root/source3/include/passdb.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /* 
   2    Unix SMB/CIFS implementation.
   3    passdb structures and parameters
   4    Copyright (C) Gerald Carter 2001
   5    Copyright (C) Luke Kenneth Casson Leighton 1998 - 2000
   6    Copyright (C) Andrew Bartlett 2002
   7    Copyright (C) Simo Sorce 2003
   8    
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13    
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18    
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22 
  23 #ifndef _PASSDB_H
  24 #define _PASSDB_H
  25 
  26 /*
  27  * bit flags representing initialized fields in struct samu
  28  */
  29 enum pdb_elements {
  30         PDB_UNINIT,
  31         PDB_SMBHOME,
  32         PDB_PROFILE,
  33         PDB_DRIVE,
  34         PDB_LOGONSCRIPT,
  35         PDB_LOGONTIME,
  36         PDB_LOGOFFTIME,
  37         PDB_KICKOFFTIME,
  38         PDB_BAD_PASSWORD_TIME,
  39         PDB_CANCHANGETIME,
  40         PDB_MUSTCHANGETIME,
  41         PDB_PLAINTEXT_PW,
  42         PDB_USERNAME,
  43         PDB_FULLNAME,
  44         PDB_DOMAIN,
  45         PDB_NTUSERNAME,
  46         PDB_HOURSLEN,
  47         PDB_LOGONDIVS,
  48         PDB_USERSID,
  49         PDB_GROUPSID,
  50         PDB_ACCTCTRL,
  51         PDB_PASSLASTSET,
  52         PDB_ACCTDESC,
  53         PDB_WORKSTATIONS,
  54         PDB_COMMENT,
  55         PDB_MUNGEDDIAL,
  56         PDB_HOURS,
  57         PDB_FIELDS_PRESENT,
  58         PDB_BAD_PASSWORD_COUNT,
  59         PDB_LOGON_COUNT,
  60         PDB_UNKNOWN6,
  61         PDB_LMPASSWD,
  62         PDB_NTPASSWD,
  63         PDB_PWHISTORY,
  64         PDB_BACKEND_PRIVATE_DATA,
  65 
  66         /* this must be the last element */
  67         PDB_COUNT
  68 };
  69 
  70 enum pdb_group_elements {
  71         PDB_GROUP_NAME,
  72         PDB_GROUP_SID,
  73         PDB_GROUP_SID_NAME_USE,
  74         PDB_GROUP_MEMBERS,
  75 
  76         /* this must be the last element */
  77         PDB_GROUP_COUNT
  78 };
  79 
  80 
  81 enum pdb_value_state {
  82         PDB_DEFAULT=0,
  83         PDB_SET,
  84         PDB_CHANGED
  85 };
  86 
  87 #define IS_SAM_SET(x, flag)     (pdb_get_init_flags(x, flag) == PDB_SET)
  88 #define IS_SAM_CHANGED(x, flag) (pdb_get_init_flags(x, flag) == PDB_CHANGED)
  89 #define IS_SAM_DEFAULT(x, flag) (pdb_get_init_flags(x, flag) == PDB_DEFAULT)
  90 
  91 /* cache for bad password lockout data, to be used on replicated SAMs */
  92 typedef struct logon_cache_struct {
  93         time_t entry_timestamp;
  94         uint32 acct_ctrl;
  95         uint16 bad_password_count;
  96         time_t bad_password_time;
  97 } LOGIN_CACHE;
  98 
  99 #define SAMU_BUFFER_V0          0
 100 #define SAMU_BUFFER_V1          1
 101 #define SAMU_BUFFER_V2          2
 102 #define SAMU_BUFFER_V3          3
 103 /* nothing changed from V3 to V4 */
 104 #define SAMU_BUFFER_V4          4
 105 #define SAMU_BUFFER_LATEST      SAMU_BUFFER_V4
 106 
 107 struct samu {
 108         struct pdb_methods *methods;
 109 
 110         /* initialization flags */
 111         struct bitmap *change_flags;
 112         struct bitmap *set_flags;
 113 
 114         time_t logon_time;            /* logon time */
 115         time_t logoff_time;           /* logoff time */
 116         time_t kickoff_time;          /* kickoff time */
 117         time_t bad_password_time;     /* last bad password entered */
 118         time_t pass_last_set_time;    /* password last set time */
 119         time_t pass_can_change_time;  /* password can change time */
 120         time_t pass_must_change_time; /* password must change time */
 121                 
 122         const char *username;     /* UNIX username string */
 123         const char *domain;       /* Windows Domain name */
 124         const char *nt_username;  /* Windows username string */
 125         const char *full_name;    /* user's full name string */
 126         const char *home_dir;     /* home directory string */
 127         const char *dir_drive;    /* home directory drive string */
 128         const char *logon_script; /* logon script string */
 129         const char *profile_path; /* profile path string */
 130         const char *acct_desc;    /* user description string */
 131         const char *workstations; /* login from workstations string */
 132         const char *comment;
 133         const char *munged_dial;  /* munged path name and dial-back tel number */
 134                 
 135         DOM_SID user_sid;  
 136         DOM_SID *group_sid;
 137                 
 138         DATA_BLOB lm_pw; /* .data is Null if no password */
 139         DATA_BLOB nt_pw; /* .data is Null if no password */
 140         DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
 141         char* plaintext_pw; /* is Null if not available */
 142                 
 143         uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
 144         uint32 fields_present; /* 0x00ff ffff */
 145                 
 146         uint16 logon_divs; /* 168 - number of hours in a week */
 147         uint32 hours_len; /* normally 21 bytes */
 148         uint8 hours[MAX_HOURS_LEN];
 149         
 150         /* Was unknown_5. */
 151         uint16 bad_password_count;
 152         uint16 logon_count;
 153 
 154         uint32 unknown_6; /* 0x0000 04ec */
 155 
 156         /* a tag for who added the private methods */
 157 
 158         const struct pdb_methods *backend_private_methods;
 159         void *backend_private_data; 
 160         void (*backend_private_data_free_fn)(void **);
 161         
 162         /* maintain a copy of the user's struct passwd */
 163 
 164         struct passwd *unix_pw;
 165 };
 166 
 167 struct acct_info {
 168         fstring acct_name; /* account name */
 169         fstring acct_desc; /* account name */
 170         uint32 rid; /* domain-relative RID */
 171 };
 172 
 173 struct samr_displayentry {
 174         uint32 idx;
 175         uint32 rid;
 176         uint32 acct_flags;
 177         const char *account_name;
 178         const char *fullname;
 179         const char *description;
 180 };
 181 
 182 enum pdb_search_type {
 183         PDB_USER_SEARCH,
 184         PDB_GROUP_SEARCH,
 185         PDB_ALIAS_SEARCH
 186 };
 187 
 188 struct pdb_search {
 189         enum pdb_search_type type;
 190         struct samr_displayentry *cache;
 191         uint32 num_entries;
 192         ssize_t cache_size;
 193         bool search_ended;
 194         void *private_data;
 195         bool (*next_entry)(struct pdb_search *search,
 196                            struct samr_displayentry *entry);
 197         void (*search_end)(struct pdb_search *search);
 198 };
 199 
 200 /*****************************************************************
 201  Functions to be implemented by the new (v2) passdb API 
 202 ****************************************************************/
 203 
 204 /*
 205  * This next constant specifies the version number of the PASSDB interface
 206  * this SAMBA will load. Increment this if *ANY* changes are made to the interface. 
 207  * Changed interface to fix int -> size_t problems. JRA.
 208  * There's no point in allocating arrays in
 209  * samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
 210  * the pdb module. Remove the latter, this might happen more often. VL.
 211  * changed to version 14 to move lookup_rids and lookup_names to return
 212  * enum lsa_SidType rather than uint32.
 213  * Changed to 16 for access to the trusted domain passwords (obnox).
 214  * Changed to 17, the sampwent interface is gone.
 215  */
 216 
 217 #define PASSDB_INTERFACE_VERSION 17
 218 
 219 struct pdb_methods 
 220 {
 221         const char *name; /* What name got this module */
 222 
 223         NTSTATUS (*getsampwnam)(struct pdb_methods *, struct samu *sam_acct, const char *username);
 224         
 225         NTSTATUS (*getsampwsid)(struct pdb_methods *, struct samu *sam_acct, const DOM_SID *sid);
 226 
 227         NTSTATUS (*create_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
 228                                 const char *name, uint32 acct_flags,
 229                                 uint32 *rid);
 230 
 231         NTSTATUS (*delete_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
 232                                 struct samu *sam_acct);
 233         
 234         NTSTATUS (*add_sam_account)(struct pdb_methods *, struct samu *sampass);
 235         
 236         NTSTATUS (*update_sam_account)(struct pdb_methods *, struct samu *sampass);
 237         
 238         NTSTATUS (*delete_sam_account)(struct pdb_methods *, struct samu *username);
 239         
 240         NTSTATUS (*rename_sam_account)(struct pdb_methods *, struct samu *oldname, const char *newname);
 241         
 242         NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, bool success);
 243 
 244         NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
 245 
 246         NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid);
 247 
 248         NTSTATUS (*getgrnam)(struct pdb_methods *methods, GROUP_MAP *map, const char *name);
 249 
 250         NTSTATUS (*create_dom_group)(struct pdb_methods *methods,
 251                                      TALLOC_CTX *mem_ctx, const char *name,
 252                                      uint32 *rid);
 253 
 254         NTSTATUS (*delete_dom_group)(struct pdb_methods *methods,
 255                                      TALLOC_CTX *mem_ctx, uint32 rid);
 256 
 257         NTSTATUS (*add_group_mapping_entry)(struct pdb_methods *methods,
 258                                             GROUP_MAP *map);
 259 
 260         NTSTATUS (*update_group_mapping_entry)(struct pdb_methods *methods,
 261                                                GROUP_MAP *map);
 262 
 263         NTSTATUS (*delete_group_mapping_entry)(struct pdb_methods *methods,
 264                                                DOM_SID sid);
 265 
 266         NTSTATUS (*enum_group_mapping)(struct pdb_methods *methods,
 267                                        const DOM_SID *sid, enum lsa_SidType sid_name_use,
 268                                        GROUP_MAP **pp_rmap, size_t *p_num_entries,
 269                                        bool unix_only);
 270 
 271         NTSTATUS (*enum_group_members)(struct pdb_methods *methods,
 272                                        TALLOC_CTX *mem_ctx,
 273                                        const DOM_SID *group,
 274                                        uint32 **pp_member_rids,
 275                                        size_t *p_num_members);
 276 
 277         NTSTATUS (*enum_group_memberships)(struct pdb_methods *methods,
 278                                            TALLOC_CTX *mem_ctx,
 279                                            struct samu *user,
 280                                            DOM_SID **pp_sids, gid_t **pp_gids,
 281                                            size_t *p_num_groups);
 282 
 283         NTSTATUS (*set_unix_primary_group)(struct pdb_methods *methods,
 284                                            TALLOC_CTX *mem_ctx,
 285                                            struct samu *user);
 286 
 287         NTSTATUS (*add_groupmem)(struct pdb_methods *methods,
 288                                  TALLOC_CTX *mem_ctx,
 289                                  uint32 group_rid, uint32 member_rid);
 290 
 291         NTSTATUS (*del_groupmem)(struct pdb_methods *methods,
 292                                  TALLOC_CTX *mem_ctx,
 293                                  uint32 group_rid, uint32 member_rid);
 294 
 295         NTSTATUS (*create_alias)(struct pdb_methods *methods,
 296                                  const char *name, uint32 *rid);
 297 
 298         NTSTATUS (*delete_alias)(struct pdb_methods *methods,
 299                                  const DOM_SID *sid);
 300 
 301         NTSTATUS (*get_aliasinfo)(struct pdb_methods *methods,
 302                                   const DOM_SID *sid,
 303                                   struct acct_info *info);
 304 
 305         NTSTATUS (*set_aliasinfo)(struct pdb_methods *methods,
 306                                   const DOM_SID *sid,
 307                                   struct acct_info *info);
 308 
 309         NTSTATUS (*add_aliasmem)(struct pdb_methods *methods,
 310                                  const DOM_SID *alias, const DOM_SID *member);
 311         NTSTATUS (*del_aliasmem)(struct pdb_methods *methods,
 312                                  const DOM_SID *alias, const DOM_SID *member);
 313         NTSTATUS (*enum_aliasmem)(struct pdb_methods *methods,
 314                                   const DOM_SID *alias, DOM_SID **members,
 315                                   size_t *p_num_members);
 316         NTSTATUS (*enum_alias_memberships)(struct pdb_methods *methods,
 317                                            TALLOC_CTX *mem_ctx,
 318                                            const DOM_SID *domain_sid,
 319                                            const DOM_SID *members,
 320                                            size_t num_members,
 321                                            uint32 **pp_alias_rids,
 322                                            size_t *p_num_alias_rids);
 323 
 324         NTSTATUS (*lookup_rids)(struct pdb_methods *methods,
 325                                 const DOM_SID *domain_sid,
 326                                 int num_rids,
 327                                 uint32 *rids,
 328                                 const char **pp_names,
 329                                 enum lsa_SidType *attrs);
 330 
 331         NTSTATUS (*lookup_names)(struct pdb_methods *methods,
 332                                  const DOM_SID *domain_sid,
 333                                  int num_names,
 334                                  const char **pp_names,
 335                                  uint32 *rids,
 336                                  enum lsa_SidType *attrs);
 337 
 338         NTSTATUS (*get_account_policy)(struct pdb_methods *methods,
 339                                        int policy_index, uint32 *value);
 340 
 341         NTSTATUS (*set_account_policy)(struct pdb_methods *methods,
 342                                        int policy_index, uint32 value);
 343 
 344         NTSTATUS (*get_seq_num)(struct pdb_methods *methods, time_t *seq_num);
 345 
 346         bool (*search_users)(struct pdb_methods *methods,
 347                              struct pdb_search *search,
 348                              uint32 acct_flags);
 349         bool (*search_groups)(struct pdb_methods *methods,
 350                               struct pdb_search *search);
 351         bool (*search_aliases)(struct pdb_methods *methods,
 352                                struct pdb_search *search,
 353                                const DOM_SID *sid);
 354 
 355         bool (*uid_to_rid)(struct pdb_methods *methods, uid_t uid,
 356                            uint32 *rid);
 357         bool (*uid_to_sid)(struct pdb_methods *methods, uid_t uid,
 358                            DOM_SID *sid);
 359         bool (*gid_to_sid)(struct pdb_methods *methods, gid_t gid,
 360                            DOM_SID *sid);
 361         bool (*sid_to_id)(struct pdb_methods *methods, const DOM_SID *sid,
 362                           union unid_t *id, enum lsa_SidType *type);
 363 
 364         bool (*rid_algorithm)(struct pdb_methods *methods);
 365         bool (*new_rid)(struct pdb_methods *methods, uint32 *rid);
 366 
 367 
 368         bool (*get_trusteddom_pw)(struct pdb_methods *methods,
 369                                   const char *domain, char** pwd, 
 370                                   DOM_SID *sid, time_t *pass_last_set_time);
 371         bool (*set_trusteddom_pw)(struct pdb_methods *methods, 
 372                                   const char* domain, const char* pwd,
 373                                   const DOM_SID *sid);
 374         bool (*del_trusteddom_pw)(struct pdb_methods *methods, 
 375                                   const char *domain);
 376         NTSTATUS (*enum_trusteddoms)(struct pdb_methods *methods,
 377                                      TALLOC_CTX *mem_ctx, uint32 *num_domains,
 378                                      struct trustdom_info ***domains);
 379 
 380         void *private_data;  /* Private data of some kind */
 381         
 382         void (*free_private_data)(void **);
 383 };
 384 
 385 typedef NTSTATUS (*pdb_init_function)(struct pdb_methods **, const char *);
 386 
 387 struct pdb_init_function_entry {
 388         const char *name;
 389 
 390         /* Function to create a member of the pdb_methods list */
 391         pdb_init_function init;
 392 
 393         struct pdb_init_function_entry *prev, *next;
 394 };
 395 
 396 #endif /* _PASSDB_H */

/* [<][>][^][v][top][bottom][index][help] */