lib/smbldap_util.c

ソースコードを見る。

関数

static NTSTATUS add_new_domain_account_policies (struct smbldap_state *ldap_state, const char *domain_name)
static NTSTATUS add_new_domain_info (struct smbldap_state *ldap_state, const char *domain_name)
NTSTATUS smbldap_search_domain_info (struct smbldap_state *ldap_state, LDAPMessage **result, const char *domain_name, BOOL try_add)

関数

static NTSTATUS add_new_domain_account_policies ( struct smbldap_state ldap_state,
const char *  domain_name 
) [static]

smbldap_util.c33 行で定義されています。

参照先 account_policy_get_default()decode_account_policy_name()dominfo_attr_listescape_rdn_val_string_alloc()get_account_policy_attr()get_attr_key2string()smbldap_state::ldap_structLDAP_SUCCESSntstatuspstr_sprintf()smbldap_modify()smbldap_set_mod().

参照元 smbldap_search_domain_info().

00035 {
00036         NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL;
00037         int i, rc;
00038         uint32 policy_default;
00039         const char *policy_attr = NULL;
00040         pstring dn;
00041         LDAPMod **mods = NULL;
00042         char *escape_domain_name;
00043 
00044         DEBUG(3,("add_new_domain_account_policies: Adding new account policies for domain\n"));
00045 
00046         escape_domain_name = escape_rdn_val_string_alloc(domain_name);
00047         if (!escape_domain_name) {
00048                 DEBUG(0, ("Out of memory!\n"));
00049                 return NT_STATUS_NO_MEMORY;
00050         }
00051 
00052         pstr_sprintf(dn, "%s=%s,%s", 
00053                 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
00054                 escape_domain_name, lp_ldap_suffix());
00055 
00056         SAFE_FREE(escape_domain_name);
00057 
00058         for (i=1; decode_account_policy_name(i) != NULL; i++) {
00059 
00060                 pstring val;
00061 
00062                 policy_attr = get_account_policy_attr(i);
00063                 if (!policy_attr) {
00064                         DEBUG(0,("add_new_domain_account_policies: ops. no policy!\n"));
00065                         continue;
00066                 }
00067 
00068                 if (!account_policy_get_default(i, &policy_default)) {
00069                         DEBUG(0,("add_new_domain_account_policies: failed to get default account policy\n"));
00070                         return ntstatus;
00071                 }
00072 
00073                 DEBUG(10,("add_new_domain_account_policies: adding \"%s\" with value: %d\n", policy_attr, policy_default));
00074 
00075                 pstr_sprintf(val, "%d", policy_default); 
00076 
00077                 smbldap_set_mod( &mods, LDAP_MOD_REPLACE, policy_attr, val);
00078 
00079                 rc = smbldap_modify(ldap_state, dn, mods);
00080 
00081                 if (rc!=LDAP_SUCCESS) {
00082                         char *ld_error = NULL;
00083                         ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
00084                         DEBUG(1,("add_new_domain_account_policies: failed to add account policies to dn= %s with: %s\n\t%s\n",
00085                                 dn, ldap_err2string(rc),
00086                                 ld_error ? ld_error : "unknown"));
00087                         SAFE_FREE(ld_error);
00088                         ldap_mods_free(mods, True);
00089                         return ntstatus;
00090                 }
00091         }
00092 
00093         ldap_mods_free(mods, True);
00094 
00095         return NT_STATUS_OK;
00096 }

static NTSTATUS add_new_domain_info ( struct smbldap_state ldap_state,
const char *  domain_name 
) [static]

smbldap_util.c105 行で定義されています。

参照先 algorithmic_rid_base()dominfo_attr_listescape_ldap_string_alloc()escape_rdn_val_string_alloc()fstr_sprintf()get_attr_key2string()get_attr_list()get_global_sam_sid()smbldap_state::ldap_structLDAP_SUCCESSpstr_sprintf()resultsid_to_string()smbldap_add()smbldap_search_suffix()smbldap_set_mod().

参照元 smbldap_search_domain_info().

00107 {
00108         fstring sid_string;
00109         fstring algorithmic_rid_base_string;
00110         pstring filter, dn;
00111         LDAPMod **mods = NULL;
00112         int rc;
00113         LDAPMessage *result = NULL;
00114         int num_result;
00115         const char **attr_list;
00116         char *escape_domain_name;
00117 
00118         /* escape for filter */
00119         escape_domain_name = escape_ldap_string_alloc(domain_name);
00120         if (!escape_domain_name) {
00121                 DEBUG(0, ("Out of memory!\n"));
00122                 return NT_STATUS_NO_MEMORY;
00123         }
00124 
00125         slprintf (filter, sizeof (filter) - 1, "(&(%s=%s)(objectclass=%s))", 
00126                   get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 
00127                   escape_domain_name, LDAP_OBJ_DOMINFO);
00128 
00129         SAFE_FREE(escape_domain_name);
00130 
00131         attr_list = get_attr_list( NULL, dominfo_attr_list );
00132         rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result);
00133         TALLOC_FREE( attr_list );
00134 
00135         if (rc != LDAP_SUCCESS) {
00136                 return NT_STATUS_UNSUCCESSFUL;
00137         }
00138 
00139         num_result = ldap_count_entries(ldap_state->ldap_struct, result);
00140         
00141         if (num_result > 1) {
00142                 DEBUG (0, ("add_new_domain_info: More than domain with that name exists: bailing "
00143                            "out!\n"));
00144                 ldap_msgfree(result);
00145                 return NT_STATUS_UNSUCCESSFUL;
00146         }
00147         
00148         /* Check if we need to add an entry */
00149         DEBUG(3,("add_new_domain_info: Adding new domain\n"));
00150 
00151         /* this time escape for DN */
00152         escape_domain_name = escape_rdn_val_string_alloc(domain_name);
00153         if (!escape_domain_name) {
00154                 DEBUG(0, ("Out of memory!\n"));
00155                 return NT_STATUS_NO_MEMORY;
00156         }
00157 
00158         pstr_sprintf(dn, "%s=%s,%s",
00159                      get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
00160                      escape_domain_name, lp_ldap_suffix());
00161 
00162         SAFE_FREE(escape_domain_name);
00163 
00164         /* Free original search */
00165         ldap_msgfree(result);
00166 
00167         /* make the changes - the entry *must* not already have samba
00168          * attributes */
00169 
00170         smbldap_set_mod(&mods, LDAP_MOD_ADD,
00171                         get_attr_key2string(dominfo_attr_list,
00172                                             LDAP_ATTR_DOMAIN), 
00173                         domain_name);
00174 
00175         /* If we don't have an entry, then ask secrets.tdb for what it thinks.
00176            It may choose to make it up */
00177 
00178         sid_to_string(sid_string, get_global_sam_sid());
00179         smbldap_set_mod(&mods, LDAP_MOD_ADD,
00180                         get_attr_key2string(dominfo_attr_list,
00181                                             LDAP_ATTR_DOM_SID),
00182                         sid_string);
00183 
00184         slprintf(algorithmic_rid_base_string,
00185                  sizeof(algorithmic_rid_base_string) - 1, "%i",
00186                  algorithmic_rid_base());
00187         smbldap_set_mod(&mods, LDAP_MOD_ADD,
00188                         get_attr_key2string(dominfo_attr_list,
00189                                             LDAP_ATTR_ALGORITHMIC_RID_BASE), 
00190                         algorithmic_rid_base_string);
00191         smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO);
00192         
00193         /* add the sambaNextUserRid attributes. */
00194         
00195         {
00196                 uint32 rid = BASE_RID;
00197                 fstring rid_str;
00198                 
00199                 fstr_sprintf( rid_str, "%i", rid );
00200                 DEBUG(10,("add_new_domain_info: setting next available user rid [%s]\n", rid_str));
00201                 smbldap_set_mod(&mods, LDAP_MOD_ADD, 
00202                         get_attr_key2string(dominfo_attr_list,
00203                                             LDAP_ATTR_NEXT_USERRID), 
00204                         rid_str);
00205         }
00206 
00207 
00208         rc = smbldap_add(ldap_state, dn, mods);
00209 
00210         if (rc!=LDAP_SUCCESS) {
00211                 char *ld_error = NULL;
00212                 ldap_get_option(ldap_state->ldap_struct,
00213                                 LDAP_OPT_ERROR_STRING, &ld_error);
00214                 DEBUG(1,("add_new_domain_info: failed to add domain dn= %s with: %s\n\t%s\n",
00215                          dn, ldap_err2string(rc),
00216                          ld_error?ld_error:"unknown"));
00217                 SAFE_FREE(ld_error);
00218 
00219                 ldap_mods_free(mods, True);
00220                 return NT_STATUS_UNSUCCESSFUL;
00221         }
00222 
00223         DEBUG(2,("add_new_domain_info: added: domain = %s in the LDAP database\n", domain_name));
00224         ldap_mods_free(mods, True);
00225         return NT_STATUS_OK;
00226 }

NTSTATUS smbldap_search_domain_info ( struct smbldap_state ldap_state,
LDAPMessage **  result,
const char *  domain_name,
BOOL  try_add 
)

smbldap_util.c232 行で定義されています。

参照先 add_new_domain_account_policies()add_new_domain_info()dominfo_attr_listescape_ldap_string_alloc()failedget_attr_key2string()get_attr_list()smbldap_state::ldap_structLDAP_SUCCESSnt_errstr()pstr_sprintf()smbldap_search_suffix()status.

参照元 ldapsam_get_new_rid()pdb_init_ldapsam().

00235 {
00236         NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
00237         pstring filter;
00238         int rc;
00239         const char **attr_list;
00240         int count;
00241         char *escape_domain_name;
00242         
00243         escape_domain_name = escape_ldap_string_alloc(domain_name);
00244         if (!escape_domain_name) {
00245                 DEBUG(0, ("Out of memory!\n"));
00246                 return NT_STATUS_NO_MEMORY;
00247         }
00248 
00249         pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))",
00250                 LDAP_OBJ_DOMINFO,
00251                 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 
00252                 escape_domain_name);
00253 
00254         SAFE_FREE(escape_domain_name);
00255 
00256         DEBUG(2, ("smbldap_search_domain_info: Searching for:[%s]\n", filter));
00257 
00258         attr_list = get_attr_list( NULL, dominfo_attr_list );
00259         rc = smbldap_search_suffix(ldap_state, filter, attr_list , result);
00260         TALLOC_FREE( attr_list );
00261 
00262         if (rc != LDAP_SUCCESS) {
00263                 DEBUG(2,("smbldap_search_domain_info: Problem during LDAPsearch: %s\n", ldap_err2string (rc)));
00264                 DEBUG(2,("smbldap_search_domain_info: Query was: %s, %s\n", lp_ldap_suffix(), filter));
00265                 goto failed;
00266         }
00267 
00268         count = ldap_count_entries(ldap_state->ldap_struct, *result);
00269 
00270         if (count == 1)
00271                 return NT_STATUS_OK;
00272 
00273         ldap_msgfree(*result);
00274         *result = NULL;
00275         
00276         if (count < 1) {
00277 
00278                 DEBUG(3, ("smbldap_search_domain_info: Got no domain info entries for domain\n"));
00279 
00280                 if (!try_add)
00281                         goto failed;
00282 
00283                 status = add_new_domain_info(ldap_state, domain_name);
00284                 if (!NT_STATUS_IS_OK(status)) {
00285                         DEBUG(0, ("smbldap_search_domain_info: Adding domain info for %s failed with %s\n", 
00286                                 domain_name, nt_errstr(status)));
00287                         goto failed;
00288                 }
00289                         
00290                 status = add_new_domain_account_policies(ldap_state, domain_name);
00291                 if (!NT_STATUS_IS_OK(status)) {
00292                         DEBUG(0, ("smbldap_search_domain_info: Adding domain account policies for %s failed with %s\n", 
00293                                 domain_name, nt_errstr(status)));
00294                         goto failed;
00295                 }
00296 
00297                 return smbldap_search_domain_info(ldap_state, result, domain_name, False);
00298                 
00299         } 
00300         
00301         if (count > 1 ) {
00302         
00303                 DEBUG(0, ("smbldap_search_domain_info: Got too many (%d) domain info entries for domain %s\n",
00304                           count, domain_name));
00305                 goto failed;
00306         }
00307 
00308 failed:
00309         return status;
00310 }

Sambaに対してSat Aug 29 21:23:37 2009に生成されました。  doxygen 1.4.7