diff options
author | Yassir Elley <yelley@redhat.com> | 2014-01-20 11:17:06 -0500 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-05-13 22:17:14 +0200 |
commit | 60cab26b12df9a2153823972cde0c38ca86e01b9 (patch) | |
tree | cc10c6da23140859116510f50cfa7dedbff48277 /src/util | |
parent | 66e1502f956ee71de6cd51c37f7752f8aa14f5f5 (diff) | |
download | sssd-60cab26b12df9a2153823972cde0c38ca86e01b9.tar.gz sssd-60cab26b12df9a2153823972cde0c38ca86e01b9.tar.xz sssd-60cab26b12df9a2153823972cde0c38ca86e01b9.zip |
Implemented LDAP component of GPO-based access control
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/sss_ldap.h | 14 | ||||
-rw-r--r-- | src/util/util_errors.c | 1 | ||||
-rw-r--r-- | src/util/util_errors.h | 1 |
3 files changed, 16 insertions, 0 deletions
diff --git a/src/util/sss_ldap.h b/src/util/sss_ldap.h index f298b2fbb..4172da3e4 100644 --- a/src/util/sss_ldap.h +++ b/src/util/sss_ldap.h @@ -55,6 +55,20 @@ int sss_ldap_get_diagnostic_msg(TALLOC_CTX *mem_ctx, #define LDAP_SERVER_ASQ_OID "1.2.840.113556.1.4.1504" #endif /* LDAP_SERVER_ASQ_OID */ +#ifndef LDAP_SERVER_SD_OID +#define LDAP_SERVER_SD_OID "1.2.840.113556.1.4.801" +#endif /* LDAP_SERVER_SD_OID */ + + +/* + * The following four flags specify which security descriptor parts to retrieve + * during sd_search (see http://msdn.microsoft.com/en-us/library/aa366987.aspx) + */ +#define SECINFO_OWNER ( 0x00000001 ) +#define SECINFO_GROUP ( 0x00000002 ) +#define SECINFO_DACL ( 0x00000004 ) +#define SECINFO_SACL ( 0x00000008 ) + int sss_ldap_control_create(const char *oid, int iscritical, struct berval *value, int dupval, LDAPControl **ctrlp); diff --git a/src/util/util_errors.c b/src/util/util_errors.c index 90faa3e42..2b99faf74 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -58,6 +58,7 @@ struct err_string error_to_str[] = { { "Malformed extra attribute" }, /* ERR_INVALID_EXTRA_ATTR */ { "Cannot get bus message sender" }, /* ERR_SBUS_GET_SENDER_ERROR */ { "Bus message has no sender" }, /* ERR_SBUS_NO_SENDER */ + { "User/Group SIDs not found" }, /* ERR_NO_SIDS */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index 4d9f16c0a..da518272b 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -80,6 +80,7 @@ enum sssd_errors { ERR_INVALID_EXTRA_ATTR, ERR_SBUS_GET_SENDER_ERROR, ERR_SBUS_NO_SENDER, + ERR_NO_SIDS, ERR_LAST /* ALWAYS LAST */ }; |