static BOOL pdb_generate_sam_sid(void) { DOM_SID domain_sid; char *fname = NULL; BOOL is_dc = False; if(global_sam_sid==NULL) if(!(global_sam_sid=(DOM_SID *)malloc(sizeof(DOM_SID)))) return False; generate_wellknown_sids(); switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: is_dc = True; break; default: is_dc = False; break; } if (is_dc) { if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { sid_copy(global_sam_sid, &domain_sid); return True; } } if (secrets_fetch_domain_sid(global_myname(), global_sam_sid)) { /* We got our sid. If not a pdc/bdc, we're done. */ if (!is_dc) return True; if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { /* No domain sid and we're a pdc/bdc. Store it */ if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n")); return False; } return True; } if (!sid_equal(&domain_sid, global_sam_sid)) { /* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */ DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n")); if (!secrets_store_domain_sid(global_myname(), &domain_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID for local sid as PDC/BDC.\n")); return False; } return True; } return True; } /* check for an old MACHINE.SID file for backwards compatibility */ asprintf(&fname, "%s/MACHINE.SID", lp_private_dir()); if (read_sid_from_file(fname, global_sam_sid)) { /* remember it for future reference and unlink the old MACHINE.SID */ if (!secrets_store_domain_sid(global_myname(), global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n")); SAFE_FREE(fname); return False; } unlink(fname); if (is_dc) { if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n")); SAFE_FREE(fname); return False; } } /* Stored the old sid from MACHINE.SID successfully.*/ SAFE_FREE(fname); return True; } SAFE_FREE(fname); /* we don't have the SID in secrets.tdb, we will need to generate one and save it */ generate_random_sid(global_sam_sid); if (!secrets_store_domain_sid(global_myname(), global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); return False; } if (is_dc) { if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n")); return False; } } return True; }
static struct dom_sid *pdb_generate_sam_sid(void) { struct dom_sid domain_sid; char *fname = NULL; struct dom_sid *sam_sid; if(!(sam_sid=SMB_MALLOC_P(struct dom_sid))) return NULL; if ( IS_DC ) { if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { sid_copy(sam_sid, &domain_sid); return sam_sid; } } if (secrets_fetch_domain_sid(lp_netbios_name(), sam_sid)) { /* We got our sid. If not a pdc/bdc, we're done. */ if ( !IS_DC ) return sam_sid; if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { /* No domain sid and we're a pdc/bdc. Store it */ if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n")); SAFE_FREE(sam_sid); return NULL; } return sam_sid; } if (!dom_sid_equal(&domain_sid, sam_sid)) { /* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */ DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n")); if (!secrets_store_domain_sid(lp_netbios_name(), &domain_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID for local sid as PDC/BDC.\n")); SAFE_FREE(sam_sid); return NULL; } return sam_sid; } return sam_sid; } /* check for an old MACHINE.SID file for backwards compatibility */ if (asprintf(&fname, "%s/MACHINE.SID", lp_private_dir()) == -1) { SAFE_FREE(sam_sid); return NULL; } if (read_sid_from_file(fname, sam_sid)) { /* remember it for future reference and unlink the old MACHINE.SID */ if (!secrets_store_domain_sid(lp_netbios_name(), sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n")); SAFE_FREE(fname); SAFE_FREE(sam_sid); return NULL; } unlink(fname); if ( !IS_DC ) { if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n")); SAFE_FREE(fname); SAFE_FREE(sam_sid); return NULL; } } /* Stored the old sid from MACHINE.SID successfully.*/ SAFE_FREE(fname); return sam_sid; } SAFE_FREE(fname); /* we don't have the SID in secrets.tdb, we will need to generate one and save it */ generate_random_sid(sam_sid); if (!secrets_store_domain_sid(lp_netbios_name(), sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); SAFE_FREE(sam_sid); return NULL; } if ( IS_DC ) { if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n")); SAFE_FREE(sam_sid); return NULL; } } return sam_sid; }
BOOL pdb_generate_sam_sid(void) { char *fname = NULL; extern pstring global_myname; extern fstring global_myworkgroup; BOOL is_dc = False; pstring priv_dir; generate_wellknown_sids(); switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: is_dc = True; break; default: is_dc = False; break; } if (secrets_fetch_domain_sid(global_myname, &global_sam_sid)) { DOM_SID domain_sid; /* We got our sid. If not a pdc/bdc, we're done. */ if (!is_dc) return True; if (!secrets_fetch_domain_sid(global_myworkgroup, &domain_sid)) { /* No domain sid and we're a pdc/bdc. Store it */ if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n")); return False; } return True; } if (!sid_equal(&domain_sid, &global_sam_sid)) { /* Domain name sid doesn't match global sam sid. Re-store global sam sid as domain sid. */ DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n")); if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID as a pdc/bdc.\n")); return False; } return True; } return True; } /* check for an old MACHINE.SID file for backwards compatibility */ get_private_directory(priv_dir); asprintf(&fname, "%s/MACHINE.SID", priv_dir); if (read_sid_from_file(fname, &global_sam_sid)) { /* remember it for future reference and unlink the old MACHINE.SID */ if (!secrets_store_domain_sid(global_myname, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n")); SAFE_FREE(fname); return False; } unlink(fname); if (is_dc) { if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n")); SAFE_FREE(fname); return False; } } /* Stored the old sid from MACHINE.SID successfully. Patch from Stefan "metze" Metzmacher <*****@*****.**>*/ SAFE_FREE(fname); return True; } SAFE_FREE(fname); /* we don't have the SID in secrets.tdb, we will need to generate one and save it */ generate_random_sid(&global_sam_sid); DEBUG(10, ("Generated random SID ...\n")); if (!secrets_store_domain_sid(global_myname, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n")); return False; } if (is_dc) { if (!secrets_store_domain_sid(global_myworkgroup, &global_sam_sid)) { DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n")); return False; } } return True; }