The branch, master has been updated via d7d3138... s3-tldap: only include tldap when actually needed. via e16ed33... s3-includes: remove completely unused util_getent.h header. via 1d2dd47... s3-crypto: only include crypto headers when crypto is done. via 26c8449... s3-samr: move samr helper prototypes outside of proto.h via 657fd0b... s3-services: move services.h to where it is actually used. via ca73e03... security: merge builtin rid tables. via 3b529d5... s3-rpc_misc: clean out include/rpc_misc.h. from 2deff34... Refactor the sessionsetup SMB2 code to make it easy to add krb5. Fix a memory leak in returning security blobs.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d7d313851aed176d1caf7374a87c5ad327cb00a8 Author: Günther Deschner <g...@samba.org> Date: Tue May 18 00:39:43 2010 +0200 s3-tldap: only include tldap when actually needed. Guenther commit e16ed3399adf1e0fb9f6979677711bb0ab7d0409 Author: Günther Deschner <g...@samba.org> Date: Tue May 18 00:18:55 2010 +0200 s3-includes: remove completely unused util_getent.h header. Guenther commit 1d2dd47d31e776e5a976069147b33d7c34e5b071 Author: Günther Deschner <g...@samba.org> Date: Tue May 18 00:16:40 2010 +0200 s3-crypto: only include crypto headers when crypto is done. Guenther commit 26c844902c70ea73f43f8e900344c25fb21e607c Author: Günther Deschner <g...@samba.org> Date: Mon May 17 23:27:30 2010 +0200 s3-samr: move samr helper prototypes outside of proto.h Guenther commit 657fd0be1d9e878e98ff9eb79d845a5b6f974cd4 Author: Günther Deschner <g...@samba.org> Date: Mon May 17 23:04:46 2010 +0200 s3-services: move services.h to where it is actually used. Guenther commit ca73e03eb7e8690aef68cfafab36b0b9cc205ab7 Author: Günther Deschner <g...@samba.org> Date: Mon May 17 23:04:08 2010 +0200 security: merge builtin rid tables. Guenther commit 3b529d50be5613f37cf853714ecf78887df1d01b Author: Günther Deschner <g...@samba.org> Date: Mon May 17 22:04:24 2010 +0200 s3-rpc_misc: clean out include/rpc_misc.h. Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther ----------------------------------------------------------------------- Summary of changes: librpc/idl/security.idl | 19 ++++++++++ source3/auth/auth_util.c | 3 +- source3/auth/server_info.c | 1 + source3/auth/token_util.c | 12 +++--- source3/groupdb/mapping.c | 2 +- source3/include/includes.h | 9 ----- source3/include/proto.h | 40 --------------------- source3/include/rpc_misc.h | 49 ------------------------- source3/include/util_getent.h | 60 ------------------------------- source3/lib/tldap.c | 1 + source3/lib/tldap_util.c | 2 + source3/libsmb/clirap.c | 1 + source3/libsmb/ntlmssp.c | 3 ++ source3/libsmb/ntlmssp_sign.c | 4 ++ source3/libsmb/smb_signing.c | 1 + source3/modules/vfs_streams_xattr.c | 1 + source3/passdb/passdb.c | 10 +++--- source3/passdb/pdb_ads.c | 2 + source3/passdb/pdb_get_set.c | 4 +- source3/passdb/pdb_interface.c | 6 ++-- source3/passdb/pdb_ldap.c | 2 +- source3/passdb/pdb_smbpasswd.c | 4 +- source3/passdb/util_builtin.c | 36 +++++++++--------- source3/printing/nt_printing.c | 10 +++--- source3/rpc_client/cli_samr.c | 1 + source3/rpc_client/init_netlogon.c | 1 + source3/rpc_client/init_samr.c | 2 + source3/rpc_server/srv_lsa_nt.c | 2 +- source3/rpc_server/srv_netlog_nt.c | 1 + source3/rpc_server/srv_samr_nt.c | 12 ++++--- source3/rpc_server/srv_samr_util.c | 1 + source3/rpc_server/srv_samr_util.h | 63 +++++++++++++++++++++++++++++++++ source3/rpc_server/srv_spoolss_util.c | 2 +- source3/rpc_server/srv_srvsvc_nt.c | 2 +- source3/rpc_server/srv_svcctl_nt.c | 1 + source3/rpc_server/srv_wkssvc_nt.c | 4 +- source3/services/services_db.c | 1 + source3/services/svc_netlogon.c | 1 + source3/services/svc_rcinit.c | 1 + source3/services/svc_spoolss.c | 1 + source3/services/svc_winreg.c | 1 + source3/services/svc_wins.c | 1 + source3/smbd/chgpasswd.c | 1 + source3/utils/net_groupmap.c | 4 +- source3/utils/net_sam.c | 10 +++--- source3/utils/ntlm_auth.c | 1 + source3/winbindd/winbindd_ads.c | 2 +- source3/winbindd/winbindd_pam.c | 3 +- source3/winbindd/winbindd_passdb.c | 2 +- source3/winbindd/winbindd_rpc.c | 2 +- 50 files changed, 182 insertions(+), 223 deletions(-) delete mode 100644 source3/include/util_getent.h create mode 100644 source3/rpc_server/srv_samr_util.h Changeset truncated at 500 lines: diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 5dfbb40..740a928 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -293,6 +293,25 @@ interface security const int DOMAIN_RID_READONLY_DCS = 521; const int DOMAIN_RID_RAS_SERVERS = 553; + /* well-known builtin RIDs */ + const int BUILTIN_RID_ADMINISTRATORS = 544; + const int BUILTIN_RID_USERS = 545; + const int BUILTIN_RID_GUESTS = 546; + const int BUILTIN_RID_POWER_USERS = 547; + const int BUILTIN_RID_ACCOUNT_OPERATORS = 548; + const int BUILTIN_RID_SERVER_OPERATORS = 549; + const int BUILTIN_RID_PRINT_OPERATORS = 550; + const int BUILTIN_RID_BACKUP_OPERATORS = 551; + const int BUILTIN_RID_REPLICATOR = 552; + const int BUILTIN_RID_RAS_SERVERS = 553; + const int BUILTIN_RID_PRE_2K_ACCESS = 554; + const int BUILTIN_RID_REMOTE_DESKTOP_USERS = 555; + const int BUILTIN_RID_NETWORK_CONF_OPERATORS = 556; + const int BUILTIN_RID_INCOMING_FOREST_TRUST = 557; + const int BUILTIN_RID_PERFMON_USERS = 558; + const int BUILTIN_RID_PERFLOG_USERS = 559; + const int BUILTIN_RID_AUTH_ACCESS = 560; + const int BUILTIN_RID_TS_LICENSE_SERVERS = 561; /* privilege IDs. Please keep the IDs below 64. If we get more diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 5e39dca..34c8190 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -24,6 +24,7 @@ #include "includes.h" #include "smbd/globals.h" #include "../libcli/auth/libcli_auth.h" +#include "../lib/crypto/arcfour.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH @@ -697,7 +698,7 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser return NT_STATUS_NO_MEMORY; } - sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_USER_RID_GUEST); + sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_RID_GUEST); become_root(); ret = pdb_getsampwsid(sampass, &guest_sid); diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index b968c1d..767ae5e 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -18,6 +18,7 @@ */ #include "includes.h" +#include "../lib/crypto/arcfour.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index cf4a541..8e710fd 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -189,7 +189,7 @@ static NTSTATUS add_builtin_administrators(struct nt_user_token *token, } else { sid_copy(&domadm, dom_sid); } - sid_append_rid( &domadm, DOMAIN_GROUP_RID_ADMINS ); + sid_append_rid( &domadm, DOMAIN_RID_ADMINS ); /* Add Administrators if the user beloongs to Domain Admins */ @@ -272,7 +272,7 @@ NTSTATUS create_builtin_users(const DOM_SID *dom_sid) NTSTATUS status; DOM_SID dom_users; - status = create_builtin(BUILTIN_ALIAS_RID_USERS); + status = create_builtin(BUILTIN_RID_USERS); if ( !NT_STATUS_IS_OK(status) ) { DEBUG(5,("create_builtin_users: Failed to create Users\n")); return status; @@ -280,7 +280,7 @@ NTSTATUS create_builtin_users(const DOM_SID *dom_sid) /* add domain users */ if ((IS_DC || (lp_server_role() == ROLE_DOMAIN_MEMBER)) - && sid_compose(&dom_users, dom_sid, DOMAIN_GROUP_RID_USERS)) + && sid_compose(&dom_users, dom_sid, DOMAIN_RID_USERS)) { status = add_sid_to_builtin(&global_sid_Builtin_Users, &dom_users); @@ -301,7 +301,7 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid) TALLOC_CTX *ctx; bool ret; - status = create_builtin(BUILTIN_ALIAS_RID_ADMINS); + status = create_builtin(BUILTIN_RID_ADMINISTRATORS); if ( !NT_STATUS_IS_OK(status) ) { DEBUG(5,("create_builtin_administrators: Failed to create Administrators\n")); return status; @@ -309,7 +309,7 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid) /* add domain admins */ if ((IS_DC || (lp_server_role() == ROLE_DOMAIN_MEMBER)) - && sid_compose(&dom_admins, dom_sid, DOMAIN_GROUP_RID_ADMINS)) + && sid_compose(&dom_admins, dom_sid, DOMAIN_RID_ADMINS)) { status = add_sid_to_builtin(&global_sid_Builtin_Administrators, &dom_admins); @@ -765,7 +765,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, sid_copy(&group_sids[0], &user_sid); sid_split_rid(&group_sids[0], &dummy); - sid_append_rid(&group_sids[0], DOMAIN_GROUP_RID_USERS); + sid_append_rid(&group_sids[0], DOMAIN_RID_USERS); if (!sid_to_gid(&group_sids[0], gid)) { DEBUG(1, ("sid_to_gid(%s) failed\n", diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 7add05e..da5a866 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -126,7 +126,7 @@ bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) sid_peek_rid( &sid, &rid ); - if ( rid == DOMAIN_GROUP_RID_USERS ) { + if ( rid == DOMAIN_RID_USERS ) { fstrcpy( map->nt_name, "None" ); fstrcpy( map->comment, "Ordinary Users" ); sid_copy( &map->sid, &sid ); diff --git a/source3/include/includes.h b/source3/include/includes.h index 6cbef2e..07b31c2 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -634,7 +634,6 @@ struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx); #include "ntioctl.h" #include "../lib/util/charset/charset.h" #include "dynconfig.h" -#include "util_getent.h" #include "debugparse.h" #include "privileges.h" #include "messages.h" @@ -652,11 +651,6 @@ struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx); #include "passdb.h" #include "rpc_secdes.h" #include "msdfs.h" -#include "../lib/crypto/md5.h" -#include "../lib/crypto/md4.h" -#include "../lib/crypto/arcfour.h" -#include "../lib/crypto/crc32.h" -#include "../lib/crypto/hmacmd5.h" struct ntlmssp_state; @@ -684,11 +678,8 @@ struct ntlmssp_state; #include "async_smb.h" #include "../lib/async_req/async_sock.h" #include "talloc_dict.h" -#include "services.h" #include "../lib/util/smb_threads.h" #include "../lib/util/smb_threads_internal.h" -#include "tldap.h" -#include "tldap_util.h" #include "lib/smbconf/smbconf.h" #include "lib/smbconf/smbconf_init.h" diff --git a/source3/include/proto.h b/source3/include/proto.h index 27fa1b5..8735b9a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5716,46 +5716,6 @@ struct tevent_req *np_read_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS np_read_recv(struct tevent_req *req, ssize_t *nread, bool *is_data_outstanding); -/* The following definitions come from rpc_server/srv_samr_util.c */ - -void copy_id2_to_sam_passwd(struct samu *to, - struct samr_UserInfo2 *from); -void copy_id4_to_sam_passwd(struct samu *to, - struct samr_UserInfo4 *from); -void copy_id6_to_sam_passwd(struct samu *to, - struct samr_UserInfo6 *from); -void copy_id8_to_sam_passwd(struct samu *to, - struct samr_UserInfo8 *from); -void copy_id10_to_sam_passwd(struct samu *to, - struct samr_UserInfo10 *from); -void copy_id11_to_sam_passwd(struct samu *to, - struct samr_UserInfo11 *from); -void copy_id12_to_sam_passwd(struct samu *to, - struct samr_UserInfo12 *from); -void copy_id13_to_sam_passwd(struct samu *to, - struct samr_UserInfo13 *from); -void copy_id14_to_sam_passwd(struct samu *to, - struct samr_UserInfo14 *from); -void copy_id16_to_sam_passwd(struct samu *to, - struct samr_UserInfo16 *from); -void copy_id17_to_sam_passwd(struct samu *to, - struct samr_UserInfo17 *from); -void copy_id18_to_sam_passwd(struct samu *to, - struct samr_UserInfo18 *from); -void copy_id20_to_sam_passwd(struct samu *to, - struct samr_UserInfo20 *from); -void copy_id21_to_sam_passwd(const char *log_prefix, - struct samu *to, - struct samr_UserInfo21 *from); -void copy_id23_to_sam_passwd(struct samu *to, - struct samr_UserInfo23 *from); -void copy_id24_to_sam_passwd(struct samu *to, - struct samr_UserInfo24 *from); -void copy_id25_to_sam_passwd(struct samu *to, - struct samr_UserInfo25 *from); -void copy_id26_to_sam_passwd(struct samu *to, - struct samr_UserInfo26 *from); - /* The following definitions come from rpc_server/srv_spoolss_nt.c */ void do_drv_upgrade_printer(struct messaging_context *msg, diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index ccf7d6a..85dd1ce 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -25,55 +25,6 @@ #define SMB_RPC_INTERFACE_VERSION 1 - -/********************************************************************** - * well-known RIDs - Relative IDs - **********************************************************************/ - -/* RIDs - Well-known users ... */ -#define DOMAIN_USER_RID_ADMIN (0x000001F4L) -#define DOMAIN_USER_RID_GUEST (0x000001F5L) -#define DOMAIN_USER_RID_KRBTGT (0x000001F6L) - -/* RIDs - well-known groups ... */ -#define DOMAIN_GROUP_RID_ADMINS (0x00000200L) -#define DOMAIN_GROUP_RID_USERS (0x00000201L) -#define DOMAIN_GROUP_RID_GUESTS (0x00000202L) -#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L) - -#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L) -#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L) -#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L) -#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L) - -/* is the following the right number? I bet it is --simo -#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L) -*/ - -/* RIDs - well-known aliases ... */ -#define BUILTIN_ALIAS_RID_ADMINS (0x00000220L) -#define BUILTIN_ALIAS_RID_USERS (0x00000221L) -#define BUILTIN_ALIAS_RID_GUESTS (0x00000222L) -#define BUILTIN_ALIAS_RID_POWER_USERS (0x00000223L) - -#define BUILTIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L) -#define BUILTIN_ALIAS_RID_SYSTEM_OPS (0x00000225L) -#define BUILTIN_ALIAS_RID_PRINT_OPS (0x00000226L) -#define BUILTIN_ALIAS_RID_BACKUP_OPS (0x00000227L) - -#define BUILTIN_ALIAS_RID_REPLICATOR (0x00000228L) -#define BUILTIN_ALIAS_RID_RAS_SERVERS (0x00000229L) -#define BUILTIN_ALIAS_RID_PRE_2K_ACCESS (0x0000022aL) -#define BUILTIN_ALIAS_RID_REMOTE_DESKTOP_USERS (0x0000022bL) -#define BUILTIN_ALIAS_RID_NETWORK_CONF_OPERATORS (0x0000022cL) -#define BUILTIN_ALIAS_RID_INCOMING_FOREST_TRUST (0x0000022dL) -#define BUILTIN_ALIAS_RID_PERFMON_USERS (0x0000022eL) -#define BUILTIN_ALIAS_RID_PERFLOG_USERS (0x0000022fL) -#define BUILTIN_ALIAS_RID_AUTH_ACCESS (0x00000230L) -#define BUILTIN_ALIAS_RID_TS_LICENSE_SERVERS (0x00000231L) - - - /********************************************************************** * RPC policy handle used pretty much everywhere **********************************************************************/ diff --git a/source3/include/util_getent.h b/source3/include/util_getent.h deleted file mode 100644 index c260e70..0000000 --- a/source3/include/util_getent.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba utility functions - Copyright (C) Simo Sorce 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#ifndef _UTIL_GETENT_H -#define _UTIL_GETENT_H - -/* Element for a single linked list of group entries */ -/* Replace the use of struct group in some cases */ -/* Used by getgrent_list() */ - -struct sys_grent { - char *gr_name; - char *gr_passwd; - gid_t gr_gid; - char **gr_mem; - struct sys_grent *next; -}; - -/* Element for a single linked list of passwd entries */ -/* Replace the use of struct passwd in some cases */ -/* Used by getpwent_list() */ - -struct sys_pwent { - char *pw_name; - char *pw_passwd; - uid_t pw_uid; - gid_t pw_gid; - char *pw_gecos; - char *pw_dir; - char *pw_shell; - struct sys_pwent *next; -}; - -/* Element for a single linked list of user names in a group. */ -/* Used to return group lists that may span multiple lines in - /etc/group file. */ -/* Used by get_users_in_group() */ - -struct sys_userlist { - struct sys_userlist *next, *prev; - char *unix_name; -}; - -#endif /* _UTIL_GETENT_H */ diff --git a/source3/lib/tldap.c b/source3/lib/tldap.c index fffa42c..25f39ed 100644 --- a/source3/lib/tldap.c +++ b/source3/lib/tldap.c @@ -18,6 +18,7 @@ */ #include "includes.h" +#include "tldap.h" bool tevent_req_is_ldap_error(struct tevent_req *req, int *perr) { diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c index f9f54aa..5ff7961 100644 --- a/source3/lib/tldap_util.c +++ b/source3/lib/tldap_util.c @@ -18,6 +18,8 @@ */ #include "includes.h" +#include "tldap.h" +#include "tldap_util.h" bool tldap_entry_values(struct tldap_message *msg, const char *attribute, int *num_values, DATA_BLOB **values) diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index 80e5a41..be4cc0a 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -22,6 +22,7 @@ #include "includes.h" #include "../libcli/auth/libcli_auth.h" #include "../librpc/gen_ndr/rap.h" +#include "../lib/crypto/arcfour.h" /**************************************************************************** Call a remote api diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 56dd6d9..12955d8 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -26,6 +26,9 @@ #include "../libcli/auth/libcli_auth.h" #include "../librpc/gen_ndr/ndr_ntlmssp.h" #include "../libcli/auth/ntlmssp_ndr.h" +#include "../lib/crypto/md5.h" +#include "../lib/crypto/arcfour.h" +#include "../lib/crypto/hmacmd5.h" static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, DATA_BLOB reply, DATA_BLOB *next_request); diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c index 331bf11..733998a 100644 --- a/source3/libsmb/ntlmssp_sign.c +++ b/source3/libsmb/ntlmssp_sign.c @@ -21,6 +21,10 @@ #include "includes.h" #include "ntlmssp.h" #include "../libcli/auth/libcli_auth.h" +#include "../lib/crypto/md5.h" +#include "../lib/crypto/arcfour.h" +#include "../lib/crypto/hmacmd5.h" +#include "../lib/crypto/crc32.h" #define CLI_SIGN "session key to client-to-server signing key magic constant" #define CLI_SEAL "session key to client-to-server sealing key magic constant" diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index 104cf76..d4b350f 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -20,6 +20,7 @@ */ #include "includes.h" +#include "../lib/crypto/md5.h" /* Used by the SMB signing functions. */ diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index d7c0a83..aa7ef08 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -22,6 +22,7 @@ */ #include "includes.h" +#include "../lib/crypto/md5.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_VFS diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 0adefd5..9514e05 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -193,7 +193,7 @@ static NTSTATUS samu_set_unix_internal(struct samu *user, const struct passwd *p /* Special case for the guest account which must have a RID of 501 */ if ( strequal( pwd->pw_name, guest_account ) ) { - if ( !pdb_set_user_sid_from_rid(user, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) { + if ( !pdb_set_user_sid_from_rid(user, DOMAIN_RID_GUEST, PDB_DEFAULT)) { return NT_STATUS_NO_SUCH_USER; } return NT_STATUS_OK; @@ -565,10 +565,10 @@ bool algorithmic_pdb_rid_is_user(uint32 rid) { if ( rid_is_well_known(rid) ) { /* - * The only well known user RIDs are DOMAIN_USER_RID_ADMIN - * and DOMAIN_USER_RID_GUEST. + * The only well known user RIDs are DOMAIN_RID_ADMINISTRATOR + * and DOMAIN_RID_GUEST. */ - if(rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST) + if(rid == DOMAIN_RID_ADMINISTRATOR || rid == DOMAIN_RID_GUEST) return True; } else if((rid & RID_TYPE_MASK) == USER_RID_TYPE) { return True; @@ -592,7 +592,7 @@ bool lookup_global_sam_name(const char *name, int flags, uint32_t *rid, the group already exists. */ if ( strequal( name, "None" ) ) { - *rid = DOMAIN_GROUP_RID_USERS; + *rid = DOMAIN_RID_USERS; *type = SID_NAME_DOM_GRP; return True; diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c index 3ddf4f2..a01d94e 100644 --- a/source3/passdb/pdb_ads.c +++ b/source3/passdb/pdb_ads.c @@ -18,6 +18,8 @@ */ #include "includes.h" +#include "tldap.h" +#include "tldap_util.h" struct pdb_ads_state { struct sockaddr_un socket_address; diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 4725e8e..1416e28 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -274,7 +274,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass) /* Just set it to the 'Domain Users' RID of 513 which will always resolve to a name */ - sid_compose(gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS); + sid_compose(gsid, get_global_sam_sid(), DOMAIN_RID_USERS); sampass->group_sid = gsid; @@ -584,7 +584,7 @@ bool pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_valu -- Samba Shared Repository