Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

source: vendor/3.5.4/source3/include/passdb.h

Visit:

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago
Samba 3.5.0: Initial import
File size: 13.1 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	passdb structures and parameters
4	Copyright (C) Gerald Carter 2001
5	Copyright (C) Luke Kenneth Casson Leighton 1998 - 2000
6	Copyright (C) Andrew Bartlett 2002
7	Copyright (C) Simo Sorce 2003
8
9	This program is free software; you can redistribute it and/or modify
10	it under the terms of the GNU General Public License as published by
11	the Free Software Foundation; either version 3 of the License, or
12	(at your option) any later version.
13
14	This program is distributed in the hope that it will be useful,
15	but WITHOUT ANY WARRANTY; without even the implied warranty of
16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	GNU General Public License for more details.
18
19	You should have received a copy of the GNU General Public License
20	along with this program. If not, see <http://www.gnu.org/licenses/>.
21	*/
22
23	#ifndef _PASSDB_H
24	#define _PASSDB_H
25
26	/**********************************************************************
27	* Masks for mappings between unix uid and gid types and
28	* NT RIDS.
29	**********************************************************************/
30
31	#define BASE_RID (0x000003E8L)
32
33	/* Take the bottom bit. */
34	#define RID_TYPE_MASK 1
35	#define RID_MULTIPLIER 2
36
37	/* The two common types. */
38	#define USER_RID_TYPE 0
39	#define GROUP_RID_TYPE 1
40
41	/*
42	* bit flags representing initialized fields in struct samu
43	*/
44	enum pdb_elements {
45	PDB_UNINIT,
46	PDB_SMBHOME,
47	PDB_PROFILE,
48	PDB_DRIVE,
49	PDB_LOGONSCRIPT,
50	PDB_LOGONTIME,
51	PDB_LOGOFFTIME,
52	PDB_KICKOFFTIME,
53	PDB_BAD_PASSWORD_TIME,
54	PDB_CANCHANGETIME,
55	PDB_MUSTCHANGETIME,
56	PDB_PLAINTEXT_PW,
57	PDB_USERNAME,
58	PDB_FULLNAME,
59	PDB_DOMAIN,
60	PDB_NTUSERNAME,
61	PDB_HOURSLEN,
62	PDB_LOGONDIVS,
63	PDB_USERSID,
64	PDB_GROUPSID,
65	PDB_ACCTCTRL,
66	PDB_PASSLASTSET,
67	PDB_ACCTDESC,
68	PDB_WORKSTATIONS,
69	PDB_COMMENT,
70	PDB_MUNGEDDIAL,
71	PDB_HOURS,
72	PDB_FIELDS_PRESENT,
73	PDB_BAD_PASSWORD_COUNT,
74	PDB_LOGON_COUNT,
75	PDB_UNKNOWN6,
76	PDB_LMPASSWD,
77	PDB_NTPASSWD,
78	PDB_PWHISTORY,
79	PDB_BACKEND_PRIVATE_DATA,
80
81	/* this must be the last element */
82	PDB_COUNT
83	};
84
85	enum pdb_group_elements {
86	PDB_GROUP_NAME,
87	PDB_GROUP_SID,
88	PDB_GROUP_SID_NAME_USE,
89	PDB_GROUP_MEMBERS,
90
91	/* this must be the last element */
92	PDB_GROUP_COUNT
93	};
94
95
96	enum pdb_value_state {
97	PDB_DEFAULT=0,
98	PDB_SET,
99	PDB_CHANGED
100	};
101
102	#define IS_SAM_SET(x, flag) (pdb_get_init_flags(x, flag) == PDB_SET)
103	#define IS_SAM_CHANGED(x, flag) (pdb_get_init_flags(x, flag) == PDB_CHANGED)
104	#define IS_SAM_DEFAULT(x, flag) (pdb_get_init_flags(x, flag) == PDB_DEFAULT)
105
106	/* cache for bad password lockout data, to be used on replicated SAMs */
107	typedef struct logon_cache_struct {
108	time_t entry_timestamp;
109	uint32 acct_ctrl;
110	uint16 bad_password_count;
111	time_t bad_password_time;
112	} LOGIN_CACHE;
113
114	#define SAMU_BUFFER_V0 0
115	#define SAMU_BUFFER_V1 1
116	#define SAMU_BUFFER_V2 2
117	#define SAMU_BUFFER_V3 3
118	/* nothing changed from V3 to V4 */
119	#define SAMU_BUFFER_V4 4
120	#define SAMU_BUFFER_LATEST SAMU_BUFFER_V4
121
122	struct samu {
123	struct pdb_methods *methods;
124
125	/* initialization flags */
126	struct bitmap *change_flags;
127	struct bitmap *set_flags;
128
129	time_t logon_time; /* logon time */
130	time_t logoff_time; /* logoff time */
131	time_t kickoff_time; /* kickoff time */
132	time_t bad_password_time; /* last bad password entered */
133	time_t pass_last_set_time; /* password last set time */
134	time_t pass_can_change_time; /* password can change time */
135	time_t pass_must_change_time; /* password must change time */
136
137	const char username; / UNIX username string */
138	const char domain; / Windows Domain name */
139	const char nt_username; / Windows username string */
140	const char full_name; / user's full name string */
141	const char home_dir; / home directory string */
142	const char dir_drive; / home directory drive string */
143	const char logon_script; / logon script string */
144	const char profile_path; / profile path string */
145	const char acct_desc; / user description string */
146	const char workstations; / login from workstations string */
147	const char *comment;
148	const char munged_dial; / munged path name and dial-back tel number */
149
150	DOM_SID user_sid;
151	DOM_SID *group_sid;
152
153	DATA_BLOB lm_pw; /* .data is Null if no password */
154	DATA_BLOB nt_pw; /* .data is Null if no password */
155	DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
156	char* plaintext_pw; /* is Null if not available */
157
158	uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
159	uint32 fields_present; /* 0x00ff ffff */
160
161	uint16 logon_divs; /* 168 - number of hours in a week */
162	uint32 hours_len; /* normally 21 bytes */
163	uint8 hours[MAX_HOURS_LEN];
164
165	/* Was unknown_5. */
166	uint16 bad_password_count;
167	uint16 logon_count;
168
169	uint32 unknown_6; /* 0x0000 04ec */
170
171	/* a tag for who added the private methods */
172
173	const struct pdb_methods *backend_private_methods;
174	void *backend_private_data;
175	void (backend_private_data_free_fn)(void *);
176
177	/* maintain a copy of the user's struct passwd */
178
179	struct passwd *unix_pw;
180	};
181
182	struct acct_info {
183	fstring acct_name; /* account name */
184	fstring acct_desc; /* account name */
185	uint32 rid; /* domain-relative RID */
186	};
187
188	struct samr_displayentry {
189	uint32 idx;
190	uint32 rid;
191	uint32 acct_flags;
192	const char *account_name;
193	const char *fullname;
194	const char *description;
195	};
196
197	enum pdb_search_type {
198	PDB_USER_SEARCH,
199	PDB_GROUP_SEARCH,
200	PDB_ALIAS_SEARCH
201	};
202
203	struct pdb_search {
204	enum pdb_search_type type;
205	struct samr_displayentry *cache;
206	uint32 num_entries;
207	ssize_t cache_size;
208	bool search_ended;
209	void *private_data;
210	bool (next_entry)(struct pdb_search search,
211	struct samr_displayentry *entry);
212	void (search_end)(struct pdb_search search);
213	};
214
215	struct pdb_domain_info {
216	char *name;
217	char *dns_domain;
218	char *dns_forest;
219	struct dom_sid sid;
220	struct GUID guid;
221	};
222
223	/*
224	* Types of account policy.
225	*/
226	enum pdb_policy_type {
227	PDB_POLICY_MIN_PASSWORD_LEN = 1,
228	PDB_POLICY_PASSWORD_HISTORY = 2,
229	PDB_POLICY_USER_MUST_LOGON_TO_CHG_PASS = 3,
230	PDB_POLICY_MAX_PASSWORD_AGE = 4,
231	PDB_POLICY_MIN_PASSWORD_AGE = 5,
232	PDB_POLICY_LOCK_ACCOUNT_DURATION = 6,
233	PDB_POLICY_RESET_COUNT_TIME = 7,
234	PDB_POLICY_BAD_ATTEMPT_LOCKOUT = 8,
235	PDB_POLICY_TIME_TO_LOGOUT = 9,
236	PDB_POLICY_REFUSE_MACHINE_PW_CHANGE = 10
237	};
238
239	#define PDB_CAP_STORE_RIDS 0x0001
240	#define PDB_CAP_ADS 0x0002
241
242	/*****************************************************************
243	Functions to be implemented by the new (v2) passdb API
244	****************************************************************/
245
246	/*
247	* This next constant specifies the version number of the PASSDB interface
248	* this SAMBA will load. Increment this if ANY changes are made to the interface.
249	* Changed interface to fix int -> size_t problems. JRA.
250	* There's no point in allocating arrays in
251	* samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
252	* the pdb module. Remove the latter, this might happen more often. VL.
253	* changed to version 14 to move lookup_rids and lookup_names to return
254	* enum lsa_SidType rather than uint32.
255	* Changed to 16 for access to the trusted domain passwords (obnox).
256	* Changed to 17, the sampwent interface is gone.
257	* Changed to 18, pdb_rid_algorithm -> pdb_capabilities
258	* Changed to 19, removed uid_to_rid
259	*/
260
261	#define PASSDB_INTERFACE_VERSION 19
262
263	struct pdb_methods
264	{
265	const char name; / What name got this module */
266
267	struct pdb_domain_info (get_domain_info)(struct pdb_methods *,
268	TALLOC_CTX *mem_ctx);
269
270	NTSTATUS (getsampwnam)(struct pdb_methods , struct samu sam_acct, const char username);
271
272	NTSTATUS (getsampwsid)(struct pdb_methods , struct samu sam_acct, const DOM_SID sid);
273
274	NTSTATUS (create_user)(struct pdb_methods , TALLOC_CTX *tmp_ctx,
275	const char *name, uint32 acct_flags,
276	uint32 *rid);
277
278	NTSTATUS (delete_user)(struct pdb_methods , TALLOC_CTX *tmp_ctx,
279	struct samu *sam_acct);
280
281	NTSTATUS (add_sam_account)(struct pdb_methods , struct samu *sampass);
282
283	NTSTATUS (update_sam_account)(struct pdb_methods , struct samu *sampass);
284
285	NTSTATUS (delete_sam_account)(struct pdb_methods , struct samu *username);
286
287	NTSTATUS (rename_sam_account)(struct pdb_methods , struct samu oldname, const char newname);
288
289	NTSTATUS (update_login_attempts)(struct pdb_methods methods, struct samu *sam_acct, bool success);
290
291	NTSTATUS (getgrsid)(struct pdb_methods methods, GROUP_MAP *map, DOM_SID sid);
292
293	NTSTATUS (getgrgid)(struct pdb_methods methods, GROUP_MAP *map, gid_t gid);
294
295	NTSTATUS (getgrnam)(struct pdb_methods methods, GROUP_MAP map, const char name);
296
297	NTSTATUS (create_dom_group)(struct pdb_methods methods,
298	TALLOC_CTX mem_ctx, const char name,
299	uint32 *rid);
300
301	NTSTATUS (delete_dom_group)(struct pdb_methods methods,
302	TALLOC_CTX *mem_ctx, uint32 rid);
303
304	NTSTATUS (add_group_mapping_entry)(struct pdb_methods methods,
305	GROUP_MAP *map);
306
307	NTSTATUS (update_group_mapping_entry)(struct pdb_methods methods,
308	GROUP_MAP *map);
309
310	NTSTATUS (delete_group_mapping_entry)(struct pdb_methods methods,
311	DOM_SID sid);
312
313	NTSTATUS (enum_group_mapping)(struct pdb_methods methods,
314	const DOM_SID *sid, enum lsa_SidType sid_name_use,
315	GROUP_MAP *pp_rmap, size_t p_num_entries,
316	bool unix_only);
317
318	NTSTATUS (enum_group_members)(struct pdb_methods methods,
319	TALLOC_CTX *mem_ctx,
320	const DOM_SID *group,
321	uint32 **pp_member_rids,
322	size_t *p_num_members);
323
324	NTSTATUS (enum_group_memberships)(struct pdb_methods methods,
325	TALLOC_CTX *mem_ctx,
326	struct samu *user,
327	DOM_SID pp_sids, gid_t pp_gids,
328	size_t *p_num_groups);
329
330	NTSTATUS (set_unix_primary_group)(struct pdb_methods methods,
331	TALLOC_CTX *mem_ctx,
332	struct samu *user);
333
334	NTSTATUS (add_groupmem)(struct pdb_methods methods,
335	TALLOC_CTX *mem_ctx,
336	uint32 group_rid, uint32 member_rid);
337
338	NTSTATUS (del_groupmem)(struct pdb_methods methods,
339	TALLOC_CTX *mem_ctx,
340	uint32 group_rid, uint32 member_rid);
341
342	NTSTATUS (create_alias)(struct pdb_methods methods,
343	const char name, uint32 rid);
344
345	NTSTATUS (delete_alias)(struct pdb_methods methods,
346	const DOM_SID *sid);
347
348	NTSTATUS (get_aliasinfo)(struct pdb_methods methods,
349	const DOM_SID *sid,
350	struct acct_info *info);
351
352	NTSTATUS (set_aliasinfo)(struct pdb_methods methods,
353	const DOM_SID *sid,
354	struct acct_info *info);
355
356	NTSTATUS (add_aliasmem)(struct pdb_methods methods,
357	const DOM_SID alias, const DOM_SID member);
358	NTSTATUS (del_aliasmem)(struct pdb_methods methods,
359	const DOM_SID alias, const DOM_SID member);
360	NTSTATUS (enum_aliasmem)(struct pdb_methods methods,
361	const DOM_SID alias, TALLOC_CTX mem_ctx,
362	DOM_SID *members, size_t p_num_members);
363	NTSTATUS (enum_alias_memberships)(struct pdb_methods methods,
364	TALLOC_CTX *mem_ctx,
365	const DOM_SID *domain_sid,
366	const DOM_SID *members,
367	size_t num_members,
368	uint32 **pp_alias_rids,
369	size_t *p_num_alias_rids);
370
371	NTSTATUS (lookup_rids)(struct pdb_methods methods,
372	const DOM_SID *domain_sid,
373	int num_rids,
374	uint32 *rids,
375	const char **pp_names,
376	enum lsa_SidType *attrs);
377
378	NTSTATUS (lookup_names)(struct pdb_methods methods,
379	const DOM_SID *domain_sid,
380	int num_names,
381	const char **pp_names,
382	uint32 *rids,
383	enum lsa_SidType *attrs);
384
385	NTSTATUS (get_account_policy)(struct pdb_methods methods,
386	enum pdb_policy_type type,
387	uint32_t *value);
388
389	NTSTATUS (set_account_policy)(struct pdb_methods methods,
390	enum pdb_policy_type type,
391	uint32_t value);
392
393	NTSTATUS (get_seq_num)(struct pdb_methods methods, time_t *seq_num);
394
395	bool (search_users)(struct pdb_methods methods,
396	struct pdb_search *search,
397	uint32 acct_flags);
398	bool (search_groups)(struct pdb_methods methods,
399	struct pdb_search *search);
400	bool (search_aliases)(struct pdb_methods methods,
401	struct pdb_search *search,
402	const DOM_SID *sid);
403
404	bool (uid_to_sid)(struct pdb_methods methods, uid_t uid,
405	DOM_SID *sid);
406	bool (gid_to_sid)(struct pdb_methods methods, gid_t gid,
407	DOM_SID *sid);
408	bool (sid_to_id)(struct pdb_methods methods, const DOM_SID *sid,
409	union unid_t id, enum lsa_SidType type);
410
411	uint32_t (capabilities)(struct pdb_methods methods);
412	bool (new_rid)(struct pdb_methods methods, uint32 *rid);
413
414
415	bool (get_trusteddom_pw)(struct pdb_methods methods,
416	const char domain, char* pwd,
417	DOM_SID sid, time_t pass_last_set_time);
418	bool (set_trusteddom_pw)(struct pdb_methods methods,
419	const char* domain, const char* pwd,
420	const DOM_SID *sid);
421	bool (del_trusteddom_pw)(struct pdb_methods methods,
422	const char *domain);
423	NTSTATUS (enum_trusteddoms)(struct pdb_methods methods,
424	TALLOC_CTX mem_ctx, uint32 num_domains,
425	struct trustdom_info ***domains);
426
427	void private_data; / Private data of some kind */
428
429	void (free_private_data)(void *);
430	};
431
432	typedef NTSTATUS (pdb_init_function)(struct pdb_methods , const char );
433
434	struct pdb_init_function_entry {
435	const char *name;
436
437	/* Function to create a member of the pdb_methods list */
438	pdb_init_function init;
439
440	struct pdb_init_function_entry prev, next;
441	};
442
443	#endif /* _PASSDB_H */

Note: See TracBrowser for help on using the repository browser.

Download in other formats: