diff options
author | Luke Leighton <lkcl@samba.org> | 1998-12-07 22:52:49 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1998-12-07 22:52:49 +0000 |
commit | 2bc031e8fafeafdc58c6a8056597b647d00657ae (patch) | |
tree | 2c7bd8333111763cdbeb13db73f16ef8796d1729 /source/groupdb | |
parent | 8b36c7c08ffa408506c35219e6453a595cbc3a4f (diff) | |
download | samba-2bc031e8fafeafdc58c6a8056597b647d00657ae.tar.gz samba-2bc031e8fafeafdc58c6a8056597b647d00657ae.tar.xz samba-2bc031e8fafeafdc58c6a8056597b647d00657ae.zip |
added ldap files by Matthew Chapman.
Diffstat (limited to 'source/groupdb')
-rw-r--r-- | source/groupdb/aliasldap.c | 316 | ||||
-rw-r--r-- | source/groupdb/builtinldap.c | 317 | ||||
-rw-r--r-- | source/groupdb/groupldap.c | 318 |
3 files changed, 951 insertions, 0 deletions
diff --git a/source/groupdb/aliasldap.c b/source/groupdb/aliasldap.c new file mode 100644 index 00000000000..35d810dabc2 --- /dev/null +++ b/source/groupdb/aliasldap.c @@ -0,0 +1,316 @@ +/* + Unix SMB/Netbios implementation. + Version 2.0. + LDAP local group database for SAMBA + Copyright (C) Matthew Chapman 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +*/ + +#include "includes.h" + +#ifdef WITH_LDAP + +#include <lber.h> +#include <ldap.h> + +extern int DEBUGLEVEL; + +/* Internal state */ +extern LDAP *ldap_struct; +extern LDAPMessage *ldap_results; +extern LDAPMessage *ldap_entry; + +/* Static structure filled for requests */ +static LOCAL_GRP localgrp; + + +/*************************************************************** + Get group and membership information. + ****************************************************************/ + +static LOCAL_GRP *ldapalias_getgrp(LOCAL_GRP *group, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring temp; + char **values; + LOCAL_GRP_MEMBER *memblist; + char *value, *sep; + int i; + + if(!ldap_entry) + return NULL; + + if(!ldap_get_attribute("cn", group->name)) { + DEBUG(0, ("Missing cn\n")); + return NULL; } + + DEBUG(2,("Retrieving alias [%s]\n", group->name)); + + if(ldap_get_attribute("rid", temp)) { + group->rid = atoi(temp); + } else { + DEBUG(0, ("Missing rid\n")); + return NULL; + } + + if(!ldap_get_attribute("description", group->comment)) + group->comment[0] = 0; + + if(!members || !num_membs) { + ldap_entry = ldap_next_entry(ldap_struct, ldap_entry); + return group; + } + + if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) { + + *num_membs = i = ldap_count_values(values); + *members = memblist = malloc(i * sizeof(LOCAL_GRP_MEMBER)); + + do { + value = values[--i]; + + if(!(sep = strchr(value, ','))) { + DEBUG(0, ("Malformed alias member\n")); + return NULL; + } + *(sep++) = 0; + fstrcpy(memblist[i].name, value); + + if(!(value = strchr(sep, ','))) { + DEBUG(0, ("Malformed alias member\n")); + return NULL; + } + *(value++) = 0; + string_to_sid(&memblist[i].sid, sep); + + if((memblist[i].sid_use = atoi(value)) + >= SID_NAME_UNKNOWN) + DEBUG(0, ("Invalid SID use in alias")); + + } while(i > 0); + + ldap_value_free(values); + + } else { + *num_membs = 0; + *members = NULL; + } + + return group; +} + + +/************************************************************************ + Queues the necessary modifications to save a LOCAL_GRP structure + ************************************************************************/ + +static void ldapalias_grpmods(LOCAL_GRP *group, LDAPMod ***mods, int operation) +{ + fstring temp; + + *mods = NULL; + + if(operation == LDAP_MOD_ADD) { /* immutable attributes */ + ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaAlias"); + ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name); + + slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1)); + ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp); + + slprintf(temp, sizeof(temp)-1, "%d", group->rid); + ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp); + } + + ldap_make_mod(mods, operation, "description", group->comment); +} + + +/*************************************************************** + Begin/end smbgrp enumeration. + ****************************************************************/ + +static void *ldapalias_enumfirst(BOOL update) +{ + if (lp_server_role() == ROLE_DOMAIN_NONE) + return NULL; + + if (!ldap_open_connection(False)) + return NULL; + + ldap_search_for("objectClass=sambaAlias"); + + return ldap_struct; +} + +static void ldapalias_enumclose(void *vp) +{ + ldap_close_connection(); +} + + +/************************************************************************* + Save/restore the current position in a query + *************************************************************************/ + +static SMB_BIG_UINT ldapalias_getdbpos(void *vp) +{ + return (SMB_BIG_UINT)((ulong)ldap_entry); +} + +static BOOL ldapalias_setdbpos(void *vp, SMB_BIG_UINT tok) +{ + ldap_entry = (LDAPMessage *)((ulong)tok); + return (True); +} + + +/************************************************************************* + Return limited smb_passwd information, and group membership. + *************************************************************************/ + +static LOCAL_GRP *ldapalias_getgrpbynam(const char *name, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(cn=%s)(objectClass=sambaAlias))", name); + ldap_search_for(filter); + + ret = ldapalias_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapalias_getgrpbygid(gid_t grp_id, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(gidNumber=%d)(objectClass=sambaAlias))", grp_id); + ldap_search_for(filter); + ret = ldapalias_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapalias_getgrpbyrid(uint32 grp_rid, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(rid=%d)(objectClass=sambaAlias))", grp_rid); + ldap_search_for(filter); + ret = ldapalias_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapalias_getcurrentgrp(void *vp, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + return ldapalias_getgrp(&localgrp, members, num_membs); +} + +static BOOL ldapalias_addgrp(LOCAL_GRP *group) +{ + LDAPMod **mods; + + ldapalias_grpmods(group, &mods, LDAP_MOD_ADD); + return ldap_makemods("cn", group->name, mods, True); +} + +static BOOL ldapalias_modgrp(LOCAL_GRP *group) +{ + LDAPMod **mods; + + ldapalias_grpmods(group, &mods, LDAP_MOD_REPLACE); + return ldap_makemods("cn", group->name, mods, False); +} + +static BOOL ldapalias_getusergroups(const char *name, LOCAL_GRP **groups, + int *num_grps) +{ + LOCAL_GRP *grouplist; + fstring filter; + int i; + + slprintf(filter, sizeof(pstring)-1, + "(&(member=%s,*)(objectclass=sambaAlias))", name); + ldap_search_for(filter); + + *num_grps = i = ldap_count_entries(ldap_struct, ldap_results); + + if(!i) { + *groups = NULL; + return (True); + } + + *groups = grouplist = malloc(i * sizeof(LOCAL_GRP)); + do { + i--; + } while(ldapalias_getgrp(&grouplist[i], NULL, NULL) && (i > 0)); + + return (True); +} + + +static struct aliasdb_ops ldapalias_ops = +{ + ldapalias_enumfirst, + ldapalias_enumclose, + ldapalias_getdbpos, + ldapalias_setdbpos, + + ldapalias_getgrpbynam, + ldapalias_getgrpbygid, + ldapalias_getgrpbyrid, + ldapalias_getcurrentgrp, + + ldapalias_addgrp, + ldapalias_modgrp, + + ldapalias_getusergroups +}; + +struct aliasdb_ops *ldap_initialise_alias_db(void) +{ + return &ldapalias_ops; +} + +#else + void aliasldap_dummy_function(void); + void aliasldap_dummy_function(void) { } /* stop some compilers complaining */ +#endif + diff --git a/source/groupdb/builtinldap.c b/source/groupdb/builtinldap.c new file mode 100644 index 00000000000..f2a530cbb95 --- /dev/null +++ b/source/groupdb/builtinldap.c @@ -0,0 +1,317 @@ +/* + Unix SMB/Netbios implementation. + Version 2.0. + LDAP builtin group database for SAMBA + Copyright (C) Matthew Chapman 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +*/ + +#include "includes.h" + +#ifdef WITH_LDAP + +#include <lber.h> +#include <ldap.h> + +extern int DEBUGLEVEL; + +/* Internal state */ +extern LDAP *ldap_struct; +extern LDAPMessage *ldap_results; +extern LDAPMessage *ldap_entry; + +/* Static structure filled for requests */ +static LOCAL_GRP localgrp; + + +/*************************************************************** + Get group and membership information. + ****************************************************************/ + +static LOCAL_GRP *ldapbuiltin_getgrp(LOCAL_GRP *group, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring temp; + char **values; + LOCAL_GRP_MEMBER *memblist; + char *value, *sep; + int i; + + if(!ldap_entry) + return NULL; + + if(!ldap_get_attribute("cn", group->name)) { + DEBUG(0, ("Missing cn\n")); + return NULL; } + + DEBUG(2,("Retrieving alias [%s]\n", group->name)); + + if(ldap_get_attribute("rid", temp)) { + group->rid = atoi(temp); + } else { + DEBUG(0, ("Missing rid\n")); + return NULL; + } + + if(!ldap_get_attribute("description", group->comment)) + group->comment[0] = 0; + + if(!members || !num_membs) { + ldap_entry = ldap_next_entry(ldap_struct, ldap_entry); + return group; + } + + if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) { + + *num_membs = i = ldap_count_values(values); + *members = memblist = malloc(i * sizeof(LOCAL_GRP_MEMBER)); + + do { + value = values[--i]; + + if(!(sep = strchr(value, ','))) { + DEBUG(0, ("Malformed alias member\n")); + return NULL; + } + *(sep++) = 0; + fstrcpy(memblist[i].name, value); + + if(!(value = strchr(sep, ','))) { + DEBUG(0, ("Malformed alias member\n")); + return NULL; + } + *(value++) = 0; + string_to_sid(&memblist[i].sid, sep); + + if((memblist[i].sid_use = atoi(value)) + >= SID_NAME_UNKNOWN) + DEBUG(0, ("Invalid SID use in alias")); + + } while(i > 0); + + ldap_value_free(values); + + } else { + *num_membs = 0; + *members = NULL; + } + + return group; +} + + +/************************************************************************ + Queues the necessary modifications to save a LOCAL_GRP structure + ************************************************************************/ + +static void ldapbuiltin_grpmods(LOCAL_GRP *group, LDAPMod ***mods, + int operation) +{ + fstring temp; + + *mods = NULL; + + if(operation == LDAP_MOD_ADD) { /* immutable attributes */ + ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaBuiltin"); + ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name); + + slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1)); + ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp); + + slprintf(temp, sizeof(temp)-1, "%d", group->rid); + ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp); + } + + ldap_make_mod(mods, operation, "description", group->comment); +} + + +/*************************************************************** + Begin/end smbgrp enumeration. + ****************************************************************/ + +static void *ldapbuiltin_enumfirst(BOOL update) +{ + if (lp_server_role() == ROLE_DOMAIN_NONE) + return NULL; + + if (!ldap_open_connection(False)) + return NULL; + + ldap_search_for("objectClass=sambaBuiltin"); + + return ldap_struct; +} + +static void ldapbuiltin_enumclose(void *vp) +{ + ldap_close_connection(); +} + + +/************************************************************************* + Save/restore the current position in a query + *************************************************************************/ + +static SMB_BIG_UINT ldapbuiltin_getdbpos(void *vp) +{ + return (SMB_BIG_UINT)((ulong)ldap_entry); +} + +static BOOL ldapbuiltin_setdbpos(void *vp, SMB_BIG_UINT tok) +{ + ldap_entry = (LDAPMessage *)((ulong)tok); + return (True); +} + + +/************************************************************************* + Return limited smb_passwd information, and group membership. + *************************************************************************/ + +static LOCAL_GRP *ldapbuiltin_getgrpbynam(const char *name, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(cn=%s)(objectClass=sambaBuiltin))", name); + ldap_search_for(filter); + + ret = ldapbuiltin_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapbuiltin_getgrpbygid(gid_t grp_id, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(gidNumber=%d)(objectClass=sambaBuiltin))", grp_id); + ldap_search_for(filter); + ret = ldapbuiltin_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapbuiltin_getgrpbyrid(uint32 grp_rid, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + LOCAL_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(rid=%d)(objectClass=sambaBuiltin))", grp_rid); + ldap_search_for(filter); + ret = ldapbuiltin_getgrp(&localgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static LOCAL_GRP *ldapbuiltin_getcurrentgrp(void *vp, + LOCAL_GRP_MEMBER **members, int *num_membs) +{ + return ldapbuiltin_getgrp(&localgrp, members, num_membs); +} + +static BOOL ldapbuiltin_addgrp(LOCAL_GRP *group) +{ + LDAPMod **mods; + + ldapbuiltin_grpmods(group, &mods, LDAP_MOD_ADD); + return ldap_makemods("cn", group->name, mods, True); +} + +static BOOL ldapbuiltin_modgrp(LOCAL_GRP *group) +{ + LDAPMod **mods; + + ldapbuiltin_grpmods(group, &mods, LDAP_MOD_REPLACE); + return ldap_makemods("cn", group->name, mods, False); +} + +static BOOL ldapbuiltin_getusergroups(const char *name, + LOCAL_GRP **groups, int *num_grps) +{ + LOCAL_GRP *grouplist; + fstring filter; + int i; + + slprintf(filter, sizeof(pstring)-1, + "(&(member=%s,*)(objectclass=sambaBuiltin))", name); + ldap_search_for(filter); + + *num_grps = i = ldap_count_entries(ldap_struct, ldap_results); + + if(!i) { + *groups = NULL; + return (True); + } + + *groups = grouplist = malloc(i * sizeof(LOCAL_GRP)); + do { + i--; + } while(ldapbuiltin_getgrp(&grouplist[i], NULL, NULL) && (i > 0)); + + return (True); +} + + +static struct aliasdb_ops ldapbuiltin_ops = +{ + ldapbuiltin_enumfirst, + ldapbuiltin_enumclose, + ldapbuiltin_getdbpos, + ldapbuiltin_setdbpos, + + ldapbuiltin_getgrpbynam, + ldapbuiltin_getgrpbygid, + ldapbuiltin_getgrpbyrid, + ldapbuiltin_getcurrentgrp, + + ldapbuiltin_addgrp, + ldapbuiltin_modgrp, + + ldapbuiltin_getusergroups +}; + +struct aliasdb_ops *ldap_initialise_builtin_db(void) +{ + return &ldapbuiltin_ops; +} + +#else + void builtinldap_dummy_function(void); + void builtinldap_dummy_function(void) { } /* stop some compilers complaining */ +#endif + diff --git a/source/groupdb/groupldap.c b/source/groupdb/groupldap.c new file mode 100644 index 00000000000..df0d7552402 --- /dev/null +++ b/source/groupdb/groupldap.c @@ -0,0 +1,318 @@ +/* + Unix SMB/Netbios implementation. + Version 2.0. + LDAP domain group database for SAMBA + Copyright (C) Matthew Chapman 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +*/ + +#include "includes.h" + +#ifdef WITH_LDAP + +#include <lber.h> +#include <ldap.h> + +extern int DEBUGLEVEL; + +/* Internal state */ +extern LDAP *ldap_struct; +extern LDAPMessage *ldap_results; +extern LDAPMessage *ldap_entry; + +/* Static structure filled for requests */ +static DOMAIN_GRP domgrp; + + +/*************************************************************** + Get group and membership information. + ****************************************************************/ + +static DOMAIN_GRP *ldapgroup_getgrp(DOMAIN_GRP *group, + DOMAIN_GRP_MEMBER **members, int *num_membs) +{ + fstring temp; + char **values; + DOMAIN_GRP_MEMBER *memblist; + int i; + + if(!ldap_entry) + return NULL; + + if(!ldap_get_attribute("cn", group->name)) { + DEBUG(0, ("Missing cn\n")); + return NULL; } + + DEBUG(2,("Retrieving group [%s]\n", group->name)); + + if(ldap_get_attribute("rid", temp)) { + group->rid = atoi(temp); + } else { + DEBUG(0, ("Missing rid\n")); + return NULL; + } + + if(!ldap_get_attribute("description", group->comment)) + group->comment[0] = 0; + + group->attr = 0x7; + + if(!members || !num_membs) { + ldap_entry = ldap_next_entry(ldap_struct, ldap_entry); + return group; + } + + if(values = ldap_get_values(ldap_struct, ldap_entry, "uidMember")) { + + DEBUG(0, ("Need to return NT names here\n")); + + *num_membs = i = ldap_count_values(values); + *members = memblist = malloc(i * sizeof(DOMAIN_GRP_MEMBER)); + + do { + fstrcpy(memblist[--i].name, values[i]); + memblist[i].attr = 0x7; + } while(i > 0); + + ldap_value_free(values); + + } else { + *num_membs = 0; + *members = NULL; + } + + ldap_entry = ldap_next_entry(ldap_struct, ldap_entry); + return group; +} + + +/************************************************************************ + Queues the necessary modifications to save a DOMAIN_GRP structure + ************************************************************************/ + +static void ldapgroup_grpmods(DOMAIN_GRP *group, LDAPMod ***mods, + int operation) +{ + fstring temp; + + *mods = NULL; + + if(operation == LDAP_MOD_ADD) { /* immutable attributes */ + ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaGroup"); + ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name); + + slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1)); + ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp); + + slprintf(temp, sizeof(temp)-1, "%d", group->rid); + ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp); + } + + ldap_make_mod(mods, operation, "description", group->comment); +} + + +/*************************************************************** + Begin/end domain group enumeration. + ****************************************************************/ + +static void *ldapgroup_enumfirst(BOOL update) +{ + int server_role = lp_server_role(); + + if (server_role == ROLE_DOMAIN_NONE || + server_role == ROLE_DOMAIN_MEMBER) + return NULL; + + if (!ldap_open_connection(False)) + return NULL; + + ldap_search_for("objectclass=sambaGroup"); + + return ldap_struct; +} + +static void ldapgroup_enumclose(void *vp) +{ + ldap_close_connection(); +} + + +/************************************************************************* + Save/restore the current position in a query + *************************************************************************/ + +static SMB_BIG_UINT ldapgroup_getdbpos(void *vp) +{ + return (SMB_BIG_UINT)((ulong)ldap_entry); +} + +static BOOL ldapgroup_setdbpos(void *vp, SMB_BIG_UINT tok) +{ + ldap_entry = (LDAPMessage *)((ulong)tok); + return (True); +} + + +/************************************************************************* + Return information about domain groups and their members. + *************************************************************************/ + +static DOMAIN_GRP *ldapgroup_getgrpbynam(const char *name, + DOMAIN_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + DOMAIN_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(cn=%s)(objectClass=sambaGroup))", name); + ldap_search_for(filter); + + ret = ldapgroup_getgrp(&domgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static DOMAIN_GRP *ldapgroup_getgrpbygid(gid_t grp_id, + DOMAIN_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + DOMAIN_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(gidNumber=%d)(objectClass=sambaGroup))", grp_id); + ldap_search_for(filter); + + ret = ldapgroup_getgrp(&domgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static DOMAIN_GRP *ldapgroup_getgrpbyrid(uint32 grp_rid, + DOMAIN_GRP_MEMBER **members, int *num_membs) +{ + fstring filter; + DOMAIN_GRP *ret; + + if(!ldap_open_connection(False)) + return (False); + + slprintf(filter, sizeof(filter)-1, + "(&(rid=%d)(objectClass=sambaGroup))", grp_rid); + ldap_search_for(filter); + + ret = ldapgroup_getgrp(&domgrp, members, num_membs); + + ldap_close_connection(); + return ret; +} + +static DOMAIN_GRP *ldapgroup_getcurrentgrp(void *vp, + DOMAIN_GRP_MEMBER **members, int *num_membs) +{ + return ldapgroup_getgrp(&domgrp, members, num_membs); +} + + +/************************************************************************* + Add/modify domain groups. + *************************************************************************/ + +static BOOL ldapgroup_addgrp(DOMAIN_GRP *group) +{ + LDAPMod **mods; + + ldapgroup_grpmods(group, &mods, LDAP_MOD_ADD); + return ldap_makemods("cn", group->name, mods, True); +} + +static BOOL ldapgroup_modgrp(DOMAIN_GRP *group) +{ + LDAPMod **mods; + + ldapgroup_grpmods(group, &mods, LDAP_MOD_REPLACE); + return ldap_makemods("cn", group->name, mods, False); +} + + +/************************************************************************* + Return domain groups that a user is in. + *************************************************************************/ + +static BOOL ldapgroup_getusergroups(const char *name, DOMAIN_GRP **groups, + int *num_grps) +{ + DOMAIN_GRP *grouplist; + fstring filter; + int i; + + slprintf(filter, sizeof(pstring)-1, + "(&(uidMember=%s)(objectclass=sambaGroup))", name); + ldap_search_for(filter); + + *num_grps = i = ldap_count_entries(ldap_struct, ldap_results); + + if(!i) { + *groups = NULL; + return (True); + } + + *groups = grouplist = malloc(i * sizeof(DOMAIN_GRP)); + do { + i--; + } while(ldapgroup_getgrp(&grouplist[i], NULL, NULL) && (i > 0)); + + return (True); +} + + +static struct groupdb_ops ldapgroup_ops = +{ + ldapgroup_enumfirst, + ldapgroup_enumclose, + ldapgroup_getdbpos, + ldapgroup_setdbpos, + + ldapgroup_getgrpbynam, + ldapgroup_getgrpbygid, + ldapgroup_getgrpbyrid, + ldapgroup_getcurrentgrp, + + ldapgroup_addgrp, + ldapgroup_modgrp, + + ldapgroup_getusergroups +}; + +struct groupdb_ops *ldap_initialise_group_db(void) +{ + return &ldapgroup_ops; +} + +#else + void groupldap_dummy_function(void); + void groupldap_dummy_function(void) { } /* stop some compilers complaining */ +#endif + |