ad_common.h revision edf96099f719e591e98be20af416a32cb4aeea73
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher/*
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher SSSD
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher Authors:
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher Stephen Gallagher <sgallagh@redhat.com>
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher Copyright (C) 2012 Red Hat
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher This program is free software; you can redistribute it and/or modify
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher it under the terms of the GNU General Public License as published by
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher the Free Software Foundation; either version 3 of the License, or
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher (at your option) any later version.
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher This program is distributed in the hope that it will be useful,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher but WITHOUT ANY WARRANTY; without even the implied warranty of
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher GNU General Public License for more details.
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher You should have received a copy of the GNU General Public License
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher along with this program. If not, see <http://www.gnu.org/licenses/>.
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher*/
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#ifndef AD_COMMON_H_
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#define AD_COMMON_H_
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#include "util/util.h"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#include "providers/ldap/ldap_common.h"
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
ba95f1c434b430f0db7fddbd865af10488ecab17Jakub Hrozek#define AD_SERVICE_NAME "AD"
ba95f1c434b430f0db7fddbd865af10488ecab17Jakub Hrozek#define AD_GC_SERVICE_NAME "AD_GC"
55d80b1301fe969fb4ba2b9481027887b9462dbbJakub Hrozek/* The port the Global Catalog runs on */
55d80b1301fe969fb4ba2b9481027887b9462dbbJakub Hrozek#define AD_GC_PORT 3268
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl#define AD_AT_OBJECT_SID "objectSID"
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl#define AD_AT_DNS_DOMAIN "DnsDomain"
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl#define AD_AT_NT_VERSION "NtVer"
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl#define AD_AT_NETLOGON "netlogon"
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl#define MASTER_DOMAIN_SID_FILTER "objectclass=domain"
edf96099f719e591e98be20af416a32cb4aeea73Pavel Reichl
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherstruct ad_options;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherenum ad_basic_opt {
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher AD_DOMAIN = 0,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher AD_SERVER,
294e9a5521d327c5cdc49beeb9cb9e703b3134f1Jan Zeleny AD_BACKUP_SERVER,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher AD_HOSTNAME,
4e2d9fe30bf8b692972a9654c60d2d90ed355815Stephen Gallagher AD_KEYTAB,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher AD_KRB5_REALM,
a679f0167b646cffdae86546ed77e105576991b0Pavel Březina AD_ENABLE_DNS_SITES,
8a05fd320a44636d120a18eb7e9956c7b35b3138Jakub Hrozek AD_ACCESS_FILTER,
ba4a81e933deebb416603369b447ead6ebaa040dJakub Hrozek AD_ENABLE_GC,
60cab26b12df9a2153823972cde0c38ca86e01b9Yassir Elley AD_GPO_ACCESS_CONTROL,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher AD_OPTS_BASIC /* opts counter */
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher};
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherstruct ad_id_ctx {
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct sdap_id_ctx *sdap_id_ctx;
55d80b1301fe969fb4ba2b9481027887b9462dbbJakub Hrozek struct sdap_id_conn_ctx *ldap_ctx;
55d80b1301fe969fb4ba2b9481027887b9462dbbJakub Hrozek struct sdap_id_conn_ctx *gc_ctx;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct ad_options *ad_options;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher};
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherstruct ad_service {
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct sdap_service *sdap;
55d80b1301fe969fb4ba2b9481027887b9462dbbJakub Hrozek struct sdap_service *gc;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct krb5_service *krb5_service;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher};
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherstruct ad_options {
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher /* Common options */
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct dp_option *basic;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct ad_service *service;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher /* ID Provider */
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct sdap_options *id;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct ad_id_ctx *id_ctx;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher /* Auth and chpass Provider */
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallagher struct krb5_ctx *auth_ctx;
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek /* Dynamic DNS updates */
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek struct be_resolv_ctx *be_res;
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek struct be_nsupdate_ctx *dyndns_ctx;
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher};
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghererrno_t
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherad_get_common_options(TALLOC_CTX *mem_ctx,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct confdb_ctx *cdb,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher const char *conf_path,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct sss_domain_info *dom,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct ad_options **_opts);
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozekstruct ad_options *ad_create_default_options(TALLOC_CTX *mem_ctx,
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozek const char *realm,
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozek const char *hostname);
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozek
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghererrno_t
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherad_failover_init(TALLOC_CTX *mem_ctx, struct be_ctx *ctx,
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny const char *primary_servers,
016e0d7202ff965018e41869c5ab501f86b0d081Jan Zeleny const char *backup_servers,
59415636c92c6e9764ddc65a85ad61002310519dJakub Hrozek const char *krb5_realm,
59415636c92c6e9764ddc65a85ad61002310519dJakub Hrozek const char *ad_service,
59415636c92c6e9764ddc65a85ad61002310519dJakub Hrozek const char *ad_gc_service,
59415636c92c6e9764ddc65a85ad61002310519dJakub Hrozek const char *ad_domain,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct ad_service **_service);
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallaghererrno_t
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagherad_get_id_options(struct ad_options *ad_opts,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct confdb_ctx *cdb,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher const char *conf_path,
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher struct sdap_options **_opts);
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallaghererrno_t
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallagherad_get_auth_options(TALLOC_CTX *mem_ctx,
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallagher struct ad_options *ad_opts,
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallagher struct be_ctx *bectx,
d92c50f6d75ae980b0d130134112a33e1584724cStephen Gallagher struct dp_option **_opts);
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozekerrno_t
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozekad_get_dyndns_options(struct be_ctx *be_ctx,
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek struct ad_options *ad_opts);
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozekstruct ad_id_ctx *
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozekad_id_ctx_init(struct ad_options *ad_opts, struct be_ctx *bectx);
ebc6ab564dc2a0a2b08c42d727fc403dde4a2dc9Jakub Hrozek
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozekstruct sdap_id_conn_ctx **
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozekad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx,
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozek struct sss_domain_info *dom);
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozek
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozekstruct sdap_id_conn_ctx *
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozekad_get_dom_ldap_conn(struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom);
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozek
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek/* AD dynamic DNS updates */
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozekerrno_t ad_dyndns_init(struct be_ctx *be_ctx,
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek struct ad_options *ctx);
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozekvoid ad_dyndns_timer(void *pvt);
74e95cfd9d3939dfe9417d79d2f6fc79b361405fJakub Hrozek
61804568ce5ede3b1a699cda17c033dd6c23f0e3Sumit Boseint ad_sudo_init(struct be_ctx *be_ctx,
61804568ce5ede3b1a699cda17c033dd6c23f0e3Sumit Bose struct ad_id_ctx *id_ctx,
61804568ce5ede3b1a699cda17c033dd6c23f0e3Sumit Bose struct bet_ops **ops,
61804568ce5ede3b1a699cda17c033dd6c23f0e3Sumit Bose void **pvt_data);
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher#endif /* AD_COMMON_H_ */