da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Use is subject to license terms.
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego "NT Pseudo Domain",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego "NT Authority",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego * Predefined well known accounts table
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 2, "S-1-5-9", "Enterprise Domain Controllers",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-544", "Administrators", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas "Members can fully administer the computer/domain", NULL },
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-547", "Power Users", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas SMB_WKAFLG_LGRP_ENABLE, "Members can share directories", NULL },
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-551", "Backup Operators", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas "Members can bypass file security to back up files", NULL },
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas#define SMB_WKA_NUM (sizeof (wka_tbl)/sizeof (wka_tbl[0]))
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic int smb_wka_init(void);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic void smb_wka_fini(void);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given SID.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the account entry in
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * the table, otherwise returns NULL.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_wka_init())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (NULL);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (entry->wka_binsid == NULL)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (NULL);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (smb_sid_cmp(sid, entry->wka_binsid))
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given name.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the binary SID of the
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * entry, otherwise returns NULL.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_wka_init())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (NULL);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if ((entry = smb_wka_lookup_name(name)) != NULL)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given name.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the account entry in
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * the table, otherwise returns NULL.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_strcasecmp(name, entry->wka_name, 0))
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * Lookup a name in the BUILTIN domain.
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright for (i = 0; i < SMB_WKA_NUM; ++i) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_strcasecmp(name, entry->wka_name, 0))
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego * Returns the Netbios domain name for the given index
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * This function adds well known groups to groups in a user's
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * access token (gids).
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Network" SID is added for all users connecting over CIFS.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Authenticated Users" SID is added for all users except Guest
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * and Anonymous.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Guests" SID is added for guest users and Administrators SID
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * is added for admin users.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wrightsmb_wka_token_groups(uint32_t flags, smb_ids_t *gids)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego gids->i_ids = realloc(gids->i_ids, total_cnt * sizeof (smb_id_t));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Network"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Guests"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright smb_sid_dup(smb_wka_get_sid("Authenticated Users"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Administrators"));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Generate binary SIDs from the string SIDs for the well-known
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * accounts table. Callers MUST not free the binary SID pointer.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic int
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States static boolean_t wka_init = B_FALSE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States static mutex_t wka_mutex;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_wka_t *entry;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int i;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_lock(&wka_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (wka_init) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&wka_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (B_TRUE);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&wka_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (B_FALSE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States wka_init = B_TRUE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&wka_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (B_TRUE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States/*
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Private cleanup for smb_wka_init.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic void
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {