The Samba-Bugzilla – Attachment 4309 Details for
Bug 6408
net sam provision doesnt create any builtin groups
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
net_sam.patch (text/plain), 7.73 KB, created by
David Markey
on 2009-06-18 11:20:49 UTC
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
David Markey
Created:
2009-06-18 11:20:49 UTC
Size:
7.73 KB
patch
obsolete
>--- a/source3/utils/net_sam.c 2009-06-18 17:09:33.000000000 +0100 >+++ b/source3/utils/net_sam.c 2009-06-18 17:05:47.000000000 +0100 >@@ -1540,6 +1540,11 @@ > DOM_SID gsid; > gid_t domusers_gid = -1; > gid_t domadmins_gid = -1; >+ gid_t builtinadmins_gid = -1; >+ gid_t builtinusers_gid = -1; >+ gid_t builtinguests_gid = -1; >+ gid_t builtinpowerusers_gid = -1; >+ > struct samu *samuser; > struct passwd *pwd; > >@@ -1704,6 +1709,223 @@ > > doma_done: > >+ d_printf("Checking for BUILTIN\\Administrators group.\n"); >+ >+ sid_copy(&gsid, &global_sid_Builtin_Administrators); >+ >+ if (!pdb_getgrsid(&gmap, gsid)) { >+ LDAPMod **mods = NULL; >+ char *dn; >+ char *uname; >+ char *wname; >+ char *gidstr; >+ char *gtype; >+ int rc; >+ >+ d_printf("Adding the BUILTIN\\Administrators group.\n"); >+ >+ /* lets allocate a new groupid for this group */ >+ if (!winbind_allocate_gid(&builtinadmins_gid)) { >+ d_fprintf(stderr, "Unable to allocate a new gid to create BUILTIN\\Administrators group!\n"); >+ goto builtina_done; >+ } >+ >+ uname = talloc_strdup(tc, "builtinadmins"); >+ wname = talloc_strdup(tc, "Administrators"); >+ dn = talloc_asprintf(tc, "cn=%s,%s", "builtinadmins", lp_ldap_group_suffix()); >+ gidstr = talloc_asprintf(tc, "%u", (unsigned int)builtinadmins_gid); >+ gtype = talloc_asprintf(tc, "%d", SID_NAME_ALIAS); >+ >+ if (!uname || !wname || !dn || !gidstr || !gtype) { >+ d_fprintf(stderr, "Out of Memory!\n"); >+ goto failed; >+ } >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXGROUP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", uname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", wname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", SID_BUILTIN_ADMINISTRATORS ); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", gtype); >+ >+ talloc_autofree_ldapmod(tc, mods); >+ >+ rc = smbldap_add(ls, dn, mods); >+ >+ if (rc != LDAP_SUCCESS) { >+ d_fprintf(stderr, "Failed to add BUILTIN\\Administrators group to ldap directory\n"); >+ } >+ } else { >+ builtinadmins_gid = gmap.gid; >+ d_printf("found!\n"); >+ } >+ >+builtina_done: >+ >+ d_printf("Checking for BUILTIN\\Users group.\n"); >+ >+ sid_copy(&gsid, &global_sid_Builtin_Users); >+ >+ if (!pdb_getgrsid(&gmap, gsid)) { >+ LDAPMod **mods = NULL; >+ char *dn; >+ char *uname; >+ char *wname; >+ char *gidstr; >+ char *gtype; >+ int rc; >+ >+ d_printf("Adding the BUILTIN\\Users group.\n"); >+ >+ /* lets allocate a new groupid for this group */ >+ if (!winbind_allocate_gid(&builtinusers_gid)) { >+ d_fprintf(stderr, "Unable to allocate a new gid to create BUILTIN\\Users group!\n"); >+ goto builtinu_done; >+ } >+ >+ uname = talloc_strdup(tc, "builtinusers"); >+ wname = talloc_strdup(tc, "Users"); >+ dn = talloc_asprintf(tc, "cn=%s,%s", "builtinusers", lp_ldap_group_suffix()); >+ gidstr = talloc_asprintf(tc, "%u", (unsigned int)builtinusers_gid); >+ gtype = talloc_asprintf(tc, "%d", SID_NAME_ALIAS); >+ >+ if (!uname || !wname || !dn || !gidstr || !gtype) { >+ d_fprintf(stderr, "Out of Memory!\n"); >+ goto failed; >+ } >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXGROUP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", uname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", wname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", SID_BUILTIN_USERS ); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", gtype); >+ >+ talloc_autofree_ldapmod(tc, mods); >+ >+ rc = smbldap_add(ls, dn, mods); >+ >+ if (rc != LDAP_SUCCESS) { >+ d_fprintf(stderr, "Failed to add BUILTIN\\Guests group to ldap directory\n"); >+ } >+ } else { >+ builtinusers_gid = gmap.gid; >+ d_printf("found!\n"); >+ } >+ >+builtinu_done: >+ >+ d_printf("Checking for BUILTIN\\Guests group.\n"); >+ >+ sid_copy(&gsid, &global_sid_Builtin_Guests); >+ >+ if (!pdb_getgrsid(&gmap, gsid)) { >+ LDAPMod **mods = NULL; >+ char *dn; >+ char *uname; >+ char *wname; >+ char *gidstr; >+ char *gtype; >+ int rc; >+ >+ d_printf("Adding the BUILTIN\\Guests group.\n"); >+ >+ /* lets allocate a new groupid for this group */ >+ if (!winbind_allocate_gid(&builtinguests_gid)) { >+ d_fprintf(stderr, "Unable to allocate a new gid to create BUILTIN\\Guests group!\n"); >+ goto builting_done; >+ } >+ >+ uname = talloc_strdup(tc, "builtinguests"); >+ wname = talloc_strdup(tc, "Guests"); >+ dn = talloc_asprintf(tc, "cn=%s,%s", "builtinguests", lp_ldap_group_suffix()); >+ gidstr = talloc_asprintf(tc, "%u", (unsigned int)builtinguests_gid); >+ gtype = talloc_asprintf(tc, "%d", SID_NAME_ALIAS); >+ >+ if (!uname || !wname || !dn || !gidstr || !gtype) { >+ d_fprintf(stderr, "Out of Memory!\n"); >+ goto failed; >+ } >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXGROUP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", uname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", wname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", SID_BUILTIN_GUESTS ); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", gtype); >+ >+ talloc_autofree_ldapmod(tc, mods); >+ >+ rc = smbldap_add(ls, dn, mods); >+ >+ if (rc != LDAP_SUCCESS) { >+ d_fprintf(stderr, "Failed to add BUILTIN\\Guests group to ldap directory\n"); >+ } >+ } else { >+ builtinusers_gid = gmap.gid; >+ d_printf("found!\n"); >+ } >+ >+builting_done: >+ >+ d_printf("Checking for BUILTIN\\Power Users group.\n"); >+ >+ sid_copy(&gsid, &global_sid_Builtin_Power_Users); >+ >+ if (!pdb_getgrsid(&gmap, gsid)) { >+ LDAPMod **mods = NULL; >+ char *dn; >+ char *uname; >+ char *wname; >+ char *gidstr; >+ char *gtype; >+ int rc; >+ >+ d_printf("Adding the BUILTIN\\Power Users.\n"); >+ >+ /* lets allocate a new groupid for this group */ >+ if (!winbind_allocate_gid(&builtinpowerusers_gid)) { >+ d_fprintf(stderr, "Unable to allocate a new gid to create BUILTIN\\Power Users!\n"); >+ goto builtinpu_done; >+ } >+ >+ uname = talloc_strdup(tc, "builtinpowerusers"); >+ wname = talloc_strdup(tc, "Power Users"); >+ dn = talloc_asprintf(tc, "cn=%s,%s", "builtinpowerusers", lp_ldap_group_suffix()); >+ gidstr = talloc_asprintf(tc, "%u", (unsigned int)builtinpowerusers_gid); >+ gtype = talloc_asprintf(tc, "%d", SID_NAME_ALIAS); >+ >+ if (!uname || !wname || !dn || !gidstr || !gtype) { >+ d_fprintf(stderr, "Out of Memory!\n"); >+ goto failed; >+ } >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXGROUP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", uname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", wname); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSid", SID_BUILTIN_POWER_USERS ); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaGroupType", gtype); >+ >+ talloc_autofree_ldapmod(tc, mods); >+ >+ rc = smbldap_add(ls, dn, mods); >+ >+ if (rc != LDAP_SUCCESS) { >+ d_fprintf(stderr, "Failed to add BUILTIN\\Power Users group to ldap directory\n"); >+ } >+ } else { >+ builtinpowerusers_gid = gmap.gid; >+ d_printf("found!\n"); >+ } >+ >+builtinpu_done: >+ >+ > d_printf("Check for Administrator account.\n"); > > samuser = samu_new(tc); >@@ -1865,11 +2087,11 @@ > d_printf("found!\n"); > } > >- d_printf("Checking Guest's group.\n"); >+ d_printf("Checking Domain Guest's group.\n"); > > pwd = getpwnam_alloc(talloc_autofree_context(), lp_guestaccount()); > if (!pwd) { >- d_fprintf(stderr, "Failed to find just created Guest account!\n" >+ d_fprintf(stderr, "Failed to find just created Domain Guest's account!\n" > " Is nss properly configured?!\n"); > goto failed; > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=4309">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 6408
:
4309
|
4313