static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) { NTSTATUS nt_status; struct tdbsam_privates *tdb_state; if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { return nt_status; } (*pdb_method)->name = "tdbsam"; (*pdb_method)->setsampwent = tdbsam_setsampwent; (*pdb_method)->endsampwent = tdbsam_endsampwent; (*pdb_method)->getsampwent = tdbsam_getsampwent; (*pdb_method)->getsampwnam = tdbsam_getsampwnam; (*pdb_method)->getsampwsid = tdbsam_getsampwsid; (*pdb_method)->add_sam_account = tdbsam_add_sam_account; (*pdb_method)->update_sam_account = tdbsam_update_sam_account; (*pdb_method)->delete_sam_account = tdbsam_delete_sam_account; tdb_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct tdbsam_privates)); if (!tdb_state) { DEBUG(0, ("talloc() failed for tdbsam private_data!\n")); return NT_STATUS_NO_MEMORY; } if (location) { tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, location); } else { pstring tdbfile; get_private_directory(tdbfile); pstrcat(tdbfile, "/"); pstrcat(tdbfile, PASSDB_FILE_NAME); tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, tdbfile); } (*pdb_method)->private_data = tdb_state; (*pdb_method)->free_private_data = free_private_data; return NT_STATUS_OK; }
/* open up the secrets database */ BOOL secrets_init(void) { pstring fname; if (tdb) return True; get_private_directory(fname); pstrcat(fname,"/secrets.tdb"); tdb = tdb_open_log(fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600); if (!tdb) { DEBUG(0,("Failed to open %s\n", fname)); return False; } return True; }
static void get_trust_account_file_name( char *domain, char *name, char *mac_file) { unsigned int mac_file_len; /* strip the filename to the last '/' */ get_private_directory(mac_file); pstrcat(mac_file, "/"); mac_file_len = strlen(mac_file); if ((int)(sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6) < 0) { DEBUG(0,("trust_password_lock: path %s too long to add trust details.\n", mac_file)); return; } pstrcat(mac_file, domain); pstrcat(mac_file, "."); pstrcat(mac_file, name); pstrcat(mac_file, ".mac"); }
BOOL pdb_generate_sam_sid(void) { char *fname = NULL; extern pstring global_myname; extern fstring global_myworkgroup; BOOL is_dc = False; pstring priv_dir; generate_wellknown_sids(); switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: is_dc = True; break; default: is_dc = False; break; } if (secrets_fetch_domain_sid(global_myname, &global_sam_sid)) { DOM_SID domain_sid; /* We got our sid. If not a pdc/bdc, we're done. */ if (!is_dc) return True; if (!secrets_fetch_domain_sid(global_myworkgroup, &domain_sid)) { /* No domain sid and we're a pdc/bdc. Store it */ if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n")); return False; } return True; } if (!sid_equal(&domain_sid, &global_sam_sid)) { /* Domain name sid doesn't match global sam sid. Re-store global sam sid as domain sid. */ DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n")); if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID as a pdc/bdc.\n")); return False; } return True; } return True; } /* check for an old MACHINE.SID file for backwards compatibility */ get_private_directory(priv_dir); asprintf(&fname, "%s/MACHINE.SID", priv_dir); if (read_sid_from_file(fname, &global_sam_sid)) { /* remember it for future reference and unlink the old MACHINE.SID */ if (!secrets_store_domain_sid(global_myname, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n")); SAFE_FREE(fname); return False; } unlink(fname); if (is_dc) { if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n")); SAFE_FREE(fname); return False; } } /* Stored the old sid from MACHINE.SID successfully. Patch from Stefan "metze" Metzmacher <*****@*****.**>*/ SAFE_FREE(fname); return True; } SAFE_FREE(fname); /* we don't have the SID in secrets.tdb, we will need to generate one and save it */ generate_random_sid(&global_sam_sid); DEBUG(10, ("Generated random SID ...\n")); if (!secrets_store_domain_sid(global_myname, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); return False; } if (is_dc) { if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n")); return False; } } return True; }