idmap_prot.x revision 9fb67ea305c66b6a297583b9b0db6796b0dfe497
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/* opaque type to support non-ASCII strings */
typedef string idmap_utf8str<>;
typedef idmap_utf8str idmap_utf8str_list<>;
/* Return status */
typedef int idmap_retcode;
/* Identity types */
enum idmap_id_type {
IDMAP_NONE = 0,
IDMAP_UID = 1,
};
/* The type of ID mapping */
enum idmap_map_type {
};
/* Source of ID mapping */
enum idmap_map_src {
};
/* SID */
struct idmap_sid {
};
/* Identity (sid-posix) */
case IDMAP_NONE: void;
case IDMAP_POSIXID: void;
};
/* Name-based mapping rules */
struct idmap_namerule {
bool is_user;
bool is_wuser;
int direction;
bool is_nt4;
};
struct idmap_namerules_res {
};
/* How ID is mapped */
struct idmap_how_ds_based {
};
case IDMAP_MAP_TYPE_UNKNOWN: void;
case IDMAP_MAP_TYPE_EPHEMERAL: void;
case IDMAP_MAP_TYPE_LOCAL_SID: void;
case IDMAP_MAP_TYPE_KNOWN_SID: void;
};
struct idmap_info {
};
/* Id result */
struct idmap_id_res {
int direction;
};
struct idmap_ids_res {
idmap_id_res ids<>;
};
/*
* Flag supported by mapping requests
*/
/* Don't allocate a new value for the mapping */
const IDMAP_REQ_FLG_NO_NEW_ID_ALLOC = 0x00000001;
/* Validate the given identity before mapping */
const IDMAP_REQ_FLG_VALIDATE = 0x00000002;
/* Avoid name service lookups to prevent looping */
const IDMAP_REQ_FLG_NO_NAMESERVICE = 0x00000004;
/* Request how a mapping was formed */
const IDMAP_REQ_FLG_MAPPING_INFO = 0x00000008;
/*
* This libidmap only flag is defined in idmap.h
* It enables use of the libidmap cache
* const IDMAP_REQ_FLG_USE_CACHE = 0x00000010;
*/
/* Request mapping for well-known or local SIDs only */
const IDMAP_REQ_FLG_WK_OR_LOCAL_SIDS_ONLY = 0x00000020;
/*
* Mapping direction definitions
*/
const IDMAP_DIRECTION_BI = 0; /* bi-directional */
/* Identity mappings (sid-posix) */
struct idmap_mapping {
int direction;
};
typedef idmap_mapping idmap_mapping_batch<>;
struct idmap_mappings_res {
};
/* Update result */
struct idmap_update_res {
};
/* Update requests */
enum idmap_opnum {
OP_NONE = 0,
OP_ADD_NAMERULE = 1,
OP_RM_NAMERULE = 2,
};
case OP_ADD_NAMERULE:
case OP_RM_NAMERULE:
default:
void;
};
typedef idmap_update_op idmap_update_batch<>;
const AD_DISC_MAXHOSTNAME = 256;
#ifndef _KERNEL
struct idmap_ad_disc_ds_t {
int port;
int priority;
int weight;
char host[AD_DISC_MAXHOSTNAME];
};
/* get-prop, set-prop */
enum idmap_prop_type {
PROP_UNKNOWN = 0,
PROP_LIST_SIZE_LIMIT = 1,
PROP_AD_UNIXGROUP_ATTR = 10,
PROP_NLDAP_WINNAME_ATTR = 11,
};
case PROP_LIST_SIZE_LIMIT:
case PROP_DEFAULT_DOMAIN:
case PROP_DOMAIN_NAME:
case PROP_MACHINE_SID:
case PROP_FOREST_NAME:
case PROP_SITE_NAME:
case PROP_AD_UNIXUSER_ATTR:
case PROP_AD_UNIXGROUP_ATTR:
case PROP_NLDAP_WINNAME_ATTR:
case PROP_DOMAIN_CONTROLLER:
case PROP_GLOBAL_CATALOG:
default:
void;
};
struct idmap_prop_res {
bool auto_discovered;
};
#endif
enum idmap_flush_op {
IDMAP_FLUSH_EXPIRE = 0,
};
/*
* Represents an error from the directory lookup service.
*
* code is an ASCII string that is a key for the error. It is not
* localized.
*
* fmt is a format string with %n markers for where to include
* params[n-1]. It should be, but NEEDSWORK is not localized to
* the caller's locale.
*
* params is a list of parameters for the error - e.g. the name that
* encountered a failure, the server that reported the failure, et cetera.
* The values are to be used both as marked in fmt and for machine
* interpretation of the error.
*/
struct directory_error_rpc {
};
/*
* One value of a multivalued attribute.
*/
typedef opaque directory_value_rpc<>;
/*
* The value of an attribute, if found. Note that this is a list
* of directory_value_rpc objects, to support multivalued attributes.
*/
union directory_values_rpc switch (bool found) {
case TRUE:
case FALSE:
void;
};
/*
* The status of the lookup for any particular identifier.
*/
enum directory_lookup_status_rpc {
DIRECTORY_NOT_FOUND = 0,
DIRECTORY_FOUND = 1,
DIRECTORY_ERROR = 2
};
/*
* This is the data returned for a particular identifier, either a
* list of attribute values or an error.
*/
case DIRECTORY_NOT_FOUND:
void;
case DIRECTORY_FOUND:
case DIRECTORY_ERROR:
};
/*
* This is the result from a request, either a list of the entries for
* the identifiers specified, or an error.
*/
union directory_results_rpc switch (bool failed) {
case TRUE:
case FALSE:
};
void
IDMAP_NULL(void) = 0;
/* Batch of requests to get mapped identities */
/* List all identity mappings */
/* List all name-based mapping rules */
/* Batch of update requests */
/* Get mapped identity by name */
#ifndef _KERNEL
/* Get configuration property */
#endif
/*
* Retrieve directory information about a list of users
* or groups by name or SID.
*
* ids is a list of user names, group names, or SIDs.
*
* types is a list of types of the ids in the id list.
* If the type list is shorter than the id list, the last
* type listed applies to all of the ids from that point.
* The defined types are:
* 'n' - name (could be user or group)
* 'u' - user
* 'g' - group
* 's' - SID
*
* attrs is a list of attribute names to retrieve.
*/
} = 1;
} = 100172;