]> andersk Git - moira.git/blobdiff - incremental/ldap/winad.c
andersk / moira.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Do something sensible with MACHINE members of lists.
[moira.git] / incremental / ldap / winad.c
diff --git a/incremental/ldap/winad.c b/incremental/ldap/winad.c
index 76877cdc995117ddf9e7da5ae9c89cd14becb84b..b7cd2770fc5c917ec24947f68066b8f0e7b262b4 100755 (executable)
--- a/incremental/ldap/winad.c
+++ b/incremental/ldap/winad.c
@@ -291,6 +291,7 @@ typedef struct _SID {
 #define MOIRA_KERBEROS  0x2
 #define MOIRA_STRINGS   0x4
 #define MOIRA_LISTS     0x8
+#define MOIRA_MACHINE   0x16
 
 #define CHECK_GROUPS    1
 #define CLEANUP_GROUPS  2
@@ -378,6 +379,7 @@ CN=Microsoft Exchange,CN=Services,CN=Configuration,"
 #define ACTIVE_DIRECTORY "ACTIVE_DIRECTORY:"
 #define PORT "PORT:"
 #define PROCESS_MACHINE_CONTAINER "PROCESS_MACHINE_CONTAINER:"
+#define GROUP_POPULATE_MEMBERS "GROUP_POPULATE_MEMBERS:"
 #define MAX_DOMAINS 10
 char DomainNames[MAX_DOMAINS][128];
 
@@ -416,6 +418,8 @@ int  Exchange = 0;
 int  ProcessMachineContainer = 1;
 int  ActiveDirectory = 1;
 int  UpdateDomainList;
+int  fsgCount;
+int  GroupPopulateDelete = 0;
 
 extern int set_password(char *user, char *password, char *domain);
 
@@ -486,6 +490,7 @@ int ReadDomainList();
 void StringTrim(char *StringToTrim);
 char *escape_string(char *s);
 int save_query_info(int argc, char **argv, void *hint);
+int save_fsgroup_info(int argc, char **argv, void *hint);
 int user_create(int ac, char **av, void *ptr);
 int user_change_status(LDAP *ldap_handle, char *dn_path, 
                        char *user_name, char *MoiraId, int operation);
@@ -1395,9 +1400,16 @@ void do_member(LDAP *ldap_handle, char *dn_path, char *ldap_hostname,
       com_err(whoami, 0, "removing user %s from list %s", user_name, 
              group_name);
       pUserOu = user_ou;
-
       if (!strcasecmp(ptr[LM_TYPE], "MACHINE"))
         {
+         if (!ProcessMachineContainer)
+           {
+             com_err(whoami, 0, "Process machines and containers disabled, "
+                     "skipping");
+             return;
+           }
+
           memset(machine_ou, '\0', sizeof(machine_ou));
          memset(NewMachineName, '\0', sizeof(NewMachineName));
           if (get_machine_ou(ldap_handle, dn_path, ptr[LM_MEMBER], 
@@ -3461,6 +3473,11 @@ int member_list_build(int ac, char **av, void *ptr)
         return(0);
 
     }
+  else if (!strcmp(av[ACE_TYPE], "MACHINE"))
+    {
+      if (!((int)call_args[3] & MOIRA_MACHINE))
+       return(0);
+    }
   else
     return(0);
 
@@ -6007,14 +6024,18 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
   int       n = 0;
   char      group_dn[512];
   LDAPMod   *mods[20];
+  char      *member_v[] = {NULL, NULL};
   char      *save_argv[U_END];
+  char      machine_ou[256];
+  char      NewMachineName[1024];
 
   com_err(whoami, 0, "Populating group %s", group_name);
   av[0] = group_name;
   call_args[0] = (char *)ldap_handle;
   call_args[1] = dn_path;
   call_args[2] = group_name;
-  call_args[3] = (char *)(MOIRA_USERS | MOIRA_KERBEROS | MOIRA_STRINGS);
+  call_args[3] = (char *)(MOIRA_USERS | MOIRA_KERBEROS | MOIRA_STRINGS | 
+                         MOIRA_MACHINE);
   call_args[4] = NULL;
   member_base = NULL;
 
@@ -6027,7 +6048,7 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
     }
 
   members = (char **)malloc(sizeof(char *) * 2);
-  
+
   if (member_base != NULL)
     {
       ptr = member_base;
@@ -6040,8 +6061,21 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
               continue;
             }
          
-         if(!strcasecmp(ptr->type, "USER")) 
+         if (!strcasecmp(ptr->type, "MACHINE") && !ProcessMachineContainer)
+           {
+             ptr = ptr->next;
+             continue;
+           }
+           
+         if(!strcasecmp(ptr->type, "USER"))
            {
+             if(!strcasecmp(ptr->member, PRODUCTION_PRINCIPAL) ||
+                !strcasecmp(ptr->member, TEST_PRINCIPAL))
+               {
+                 ptr = ptr->next;
+                 continue;
+               }
+
              if ((rc = check_user(ldap_handle, dn_path, ptr->member,
                                   "")) == AD_NO_USER_FOUND)
                {
@@ -6117,6 +6151,24 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
              sprintf(member, "cn=%s,%s,%s", escape_string(ptr->member), 
                      pUserOu, dn_path);
             }
+         else if (!strcasecmp(ptr->type, "MACHINE"))
+           {
+             memset(machine_ou, '\0', sizeof(machine_ou));
+             memset(NewMachineName, '\0', sizeof(NewMachineName));
+
+             if (!get_machine_ou(ldap_handle, dn_path, ptr->member,
+                                machine_ou, NewMachineName))
+               {
+                 pUserOu = machine_ou;
+                 sprintf(member, "cn=%s,%s,%s", NewMachineName, pUserOu,
+                         dn_path);
+               }
+             else
+               {
+                 ptr = ptr->next;                  
+                 continue;
+               }
+           }
 
          if(i > 1) 
            members = (char **)realloc(members, ((i + 2) * sizeof(char *)));
@@ -6130,13 +6182,31 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
     }
 
   members[i] = NULL;
+
+  sprintf(group_dn, "cn=%s,%s,%s", group_name, group_ou, dn_path);
+
+  if(GroupPopulateDelete)
+    {
+      n = 0;
+      ADD_ATTR("member", member_v, LDAP_MOD_REPLACE);
+      mods[n] = NULL;
+      
+      if ((rc = ldap_modify_s(ldap_handle, group_dn, 
+                             mods)) != LDAP_SUCCESS)
+       {
+         com_err(whoami, 0,
+                 "Unable to populate group membership for %s: %s",
+                 group_dn, ldap_err2string(rc));
+       }
   
+      for (i = 0; i < n; i++)
+       free(mods[i]);
+    }
+
   n = 0;
   ADD_ATTR("member", members, LDAP_MOD_REPLACE);
   mods[n] = NULL;
-  
-  sprintf(group_dn, "cn=%s,%s,%s", group_name, group_ou, dn_path);
-  
+
   if ((rc = ldap_modify_s(ldap_handle, group_dn, 
                          mods)) != LDAP_SUCCESS)
     {
@@ -6147,7 +6217,7 @@ int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
   
   for (i = 0; i < n; i++)
     free(mods[i]);
-  
+    
   free(members);
 
   return(0);
@@ -6601,8 +6671,10 @@ int check_user(LDAP *ldap_handle, char *dn_path, char *UserName, char *MoiraId)
 
   if (strcmp(SamAccountName, UserName))
     {
-      rc = user_rename(ldap_handle, dn_path, SamAccountName, 
-                       UserName);
+      com_err(whoami, 0, 
+             "User object %s with MoiraId %s has mismatched usernames " 
+             "(LDAP username %s, Moira username %s)", SamAccountName,
+             MoiraId, SamAccountName, UserName);
     }
 
   return(0);
@@ -7391,9 +7463,6 @@ int get_machine_ou(LDAP *ldap_handle, char *dn_path, char *member,
 
   if (group_count != 1)
     {
-      com_err(whoami, 0, 
-             "Unable to process machine %s : machine not found in AD",
-              NewMachineName);
       return(1);
     }
 
@@ -8007,7 +8076,6 @@ int SetHomeDirectory(LDAP *ldap_handle, char *user_name,
                      char **drives_v, LDAPMod **mods, 
                      int OpType, int n)
 {
-  char **hp;
   char cWeight[3];
   char cPath[1024];
   char path[1024];
@@ -8021,129 +8089,140 @@ int SetHomeDirectory(LDAP *ldap_handle, char *user_name,
   int  i;
   int  rc;
   LDAPMod *DelMods[20];
-  
+  char *argv[3];
+  char *save_argv[FS_END];
+  char *fsgroup_save_argv[2];
+
   memset(homeDrive, '\0', sizeof(homeDrive));
   memset(path, '\0', sizeof(path));
   memset(winPath, '\0', sizeof(winPath));
   memset(winProfile, '\0', sizeof(winProfile));
-  hp = NULL;
 
   if(!ActiveDirectory) 
     {
-      if ((hp = hes_resolve(user_name, "filsys")) != NULL)
-        {
-         memset(cWeight, 0, sizeof(cWeight));
-         memset(cPath, 0, sizeof(cPath));
-         last_weight = 1000;
-         i = 0;
-         
-         while (hp[i] != NULL)
-            {
-             if (sscanf(hp[i], "%*s %s", cPath))
-                {
-                 if (strnicmp(cPath, AFS, strlen(AFS)) == 0)
-                    {
-                     if (sscanf(hp[i], "%*s %*s %*s %*s %s", cWeight))
-                        {
-                         if (atoi(cWeight) < last_weight)
-                            {
-                             strcpy(path, cPath);
-                             last_weight = (int)atoi(cWeight);
-                            }
-                        }
-                     else 
-                       strcpy(path, cPath);
-                    }
-                }
-              ++i;
-            }
-         
-         if (strlen(path))
-            {
-             if (!strnicmp(path, AFS, strlen(AFS)))
-                {
-                 sprintf(homedir, "%s", path);
-                 sprintf(apple_homedir, "%s/MacData", path);
-                 homedir_v[0] = homedir;
-                 apple_homedir_v[0] = apple_homedir;
-                 ADD_ATTR("homeDirectory", homedir_v, OpType);
-                 ADD_ATTR("apple-user-homeDirectory", apple_homedir_v, 
-                          OpType);
-                }
-           }
-         else
+      if (rc = moira_connect())
+       {
+          critical_alert("AD incremental",
+                        "Error contacting Moira server : %s",
+                        error_message(rc));
+         return;
+       }
+      
+      argv[0] = user_name;
+
+      if (!(rc = mr_query("get_filesys_by_label", 1, argv, save_query_info, 
+                         save_argv)))
+       {
+         if(!strcmp(save_argv[FS_TYPE], "FSGROUP") ||
+            !strcmp(save_argv[FS_TYPE], "MUL"))
            {
-             if(user_name[0] && user_name[1]) 
+       
+             argv[0] = save_argv[FS_NAME];
+             fsgCount = 0;
+             
+             if (!(rc = mr_query("get_fsgroup_members", 1, argv, 
+                                 save_fsgroup_info, fsgroup_save_argv)))
                {
-                 sprintf(homedir, "/afs/athena.mit.edu/user/%c/%c/%s", 
-                         user_name[0], user_name[1], user_name);
-                 sprintf(apple_homedir, "%s/MacData", homedir);
-                 homedir_v[0] = "NONE";
-                 apple_homedir_v[0] = "NONE";
-                 ADD_ATTR("homeDirectory", homedir_v, OpType);
-                 ADD_ATTR("apple-user-homeDirectory", apple_homedir_v, 
-                          OpType);
+                 if(fsgCount)
+                   {
+                     argv[0] = fsgroup_save_argv[0];
+                     
+                     if (!(rc = mr_query("get_filesys_by_label", 1, argv, 
+                                         save_query_info, save_argv)))
+                       {
+                         strcpy(path, save_argv[FS_PACK]);
+                       }
+                   }
                }
            }
+         else
+           {
+             strcpy(path, save_argv[FS_PACK]);
+           }
        }
-      else
+      
+      moira_disconnect();
+
+      if (strlen(path))
        {
-         if(user_name[0] && user_name[1]) 
+         if (!strnicmp(path, AFS, strlen(AFS)))
            {
-             sprintf(homedir, "/afs/athena.mit.edu/user/%c/%c/%s", 
-                     user_name[0], user_name[1], user_name);
-             sprintf(apple_homedir, "%s/MacData", homedir);
-             homedir_v[0] = "NONE";
-             apple_homedir_v[0] = "NONE";
+             sprintf(homedir, "%s", path);
+             sprintf(apple_homedir, "%s/MacData", path);
+             homedir_v[0] = homedir;
+             apple_homedir_v[0] = apple_homedir;
              ADD_ATTR("homeDirectory", homedir_v, OpType);
              ADD_ATTR("apple-user-homeDirectory", apple_homedir_v, 
                       OpType);
            }
        }
+      else
+       {
+         homedir_v[0] = "NONE";
+         apple_homedir_v[0] = "NONE";
+         ADD_ATTR("homeDirectory", homedir_v, OpType);
+         ADD_ATTR("apple-user-homeDirectory", apple_homedir_v, 
+                  OpType);
+       }
+
       return(n);
     }
-      
   if ((!strcasecmp(WinHomeDir, "[afs]")) || 
       (!strcasecmp(WinProfileDir, "[afs]")))
     {
-      if ((hp = hes_resolve(user_name, "filsys")) != NULL)
-        {
-         memset(cWeight, 0, sizeof(cWeight));
-         memset(cPath, 0, sizeof(cPath));
-         last_weight = 1000;
-         i = 0;
+      if (rc = moira_connect())
+       {
+          critical_alert("AD incremental",
+                        "Error contacting Moira server : %s",
+                        error_message(rc));
+         return;
+       }
+      
+      argv[0] = user_name;
 
-         while (hp[i] != NULL)
-            {
-             if (sscanf(hp[i], "%*s %s", cPath))
-                {
-                 if (strnicmp(cPath, AFS, strlen(AFS)) == 0)
-                    {
-                     if (sscanf(hp[i], "%*s %*s %*s %*s %s", cWeight))
-                        {
-                         if (atoi(cWeight) < last_weight)
-                            {
-                             strcpy(path, cPath);
-                             last_weight = (int)atoi(cWeight);
-                            }
-                        }
-                     else 
-                       strcpy(path, cPath);
-                    }
-                }
-              ++i;
-            }
+      if (!(rc = mr_query("get_filesys_by_label", 1, argv, save_query_info, 
+                         save_argv)))
+       {
+         if(!strcmp(save_argv[FS_TYPE], "FSGROUP") ||
+            !strcmp(save_argv[FS_TYPE], "MUL"))
+           {
+       
+             argv[0] = save_argv[FS_NAME];
+             fsgCount = 0;
+             
+             if (!(rc = mr_query("get_fsgroup_members", 1, argv, 
+                                 save_fsgroup_info, fsgroup_save_argv)))
+               {
+                 if(fsgCount)
+                   {
+                     argv[0] = fsgroup_save_argv[0];
+                     
+                     if (!(rc = mr_query("get_filesys_by_label", 1, argv, 
+                                         save_query_info, save_argv)))
+                       {
+                         strcpy(path, save_argv[FS_PACK]);
+                       }
+                   }
+               }
+           }
+         else
+           {
+             strcpy(path, save_argv[FS_PACK]);
+           }
+       }
+     
+      moira_disconnect();
 
-         if (strlen(path))
-            {
-             if (!strnicmp(path, AFS, strlen(AFS)))
-                {
-                 AfsToWinAfs(path, winPath);
-                 strcpy(winProfile, winPath);
-                 strcat(winProfile, "\\.winprofile");
-                }
-            }
-        }
+      if (strlen(path))
+       {
+         if (!strnicmp(path, AFS, strlen(AFS)))
+           {
+             AfsToWinAfs(path, winPath);
+             strcpy(winProfile, winPath);
+             strcat(winProfile, "\\.winprofile");
+           }
+       }
       else
        return(n);
     }
@@ -8164,16 +8243,6 @@ int SetHomeDirectory(LDAP *ldap_handle, char *user_name,
        strcpy(winPath, path);
     }
     
-    if (hp != NULL)
-      {
-        i = 0;
-        while (hp[i])
-         {
-            free(hp[i]);
-            i++;
-         }
-      }
-    
     if (!strcasecmp(WinHomeDir, "[local]"))
       memset(winPath, '\0', sizeof(winPath));
     else if (!strcasecmp(WinHomeDir, "[afs]") || 
@@ -8519,6 +8588,19 @@ int ReadConfigFile(char *DomainName)
                      ActiveDirectory = 0;
                  }
              }
+           else if (!strncmp(temp, GROUP_POPULATE_MEMBERS, 
+                             strlen(GROUP_POPULATE_MEMBERS)))
+             {
+               if (strlen(temp) > (strlen(GROUP_POPULATE_MEMBERS)))
+                 {
+                   strcpy(temp1, &temp[strlen(GROUP_POPULATE_MEMBERS)]);
+                   StringTrim(temp1);
+                   if (!strcasecmp(temp1, "DELETE")) 
+                     {
+                       GroupPopulateDelete = 1;
+                     }
+                 }
+             }
             else
              {
                 if (strlen(ldap_domain) != 0)
@@ -8920,3 +9002,19 @@ int save_query_info(int argc, char **argv, void *hint)
 
   return MR_CONT;
 }
+
+int save_fsgroup_info(int argc, char **argv, void *hint)
+{
+  int i;
+  char **nargv = hint;
+
+  if(!fsgCount) 
+    {
+      for(i = 0; i < argc; i++)
+       nargv[i] = strdup(argv[i]);
+
+      fsgCount++;
+    }
+
+  return MR_CONT;
+}
Moira, the Athena Service Management system
This page took 0.406128 seconds and 4 git commands to generate.