wbclient_sssd.h revision f3c85d900c4663854cc7bbae7d9f77867ed1f69b
/*
Winbind client API
Copyright (C) Gerald (Jerry) Carter 2007
Copyright (C) Volker Lendecke 2009
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 3 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _WBCLIENT_H
#define _WBCLIENT_H
#include <pwd.h>
#include <grp.h>
/* Define error types */
/**
* @brief Status codes returned from wbc functions
**/
enum _wbcErrType {
WBC_ERR_SUCCESS = 0, /**< Successful completion **/
WBC_ERR_NOT_IMPLEMENTED, /**< Function not implemented **/
WBC_ERR_UNKNOWN_FAILURE, /**< General failure **/
WBC_ERR_NO_MEMORY, /**< Memory allocation error **/
WBC_ERR_INVALID_SID, /**< Invalid SID format **/
WBC_ERR_INVALID_PARAM, /**< An Invalid parameter was supplied **/
WBC_ERR_WINBIND_NOT_AVAILABLE, /**< Winbind daemon is not available **/
WBC_ERR_DOMAIN_NOT_FOUND, /**< Domain is not trusted or cannot be found **/
WBC_ERR_INVALID_RESPONSE, /**< Winbind returned an invalid response **/
WBC_ERR_NSS_ERROR, /**< NSS_STATUS error **/
WBC_ERR_AUTH_ERROR, /**< Authentication failed **/
WBC_ERR_UNKNOWN_USER, /**< User account cannot be found */
WBC_ERR_UNKNOWN_GROUP, /**< Group account cannot be found */
WBC_ERR_PWD_CHANGE_FAILED /**< Password Change has failed */
};
typedef enum _wbcErrType wbcErr;
#define WBC_ERROR_IS_OK(x) ((x) == WBC_ERR_SUCCESS)
/**
* @brief Some useful details about the wbclient library
*
* 0.1: Initial version
* 0.2: Added wbcRemoveUidMapping()
* Added wbcRemoveGidMapping()
* 0.3: Added wbcGetpwsid()
* Added wbcGetSidAliases()
* 0.4: Added wbcSidTypeString()
* 0.5: Added wbcChangeTrustCredentials()
* 0.6: Made struct wbcInterfaceDetails char* members non-const
* 0.7: Added wbcSidToStringBuf()
* 0.8: Added wbcSidsToUnixIds() and wbcLookupSids()
* 0.9: Added support for WBC_ID_TYPE_BOTH
* 0.10: Added wbcPingDc2()
* 0.11: Extended wbcAuthenticateUserEx to provide PAC parsing
**/
#define WBCLIENT_MAJOR_VERSION 0
#define WBCLIENT_MINOR_VERSION 11
#define WBCLIENT_VENDOR_VERSION "Samba libwbclient"
struct wbcLibraryDetails {
const char *vendor_version;
};
/**
* @brief Some useful details about the running winbindd
*
**/
struct wbcInterfaceDetails {
char *winbind_version;
char winbind_separator;
char *netbios_name;
char *netbios_domain;
char *dns_domain;
};
/*
* Data types used by the Winbind Client API
*/
#ifndef WBC_MAXSUBAUTHS
#endif
/**
* @brief Windows Security Identifier
*
**/
struct wbcDomainSid {
};
/**
* @brief Security Identifier type
**/
enum wbcSidType {
};
/**
* @brief Security Identifier with attributes
**/
struct wbcSidWithAttr {
struct wbcDomainSid sid;
};
/* wbcSidWithAttr->attributes */
#define WBC_SID_ATTR_GROUP_MANDATORY 0x00000001
#define WBC_SID_ATTR_GROUP_ENABLED_BY_DEFAULT 0x00000002
#define WBC_SID_ATTR_GROUP_ENABLED 0x00000004
#define WBC_SID_ATTR_GROUP_OWNER 0x00000008
#define WBC_SID_ATTR_GROUP_USEFOR_DENY_ONLY 0x00000010
#define WBC_SID_ATTR_GROUP_RESOURCE 0x20000000
#define WBC_SID_ATTR_GROUP_LOGON_ID 0xC0000000
/**
* @brief Windows GUID
*
**/
struct wbcGuid {
};
/**
* @brief Domain Information
**/
struct wbcDomainInfo {
char *short_name;
char *dns_name;
struct wbcDomainSid sid;
};
/* wbcDomainInfo->domain_flags */
#define WBC_DOMINFO_DOMAIN_UNKNOWN 0x00000000
#define WBC_DOMINFO_DOMAIN_NATIVE 0x00000001
#define WBC_DOMINFO_DOMAIN_AD 0x00000002
#define WBC_DOMINFO_DOMAIN_PRIMARY 0x00000004
#define WBC_DOMINFO_DOMAIN_OFFLINE 0x00000008
/* wbcDomainInfo->trust_flags */
#define WBC_DOMINFO_TRUST_TRANSITIVE 0x00000001
#define WBC_DOMINFO_TRUST_INCOMING 0x00000002
#define WBC_DOMINFO_TRUST_OUTGOING 0x00000004
/* wbcDomainInfo->trust_type */
#define WBC_DOMINFO_TRUSTTYPE_NONE 0x00000000
#define WBC_DOMINFO_TRUSTTYPE_FOREST 0x00000001
#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST 0x00000002
#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL 0x00000003
/**
* @brief Generic Blob
**/
struct wbcBlob {
};
/**
* @brief Named Blob
**/
struct wbcNamedBlob {
const char *name;
};
/**
* @brief Auth User Parameters
**/
struct wbcAuthUserParams {
const char *account_name;
const char *domain_name;
const char *workstation_name;
enum wbcAuthUserLevel {
} level;
union {
const char *plaintext;
struct {
} hash;
struct {
} response;
} password;
};
/**
* @brief Logon User Parameters
**/
struct wbcLogonUserParams {
const char *username;
const char *password;
struct wbcNamedBlob *blobs;
};
/**
* @brief ChangePassword Parameters
**/
struct wbcChangePasswordParams {
const char *account_name;
const char *domain_name;
enum wbcChangePasswordLevel {
} level;
union {
const char *plaintext;
struct {
} response;
} old_password;
union {
const char *plaintext;
struct {
} response;
} new_password;
};
/* wbcAuthUserParams->parameter_control */
#define WBC_MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x00000002
#define WBC_MSV1_0_UPDATE_LOGON_STATISTICS 0x00000004
#define WBC_MSV1_0_RETURN_USER_PARAMETERS 0x00000008
#define WBC_MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x00000020
#define WBC_MSV1_0_RETURN_PROFILE_PATH 0x00000200
#define WBC_MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x00000800
/* wbcAuthUserParams->flags */
#define WBC_AUTH_PARAM_FLAGS_INTERACTIVE_LOGON 0x00000001
/**
* @brief Auth User Information
*
* Some of the strings are maybe NULL
**/
struct wbcAuthUserInfo {
char *account_name;
char *user_principal;
char *full_name;
char *domain_name;
char *dns_domain_name;
char *logon_server;
char *logon_script;
char *profile_path;
char *home_directory;
char *home_drive;
/*
* the 1st one is the account sid
* the 2nd one is the primary_group sid
* followed by the rest of the groups
*/
struct wbcSidWithAttr *sids;
};
/**
* @brief Logon User Information
*
* Some of the strings are maybe NULL
**/
struct wbcLogonUserInfo {
struct wbcAuthUserInfo *info;
struct wbcNamedBlob *blobs;
};
/* wbcAuthUserInfo->user_flags */
#define WBC_AUTH_USER_INFO_GUEST 0x00000001
#define WBC_AUTH_USER_INFO_NOENCRYPTION 0x00000002
#define WBC_AUTH_USER_INFO_CACHED_ACCOUNT 0x00000004
#define WBC_AUTH_USER_INFO_USED_LM_PASSWORD 0x00000008
#define WBC_AUTH_USER_INFO_EXTRA_SIDS 0x00000020
#define WBC_AUTH_USER_INFO_SUBAUTH_SESSION_KEY 0x00000040
#define WBC_AUTH_USER_INFO_SERVER_TRUST_ACCOUNT 0x00000080
#define WBC_AUTH_USER_INFO_NTLMV2_ENABLED 0x00000100
#define WBC_AUTH_USER_INFO_RESOURCE_GROUPS 0x00000200
#define WBC_AUTH_USER_INFO_PROFILE_PATH_RETURNED 0x00000400
#define WBC_AUTH_USER_INFO_GRACE_LOGON 0x01000000
/* wbcAuthUserInfo->acct_flags */
struct wbcAuthErrorInfo {
char *nt_string;
char *display_string;
};
/**
* @brief User Password Policy Information
**/
/* wbcUserPasswordPolicyInfo->password_properties */
#define WBC_DOMAIN_PASSWORD_COMPLEX 0x00000001
#define WBC_DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002
#define WBC_DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004
#define WBC_DOMAIN_PASSWORD_LOCKOUT_ADMINS 0x00000008
#define WBC_DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010
#define WBC_DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020
struct wbcUserPasswordPolicyInfo {
};
/**
* @brief Change Password Reject Reason
**/
};
/* Note: this defines exist for compatibility reasons with existing code */
/**
* @brief Logoff User Parameters
**/
struct wbcLogoffUserParams {
const char *username;
struct wbcNamedBlob *blobs;
};
/** @brief Credential cache log-on parameters
*
*/
struct wbcCredentialCacheParams {
const char *account_name;
const char *domain_name;
enum wbcCredentialCacheLevel {
} level;
struct wbcNamedBlob *blobs;
};
/** @brief Info returned by credential cache auth
*
*/
struct wbcCredentialCacheInfo {
struct wbcNamedBlob *blobs;
};
/*
* DomainControllerInfo struct
*/
struct wbcDomainControllerInfo {
char *dc_name;
};
/*
* DomainControllerInfoEx struct
*/
struct wbcDomainControllerInfoEx {
const char *dc_unc;
const char *dc_address;
struct wbcGuid *domain_guid;
const char *domain_name;
const char *forest_name;
const char *dc_site_name;
const char *client_site_name;
};
/**********************************************************
* Memory Management
**********************************************************/
/**
* @brief Free library allocated memory
*
* @param * Pointer to free
*
* @return void
**/
void wbcFreeMemory(void*);
/*
* Utility functions for dealing with SIDs
*/
/**
* @brief Get a string representation of the SID type
*
* @param type type of the SID
*
* @return string representation of the SID type
*/
/*
* @brief Print a sid into a buffer
*
* @param sid Binary Security Identifier
* @param buf Target buffer
* @param buflen Target buffer length
*
* @return Resulting string length.
*/
/**
* @brief Convert a binary SID to a character string
*
* @param sid Binary Security Identifier
* @param **sid_string Resulting character string
*
* @return #wbcErr
**/
char **sid_string);
/**
* @brief Convert a character string to a binary SID
*
* @param *sid_string Character string in the form of S-...
* @param sid Resulting binary SID
*
* @return #wbcErr
**/
struct wbcDomainSid *sid);
/*
* Utility functions for dealing with GUIDs
*/
/**
* @brief Convert a binary GUID to a character string
*
* @param guid Binary Guid
* @param **guid_string Resulting character string
*
* @return #wbcErr
**/
char **guid_string);
/**
* @brief Convert a character string to a binary GUID
*
* @param *guid_string Character string
* @param guid Resulting binary GUID
*
* @return #wbcErr
**/
/**
* @brief Ping winbindd to see if the daemon is running
*
* @return #wbcErr
**/
/**********************************************************
**********************************************************/
/**
* @brief Convert a domain and name to SID
*
* @param dom_name Domain name (possibly "")
* @param name User or group name
* @param *sid Pointer to the resolved domain SID
* @param *name_type Pointer to the SID type
*
* @return #wbcErr
**/
const char *name,
struct wbcDomainSid *sid,
enum wbcSidType *name_type);
/**
* @brief Convert a SID to a domain and name
*
* @param *sid Pointer to the domain SID to be resolved
* @param domain Resolved Domain name (possibly "")
* @param name Resolved User or group name
* @param *name_type Pointer to the resolved SID type
*
* @return #wbcErr
**/
char **domain,
char **name,
enum wbcSidType *name_type);
struct wbcTranslatedName {
enum wbcSidType type;
char *name;
int domain_index;
};
struct wbcTranslatedName **names);
/**
* @brief Translate a collection of RIDs within a domain to names
*/
int num_rids,
const char **domain_name,
const char ***names,
enum wbcSidType **types);
/*
* @brief Get the groups a user belongs to
**/
bool domain_groups_only,
struct wbcDomainSid **sids);
/*
* @brief Get alias membership for sids
**/
struct wbcDomainSid *sids,
/**
* @brief Lists Users
**/
const char ***users);
/**
* @brief Lists Groups
**/
const char ***groups);
char **pdomain,
char **pfullname,
enum wbcSidType *pname_type);
/**********************************************************
**********************************************************/
/**
* @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
*
* @param *sid Pointer to the domain SID to be resolved
* @param *puid Pointer to the resolved uid_t value
*
* @return #wbcErr
*
**/
/**
* @brief Convert a Windows SID to a Unix uid if there already is a mapping
*
* @param *sid Pointer to the domain SID to be resolved
* @param *puid Pointer to the resolved uid_t value
*
* @return #wbcErr
*
**/
/**
* @brief Convert a Unix uid to a Windows SID, allocating a SID if needed
*
* @param uid Unix uid to be resolved
* @param *sid Pointer to the resolved domain SID
*
* @return #wbcErr
*
**/
struct wbcDomainSid *sid);
/**
* @brief Convert a Unix uid to a Windows SID if there already is a mapping
*
* @param uid Unix uid to be resolved
* @param *sid Pointer to the resolved domain SID
*
* @return #wbcErr
*
**/
struct wbcDomainSid *sid);
/**
* @brief Convert a Windows SID to a Unix gid, allocating a gid if needed
*
* @param *sid Pointer to the domain SID to be resolved
* @param *pgid Pointer to the resolved gid_t value
*
* @return #wbcErr
*
**/
/**
* @brief Convert a Windows SID to a Unix gid if there already is a mapping
*
* @param *sid Pointer to the domain SID to be resolved
* @param *pgid Pointer to the resolved gid_t value
*
* @return #wbcErr
*
**/
/**
* @brief Convert a Unix gid to a Windows SID, allocating a SID if needed
*
* @param gid Unix gid to be resolved
* @param *sid Pointer to the resolved domain SID
*
* @return #wbcErr
*
**/
struct wbcDomainSid *sid);
/**
* @brief Convert a Unix gid to a Windows SID if there already is a mapping
*
* @param gid Unix gid to be resolved
* @param *sid Pointer to the resolved domain SID
*
* @return #wbcErr
*
**/
struct wbcDomainSid *sid);
enum wbcIdType {
};
union wbcUnixIdContainer {
};
struct wbcUnixId {
union wbcUnixIdContainer id;
};
/**
* @brief Convert a list of sids to unix ids
*
* @param sids Pointer to an array of SIDs to convert
* @param num_sids Number of SIDs
* @param ids Preallocated output array for translated IDs
*
* @return #wbcErr
*
**/
/**
* @brief Obtain a new uid from Winbind
*
* @param *puid *pointer to the allocated uid
*
* @return #wbcErr
**/
/**
* @brief Obtain a new gid from Winbind
*
* @param *pgid Pointer to the allocated gid
*
* @return #wbcErr
**/
/**
* @brief Set an user id mapping
*
* @param uid Uid of the desired mapping.
* @param *sid Pointer to the sid of the desired mapping.
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**
* @brief Set a group id mapping
*
* @param gid Gid of the desired mapping.
* @param *sid Pointer to the sid of the desired mapping.
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**
* @brief Remove a user id mapping
*
* @param uid Uid of the mapping to remove.
* @param *sid Pointer to the sid of the mapping to remove.
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**
* @brief Remove a group id mapping
*
* @param gid Gid of the mapping to remove.
* @param *sid Pointer to the sid of the mapping to remove.
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**
* @brief Set the highwater mark for allocated uids.
*
* @param uid_hwm The new uid highwater mark value
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**
* @brief Set the highwater mark for allocated gids.
*
* @param gid_hwm The new gid highwater mark value
*
* @return #wbcErr
*
* @deprecated This method is not impemented any more and should
* be removed in the next major version change.
**/
/**********************************************************
**********************************************************/
/**
* @brief Fill in a struct passwd* for a domain user based
* on username
*
* @param *name Username to lookup
* @param **pwd Pointer to resulting struct passwd* from the query.
*
* @return #wbcErr
**/
/**
* @brief Fill in a struct passwd* for a domain user based
* on uid
*
* @param uid Uid to lookup
* @param **pwd Pointer to resulting struct passwd* from the query.
*
* @return #wbcErr
**/
/**
* @brief Fill in a struct passwd* for a domain user based
* on sid
*
* @param sid Sid to lookup
* @param **pwd Pointer to resulting struct passwd* from the query.
*
* @return #wbcErr
**/
/**
* @brief Fill in a struct passwd* for a domain user based
* on username
*
* @param *name Username to lookup
* @param **grp Pointer to resulting struct group* from the query.
*
* @return #wbcErr
**/
/**
* @brief Fill in a struct passwd* for a domain user based
* on uid
*
* @param gid Uid to lookup
* @param **grp Pointer to resulting struct group* from the query.
*
* @return #wbcErr
**/
/**
* @brief Reset the passwd iterator
*
* @return #wbcErr
**/
wbcErr wbcSetpwent(void);
/**
* @brief Close the passwd iterator
*
* @return #wbcErr
**/
wbcErr wbcEndpwent(void);
/**
* @brief Return the next struct passwd* entry from the pwent iterator
*
* @param **pwd Pointer to resulting struct passwd* from the query.
*
* @return #wbcErr
**/
/**
* @brief Reset the group iterator
*
* @return #wbcErr
**/
wbcErr wbcSetgrent(void);
/**
* @brief Close the group iterator
*
* @return #wbcErr
**/
wbcErr wbcEndgrent(void);
/**
* @brief Return the next struct group* entry from the pwent iterator
*
* @param **grp Pointer to resulting struct group* from the query.
*
* @return #wbcErr
**/
/**
* @brief Return the next struct group* entry from the pwent iterator
*
* This is similar to #wbcGetgrent, just that the member list is empty
*
* @param **grp Pointer to resulting struct group* from the query.
*
* @return #wbcErr
**/
/**
* @brief Return the unix group array belonging to the given user
*
* @param *account The given user name
* @param *num_groups Number of elements returned in the groups array
* @param **_groups Pointer to resulting gid_t array.
*
* @return #wbcErr
**/
/**********************************************************
* Lookup Domain information
**********************************************************/
/**
* @brief Lookup the current status of a trusted domain
*
* @param domain The domain to query
*
* @param dinfo A pointer to store the returned domain_info struct.
*
* @return #wbcErr
**/
struct wbcDomainInfo **dinfo);
/**
* @brief Lookup the currently contacted DCs
*
* @param domain The domain to query
*
* @param num_dcs Number of DCs currently known
* @param dc_names Names of the currently known DCs
* @param dc_ips IP addresses of the currently known DCs
*
* @return #wbcErr
**/
/**
* @brief Enumerate the domain trusts known by Winbind
*
* @param **domains Pointer to the allocated domain list array
* @param *num_domains Pointer to number of domains returned
*
* @return #wbcErr
**/
/* Flags for wbcLookupDomainController */
#define WBC_LOOKUP_DC_FORCE_REDISCOVERY 0x00000001
#define WBC_LOOKUP_DC_DS_REQUIRED 0x00000010
#define WBC_LOOKUP_DC_DS_PREFERRED 0x00000020
#define WBC_LOOKUP_DC_GC_SERVER_REQUIRED 0x00000040
#define WBC_LOOKUP_DC_PDC_REQUIRED 0x00000080
#define WBC_LOOKUP_DC_BACKGROUND_ONLY 0x00000100
#define WBC_LOOKUP_DC_IP_REQUIRED 0x00000200
#define WBC_LOOKUP_DC_KDC_REQUIRED 0x00000400
#define WBC_LOOKUP_DC_TIMESERV_REQUIRED 0x00000800
#define WBC_LOOKUP_DC_WRITABLE_REQUIRED 0x00001000
#define WBC_LOOKUP_DC_GOOD_TIMESERV_PREFERRED 0x00002000
#define WBC_LOOKUP_DC_AVOID_SELF 0x00004000
#define WBC_LOOKUP_DC_ONLY_LDAP_NEEDED 0x00008000
#define WBC_LOOKUP_DC_IS_FLAT_NAME 0x00010000
#define WBC_LOOKUP_DC_IS_DNS_NAME 0x00020000
#define WBC_LOOKUP_DC_TRY_NEXTCLOSEST_SITE 0x00040000
#define WBC_LOOKUP_DC_DS_6_REQUIRED 0x00080000
#define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000
#define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000
/**
* @brief Enumerate the domain trusts known by Winbind
*
* @param domain Name of the domain to query for a DC
* @param flags Bit flags used to control the domain location query
* @param *dc_info Pointer to the returned domain controller information
*
* @return #wbcErr
**/
struct wbcDomainControllerInfo **dc_info);
/**
* @brief Get extended domain controller information
*
* @param domain Name of the domain to query for a DC
* @param guid Guid of the domain to query for a DC
* @param site Site of the domain to query for a DC
* @param flags Bit flags used to control the domain location query
* @param *dc_info Pointer to the returned extended domain controller information
*
* @return #wbcErr
**/
const char *site,
struct wbcDomainControllerInfoEx **dc_info);
/**********************************************************
* Athenticate functions
**********************************************************/
/**
*
* @param username Name of user to authenticate
* @param password Clear text password os user
*
* @return #wbcErr
**/
const char *password);
/**
* @brief Authenticate with more detailed information
*
* @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH
* is not supported yet
* @param info Output details on WBC_ERR_SUCCESS
* @param error Output details on WBC_ERR_AUTH_ERROR
*
* @return #wbcErr
**/
struct wbcAuthUserInfo **info,
struct wbcAuthErrorInfo **error);
/**
* @brief Logon a User
*
* @param[in] params Pointer to a wbcLogonUserParams structure
* @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure
* @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure
* @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure
*
* @return #wbcErr
**/
struct wbcLogonUserInfo **info,
struct wbcAuthErrorInfo **error,
struct wbcUserPasswordPolicyInfo **policy);
/**
* @brief Trigger a logoff notification to Winbind for a specific user
*
* @param username Name of user to remove from Winbind's list of
* logged on users.
* @param uid Uid assigned to the username
* @param ccfilename Absolute path to the Krb5 credentials cache to
* be removed
*
* @return #wbcErr
**/
const char *ccfilename);
/**
* @brief Trigger an extended logoff notification to Winbind for a specific user
*
* @param params A wbcLogoffUserParams structure
* @param error User output details on error
*
* @return #wbcErr
**/
struct wbcAuthErrorInfo **error);
/**
* @brief Change a password for a user
*
* @param username Name of user to authenticate
* @param old_password Old clear text password of user
* @param new_password New clear text password of user
*
* @return #wbcErr
**/
const char *old_password,
const char *new_password);
/**
* @brief Change a password for a user with more detailed information upon
* failure
*
* @param params Input parameters
* @param error User output details on WBC_ERR_PWD_CHANGE_FAILED
* @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED
* @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED
*
* @return #wbcErr
**/
struct wbcAuthErrorInfo **error,
struct wbcUserPasswordPolicyInfo **policy);
/**
* @brief Authenticate a user with cached credentials
*
* @param *params Pointer to a wbcCredentialCacheParams structure
* @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure
* @param **error Pointer to a pointer to a wbcAuthErrorInfo structure
*
* @return #wbcErr
**/
struct wbcCredentialCacheInfo **info,
struct wbcAuthErrorInfo **error);
/**
* @brief Save a password with winbind for doing wbcCredentialCache() later
*
* @param *user Username
* @param *password Password
*
* @return #wbcErr
**/
/**********************************************************
* Resolve functions
**********************************************************/
/**
* @brief Resolve a NetbiosName via WINS
*
* @param name Name to resolve
* @param *ip Pointer to the ip address string
*
* @return #wbcErr
**/
/**
* @brief Resolve an IP address via WINS into a NetbiosName
*
* @param ip The ip address string
* @param *name Pointer to the name
*
* @return #wbcErr
*
**/
/**********************************************************
* Trusted domain functions
**********************************************************/
/**
* @brief Trigger a verification of the trust credentials of a specific domain
*
* @param *domain The name of the domain.
* @param error Output details on WBC_ERR_AUTH_ERROR
*
* @return #wbcErr
**/
struct wbcAuthErrorInfo **error);
/**
* @brief Trigger a change of the trust credentials for a specific domain
*
* @param *domain The name of the domain.
* @param error Output details on WBC_ERR_AUTH_ERROR
*
* @return #wbcErr
**/
struct wbcAuthErrorInfo **error);
/**
* @brief Trigger a no-op call through the NETLOGON pipe. Low-cost
* version of wbcCheckTrustCredentials
*
* @param *domain The name of the domain, only NULL for the default domain is
* supported yet. Other values than NULL will result in
* WBC_ERR_NOT_IMPLEMENTED.
* @param error Output details on WBC_ERR_AUTH_ERROR
*
* @return #wbcErr
**/
/**
* @brief Trigger a no-op call through the NETLOGON pipe. Low-cost
* version of wbcCheckTrustCredentials
*
* @param *domain The name of the domain, only NULL for the default domain is
* supported yet. Other values than NULL will result in
* WBC_ERR_NOT_IMPLEMENTED.
* @param error Output details on WBC_ERR_AUTH_ERROR
* @param dcname DC that was attempted to ping
*
* @return #wbcErr
**/
char **dcname);
/**********************************************************
* Helper functions
**********************************************************/
/**
* @brief Initialize a named blob and add to list of blobs
*
* @param[in,out] num_blobs Pointer to the number of blobs
* @param[in,out] blobs Pointer to an array of blobs
* @param[in] name Name of the new named blob
* @param[in] flags Flags of the new named blob
* @param[in] data Blob data of new blob
* @param[in] length Blob data length of new blob
*
* @return #wbcErr
**/
struct wbcNamedBlob **blobs,
const char *name,
#endif /* _WBCLIENT_H */