nsswitch/winbindd_rpc.c

ソースコードを見る。

関数

static NTSTATUS query_user_list (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 *num_entries, WINBIND_USERINFO **info)
static NTSTATUS enum_dom_groups (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 *num_entries, struct acct_info **info)
static NTSTATUS enum_local_groups (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 *num_entries, struct acct_info **info)
NTSTATUS msrpc_name_to_sid (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const char *domain_name, const char *name, DOM_SID *sid, enum lsa_SidType *type)
NTSTATUS msrpc_sid_to_name (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **domain_name, char **name, enum lsa_SidType *type)
NTSTATUS msrpc_rids_to_names (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *sid, uint32 *rids, size_t num_rids, char **domain_name, char ***names, enum lsa_SidType **types)
static NTSTATUS query_user (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *user_sid, WINBIND_USERINFO *user_info)
static NTSTATUS lookup_usergroups (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *user_sid, uint32 *num_groups, DOM_SID **user_grpsids)
NTSTATUS msrpc_lookup_useraliases (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 num_sids, const DOM_SID *sids, uint32 *num_aliases, uint32 **alias_rids)
static NTSTATUS lookup_groupmem (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *group_sid, uint32 *num_names, DOM_SID **sid_mem, char ***names, uint32 **name_types)
static int get_ldap_seq (const char *server, int port, uint32 *seq)
static int get_ldap_sequence_number (struct winbindd_domain *domain, uint32 *seq)
static NTSTATUS sequence_number (struct winbindd_domain *domain, uint32 *seq)
static NTSTATUS trusted_domains (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, uint32 *num_domains, char ***names, char ***alt_names, DOM_SID **dom_sids)
NTSTATUS msrpc_lockout_policy (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, SAM_UNK_INFO_12 *lockout_policy)
NTSTATUS msrpc_password_policy (struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, SAM_UNK_INFO_1 *password_policy)

変数

winbindd_methods msrpc_methods


関数

static NTSTATUS query_user_list ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
uint32 *  num_entries,
WINBIND_USERINFO **  info 
) [static]

winbindd_rpc.c35 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainget_query_dispinfo_params()sam_dispinfo_ctr_info::info1resultsamr_entry_info1::rid_userrpccli_samr_query_dispinfo()sam_entry_info_1::samsam_dispinfo_ctr_info::samsid_compose()sam_entry_info_1::strtalloc_init()talloc_strdup()unistr2_to_ascii()username.

00039 {
00040         NTSTATUS result;
00041         POLICY_HND dom_pol;
00042         unsigned int i, start_idx;
00043         uint32 loop_count;
00044         struct rpc_pipe_client *cli;
00045 
00046         DEBUG(3,("rpc: query_user_list\n"));
00047 
00048         *num_entries = 0;
00049         *info = NULL;
00050 
00051         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00052         if (!NT_STATUS_IS_OK(result))
00053                 return result;
00054 
00055         i = start_idx = 0;
00056         loop_count = 0;
00057 
00058         do {
00059                 TALLOC_CTX *ctx2;
00060                 uint32 num_dom_users, j;
00061                 uint32 max_entries, max_size;
00062                 SAM_DISPINFO_CTR ctr;
00063                 SAM_DISPINFO_1 info1;
00064 
00065                 ZERO_STRUCT( ctr );
00066                 ZERO_STRUCT( info1 );
00067                 ctr.sam.info1 = &info1;
00068         
00069                 if (!(ctx2 = talloc_init("winbindd enum_users")))
00070                         return NT_STATUS_NO_MEMORY;
00071 
00072                 /* this next bit is copied from net_user_list_internal() */
00073 
00074                 get_query_dispinfo_params(loop_count, &max_entries,
00075                                           &max_size);
00076 
00077                 result = rpccli_samr_query_dispinfo(cli, mem_ctx, &dom_pol,
00078                                                     &start_idx, 1,
00079                                                     &num_dom_users,
00080                                                     max_entries, max_size,
00081                                                     &ctr);
00082 
00083                 loop_count++;
00084 
00085                 *num_entries += num_dom_users;
00086 
00087                 *info = TALLOC_REALLOC_ARRAY(mem_ctx, *info, WINBIND_USERINFO,
00088                                              *num_entries);
00089 
00090                 if (!(*info)) {
00091                         talloc_destroy(ctx2);
00092                         return NT_STATUS_NO_MEMORY;
00093                 }
00094 
00095                 for (j = 0; j < num_dom_users; i++, j++) {
00096                         fstring username, fullname;
00097                         uint32 rid = ctr.sam.info1->sam[j].rid_user;
00098                         
00099                         unistr2_to_ascii( username, &(&ctr.sam.info1->str[j])->uni_acct_name, sizeof(username)-1);
00100                         unistr2_to_ascii( fullname, &(&ctr.sam.info1->str[j])->uni_full_name, sizeof(fullname)-1);
00101                         
00102                         (*info)[i].acct_name = talloc_strdup(mem_ctx, username );
00103                         (*info)[i].full_name = talloc_strdup(mem_ctx, fullname );
00104                         (*info)[i].homedir = NULL;
00105                         (*info)[i].shell = NULL;
00106                         sid_compose(&(*info)[i].user_sid, &domain->sid, rid);
00107                         
00108                         /* For the moment we set the primary group for
00109                            every user to be the Domain Users group.
00110                            There are serious problems with determining
00111                            the actual primary group for large domains.
00112                            This should really be made into a 'winbind
00113                            force group' smb.conf parameter or
00114                            something like that. */
00115                            
00116                         sid_compose(&(*info)[i].group_sid, &domain->sid, 
00117                                     DOMAIN_GROUP_RID_USERS);
00118                 }
00119 
00120                 talloc_destroy(ctx2);
00121 
00122         } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
00123 
00124         return result;
00125 }

static NTSTATUS enum_dom_groups ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
uint32 *  num_entries,
struct acct_info **  info 
) [static]

winbindd_rpc.c128 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainrpccli_samr_enum_dom_groups()statustalloc_init().

00132 {
00133         POLICY_HND dom_pol;
00134         NTSTATUS status;
00135         uint32 start = 0;
00136         struct rpc_pipe_client *cli;
00137 
00138         *num_entries = 0;
00139         *info = NULL;
00140 
00141         DEBUG(3,("rpc: enum_dom_groups\n"));
00142 
00143         status = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00144         if (!NT_STATUS_IS_OK(status))
00145                 return status;
00146 
00147         do {
00148                 struct acct_info *info2 = NULL;
00149                 uint32 count = 0;
00150                 TALLOC_CTX *mem_ctx2;
00151 
00152                 mem_ctx2 = talloc_init("enum_dom_groups[rpc]");
00153 
00154                 /* start is updated by this call. */
00155                 status = rpccli_samr_enum_dom_groups(cli, mem_ctx2, &dom_pol,
00156                                                      &start,
00157                                                      0xFFFF, /* buffer size? */
00158                                                      &info2, &count);
00159 
00160                 if (!NT_STATUS_IS_OK(status) && 
00161                     !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
00162                         talloc_destroy(mem_ctx2);
00163                         break;
00164                 }
00165 
00166                 (*info) = TALLOC_REALLOC_ARRAY(mem_ctx, *info,
00167                                                struct acct_info,
00168                                                (*num_entries) + count);
00169                 if (! *info) {
00170                         talloc_destroy(mem_ctx2);
00171                         return NT_STATUS_NO_MEMORY;
00172                 }
00173 
00174                 memcpy(&(*info)[*num_entries], info2, count*sizeof(*info2));
00175                 (*num_entries) += count;
00176                 talloc_destroy(mem_ctx2);
00177         } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
00178 
00179         return NT_STATUS_OK;
00180 }

static NTSTATUS enum_local_groups ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
uint32 *  num_entries,
struct acct_info **  info 
) [static]

winbindd_rpc.c184 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainresultrpccli_samr_enum_als_groups()talloc_init().

00188 {
00189         POLICY_HND dom_pol;
00190         NTSTATUS result;
00191         struct rpc_pipe_client *cli;
00192 
00193         *num_entries = 0;
00194         *info = NULL;
00195 
00196         DEBUG(3,("rpc: enum_local_groups\n"));
00197 
00198         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00199         if (!NT_STATUS_IS_OK(result))
00200                 return result;
00201 
00202         do {
00203                 struct acct_info *info2 = NULL;
00204                 uint32 count = 0, start = *num_entries;
00205                 TALLOC_CTX *mem_ctx2;
00206 
00207                 mem_ctx2 = talloc_init("enum_dom_local_groups[rpc]");
00208 
00209                 result = rpccli_samr_enum_als_groups( cli, mem_ctx2, &dom_pol,
00210                                                       &start, 0xFFFF, &info2,
00211                                                       &count);
00212                                           
00213                 if (!NT_STATUS_IS_OK(result) &&
00214                     !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES) ) 
00215                 {
00216                         talloc_destroy(mem_ctx2);
00217                         return result;
00218                 }
00219 
00220                 (*info) = TALLOC_REALLOC_ARRAY(mem_ctx, *info,
00221                                                struct acct_info,
00222                                                (*num_entries) + count);
00223                 if (! *info) {
00224                         talloc_destroy(mem_ctx2);
00225                         return NT_STATUS_NO_MEMORY;
00226                 }
00227 
00228                 memcpy(&(*info)[*num_entries], info2, count*sizeof(*info2));
00229                 (*num_entries) += count;
00230                 talloc_destroy(mem_ctx2);
00231 
00232         } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
00233 
00234         return NT_STATUS_OK;
00235 }

NTSTATUS msrpc_name_to_sid ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const char *  domain_name,
const char *  name,
DOM_SID sid,
enum lsa_SidType type 
)

winbindd_rpc.c238 行で定義されています。

参照先 clicm_connect_lsa()rpc_pipe_client::domainresultrpccli_lsa_lookup_names()sid_copy()talloc_asprintf()ws_name_return().

00244 {
00245         NTSTATUS result;
00246         DOM_SID *sids = NULL;
00247         enum lsa_SidType *types = NULL;
00248         char *full_name = NULL;
00249         struct rpc_pipe_client *cli;
00250         POLICY_HND lsa_policy;
00251 
00252         if(name == NULL || *name=='\0') {
00253                 DEBUG(3,("rpc: name_to_sid name=%s\n", domain_name));
00254                 full_name = talloc_asprintf(mem_ctx, "%s", domain_name);
00255         } else {
00256                 DEBUG(3,("rpc: name_to_sid name=%s\\%s\n", domain_name, name));
00257                 full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain_name, name);
00258         }
00259         if (!full_name) {
00260                 DEBUG(0, ("talloc_asprintf failed!\n"));
00261                 return NT_STATUS_NO_MEMORY;
00262         }
00263 
00264         ws_name_return( full_name, WB_REPLACE_CHAR );
00265 
00266         DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", full_name?full_name:"", domain_name ));
00267 
00268         result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
00269         if (!NT_STATUS_IS_OK(result))
00270                 return result;
00271 
00272         result = rpccli_lsa_lookup_names(cli, mem_ctx, &lsa_policy, 1, 
00273                                          (const char**) &full_name, NULL, &sids, &types);
00274         
00275         if (!NT_STATUS_IS_OK(result))
00276                 return result;
00277 
00278         /* Return rid and type if lookup successful */
00279 
00280         sid_copy(sid, &sids[0]);
00281         *type = types[0];
00282 
00283         return NT_STATUS_OK;
00284 }

NTSTATUS msrpc_sid_to_name ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const DOM_SID sid,
char **  domain_name,
char **  name,
enum lsa_SidType type 
)

winbindd_rpc.c289 行で定義されています。

参照先 clicm_connect_lsa()rpc_pipe_client::domainresultrpccli_lsa_lookup_sids()sid_string_static()ws_name_replace().

00295 {
00296         char **domains;
00297         char **names;
00298         enum lsa_SidType *types;
00299         NTSTATUS result;
00300         struct rpc_pipe_client *cli;
00301         POLICY_HND lsa_policy;
00302 
00303         DEBUG(3,("sid_to_name [rpc] %s for domain %s\n", sid_string_static(sid),
00304                         domain->name ));
00305 
00306         result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
00307         if (!NT_STATUS_IS_OK(result))
00308                 return result;
00309 
00310         result = rpccli_lsa_lookup_sids(cli, mem_ctx, &lsa_policy,
00311                                         1, sid, &domains, &names, &types);
00312         if (!NT_STATUS_IS_OK(result))
00313                 return result;
00314 
00315         *type = (enum lsa_SidType)types[0];
00316         *domain_name = domains[0];
00317         *name = names[0];
00318 
00319         ws_name_replace( *name, WB_REPLACE_CHAR );      
00320                 
00321         DEBUG(5,("Mapped sid to [%s]\\[%s]\n", domains[0], *name));
00322         return NT_STATUS_OK;
00323 }

NTSTATUS msrpc_rids_to_names ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const DOM_SID sid,
uint32 *  rids,
size_t  num_rids,
char **  domain_name,
char ***  names,
enum lsa_SidType **  types 
)

winbindd_rpc.c325 行で定義されています。

参照先 clicm_connect_lsa()rpc_pipe_client::domainresultrpccli_lsa_lookup_sids()sid_compose()SID_NAME_UNKNOWNws_name_replace().

00333 {
00334         char **domains;
00335         NTSTATUS result;
00336         struct rpc_pipe_client *cli;
00337         POLICY_HND lsa_policy;
00338         DOM_SID *sids;
00339         size_t i;
00340         char **ret_names;
00341 
00342         DEBUG(3, ("rids_to_names [rpc] for domain %s\n", domain->name ));
00343 
00344         if (num_rids) {
00345                 sids = TALLOC_ARRAY(mem_ctx, DOM_SID, num_rids);
00346                 if (sids == NULL) {
00347                         return NT_STATUS_NO_MEMORY;
00348                 }
00349         } else {
00350                 sids = NULL;
00351         }
00352 
00353         for (i=0; i<num_rids; i++) {
00354                 if (!sid_compose(&sids[i], sid, rids[i])) {
00355                         return NT_STATUS_INTERNAL_ERROR;
00356                 }
00357         }
00358 
00359         result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
00360         if (!NT_STATUS_IS_OK(result)) {
00361                 return result;
00362         }
00363 
00364         result = rpccli_lsa_lookup_sids(cli, mem_ctx, &lsa_policy,
00365                                         num_rids, sids, &domains,
00366                                         names, types);
00367         if (!NT_STATUS_IS_OK(result) &&
00368             !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) {
00369                 return result;
00370         }
00371 
00372         ret_names = *names;
00373         for (i=0; i<num_rids; i++) {
00374                 if ((*types)[i] != SID_NAME_UNKNOWN) {
00375                         ws_name_replace( ret_names[i], WB_REPLACE_CHAR );
00376                         *domain_name = domains[i];
00377                 }
00378         }
00379 
00380         return result;
00381 }

static NTSTATUS query_user ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const DOM_SID user_sid,
WINBIND_USERINFO user_info 
) [static]

winbindd_rpc.c384 行で定義されています。

参照先 WINBIND_USERINFO::acct_nameclicm_connect_sam()rpc_pipe_client::domainWINBIND_USERINFO::full_namesam_user_info_21::group_ridnet_user_info_3::group_ridWINBIND_USERINFO::group_sidWINBIND_USERINFO::homedirsam_userinfo_ctr_info::id21sam_userinfo_ctr_info::infonetsamlogon_cache_get()WINBIND_USERINFO::primary_gidresultrpccli_samr_close()rpccli_samr_open_user()rpccli_samr_query_userinfo()WINBIND_USERINFO::shellsid_compose()sid_peek_check_rid()sid_string_static()sid_to_string()sam_user_info_21::uni_full_namenet_user_info_3::uni_full_namesam_user_info_21::uni_user_namenet_user_info_3::uni_user_nameunistr2_tdup()WINBIND_USERINFO::user_sid.

00388 {
00389         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00390         POLICY_HND dom_pol, user_pol;
00391         SAM_USERINFO_CTR *ctr;
00392         fstring sid_string;
00393         uint32 user_rid;
00394         NET_USER_INFO_3 *user;
00395         struct rpc_pipe_client *cli;
00396 
00397         DEBUG(3,("rpc: query_user sid=%s\n",
00398                  sid_to_string(sid_string, user_sid)));
00399 
00400         if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid))
00401                 return NT_STATUS_UNSUCCESSFUL;
00402         
00403         /* try netsamlogon cache first */
00404                         
00405         if ( (user = netsamlogon_cache_get( mem_ctx, user_sid )) != NULL ) 
00406         {
00407                                 
00408                 DEBUG(5,("query_user: Cache lookup succeeded for %s\n", 
00409                         sid_string_static(user_sid)));
00410 
00411                 sid_compose(&user_info->user_sid, &domain->sid, user_rid);
00412                 sid_compose(&user_info->group_sid, &domain->sid,
00413                             user->group_rid);
00414                                 
00415                 user_info->acct_name = unistr2_tdup(mem_ctx,
00416                                                     &user->uni_user_name);
00417                 user_info->full_name = unistr2_tdup(mem_ctx,
00418                                                     &user->uni_full_name);
00419                 
00420                 user_info->homedir = NULL;
00421                 user_info->shell = NULL;
00422                 user_info->primary_gid = (gid_t)-1;
00423                                                 
00424                 TALLOC_FREE(user);
00425                                 
00426                 return NT_STATUS_OK;
00427         }
00428         
00429         /* no cache; hit the wire */
00430                 
00431         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00432         if (!NT_STATUS_IS_OK(result))
00433                 return result;
00434 
00435         /* Get user handle */
00436         result = rpccli_samr_open_user(cli, mem_ctx, &dom_pol,
00437                                        SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid,
00438                                        &user_pol);
00439 
00440         if (!NT_STATUS_IS_OK(result))
00441                 return result;
00442 
00443         /* Get user info */
00444         result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol,
00445                                             0x15, &ctr);
00446 
00447         rpccli_samr_close(cli, mem_ctx, &user_pol);
00448 
00449         if (!NT_STATUS_IS_OK(result))
00450                 return result;
00451 
00452         sid_compose(&user_info->user_sid, &domain->sid, user_rid);
00453         sid_compose(&user_info->group_sid, &domain->sid,
00454                     ctr->info.id21->group_rid);
00455         user_info->acct_name = unistr2_tdup(mem_ctx, 
00456                                             &ctr->info.id21->uni_user_name);
00457         user_info->full_name = unistr2_tdup(mem_ctx, 
00458                                             &ctr->info.id21->uni_full_name);
00459         user_info->homedir = NULL;
00460         user_info->shell = NULL;
00461         user_info->primary_gid = (gid_t)-1;
00462 
00463         return NT_STATUS_OK;
00464 }                                   

static NTSTATUS lookup_usergroups ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const DOM_SID user_sid,
uint32 *  num_groups,
DOM_SID **  user_grpsids 
) [static]

winbindd_rpc.c467 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainlookup_usergroups_cached()resultrpccli_samr_close()rpccli_samr_open_user()rpccli_samr_query_usergroups()sid_append_rid()sid_copy()sid_peek_check_rid()sid_to_string().

00471 {
00472         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00473         POLICY_HND dom_pol, user_pol;
00474         uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
00475         DOM_GID *user_groups;
00476         unsigned int i;
00477         fstring sid_string;
00478         uint32 user_rid;
00479         struct rpc_pipe_client *cli;
00480 
00481         DEBUG(3,("rpc: lookup_usergroups sid=%s\n",
00482                  sid_to_string(sid_string, user_sid)));
00483 
00484         if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid))
00485                 return NT_STATUS_UNSUCCESSFUL;
00486 
00487         *num_groups = 0;
00488         *user_grpsids = NULL;
00489 
00490         /* so lets see if we have a cached user_info_3 */
00491         result = lookup_usergroups_cached(domain, mem_ctx, user_sid, 
00492                                           num_groups, user_grpsids);
00493 
00494         if (NT_STATUS_IS_OK(result)) {
00495                 return NT_STATUS_OK;
00496         }
00497 
00498         /* no cache; hit the wire */
00499         
00500         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00501         if (!NT_STATUS_IS_OK(result))
00502                 return result;
00503 
00504         /* Get user handle */
00505         result = rpccli_samr_open_user(cli, mem_ctx, &dom_pol,
00506                                         des_access, user_rid, &user_pol);
00507 
00508         if (!NT_STATUS_IS_OK(result))
00509                 return result;
00510 
00511         /* Query user rids */
00512         result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol, 
00513                                            num_groups, &user_groups);
00514 
00515         rpccli_samr_close(cli, mem_ctx, &user_pol);
00516 
00517         if (!NT_STATUS_IS_OK(result) || (*num_groups) == 0)
00518                 return result;
00519 
00520         (*user_grpsids) = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_groups);
00521         if (!(*user_grpsids))
00522                 return NT_STATUS_NO_MEMORY;
00523 
00524         for (i=0;i<(*num_groups);i++) {
00525                 sid_copy(&((*user_grpsids)[i]), &domain->sid);
00526                 sid_append_rid(&((*user_grpsids)[i]),
00527                                 user_groups[i].g_rid);
00528         }
00529         
00530         return NT_STATUS_OK;
00531 }

NTSTATUS msrpc_lookup_useraliases ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
uint32  num_sids,
const DOM_SID sids,
uint32 *  num_aliases,
uint32 **  alias_rids 
)

winbindd_rpc.c533 行で定義されています。

参照先 add_rid_to_array_unique()clicm_connect_sam()rpc_pipe_client::domaindom_sid::num_authsDOM_SID2::num_authsresultrpccli_samr_query_useraliases()DOM_SID2::sidsid_copy().

00537 {
00538         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00539         POLICY_HND dom_pol;
00540         DOM_SID2 *query_sids;
00541         uint32 num_query_sids = 0;
00542         int i;
00543         struct rpc_pipe_client *cli;
00544         uint32 *alias_rids_query, num_aliases_query;
00545         int rangesize = MAX_SAM_ENTRIES_W2K;
00546         uint32 total_sids = 0;
00547         int num_queries = 1;
00548 
00549         *num_aliases = 0;
00550         *alias_rids = NULL;
00551 
00552         DEBUG(3,("rpc: lookup_useraliases\n"));
00553 
00554         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00555         if (!NT_STATUS_IS_OK(result))
00556                 return result;
00557 
00558         do {
00559                 /* prepare query */
00560 
00561                 num_query_sids = MIN(num_sids - total_sids, rangesize);
00562 
00563                 DEBUG(10,("rpc: lookup_useraliases: entering query %d for %d sids\n", 
00564                         num_queries, num_query_sids));  
00565 
00566                 if (num_query_sids) {
00567                         query_sids = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_query_sids);
00568                         if (query_sids == NULL) {
00569                                 return NT_STATUS_NO_MEMORY;
00570                         }
00571                 } else {
00572                         query_sids = NULL;
00573                 }
00574 
00575                 for (i=0; i<num_query_sids; i++) {
00576                         sid_copy(&query_sids[i].sid, &sids[total_sids++]);
00577                         query_sids[i].num_auths = query_sids[i].sid.num_auths;
00578                 }
00579 
00580                 /* do request */
00581 
00582                 result = rpccli_samr_query_useraliases(cli, mem_ctx, &dom_pol,
00583                                                        num_query_sids, query_sids,
00584                                                        &num_aliases_query, 
00585                                                        &alias_rids_query);
00586 
00587                 if (!NT_STATUS_IS_OK(result)) {
00588                         *num_aliases = 0;
00589                         *alias_rids = NULL;
00590                         TALLOC_FREE(query_sids);
00591                         goto done;
00592                 }
00593 
00594                 /* process output */
00595 
00596                 for (i=0; i<num_aliases_query; i++) {
00597                         size_t na = *num_aliases;
00598                         if (!add_rid_to_array_unique(mem_ctx, alias_rids_query[i], 
00599                                                 alias_rids, &na)) {
00600                                 return NT_STATUS_NO_MEMORY;
00601                         }
00602                         *num_aliases = na;
00603                 }
00604 
00605                 TALLOC_FREE(query_sids);
00606 
00607                 num_queries++;
00608 
00609         } while (total_sids < num_sids);
00610 
00611  done:
00612         DEBUG(10,("rpc: lookup_useraliases: got %d aliases in %d queries "
00613                 "(rangesize: %d)\n", *num_aliases, num_queries, rangesize));
00614 
00615         return result;
00616 }

static NTSTATUS lookup_groupmem ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
const DOM_SID group_sid,
uint32 *  num_names,
DOM_SID **  sid_mem,
char ***  names,
uint32 **  name_types 
) [static]

winbindd_rpc.c620 行で定義されています。

参照先 clicli_set_timeout()cm_connect_sam()rpc_pipe_client::domainresultrpccli_samr_close()rpccli_samr_lookup_rids()rpccli_samr_open_group()rpccli_samr_query_groupmem()sid_compose()sid_peek_check_rid()sid_to_string().

00625 {
00626         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00627         uint32 i, total_names = 0;
00628         POLICY_HND dom_pol, group_pol;
00629         uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
00630         uint32 *rid_mem = NULL;
00631         uint32 group_rid;
00632         unsigned int j;
00633         fstring sid_string;
00634         struct rpc_pipe_client *cli;
00635         unsigned int orig_timeout;
00636 
00637         DEBUG(10,("rpc: lookup_groupmem %s sid=%s\n", domain->name,
00638                   sid_to_string(sid_string, group_sid)));
00639 
00640         if (!sid_peek_check_rid(&domain->sid, group_sid, &group_rid))
00641                 return NT_STATUS_UNSUCCESSFUL;
00642 
00643         *num_names = 0;
00644 
00645         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00646         if (!NT_STATUS_IS_OK(result))
00647                 return result;
00648 
00649         result = rpccli_samr_open_group(cli, mem_ctx, &dom_pol,
00650                                         des_access, group_rid, &group_pol);
00651 
00652         if (!NT_STATUS_IS_OK(result))
00653                 return result;
00654 
00655         /* Step #1: Get a list of user rids that are the members of the
00656            group. */
00657 
00658         /* This call can take a long time - allow the server to time out.
00659            35 seconds should do it. */
00660 
00661         orig_timeout = cli_set_timeout(cli->cli, 35000);
00662 
00663         result = rpccli_samr_query_groupmem(cli, mem_ctx,
00664                                             &group_pol, num_names, &rid_mem,
00665                                             name_types);
00666 
00667         /* And restore our original timeout. */
00668         cli_set_timeout(cli->cli, orig_timeout);
00669 
00670         rpccli_samr_close(cli, mem_ctx, &group_pol);
00671 
00672         if (!NT_STATUS_IS_OK(result))
00673                 return result;
00674 
00675         if (!*num_names) {
00676                 names = NULL;
00677                 name_types = NULL;
00678                 sid_mem = NULL;
00679                 return NT_STATUS_OK;
00680         }
00681 
00682         /* Step #2: Convert list of rids into list of usernames.  Do this
00683            in bunches of ~1000 to avoid crashing NT4.  It looks like there
00684            is a buffer overflow or something like that lurking around
00685            somewhere. */
00686 
00687 #define MAX_LOOKUP_RIDS 900
00688 
00689         *names = TALLOC_ZERO_ARRAY(mem_ctx, char *, *num_names);
00690         *name_types = TALLOC_ZERO_ARRAY(mem_ctx, uint32, *num_names);
00691         *sid_mem = TALLOC_ZERO_ARRAY(mem_ctx, DOM_SID, *num_names);
00692 
00693         for (j=0;j<(*num_names);j++)
00694                 sid_compose(&(*sid_mem)[j], &domain->sid, rid_mem[j]);
00695         
00696         if (*num_names>0 && (!*names || !*name_types))
00697                 return NT_STATUS_NO_MEMORY;
00698 
00699         for (i = 0; i < *num_names; i += MAX_LOOKUP_RIDS) {
00700                 int num_lookup_rids = MIN(*num_names - i, MAX_LOOKUP_RIDS);
00701                 uint32 tmp_num_names = 0;
00702                 char **tmp_names = NULL;
00703                 uint32 *tmp_types = NULL;
00704 
00705                 /* Lookup a chunk of rids */
00706 
00707                 result = rpccli_samr_lookup_rids(cli, mem_ctx,
00708                                                  &dom_pol,
00709                                                  num_lookup_rids,
00710                                                  &rid_mem[i],
00711                                                  &tmp_num_names,
00712                                                  &tmp_names, &tmp_types);
00713 
00714                 /* see if we have a real error (and yes the
00715                    STATUS_SOME_UNMAPPED is the one returned from 2k) */
00716                 
00717                 if (!NT_STATUS_IS_OK(result) &&
00718                     !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
00719                         return result;
00720                         
00721                 /* Copy result into array.  The talloc system will take
00722                    care of freeing the temporary arrays later on. */
00723 
00724                 memcpy(&(*names)[i], tmp_names, sizeof(char *) * 
00725                        tmp_num_names);
00726 
00727                 memcpy(&(*name_types)[i], tmp_types, sizeof(uint32) *
00728                        tmp_num_names);
00729                 
00730                 total_names += tmp_num_names;
00731         }
00732 
00733         *num_names = total_names;
00734 
00735         return NT_STATUS_OK;
00736 }

static int get_ldap_seq ( const char *  server,
int  port,
uint32 *  seq 
) [static]

winbindd_rpc.c742 行で定義されています。

参照先 ldap_open_with_timeout()values.

参照元 get_ldap_sequence_number().

00743 {
00744         int ret = -1;
00745         struct timeval to;
00746         const char *attrs[] = {"highestCommittedUSN", NULL};
00747         LDAPMessage *res = NULL;
00748         char **values = NULL;
00749         LDAP *ldp = NULL;
00750 
00751         *seq = DOM_SEQUENCE_NONE;
00752 
00753         /*
00754          * Parameterised (5) second timeout on open. This is needed as the
00755          * search timeout doesn't seem to apply to doing an open as well. JRA.
00756          */
00757 
00758         ldp = ldap_open_with_timeout(server, port, lp_ldap_timeout());
00759         if (ldp == NULL)
00760                 return -1;
00761 
00762         /* Timeout if no response within 20 seconds. */
00763         to.tv_sec = 10;
00764         to.tv_usec = 0;
00765 
00766         if (ldap_search_st(ldp, "", LDAP_SCOPE_BASE, "(objectclass=*)",
00767                            CONST_DISCARD(char **, attrs), 0, &to, &res))
00768                 goto done;
00769 
00770         if (ldap_count_entries(ldp, res) != 1)
00771                 goto done;
00772 
00773         values = ldap_get_values(ldp, res, "highestCommittedUSN");
00774         if (!values || !values[0])
00775                 goto done;
00776 
00777         *seq = atoi(values[0]);
00778         ret = 0;
00779 
00780   done:
00781 
00782         if (values)
00783                 ldap_value_free(values);
00784         if (res)
00785                 ldap_msgfree(res);
00786         if (ldp)
00787                 ldap_unbind(ldp);
00788         return ret;
00789 }

static int get_ldap_sequence_number ( struct winbindd_domain domain,
uint32 *  seq 
) [static]

winbindd_rpc.c796 行で定義されています。

参照先 winbindd_domain::dcaddrget_ldap_seq()winbindd_domain::name.

参照元 sequence_number().

00797 {
00798         int ret = -1;
00799         fstring ipstr;
00800 
00801         fstrcpy( ipstr, inet_ntoa(domain->dcaddr.sin_addr));
00802         if ((ret = get_ldap_seq( ipstr, LDAP_PORT, seq)) == 0) {
00803                 DEBUG(3, ("get_ldap_sequence_number: Retrieved sequence "
00804                           "number for Domain (%s) from DC (%s)\n", 
00805                         domain->name, ipstr));
00806         } 
00807         return ret;
00808 }

static NTSTATUS sequence_number ( struct winbindd_domain domain,
uint32 *  seq 
) [static]

winbindd_rpc.c813 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainget_ldap_sequence_number()sam_unknown_ctr_info::inf2sam_unknown_ctr_info::inf8sam_unknown_ctr_info::inforesultrpccli_samr_query_dom_info()sam_unknown_info_2_inf::seq_numsam_unknown_info_8_info::seq_numtalloc_init().

00814 {
00815         TALLOC_CTX *mem_ctx;
00816         SAM_UNK_CTR ctr;
00817         NTSTATUS result;
00818         POLICY_HND dom_pol;
00819         BOOL got_seq_num = False;
00820         struct rpc_pipe_client *cli;
00821 
00822         DEBUG(10,("rpc: fetch sequence_number for %s\n", domain->name));
00823 
00824         *seq = DOM_SEQUENCE_NONE;
00825 
00826         if (!(mem_ctx = talloc_init("sequence_number[rpc]")))
00827                 return NT_STATUS_NO_MEMORY;
00828 
00829 #ifdef HAVE_LDAP
00830         if ( domain->native_mode ) 
00831         {
00832                 int res;
00833 
00834                 DEBUG(8,("using get_ldap_seq() to retrieve the "
00835                          "sequence number\n"));
00836 
00837                 res =  get_ldap_sequence_number( domain, seq );
00838                 if (res == 0)
00839                 {                       
00840                         result = NT_STATUS_OK;
00841                         DEBUG(10,("domain_sequence_number: LDAP for "
00842                                   "domain %s is %u\n",
00843                                   domain->name, *seq));
00844                         goto done;
00845                 }
00846 
00847                 DEBUG(10,("domain_sequence_number: failed to get LDAP "
00848                           "sequence number for domain %s\n",
00849                           domain->name ));
00850         }
00851 #endif /* HAVE_LDAP */
00852 
00853         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00854         if (!NT_STATUS_IS_OK(result)) {
00855                 goto done;
00856         }
00857 
00858         /* Query domain info */
00859 
00860         result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 8, &ctr);
00861 
00862         if (NT_STATUS_IS_OK(result)) {
00863                 *seq = ctr.info.inf8.seq_num;
00864                 got_seq_num = True;
00865                 goto seq_num;
00866         }
00867 
00868         /* retry with info-level 2 in case the dc does not support info-level 8
00869          * (like all older samba2 and samba3 dc's - Guenther */
00870 
00871         result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 2, &ctr);
00872         
00873         if (NT_STATUS_IS_OK(result)) {
00874                 *seq = ctr.info.inf2.seq_num;
00875                 got_seq_num = True;
00876         }
00877 
00878  seq_num:
00879         if (got_seq_num) {
00880                 DEBUG(10,("domain_sequence_number: for domain %s is %u\n",
00881                           domain->name, (unsigned)*seq));
00882         } else {
00883                 DEBUG(10,("domain_sequence_number: failed to get sequence "
00884                           "number (%u) for domain %s\n",
00885                           (unsigned)*seq, domain->name ));
00886         }
00887 
00888   done:
00889 
00890         talloc_destroy(mem_ctx);
00891 
00892         return result;
00893 }

static NTSTATUS trusted_domains ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
uint32 *  num_domains,
char ***  names,
char ***  alt_names,
DOM_SID **  dom_sids 
) [static]

winbindd_rpc.c896 行で定義されています。

参照先 clicm_connect_lsa()rpc_pipe_client::domainresultrpccli_lsa_enum_trust_dom()talloc_strdup().

00902 {
00903         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00904         uint32 enum_ctx = 0;
00905         struct rpc_pipe_client *cli;
00906         POLICY_HND lsa_policy;
00907 
00908         DEBUG(3,("rpc: trusted_domains\n"));
00909 
00910         *num_domains = 0;
00911         *names = NULL;
00912         *alt_names = NULL;
00913         *dom_sids = NULL;
00914 
00915         result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
00916         if (!NT_STATUS_IS_OK(result))
00917                 return result;
00918 
00919         result = STATUS_MORE_ENTRIES;
00920 
00921         while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
00922                 uint32 start_idx, num;
00923                 char **tmp_names;
00924                 DOM_SID *tmp_sids;
00925                 int i;
00926 
00927                 result = rpccli_lsa_enum_trust_dom(cli, mem_ctx,
00928                                                    &lsa_policy, &enum_ctx,
00929                                                    &num, &tmp_names,
00930                                                    &tmp_sids);
00931 
00932                 if (!NT_STATUS_IS_OK(result) &&
00933                     !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
00934                         break;
00935 
00936                 start_idx = *num_domains;
00937                 *num_domains += num;
00938                 *names = TALLOC_REALLOC_ARRAY(mem_ctx, *names,
00939                                               char *, *num_domains);
00940                 *dom_sids = TALLOC_REALLOC_ARRAY(mem_ctx, *dom_sids,
00941                                                  DOM_SID, *num_domains);
00942                 *alt_names = TALLOC_REALLOC_ARRAY(mem_ctx, *alt_names,
00943                                                  char *, *num_domains);
00944                 if ((*names == NULL) || (*dom_sids == NULL) ||
00945                     (*alt_names == NULL))
00946                         return NT_STATUS_NO_MEMORY;
00947 
00948                 for (i=0; i<num; i++) {
00949                         (*names)[start_idx+i] = tmp_names[i];
00950                         (*dom_sids)[start_idx+i] = tmp_sids[i];
00951                         (*alt_names)[start_idx+i] = talloc_strdup(mem_ctx, "");
00952                 }
00953         }
00954         return result;
00955 }

NTSTATUS msrpc_lockout_policy ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
SAM_UNK_INFO_12 lockout_policy 
)

winbindd_rpc.c958 行で定義されています。

参照先 sam_unknown_info_12_inf::bad_attempt_lockoutclicm_connect_sam()rpc_pipe_client::domainsam_unknown_ctr_info::inf12sam_unknown_ctr_info::infolockout_policy()resultrpccli_samr_query_dom_info().

00961 {
00962         NTSTATUS result;
00963         struct rpc_pipe_client *cli;
00964         POLICY_HND dom_pol;
00965         SAM_UNK_CTR ctr;
00966 
00967         DEBUG(10,("rpc: fetch lockout policy for %s\n", domain->name));
00968 
00969         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
00970         if (!NT_STATUS_IS_OK(result)) {
00971                 goto done;
00972         }
00973 
00974         result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 12, &ctr);
00975         if (!NT_STATUS_IS_OK(result)) {
00976                 goto done;
00977         }
00978 
00979         *lockout_policy = ctr.info.inf12;
00980 
00981         DEBUG(10,("msrpc_lockout_policy: bad_attempt_lockout %d\n", 
00982                 ctr.info.inf12.bad_attempt_lockout));
00983 
00984   done:
00985 
00986         return result;
00987 }

NTSTATUS msrpc_password_policy ( struct winbindd_domain domain,
TALLOC_CTX mem_ctx,
SAM_UNK_INFO_1 password_policy 
)

winbindd_rpc.c990 行で定義されています。

参照先 clicm_connect_sam()rpc_pipe_client::domainsam_unknown_ctr_info::inf1sam_unknown_ctr_info::infosam_unknown_info_1_inf::min_length_passwordpassword_policy()resultrpccli_samr_query_dom_info().

00993 {
00994         NTSTATUS result;
00995         struct rpc_pipe_client *cli;
00996         POLICY_HND dom_pol;
00997         SAM_UNK_CTR ctr;
00998 
00999         DEBUG(10,("rpc: fetch password policy for %s\n", domain->name));
01000 
01001         result = cm_connect_sam(domain, mem_ctx, &cli, &dom_pol);
01002         if (!NT_STATUS_IS_OK(result)) {
01003                 goto done;
01004         }
01005 
01006         result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 1, &ctr);
01007         if (!NT_STATUS_IS_OK(result)) {
01008                 goto done;
01009         }
01010 
01011         *password_policy = ctr.info.inf1;
01012 
01013         DEBUG(10,("msrpc_password_policy: min_length_password %d\n", 
01014                 ctr.info.inf1.min_length_password));
01015 
01016   done:
01017 
01018         return result;
01019 }


変数

struct winbindd_methods msrpc_methods

初期値:

winbindd_rpc.c1023 行で定義されています。

参照元 enum_dom_groups()enum_local_groups()lockout_policy()lookup_groupmem()lookup_useraliases()lookup_usergroups()name_to_sid()password_policy()query_user()query_user_list()rids_to_names()sequence_number()sid_to_name()trusted_domains().


Sambaに対してSat Aug 29 21:23:58 2009に生成されました。  doxygen 1.4.7