ADS_STATUS ads_add_user_acct(ADS_STRUCT *ads, const char *user, const char *container, const char *fullname) { TALLOC_CTX *ctx; ADS_MODLIST mods; ADS_STATUS status; const char *upn, *new_dn, *name, *controlstr; char *name_escaped = NULL; const char *objectClass[] = {"top", "person", "organizationalPerson", "user", NULL}; if (fullname && *fullname) name = fullname; else name = user; if (!(ctx = talloc_init("ads_add_user_acct"))) return ADS_ERROR(LDAP_NO_MEMORY); status = ADS_ERROR(LDAP_NO_MEMORY); if (!(upn = talloc_asprintf(ctx, "%s@%s", user, ads->config.realm))) goto done; if (!(name_escaped = escape_rdn_val_string_alloc(name))) goto done; if (!(new_dn = talloc_asprintf(ctx, "cn=%s,%s,%s", name_escaped, container, ads->config.bind_path))) goto done; if (!(controlstr = talloc_asprintf(ctx, "%u", (UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE)))) goto done; if (!(mods = ads_init_mods(ctx))) goto done; ads_mod_str(ctx, &mods, "cn", name); ads_mod_strlist(ctx, &mods, "objectClass", objectClass); ads_mod_str(ctx, &mods, "userPrincipalName", upn); ads_mod_str(ctx, &mods, "name", name); ads_mod_str(ctx, &mods, "displayName", name); ads_mod_str(ctx, &mods, "sAMAccountName", user); ads_mod_str(ctx, &mods, "userAccountControl", controlstr); status = ads_gen_add(ads, new_dn, mods); done: SAFE_FREE(name_escaped); talloc_destroy(ctx); return status; }
/* map a REG_MULTI_SZ to an ldap mod */ static bool map_multi_sz(TALLOC_CTX *ctx, ADS_MODLIST *mods, const char *name, struct registry_value *value) { const char **str_values = NULL; ADS_STATUS status; if (value->type != REG_MULTI_SZ) { return false; } if (value->data.length && value->data.data) { if (!pull_reg_multi_sz(ctx, &value->data, &str_values)) { return false; } status = ads_mod_strlist(ctx, mods, name, str_values); return ADS_ERR_OK(status); } return true; }
/* map a REG_MULTI_SZ to an ldap mod */ static bool map_multi_sz(TALLOC_CTX *ctx, ADS_MODLIST *mods, const REGISTRY_VALUE *value) { char **str_values = NULL; smb_ucs2_t *cur_str = (smb_ucs2_t *) value->data_p; uint32 size = 0, num_vals = 0, i=0; ADS_STATUS status; if (value->type != REG_MULTI_SZ) return False; while(cur_str && *cur_str && (size < value->size)) { size += 2 * (strlen_w(cur_str) + 1); cur_str += strlen_w(cur_str) + 1; num_vals++; }; if (num_vals) { str_values = TALLOC_ARRAY(ctx, char *, num_vals + 1); if (!str_values) { return False; } memset(str_values, '\0', (num_vals + 1) * sizeof(char *)); cur_str = (smb_ucs2_t *) value->data_p; for (i=0; i < num_vals; i++) cur_str += pull_ucs2_talloc(ctx, &str_values[i], cur_str); status = ads_mod_strlist(ctx, mods, value->valuename, (const char **) str_values); return ADS_ERR_OK(status); } return True; }
ADS_STATUS ads_add_group_acct(ADS_STRUCT *ads, const char *group, const char *container, const char *comment) { TALLOC_CTX *ctx; ADS_MODLIST mods; ADS_STATUS status; char *new_dn; char *name_escaped = NULL; const char *objectClass[] = {"top", "group", NULL}; if (!(ctx = talloc_init("ads_add_group_acct"))) return ADS_ERROR(LDAP_NO_MEMORY); status = ADS_ERROR(LDAP_NO_MEMORY); if (!(name_escaped = escape_rdn_val_string_alloc(group))) goto done; if (!(new_dn = talloc_asprintf(ctx, "cn=%s,%s,%s", name_escaped, container, ads->config.bind_path))) goto done; if (!(mods = ads_init_mods(ctx))) goto done; ads_mod_str(ctx, &mods, "cn", group); ads_mod_strlist(ctx, &mods, "objectClass",objectClass); ads_mod_str(ctx, &mods, "name", group); if (comment && *comment) ads_mod_str(ctx, &mods, "description", comment); ads_mod_str(ctx, &mods, "sAMAccountName", group); status = ads_gen_add(ads, new_dn, mods); done: SAFE_FREE(name_escaped); talloc_destroy(ctx); return status; }