関数 | |
static NTSTATUS | add_new_domain_account_policies (struct smbldap_state *ldap_state, const char *domain_name) |
static NTSTATUS | add_new_domain_info (struct smbldap_state *ldap_state, const char *domain_name) |
NTSTATUS | smbldap_search_domain_info (struct smbldap_state *ldap_state, LDAPMessage **result, const char *domain_name, BOOL try_add) |
static NTSTATUS add_new_domain_account_policies | ( | struct smbldap_state * | ldap_state, | |
const char * | domain_name | |||
) | [static] |
smbldap_util.c の 33 行で定義されています。
参照先 account_policy_get_default()・decode_account_policy_name()・dominfo_attr_list・escape_rdn_val_string_alloc()・get_account_policy_attr()・get_attr_key2string()・smbldap_state::ldap_struct・LDAP_SUCCESS・ntstatus・pstr_sprintf()・smbldap_modify()・smbldap_set_mod().
参照元 smbldap_search_domain_info().
00035 { 00036 NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL; 00037 int i, rc; 00038 uint32 policy_default; 00039 const char *policy_attr = NULL; 00040 pstring dn; 00041 LDAPMod **mods = NULL; 00042 char *escape_domain_name; 00043 00044 DEBUG(3,("add_new_domain_account_policies: Adding new account policies for domain\n")); 00045 00046 escape_domain_name = escape_rdn_val_string_alloc(domain_name); 00047 if (!escape_domain_name) { 00048 DEBUG(0, ("Out of memory!\n")); 00049 return NT_STATUS_NO_MEMORY; 00050 } 00051 00052 pstr_sprintf(dn, "%s=%s,%s", 00053 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 00054 escape_domain_name, lp_ldap_suffix()); 00055 00056 SAFE_FREE(escape_domain_name); 00057 00058 for (i=1; decode_account_policy_name(i) != NULL; i++) { 00059 00060 pstring val; 00061 00062 policy_attr = get_account_policy_attr(i); 00063 if (!policy_attr) { 00064 DEBUG(0,("add_new_domain_account_policies: ops. no policy!\n")); 00065 continue; 00066 } 00067 00068 if (!account_policy_get_default(i, &policy_default)) { 00069 DEBUG(0,("add_new_domain_account_policies: failed to get default account policy\n")); 00070 return ntstatus; 00071 } 00072 00073 DEBUG(10,("add_new_domain_account_policies: adding \"%s\" with value: %d\n", policy_attr, policy_default)); 00074 00075 pstr_sprintf(val, "%d", policy_default); 00076 00077 smbldap_set_mod( &mods, LDAP_MOD_REPLACE, policy_attr, val); 00078 00079 rc = smbldap_modify(ldap_state, dn, mods); 00080 00081 if (rc!=LDAP_SUCCESS) { 00082 char *ld_error = NULL; 00083 ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error); 00084 DEBUG(1,("add_new_domain_account_policies: failed to add account policies to dn= %s with: %s\n\t%s\n", 00085 dn, ldap_err2string(rc), 00086 ld_error ? ld_error : "unknown")); 00087 SAFE_FREE(ld_error); 00088 ldap_mods_free(mods, True); 00089 return ntstatus; 00090 } 00091 } 00092 00093 ldap_mods_free(mods, True); 00094 00095 return NT_STATUS_OK; 00096 }
static NTSTATUS add_new_domain_info | ( | struct smbldap_state * | ldap_state, | |
const char * | domain_name | |||
) | [static] |
smbldap_util.c の 105 行で定義されています。
参照先 algorithmic_rid_base()・dominfo_attr_list・escape_ldap_string_alloc()・escape_rdn_val_string_alloc()・fstr_sprintf()・get_attr_key2string()・get_attr_list()・get_global_sam_sid()・smbldap_state::ldap_struct・LDAP_SUCCESS・pstr_sprintf()・result・sid_to_string()・smbldap_add()・smbldap_search_suffix()・smbldap_set_mod().
参照元 smbldap_search_domain_info().
00107 { 00108 fstring sid_string; 00109 fstring algorithmic_rid_base_string; 00110 pstring filter, dn; 00111 LDAPMod **mods = NULL; 00112 int rc; 00113 LDAPMessage *result = NULL; 00114 int num_result; 00115 const char **attr_list; 00116 char *escape_domain_name; 00117 00118 /* escape for filter */ 00119 escape_domain_name = escape_ldap_string_alloc(domain_name); 00120 if (!escape_domain_name) { 00121 DEBUG(0, ("Out of memory!\n")); 00122 return NT_STATUS_NO_MEMORY; 00123 } 00124 00125 slprintf (filter, sizeof (filter) - 1, "(&(%s=%s)(objectclass=%s))", 00126 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 00127 escape_domain_name, LDAP_OBJ_DOMINFO); 00128 00129 SAFE_FREE(escape_domain_name); 00130 00131 attr_list = get_attr_list( NULL, dominfo_attr_list ); 00132 rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result); 00133 TALLOC_FREE( attr_list ); 00134 00135 if (rc != LDAP_SUCCESS) { 00136 return NT_STATUS_UNSUCCESSFUL; 00137 } 00138 00139 num_result = ldap_count_entries(ldap_state->ldap_struct, result); 00140 00141 if (num_result > 1) { 00142 DEBUG (0, ("add_new_domain_info: More than domain with that name exists: bailing " 00143 "out!\n")); 00144 ldap_msgfree(result); 00145 return NT_STATUS_UNSUCCESSFUL; 00146 } 00147 00148 /* Check if we need to add an entry */ 00149 DEBUG(3,("add_new_domain_info: Adding new domain\n")); 00150 00151 /* this time escape for DN */ 00152 escape_domain_name = escape_rdn_val_string_alloc(domain_name); 00153 if (!escape_domain_name) { 00154 DEBUG(0, ("Out of memory!\n")); 00155 return NT_STATUS_NO_MEMORY; 00156 } 00157 00158 pstr_sprintf(dn, "%s=%s,%s", 00159 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 00160 escape_domain_name, lp_ldap_suffix()); 00161 00162 SAFE_FREE(escape_domain_name); 00163 00164 /* Free original search */ 00165 ldap_msgfree(result); 00166 00167 /* make the changes - the entry *must* not already have samba 00168 * attributes */ 00169 00170 smbldap_set_mod(&mods, LDAP_MOD_ADD, 00171 get_attr_key2string(dominfo_attr_list, 00172 LDAP_ATTR_DOMAIN), 00173 domain_name); 00174 00175 /* If we don't have an entry, then ask secrets.tdb for what it thinks. 00176 It may choose to make it up */ 00177 00178 sid_to_string(sid_string, get_global_sam_sid()); 00179 smbldap_set_mod(&mods, LDAP_MOD_ADD, 00180 get_attr_key2string(dominfo_attr_list, 00181 LDAP_ATTR_DOM_SID), 00182 sid_string); 00183 00184 slprintf(algorithmic_rid_base_string, 00185 sizeof(algorithmic_rid_base_string) - 1, "%i", 00186 algorithmic_rid_base()); 00187 smbldap_set_mod(&mods, LDAP_MOD_ADD, 00188 get_attr_key2string(dominfo_attr_list, 00189 LDAP_ATTR_ALGORITHMIC_RID_BASE), 00190 algorithmic_rid_base_string); 00191 smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO); 00192 00193 /* add the sambaNextUserRid attributes. */ 00194 00195 { 00196 uint32 rid = BASE_RID; 00197 fstring rid_str; 00198 00199 fstr_sprintf( rid_str, "%i", rid ); 00200 DEBUG(10,("add_new_domain_info: setting next available user rid [%s]\n", rid_str)); 00201 smbldap_set_mod(&mods, LDAP_MOD_ADD, 00202 get_attr_key2string(dominfo_attr_list, 00203 LDAP_ATTR_NEXT_USERRID), 00204 rid_str); 00205 } 00206 00207 00208 rc = smbldap_add(ldap_state, dn, mods); 00209 00210 if (rc!=LDAP_SUCCESS) { 00211 char *ld_error = NULL; 00212 ldap_get_option(ldap_state->ldap_struct, 00213 LDAP_OPT_ERROR_STRING, &ld_error); 00214 DEBUG(1,("add_new_domain_info: failed to add domain dn= %s with: %s\n\t%s\n", 00215 dn, ldap_err2string(rc), 00216 ld_error?ld_error:"unknown")); 00217 SAFE_FREE(ld_error); 00218 00219 ldap_mods_free(mods, True); 00220 return NT_STATUS_UNSUCCESSFUL; 00221 } 00222 00223 DEBUG(2,("add_new_domain_info: added: domain = %s in the LDAP database\n", domain_name)); 00224 ldap_mods_free(mods, True); 00225 return NT_STATUS_OK; 00226 }
NTSTATUS smbldap_search_domain_info | ( | struct smbldap_state * | ldap_state, | |
LDAPMessage ** | result, | |||
const char * | domain_name, | |||
BOOL | try_add | |||
) |
smbldap_util.c の 232 行で定義されています。
参照先 add_new_domain_account_policies()・add_new_domain_info()・dominfo_attr_list・escape_ldap_string_alloc()・failed・get_attr_key2string()・get_attr_list()・smbldap_state::ldap_struct・LDAP_SUCCESS・nt_errstr()・pstr_sprintf()・smbldap_search_suffix()・status.
参照元 ldapsam_get_new_rid()・pdb_init_ldapsam().
00235 { 00236 NTSTATUS status = NT_STATUS_UNSUCCESSFUL; 00237 pstring filter; 00238 int rc; 00239 const char **attr_list; 00240 int count; 00241 char *escape_domain_name; 00242 00243 escape_domain_name = escape_ldap_string_alloc(domain_name); 00244 if (!escape_domain_name) { 00245 DEBUG(0, ("Out of memory!\n")); 00246 return NT_STATUS_NO_MEMORY; 00247 } 00248 00249 pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))", 00250 LDAP_OBJ_DOMINFO, 00251 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), 00252 escape_domain_name); 00253 00254 SAFE_FREE(escape_domain_name); 00255 00256 DEBUG(2, ("smbldap_search_domain_info: Searching for:[%s]\n", filter)); 00257 00258 attr_list = get_attr_list( NULL, dominfo_attr_list ); 00259 rc = smbldap_search_suffix(ldap_state, filter, attr_list , result); 00260 TALLOC_FREE( attr_list ); 00261 00262 if (rc != LDAP_SUCCESS) { 00263 DEBUG(2,("smbldap_search_domain_info: Problem during LDAPsearch: %s\n", ldap_err2string (rc))); 00264 DEBUG(2,("smbldap_search_domain_info: Query was: %s, %s\n", lp_ldap_suffix(), filter)); 00265 goto failed; 00266 } 00267 00268 count = ldap_count_entries(ldap_state->ldap_struct, *result); 00269 00270 if (count == 1) 00271 return NT_STATUS_OK; 00272 00273 ldap_msgfree(*result); 00274 *result = NULL; 00275 00276 if (count < 1) { 00277 00278 DEBUG(3, ("smbldap_search_domain_info: Got no domain info entries for domain\n")); 00279 00280 if (!try_add) 00281 goto failed; 00282 00283 status = add_new_domain_info(ldap_state, domain_name); 00284 if (!NT_STATUS_IS_OK(status)) { 00285 DEBUG(0, ("smbldap_search_domain_info: Adding domain info for %s failed with %s\n", 00286 domain_name, nt_errstr(status))); 00287 goto failed; 00288 } 00289 00290 status = add_new_domain_account_policies(ldap_state, domain_name); 00291 if (!NT_STATUS_IS_OK(status)) { 00292 DEBUG(0, ("smbldap_search_domain_info: Adding domain account policies for %s failed with %s\n", 00293 domain_name, nt_errstr(status))); 00294 goto failed; 00295 } 00296 00297 return smbldap_search_domain_info(ldap_state, result, domain_name, False); 00298 00299 } 00300 00301 if (count > 1 ) { 00302 00303 DEBUG(0, ("smbldap_search_domain_info: Got too many (%d) domain info entries for domain %s\n", 00304 count, domain_name)); 00305 goto failed; 00306 } 00307 00308 failed: 00309 return status; 00310 }