--- samba-3.0.21c/source/nsswitch/winbindd_ads.c.rfc2307_oids 2006-02-24 05:32:14.000000000 +0000 +++ samba-3.0.21c/source/nsswitch/winbindd_ads.c 2006-04-04 15:02:46.000000000 +0100 @@ -150,9 +150,9 @@ "sAMAccountName", "name", "objectSid", "primaryGroupID", "sAMAccountType", - ADS_ATTR_SFU_HOMEDIR_OID, - ADS_ATTR_SFU_SHELL_OID, - ADS_ATTR_SFU_GECOS_OID, + NULL, /* [6] ADS_ATTR_SFU_HOMEDIR_OID */ + NULL, /* [7] ADS_ATTR_SFU_SHELL_OID */ + NULL, /* [8] ADS_ATTR_SFU_GECOS_OID */ NULL}; int i, count; ADS_STATUS rc; @@ -171,6 +171,10 @@ goto done; } + attrs[6] = ads->schema.sfu_homedir_attr; /* positions must match the initialiser above */ + attrs[7] = ads->schema.sfu_shell_attr; + attrs[8] = ads->schema.sfu_gecos_attr; + rc = ads_search_retry(ads, &res, "(objectClass=user)", attrs); if (!ADS_ERR_OK(rc) || !res) { DEBUG(1,("query_user_list ads_search: %s\n", ads_errstr(rc))); @@ -206,7 +210,7 @@ name = ads_pull_username(ads, mem_ctx, msg); - if (use_nss_info("sfu")) { + if (ads->schema.sfu_homedir_attr) { /* implies use_nss_info("sfu") but much faster */ homedir = ads_pull_string(ads, mem_ctx, msg, ads->schema.sfu_homedir_attr); shell = ads_pull_string(ads, mem_ctx, msg, @@ -441,9 +445,9 @@ "sAMAccountName", "name", "primaryGroupID", - ADS_ATTR_SFU_HOMEDIR_OID, - ADS_ATTR_SFU_SHELL_OID, - ADS_ATTR_SFU_GECOS_OID, + NULL, /* [4] space for ADS_ATTR_SFU_HOMEDIR_OID */ + NULL, /* [5] space for ADS_ATTR_SFU_SHELL_OID */ + NULL, /* [6] space for ADS_ATTR_SFU_GECOS_OID */ NULL}; ADS_STATUS rc; int count; @@ -462,6 +466,10 @@ goto done; } + attrs[4] = ads->schema.sfu_homedir_attr; /* positions must match the initialiser above */ + attrs[5] = ads->schema.sfu_shell_attr; + attrs[6] = ads->schema.sfu_gecos_attr; + sidstr = sid_binstring(sid); asprintf(&ldap_exp, "(objectSid=%s)", sidstr); rc = ads_search_retry(ads, &msg, ldap_exp, attrs); @@ -482,7 +490,7 @@ info->acct_name = ads_pull_username(ads, mem_ctx, msg); - if (use_nss_info("sfu")) { + if (ads->schema.sfu_homedir_attr) { /* implies use_nss_info("sfu") but much faster */ info->homedir = ads_pull_string(ads, mem_ctx, msg, ads->schema.sfu_homedir_attr); info->shell = ads_pull_string(ads, mem_ctx, msg, --- samba-3.0.21c/source/libads/ldap.c.rfc2307_oids 2006-02-23 16:29:34.000000000 +0000 +++ samba-3.0.21c/source/libads/ldap.c 2006-04-04 15:10:14.000000000 +0100 @@ -2444,8 +2444,9 @@ goto failed; } - return ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName"); - + expr = ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName"); + DEBUG(5,("ads_get_attrname_by_oid: %s -> %s\n",OID,expr)); + return expr; failed: DEBUG(0,("ads_get_attrname_by_oid: failed to retrieve name for oid: %s\n", OID)); @@ -2564,32 +2565,47 @@ BOOL ret = False; TALLOC_CTX *ctx = NULL; const char *gidnumber, *uidnumber, *homedir, *shell, *gecos; + BOOL rfc2307 = False; ctx = talloc_init("ads_check_sfu_mapping"); if (ctx == NULL) goto done; - gidnumber = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_GIDNUMBER_OID); + gidnumber = ads_get_attrname_by_oid(ads, ctx, "1.3.6.1.1.1.1.1"); + if (gidnumber == NULL) { + gidnumber = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_GIDNUMBER_OID); + DEBUG(1,("AD schema OIDs are vendor-specific\n")); + } else { + rfc2307 = True; + DEBUG(1,("AD schema OIDs follow RFC2307\n")); + } + if (gidnumber == NULL) goto done; + ads->schema.sfu_gidnumber_attr = SMB_STRDUP(gidnumber); - uidnumber = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_UIDNUMBER_OID); + uidnumber = ads_get_attrname_by_oid(ads, ctx, + rfc2307 ? "1.3.6.1.1.1.1.0" : ADS_ATTR_SFU_UIDNUMBER_OID); + if (uidnumber == NULL) goto done; ads->schema.sfu_uidnumber_attr = SMB_STRDUP(uidnumber); - homedir = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_HOMEDIR_OID); + homedir = ads_get_attrname_by_oid(ads, ctx, + rfc2307 ? "1.3.6.1.1.1.1.3" : ADS_ATTR_SFU_HOMEDIR_OID); if (homedir == NULL) goto done; ads->schema.sfu_homedir_attr = SMB_STRDUP(homedir); - shell = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_SHELL_OID); + shell = ads_get_attrname_by_oid(ads, ctx, + rfc2307 ? "1.3.6.1.1.1.1.4" : ADS_ATTR_SFU_SHELL_OID); if (shell == NULL) goto done; ads->schema.sfu_shell_attr = SMB_STRDUP(shell); - gecos = ads_get_attrname_by_oid(ads, ctx, ADS_ATTR_SFU_GECOS_OID); + gecos = ads_get_attrname_by_oid(ads, ctx, + rfc2307 ? "1.3.6.1.1.1.1.2" : ADS_ATTR_SFU_GECOS_OID); if (gecos == NULL) goto done; ads->schema.sfu_gecos_attr = SMB_STRDUP(gecos); --- samba-3.0.21c/source/sam/idmap_ad.c.rfc2307_oids 2005-07-28 14:19:49.000000000 +0100 +++ samba-3.0.21c/source/sam/idmap_ad.c 2006-04-04 15:14:24.000000000 +0100 @@ -30,13 +30,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP -#ifndef ATTR_UIDNUMBER -#define ATTR_UIDNUMBER ADS_ATTR_SFU_UIDNUMBER_OID -#endif - -#ifndef ATTR_GIDNUMBER -#define ATTR_GIDNUMBER ADS_ATTR_SFU_GIDNUMBER_OID -#endif #define WINBIND_CCACHE_NAME "MEMORY:winbind_ccache" @@ -194,14 +187,14 @@ case ID_USERID: if (asprintf(&expr, "(&(|(sAMAccountType=%d)(sAMAccountType=%d)(sAMAccountType=%d))(%s=%d))", ATYPE_NORMAL_ACCOUNT, ATYPE_WORKSTATION_TRUST, ATYPE_INTERDOMAIN_TRUST, - ATTR_UIDNUMBER, (int)unid.uid) == -1) { + ads->schema.sfu_uidnumber_attr, (int)unid.uid) == -1) { return NT_STATUS_NO_MEMORY; } break; case ID_GROUPID: if (asprintf(&expr, "(&(|(sAMAccountType=%d)(sAMAccountType=%d))(%s=%d))", ATYPE_SECURITY_GLOBAL_GROUP, ATYPE_SECURITY_LOCAL_GROUP, - ATTR_GIDNUMBER, (int)unid.gid) == -1) { + ads->schema.sfu_gidnumber_attr, (int)unid.gid) == -1) { return NT_STATUS_NO_MEMORY; } break; @@ -254,7 +247,10 @@ { ADS_STATUS rc; NTSTATUS status = NT_STATUS_NONE_MAPPED; - const char *attrs[] = { "sAMAccountType", ATTR_UIDNUMBER, ATTR_GIDNUMBER, NULL }; + const char *attrs[] = { "sAMAccountType", + NULL /* [1] ATTR_UIDNUMBER */, + NULL /* [2] ATTR_GIDNUMBER */, + NULL }; void *res = NULL; void *msg = NULL; char *expr = NULL; @@ -274,6 +270,9 @@ return NT_STATUS_NOT_SUPPORTED; } + attrs[1] = attr_uidnumber; + attrs[2] = attr_gidnumber; + sidstr = sid_binstring(sid); if (asprintf(&expr, "(objectSid=%s)", sidstr) == -1) { free(sidstr);