NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, const DOM_SID *member)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->del_aliasmem(alias, member);
}
/*
initialise the tdb mapping backend
*/
const struct mapping_backend *groupdb_tdb_init(void)
{
if (!init_group_mapping()) {
DEBUG(0,("Failed to initialise tdb mapping backend\n"));
return NULL;
}
return &tdb_backend;
}
NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, DOM_SID **pp_members,
size_t *p_num_members)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->enum_aliasmem(alias, pp_members, p_num_members);
}
NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods,
DOM_SID sid)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->group_map_remove(&sid) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->add_mapping_entry(map, TDB_REPLACE) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
const char *name)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->get_group_map_from_ntname(name, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->get_group_map_from_gid(gid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
const DOM_SID *sid, enum lsa_SidType sid_name_use,
GROUP_MAP **pp_rmap, size_t *p_num_entries,
bool unix_only)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return backend->enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
const DOM_SID *members,
size_t num_members,
uint32 **pp_alias_rids,
size_t *p_num_alias_rids)
{
DOM_SID *alias_sids;
size_t i, num_alias_sids;
NTSTATUS result;
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
alias_sids = NULL;
num_alias_sids = 0;
result = alias_memberships(members, num_members,
&alias_sids, &num_alias_sids);
if (!NT_STATUS_IS_OK(result))
return result;
*p_num_alias_rids = 0;
if (num_alias_sids == 0) {
TALLOC_FREE(alias_sids);
return NT_STATUS_OK;
}
*pp_alias_rids = TALLOC_ARRAY(mem_ctx, uint32, num_alias_sids);
if (*pp_alias_rids == NULL)
return NT_STATUS_NO_MEMORY;
for (i=0; i<num_alias_sids; i++) {
if (!sid_peek_check_rid(domain_sid, &alias_sids[i],
&(*pp_alias_rids)[*p_num_alias_rids]))
continue;
*p_num_alias_rids += 1;
}
TALLOC_FREE(alias_sids);
return NT_STATUS_OK;
}
/****************************************************************************
initialise first time the mapping list
****************************************************************************/
NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum lsa_SidType sid_name_use, const char *nt_name, const char *comment)
{
GROUP_MAP map;
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
map.gid=gid;
if (!string_to_sid(&map.sid, sid)) {
DEBUG(0, ("string_to_sid failed: %s", sid));
return NT_STATUS_UNSUCCESSFUL;
}
map.sid_name_use=sid_name_use;
fstrcpy(map.nt_name, nt_name);
fstrcpy(map.comment, comment);
return pdb_add_group_mapping_entry(&map);
}
bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
{
struct group *grp;
bool ret;
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return(False);
}
DEBUG(10, ("get_domain_group_from_sid\n"));
/* if the group is NOT in the database, it CAN NOT be a domain group */
become_root();
ret = pdb_getgrsid(map, sid);
unbecome_root();
/* special case check for rid 513 */
if ( !ret ) {
uint32 rid;
sid_peek_rid( &sid, &rid );
if ( rid == DOMAIN_GROUP_RID_USERS ) {
fstrcpy( map->nt_name, "None" );
fstrcpy( map->comment, "Ordinary Users" );
sid_copy( &map->sid, &sid );
map->sid_name_use = SID_NAME_DOM_GRP;
map->gid = (gid_t)-1;
return True;
}
return False;
}
DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
/* if it's not a domain group, continue */
if (map->sid_name_use!=SID_NAME_DOM_GRP) {
return False;
}
DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n"));
if (map->gid==-1) {
return False;
}
DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid));
grp = getgrgid(map->gid);
if ( !grp ) {
DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in UNIX security\n"));
return False;
}
DEBUG(10, ("get_domain_group_from_sid: gid exists in UNIX security\n"));
return True;
}
