search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit was manufactured by cvs2svn to create tag
[Samba.git] / source / passdb / sampassdb.c
blob187cc92cfadf9c119e971c2ca9dbde99df192788
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 Password and authentication handling
5 Copyright (C) Jeremy Allison 1996-1998
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24 #include "nterr.h"
25 #include "sids.h"
26
27 extern int DEBUGLEVEL;
28
29 /*
30 * NOTE. All these functions are abstracted into a structure
31 * that points to the correct function for the selected database. JRA.
32 *
33 * NOTE. for the get/mod/add functions, there are two sets of functions.
34 * one supports struct sam_passwd, the other supports struct smb_passwd.
35 * for speed optimisation it is best to support both these sets.
36 *
37 * it is, however, optional to support one set but not the other: there
38 * is conversion-capability built in to passdb.c, and run-time error
39 * detection for when neither are supported.
40 *
41 * password database writers are recommended to implement the sam_passwd
42 * functions in a first pass, as struct sam_passwd contains more
43 * information, needed by the NT Domain support.
44 *
45 * an API writer is expected to create either one set (struct smb_passwd) or
46 * the other (struct sam_passwd) OR both, and optionally also to write display
47 * info routines * (struct sam_disp_info). functions which the API writer
48 * chooses NOT to write must be wrapped in conversion functions (pwdb_x_to_y)
49 * such that API users can call any function and still get valid results.
50 *
51 * the password API does NOT fill in the gaps if you set an API function
52 * to NULL: it will deliberately attempt to call the NULL function.
53 *
54 */
55
56 static struct sam_passdb_ops *pwdb_ops;
57
58 /***************************************************************
59 Initialise the password db operations.
60 ***************************************************************/
61
62 BOOL initialise_sam_password_db(void)
63 {
64 if (pwdb_ops)
65 {
66 return True;
67 }
68
69 #ifdef WITH_NISPLUS
70 pwdb_ops = nisplus_initialise_sam_password_db();
71 #elif defined(WITH_NT5LDAP)
72 pwdb_ops = nt5ldap_initialise_sam_password_db();
73 #elif defined(WITH_LDAP)
74 pwdb_ops = ldap_initialise_sam_password_db();
75 #elif defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM)
76 pwdb_ops = mysql_initialise_sam_password_db();
77 #elif defined(USE_SMBPASS_DB)
78 pwdb_ops = file_initialise_sam_password_db();
79 #endif
80
81 return (pwdb_ops != NULL);
82 }
83
84 /*
85 * Functions that return/manipulate a struct sam_passwd.
86 */
87
88 /***************************************************************
89 Start to enumerate the smb or sam passwd list. Returns a void pointer
90 to ensure no modification outside this module.
91
92 Note that currently it is being assumed that a pointer returned
93 from this function may be used to enumerate struct sam_passwd
94 entries as well as struct smb_passwd entries. This may need
95 to change. JRA.
96
97 ****************************************************************/
98
99 void *startsam21pwent(BOOL update)
100 {
101 return pwdb_ops->startsam21pwent(update);
102 }
103
104 /***************************************************************
105 End enumeration of the sam passwd list.
106
107 Note that currently it is being assumed that a pointer returned
108 from this function may be used to enumerate struct sam_passwd
109 entries as well as struct smb_passwd entries. This may need
110 to change. JRA.
111
112 ****************************************************************/
113
114 void endsam21pwent(void *vp)
115 {
116 pwdb_ops->endsam21pwent(vp);
117 }
118
119 /*************************************************************************
120 Routine to return the next entry in the smb passwd list.
121 *************************************************************************/
122
123 struct sam_passwd *getsam21pwent(void *vp)
124 {
125 return pwdb_sam_map_names(pwdb_ops->getsam21pwent(vp));
126 }
127
128 /************************************************************************
129 Routine to search the smb passwd file for an entry matching the username.
130 and then modify its password entry. We can't use the startsampwent()/
131 getsampwent()/endsampwent() interfaces here as we depend on looking
132 in the actual file to decide how much room we have to write data.
133 override = False, normal
134 override = True, override XXXXXXXX'd out password or NO PASS
135 ************************************************************************/
136
137 BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
138 {
139 struct sam_passwd *mapped;
140
141 DEBUG(10,("mod_sam21pwd_entry: unix user %s rid %d\n",
142 pwd->unix_name, pwd->user_rid));
143
144 mapped = pwdb_sam_map_names(pwd);
145 if (mapped != NULL)
146 {
147 return pwdb_ops->mod_sam21pwd_entry(mapped, override);
148 }
149 return False;
150 }
151
152 /************************************************************************
153 Utility function to search sam passwd by name. use this if your database
154 does not have search facilities.
155 *************************************************************************/
156
157 struct sam_passwd *iterate_getsam21pwntnam(const char *ntname)
158 {
159 fstring nt_name;
160 struct sam_passwd *pwd = NULL;
161 void *fp = NULL;
162
163 DEBUG(10, ("search by name: %s\n", ntname));
164
165 fstrcpy(nt_name, ntname);
166
167 /* Open the smb password database - not for update. */
168 fp = startsmbpwent(False);
169
170 if (fp == NULL)
171 {
172 DEBUG(0, ("unable to open sam password database.\n"));
173 return NULL;
174 }
175
176 while ((pwd = getsam21pwent(fp)) != NULL && !strequal(pwd->nt_name, nt_name))
177 {
178 DEBUG(10, ("iterate: %s 0x%x\n", pwd->nt_name, pwd->user_rid));
179 }
180
181 if (pwd != NULL)
182 {
183 DEBUG(10, ("found by name: %s\n", nt_name));
184 }
185
186 endsmbpwent(fp);
187 return pwd;
188 }
189
190 /************************************************************************
191 Utility function to search sam passwd by rid. use this if your database
192 does not have search facilities.
193
194 search capability by both rid and uid are needed as the rid <-> uid
195 mapping may be non-monotonic.
196
197 *************************************************************************/
198
199 struct sam_passwd *iterate_getsam21pwrid(uint32 rid)
200 {
201 struct sam_passwd *pwd = NULL;
202 void *fp = NULL;
203
204 DEBUG(10, ("search by rid: %x\n", rid));
205
206 /* Open the smb password file - not for update. */
207 fp = startsmbpwent(False);
208
209 if (fp == NULL)
210 {
211 DEBUG(0, ("unable to open sam password database.\n"));
212 return NULL;
213 }
214
215 while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid)
216 {
217 DEBUG(10, ("iterate: %s 0x%x\n", pwd->nt_name, pwd->user_rid));
218 }
219
220 if (pwd != NULL)
221 {
222 DEBUG(10, ("found by user_rid: %x\n", rid));
223 }
224
225 endsmbpwent(fp);
226 return pwd;
227 }
228
229 /************************************************************************
230 Utility function to search sam passwd by uid. use this if your database
231 does not have search facilities.
232
233 search capability by both rid and uid are needed as the rid <-> uid
234 mapping may be non-monotonic.
235
236 *************************************************************************/
237
238 struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
239 {
240 struct sam_passwd *pwd = NULL;
241 void *fp = NULL;
242
243 DEBUG(10, ("search by uid: %x\n", (int)uid));
244
245 /* Open the smb password file - not for update. */
246 fp = startsmbpwent(False);
247
248 if (fp == NULL)
249 {
250 DEBUG(0, ("unable to open sam password database.\n"));
251 return NULL;
252 }
253
254 while ((pwd = getsam21pwent(fp)) != NULL && pwd->unix_uid != uid)
255 {
256 }
257
258 if (pwd != NULL)
259 {
260 DEBUG(10, ("found by unix_uid: %x\n", (int)uid));
261 }
262
263 endsmbpwent(fp);
264 return pwd;
265 }
266
267 /*************************************************************************
268 Routine to return a display info structure, by rid
269 *************************************************************************/
270 struct sam_disp_info *getsamdisprid(uint32 rid)
271 {
272 return pwdb_ops->getsamdisprid(rid);
273 }
274
275 /************************************************************************
276 Routine to search sam passwd by name.
277 *************************************************************************/
278
279 struct sam_passwd *getsam21pwntnam(const char *name)
280 {
281 return pwdb_sam_map_names(pwdb_ops->getsam21pwntnam(name));
282 }
283
284 /************************************************************************
285 Routine to search sam passwd by rid.
286 *************************************************************************/
287
288 struct sam_passwd *getsam21pwrid(uint32 rid)
289 {
290 return pwdb_sam_map_names(pwdb_ops->getsam21pwrid(rid));
291 }
292
293
294 /**********************************************************
295 **********************************************************
296
297 utility routines which are likely to be useful to all password
298 databases
299
300 **********************************************************
301 **********************************************************/
302
303 /*************************************************************
304 initialises a struct sam_disp_info.
305 **************************************************************/
306
307 static void pwdb_init_dispinfo(struct sam_disp_info *user)
308 {
309 if (user == NULL) return;
310 ZERO_STRUCTP(user);
311 user->user_rid = 0xffffffff;
312 }
313
314 /*************************************************************
315 initialises a struct sam_passwd.
316 **************************************************************/
317 void pwdb_init_sam(struct sam_passwd *user)
318 {
319 if (user == NULL) return;
320 ZERO_STRUCTP(user);
321
322 init_nt_time(&user->logon_time);
323 init_nt_time(&user->logoff_time);
324 init_nt_time(&user->kickoff_time);
325 init_nt_time(&user->pass_last_set_time);
326 init_nt_time(&user->pass_can_change_time);
327 init_nt_time(&user->pass_must_change_time);
328
329 user->unix_uid = (uid_t)-1;
330 user->unix_gid = (gid_t)-1;
331 user->user_rid = 0xffffffff;
332 user->group_rid = 0xffffffff;
333 }
334
335 /*************************************************************************
336 Routine to return the next entry in the sam passwd list.
337 *************************************************************************/
338
339 struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user)
340 {
341 static struct sam_disp_info disp_info;
342
343 if (user == NULL) return NULL;
344
345 pwdb_init_dispinfo(&disp_info);
346
347 disp_info.nt_name = user->nt_name;
348 disp_info.full_name = user->full_name;
349 disp_info.user_rid = user->user_rid;
350
351 return &disp_info;
352 }
353
354 static void select_name(fstring *string, char **name, const UNISTR2 *from)
355 {
356 if (from->buffer != 0)
357 {
358 unistr2_to_ascii(*string, from, sizeof(*string));
359 *name = *string;
360 }
361 }
362
363 /*************************************************************
364 copies a sam passwd.
365 **************************************************************/
366 void copy_id23_to_sam_passwd(struct sam_passwd *to, const SAM_USER_INFO_23 *from)
367 {
368 static fstring nt_name;
369 static fstring full_name;
370 static fstring home_dir;
371 static fstring dir_drive;
372 static fstring logon_script;
373 static fstring profile_path;
374 static fstring acct_desc;
375 static fstring workstations;
376 static fstring unknown_str;
377 static fstring munged_dial;
378
379 if (from == NULL || to == NULL) return;
380
381 to->logon_time = from->logon_time;
382 to->logoff_time = from->logoff_time;
383 to->kickoff_time = from->kickoff_time;
384 to->pass_last_set_time = from->pass_last_set_time;
385 to->pass_can_change_time = from->pass_can_change_time;
386 to->pass_must_change_time = from->pass_must_change_time;
387
388 select_name(&nt_name , &to->nt_name , &from->uni_user_name );
389 select_name(&full_name , &to->full_name , &from->uni_full_name );
390 select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
391 select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
392 select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
393 select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
394 select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
395 select_name(&workstations, &to->workstations, &from->uni_workstations);
396 select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
397 select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
398
399 to->unix_uid = (uid_t)-1;
400 to->unix_gid = (gid_t)-1;
401 to->user_rid = from->user_rid;
402 to->group_rid = from->group_rid;
403
404 to->smb_passwd = NULL;
405 to->smb_nt_passwd = NULL;
406
407 to->acct_ctrl = from->acb_info;
408 to->unknown_3 = from->unknown_3;
409
410 to->logon_divs = from->logon_divs;
411 to->hours_len = from->logon_hrs.len;
412 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
413
414 to->unknown_5 = from->unknown_5;
415 to->unknown_6 = from->unknown_6;
416 }
417
418 /*************************************************************
419 copies a sam passwd.
420 **************************************************************/
421 void copy_id21_to_sam_passwd(struct sam_passwd *to, const SAM_USER_INFO_21 *from)
422 {
423 static fstring nt_name;
424 static fstring full_name;
425 static fstring home_dir;
426 static fstring dir_drive;
427 static fstring logon_script;
428 static fstring profile_path;
429 static fstring acct_desc;
430 static fstring workstations;
431 static fstring unknown_str;
432 static fstring munged_dial;
433
434 if (from == NULL || to == NULL) return;
435
436 to->logon_time = from->logon_time;
437 to->logoff_time = from->logoff_time;
438 to->kickoff_time = from->kickoff_time;
439 to->pass_last_set_time = from->pass_last_set_time;
440 to->pass_can_change_time = from->pass_can_change_time;
441 to->pass_must_change_time = from->pass_must_change_time;
442
443 select_name(&nt_name , &to->nt_name , &from->uni_user_name );
444 select_name(&full_name , &to->full_name , &from->uni_full_name );
445 select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
446 select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
447 select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
448 select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
449 select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
450 select_name(&workstations, &to->workstations, &from->uni_workstations);
451 select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
452 select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
453
454 to->unix_uid = (uid_t)-1;
455 to->unix_gid = (gid_t)-1;
456 to->user_rid = from->user_rid;
457 to->group_rid = from->group_rid;
458
459 to->smb_passwd = NULL;
460 to->smb_nt_passwd = NULL;
461
462 to->acct_ctrl = from->acb_info;
463 to->unknown_3 = from->unknown_3;
464
465 to->logon_divs = from->logon_divs;
466 to->hours_len = from->logon_hrs.len;
467 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
468
469 to->unknown_5 = from->unknown_5;
470 to->unknown_6 = from->unknown_6;
471 }
472
473
474 /*************************************************************
475 copies a sam passwd.
476 **************************************************************/
477 void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
478 {
479 static fstring nt_name;
480 static fstring unix_name;
481 static fstring full_name;
482 static fstring home_dir;
483 static fstring dir_drive;
484 static fstring logon_script;
485 static fstring profile_path;
486 static fstring acct_desc;
487 static fstring workstations;
488 static fstring unknown_str;
489 static fstring munged_dial;
490
491 if (from == NULL || to == NULL) return;
492
493 memcpy(to, from, sizeof(*from));
494
495 if (from->nt_name != NULL)
496 {
497 fstrcpy(nt_name , from->nt_name);
498 to->nt_name = nt_name;
499 }
500 else if (to->nt_name != NULL)
501 {
502 fstrcpy(nt_name , to->nt_name);
503 to->nt_name = nt_name;
504 }
505
506 if (from->unix_name != NULL)
507 {
508 fstrcpy(unix_name, from->unix_name);
509 to->unix_name = unix_name;
510 }
511 else if (to->unix_name != NULL)
512 {
513 fstrcpy(unix_name, to->unix_name);
514 to->unix_name = unix_name;
515 }
516
517 if (from->full_name != NULL)
518 {
519 fstrcpy(full_name, from->full_name);
520 to->full_name = full_name;
521 }
522 else if (to->full_name != NULL)
523 {
524 fstrcpy(full_name, to->full_name);
525 to->full_name = full_name;
526 }
527
528 if (from->home_dir != NULL)
529 {
530 fstrcpy(home_dir , from->home_dir);
531 to->home_dir = home_dir;
532 }
533 else if (to->home_dir != NULL)
534 {
535 fstrcpy(home_dir , to->home_dir);
536 to->home_dir = home_dir;
537 }
538
539 if (from->dir_drive != NULL)
540 {
541 fstrcpy(dir_drive , from->dir_drive);
542 to->dir_drive = dir_drive;
543 }
544 else if (to->dir_drive != NULL)
545 {
546 fstrcpy(dir_drive , to->dir_drive);
547 to->dir_drive = dir_drive;
548 }
549
550 if (from->logon_script != NULL)
551 {
552 fstrcpy(logon_script , from->logon_script);
553 to->logon_script = logon_script;
554 }
555 else if (to->logon_script != NULL)
556 {
557 fstrcpy(logon_script , to->logon_script);
558 to->logon_script = logon_script;
559 }
560
561 if (from->profile_path != NULL)
562 {
563 fstrcpy(profile_path , from->profile_path);
564 to->profile_path = profile_path;
565 }
566 else if (to->profile_path != NULL)
567 {
568 fstrcpy(profile_path , to->profile_path);
569 to->profile_path = profile_path;
570 }
571
572 if (from->acct_desc != NULL)
573 {
574 fstrcpy(acct_desc , from->acct_desc);
575 to->acct_desc = acct_desc;
576 }
577 else if (to->acct_desc != NULL)
578 {
579 fstrcpy(acct_desc , to->acct_desc);
580 to->acct_desc = acct_desc;
581 }
582
583 if (from->workstations != NULL)
584 {
585 fstrcpy(workstations , from->workstations);
586 to->workstations = workstations;
587 }
588 else if (to->workstations != NULL)
589 {
590 fstrcpy(workstations , to->workstations);
591 to->workstations = workstations;
592 }
593
594 if (from->unknown_str != NULL)
595 {
596 fstrcpy(unknown_str , from->unknown_str);
597 to->unknown_str = unknown_str;
598 }
599 else if (to->unknown_str != NULL)
600 {
601 fstrcpy(unknown_str , to->unknown_str);
602 to->unknown_str = unknown_str;
603 }
604
605 if (from->munged_dial != NULL)
606 {
607 fstrcpy(munged_dial , from->munged_dial);
608 to->munged_dial = munged_dial;
609 }
610 else if (to->munged_dial != NULL)
611 {
612 fstrcpy(munged_dial , to->munged_dial);
613 to->munged_dial = munged_dial;
614 }
615 }
616
617
618 /*************************************************************
619 converts a sam_passwd structure to a smb_passwd structure.
620 **************************************************************/
621 struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user)
622 {
623 static struct smb_passwd pw_buf;
624 static fstring nt_name;
625 static fstring unix_name;
626
627 if (user == NULL) return NULL;
628
629 pwdb_init_smb(&pw_buf);
630
631 if (user->nt_name != NULL)
632 {
633 fstrcpy(nt_name , user->nt_name);
634 pw_buf.nt_name = nt_name;
635 }
636 if (user->unix_name != NULL)
637 {
638 fstrcpy(unix_name, user->unix_name);
639 pw_buf.unix_name = unix_name;
640 }
641 pw_buf.unix_uid = user->unix_uid;
642 pw_buf.user_rid = user->user_rid;
643 pw_buf.smb_passwd = user->smb_passwd;
644 pw_buf.smb_nt_passwd = user->smb_nt_passwd;
645 pw_buf.acct_ctrl = user->acct_ctrl;
646 pw_buf.pass_last_set_time = nt_time_to_unix(&user->pass_last_set_time);
647
648 return &pw_buf;
649 }
650
651
652 /*************************************************************
653 converts a smb_passwd structure to a sam_passwd structure.
654 **************************************************************/
655 struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user)
656 {
657 static struct sam_passwd pw_buf;
658 struct passwd *pass=NULL;
659 static fstring nt_name;
660 static fstring unix_name;
661 static pstring unix_gecos;
662
663 static pstring home_dir;
664 static pstring home_drive;
665 static pstring logon_script;
666 static pstring profile_path;
667 static pstring acct_desc;
668 static pstring workstations;
669
670 if (user == NULL) return NULL;
671
672 pwdb_init_sam(&pw_buf);
673
674 if (user->nt_name != NULL)
675 {
676 fstrcpy(nt_name , user->nt_name);
677 pw_buf.nt_name = nt_name;
678 }
679 if (user->unix_name != NULL)
680 {
681 fstrcpy(unix_name, user->unix_name);
682 pw_buf.unix_name = unix_name;
683 }
684 pw_buf.unix_uid = user->unix_uid;
685 pw_buf.user_rid = user->user_rid;
686 pw_buf.smb_passwd = user->smb_passwd;
687 pw_buf.smb_nt_passwd = user->smb_nt_passwd;
688 pw_buf.acct_ctrl = user->acct_ctrl;
689
690 pass = hashed_getpwnam(unix_name);
691 if (pass != NULL)
692 {
693 pstrcpy(unix_gecos, pass->pw_gecos);
694 pw_buf.full_name=unix_gecos;
695 }
696
697 if ( user->pass_last_set_time != (time_t)-1 )
698 {
699 unix_to_nt_time(&pw_buf.pass_last_set_time, user->pass_last_set_time);
700 unix_to_nt_time(&pw_buf.pass_can_change_time, user->pass_last_set_time);
701 }
702
703 DEBUG(5,("getsamfile21pwent\n"));
704
705 if (pw_buf.home_dir == NULL)
706 pw_buf.home_dir = home_dir;
707 if (pw_buf.dir_drive == NULL)
708 pw_buf.dir_drive = home_drive;
709 if (pw_buf.logon_script == NULL)
710 pw_buf.logon_script = logon_script;
711 if (pw_buf.profile_path == NULL)
712 pw_buf.profile_path = profile_path;
713 if (pw_buf.acct_desc == NULL)
714 pw_buf.acct_desc = acct_desc;
715 if (pw_buf.workstations == NULL)
716 pw_buf.workstations = workstations;
717
718 return &pw_buf;
719 }
720
721 static BOOL trust_account_warning_done = False;
722
723 /*************************************************************
724 fills in missing details. one set of details _must_ exist.
725 **************************************************************/
726 struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam)
727 {
728 DOM_NAME_MAP gmep;
729 BOOL found = False;
730 DOM_SID sid;
731 static fstring unix_name;
732 static fstring nt_name;
733
734 /*
735 * name details
736 */
737
738 if (sam == NULL)
739 {
740 DEBUG(10,("pwdb_sam_map_names: NULL\n"));
741 return NULL;
742 }
743
744 DEBUG(10,("pwdb_sam_map_names: unix %s nt %s unix %d nt%d\n",
745 sam->unix_name != NULL ? sam->unix_name : "NULL",
746 sam->nt_name != NULL ? sam->nt_name : "NULL",
747 sam->unix_uid, sam->user_rid));
748
749 if (!found && sam->unix_name != NULL)
750 {
751 found = lookupsmbpwnam(sam->unix_name, &gmep);
752 }
753 if (!found && sam->unix_uid != (uid_t)-1)
754 {
755 found = lookupsmbpwuid(sam->unix_uid , &gmep);
756 }
757 if (!found && sam->user_rid != 0xffffffff)
758 {
759 sid_copy(&sid, &global_sam_sid);
760 sid_append_rid(&sid, sam->user_rid);
761 found = lookupsmbpwsid (&sid , &gmep);
762 }
763 if (!found && sam->nt_name != NULL)
764 {
765 found = lookupsmbpwntnam(sam->nt_name, &gmep);
766 }
767
768 if (!found)
769 {
770 return NULL;
771 }
772
773 if (!sid_front_equal(&global_sam_sid, &gmep.sid))
774 {
775 return NULL;
776 }
777
778 fstrcpy(unix_name, gmep.unix_name);
779 fstrcpy(nt_name , gmep.nt_name );
780 if (sam->unix_name == NULL ) sam->unix_name = unix_name;
781 if (sam->nt_name == NULL ) sam->nt_name = nt_name ;
782 if (sam->unix_uid == (uid_t)-1 ) sam->unix_uid = (uid_t)gmep.unix_id;
783 if (sam->user_rid == 0xffffffff) sid_split_rid(&gmep.sid, &sam->user_rid);
784
785 DEBUG(10,("pwdb_sam_map_name: found unix user %s nt %s uid %d rid 0x%x\n",
786 sam->unix_name, sam->nt_name, sam->unix_uid, sam->user_rid));
787
788 /*
789 * group details
790 */
791
792 found = False;
793
794 if (sam->unix_gid != (gid_t)-1 && sam->group_rid != 0xffffffff)
795 {
796 return sam;
797 }
798
799 if (sam->unix_gid == (gid_t)-1 && sam->group_rid == 0xffffffff)
800 {
801 struct passwd *pass = hashed_getpwnam(unix_name);
802 if (pass != NULL)
803 {
804 sam->unix_gid = pass->pw_gid;
805 }
806 else
807 {
808 DEBUG(0,("pwdb_sam_map_names: no unix password entry for %s\n",
809 unix_name));
810 }
811 }
812
813 if (!found && sam->unix_gid != (gid_t)-1)
814 {
815 found = lookupsmbgrpgid(sam->unix_gid , &gmep);
816 }
817 if (!found && sam->group_rid != 0xffffffff)
818 {
819 sid_copy(&sid, &global_sam_sid);
820 sid_append_rid(&sid, sam->group_rid);
821 found = lookupsmbgrpsid(&sid , &gmep);
822 }
823
824 if (!found)
825 {
826 if (IS_BITS_SET_SOME(sam->acct_ctrl, ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST))
827 {
828 if (!trust_account_warning_done)
829 {
830 trust_account_warning_done = True;
831 DEBUG(0, ("\
832 pwdb_sam_map_names: your unix password database appears to have difficulties\n\
833 resolving trust account %s, probably because it ends in a '$'.\n\
834 you will get this warning only once (for all trust accounts)\n", unix_name));
835 }
836 /*
837 * oh, dear.
838 */
839 if (sam->unix_gid != (gid_t)-1)
840 {
841 sam->unix_gid = (gid_t)-1;
842 }
843 sam->group_rid = DOMAIN_GROUP_RID_USERS;
844
845 return sam;
846 }
847 else
848 {
849 DEBUG(0, ("pwdb_sam_map_names: could not find Primary Group for %s\n",
850 unix_name));
851 return NULL;
852 }
853 }
854
855 if (!sid_front_equal(&global_sam_sid, &gmep.sid))
856 {
857 fstring sid_str;
858 sid_to_string(sid_str, &gmep.sid);
859 DEBUG(0,("UNIX User %s Primary Group is in the wrong domain! %s\n",
860 sam->unix_name, sid_str));
861 return NULL;
862 }
863
864 if (sam->unix_gid == (gid_t)-1 ) sam->unix_gid = (gid_t)gmep.unix_id;
865 if (sam->group_rid == 0xffffffff) sid_split_rid(&gmep.sid, &sam->group_rid);
866
867 DEBUG(10,("pwdb_sam_map_name: found gid %d and group rid 0x%x for unix user %s\n",
868 sam->unix_gid, sam->group_rid, sam->unix_name));
869
870 return sam;
871 }
Samba GIT mirror