net_rpc_samsync.c

samba-3.0.22.tar.gz 编译smb服务器的源码

	fprintf(add_fd, "sambaPwdCanChange: 0\n");
	fprintf(add_fd, "sambaPwdMustChange: 2147483647\n");
	fprintf(add_fd, "sambaHomePath: \\\\PDC-SMD3\\homes\\nobody\n");
	fprintf(add_fd, "sambaHomeDrive: H:\n");
	fprintf(add_fd, "sambaProfilePath: \\\\PDC-SMB3\\profiles\\nobody\n");
	fprintf(add_fd, "sambaprimaryGroupSID: %s-514\n", sid);
	fprintf(add_fd, "sambaLMPassword: NOPASSWORDXXXXXXXXXXXXXXXXXXXXX\n");
	fprintf(add_fd, "sambaNTPassword: NOPASSWORDXXXXXXXXXXXXXXXXXXXXX\n");
	fprintf(add_fd, "sambaAcctFlags: [NU\n");
	fprintf(add_fd, "sambaSID: %s-2998\n", sid);
	fprintf(add_fd, "loginShell: /bin/false\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Domain Admins entity */ 
	fprintf(add_fd, "# Domain Admins, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Domain Admins,ou=%s,%s\n", group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "cn: Domain Admins\n");
	fprintf(add_fd, "memberUid: Administrator\n");
	fprintf(add_fd, "description: Netbios Domain Administrators\n");
	fprintf(add_fd, "gidNumber: 512\n");
	fprintf(add_fd, "sambaSID: %s-512\n", sid);
	fprintf(add_fd, "sambaGroupType: 2\n");
	fprintf(add_fd, "displayName: Domain Admins\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Domain Users entity */ 
	fprintf(add_fd, "# Domain Users, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Domain Users,ou=%s,%s\n", group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "cn: Domain Users\n");
	fprintf(add_fd, "description: Netbios Domain Users\n");
	fprintf(add_fd, "gidNumber: 513\n");
	fprintf(add_fd, "sambaSID: %s-513\n", sid);
	fprintf(add_fd, "sambaGroupType: 2\n");
	fprintf(add_fd, "displayName: Domain Users\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Domain Guests entity */ 
	fprintf(add_fd, "# Domain Guests, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Domain Guests,ou=%s,%s\n", group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "cn: Domain Guests\n");
	fprintf(add_fd, "description: Netbios Domain Guests\n");
	fprintf(add_fd, "gidNumber: 514\n");
	fprintf(add_fd, "sambaSID: %s-514\n", sid);
	fprintf(add_fd, "sambaGroupType: 2\n");
	fprintf(add_fd, "displayName: Domain Guests\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Domain Computers entity */
	fprintf(add_fd, "# Domain Computers, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Domain Computers,ou=%s,%s\n",
		group_attr, suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "gidNumber: 515\n");
	fprintf(add_fd, "cn: Domain Computers\n");
	fprintf(add_fd, "description: Netbios Domain Computers accounts\n");
	fprintf(add_fd, "sambaSID: %s-515\n", sid);
	fprintf(add_fd, "sambaGroupType: 2\n");
	fprintf(add_fd, "displayName: Domain Computers\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Admininistrators Groups entity */
	fprintf(add_fd, "# Administrators, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Administrators,ou=%s,%s\n", group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "gidNumber: 544\n");
	fprintf(add_fd, "cn: Administrators\n");
	fprintf(add_fd, "description: Netbios Domain Members can fully administer the computer/sambaDomainName\n");
	fprintf(add_fd, "sambaSID: %s-544\n", builtin_sid);
	fprintf(add_fd, "sambaGroupType: 5\n");
	fprintf(add_fd, "displayName: Administrators\n");
	fprintf(add_fd, "\n");

	/* Write the Print Operator entity */
	fprintf(add_fd, "# Print Operators, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Print Operators,ou=%s,%s\n",
		group_attr, suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "gidNumber: 550\n");
	fprintf(add_fd, "cn: Print Operators\n");
	fprintf(add_fd, "description: Netbios Domain Print Operators\n");
	fprintf(add_fd, "sambaSID: %s-550\n", builtin_sid);
	fprintf(add_fd, "sambaGroupType: 5\n");
	fprintf(add_fd, "displayName: Print Operators\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Backup Operators entity */
	fprintf(add_fd, "# Backup Operators, %s, %s\n", group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=Backup Operators,ou=%s,%s\n",
		group_attr, suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "gidNumber: 551\n");
	fprintf(add_fd, "cn: Backup Operators\n");
	fprintf(add_fd, "description: Netbios Domain Members can bypass file security to back up files\n");
	fprintf(add_fd, "sambaSID: %s-551\n", builtin_sid);
	fprintf(add_fd, "sambaGroupType: 5\n");
	fprintf(add_fd, "displayName: Backup Operators\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Write the Replicators entity */
	fprintf(add_fd, "# Replicators, %s, %s\n", group_attr, suffix);
	fprintf(add_fd, "dn: cn=Replicators,ou=%s,%s\n", group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "gidNumber: 552\n");
	fprintf(add_fd, "cn: Replicators\n");
	fprintf(add_fd, "description: Netbios Domain Supports file replication in a sambaDomainName\n");
	fprintf(add_fd, "sambaSID: %s-552\n", builtin_sid);
	fprintf(add_fd, "sambaGroupType: 5\n");
	fprintf(add_fd, "displayName: Replicators\n");
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Deallocate memory, and return */
	if (suffix_attr != NULL) SAFE_FREE(suffix_attr);
	return NT_STATUS_OK;
}

static NTSTATUS map_populate_groups(GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, 
		    const char *suffix, const char *builtin_sid)
{
	char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');

	/* Map the groups created by populate_ldap_for_ldif */
	groupmap[0].rid = 512;
	groupmap[0].gidNumber = 512;
	pstr_sprintf(groupmap[0].sambaSID, "%s-512", sid);
	pstr_sprintf(groupmap[0].group_dn, "cn=Domain Admins,ou=%s,%s", 
                     group_attr, suffix);
	accountmap[0].rid = 512;
	pstr_sprintf(accountmap[0].cn, "%s", "Domain Admins");

	groupmap[1].rid = 513;
	groupmap[1].gidNumber = 513;
	pstr_sprintf(groupmap[1].sambaSID, "%s-513", sid);
	pstr_sprintf(groupmap[1].group_dn, "cn=Domain Users,ou=%s,%s", 
                     group_attr, suffix);
	accountmap[1].rid = 513;
	pstr_sprintf(accountmap[1].cn, "%s", "Domain Users");

	groupmap[2].rid = 514;
	groupmap[2].gidNumber = 514;
	pstr_sprintf(groupmap[2].sambaSID, "%s-514", sid);
	pstr_sprintf(groupmap[2].group_dn, "cn=Domain Guests,ou=%s,%s", 
                     group_attr, suffix);
	accountmap[2].rid = 514;
	pstr_sprintf(accountmap[2].cn, "%s", "Domain Guests");

	groupmap[3].rid = 515;
	groupmap[3].gidNumber = 515;
	pstr_sprintf(groupmap[3].sambaSID, "%s-515", sid);
	pstr_sprintf(groupmap[3].group_dn, "cn=Domain Computers,ou=%s,%s",
                     group_attr, suffix);
	accountmap[3].rid = 515;
	pstr_sprintf(accountmap[3].cn, "%s", "Domain Computers");

	groupmap[4].rid = 544;
	groupmap[4].gidNumber = 544;
	pstr_sprintf(groupmap[4].sambaSID, "%s-544", builtin_sid);
	pstr_sprintf(groupmap[4].group_dn, "cn=Administrators,ou=%s,%s",
                     group_attr, suffix);
	accountmap[4].rid = 515;
	pstr_sprintf(accountmap[4].cn, "%s", "Administrators");

	groupmap[5].rid = 550;
	groupmap[5].gidNumber = 550;
	pstr_sprintf(groupmap[5].sambaSID, "%s-550", builtin_sid);
	pstr_sprintf(groupmap[5].group_dn, "cn=Print Operators,ou=%s,%s",
                     group_attr, suffix);
	accountmap[5].rid = 550;
	pstr_sprintf(accountmap[5].cn, "%s", "Print Operators");

	groupmap[6].rid = 551;
	groupmap[6].gidNumber = 551;
	pstr_sprintf(groupmap[6].sambaSID, "%s-551", builtin_sid);
	pstr_sprintf(groupmap[6].group_dn, "cn=Backup Operators,ou=%s,%s",
                     group_attr, suffix);
	accountmap[6].rid = 551;
	pstr_sprintf(accountmap[6].cn, "%s", "Backup Operators");

	groupmap[7].rid = 552;
	groupmap[7].gidNumber = 552;
	pstr_sprintf(groupmap[7].sambaSID, "%s-552", builtin_sid);
	pstr_sprintf(groupmap[7].group_dn, "cn=Replicators,ou=%s,%s",
		     group_attr, suffix);
	accountmap[7].rid = 551;
	pstr_sprintf(accountmap[7].cn, "%s", "Replicators");
	return NT_STATUS_OK;
}

static NTSTATUS fetch_group_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap,
			 FILE *add_fd, fstring sid, char *suffix)
{
	fstring groupname;
	uint32 grouptype = 0, g_rid = 0;
	char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');

	/* Get the group name */
	unistr2_to_ascii(groupname, 
	  		 &(delta->group_info.uni_grp_name),
			 sizeof(groupname)-1);

	/* Set up the group type (always 2 for group info) */
	grouptype = 2;

	/* These groups are entered by populate_ldap_for_ldif */
	if (strcmp(groupname, "Domain Admins") == 0 ||
            strcmp(groupname, "Domain Users") == 0 ||
	    strcmp(groupname, "Domain Guests") == 0 ||
	    strcmp(groupname, "Domain Computers") == 0 ||
	    strcmp(groupname, "Administrators") == 0 ||
	    strcmp(groupname, "Print Operators") == 0 ||
	    strcmp(groupname, "Backup Operators") == 0 ||
	    strcmp(groupname, "Replicators") == 0) {
		return NT_STATUS_OK;
	} else {
		/* Increment the gid for the new group */
	        ldif_gid++;
	}

	/* Map the group rid, gid, and dn */
	g_rid = delta->group_info.gid.g_rid;
	groupmap->rid = g_rid;
	groupmap->gidNumber = ldif_gid;
	pstr_sprintf(groupmap->sambaSID, "%s-%d", sid, g_rid);
	pstr_sprintf(groupmap->group_dn, 
		     "cn=%s,ou=%s,%s", groupname, group_attr, suffix);

	/* Write the data to the temporary add ldif file */
	fprintf(add_fd, "# %s, %s, %s\n", groupname, group_attr,
		suffix);
	fprintf(add_fd, "dn: cn=%s,ou=%s,%s\n", groupname, group_attr,
		suffix);
	fprintf(add_fd, "objectClass: posixGroup\n");
	fprintf(add_fd, "objectClass: sambaGroupMapping\n");
	fprintf(add_fd, "cn: %s\n", groupname);
	fprintf(add_fd, "gidNumber: %d\n", ldif_gid);
	fprintf(add_fd, "sambaSID: %s\n", groupmap->sambaSID);
	fprintf(add_fd, "sambaGroupType: %d\n", grouptype);
	fprintf(add_fd, "displayName: %s\n", groupname);
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Return */
	return NT_STATUS_OK;
}

static NTSTATUS fetch_account_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap,
		   	   ACCOUNTMAP *accountmap, FILE *add_fd,
			   fstring sid, char *suffix, int alloced)
{
	fstring username, homedir, logonscript, homedrive, homepath;
	fstring hex_nt_passwd, hex_lm_passwd;
	fstring description, fullname, sambaSID;
	uchar lm_passwd[16], nt_passwd[16];
	char *flags;
	const char *blank = "", *shell = "/bin/bash";
	const char* nopasswd = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
	static uchar zero_buf[16];
	uint32 rid = 0, group_rid = 0, gidNumber = 0;
	time_t unix_time;
	int i;

	/* Get the username */
	unistr2_to_ascii(username, 
			 &(delta->account_info.uni_acct_name),
			 sizeof(username)-1);

	/* Get the rid */
	rid = delta->account_info.user_rid;

	/* Map the rid and username for group member info later */
	accountmap->rid = rid;
	pstr_sprintf(accountmap->cn, "%s", username);

	/* Get the home directory */
	unistr2_to_ascii(homedir, &(delta->account_info.uni_home_dir),
			 sizeof(homedir)-1);
	if (strcmp(homedir, blank) == 0) {
		pstr_sprintf(homedir, "/home/%s", username);
	} else {
		strncpy(homepath, homedir, sizeof(homepath));
	}	

        /* Get the logon script */
        unistr2_to_ascii(logonscript, &(delta->account_info.uni_logon_script),
                        sizeof(logonscript)-1);

        /* Get the home drive */
        unistr2_to_ascii(homedrive, &(delta->account_info.uni_dir_drive),
                        sizeof(homedrive)-1);

	/* Get the description */
	unistr2_to_ascii(description, &(delta->account_info.uni_acct_desc),
			 sizeof(description)-1);
	if (strcmp(description, blank) == 0) {
		pstr_sprintf(description, "System User");
	}

	/* Get the display name */
	unistr2_to_ascii(fullname, &(delta->account_info.uni_full_name),
			 sizeof(fullname)-1);

	/* Get lm and nt password data */
	if (memcmp(delta->account_info.pass.buf_lm_pwd, zero_buf, 16) != 0) {
		sam_pwd_hash(delta->account_info.user_rid, 
			     delta->account_info.pass.buf_lm_pwd, 
			     lm_passwd, 0);
		pdb_sethexpwd(hex_lm_passwd, lm_passwd, 
			      delta->account_info.acb_info);
	} else {
		pdb_sethexpwd(hex_lm_passwd, NULL, 0);
	}
	if (memcmp(delta->account_info.pass.buf_nt_pwd, zero_buf, 16) != 0) {
		sam_pwd_hash(delta->account_info.user_rid, 
			     delta->account_info.pass.buf_nt_pwd, 
                                     nt_passwd, 0);
		pdb_sethexpwd(hex_nt_passwd, nt_passwd, 
			      delta->account_info.acb_info);
	} else {
		pdb_sethexpwd(hex_nt_passwd, NULL, 0);
	}
	unix_time = nt_time_to_unix(&(delta->account_info.pwd_last_set_time));

	/* The nobody user is entered by populate_ldap_for_ldif */
	if (strcmp(username, "nobody") == 0) {
		return NT_STATUS_OK;
	} else {
		/* Increment the uid for the new user */
		ldif_uid++;
	}

	/* Set up group id and sambaSID for the user */
	group_rid = delta->account_info.group_rid;
	for (i=0; i<alloced; i++) {
		if (groupmap[i].rid == group_rid) break;
	}
	if (i == alloced){
		DEBUG(1, ("Could not find rid %d in groupmap array\n", 
			  group_rid));
		return NT_STATUS_UNSUCCESSFUL;
	}
	gidNumber = groupmap[i].gidNumber;
	pstr_sprintf(sambaSID, groupmap[i].sambaSID);

	/* Set up sambaAcctFlags */
	flags = pdb_encode_acct_ctrl(delta->account_info.acb_info,
				     NEW_PW_FORMAT_SPACE_PADDED_LEN);

	/* Add the user to the temporary add ldif file */
	fprintf(add_fd, "# %s, %s, %s\n", username, 
		sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix);
	fprintf(add_fd, "dn: uid=%s,ou=%s,%s\n", username, 
		sstring_sub(lp_ldap_user_suffix(), '=', ','), suffix);
	fprintf(add_fd, "ObjectClass: top\n");
	fprintf(add_fd, "objectClass: inetOrgPerson\n");
	fprintf(add_fd, "objectClass: posixAccount\n");
	fprintf(add_fd, "objectClass: shadowAccount\n");
	fprintf(add_fd, "objectClass: sambaSamAccount\n");
	fprintf(add_fd, "cn: %s\n", username);
	fprintf(add_fd, "sn: %s\n", username);
	fprintf(add_fd, "uid: %s\n", username);
	fprintf(add_fd, "uidNumber: %d\n", ldif_uid);
	fprintf(add_fd, "gidNumber: %d\n", gidNumber);
	fprintf(add_fd, "homeDirectory: %s\n", homedir);
	if (strcmp(homepath, blank) != 0)
		fprintf(add_fd, "SambaHomePath: %s\n", homepath);
        if (strcmp(homedrive, blank) != 0)
                fprintf(add_fd, "SambaHomeDrive: %s\n", homedrive);
        if (strcmp(logonscript, blank) != 0)
                fprintf(add_fd, "SambaLogonScript: %s\n", logonscript);
	fprintf(add_fd, "loginShell: %s\n", shell);
	fprintf(add_fd, "gecos: System User\n");
	fprintf(add_fd, "description: %s\n", description);
	fprintf(add_fd, "sambaSID: %s-%d\n", sid, rid);
	fprintf(add_fd, "sambaPrimaryGroupSID: %s\n", sambaSID);
	if(strcmp(fullname, blank) != 0)
		fprintf(add_fd, "displayName: %s\n", fullname);
	if (strcmp(nopasswd, hex_lm_passwd) != 0)
		fprintf(add_fd, "sambaLMPassword: %s\n", hex_lm_passwd);
	if (strcmp(nopasswd, hex_nt_passwd) != 0)
		fprintf(add_fd, "sambaNTPassword: %s\n", hex_nt_passwd);
	fprintf(add_fd, "sambaPwdLastSet: %d\n", (int)unix_time);
	fprintf(add_fd, "sambaAcctFlags: %s\n", flags);
	fprintf(add_fd, "\n");
	fflush(add_fd);

	/* Return */
	return NT_STATUS_OK;
}

static NTSTATUS fetch_alias_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap,
			 FILE *add_fd, fstring sid, char *suffix, 
			 unsigned db_type)
{
	fstring aliasname, description;
	uint32 grouptype = 0, g_rid = 0;
	char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ',');

	/* Get the alias name */
	unistr2_to_ascii(aliasname, &(delta->alias_info.uni_als_name),
			 sizeof(aliasname)-1);

	/* Get the alias description */