diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-01-29 16:26:07 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2009-02-03 15:27:14 -0500 |
commit | e30cd6ba42c256d2016db45146d616f329455e86 (patch) | |
tree | d4c5291095c80c92bc4803fe7f20fc2838124ffa /daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h | |
parent | c4ed025001895bfc65c613cabbbfcb27c19cc29f (diff) | |
download | freeipa-e30cd6ba42c256d2016db45146d616f329455e86.tar.gz freeipa-e30cd6ba42c256d2016db45146d616f329455e86.tar.xz freeipa-e30cd6ba42c256d2016db45146d616f329455e86.zip |
Mass tree reorganization for IPAv2. To view previous history of files use:
% git log --follow -- <file>
renamed: ipa-server/autogen.sh -> autogen.sh
renamed: ipa-server/ipa-kpasswd/Makefile.am -> daemons/ipa-kpasswd/Makefile.am
renamed: ipa-server/ipa-kpasswd/README -> daemons/ipa-kpasswd/README
renamed: ipa-server/ipa-kpasswd/ipa_kpasswd.c -> daemons/ipa-kpasswd/ipa_kpasswd.c
renamed: ipa-server/ipa-kpasswd/ipa_kpasswd.init -> daemons/ipa-kpasswd/ipa_kpasswd.init
renamed: ipa-server/ipa-slapi-plugins/Makefile.am -> daemons/ipa-slapi-plugins/Makefile.am
renamed: ipa-server/ipa-slapi-plugins/README -> daemons/ipa-slapi-plugins/README
renamed: ipa-server/ipa-slapi-plugins/dna/Makefile.am -> daemons/ipa-slapi-plugins/dna/Makefile.am
renamed: ipa-server/ipa-slapi-plugins/dna/dna-conf.ldif -> daemons/ipa-slapi-plugins/dna/dna-conf.ldif
renamed: ipa-server/ipa-slapi-plugins/dna/dna.c -> daemons/ipa-slapi-plugins/dna/dna.c
renamed: ipa-server/ipa-slapi-plugins/ipa-memberof/Makefile.am -> daemons/ipa-slapi-plugins/ipa-memberof/Makefile.am
renamed: ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c -> daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof.c
renamed: ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h -> daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof.h
renamed: ipa-server/ipa-slapi-plugins/ipa-memberof/ipa-memberof_config.c -> daemons/ipa-slapi-plugins/ipa-memberof/ipa-memberof_config.c
renamed: ipa-server/ipa-slapi-plugins/ipa-memberof/memberof-conf.ldif -> daemons/ipa-slapi-plugins/ipa-memberof/memberof-conf.ldif
renamed: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am -> daemons/ipa-slapi-plugins/ipa-pwd-extop/Makefile.am
renamed: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/README -> daemons/ipa-slapi-plugins/ipa-pwd-extop/README
renamed: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c -> daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
renamed: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/pwd-extop-conf.ldif -> daemons/ipa-slapi-plugins/ipa-pwd-extop/pwd-extop-conf.ldif
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/Makefile.am -> daemons/ipa-slapi-plugins/ipa-winsync/Makefile.am
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/README -> daemons/ipa-slapi-plugins/ipa-winsync/README
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif -> daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c -> daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c -> daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.c
renamed: ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h -> daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h
renamed: ipa-server/xmlrpc-server/ipa-rewrite.conf -> install/conf/ipa-rewrite.conf
renamed: ipa-server/xmlrpc-server/ipa.conf -> install/conf/ipa.conf
renamed: ipa-server/xmlrpc-server/ssbrowser.html -> install/html/ssbrowser.html
renamed: ipa-server/xmlrpc-server/unauthorized.html -> install/html/unauthorized.html
renamed: ipa-server/ipa-install/share/60ipaconfig.ldif -> install/share/60ipaconfig.ldif
renamed: ipa-server/ipa-install/share/60kerberos.ldif -> install/share/60kerberos.ldif
renamed: ipa-server/ipa-install/share/60radius.ldif -> install/share/60radius.ldif
renamed: ipa-server/ipa-install/share/60samba.ldif -> install/share/60samba.ldif
renamed: ipa-server/ipa-install/share/Makefile.am -> install/share/Makefile.am
renamed: ipa-server/ipa-install/share/bind.named.conf.template -> install/share/bind.named.conf.template
renamed: ipa-server/ipa-install/share/bind.zone.db.template -> install/share/bind.zone.db.template
renamed: ipa-server/ipa-install/share/bootstrap-template.ldif -> install/share/bootstrap-template.ldif
renamed: ipa-server/ipa-install/share/certmap.conf.template -> install/share/certmap.conf.template
renamed: ipa-server/ipa-install/share/default-aci.ldif -> install/share/default-aci.ldif
renamed: ipa-server/ipa-install/share/default-keytypes.ldif -> install/share/default-keytypes.ldif
renamed: ipa-server/ipa-install/share/dna-posix.ldif -> install/share/dna-posix.ldif
renamed: ipa-server/ipa-install/share/encrypted_attribute.ldif -> install/share/encrypted_attribute.ldif
renamed: ipa-server/ipa-install/share/fedora-ds.init.patch -> install/share/fedora-ds.init.patch
renamed: ipa-server/ipa-install/share/indices.ldif -> install/share/indices.ldif
renamed: ipa-server/ipa-install/share/kdc.conf.template -> install/share/kdc.conf.template
renamed: ipa-server/ipa-install/share/kerberos.ldif -> install/share/kerberos.ldif
renamed: ipa-server/ipa-install/share/krb.con.template -> install/share/krb.con.template
renamed: ipa-server/ipa-install/share/krb5.conf.template -> install/share/krb5.conf.template
renamed: ipa-server/ipa-install/share/krb5.ini.template -> install/share/krb5.ini.template
renamed: ipa-server/ipa-install/share/krbrealm.con.template -> install/share/krbrealm.con.template
renamed: ipa-server/ipa-install/share/master-entry.ldif -> install/share/master-entry.ldif
renamed: ipa-server/ipa-install/share/memberof-task.ldif -> install/share/memberof-task.ldif
renamed: ipa-server/ipa-install/share/ntp.conf.server.template -> install/share/ntp.conf.server.template
renamed: ipa-server/ipa-install/share/ntpd.sysconfig.template -> install/share/ntpd.sysconfig.template
renamed: ipa-server/ipa-install/share/preferences.html.template -> install/share/preferences.html.template
renamed: ipa-server/ipa-install/share/referint-conf.ldif -> install/share/referint-conf.ldif
renamed: ipa-server/ipa-install/share/schema_compat.uldif -> install/share/schema_compat.uldif
renamed: ipa-server/ipa-install/share/unique-attributes.ldif -> install/share/unique-attributes.ldif
renamed: ipa-server/ipa-install/Makefile.am -> install/tools/Makefile.am
renamed: ipa-server/ipa-install/README -> install/tools/README
renamed: ipa-server/ipa-compat-manage -> install/tools/ipa-compat-manage
renamed: ipa-server/ipa-fix-CVE-2008-3274 -> install/tools/ipa-fix-CVE-2008-3274
renamed: ipa-server/ipa-ldap-updater -> install/tools/ipa-ldap-updater
renamed: ipa-server/ipa-install/ipa-replica-install -> install/tools/ipa-replica-install
renamed: ipa-server/ipa-install/ipa-replica-manage -> install/tools/ipa-replica-manage
renamed: ipa-server/ipa-install/ipa-replica-prepare -> install/tools/ipa-replica-prepare
renamed: ipa-server/ipa-install/ipa-server-certinstall -> install/tools/ipa-server-certinstall
renamed: ipa-server/ipa-install/ipa-server-install -> install/tools/ipa-server-install
renamed: ipa-server/ipa-upgradeconfig -> install/tools/ipa-upgradeconfig
renamed: ipa-server/ipa-install/ipactl -> install/tools/ipactl
renamed: ipa-server/man/Makefile.am -> install/tools/man/Makefile.am
renamed: ipa-server/man/ipa-compat-manage.1 -> install/tools/man/ipa-compat-manage.1
renamed: ipa-server/man/ipa-ldap-updater.1 -> install/tools/man/ipa-ldap-updater.1
renamed: ipa-server/man/ipa-replica-install.1 -> install/tools/man/ipa-replica-install.1
renamed: ipa-server/man/ipa-replica-manage.1 -> install/tools/man/ipa-replica-manage.1
renamed: ipa-server/man/ipa-replica-prepare.1 -> install/tools/man/ipa-replica-prepare.1
renamed: ipa-server/man/ipa-server-certinstall.1 -> install/tools/man/ipa-server-certinstall.1
renamed: ipa-server/man/ipa-server-install.1 -> install/tools/man/ipa-server-install.1
renamed: ipa-server/man/ipa_kpasswd.8 -> install/tools/man/ipa_kpasswd.8
renamed: ipa-server/man/ipa_webgui.8 -> install/tools/man/ipa_webgui.8
renamed: ipa-server/man/ipactl.8 -> install/tools/man/ipactl.8
renamed: ipa-server/ipa-install/updates/Makefile.am -> install/updates/Makefile.am
renamed: ipa-server/ipa-install/updates/RFC2307bis.update -> install/updates/RFC2307bis.update
renamed: ipa-server/ipa-install/updates/RFC4876.update -> install/updates/RFC4876.update
renamed: ipa-server/ipa-install/updates/indices.update -> install/updates/indices.update
renamed: ipa-server/ipa-install/updates/nss_ldap.update -> install/updates/nss_ldap.update
renamed: ipa-server/ipa-install/updates/replication.update -> install/updates/replication.update
renamed: ipa-server/ipa-install/updates/winsync_index.update -> install/updates/winsync_index.update
renamed: ipa-server/ipaserver/Makefile.am -> ipaserver/install/Makefile.am
renamed: ipa-server/ipaserver/__init__.py -> ipaserver/install/__init__.py
renamed: ipa-server/ipaserver/bindinstance.py -> ipaserver/install/bindinstance.py
renamed: ipa-server/ipaserver/certs.py -> ipaserver/install/certs.py
renamed: ipa-server/ipaserver/dsinstance.py -> ipaserver/install/dsinstance.py
renamed: ipa-server/ipaserver/httpinstance.py -> ipaserver/install/httpinstance.py
renamed: ipa-server/ipaserver/installutils.py -> ipaserver/install/installutils.py
renamed: ipa-server/ipaserver/ipaldap.py -> ipaserver/install/ipaldap.py
renamed: ipa-server/ipaserver/krbinstance.py -> ipaserver/install/krbinstance.py
renamed: ipa-server/ipaserver/ldapupdate.py -> ipaserver/install/ldapupdate.py
renamed: ipa-server/ipaserver/ntpinstance.py -> ipaserver/install/ntpinstance.py
renamed: ipa-server/ipaserver/replication.py -> ipaserver/install/replication.py
renamed: ipa-server/ipaserver/service.py -> ipaserver/install/service.py
renamed: ipa-server/selinux/Makefile -> selinux/Makefile
renamed: ipa-server/selinux/ipa-server-selinux.spec.in -> selinux/ipa-server-selinux.spec.in
renamed: ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.fc -> selinux/ipa_kpasswd/ipa_kpasswd.fc
renamed: ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.te -> selinux/ipa_kpasswd/ipa_kpasswd.te
renamed: ipa-server/selinux/ipa_webgui/ipa_webgui.fc -> selinux/ipa_webgui/ipa_webgui.fc
renamed: ipa-server/selinux/ipa_webgui/ipa_webgui.te -> selinux/ipa_webgui/ipa_webgui.te
renamed: ipa-server/version.m4.in -> version.m4.in
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h | 160 |
1 files changed, 160 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h new file mode 100644 index 000000000..58a9a6c40 --- /dev/null +++ b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync.h @@ -0,0 +1,160 @@ +/** BEGIN COPYRIGHT BLOCK + * This Program is free software; you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free Software + * Foundation; version 2 of the License. + * + * This Program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details + * + * You should have received a copy of the GNU General Public License along with + * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place, Suite 330, Boston, MA 02111-1307 USA. + * + * In addition, as a special exception, Red Hat, Inc. gives You the additional + * right to link the code of this Program with code not covered under the GNU + * General Public License ("Non-GPL Code") and to distribute linked combinations + * including the two, subject to the limitations in this paragraph. Non-GPL Code + * permitted under this exception must only link to the code of this Program + * through those well defined interfaces identified in the file named EXCEPTION + * found in the source code files (the "Approved Interfaces"). The files of + * Non-GPL Code may instantiate templates or use macros or inline functions from + * the Approved Interfaces without causing the resulting work to be covered by + * the GNU General Public License. Only Red Hat, Inc. may make changes or + * additions to the list of Approved Interfaces. You must obey the GNU General + * Public License in all respects for all of the Program code and other code + * used in conjunction with the Program except the Non-GPL Code covered by this + * exception. If you modify this file, you may extend this exception to your + * version of the file, but you are not obligated to do so. If you do not wish + * to provide this exception without modification, you must delete this + * exception statement from your version and license this file solely under the + * GPL without exception. + * + * Authors: + * Rich Megginson <rmeggins@redhat.com> + * + * Copyright (C) 2008 Red Hat, Inc. + * All rights reserved. + * END COPYRIGHT BLOCK **/ + +#ifndef IPA_WINSYNC_H +#define IPA_WINSYNC_H + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +#ifdef WINSYNC_TEST_IPA +#include <slapi-plugin.h> +#include "winsync-plugin.h" +#else /* the default */ +#include <dirsrv/slapi-plugin.h> +#include <dirsrv/winsync-plugin.h> +#endif /* WINSYNC_TEST_IPA */ + +#define IPA_WINSYNC_PLUGIN_NAME "ipa-winsync" + +typedef struct ipa_winsync_config_struct { + Slapi_Mutex *lock; /* for config access */ + Slapi_Entry *config_e; /* configuration entry */ + PRBool flatten; /* flatten AD DNs */ + char *realm_filter; + char *realm_attr; + char *new_entry_filter; + char *new_user_oc_attr; /* don't care about groups for now */ + char *homedir_prefix_attr; + char *default_group_attr; + char *default_group_filter; + int acct_disable; /* see below for possible values */ + char *inactivated_filter; + char *activated_filter; + PRBool forceSync; +} IPA_WinSync_Config; + +/* + This is the structure that holds our domain + specific configuration +*/ +typedef struct ipa_winsync_domain_config { + Slapi_Entry *domain_e; /* info is stored in this entry */ + char *realm_name; /* realm name */ + char *homedir_prefix; + char *inactivated_group_dn; /* DN of inactivated group */ + char *activated_group_dn; /* DN of activated group */ +} IPA_WinSync_Domain_Config; + +void ipa_winsync_set_plugin_identity(void * identity); +void * ipa_winsync_get_plugin_identity(); + +int ipa_winsync_config( Slapi_Entry *config_e ); +IPA_WinSync_Config *ipa_winsync_get_config( void ); + +/* + * Agreement/domain specific configuration + */ +/* return a new domain specific configuration object */ +void *ipa_winsync_config_new_domain(const Slapi_DN *ds_subtree, const Slapi_DN *ad_subtree); +/* refresh the domain specific configuration object */ +void ipa_winsync_config_refresh_domain(void *cbdata, const Slapi_DN *ds_subtree, const Slapi_DN *ad_subtree); +/* destroy the domain specific configuration object */ +void ipa_winsync_config_destroy_domain(void *cbdata, const Slapi_DN *ds_subtree, const Slapi_DN *ad_subtree); + +/* name of attribute holding the filter to use to + find the ipa realm value +*/ +#define IPA_WINSYNC_REALM_FILTER_ATTR "ipaWinSyncRealmFilter" +/* name of attribute holding the name of the attribute + which contains the ipa realm value +*/ +#define IPA_WINSYNC_REALM_ATTR_ATTR "ipaWinSyncRealmAttr" +/* name of attribute holding the filter to use to + find the new user template entry +*/ +#define IPA_WINSYNC_NEW_ENTRY_FILTER_ATTR "ipaWinSyncNewEntryFilter" +/* name of attribute holding the name of the attribute + in the new user template entry which has the list of objectclasses +*/ +#define IPA_WINSYNC_NEW_USER_OC_ATTR "ipaWinSyncNewUserOCAttr" +/* name of attribute holding the new user attributes and values */ +#define IPA_WINSYNC_NEW_USER_ATTRS_VALS "ipaWinSyncUserAttr" +/* name of attribute holding the name of the attribute which + has the homeDirectory prefix - suffix is the uid */ +#define IPA_WINSYNC_HOMEDIR_PREFIX_ATTR "ipaWinsyncHomeDirAttr" +/* name of attribute holding the name of the attribute which is + used to get the default posix gidNumber */ +#define IPA_WINSYNC_DEFAULTGROUP_ATTR "ipaWinSyncDefaultGroupAttr" +/* filter used to find the group with the gid number whose group name + is in the IPA_WINSYNC_DEFAULTGROUP_ATTR - the filter will have + cn=valueofIPA_WINSYNC_DEFAULTGROUP_ATTR appended to it */ +#define IPA_WINSYNC_DEFAULTGROUP_FILTER_ATTR "ipaWinSyncDefaultGroupFilter" +/* name of attribute holding boolean value to flatten user dns or not */ +#define IPA_WINSYNC_USER_FLATTEN "ipaWinSyncUserFlatten" +/* name of attribute holding account disable sync value */ +#define IPA_WINSYNC_ACCT_DISABLE "ipaWinSyncAcctDisable" +/* possible values of IPA_WINSYNC_ACCT_DISABLE */ +#define IPA_WINSYNC_ACCT_DISABLE_NONE "none" +#define IPA_WINSYNC_ACCT_DISABLE_TO_AD "to_ad" +#define IPA_WINSYNC_ACCT_DISABLE_TO_DS "to_ds" +#define IPA_WINSYNC_ACCT_DISABLE_BOTH "both" +/* enum representing the values above */ +enum { + ACCT_DISABLE_INVALID, /* the invalid value */ + ACCT_DISABLE_NONE, /* do not sync acct disable status */ + ACCT_DISABLE_TO_AD, /* sync only from ds to ad */ + ACCT_DISABLE_TO_DS, /* sync only from ad to ds */ + ACCT_DISABLE_BOTH /* bi-directional sync */ +}; +/* name of attributes holding the search filters to use to find + the DN of the groups that represent inactivated and activated users */ +#define IPA_WINSYNC_INACTIVATED_FILTER "ipaWinSyncInactivatedFilter" +#define IPA_WINSYNC_ACTIVATED_FILTER "ipaWinSyncActivatedFilter" +/* name of attribute holding the value of the forceSync parameter - + this is a boolean attribute - if true, all users in AD that have + a corresponding entry in the DS will be synced - there will be no + way to "turn off sync" on individual entries - if this value is + false, only users which have the ntUser objectclass and an + ntDomainUserID attribute which corresponds to an AD account + with the same value for samAccountName will be synced +*/ +#define IPA_WINSYNC_FORCE_SYNC "ipaWinSyncForceSync" +#endif /* IPA_WINSYNC_H */ |