smb_wksids.c revision f96bd5c800e73e351b0b6e4bd7f00b578dad29bb
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Use is subject to license terms.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwstatic int wk_init = 0;
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borregostatic char *wka_nbdomain[] = {
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego "NT Pseudo Domain",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego "NT Authority",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego * Predefined well known accounts table
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 2, "S-1-5-9", "Enterprise Domain Controllers",
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-544", "Administrators", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas "Members can fully administer the computer/domain", NULL },
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-547", "Power Users", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas SMB_WKAFLG_LGRP_ENABLE, "Members can share directories", NULL },
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego { 3, "S-1-5-32-551", "Backup Operators", SidTypeAlias,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas "Members can bypass file security to back up files", NULL },
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas#define SMB_WKA_NUM (sizeof (wka_tbl)/sizeof (wka_tbl[0]))
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given SID.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the account entry in
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * the table, otherwise returns NULL.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given name.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the binary SID of the
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * entry, otherwise returns NULL.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if ((entry = smb_wka_lookup_name(name)) != NULL)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Looks up well known accounts table for the given name.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Upon success returns a pointer to the account entry in
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * the table, otherwise returns NULL.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
bbf6f00c25b6a2bed23c35eac6d62998ecdb338cJordan Brown if (!smb_strcasecmp(name, entry->wka_name, 0)) {
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright * Lookup a name in the BUILTIN domain.
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright for (i = 0; i < SMB_WKA_NUM; ++i) {
f96bd5c800e73e351b0b6e4bd7f00b578dad29bbAlan Wright if (!smb_strcasecmp(name, entry->wka_name, 0)) {
89dc44ce9705974a8bc4a39f1e878a0491a5be61jose borrego * Returns the Netbios domain name for the given index
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * This function adds well known groups to groups in a user's
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * access token (gids).
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Network" SID is added for all users connecting over CIFS.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Authenticated Users" SID is added for all users except Guest
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * and Anonymous.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * "Guests" SID is added for guest users and Administrators SID
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * is added for admin users.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wrightsmb_wka_token_groups(uint32_t flags, smb_ids_t *gids)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego gids->i_ids = realloc(gids->i_ids, total_cnt * sizeof (smb_id_t));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Network"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Guests"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright smb_sid_dup(smb_wka_get_sid("Authenticated Users"));
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright id->i_sid = smb_sid_dup(smb_wka_get_sid("Administrators"));
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas * smb_wka_init
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Generate binary SIDs from the string SIDs in the table
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and set the proper field.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Caller MUST not store the binary SID pointer anywhere that
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * could lead to freeing it.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This function should only be called once.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (1);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (0);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return (1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (wk_init == 0) {
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas for (i = 0; i < SMB_WKA_NUM; ++i) {