1/* 2 Unix SMB/CIFS implementation. 3 ads (active directory) utility library 4 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2 of the License, or 9 (at your option) any later version. 10 11 This program is distributed in the hope that it will be useful, 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 GNU General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 19*/ 20 21#include "includes.h" 22 23#ifdef HAVE_ADS 24 25/* 26 find a user account 27*/ 28 ADS_STATUS ads_find_user_acct(ADS_STRUCT *ads, LDAPMessage **res, 29 const char *user) 30{ 31 ADS_STATUS status; 32 char *ldap_exp; 33 const char *attrs[] = {"*", NULL}; 34 char *escaped_user = escape_ldap_string_alloc(user); 35 if (!escaped_user) { 36 return ADS_ERROR(LDAP_NO_MEMORY); 37 } 38 39 asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user); 40 status = ads_search(ads, res, ldap_exp, attrs); 41 SAFE_FREE(ldap_exp); 42 SAFE_FREE(escaped_user); 43 return status; 44} 45 46ADS_STATUS ads_add_user_acct(ADS_STRUCT *ads, const char *user, 47 const char *container, const char *fullname) 48{ 49 TALLOC_CTX *ctx; 50 ADS_MODLIST mods; 51 ADS_STATUS status; 52 const char *upn, *new_dn, *name, *controlstr; 53 char *name_escaped = NULL; 54 const char *objectClass[] = {"top", "person", "organizationalPerson", 55 "user", NULL}; 56 57 if (fullname && *fullname) name = fullname; 58 else name = user; 59 60 if (!(ctx = talloc_init("ads_add_user_acct"))) 61 return ADS_ERROR(LDAP_NO_MEMORY); 62 63 status = ADS_ERROR(LDAP_NO_MEMORY); 64 65 if (!(upn = talloc_asprintf(ctx, "%s@%s", user, ads->config.realm))) 66 goto done; 67 if (!(name_escaped = escape_rdn_val_string_alloc(name))) 68 goto done; 69 if (!(new_dn = talloc_asprintf(ctx, "cn=%s,%s,%s", name_escaped, container, 70 ads->config.bind_path))) 71 goto done; 72 if (!(controlstr = talloc_asprintf(ctx, "%u", (UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE)))) 73 goto done; 74 if (!(mods = ads_init_mods(ctx))) 75 goto done; 76 77 ads_mod_str(ctx, &mods, "cn", name); 78 ads_mod_strlist(ctx, &mods, "objectClass", objectClass); 79 ads_mod_str(ctx, &mods, "userPrincipalName", upn); 80 ads_mod_str(ctx, &mods, "name", name); 81 ads_mod_str(ctx, &mods, "displayName", name); 82 ads_mod_str(ctx, &mods, "sAMAccountName", user); 83 ads_mod_str(ctx, &mods, "userAccountControl", controlstr); 84 status = ads_gen_add(ads, new_dn, mods); 85 86 done: 87 SAFE_FREE(name_escaped); 88 talloc_destroy(ctx); 89 return status; 90} 91 92ADS_STATUS ads_add_group_acct(ADS_STRUCT *ads, const char *group, 93 const char *container, const char *comment) 94{ 95 TALLOC_CTX *ctx; 96 ADS_MODLIST mods; 97 ADS_STATUS status; 98 char *new_dn; 99 char *name_escaped = NULL; 100 const char *objectClass[] = {"top", "group", NULL}; 101 102 if (!(ctx = talloc_init("ads_add_group_acct"))) 103 return ADS_ERROR(LDAP_NO_MEMORY); 104 105 status = ADS_ERROR(LDAP_NO_MEMORY); 106 107 if (!(name_escaped = escape_rdn_val_string_alloc(group))) 108 goto done; 109 if (!(new_dn = talloc_asprintf(ctx, "cn=%s,%s,%s", name_escaped, container, 110 ads->config.bind_path))) 111 goto done; 112 if (!(mods = ads_init_mods(ctx))) 113 goto done; 114 115 ads_mod_str(ctx, &mods, "cn", group); 116 ads_mod_strlist(ctx, &mods, "objectClass",objectClass); 117 ads_mod_str(ctx, &mods, "name", group); 118 if (comment && *comment) 119 ads_mod_str(ctx, &mods, "description", comment); 120 ads_mod_str(ctx, &mods, "sAMAccountName", group); 121 status = ads_gen_add(ads, new_dn, mods); 122 123 done: 124 SAFE_FREE(name_escaped); 125 talloc_destroy(ctx); 126 return status; 127} 128#endif 129