1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25#ifndef _IDMAP_CONFIG_H 26#define _IDMAP_CONFIG_H 27 28 29#include "idmap.h" 30#include "addisc.h" 31#include <libscf.h> 32#include <synch.h> 33 34#ifdef __cplusplus 35extern "C" { 36#endif 37 38#define MAX_POLICY_SIZE 1023 39 40#define DIRECTORY_MAPPING_NONE 0 41#define DIRECTORY_MAPPING_NAME 1 42#define DIRECTORY_MAPPING_IDMU 2 43 44struct enum_lookup_map { 45 int value; 46 char *string; 47}; 48 49extern struct enum_lookup_map directory_mapping_map[]; 50extern const char *enum_lookup(int value, struct enum_lookup_map *map); 51 52/* SMF and auto-discovery context handles */ 53typedef struct idmap_cfg_handles { 54 pthread_mutex_t mutex; 55 scf_handle_t *main; 56 scf_instance_t *instance; 57 scf_service_t *service; 58 scf_propertygroup_t *config_pg; 59 scf_propertygroup_t *debug_pg; 60 ad_disc_t ad_ctx; 61} idmap_cfg_handles_t; 62 63/* 64 * This structure stores AD and AD-related configuration 65 */ 66typedef struct idmap_trustedforest { 67 char *forest_name; 68 idmap_ad_disc_ds_t 69 *global_catalog; /* global catalog hosts */ 70 ad_disc_domainsinforest_t 71 *domains_in_forest; 72} idmap_trustedforest_t; 73 74 75typedef struct idmap_pg_config { 76 uint64_t list_size_limit; 77 char *machine_sid; /* machine sid */ 78 char *default_domain; /* default domain name */ 79 char *domain_name; /* AD domain name */ 80 boolean_t domain_name_auto_disc; 81 idmap_ad_disc_ds_t 82 *domain_controller; /* domain controller hosts */ 83 boolean_t domain_controller_auto_disc; 84 char *forest_name; /* forest name */ 85 boolean_t forest_name_auto_disc; 86 char *site_name; /* site name */ 87 boolean_t site_name_auto_disc; 88 idmap_ad_disc_ds_t 89 *global_catalog; /* global catalog hosts */ 90 boolean_t global_catalog_auto_disc; 91 ad_disc_domainsinforest_t 92 *domains_in_forest; 93 ad_disc_trusteddomains_t 94 *trusted_domains; /* Trusted Domains */ 95 int num_trusted_forests; 96 idmap_trustedforest_t 97 *trusted_forests; /* Array of trusted forests */ 98 99 /* 100 * Following properties are associated with directory-based 101 * name-mappings. 102 */ 103 char *ad_unixuser_attr; 104 char *ad_unixgroup_attr; 105 char *nldap_winname_attr; 106 int directory_based_mapping; /* enum */ 107 boolean_t eph_map_unres_sids; 108 boolean_t use_lsa; 109 boolean_t disable_cross_forest_trusts; 110} idmap_pg_config_t; 111 112typedef struct idmap_cfg { 113 idmap_pg_config_t pgcfg; /* live AD/ID mapping config */ 114 idmap_cfg_handles_t handles; 115 int initialized; 116} idmap_cfg_t; 117 118 119extern void idmap_cfg_unload(idmap_pg_config_t *); 120extern int idmap_cfg_load(idmap_cfg_t *, int); 121extern idmap_cfg_t *idmap_cfg_init(void); 122extern int idmap_cfg_fini(idmap_cfg_t *); 123extern int idmap_cfg_upgrade(idmap_cfg_t *); 124extern int idmap_cfg_start_updates(void); 125extern void idmap_cfg_poke_updates(void); 126extern void idmap_cfg_hup_handler(int); 127 128#define CFG_DISCOVER 0x1 129#define CFG_LOG 0x2 130 131#ifdef __cplusplus 132} 133#endif 134 135#endif /* _IDMAP_CONFIG_H */ 136