static NTSTATUS auth_sam_ignoredomain_auth(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
if (!user_info || !auth_context) {
return NT_STATUS_UNSUCCESSFUL;
}
return check_sam_security(&auth_context->challenge, mem_ctx,
user_info, server_info);
}
static NTSTATUS auth_samstrict_auth(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
bool is_local_name, is_my_domain;
if (!user_info || !auth_context) {
return NT_STATUS_LOGON_FAILURE;
}
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
is_local_name = is_myname(user_info->mapped.domain_name);
is_my_domain = strequal(user_info->mapped.domain_name, lp_workgroup());
/* check whether or not we service this domain/workgroup name */
switch ( lp_server_role() ) {
case ROLE_STANDALONE:
case ROLE_DOMAIN_MEMBER:
if ( !is_local_name ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names (%s)\n",
user_info->mapped.domain_name, (lp_server_role() == ROLE_DOMAIN_MEMBER
? "ROLE_DOMAIN_MEMBER" : "ROLE_STANDALONE") ));
return NT_STATUS_NOT_IMPLEMENTED;
}
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
if ( !is_local_name && !is_my_domain ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names or domain name (DC)\n",
user_info->mapped.domain_name));
return NT_STATUS_NOT_IMPLEMENTED;
}
default: /* name is ok */
break;
}
return check_sam_security(&auth_context->challenge, mem_ctx,
user_info, server_info);
}
/* This helper function for winbindd returns a very similar value to
* what a NETLOGON call would give, without the indirection */
NTSTATUS check_sam_security_info3(const DATA_BLOB *challenge,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct netr_SamInfo3 **pinfo3)
{
struct auth_serversupplied_info *server_info = NULL;
struct netr_SamInfo3 *info3;
NTSTATUS status;
TALLOC_CTX *frame = talloc_stackframe();
status = check_sam_security(challenge, talloc_tos(), user_info,
&server_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("check_sam_security failed: %s\n",
nt_errstr(status)));
goto done;
}
info3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
if (info3 == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
status = serverinfo_to_SamInfo3(server_info, info3);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("serverinfo_to_SamInfo3 failed: %s\n",
nt_errstr(status)));
goto done;
}
*pinfo3 = info3;
status = NT_STATUS_OK;
done:
TALLOC_FREE(frame);
return status;
}
