54 #define CTX2LP(context) ((LDAP *)((context)->ldap_conn))
55 #define CTX2BASE(context) ((context)->base_dn)
226 check_ldap(kadm5_ad_context *context, int ret)
232 	LDAP *lp = CTX2LP(context);
234 	context->ldap_conn = NULL;
235 	free(context->base_dn);
236 	context->base_dn = NULL;
264     kadm5_ad_context *context = server_handle;
271     if (context->ldap_conn)
279 	asprintf(&domain, "_ldap._tcp.%s", context->realm);
281 	    krb5_set_error_message(context->context, KADM5_NO_SRV, "malloc");
288 	    krb5_set_error_message(context->context, KADM5_NO_SRV, "Didn't find ldap dns");
297 		krb5_set_error_message(context->context, KADM5_RPC_ERROR, "malloc");
310 	krb5_set_error_message(context->context, KADM5_NO_SRV, "No AD server found in DNS");
341 	    krb5_set_error_message(context->context, 0,
348 	context->ldap_conn = lp;
364 	ret = ldap_search_s(CTX2LP(context), "", LDAP_SCOPE_BASE,
367 	if (check_ldap(context, ret))
370 	if (ldap_count_entries(CTX2LP(context), m) > 0) {
371 	    m0 = ldap_first_entry(CTX2LP(context), m);
373 		krb5_set_error_message(context->context, KADM5_RPC_ERROR,
378 	    vals = ldap_get_values(CTX2LP(context),
381 		krb5_set_error_message(context->context, KADM5_RPC_ERROR,
382 				       "No naming context found");
385 	    context->base_dn = strdup(vals[0]);
402     if (context->ldap_conn) {
403 	ldap_unbind(CTX2LP(context));
404 	context->ldap_conn = NULL;
433 ad_find_entry(kadm5_ad_context *context,
455     ret = ldap_search_s(CTX2LP(context), CTX2BASE(context),
459     if (check_ldap(context, ret))
462     if (ldap_count_entries(CTX2LP(context), m) > 0) {
464 	m0 = ldap_first_entry(CTX2LP(context), m);
465 	vals = ldap_get_values(CTX2LP(context), m0, "distinguishedName");
482 ad_get_cred(kadm5_ad_context *context, const char *password)
488     if (context->ccache)
492 	     context->realm, context->realm);
496     ret = _kadm5_c_get_cred_cache(context->context,
497 				  context->client_name,
504     context->ccache = cc;
513     kadm5_ad_context *context = server_handle;
518     ret = ad_get_cred(context, NULL);
525     ret = krb5_set_password_using_ccache (context->context,
526 					  context->ccache,
543 get_fqdn(krb5_context context, const krb5_principal p)
548     s = krb5_principal_get_comp_string(context, p, 0);
554 	    return krb5_principal_get_comp_string(context, p, 1);
567     kadm5_ad_context *context = server_handle;
594     ret = ad_get_cred(context, NULL);
602     fqdn = get_fqdn(context->context, entry->principal);
604     ret = krb5_unparse_name(context->context, entry->principal, &p);
608     if (ad_find_entry(context, fqdn, p, NULL) == 0) {
670 	asprintf(&dn, "cn=%s, cn=Computers, %s", fqdn, CTX2BASE(context));
771     ret = ldap_add_s(CTX2LP(context), dn, attrs);
786     if (check_ldap(context, ret))
791     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
799     kadm5_ad_context *context = server_handle;
805     ret = ad_get_cred(context, NULL);
813     fqdn = get_fqdn(context->context, principal);
815     ret = krb5_unparse_name(context->context, principal, &p);
819     if (ad_find_entry(context, fqdn, p, &dn) != 0) {
824     ret = ldap_delete_s(CTX2LP(context), dn);
829     if (check_ldap(context, ret))
833     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
841     kadm5_ad_context *context = server_handle;
843     if (context->ccache)
844 	krb5_cc_destroy(context->context, context->ccache);
848 	LDAP *lp = CTX2LP(context);
851 	if (context->base_dn)
852 	    free(context->base_dn);
855     free(context->realm);
856     free(context->client_name);
857     krb5_free_principal(context->context, context->caller);
858     if(context->my_context)
859 	krb5_free_context(context->context);
866     kadm5_ad_context *context = server_handle;
867     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
877     kadm5_ad_context *context = server_handle;
911     krb5_unparse_name_short(context->context, principal, &p);
912     krb5_unparse_name(context->context, principal, &u);
925     ret = ldap_search_s(CTX2LP(context), CTX2BASE(context),
929     if (check_ldap(context, ret))
932     if (ldap_count_entries(CTX2LP(context), m) > 0) {
934 	m0 = ldap_first_entry(CTX2LP(context), m);
940 	vals = ldap_get_values(CTX2LP(context), m0, "servicePrincipalName");
943 	vals = ldap_get_values(CTX2LP(context), m0, "userPrincipalName");
946 	vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl");
952 	    vals = ldap_get_values(CTX2LP(context), m0, "accountExpires");
958 	    vals = ldap_get_values(CTX2LP(context), m0, "lastLogon");
963 	    vals = ldap_get_values(CTX2LP(context), m0, "badPasswordTime");
968 	    vals = ldap_get_values(CTX2LP(context), m0, "pwdLastSet");
973 	    vals = ldap_get_values(CTX2LP(context), m0, "badPwdCount");
978 	    vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl");
993 	    vals = ldap_get_values(CTX2LP(context), m0,
1006 	krb5_copy_principal(context->context, principal, &entry->principal);
1012     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1023     kadm5_ad_context *context = server_handle;
1032     ret = ad_get_cred(context, NULL);
1040     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1043     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1051     kadm5_ad_context *context = server_handle;
1052     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1061     kadm5_ad_context *context = server_handle;
1099     krb5_unparse_name(context->context, entry->principal, &p);
1113     ret = ldap_search_s(CTX2LP(context), CTX2BASE(context),
1118     if (check_ldap(context, ret))
1121     if (ldap_count_entries(CTX2LP(context), m) <= 0) {
1126     m0 = ldap_first_entry(CTX2LP(context), m);
1131 	vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl");
1167 	vals = ldap_get_values(CTX2LP(context), m0, "msDS-KeyVersionNumber");
1182 	vals = ldap_get_values(CTX2LP(context), m0, "accountExpires");
1198     vals = ldap_get_values(CTX2LP(context), m0, "distinguishedName");
1207     ret = ldap_modify_s(CTX2LP(context), dn, attrs);
1208     if (check_ldap(context, ret))
1222     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1233     kadm5_ad_context *context = server_handle;
1256     ret = ad_get_cred(context, NULL);
1265     ret = krb5_set_password_using_ccache (context->context,
1266 					  context->ccache,
1285 	ret = krb5_string_to_key(context->context,
1306     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1316     kadm5_ad_context *context = server_handle;
1317     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1327     kadm5_ad_context *context = server_handle;
1328     krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented");
1351 kadm5_ad_init_with_password_ctx(krb5_context context,
1369     ctx->context = context;
1370     krb5_add_et_list (context, initialize_kadm5_error_table_r);
1372     ret = krb5_parse_name(ctx->context, client_name, &ctx->caller);
1384 	ret = krb5_get_default_realm(ctx->context, &ctx->realm);
1422     krb5_context context;
1426     ret = krb5_init_context(&context);
1429     ret = kadm5_ad_init_with_password_ctx(context,
1438 	krb5_free_context(context);

Indexes created Sat Sep 07 21:54:46 MDT 2024