summaryrefslogtreecommitdiff
path: root/source3/winbindd/idmap.c
AgeCommit message (Collapse)AuthorFilesLines
2023-03-29winbind: Add idmap_config_string_list()Volker Lendecke1-0/+11
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2023-03-29winbind: Factor out idmap_config_name()Volker Lendecke1-30/+19
3 times is enough, next patch will add a 4th one. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2020-10-23winbindd/idmap: apply const to struct idmap_methods pointersStefan Metzmacher1-3/+3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2017-10-10winbindd: pass domain SID to wbint_UnixIDs2SidsRalph Boehme1-1/+3
This makes the domain SID available to the idmap child for wbint_UnixIDs2Sids mapping request. It's not used yet anywhere, this comes in the next commit. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13052 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2017-08-04idmap: remove unused function idmap_is_online()Ralph Wuerthner1-5/+0
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Aug 4 14:08:37 CEST 2017 on sn-devel-144
2017-04-22lib: modules: Change XXX_init interface from XXX_init(void) to ↵Jeremy Allison1-1/+1
XXX_init(TALLOC_CTX *) Not currently used - no logic changes inside. This will make it possible to pass down a long-lived talloc context from the loading function for modules to use instead of having them internally all use talloc_autofree_context() which is a hidden global. Updated all known module interface numbers, and added a WHATSNEW. Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
2017-03-20winbind: Add idmap_config_intVolker Lendecke1-0/+15
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20idmap: Use idmap_config_bool in idmap_init_domainVolker Lendecke1-11/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20winbind: Add idmap_config_bool()Volker Lendecke1-0/+15
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20winbind: Use idmap_config_const_string in idmap_init_domainVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20winbind: Use idmap_config_const_string in idmap_init_named_domainVolker Lendecke1-11/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20winbind: Use idmap_config_const_string in domain_has_idmap_configVolker Lendecke1-12/+2
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-03-20winbind: Add idmap_config_const_stringVolker Lendecke1-0/+16
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2017-01-02winbind: Make "idmap_find_domain" publicVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2016-03-30winbind: Remove unused idmap_backends_unixid_to_sidVolker Lendecke1-46/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Mar 30 17:58:48 CEST 2016 on sn-devel-144
2016-03-30winbind: Add idmap_backend_unixids_to_sidsVolker Lendecke1-0/+31
This is the plural version of idmap_backends_unixid_to_sid that expects all ids to come from the same idmap domain. The singular version walks the domain list itself, this one expects the domain name to be passed to it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-30idmap: Factor out lp_scan_idmap_domains()Volker Lendecke1-41/+84
This simplifies idmap_found_domain_backend() by moving the regex magic somewhere else. Also, this routine will be useful soon somewhere else, thus make it non-static to idmap.c. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22winbind: Fix CID 1357100 Unchecked return valueVolker Lendecke1-1/+5
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Mar 22 15:49:14 CET 2016 on sn-devel-144
2016-03-17s3:winbindd:idmap: check loadparm in domain_has_idmap_config() helper as well.Günther Deschner1-0/+22
Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=11786 Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-17s3:winbindd:idmap: add domain_has_idmap_config() helper function.Michael Adam1-0/+15
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11786 Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2015-11-19winbind: Don't crash on invalid idmap configsVolker Lendecke1-0/+1
We should not leave NULL in idmap_domains[]. This will lead to NULL ptr deferences in idmap_find_domain(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=11612 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Nov 19 20:16:44 CET 2015 on sn-devel-104
2015-08-24idmap: Remove "domname" from idmap_backends_unixid_to_sidVolker Lendecke1-4/+3
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
2015-08-24idmap: Use a range search in idmap_backends_unixid_to_sidVolker Lendecke1-1/+11
This obsoletes the domain name in the xid2sid calls Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
2015-08-24idmap: Initialize all idmap domains at startupVolker Lendecke1-90/+109
So far we have initialized idmap domains on demand indexed by name. For sid2xid this works okay, because we could do lookupsids before and thus get the name. For xid2sid this is more problematic. We have to rely on enumtrustdoms to work completely, and we have to look at the list of winbind domains in the parent to get the domain name. Relying on domain->have_idmap_config is not particularly nice. This patch re-works initialization of idmap domains by scanning all parametric parameters, scanning for :backend configuration settings. This way we get a complete list of :range definitions. This means we can rely on the idmap domain array to be complete. This in turn means we can live without the domain name to find a domain, we can do a range search by uid or gid. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
2015-08-24idmap: Move idmap_init() under the static varsVolker Lendecke1-15/+15
Just moving code, idmap_init will need to reference the variables Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
2015-03-04winbind: Fix CID 1273294 Uninitialized scalar variableVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04winbind: Fix CID 1273295 Uninitialized scalar variableVolker Lendecke1-1/+2
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-01-22winbind: Fix idmap initializationVolker Lendecke1-6/+8
The fix is in the sscanf line: %u in the sscanf format mandates the use of a pointer to an "unsigned". idmap_domain->[low|high]_id are uint32_t. On little endian 64-bit this might at least put the correct values into low_id and high_id, but might overwrite the read_only bit set earlier, depending on structure alignment and packing. On big endian 64-bit, this will just fail. Automatic conversion to uint32_t will happen only at assignment, not when you take a pointer of such a thing. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jan 22 17:58:16 CET 2015 on sn-devel-104
2014-07-25s3:idmap: fix talloc hierarchy in idmap_passdb_domain()Michael Adam1-1/+1
(don't init to NULL context - we got one handed in...) Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Jul 25 14:18:20 CEST 2014 on sn-devel-104
2014-07-25s3:idmap: only check the range values if a range setting has been found.Michael Adam1-3/+1
Otherwise, the check is superfluous since high and low values are initialized to 0. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25s3:idmap: move loading of idmap options together before range checking in ↵Michael Adam1-4/+4
idmap_init_domain() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25s3:idmap: in idmap_init_domain() load methods before loading further configMichael Adam1-18/+23
Check whether the requested backend exists at all, before going further into the config parsing. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25s3:idmap: don't log missing range config if range checking not requestedMichael Adam1-2/+2
idmap_init_domain() is called with check_range == false from idmap_passdb_domain(). In this case, we usually don't have an idmap range at all, and we don't want to level 1 debug messages complaining about the fact are irritating at least. This patch removes the debug in the case of check_range == false. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10737 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2014-06-16s3-winbindd: Honour pdb_is_responsible_for_everything_else()Andrew Bartlett1-8/+11
This allows us to avoid running idmap_init_default_domain() which gives an error in the default AD DC config. Andrew Bartlett Change-Id: I923bd941951f6a907e6fa1ad167e5218a01040ff Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2013-03-08s3:idmap: fix a debug message and lower its levelMichael Adam1-1/+2
It is not an error to be logged at level 1 when a domain has no explicitly configured idmap backend. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 8 03:16:54 CET 2013 on sn-devel-104
2012-12-03s3:winbindd: use the new sid_check_is_for_passdb() in ↵Michael Adam1-6/+2
idmap_find_domain_with_sid() This is more correct than the original one: It also hands the wellknown and "Unix Users" and "Unix Groups" sids to passdb for id mapping. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:winbindd: remove unused function idmap_backends_sid_to_unixid()Michael Adam1-41/+0
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:winbindd: make idmap_find_domain() static.Michael Adam1-1/+1
idmap_find_domain_with_sid() should be used instead Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:winbindd: add idmap_find_domain_with_sid()Michael Adam1-0/+16
This will return the passdb domain if the given sid is in our sam or builtin or is the domain sid of those domains. Otherwise it returns the idmap domain that results from the idmap configuration. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03s3:winbindd: rename idmap_init_passdb_domain() -> idmap_passdb_domain()Michael Adam1-3/+3
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-07-23s3-winbind: Fix idmap initialization debug message.Guenther Deschner1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 23 18:19:00 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam1-1/+1
This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2011-06-09s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
2011-04-13s3: Make idmap_find_domain publicVolker Lendecke1-1/+1
Signed-off-by: Jeremy Allison <jra@samba.org>
2011-03-30s3-passdb: use passdb headers where needed.Günther Deschner1-0/+1
Guenther
2011-03-22s3:idmap: make sure that the id mapping system is initialized for first accessMichael Adam1-0/+4
2011-03-22s3:idmap: remove (now) unneeded function parse_idmap_module()Michael Adam1-38/+0
2011-03-22s3:idmap: simply call idmap_init_named_domain for "*" in ↵Michael Adam1-41/+14
idmap_init_default_domain The default domain "*" is now treated exactly the same as other explicitly configured domains.
2011-03-22s3:idmap: remove passdb argument from idmap_init_domain()Michael Adam1-5/+3
2011-03-22s3:idmap: remove the params argument from the init functionMichael Adam1-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 08:40:10 +0000