1/* 2 Unix SMB/CIFS implementation. 3 LDAP protocol helper functions for SAMBA 4 Copyright (C) Gerald Carter 2001-2003 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2 of the License, or 9 (at your option) any later version. 10 11 This program is distributed in the hope that it will be useful, 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 GNU General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 19 20*/ 21 22#ifndef _SMBLDAP_H 23#define _SMBLDAP_H 24 25#ifdef HAVE_LDAP 26 27/* specify schema versions between 2.2. and 3.0 */ 28 29#define SCHEMAVER_SAMBAACCOUNT 1 30#define SCHEMAVER_SAMBASAMACCOUNT 2 31 32/* objectclass names */ 33 34#define LDAP_OBJ_SAMBASAMACCOUNT "sambaSamAccount" 35#define LDAP_OBJ_SAMBAACCOUNT "sambaAccount" 36#define LDAP_OBJ_GROUPMAP "sambaGroupMapping" 37#define LDAP_OBJ_DOMINFO "sambaDomain" 38#define LDAP_OBJ_IDPOOL "sambaUnixIdPool" 39#define LDAP_OBJ_IDMAP_ENTRY "sambaIdmapEntry" 40#define LDAP_OBJ_SID_ENTRY "sambaSidEntry" 41 42#define LDAP_OBJ_ACCOUNT "account" 43#define LDAP_OBJ_POSIXACCOUNT "posixAccount" 44#define LDAP_OBJ_POSIXGROUP "posixGroup" 45#define LDAP_OBJ_OU "organizationalUnit" 46 47/* some generic attributes that get reused a lot */ 48 49#define LDAP_ATTRIBUTE_SID "sambaSID" 50#define LDAP_ATTRIBUTE_UIDNUMBER "uidNumber" 51#define LDAP_ATTRIBUTE_GIDNUMBER "gidNumber" 52#define LDAP_ATTRIBUTE_SID_LIST "sambaSIDList" 53 54/* attribute map table indexes */ 55 56#define LDAP_ATTR_LIST_END 0 57#define LDAP_ATTR_UID 1 58#define LDAP_ATTR_UIDNUMBER 2 59#define LDAP_ATTR_GIDNUMBER 3 60#define LDAP_ATTR_UNIX_HOME 4 61#define LDAP_ATTR_PWD_LAST_SET 5 62#define LDAP_ATTR_PWD_CAN_CHANGE 6 63#define LDAP_ATTR_PWD_MUST_CHANGE 7 64#define LDAP_ATTR_LOGON_TIME 8 65#define LDAP_ATTR_LOGOFF_TIME 9 66#define LDAP_ATTR_KICKOFF_TIME 10 67#define LDAP_ATTR_CN 11 68#define LDAP_ATTR_DISPLAY_NAME 12 69#define LDAP_ATTR_HOME_PATH 13 70#define LDAP_ATTR_LOGON_SCRIPT 14 71#define LDAP_ATTR_PROFILE_PATH 15 72#define LDAP_ATTR_DESC 16 73#define LDAP_ATTR_USER_WKS 17 74#define LDAP_ATTR_USER_SID 18 75#define LDAP_ATTR_USER_RID 18 76#define LDAP_ATTR_PRIMARY_GROUP_SID 19 77#define LDAP_ATTR_PRIMARY_GROUP_RID 20 78#define LDAP_ATTR_LMPW 21 79#define LDAP_ATTR_NTPW 22 80#define LDAP_ATTR_DOMAIN 23 81#define LDAP_ATTR_OBJCLASS 24 82#define LDAP_ATTR_ACB_INFO 25 83#define LDAP_ATTR_NEXT_USERRID 26 84#define LDAP_ATTR_NEXT_GROUPRID 27 85#define LDAP_ATTR_DOM_SID 28 86#define LDAP_ATTR_HOME_DRIVE 29 87#define LDAP_ATTR_GROUP_SID 30 88#define LDAP_ATTR_GROUP_TYPE 31 89#define LDAP_ATTR_SID 32 90#define LDAP_ATTR_ALGORITHMIC_RID_BASE 33 91#define LDAP_ATTR_NEXT_RID 34 92#define LDAP_ATTR_BAD_PASSWORD_COUNT 35 93#define LDAP_ATTR_LOGON_COUNT 36 94#define LDAP_ATTR_MUNGED_DIAL 37 95#define LDAP_ATTR_BAD_PASSWORD_TIME 38 96#define LDAP_ATTR_PWD_HISTORY 39 97#define LDAP_ATTR_SID_LIST 40 98#define LDAP_ATTR_MOD_TIMESTAMP 41 99#define LDAP_ATTR_LOGON_HOURS 42 100 101typedef struct _attrib_map_entry { 102 int attrib; 103 const char *name; 104} ATTRIB_MAP_ENTRY; 105 106 107/* structures */ 108 109extern ATTRIB_MAP_ENTRY attrib_map_v22[]; 110extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v22[]; 111extern ATTRIB_MAP_ENTRY attrib_map_v30[]; 112extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v30[]; 113extern ATTRIB_MAP_ENTRY dominfo_attr_list[]; 114extern ATTRIB_MAP_ENTRY groupmap_attr_list[]; 115extern ATTRIB_MAP_ENTRY groupmap_attr_list_to_delete[]; 116extern ATTRIB_MAP_ENTRY idpool_attr_list[]; 117extern ATTRIB_MAP_ENTRY sidmap_attr_list[]; 118 119/* Function declarations -- not included in proto.h so we don't 120 have to worry about LDAP structure types */ 121 122const char* get_attr_key2string( ATTRIB_MAP_ENTRY table[], int key ); 123const char** get_attr_list( ATTRIB_MAP_ENTRY table[] ); 124void free_attr_list( const char **list ); 125void smbldap_set_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value); 126void smbldap_make_mod(LDAP *ldap_struct, LDAPMessage *existing, 127 LDAPMod ***mods, 128 const char *attribute, const char *newval); 129BOOL smbldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry, 130 const char *attribute, char *value, 131 int max_len); 132BOOL smbldap_get_single_pstring (LDAP * ldap_struct, LDAPMessage * entry, 133 const char *attribute, pstring value); 134 135/** 136 * Struct to keep the state for all the ldap stuff 137 * 138 */ 139 140struct smbldap_state { 141 LDAP *ldap_struct; 142 pid_t pid; 143 time_t last_ping; 144 /* retrive-once info */ 145 const char *uri; 146 char *bind_dn; 147 char *bind_secret; 148 BOOL paged_results; 149 150 unsigned int num_failures; 151 152 time_t last_use; 153 smb_event_id_t event_id; 154 155 struct timeval last_rebind; 156}; 157 158/* struct used by both pdb_ldap.c and pdb_nds.c */ 159 160struct ldapsam_privates { 161 struct smbldap_state *smbldap_state; 162 163 /* Former statics */ 164 LDAPMessage *result; 165 LDAPMessage *entry; 166 int index; 167 168 const char *domain_name; 169 DOM_SID domain_sid; 170 171 /* configuration items */ 172 int schema_ver; 173 174 char *domain_dn; 175 176 /* Is this NDS ldap? */ 177 int is_nds_ldap; 178 179 /* ldap server location parameter */ 180 char *location; 181}; 182 183#endif /* HAVE_LDAP */ 184 185struct smbldap_state; 186 187#define LDAP_CONNECT_DEFAULT_TIMEOUT 15 188 189#endif /* _SMBLDAP_H */ 190