2 Unix SMB/Netbios implementation.
4 LDAP protocol helper functions for SAMBA
5 Copyright (C) Jean François Micouleau 1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
33 extern int DEBUGLEVEL
;
35 /*******************************************************************
36 open a connection to the ldap serve.
37 ******************************************************************/
38 static BOOL
ldap_open_connection(LDAP
**ldap_struct
)
40 if ( (*ldap_struct
= ldap_open(lp_ldap_server(),lp_ldap_port()) ) == NULL
)
42 DEBUG( 0, ( "The LDAP server is not responding !\n" ) );
45 DEBUG(2,("ldap_open_connection: connection opened\n"));
50 /*******************************************************************
51 connect anonymously to the ldap server.
53 ******************************************************************/
54 static BOOL
ldap_connect_anonymous(LDAP
*ldap_struct
)
56 if ( ldap_simple_bind_s(ldap_struct
,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS
)
58 DEBUG( 0, ( "Couldn't bind to the LDAP server !\n" ) );
65 /*******************************************************************
66 connect to the ldap server under system privileg.
67 ******************************************************************/
68 static BOOL
ldap_connect_system(LDAP
*ldap_struct
)
70 if ( ldap_simple_bind_s(ldap_struct
,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS
)
72 DEBUG( 0, ( "Couldn't bind to the LDAP server!\n" ) );
75 DEBUG(2,("ldap_connect_system: succesful connection to the LDAP server\n"));
79 /*******************************************************************
80 connect to the ldap server under a particular user.
81 ******************************************************************/
82 static BOOL
ldap_connect_user(LDAP
*ldap_struct
, char *user
, char *password
)
84 if ( ldap_simple_bind_s(ldap_struct
,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS
)
86 DEBUG( 0, ( "Couldn't bind to the LDAP server !\n" ) );
89 DEBUG(2,("ldap_connect_user: succesful connection to the LDAP server\n"));
93 /*******************************************************************
94 run the search by name.
95 ******************************************************************/
96 static BOOL
ldap_search_one_user(LDAP
*ldap_struct
, char *filter
, LDAPMessage
**result
)
98 int scope
= LDAP_SCOPE_ONELEVEL
;
101 DEBUG(2,("ldap_search_one_user: searching for:[%s]\n", filter
));
103 rc
= ldap_search_s(ldap_struct
, lp_ldap_suffix(), scope
, filter
, NULL
, 0, result
);
105 if (rc
! = LDAP_SUCCESS
)
107 DEBUG( 0, ( "Problem during the LDAP search\n" ) );
113 /*******************************************************************
114 run the search by name.
115 ******************************************************************/
116 static BOOL
ldap_search_one_user_by_name(LDAP
*ldap_struct
, char *user
, LDAPMessage
**result
)
120 in the filter expression, replace %u with the real name
121 so in ldap filter, %u MUST exist :-)
123 pstrcpy(filter
,lp_ldap_filter());
124 string_sub(filter
,"%u",user
);
126 if ( !ldap_search_one_user(ldap_struct
, filter
, result
) )
133 /*******************************************************************
134 run the search by uid.
135 ******************************************************************/
136 static BOOL
ldap_search_one_user_by_uid(LDAP
*ldap_struct
, int uid
, LDAPMessage
**result
)
140 slprintf(filter
, sizeof(pstring
)-1, "uidAccount = %d", uid
);
142 if ( !ldap_search_one_user(ldap_struct
, filter
, result
) )
149 /*******************************************************************
150 search an attribute and return the first value found.
151 ******************************************************************/
152 static void get_single_attribute(LDAP
*ldap_struct
, LDAPMessage
*entry
, char *attribute
, char *value
)
156 if ( (valeurs
= ldap_get_values(ldap_struct
, entry
, attribute
)) ! = NULL
)
158 pstrcpy(value
, valeurs
[0]);
159 ldap_value_free(valeurs
);
160 DEBUG(3,("get_single_attribute: [%s] = [%s]\n", attribute
, value
));
168 /*******************************************************************
169 check if the returned entry is a sambaAccount objectclass.
170 ******************************************************************/
171 static BOOL
ldap_check_user(LDAP
*ldap_struct
, LDAPMessage
*entry
)
173 BOOL sambaAccount
= False
;
177 DEBUG(2,("ldap_check_user: "));
178 valeur
= ldap_get_values(ldap_struct
, entry
, "objectclass");
181 for (i
= 0;valeur
[i
]! = NULL
;i
++)
183 if (!strcmp(valeur
[i
],"sambaAccount")) sambaAccount
= True
;
186 DEBUG(2,("%s\n",sambaAccount
?"yes":"no"));
187 ldap_value_free(valeur
);
188 return (sambaAccount
);
191 /*******************************************************************
192 check if the returned entry is a sambaTrust objectclass.
193 ******************************************************************/
194 static BOOL
ldap_check_trust(LDAP
*ldap_struct
, LDAPMessage
*entry
)
196 BOOL sambaTrust
= False
;
200 DEBUG(2,("ldap_check_trust: "));
201 valeur
= ldap_get_values(ldap_struct
, entry
, "objectclass");
204 for (i
= 0;valeur
[i
]! = NULL
;i
++)
206 if (!strcmp(valeur
[i
],"sambaTrust")) sambaTrust
= True
;
209 DEBUG(2,("%s\n",sambaTrust
?"yes":"no"));
210 ldap_value_free(valeur
);
214 /*******************************************************************
215 retrieve the user's info and contruct a smb_passwd structure.
216 ******************************************************************/
217 static void ldap_get_smb_passwd(LDAP
*ldap_struct
,LDAPMessage
*entry
,
218 struct smb_passwd
*user
)
220 static pstring user_name
;
221 static pstring user_pass
;
223 static unsigned char smblmpwd
[16];
224 static unsigned char smbntpwd
[16];
228 bzero(smblmpwd
, sizeof(smblmpwd
));
229 bzero(smbntpwd
, sizeof(smbntpwd
));
231 get_single_attribute(ldap_struct
, entry
, "cn", user_name
);
232 DEBUG(2,("ldap_get_smb_passwd: user: %s\n",user_name
));
234 #ifdef LDAP_PLAINTEXT_PASSWORD
235 get_single_attribute(ldap_struct
, entry
, "userPassword", temp
);
236 nt_lm_owf_gen(temp
, user
->smb_nt_passwd
, user
->smb_passwd
);
237 bzero(temp
, sizeof(temp
)); /* destroy local copy of the password */
239 get_single_attribute(ldap_struct
, entry
, "unicodePwd", temp
);
240 pdb_gethexpwd(temp
, smbntpwd
);
241 bzero(temp
, sizeof(temp
)); /* destroy local copy of the password */
243 get_single_attribute(ldap_struct
, entry
, "dBCSPwd", temp
);
244 pdb_gethexpwd(temp
, smblmpwd
);
245 bzero(temp
, sizeof(temp
)); /* destroy local copy of the password */
248 get_single_attribute(ldap_struct
, entry
, "userAccountControl", temp
);
249 user
->acct_ctrl
= pdb_decode_acct_ctrl(temp
);
251 get_single_attribute(ldap_struct
, entry
, "pwdLastSet", temp
);
252 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
254 get_single_attribute(ldap_struct
, entry
, "rid", temp
);
256 /* the smb (unix) ids are not stored: they are created */
257 user
->smb_userid
= pdb_user_rid_to_uid (atoi(temp
));
259 if (user
->acct_ctrl
& (ACB_DOMTRUST
|ACB_WSTRUST
|ACB_SVRTRUST
) )
261 DEBUG(0,("Inconsistency in the LDAP database\n"));
263 if (user
->acct_ctrl
& ACB_NORMAL
)
265 user
->smb_name
= user_name
;
266 user
->smb_passwd
= smblmpwd
;
267 user
->smb_nt_passwd
= smbntpwd
;
271 /*******************************************************************
272 retrieve the user's info and contruct a sam_passwd structure.
274 calls ldap_get_smb_passwd function first, though, to save code duplication.
276 ******************************************************************/
277 static void ldap_get_sam_passwd(LDAP
*ldap_struct
, LDAPMessage
*entry
,
278 struct sam_passwd
*user
)
280 static pstring user_name
;
281 static pstring fullname
;
282 static pstring home_dir
;
283 static pstring dir_drive
;
284 static pstring logon_script
;
285 static pstring profile_path
;
286 static pstring acct_desc
;
287 static pstring workstations
;
289 static struct smb_passwd pw_buf
;
293 ldap_get_smb_passwd(ldap_struct
, entry
, &pw_buf
);
295 user
->pass_last_set_time
= pw_buf
.pass_last_set_time
;
297 get_single_attribute(ldap_struct
, entry
, "logonTime", temp
);
298 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
300 get_single_attribute(ldap_struct
, entry
, "logoffTime", temp
);
301 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
303 get_single_attribute(ldap_struct
, entry
, "kickoffTime", temp
);
304 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
306 get_single_attribute(ldap_struct
, entry
, "pwdLastSet", temp
);
307 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
309 get_single_attribute(ldap_struct
, entry
, "pwdCanChange", temp
);
310 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
312 get_single_attribute(ldap_struct
, entry
, "pwdMustChange", temp
);
313 user
->pass_last_set_time
= (time_t)strtol(temp
, NULL
, 16);
315 user
->smb_name
= pw_buf
.smb_name
;
317 DEBUG(2,("ldap_get_sam_passwd: user: %s\n", user_name
));
319 get_single_attribute(ldap_struct
, entry
, "userFullName", fullname
);
320 user
->full_name
= fullname
;
322 get_single_attribute(ldap_struct
, entry
, "homeDirectory", home_dir
);
323 user
->home_dir
= home_dir
;
325 get_single_attribute(ldap_struct
, entry
, "homeDrive", dir_drive
);
326 user
->dir_drive
= dir_drive
;
328 get_single_attribute(ldap_struct
, entry
, "scriptPath", logon_script
);
329 user
->logon_script
= logon_script
;
331 get_single_attribute(ldap_struct
, entry
, "profilePath", profile_path
);
332 user
->profile_path
= profile_path
;
334 get_single_attribute(ldap_struct
, entry
, "comment", acct_desc
);
335 user
->acct_desc
= acct_desc
;
337 get_single_attribute(ldap_struct
, entry
, "userWorkstations", workstations
);
338 user
->workstations
= workstations
;
340 user
->unknown_str
= NULL
; /* don't know, yet! */
341 user
->munged_dial
= NULL
; /* "munged" dial-back telephone number */
343 get_single_attribute(ldap_struct
, entry
, "rid", temp
);
344 user
->user_rid
= atoi(temp
);
346 get_single_attribute(ldap_struct
, entry
, "primaryGroupID", temp
);
347 user
->group_rid
= atoi(temp
);
349 /* the smb (unix) ids are not stored: they are created */
350 user
->smb_userid
= pw_buf
.smb_userid
;
351 user
->smb_grpid
= group_rid_to_uid(user
->group_rid
);
353 user
->acct_ctrl
= pw_buf
.acct_ctrl
;
355 user
->unknown_3
= 0xffffff; /* don't know */
356 user
->logon_divs
= 168; /* hours per week */
357 user
->hours_len
= 21; /* 21 times 8 bits = 168 */
358 memset(user
->hours
, 0xff, user
->hours_len
); /* available at all hours */
359 user
->unknown_5
= 0x00020000; /* don't know */
360 user
->unknown_5
= 0x000004ec; /* don't know */
362 if (user
->acct_ctrl
& (ACB_DOMTRUST
|ACB_WSTRUST
|ACB_SVRTRUST
) )
364 DEBUG(0,("Inconsistency in the LDAP database\n"));
367 if (!(user
->acct_ctrl
& ACB_NORMAL
))
369 DEBUG(0,("User's acct_ctrl bits not set to ACT_NORMAL in LDAP database\n"));
374 /************************************************************************
375 Routine to manage the LDAPMod structure array
376 manage memory used by the array, by each struct, and values
378 ************************************************************************/
379 static void make_a_mod(LDAPMod
***modlist
,int modop
, char *attribute
, char *value
)
389 mods
= (LDAPMod
**)malloc( sizeof(LDAPMod
*) );
393 for ( i
= 0; mods
[ i
] ! = NULL
; ++i
)
395 if ( mods
[ i
]->mod_op
== modop
&&
396 !strcasecmp( mods
[ i
]->mod_type
, attribute
) )
404 mods
= (LDAPMod
**)realloc( mods
, (i
+2) * sizeof( LDAPMod
* ) );
405 mods
[i
] = (LDAPMod
*)malloc( sizeof( LDAPMod
) );
406 mods
[i
]->mod_op
= modop
;
407 mods
[i
]->mod_values
= NULL
;
408 mods
[i
]->mod_type
= strdup( attribute
);
415 if ( mods
[ i
]->mod_values
! = NULL
)
417 for ( ; mods
[ i
]->mod_values
[ j
] ! = NULL
; j
++ );
419 mods
[ i
]->mod_values
= (char **)realloc(mods
[ i
]->mod_values
,
420 (j
+2) * sizeof( char * ));
421 mods
[ i
]->mod_values
[ j
] = strdup(value
);
422 mods
[ i
]->mod_values
[ j
+ 1 ] = NULL
;
427 /************************************************************************
428 Add or modify an entry. Only the smb struct values
430 *************************************************************************/
431 static BOOL
modadd_ldappwd_entry(struct smb_passwd
*newpwd
, int flag
)
434 /* assume the struct is correct and filled
435 that's the job of passdb.c to check */
436 int scope
= LDAP_SCOPE_ONELEVEL
;
453 smb_name
= newpwd
->smb_name
;
455 if (!ldap_open_connection(&ldap_struct
)) /* open a connection to the server */
460 if (!ldap_connect_system(ldap_struct
)) /* connect as system account */
462 ldap_unbind(ldap_struct
);
466 if (smb_name
[strlen(smb_name
)-1] == '$' )
468 smb_name
[strlen(smb_name
)-1] = '\0';
472 slprintf(filter
, sizeof(filter
)-1,
473 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
476 rc
= ldap_search_s(ldap_struct
, lp_ldap_suffix(), scope
, filter
, NULL
, 0, &result
);
482 if (ldap_count_entries(ldap_struct
, result
) ! = 0)
484 DEBUG(0,("User already in the base, with samba properties\n"));
485 ldap_unbind(ldap_struct
);
488 ldap_state
= LDAP_MOD_ADD
;
493 if (ldap_count_entries(ldap_struct
, result
) ! = 1)
495 DEBUG(0,("No user to modify !\n"));
496 ldap_unbind(ldap_struct
);
499 ldap_state
= LDAP_MOD_REPLACE
;
504 DEBUG(0,("How did you come here? \n"));
505 ldap_unbind(ldap_struct
);
510 slprintf(dn
, sizeof(dn
)-1, "cn = %s, %s",smb_name
, lp_ldap_suffix() );
512 if (newpwd
->smb_passwd
! = NULL
)
515 for( i
= 0; i
< 16; i
++)
517 slprintf(&temp
[2*i
], sizeof(temp
) - 1, "%02X", newpwd
->smb_passwd
[i
]);
523 if (newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
525 slprintf(temp
, sizeof(temp
) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
529 slprintf(temp
, sizeof(temp
) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
532 slprintf(lmhash
, sizeof(lmhash
)-1, "%s", temp
);
534 if (newpwd
->smb_nt_passwd
! = NULL
)
537 for( i
= 0; i
< 16; i
++)
539 slprintf(&temp
[2*i
], sizeof(temp
) - 1, "%02X", newpwd
->smb_nt_passwd
[i
]);
545 if (newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
547 slprintf(temp
, sizeof(temp
) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
551 slprintf(temp
, sizeof(temp
) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
554 slprintf(nthash
, sizeof(nthash
)-1, "%s", temp
);
556 slprintf(rid
, sizeof(rid
)-1, "%d", uid_to_user_rid(newpwd
->smb_userid
) );
557 slprintf(lst
, sizeof(lst
)-1, "%08X", newpwd
->pass_last_set_time
);
563 make_a_mod(&mods
, ldap_state
, "objectclass", "sambaTrust");
564 make_a_mod(&mods
, ldap_state
, "netbiosTrustName", smb_name
);
565 make_a_mod(&mods
, ldap_state
, "trustPassword", nthash
);
569 make_a_mod(&mods
, ldap_state
, "objectclass", "sambaAccount");
570 make_a_mod(&mods
, ldap_state
, "dBCSPwd", lmhash
);
571 make_a_mod(&mods
, ldap_state
, "uid", smb_name
);
572 make_a_mod(&mods
, ldap_state
, "unicodePwd", nthash
);
575 make_a_mod(&mods
, ldap_state
, "cn", smb_name
);
577 make_a_mod(&mods
, ldap_state
, "rid", rid
);
578 make_a_mod(&mods
, ldap_state
, "pwdLastSet", lst
);
579 make_a_mod(&mods
, ldap_state
, "userAccountControl", pdb_encode_acct_ctrl(newpwd
->acct_ctrl
, NEW_PW_FORMAT_SPACE_PADDED_LEN
));
585 ldap_add_s(ldap_struct
, dn
, mods
);
586 DEBUG(2,("modadd_ldappwd_entry: added: cn = %s in the LDAP database\n",smb_name
));
591 ldap_modify_s(ldap_struct
, dn
, mods
);
592 DEBUG(2,("modadd_ldappwd_entry: changed: cn = %s in the LDAP database_n",smb_name
));
597 DEBUG(2,("modadd_ldappwd_entry: How did you come here? \n"));
598 ldap_unbind(ldap_struct
);
604 ldap_mods_free(mods
, 1);
606 ldap_unbind(ldap_struct
);
611 /************************************************************************
612 Add or modify an entry. everything except the smb struct
614 *************************************************************************/
615 static BOOL
modadd_ldap21pwd_entry(struct sam_passwd
*newpwd
, int flag
)
618 /* assume the struct is correct and filled
619 that's the job of passdb.c to check */
620 int scope
= LDAP_SCOPE_ONELEVEL
;
637 smb_name
= newpwd
->smb_name
;
639 if (!ldap_open_connection(&ldap_struct
)) /* open a connection to the server */
644 if (!ldap_connect_system(ldap_struct
)) /* connect as system account */
646 ldap_unbind(ldap_struct
);
650 if (smb_name
[strlen(smb_name
)-1] == '$' )
652 smb_name
[strlen(smb_name
)-1] = '\0';
656 slprintf(filter
, sizeof(filter
)-1,
657 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
660 rc
= ldap_search_s(ldap_struct
, lp_ldap_suffix(), scope
, filter
, NULL
, 0, &result
);
666 if (ldap_count_entries(ldap_struct
, result
) ! = 1)
668 DEBUG(2,("User already in the base, with samba properties\n"));
669 ldap_unbind(ldap_struct
);
672 ldap_state
= LDAP_MOD_ADD
;
678 if (ldap_count_entries(ldap_struct
, result
) ! = 1)
680 DEBUG(2,("No user to modify !\n"));
681 ldap_unbind(ldap_struct
);
684 ldap_state
= LDAP_MOD_REPLACE
;
690 DEBUG(2,("How did you come here? \n"));
691 ldap_unbind(ldap_struct
);
696 slprintf(dn
, sizeof(dn
)-1, "cn = %s, %s",smb_name
, lp_ldap_suffix() );
707 make_a_mod(&mods
, ldap_state
, "cn", smb_name
);
709 make_a_mod(&mods
, ldap_state
, "rid", rid
);
710 make_a_mod(&mods
, ldap_state
, "pwdLastSet", lst
);
711 make_a_mod(&mods
, ldap_state
, "userAccountControl", pdb_encode_acct_ctrl(newpwd
->acct_ctrl
,NEW_PW_FORMAT_SPACE_PADDED_LEN
));
713 ldap_modify_s(ldap_struct
, dn
, mods
);
715 ldap_mods_free(mods
, 1);
717 ldap_unbind(ldap_struct
);
722 /************************************************************************
723 Routine to add an entry to the ldap passwd file.
725 do not call this function directly. use passdb.c instead.
727 *************************************************************************/
728 static BOOL
add_ldappwd_entry(struct smb_passwd
*newpwd
)
730 return (modadd_ldappwd_entry(newpwd
, ADD_USER
) );
733 /************************************************************************
734 Routine to search the ldap passwd file for an entry matching the username.
735 and then modify its password entry. We can't use the startldappwent()/
736 getldappwent()/endldappwent() interfaces here as we depend on looking
737 in the actual file to decide how much room we have to write data.
738 override = False, normal
739 override = True, override XXXXXXXX'd out password or NO PASS
741 do not call this function directly. use passdb.c instead.
743 ************************************************************************/
744 static BOOL
mod_ldappwd_entry(struct smb_passwd
*pwd
, BOOL override
)
746 return (modadd_ldappwd_entry(pwd
, MODIFY_USER
) );
749 /************************************************************************
750 Routine to add an entry to the ldap passwd file.
752 do not call this function directly. use passdb.c instead.
754 *************************************************************************/
755 static BOOL
add_ldap21pwd_entry(struct sam_passwd
*newpwd
)
757 return( modadd_ldappwd_entry(newpwd
, ADD_USER
)?
758 modadd_ldap21pwd_entry(newpwd
, ADD_USER
):False
);
761 /************************************************************************
762 Routine to search the ldap passwd file for an entry matching the username.
763 and then modify its password entry. We can't use the startldappwent()/
764 getldappwent()/endldappwent() interfaces here as we depend on looking
765 in the actual file to decide how much room we have to write data.
766 override = False, normal
767 override = True, override XXXXXXXX'd out password or NO PASS
769 do not call this function directly. use passdb.c instead.
771 ************************************************************************/
772 static BOOL
mod_ldap21pwd_entry(struct sam_passwd
*pwd
, BOOL override
)
774 return( modadd_ldappwd_entry(pwd
, MODIFY_USER
)?
775 modadd_ldap21pwd_entry(pwd
, MODIFY_USER
):False
);
778 struct ldap_enum_info
785 static struct ldap_enum_info ldap_ent
;
787 /***************************************************************
788 Start to enumerate the ldap passwd list. Returns a void pointer
789 to ensure no modification outside this module.
791 do not call this function directly. use passdb.c instead.
793 ****************************************************************/
794 static void *startldappwent(BOOL update
)
796 int scope
= LDAP_SCOPE_ONELEVEL
;
801 if (!ldap_open_connection(&ldap_ent
.ldap_struct
)) /* open a connection to the server */
806 if (!ldap_connect_system(ldap_ent
.ldap_struct
)) /* connect as system account */
811 /* when the class is known the search is much faster */
816 pstrcpy(filter
, "objectclass = sambaAccount");
821 pstrcpy(filter
, "objectclass = sambaTrust");
826 pstrcpy(filter
, "(|(objectclass = sambaTrust)(objectclass = sambaAccount))");
831 rc
= ldap_search_s(ldap_ent
.ldap_struct
, lp_ldap_suffix(), scope
, filter
, NULL
, 0, &ldap_ent
.result
);
833 DEBUG(2,("%d entries in the base!\n", ldap_count_entries(ldap_ent
.ldap_struct
, ldap_ent
.result
) ));
835 ldap_ent
.entry
= ldap_first_entry(ldap_ent
.ldap_struct
, ldap_ent
.result
);
840 /*************************************************************************
841 Routine to return the next entry in the ldap passwd list.
843 do not call this function directly. use passdb.c instead.
845 *************************************************************************/
846 static struct smb_passwd
*getldappwent(void *vp
)
848 static struct smb_passwd user
;
849 struct ldap_enum_info
*ldap_vp
= (struct ldap_enum_info
*)vp
;
851 ldap_vp
->entry
= ldap_next_entry(ldap_vp
->ldap_struct
, ldap_vp
->entry
);
853 if (ldap_vp
->entry
! = NULL
)
855 ldap_get_smb_passwd(ldap_vp
->ldap_struct
, ldap_vp
->entry
, &user
);
861 /*************************************************************************
862 Routine to return the next entry in the ldap passwd list.
864 do not call this function directly. use passdb.c instead.
866 *************************************************************************/
867 static struct sam_passwd
*getldap21pwent(void *vp
)
869 static struct sam_passwd user
;
870 struct ldap_enum_info
*ldap_vp
= (struct ldap_enum_info
*)vp
;
872 ldap_vp
->entry
= ldap_next_entry(ldap_vp
->ldap_struct
, ldap_vp
->entry
);
874 if (ldap_vp
->entry
! = NULL
)
876 ldap_get_sam_passwd(ldap_vp
->ldap_struct
, ldap_vp
->entry
, &user
);
882 /***************************************************************
883 End enumeration of the ldap passwd list.
885 do not call this function directly. use passdb.c instead.
887 ****************************************************************/
888 static void endldappwent(void *vp
)
890 struct ldap_enum_info
*ldap_vp
= (struct ldap_enum_info
*)vp
;
891 ldap_msgfree(ldap_vp
->result
);
892 ldap_unbind(ldap_vp
->ldap_struct
);
895 /*************************************************************************
896 Return the current position in the ldap passwd list as an SMB_BIG_UINT.
897 This must be treated as an opaque token.
899 do not call this function directly. use passdb.c instead.
901 *************************************************************************/
902 static SMB_BIG_UINT
getldappwpos(void *vp
)
904 return (SMB_BIG_UINT
)0;
907 /*************************************************************************
908 Set the current position in the ldap passwd list from SMB_BIG_UINT.
909 This must be treated as an opaque token.
911 do not call this function directly. use passdb.c instead.
913 *************************************************************************/
914 static BOOL
setldappwpos(void *vp
, SMB_BIG_UINT tok
)
920 * Ldap derived functions.
923 static struct smb_passwd
*getldappwnam(char *name
)
925 return pdb_sam_to_smb(iterate_getsam21pwnam(name
));
928 static struct smb_passwd
*getldappwuid(uid_t smb_userid
)
930 return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid
));
933 static struct smb_passwd
*getldappwrid(uint32 user_rid
)
935 return pdb_sam_to_smb(iterate_getsam21pwuid(pdb_user_rid_to_uid(user_rid
)));
938 static struct smb_passwd
*getldappwent(void *vp
)
940 return pdb_sam_to_smb(getldap21pwent(vp
));
943 static BOOL
add_ldappwd_entry(struct smb_passwd
*newpwd
)
945 return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd
));
948 static BOOL
mod_ldappwd_entry(struct smb_passwd
* pwd
, BOOL override
)
950 return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd
), override
);
953 static struct sam_disp_info
*getldapdispnam(char *name
)
955 return pdb_sam_to_dispinfo(getldap21pwnam(name
));
958 static struct sam_disp_info
*getldapdisprid(uint32 rid
)
960 return pdb_sam_to_dispinfo(getldap21pwrid(rid
));
963 static struct sam_disp_info
*getldapdispent(void *vp
)
965 return pdb_sam_to_dispinfo(getldap21pwent(vp
));
968 static struct sam_passwd
*getldap21pwuid(uid_t uid
)
970 return pdb_smb_to_sam(iterate_getsam21pwuid(pdb_uid_to_user_rid(uid
)));
973 static struct passdb_ops ldap_ops
=
986 iterate_getsam21pwnam
, /* From passdb.c */
987 iterate_getsam21pwuid
, /* From passdb.c */
988 iterate_getsam21pwrid
, /* From passdb.c */
996 struct passdb_ops
*ldap_initialize_password_db(void)
1002 void dummy_function(void);
1003 void dummy_function(void) { } /* stop some compilers complaining */