1/* 2 * 'Guest' password backend for samba 3 * Copyright (C) Jelmer Vernooij 2002 4 * Copyright (C) Andrew Bartlett 2003 5 * 6 * This program is free software; you can redistribute it and/or modify it under 7 * the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 * This program is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program; if not, write to the Free Software Foundation, Inc., 675 18 * Mass Ave, Cambridge, MA 02139, USA. 19 */ 20 21#include "includes.h" 22 23/****************************************************************** 24 Lookup a name in the SAM database 25 ******************************************************************/ 26 27static NTSTATUS guestsam_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *sam_account, const char *sname) 28{ 29 const char *guest_account = lp_guestaccount(); 30 31 if (!sam_account || !sname) { 32 DEBUG(0,("invalid name specified")); 33 return NT_STATUS_UNSUCCESSFUL; 34 } 35 36 if (!(guest_account && *guest_account)) { 37 DEBUG(1, ("NULL guest account!?!?\n")); 38 return NT_STATUS_UNSUCCESSFUL; 39 } 40 41 if (!methods) { 42 DEBUG(0,("invalid methods\n")); 43 return NT_STATUS_UNSUCCESSFUL; 44 } 45 if (!strequal(guest_account, sname)) { 46 return NT_STATUS_NO_SUCH_USER; 47 } 48 49 pdb_fill_default_sam(sam_account); 50 51 if (!pdb_set_username(sam_account, guest_account, PDB_SET)) 52 return NT_STATUS_UNSUCCESSFUL; 53 54 if (!pdb_set_fullname(sam_account, guest_account, PDB_SET)) 55 return NT_STATUS_UNSUCCESSFUL; 56 57 if (!pdb_set_domain(sam_account, get_global_sam_name(), PDB_DEFAULT)) 58 return NT_STATUS_UNSUCCESSFUL; 59 60 if (!pdb_set_acct_ctrl(sam_account, ACB_NORMAL, PDB_DEFAULT)) 61 return NT_STATUS_UNSUCCESSFUL; 62 63 if (!pdb_set_user_sid_from_rid(sam_account, DOMAIN_USER_RID_GUEST, PDB_SET)) 64 return NT_STATUS_UNSUCCESSFUL; 65 66 if (!pdb_set_group_sid_from_rid(sam_account, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT)) 67 return NT_STATUS_UNSUCCESSFUL; 68 69 return NT_STATUS_OK; 70} 71 72 73/*************************************************************************** 74 Search by rid 75 **************************************************************************/ 76 77static NTSTATUS guestsam_getsampwrid (struct pdb_methods *methods, 78 SAM_ACCOUNT *sam_account, uint32 rid) 79{ 80 if (rid != DOMAIN_USER_RID_GUEST) { 81 return NT_STATUS_NO_SUCH_USER; 82 } 83 84 if (!sam_account) { 85 return NT_STATUS_INVALID_PARAMETER; 86 } 87 88 return guestsam_getsampwnam (methods, sam_account, lp_guestaccount()); 89} 90 91static NTSTATUS guestsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid) 92{ 93 uint32 rid; 94 if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid)) 95 return NT_STATUS_NO_SUCH_USER; 96 97 return guestsam_getsampwrid(my_methods, user, rid); 98} 99 100 101/*************************************************************************** 102 Updates a SAM_ACCOUNT 103 104 This isn't a particulary practical option for pdb_guest. We certainly don't 105 want to twidde the filesystem, so what should we do? 106 107 Current plan is to transparently add the account. It should appear 108 as if the pdb_guest version was modified, but its actually stored somehwere. 109 ****************************************************************************/ 110 111static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd) 112{ 113#if 1 /* JERRY */ 114 115 /* apparently thr build farm relies upon this heavior :-( */ 116 117 return methods->parent->pdb_add_sam_account(methods->parent, newpwd); 118#else 119 /* I don't think we should allow any modification of 120 the guest account as SID will could messed up with 121 the smbpasswd backend --jerry */ 122 123 return NT_STATUS_NOT_IMPLEMENTED; 124#endif 125} 126 127NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) 128{ 129 NTSTATUS nt_status; 130 131 if (!pdb_context) { 132 DEBUG(0, ("invalid pdb_context specified\n")); 133 return NT_STATUS_UNSUCCESSFUL; 134 } 135 136 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { 137 return nt_status; 138 } 139 140 (*pdb_method)->name = "guestsam"; 141 142 (*pdb_method)->getsampwnam = guestsam_getsampwnam; 143 (*pdb_method)->getsampwsid = guestsam_getsampwsid; 144 (*pdb_method)->update_sam_account = guestsam_update_sam_account; 145 146 /* we should do no group mapping here */ 147 (*pdb_method)->getgrsid = pdb_nop_getgrsid; 148 (*pdb_method)->getgrgid = pdb_nop_getgrgid; 149 (*pdb_method)->getgrnam = pdb_nop_getgrnam; 150 (*pdb_method)->add_group_mapping_entry = pdb_nop_add_group_mapping_entry; 151 (*pdb_method)->update_group_mapping_entry = pdb_nop_update_group_mapping_entry; 152 (*pdb_method)->delete_group_mapping_entry = pdb_nop_delete_group_mapping_entry; 153 (*pdb_method)->enum_group_mapping = pdb_nop_enum_group_mapping; 154 155 156 /* There's not very much to initialise here */ 157 return NT_STATUS_OK; 158} 159 160NTSTATUS pdb_guest_init(void) 161{ 162 return smb_register_passdb(PASSDB_INTERFACE_VERSION, "guest", pdb_init_guestsam); 163} 164 165