01849 break; 01850 case SAM_DATABASE_PRIVS: 01851 d_fprintf(stderr, "Fetching PRIVS databases\n"); 01852 break; 01853 default: 01854 d_fprintf(stderr, 01855 "Fetching unknown database type %u\n", 01856 db_type ); 01857 break; 01858 } 01859 01860 do { 01861 result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, 01862 db_type, sync_context, 01863 &num_deltas, &hdr_deltas, 01864 &deltas); 01865 if (!NT_STATUS_IS_OK(result) && 01866 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { 01867 ret = NT_STATUS_OK; 01868 goto done; /* is this correct? jmcd */ 01869 } 01870 01871 /* Re-allocate memory for groupmap and accountmap arrays */ 01872 groupmap = SMB_REALLOC_ARRAY(groupmap, GROUPMAP, 01873 num_deltas+num_alloced); 01874 accountmap = SMB_REALLOC_ARRAY(accountmap, ACCOUNTMAP, 01875 num_deltas+num_alloced); 01876 if (groupmap == NULL || accountmap == NULL) { 01877 DEBUG(1,("GROUPMAP malloc failed\n")); 01878 ret = NT_STATUS_NO_MEMORY; 01879 goto done; 01880 } 01881 01882 /* Initialize the new records */ 01883 memset(&groupmap[num_alloced], 0, 01884 sizeof(GROUPMAP)*num_deltas); 01885 memset(&accountmap[num_alloced], 0, 01886 sizeof(ACCOUNTMAP)*num_deltas); 01887 01888 /* Remember how many we alloced this time */ 01889 num_alloced += num_deltas; 01890 01891 /* Loop through the deltas */ 01892 for (k=0; k<num_deltas; k++) { 01893 switch(hdr_deltas[k].type) { 01894 case SAM_DELTA_DOMAIN_INFO: 01895 /* Is this case needed? */ 01896 unistr2_to_ascii( 01897 domainname, 01898 &deltas[k].domain_info.uni_dom_name, 01899 sizeof(domainname)-1); 01900 break; 01901 01902 case SAM_DELTA_GROUP_INFO: 01903 fetch_group_info_to_ldif( 01904 &deltas[k], &groupmap[g_index], 01905 add_file, sid, suffix); 01906 g_index++; 01907 break; 01908 01909 case SAM_DELTA_ACCOUNT_INFO: 01910 fetch_account_info_to_ldif( 01911 &deltas[k], groupmap, 01912 &accountmap[a_index], add_file, 01913 sid, suffix, num_alloced); 01914 a_index++; 01915 break; 01916 01917 case SAM_DELTA_ALIAS_INFO: 01918 fetch_alias_info_to_ldif( 01919 &deltas[k], &groupmap[g_index], 01920 add_file, sid, suffix, db_type); 01921 g_index++; 01922 break; 01923 01924 case SAM_DELTA_GROUP_MEM: 01925 fetch_groupmem_info_to_ldif( 01926 &deltas[k], &hdr_deltas[k], 01927 groupmap, accountmap, 01928 mod_file, num_alloced); 01929 break; 01930 01931 case SAM_DELTA_ALIAS_MEM: 01932 break; 01933 case SAM_DELTA_POLICY_INFO: 01934 break; 01935 case SAM_DELTA_PRIVS_INFO: 01936 break; 01937 case SAM_DELTA_TRUST_DOMS: 01938 /* Implemented but broken */ 01939 break; 01940 case SAM_DELTA_SECRET_INFO: 01941 /* Implemented but broken */ 01942 break; 01943 case SAM_DELTA_RENAME_GROUP: 01944 /* Not yet implemented */ 01945 break; 01946 case SAM_DELTA_RENAME_USER: 01947 /* Not yet implemented */ 01948 break; 01949 case SAM_DELTA_RENAME_ALIAS: 01950 /* Not yet implemented */ 01951 break; 01952 case SAM_DELTA_DELETE_GROUP: 01953 /* Not yet implemented */ 01954 break; 01955 case SAM_DELTA_DELETE_USER: 01956 /* Not yet implemented */ 01957 break; 01958 case SAM_DELTA_MODIFIED_COUNT: 01959 break; 01960 default: 01961 break; 01962 } /* end of switch */ 01963 } /* end of for loop */ 01964 01965 /* Increment sync_context */ 01966 sync_context += 1; 01967 01968 } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); 01969 01970 /* Write ldif data to the user's file */ 01971 if (db_type == SAM_DATABASE_DOMAIN) { 01972 fprintf(ldif_file, 01973 "# SAM_DATABASE_DOMAIN: ADD ENTITIES\n"); 01974 fprintf(ldif_file, 01975 "# =================================\n\n"); 01976 fflush(ldif_file); 01977 } else if (db_type == SAM_DATABASE_BUILTIN) { 01978 fprintf(ldif_file, 01979 "# SAM_DATABASE_BUILTIN: ADD ENTITIES\n"); 01980 fprintf(ldif_file, 01981 "# ==================================\n\n"); 01982 fflush(ldif_file); 01983 } 01984 fseek(add_file, 0, SEEK_SET); 01985 transfer_file(fileno(add_file), fileno(ldif_file), (size_t) -1); 01986 01987 if (db_type == SAM_DATABASE_DOMAIN) { 01988 fprintf(ldif_file, 01989 "# SAM_DATABASE_DOMAIN: MODIFY ENTITIES\n"); 01990 fprintf(ldif_file, 01991 "# ====================================\n\n"); 01992 fflush(ldif_file); 01993 } else if (db_type == SAM_DATABASE_BUILTIN) { 01994 fprintf(ldif_file, 01995 "# SAM_DATABASE_BUILTIN: MODIFY ENTITIES\n"); 01996 fprintf(ldif_file, 01997 "# =====================================\n\n"); 01998 fflush(ldif_file); 01999 } 02000 fseek(mod_file, 0, SEEK_SET); 02001 transfer_file(fileno(mod_file), fileno(ldif_file), (size_t) -1); 02002 02003 02004 done: 02005 /* Close and delete the ldif files */ 02006 if (add_file) { 02007 fclose(add_file); 02008 } 02009 02010 if ((add_name != NULL) && 02011 strcmp(add_name, add_template) && (unlink(add_name))) { 02012 DEBUG(1,("unlink(%s) failed, error was (%s)\n", 02013 add_name, strerror(errno))); 02014 } 02015 02016 if (mod_file) { 02017 fclose(mod_file); 02018 } 02019 02020 if ((mod_name != NULL) && 02021 strcmp(mod_name, mod_template) && (unlink(mod_name))) { 02022 DEBUG(1,("unlink(%s) failed, error was (%s)\n", 02023 mod_name, strerror(errno))); 02024 } 02025 02026 if (ldif_file && (ldif_file != stdout)) { 02027 fclose(ldif_file); 02028 } 02029 02030 /* Deallocate memory for the mapping arrays */ 02031 SAFE_FREE(groupmap); 02032 SAFE_FREE(accountmap); 02033 02034 /* Return */ 02035 talloc_destroy(mem_ctx); 02036 return ret; 02037 }
int rpc_vampire_usage | ( | int | argc, | |
const char ** | argv | |||
) |
Basic usage function for 'net rpc vampire'
argc | Standard main() style argc | |
argc | Standard main() style argv. Initial components are already stripped |
net_rpc_samsync.c の 2046 行で定義されています。
参照先 d_printf()・net_common_flags_usage().
参照元 net_rpc_help().
02047 { 02048 d_printf("net rpc vampire [ldif [<ldif-filename>] [options]\n" 02049 "\t to pull accounts from a remote PDC where we are a BDC\n" 02050 "\t\t no args puts accounts in local passdb from smb.conf\n" 02051 "\t\t ldif - put accounts in ldif format (file defaults to " 02052 "/tmp/tmp.ldif\n"); 02053 02054 net_common_flags_usage(argc, argv); 02055 return -1; 02056 }
NTSTATUS rpc_vampire_internals | ( | const DOM_SID * | domain_sid, | |
const char * | domain_name, | |||
struct cli_state * | cli, | |||
struct rpc_pipe_client * | pipe_hnd, | |||
TALLOC_CTX * | mem_ctx, | |||
int | argc, | |||
const char ** | argv | |||
) |
net_rpc_samsync.c の 2060 行で定義されています。
参照先 d_fprintf()・d_printf()・domain_sid・fetch_database()・fetch_database_to_ldif()・get_global_sam_name()・get_global_sam_sid()・global_sid_Builtin・nt_errstr()・result・SAM_DATABASE_BUILTIN・SAM_DATABASE_DOMAIN・sid_equal()・sid_to_string().
参照元 rpc_vampire().
02067 { 02068 NTSTATUS result; 02069 fstring my_dom_sid_str; 02070 fstring rem_dom_sid_str; 02071 02072 if (!sid_equal(domain_sid, get_global_sam_sid())) { 02073 d_printf("Cannot import users from %s at this time, " 02074 "as the current domain:\n\t%s: %s\nconflicts " 02075 "with the remote domain\n\t%s: %s\n" 02076 "Perhaps you need to set: \n\n\tsecurity=user\n\t" 02077 "workgroup=%s\n\n in your smb.conf?\n", 02078 domain_name, 02079 get_global_sam_name(), 02080 sid_to_string(my_dom_sid_str, 02081 get_global_sam_sid()), 02082 domain_name, sid_to_string(rem_dom_sid_str, 02083 domain_sid), 02084 domain_name); 02085 return NT_STATUS_UNSUCCESSFUL; 02086 } 02087 02088 if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) { 02089 result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_DOMAIN, 02090 *domain_sid, argv[1]); 02091 } else { 02092 result = fetch_database(pipe_hnd, SAM_DATABASE_DOMAIN, 02093 *domain_sid); 02094 } 02095 02096 if (!NT_STATUS_IS_OK(result)) { 02097 d_fprintf(stderr, "Failed to fetch domain database: %s\n", 02098 nt_errstr(result)); 02099 if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) 02100 d_fprintf(stderr, "Perhaps %s is a Windows 2000 " 02101 "native mode domain?\n", domain_name); 02102 goto fail; 02103 } 02104 02105 if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) { 02106 result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_BUILTIN, 02107 global_sid_Builtin, argv[1]); 02108 } else { 02109 result = fetch_database(pipe_hnd, SAM_DATABASE_BUILTIN, 02110 global_sid_Builtin); 02111 } 02112 02113 if (!NT_STATUS_IS_OK(result)) { 02114 d_fprintf(stderr, "Failed to fetch builtin database: %s\n", 02115 nt_errstr(result)); 02116 goto fail; 02117 } 02118 02119 /* Currently we crash on PRIVS somewhere in unmarshalling */ 02120 /* Dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); */ 02121 02122 fail: 02123 return result; 02124 }
uint32 ldif_gid = 999 [static] |
uint32 ldif_uid = 999 [static] |
int init_ldap = 1 [static] |