DWORD
VmDirTestConnectionFromUser(
PVMDIR_TEST_STATE pState,
PCSTR pszUserName,
LDAP **ppLd
)
{
DWORD dwError = 0;
PSTR pszUserUPN = NULL;
LDAP *pLd;
dwError = VmDirAllocateStringPrintf(
&pszUserUPN,
"%s@%s",
pszUserName,
pState->pszDomain);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pLd,
pState->pszServerName,
pszUserUPN,
pState->pszPassword);
BAIL_ON_VMDIR_ERROR(dwError);
*ppLd = pLd;
cleanup:
VMDIR_SAFE_FREE_STRINGA(pszUserUPN);
return dwError;
error:
goto cleanup;
}
static
int
VmDirMain(int argc, char* argv[])
{
DWORD dwError = 0;
LDAP *pLd = NULL;
COMMAND_LINE_PARAMETER_STATE State = { 0 };
PLW_HASHMAP pUserToSidMapping = NULL; // Used to store "user/group SID" => "display name" mapping.
PLW_HASHMAP pSidToUserMapping = NULL; // Used to store "display name" => "user/group SID" mapping.
CHAR pszPasswordBuf[VMDIR_MAX_PWD_LEN + 1] = { 0 };
dwError = VmDirParseArguments(
&CommandLineOptions,
&State,
argc,
argv);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VdcGetUsersPassword(&State, pszPasswordBuf, VMDIR_ARRAY_SIZE(pszPasswordBuf));
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pLd,
State.pszServerName,
State.pszUserName,
pszPasswordBuf);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VdcLoadUsersAndGroups(pLd, State.pszBaseDN, &pUserToSidMapping, &pSidToUserMapping);
BAIL_ON_VMDIR_ERROR(dwError);
//
// We're either granting a user/group privileges on an object or just showing the
// existing privileges on it.
//
if (State.pszGrantParameter)
{
dwError = VdcGrantPermissionToUser(pLd, pUserToSidMapping, State.pszObjectName, State.pszGrantParameter);
}
else if (State.pszRemoveParameter)
{
dwError = VdcRemovePermissionFromUser(pLd, pUserToSidMapping, State.pszObjectName, State.pszRemoveParameter);
}
else
{
dwError = VdcPrintSecurityDescriptorForObject(pLd, pSidToUserMapping, State.pszObjectName, State.bVerbose);
}
cleanup:
VdcFreeHashMap(&pUserToSidMapping);
VdcFreeHashMap(&pSidToUserMapping);
return dwError;
error:
goto cleanup;
}
static
DWORD
_OpenLdapConnection(
PCSTR pszFQDomainName,
PCSTR pszUsername,
PCSTR pszPassword,
PCSTR pszReplURI,
LDAP **ppLd
)
{
DWORD dwError = 0;
PSTR pszPartnerHostName = NULL;
PSTR pszUPN = NULL;
LDAP *pLd = NULL;
dwError = VmDirReplURIToHostname((PSTR)pszReplURI, &pszPartnerHostName);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirAllocateStringPrintf(
&pszUPN,
"%s@%s",
pszUsername,
pszFQDomainName);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pLd,
pszPartnerHostName,
pszUPN,
pszPassword);
BAIL_ON_VMDIR_ERROR(dwError);
*ppLd = pLd;
cleanup:
VMDIR_SAFE_FREE_MEMORY(pszPartnerHostName);
VMDIR_SAFE_FREE_MEMORY(pszUPN);
return dwError;
error:
VMDIR_LOG_ERROR( VMDIR_LOG_MASK_ALL,
"%s,%d failed, error(%d)", __FUNCTION__, __LINE__, dwError );
if (pLd)
{
ldap_unbind_ext_s(pLd,NULL,NULL);
}
goto cleanup;
}
DWORD
TestInfrastructureInitialize(
PVMDIR_TEST_STATE pState
)
{
DWORD dwError = 0;
PSTR pszLdapUri = NULL;
pState->pfnCleanupCallback = TestInfrastructureCleanup;
pState->pszTestContainerName = DEFAULT_TEST_CONTAINER_NAME;
pState->pszInternalUserName = DEFAULT_INTERNAL_USER_NAME;
dwError = VmDirSetBaseDN(pState);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pState->pLd,
pState->pszServerName,
pState->pszUserUPN,
pState->pszPassword);
BAIL_ON_VMDIR_ERROR(dwError);
//
// Cleanup any leftover state from a previous run.
//
(VOID)VmDirTestDeleteContainer(pState, NULL);
dwError = VmDirTestCreateAnonymousConnection(
pState->pszServerName,
&pState->pLdAnonymous);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = _VmDirTestCreateLimitedUserAndConnection(pState);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = _VmDirTestCreateTestContainer(pState);
BAIL_ON_VMDIR_ERROR(dwError);
cleanup:
return dwError;
error:
VMDIR_SAFE_FREE_STRINGA(pszLdapUri);
goto cleanup;
}
DWORD
_VmDirTestCreateLimitedUserAndConnection(
PVMDIR_TEST_STATE pState
)
{
DWORD dwError = 0;
PSTR pszUserUPN = NULL;
LDAP *pLd;
dwError = VmDirTestCreateUser(
pState,
NULL,
VmDirTestGetInternalUserCn(pState),
NULL);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirAllocateStringPrintf(
&pszUserUPN,
"%s@%s",
VmDirTestGetInternalUserCn(pState),
pState->pszDomain);
BAIL_ON_VMDIR_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pLd,
pState->pszServerName,
pszUserUPN,
pState->pszPassword);
BAIL_ON_VMDIR_ERROR(dwError);
pState->pLdLimited = pLd;
cleanup:
VMDIR_SAFE_FREE_STRINGA(pszUserUPN);
return dwError;
error:
printf("%s failed with error %d\n", __FUNCTION__, dwError);
goto cleanup;
}
DWORD
VmAfdLDAPConnect(
PSTR pszHostName,
DWORD dwPort,
PCSTR pszUpn,
PCSTR pszPassword,
LDAP** ppLotus
)
{
DWORD dwError = 0;
LDAP* pDirectory = NULL;
PSTR pszLdapURI = NULL;
if (dwPort == 0)
{
dwPort = LDAP_PORT;
}
if (VmAfdIsIPV6AddrFormat(pszHostName))
{
dwError = VmAfdAllocateStringPrintf(
&pszLdapURI,
"ldap://[%s]:%d",
pszHostName,
dwPort);
}
else
{
dwError = VmAfdAllocateStringPrintf(
&pszLdapURI,
"ldap://%s:%d",
pszHostName,
dwPort);
}
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VmDirSafeLDAPBind(
&pDirectory,
pszHostName,
pszUpn,
pszPassword);
BAIL_ON_VMAFD_ERROR(dwError);
*ppLotus = pDirectory;
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszLdapURI);
return dwError;
error:
*ppLotus = NULL;
if (pDirectory != NULL)
{
ldap_unbind_ext(pDirectory, NULL, NULL);
}
goto cleanup;
}
