mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-11 08:41:55 -06:00
Common include file for SLAPI plugin logging
Consolidate the common logging macros into common/util.h and use them in SLAPI plugins instead of calling slapi_log_error() directly. https://fedorahosted.org/freeipa/ticket/408 Signed-off-by: Simo Sorce <ssorce@redhat.com>
This commit is contained in:
parent
b9f539ba19
commit
5da451876e
39
daemons/ipa-slapi-plugins/common/util.h
Normal file
39
daemons/ipa-slapi-plugins/common/util.h
Normal file
@ -0,0 +1,39 @@
|
||||
#ifndef _SLAPI_PLUGINS_UTIL_H
|
||||
#define _SLAPI_PLUGINS_UTIL_H
|
||||
|
||||
#define EOK 0
|
||||
#define EFAIL -1
|
||||
|
||||
#ifndef discard_const
|
||||
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
|
||||
#endif
|
||||
|
||||
#define log_func discard_const(__func__)
|
||||
|
||||
#define LOG_PLUGIN_NAME(NAME, fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, \
|
||||
NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG(fmt, ...) \
|
||||
LOG_PLUGIN_NAME(IPA_PLUGIN_NAME, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_CONFIG_NAME(NAME, fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_CONFIG, \
|
||||
NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_CONFIG(fmt, ...) \
|
||||
LOG_CONFIG_NAME(IPA_PLUGIN_NAME, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_FATAL(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_FATAL, log_func, \
|
||||
"[file %s, line %d]: " fmt, \
|
||||
__FILE__, __LINE__, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_TRACE(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_TRACE, log_func, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_OOM() LOG_FATAL("Out of Memory!\n")
|
||||
|
||||
#endif /* _SLAPI_PLUGINS_UTIL_H */
|
@ -1,8 +1,11 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
-DLIBDIR=\""$(libdir)"\" \
|
||||
|
@ -49,11 +49,15 @@
|
||||
#include <dirsrv/slapi-plugin.h>
|
||||
#include <krb5.h>
|
||||
|
||||
#include "util.h"
|
||||
|
||||
#define IPA_PLUGIN_NAME "ipa-enrollment"
|
||||
|
||||
/* OID of the extended operation handled by this plug-in */
|
||||
#define JOIN_OID "2.16.840.1.113730.3.8.3.53"
|
||||
|
||||
Slapi_PluginDesc pdesc = {
|
||||
"ipa-enrollment",
|
||||
IPA_PLUGIN_NAME,
|
||||
"IPA Project",
|
||||
"IPA/2.0",
|
||||
"IPA Enrollment Extended Operation plugin"
|
||||
@ -80,21 +84,19 @@ ipaenrollement_secure(Slapi_PBlock *pb, char **errMesg)
|
||||
int sasl_ssf, is_ssl;
|
||||
int rc = LDAP_SUCCESS;
|
||||
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_enrollment", "=> ipaenrollment_secure\n");
|
||||
LOG_TRACE("=> ipaenrollment_secure\n");
|
||||
|
||||
/* Allow enrollment only for SSL/TLS established connections and
|
||||
* connections using SASL privacy layers */
|
||||
if (slapi_pblock_get(pb, SLAPI_CONN_SASL_SSF, &sasl_ssf) != 0) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop",
|
||||
"Could not get SASL SSF from connection\n");
|
||||
LOG_TRACE("Could not get SASL SSF from connection\n");
|
||||
*errMesg = "Operation requires a secure connection.\n";
|
||||
rc = LDAP_OPERATIONS_ERROR;
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (slapi_pblock_get(pb, SLAPI_CONN_IS_SSL_SESSION, &is_ssl) != 0) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop",
|
||||
"Could not get IS SSL from connection\n");
|
||||
LOG_TRACE("Could not get IS SSL from connection\n");
|
||||
*errMesg = "Operation requires a secure connection.\n";
|
||||
rc = LDAP_OPERATIONS_ERROR;
|
||||
goto done;
|
||||
@ -107,7 +109,7 @@ ipaenrollement_secure(Slapi_PBlock *pb, char **errMesg)
|
||||
}
|
||||
|
||||
done:
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_enrollment", "<= ipaenrollment_secure\n");
|
||||
LOG_TRACE("<= ipaenrollment_secure\n");
|
||||
return rc;
|
||||
|
||||
}
|
||||
@ -175,9 +177,7 @@ ipa_join(Slapi_PBlock *pb)
|
||||
ret = slapi_search_internal_pb(pbte);
|
||||
slapi_pblock_get(pbte, SLAPI_PLUGIN_INTOP_RESULT, &res);
|
||||
if (ret == -1 || res != LDAP_SUCCESS) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"Search for host failed, err (%d)\n",
|
||||
res?res:ret);
|
||||
LOG_TRACE("Search for host failed, err (%d)\n", res?res:ret);
|
||||
errMesg = "Host not found.\n";
|
||||
rc = LDAP_NO_SUCH_OBJECT;
|
||||
goto free_and_return;
|
||||
@ -186,7 +186,7 @@ ipa_join(Slapi_PBlock *pb)
|
||||
/* get entries */
|
||||
slapi_pblock_get(pbte, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &es);
|
||||
if (!es) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop", "No entries ?!");
|
||||
LOG_TRACE("No entries ?!");
|
||||
errMesg = "Host not found.\n";
|
||||
rc = LDAP_NO_SUCH_OBJECT;
|
||||
goto free_and_return;
|
||||
@ -197,8 +197,7 @@ ipa_join(Slapi_PBlock *pb)
|
||||
|
||||
/* if there is none or more than one, freak out */
|
||||
if (i != 1) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"Too many entries, or entry no found (%d)", i);
|
||||
LOG_TRACE("Too many entries, or entry no found (%d)", i);
|
||||
errMesg = "Host not found.\n";
|
||||
rc = LDAP_NO_SUCH_OBJECT;
|
||||
goto free_and_return;
|
||||
@ -208,8 +207,7 @@ ipa_join(Slapi_PBlock *pb)
|
||||
/* Is this host already enrolled? */
|
||||
krbLastPwdChange = slapi_entry_attr_get_charptr(targetEntry, "krbLastPwdChange");
|
||||
if (NULL != krbLastPwdChange) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"Host already enrolled");
|
||||
LOG_TRACE("Host already enrolled");
|
||||
errMesg = "Host already enrolled.\n";
|
||||
rc = LDAP_OPERATIONS_ERROR;
|
||||
goto free_and_return;
|
||||
@ -266,19 +264,16 @@ ipa_join(Slapi_PBlock *pb)
|
||||
|
||||
rc = slapi_modify_internal_pb (pbtm);
|
||||
if (rc) {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"WARNING: modify error %d on entry '%s'\n",
|
||||
rc, slapi_entry_get_dn_const(targetEntry));
|
||||
LOG_TRACE("WARNING: modify error %d on entry '%s'\n",
|
||||
rc, slapi_entry_get_dn_const(targetEntry));
|
||||
} else {
|
||||
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
|
||||
|
||||
if (rc != LDAP_SUCCESS){
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"WARNING: modify error %d on entry '%s'\n",
|
||||
rc, slapi_entry_get_dn_const(targetEntry));
|
||||
LOG_TRACE("WARNING: modify error %d on entry '%s'\n",
|
||||
rc, slapi_entry_get_dn_const(targetEntry));
|
||||
} else {
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"<= apply mods: Successful\n");
|
||||
LOG_TRACE("<= apply mods: Successful\n");
|
||||
}
|
||||
}
|
||||
|
||||
@ -291,8 +286,7 @@ done:
|
||||
if (!ret) ret = slapi_pblock_set(pb, SLAPI_EXT_OP_RET_VALUE, &retbval);
|
||||
if (ret) {
|
||||
errMesg = "Could not set return values";
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipaenrollmenti_extop", "%s\n",
|
||||
errMesg);
|
||||
LOG("%s\n", errMesg);
|
||||
rc = SLAPI_PLUGIN_EXTENDED_SENT_RESULT;
|
||||
}
|
||||
|
||||
@ -309,7 +303,7 @@ free_and_return:
|
||||
|
||||
if (krbLastPwdChange) slapi_ch_free_string(&krbLastPwdChange);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipaenrollment_extop", errMesg ? errMesg : "success\n");
|
||||
LOG(errMesg ? errMesg : "success\n");
|
||||
slapi_send_ldap_result(pb, rc, NULL, errMesg, 0, NULL);
|
||||
|
||||
free(principal);
|
||||
@ -325,7 +319,7 @@ ipaenrollment_extop(Slapi_PBlock *pb)
|
||||
char *errMesg = NULL;
|
||||
int rc, ret;
|
||||
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipa_enrollment", "=> ipaenrollment_extop\n");
|
||||
LOG_TRACE("=> ipaenrollment_extop\n");
|
||||
|
||||
rc = ipaenrollement_secure(pb, &errMesg);
|
||||
if (rc) {
|
||||
@ -336,7 +330,7 @@ ipaenrollment_extop(Slapi_PBlock *pb)
|
||||
if (slapi_pblock_get(pb, SLAPI_EXT_OP_REQ_OID, &oid ) != 0) {
|
||||
errMesg = "Could not get OID and value from request.\n";
|
||||
rc = LDAP_OPERATIONS_ERROR;
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipa_pwd_extop", errMesg);
|
||||
LOG(errMesg);
|
||||
goto free_and_return;
|
||||
}
|
||||
|
||||
@ -349,7 +343,7 @@ ipaenrollment_extop(Slapi_PBlock *pb)
|
||||
rc = LDAP_OPERATIONS_ERROR;
|
||||
|
||||
free_and_return:
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipa_enrollment", errMesg);
|
||||
LOG(errMesg);
|
||||
slapi_send_ldap_result(pb, rc, NULL, errMesg, 0, NULL);
|
||||
|
||||
return SLAPI_PLUGIN_EXTENDED_SENT_RESULT;
|
||||
@ -369,35 +363,32 @@ ipaenrollment_start(Slapi_PBlock *pb)
|
||||
|
||||
krberr = krb5_init_context(&krbctx);
|
||||
if (krberr) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, "ipaenrollment_init",
|
||||
"krb5_init_context failed\n");
|
||||
LOG_FATAL("krb5_init_context failed\n");
|
||||
return LDAP_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
ret = krb5_get_default_realm(krbctx, &realm);
|
||||
if (ret) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, "ipaenrollment_init",
|
||||
"Failed to get default realm?!\n");
|
||||
LOG_FATAL("Failed to get default realm?!\n");
|
||||
ret = LDAP_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &config_dn) != 0) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, "ipaenrollment_start", "No config DN?\n");
|
||||
LOG_FATAL("No config DN?\n");
|
||||
ret = LDAP_OPERATIONS_ERROR;
|
||||
goto done;
|
||||
}
|
||||
sdn = slapi_sdn_new_dn_byref(config_dn);
|
||||
if ((rc = slapi_search_internal_get_entry(sdn, NULL, &config_entry,
|
||||
ipaenrollment_plugin_id)) != LDAP_SUCCESS ){
|
||||
slapi_log_error(SLAPI_LOG_TRACE, "ipaenrollment_extop",
|
||||
"ipaenrollment_start: No such entry-(%s), err (%d)\n",
|
||||
config_dn, rc);
|
||||
LOG_TRACE("ipaenrollment_start: No such entry-(%s), err (%d)\n",
|
||||
config_dn, rc);
|
||||
}
|
||||
slapi_sdn_free(&sdn);
|
||||
|
||||
partition_dn = slapi_entry_attr_get_charptr(config_entry, "nsslapd-realmtree");
|
||||
if (!partition_dn) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, "ipapwd_start", "Missing partition configuration entry (nsslapd-realmTree)!\n");
|
||||
LOG_FATAL("Missing partition configuration entry (nsslapd-realmTree)!\n");
|
||||
ret = LDAP_OPERATIONS_ERROR;
|
||||
goto done;
|
||||
}
|
||||
@ -405,7 +396,7 @@ ipaenrollment_start(Slapi_PBlock *pb)
|
||||
ipa_realm_dn = slapi_ch_smprintf("cn=computers,cn=accounts,%s", partition_dn);
|
||||
slapi_ch_free_string(&partition_dn);
|
||||
if (!ipa_realm_dn) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, "ipapwd_start", "Out of memory ?\n");
|
||||
LOG_FATAL("Out of memory ?\n");
|
||||
ret = LDAP_OPERATIONS_ERROR;
|
||||
goto done;
|
||||
}
|
||||
@ -430,13 +421,11 @@ ipaenrollment_init(Slapi_PBlock *pb)
|
||||
|
||||
ret = slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &ipaenrollment_plugin_id);
|
||||
if ((ret != 0) || (NULL == ipaenrollment_plugin_id)) {
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN,
|
||||
"ipaenrollment_init", "Could not get identity or identity was NULL\n");
|
||||
LOG("Could not get identity or identity was NULL\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipaenrollment_init",
|
||||
"Registering plug-in for extended op.\n");
|
||||
LOG("Registering plug-in for extended op.\n");
|
||||
|
||||
/* Register the plug-in function as an extended operation
|
||||
plug-in function. */
|
||||
@ -448,8 +437,7 @@ ipaenrollment_init(Slapi_PBlock *pb)
|
||||
if (!ret) slapi_pblock_set(pb, SLAPI_PLUGIN_EXT_OP_FN, (void *)ipaenrollment_extop);
|
||||
|
||||
if (ret) {
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, "ipaenrollment_init",
|
||||
"Failed to set plug-in version, function, and OID.\n");
|
||||
LOG("Failed to set plug-in version, function, and OID.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -1,8 +1,11 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-I/usr/include/dirsrv \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
|
@ -44,40 +44,13 @@
|
||||
#include "nspr.h"
|
||||
#include "prclist.h"
|
||||
|
||||
#define IPAMODRDN_PLUGIN_NAME "ipa-modrdn-plugin"
|
||||
#include "util.h"
|
||||
|
||||
#define IPA_PLUGIN_NAME "ipa-modrdn-plugin"
|
||||
#define IPAMODRDN_PLUGIN_VERSION 0x00010000
|
||||
|
||||
#define IPAMODRDN_DN "cn=IPA MODRDN,cn=plugins,cn=config" /* temporary */
|
||||
|
||||
#define EOK 0
|
||||
#define EFAIL -1
|
||||
|
||||
#ifndef discard_const
|
||||
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
|
||||
#endif
|
||||
|
||||
#define log_func discard_const(__func__)
|
||||
|
||||
#define LOG(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, \
|
||||
IPAMODRDN_PLUGIN_NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_CONFIG(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_CONFIG, \
|
||||
IPAMODRDN_PLUGIN_NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_FATAL(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_FATAL, log_func, \
|
||||
"[file %s, line %d]: " fmt, \
|
||||
__FILE__, __LINE__, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_TRACE(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_TRACE, log_func, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_OOM() LOG_FATAL("Out of Memory!\n")
|
||||
|
||||
/**
|
||||
* IPA MODRDN config types
|
||||
*/
|
||||
@ -701,7 +674,7 @@ ipamodrdn_change_attr(struct configEntry *cfgentry,
|
||||
mods[0] = &mod;
|
||||
mods[1] = 0;
|
||||
|
||||
LOG("Setting %s to %s in entry (%s)\n", cfgentry->tattr, targetdn);
|
||||
LOG("Setting %s to %s in entry (%s)\n", cfgentry->tattr, value, targetdn);
|
||||
|
||||
/* Perform the modify operation. */
|
||||
slapi_modify_internal_set_pb(mod_pb, targetdn, mods,
|
||||
@ -785,12 +758,12 @@ static int ipamodrdn_post_op(Slapi_PBlock *pb)
|
||||
}
|
||||
|
||||
if (slapi_entry_attr_find(e, cfgentry->sattr, &sattr) != 0) {
|
||||
LOG_TRACE("Source attr %s not found for %d\n",
|
||||
LOG_TRACE("Source attr %s not found for %s\n",
|
||||
cfgentry->sattr, dn);
|
||||
continue;
|
||||
}
|
||||
if (slapi_entry_attr_find(e, cfgentry->tattr, &tattr) != 0) {
|
||||
LOG_TRACE("Target attr %s not found for %d\n",
|
||||
LOG_TRACE("Target attr %s not found for %s\n",
|
||||
cfgentry->tattr, dn);
|
||||
} else {
|
||||
Slapi_Value *val;
|
||||
@ -805,7 +778,7 @@ static int ipamodrdn_post_op(Slapi_PBlock *pb)
|
||||
|
||||
ret = ipamodrdn_change_attr(cfgentry, dn, strval);
|
||||
if (ret != EOK) {
|
||||
LOG_FATAL("Failed to set target attr %s for %d\n",
|
||||
LOG_FATAL("Failed to set target attr %s for %s\n",
|
||||
cfgentry->tattr, dn);
|
||||
}
|
||||
}
|
||||
|
@ -1,8 +1,11 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
-DLIBDIR=\""$(libdir)"\" \
|
||||
|
@ -38,6 +38,7 @@
|
||||
* END COPYRIGHT BLOCK **/
|
||||
|
||||
#include "ipapwd.h"
|
||||
#include "util.h"
|
||||
|
||||
/*
|
||||
* Password Modify - LDAP Extended Operation.
|
||||
|
@ -64,26 +64,7 @@
|
||||
#define IPAPWD_FEATURE_DESC "IPA Password Manager"
|
||||
#define IPAPWD_PLUGIN_DESC "IPA Password Extended Operation plugin"
|
||||
|
||||
#ifndef discard_const
|
||||
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
|
||||
#endif
|
||||
|
||||
#define log_func discard_const(__func__)
|
||||
|
||||
#define LOG(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, \
|
||||
IPAPWD_PLUGIN_NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_FATAL(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_FATAL, log_func, \
|
||||
"[file %s, line %d]: " fmt, \
|
||||
__FILE__, __LINE__, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_TRACE(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_TRACE, log_func, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_OOM() LOG_FATAL("Out of Memory!\n")
|
||||
#define IPA_PLUGIN_NAME IPAPWD_PLUGIN_NAME
|
||||
|
||||
#define IPAPWD_CHECK_CONN_SECURE 0x00000001
|
||||
#define IPAPWD_CHECK_DN 0x00000002
|
||||
|
@ -38,6 +38,7 @@
|
||||
* END COPYRIGHT BLOCK **/
|
||||
|
||||
#include "ipapwd.h"
|
||||
#include "util.h"
|
||||
|
||||
/* Type of connection for this operation;*/
|
||||
#define LDAP_EXTOP_PASSMOD_CONN_SECURE
|
||||
|
@ -53,6 +53,7 @@
|
||||
#include <time.h>
|
||||
|
||||
#include "ipapwd.h"
|
||||
#include "util.h"
|
||||
|
||||
/* krbTicketFlags */
|
||||
#define KTF_DISALLOW_POSTDATED 0x00000001
|
||||
|
@ -53,6 +53,7 @@
|
||||
#include <time.h>
|
||||
|
||||
#include "ipapwd.h"
|
||||
#include "util.h"
|
||||
|
||||
#define IPAPWD_OP_NULL 0
|
||||
#define IPAPWD_OP_ADD 1
|
||||
|
@ -1,8 +1,11 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-I/usr/include/dirsrv \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
|
@ -45,41 +45,16 @@
|
||||
#include "prclist.h"
|
||||
#include "uuid/uuid.h"
|
||||
|
||||
#include "util.h"
|
||||
|
||||
#define IPAUUID_STR_SIZE 36
|
||||
|
||||
#define IPAUUID_PLUGIN_NAME "ipa-uuid-plugin"
|
||||
#define IPAUUID_PLUGIN_VERSION 0x00010000
|
||||
|
||||
#define IPAUUID_DN "cn=IPA UUID,cn=plugins,cn=config" /* temporary */
|
||||
|
||||
#define IPAUUID_SUCCESS 0
|
||||
#define IPAUUID_FAILURE -1
|
||||
|
||||
#define IPAUUID_STR_SIZE 36
|
||||
|
||||
#ifndef discard_const
|
||||
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
|
||||
#endif
|
||||
|
||||
#define log_func discard_const(__func__)
|
||||
|
||||
#define LOG(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, \
|
||||
IPAUUID_PLUGIN_NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_CONFIG(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_CONFIG, \
|
||||
IPAUUID_PLUGIN_NAME, \
|
||||
fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_FATAL(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_FATAL, log_func, \
|
||||
"[file %s, line %d]: " fmt, \
|
||||
__FILE__, __LINE__, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_TRACE(fmt, ...) \
|
||||
slapi_log_error(SLAPI_LOG_TRACE, log_func, fmt, ##__VA_ARGS__)
|
||||
|
||||
#define LOG_OOM() LOG_FATAL("Out of Memory!\n")
|
||||
#define IPA_PLUGIN_NAME IPAUUID_PLUGIN_NAME
|
||||
|
||||
/**
|
||||
* IPA UUID config types
|
||||
@ -235,7 +210,7 @@ char *getPluginDN()
|
||||
int
|
||||
ipauuid_init(Slapi_PBlock *pb)
|
||||
{
|
||||
int status = IPAUUID_SUCCESS;
|
||||
int status = EOK;
|
||||
char *plugin_identity = NULL;
|
||||
|
||||
LOG_TRACE("--in-->\n");
|
||||
@ -281,7 +256,7 @@ ipauuid_init(Slapi_PBlock *pb)
|
||||
)
|
||||
) {
|
||||
LOG_FATAL("failed to register plugin\n");
|
||||
status = IPAUUID_FAILURE;
|
||||
status = EFAIL;
|
||||
}
|
||||
|
||||
LOG_TRACE("<--out--\n");
|
||||
@ -291,7 +266,7 @@ ipauuid_init(Slapi_PBlock *pb)
|
||||
static int
|
||||
ipauuid_internal_preop_init(Slapi_PBlock *pb)
|
||||
{
|
||||
int status = IPAUUID_SUCCESS;
|
||||
int status = EOK;
|
||||
|
||||
if (slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
|
||||
SLAPI_PLUGIN_VERSION_01) != 0 ||
|
||||
@ -301,7 +276,7 @@ ipauuid_internal_preop_init(Slapi_PBlock *pb)
|
||||
(void *) ipauuid_mod_pre_op) != 0 ||
|
||||
slapi_pblock_set(pb, SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN,
|
||||
(void *) ipauuid_add_pre_op) != 0) {
|
||||
status = IPAUUID_FAILURE;
|
||||
status = EFAIL;
|
||||
}
|
||||
|
||||
return status;
|
||||
@ -310,7 +285,7 @@ ipauuid_internal_preop_init(Slapi_PBlock *pb)
|
||||
static int
|
||||
ipauuid_postop_init(Slapi_PBlock *pb)
|
||||
{
|
||||
int status = IPAUUID_SUCCESS;
|
||||
int status = EOK;
|
||||
|
||||
if (slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
|
||||
SLAPI_PLUGIN_VERSION_01) != 0 ||
|
||||
@ -325,7 +300,7 @@ ipauuid_postop_init(Slapi_PBlock *pb)
|
||||
slapi_pblock_set(pb, SLAPI_PLUGIN_POST_MODIFY_FN,
|
||||
(void *) ipauuid_config_check_post_op) != 0) {
|
||||
LOG_FATAL("failed to register plugin\n");
|
||||
status = IPAUUID_FAILURE;
|
||||
status = EFAIL;
|
||||
}
|
||||
|
||||
return status;
|
||||
@ -355,7 +330,7 @@ ipauuid_start(Slapi_PBlock * pb)
|
||||
if (!g_ipauuid_cache_lock) {
|
||||
LOG_FATAL("lock creation failed\n");
|
||||
|
||||
return IPAUUID_FAILURE;
|
||||
return EFAIL;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -381,9 +356,9 @@ ipauuid_start(Slapi_PBlock * pb)
|
||||
slapi_ch_calloc(1, sizeof(struct configEntry));
|
||||
PR_INIT_CLIST(ipauuid_global_config);
|
||||
|
||||
if (ipauuid_load_plugin_config() != IPAUUID_SUCCESS) {
|
||||
if (ipauuid_load_plugin_config() != EOK) {
|
||||
LOG_FATAL("unable to load plug-in configuration\n");
|
||||
return IPAUUID_FAILURE;
|
||||
return EFAIL;
|
||||
}
|
||||
|
||||
g_plugin_started = 1;
|
||||
@ -391,7 +366,7 @@ ipauuid_start(Slapi_PBlock * pb)
|
||||
LOG_TRACE("<--out--\n");
|
||||
|
||||
done:
|
||||
return IPAUUID_SUCCESS;
|
||||
return EOK;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -410,7 +385,7 @@ ipauuid_close(Slapi_PBlock * pb)
|
||||
|
||||
LOG_TRACE("<--out--\n");
|
||||
|
||||
return IPAUUID_SUCCESS;
|
||||
return EOK;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -426,7 +401,7 @@ ipauuid_close(Slapi_PBlock * pb)
|
||||
static int
|
||||
ipauuid_load_plugin_config()
|
||||
{
|
||||
int status = IPAUUID_SUCCESS;
|
||||
int status = EOK;
|
||||
int result;
|
||||
int i;
|
||||
time_t now;
|
||||
@ -447,14 +422,14 @@ ipauuid_load_plugin_config()
|
||||
slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
|
||||
|
||||
if (LDAP_SUCCESS != result) {
|
||||
status = IPAUUID_FAILURE;
|
||||
status = EFAIL;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
|
||||
&entries);
|
||||
if (NULL == entries || NULL == entries[0]) {
|
||||
status = IPAUUID_SUCCESS;
|
||||
status = EOK;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -482,7 +457,7 @@ ipauuid_load_plugin_config()
|
||||
* validate config without making any changes by setting apply
|
||||
* to 0.
|
||||
*
|
||||
* Returns IPAUUID_SUCCESS if the entry is valid and IPAUUID_FAILURE
|
||||
* Returns EOK if the entry is valid and EFAIL
|
||||
* if it is invalid.
|
||||
*/
|
||||
static int
|
||||
@ -494,20 +469,20 @@ ipauuid_parse_config_entry(Slapi_Entry * e, bool apply)
|
||||
PRCList *list;
|
||||
int entry_added = 0;
|
||||
int i = 0;
|
||||
int ret = IPAUUID_SUCCESS;
|
||||
int ret = EOK;
|
||||
|
||||
LOG_TRACE("--in-->\n");
|
||||
|
||||
/* If this is the main UUID plug-in config entry, just bail. */
|
||||
if (strcasecmp(getPluginDN(), slapi_entry_get_ndn(e)) == 0) {
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
|
||||
entry = (struct configEntry *)
|
||||
slapi_ch_calloc(1, sizeof(struct configEntry));
|
||||
if (NULL == entry) {
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
|
||||
@ -521,7 +496,7 @@ ipauuid_parse_config_entry(Slapi_Entry * e, bool apply)
|
||||
if (!entry->attr) {
|
||||
LOG_FATAL("The %s config setting is required for %s.\n",
|
||||
IPAUUID_ATTR, entry->dn);
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
LOG_CONFIG("----------> %s [%s]\n", IPAUUID_ATTR, entry->attr);
|
||||
@ -544,13 +519,13 @@ ipauuid_parse_config_entry(Slapi_Entry * e, bool apply)
|
||||
if (NULL == (entry->slapi_filter = slapi_str2filter(value))) {
|
||||
LOG_FATAL("Error: Invalid search filter in entry [%s]: [%s]\n",
|
||||
entry->dn, value);
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
} else {
|
||||
LOG_FATAL("The %s config setting is required for %s.\n",
|
||||
IPAUUID_FILTER, entry->dn);
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
LOG_CONFIG("----------> %s [%s]\n", IPAUUID_FILTER, value);
|
||||
@ -561,7 +536,7 @@ ipauuid_parse_config_entry(Slapi_Entry * e, bool apply)
|
||||
} else {
|
||||
LOG_FATAL("The %s config config setting is required for %s.\n",
|
||||
IPAUUID_SCOPE, entry->dn);
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
goto bail;
|
||||
}
|
||||
LOG_CONFIG("----------> %s [%s]\n", IPAUUID_SCOPE, entry->scope);
|
||||
@ -622,7 +597,7 @@ bail:
|
||||
}
|
||||
ipauuid_free_config_entry(&entry);
|
||||
} else {
|
||||
ret = IPAUUID_SUCCESS;
|
||||
ret = EOK;
|
||||
}
|
||||
|
||||
LOG_TRACE("<--out--\n");
|
||||
@ -886,7 +861,7 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
|
||||
test_e = resulting_e;
|
||||
}
|
||||
|
||||
if (ipauuid_parse_config_entry(test_e, false) != IPAUUID_SUCCESS) {
|
||||
if (ipauuid_parse_config_entry(test_e, false) != EOK) {
|
||||
/* Refuse the operation if config parsing failed. */
|
||||
ret = LDAP_UNWILLING_TO_PERFORM;
|
||||
if (LDAP_CHANGETYPE_ADD == modtype) {
|
||||
@ -1201,7 +1176,7 @@ done:
|
||||
LOG("operation failure [%d]\n", ret);
|
||||
slapi_send_ldap_result(pb, ret, NULL, errstr, 0, NULL);
|
||||
slapi_ch_free((void **)&errstr);
|
||||
ret = IPAUUID_FAILURE;
|
||||
ret = EFAIL;
|
||||
}
|
||||
|
||||
LOG_TRACE("<--out--\n");
|
||||
|
@ -1,9 +1,12 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I../../ \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-I/usr/include/dirsrv \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
|
@ -38,12 +38,13 @@
|
||||
#include "slapi-plugin.h"
|
||||
#include "repl-session-plugin.h"
|
||||
#include "ipa-version.h"
|
||||
#include "util.h"
|
||||
#include <string.h>
|
||||
|
||||
/* Identify the type of data we're sending, an unsigned int in this case */
|
||||
#define REPL_VERSION_DATA_GUID "2D562D8B-2F30-4447-AF76-2B721D1D5F6A"
|
||||
|
||||
static char *repl_version_plugin_name = "ipa_replication_version";
|
||||
#define IPA_PLUGIN_NAME "ipa_replication_version"
|
||||
static char *data_version = NULL;
|
||||
|
||||
/*
|
||||
@ -74,8 +75,7 @@ static int
|
||||
repl_version_plugin_pre_acquire_cb(void *cookie, const Slapi_DN *repl_subtree,
|
||||
int is_total, char **data_guid, struct berval **data)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"repl_version_plugin_pre_acquire_cb() called for suffix \"%s\", "
|
||||
LOG("repl_version_plugin_pre_acquire_cb() called for suffix \"%s\", "
|
||||
"is_total: \"%s\".\n", slapi_sdn_get_ndn(repl_subtree),
|
||||
is_total ? "TRUE" : "FALSE");
|
||||
|
||||
@ -85,9 +85,8 @@ repl_version_plugin_pre_acquire_cb(void *cookie, const Slapi_DN *repl_subtree,
|
||||
(*data)->bv_val = slapi_ch_smprintf("%s", data_version);
|
||||
(*data)->bv_len = strlen((*data)->bv_val) + 1;
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"repl_version_plugin_pre_acquire_cb() sending data: guid: \"%s\" data: \"%s\".\n",
|
||||
*data_guid, (*data)->bv_val);
|
||||
LOG("repl_version_plugin_pre_acquire_cb() sending data: guid: \"%s\" data: \"%s\".\n",
|
||||
*data_guid, (*data)->bv_val);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -108,18 +107,17 @@ static int
|
||||
repl_version_plugin_recv_acquire_cb(const char *repl_subtree, int is_total,
|
||||
const char *data_guid, const struct berval *data)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"test_repl_session_plugin_recv_acquire_cb() called for suffix \"%s\", is_total: \"%s\".\n",
|
||||
LOG("test_repl_session_plugin_recv_acquire_cb() called for suffix \"%s\", is_total: \"%s\".\n",
|
||||
repl_subtree, is_total ? "TRUE" : "FALSE");
|
||||
|
||||
/* compare our data version to the master data version */
|
||||
if (data_guid && data && (strcmp(data_guid, REPL_VERSION_DATA_GUID) == 0)) {
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"repl_version_plugin_recv_acquire_cb() received data: guid: \"%s\" data: \"%s\".\n",
|
||||
LOG("repl_version_plugin_recv_acquire_cb() received data: guid: \"%s\" data: \"%s\".\n",
|
||||
data_guid, data->bv_val);
|
||||
if (!(strcmp(data_version, data->bv_val) == 0)) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, repl_version_plugin_name,
|
||||
"Incompatible IPA versions, pausing replication. This server: \"%s\" remote server: \"%s\".\n", data_version, data->bv_val);
|
||||
LOG_FATAL("Incompatible IPA versions, pausing replication. "
|
||||
"This server: \"%s\" remote server: \"%s\".\n",
|
||||
data_version, data->bv_val);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
@ -146,35 +144,30 @@ static void *repl_version_api[] = {
|
||||
static int
|
||||
repl_version_plugin_start(Slapi_PBlock *pb)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"--> repl_version_plugin_start -- begin\n");
|
||||
LOG("--> repl_version_plugin_start -- begin\n");
|
||||
|
||||
data_version = slapi_ch_smprintf("%llu", DATA_VERSION);
|
||||
data_version = slapi_ch_smprintf("%llu", (unsigned long long) DATA_VERSION);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_start -- end\n");
|
||||
LOG("<-- repl_version_plugin_start -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
repl_version_plugin_close(Slapi_PBlock *pb)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"--> repl_version_plugin_close -- begin\n");
|
||||
LOG("--> repl_version_plugin_close -- begin\n");
|
||||
|
||||
slapi_apib_unregister(REPL_SESSION_v1_0_GUID);
|
||||
|
||||
slapi_ch_free_string(&data_version);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_close -- end\n");
|
||||
LOG("<-- repl_version_plugin_close -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
int repl_version_plugin_init(Slapi_PBlock *pb)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"--> repl_version_plugin_init -- begin\n");
|
||||
LOG("--> repl_version_plugin_init -- begin\n");
|
||||
|
||||
if ( slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION,
|
||||
SLAPI_PLUGIN_VERSION_01 ) != 0 ||
|
||||
@ -185,14 +178,12 @@ int repl_version_plugin_init(Slapi_PBlock *pb)
|
||||
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION,
|
||||
(void *)&repl_version_pdesc ) != 0 )
|
||||
{
|
||||
slapi_log_error( SLAPI_LOG_FATAL, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_init -- failed to register plugin -- end\n");
|
||||
LOG_FATAL("<-- repl_version_plugin_init -- failed to register plugin -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if( slapi_apib_register(REPL_SESSION_v1_0_GUID, repl_version_api) ) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_start -- failed to register repl_version api -- end\n");
|
||||
LOG_FATAL("<-- repl_version_plugin_start -- failed to register repl_version api -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -200,12 +191,10 @@ int repl_version_plugin_init(Slapi_PBlock *pb)
|
||||
/* Retrieve and save the plugin identity to later pass to
|
||||
internal operations */
|
||||
if (slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &repl_version_plugin_id) != 0) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_init -- failed to retrieve plugin identity -- end\n");
|
||||
LOG_FATAL("<-- repl_version_plugin_init -- failed to retrieve plugin identity -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
slapi_log_error( SLAPI_LOG_PLUGIN, repl_version_plugin_name,
|
||||
"<-- repl_version_plugin_init -- end\n");
|
||||
LOG("<-- repl_version_plugin_init -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
@ -1,8 +1,11 @@
|
||||
NULL =
|
||||
|
||||
PLUGIN_COMMON_DIR=../common
|
||||
|
||||
INCLUDES = \
|
||||
-I. \
|
||||
-I$(srcdir) \
|
||||
-I$(PLUGIN_COMMON_DIR) \
|
||||
-DPREFIX=\""$(prefix)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
-DLIBDIR=\""$(libdir)"\" \
|
||||
|
@ -109,10 +109,9 @@ ipa_winsync_config(Slapi_Entry *config_e)
|
||||
char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
|
||||
|
||||
if ( inited ) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: IPA WinSync plug-in already configured. "
|
||||
"Please remove the plugin config entry [%s]\n",
|
||||
slapi_entry_get_dn_const(config_e));
|
||||
LOG_FATAL("Error: IPA WinSync plug-in already configured. "
|
||||
"Please remove the plugin config entry [%s]\n",
|
||||
slapi_entry_get_dn_const(config_e));
|
||||
return( LDAP_PARAM_ERROR );
|
||||
}
|
||||
|
||||
@ -150,8 +149,7 @@ ipa_winsync_config(Slapi_Entry *config_e)
|
||||
inited = 1;
|
||||
|
||||
if (returncode != LDAP_SUCCESS) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error %d: %s\n", returncode, returntext);
|
||||
LOG_FATAL("Error %d: %s\n", returncode, returntext);
|
||||
}
|
||||
|
||||
return returncode;
|
||||
@ -264,9 +262,8 @@ ipa_winsync_validate_config (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_E
|
||||
/* get new_user_oc_attr */
|
||||
if (!(attrsvals = slapi_entry_attr_get_charray(
|
||||
e, IPA_WINSYNC_NEW_USER_ATTRS_VALS))) {
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Info: no default attributes and values given in [%s]\n",
|
||||
IPA_WINSYNC_NEW_USER_ATTRS_VALS);
|
||||
LOG("Info: no default attributes and values given in [%s]\n",
|
||||
IPA_WINSYNC_NEW_USER_ATTRS_VALS);
|
||||
}
|
||||
|
||||
/* format of *attrsvals is "attrname value" */
|
||||
@ -461,9 +458,8 @@ ipa_winsync_apply_config (Slapi_PBlock *pb, Slapi_Entry* entryBefore,
|
||||
/* get new_user_oc_attr */
|
||||
if (!(attrsvals = slapi_entry_attr_get_charray(
|
||||
e, IPA_WINSYNC_NEW_USER_ATTRS_VALS))) {
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Info: no default attributes and values given in [%s]\n",
|
||||
IPA_WINSYNC_NEW_USER_ATTRS_VALS);
|
||||
LOG("Info: no default attributes and values given in [%s]\n",
|
||||
IPA_WINSYNC_NEW_USER_ATTRS_VALS);
|
||||
}
|
||||
|
||||
/* get acct disable sync value */
|
||||
@ -688,20 +684,18 @@ internal_find_entry_get_attr_val(const Slapi_DN *basedn, int scope,
|
||||
*/
|
||||
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
|
||||
if (ret != LDAP_SUCCESS) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error [%d:%s] searching for base [%s] filter [%s]"
|
||||
" attr [%s]\n", ret, ldap_err2string(ret),
|
||||
search_basedn, filter, attrs[0]);
|
||||
LOG_FATAL("Error [%d:%s] searching for base [%s] filter [%s]"
|
||||
" attr [%s]\n", ret, ldap_err2string(ret),
|
||||
search_basedn, filter, attrs[0]);
|
||||
goto out1;
|
||||
}
|
||||
|
||||
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
|
||||
if (entries && entries[0] && entries[1]) {
|
||||
/* error - should never be more than one matching entry */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: more than one entry matches search for "
|
||||
"base [%s] filter [%s] attr [%s]\n",
|
||||
search_basedn, filter, attrs[0]);
|
||||
LOG_FATAL("Error: more than one entry matches search for "
|
||||
"base [%s] filter [%s] attr [%s]\n",
|
||||
search_basedn, filter, attrs[0]);
|
||||
ret = LDAP_UNWILLING_TO_PERFORM;
|
||||
goto out1;
|
||||
}
|
||||
@ -724,10 +718,9 @@ internal_find_entry_get_attr_val(const Slapi_DN *basedn, int scope,
|
||||
}
|
||||
} else {
|
||||
ret = LDAP_NO_SUCH_OBJECT;
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Did not find an entry for search "
|
||||
"base [%s] filter [%s] attr [%s]\n",
|
||||
search_basedn, filter, attrs[0]);
|
||||
LOG("Did not find an entry for search "
|
||||
"base [%s] filter [%s] attr [%s]\n",
|
||||
search_basedn, filter, attrs[0]);
|
||||
}
|
||||
|
||||
out1:
|
||||
@ -814,10 +807,9 @@ ipa_winsync_config_refresh_domain(
|
||||
|
||||
if (!iwdc->realm_name) {
|
||||
/* error - could not find the IPA config entry with the realm name */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the entry containing the realm name for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), realm_filter, realm_attr);
|
||||
LOG_FATAL("Error: could not find the entry containing the realm name for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), realm_filter, realm_attr);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -828,10 +820,9 @@ ipa_winsync_config_refresh_domain(
|
||||
&new_user_objclasses, NULL);
|
||||
if (!new_user_objclasses) {
|
||||
/* error - could not find the entry containing list of objectclasses */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the entry containing the new user objectclass list for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, new_user_oc_attr);
|
||||
LOG_FATAL("Error: could not find the entry containing the new user objectclass list for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, new_user_oc_attr);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -844,10 +835,9 @@ ipa_winsync_config_refresh_domain(
|
||||
NULL, &iwdc->homedir_prefix);
|
||||
if (!iwdc->homedir_prefix) {
|
||||
/* error - could not find the home dir prefix */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the entry containing the home directory prefix for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, homedir_prefix_attr);
|
||||
LOG_FATAL("Error: could not find the entry containing the home directory prefix for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, homedir_prefix_attr);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -860,10 +850,9 @@ ipa_winsync_config_refresh_domain(
|
||||
NULL, &default_group_name);
|
||||
if (!default_group_name) {
|
||||
/* error - could not find the default group name */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the entry containing the default group name for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, default_group_attr);
|
||||
LOG_FATAL("Error: could not find the entry containing the default group name for "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, default_group_attr);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -877,10 +866,9 @@ ipa_winsync_config_refresh_domain(
|
||||
NULL, &default_gid);
|
||||
if (!default_gid) {
|
||||
/* error - could not find the default gidNumber */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the entry containing the default gidNumber "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, "gidNumber");
|
||||
LOG_FATAL("Error: could not find the entry containing the default gidNumber "
|
||||
"ds subtree [%s] filter [%s] attr [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), new_entry_filter, "gidNumber");
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -897,10 +885,9 @@ ipa_winsync_config_refresh_domain(
|
||||
NULL, &inactivated_group_dn);
|
||||
if (!inactivated_group_dn) {
|
||||
/* error - could not find the inactivated group dn */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the DN of the inactivated users group "
|
||||
"ds subtree [%s] filter [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), inactivated_filter);
|
||||
LOG_FATAL("Error: could not find the DN of the inactivated users group "
|
||||
"ds subtree [%s] filter [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), inactivated_filter);
|
||||
goto out;
|
||||
}
|
||||
ret = internal_find_entry_get_attr_val(config_dn, search_scope,
|
||||
@ -908,10 +895,9 @@ ipa_winsync_config_refresh_domain(
|
||||
NULL, &activated_group_dn);
|
||||
if (!activated_group_dn) {
|
||||
/* error - could not find the activated group dn */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME,
|
||||
"Error: could not find the DN of the activated users group "
|
||||
"ds subtree [%s] filter [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), activated_filter);
|
||||
LOG_FATAL("Error: could not find the DN of the activated users group "
|
||||
"ds subtree [%s] filter [%s]\n",
|
||||
slapi_sdn_get_dn(ds_subtree), activated_filter);
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
@ -59,8 +59,6 @@
|
||||
#endif
|
||||
#include "ipa-winsync.h"
|
||||
|
||||
static char *ipa_winsync_plugin_name = IPA_WINSYNC_PLUGIN_NAME;
|
||||
|
||||
static void
|
||||
sync_acct_disable(
|
||||
void *cbdata, /* the usual domain config data */
|
||||
@ -87,16 +85,14 @@ static void *
|
||||
ipa_winsync_agmt_init(const Slapi_DN *ds_subtree, const Slapi_DN *ad_subtree)
|
||||
{
|
||||
void *cbdata = NULL;
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_agmt_init [%s] [%s] -- begin\n",
|
||||
slapi_sdn_get_dn(ds_subtree),
|
||||
slapi_sdn_get_dn(ad_subtree));
|
||||
LOG("--> ipa_winsync_agmt_init [%s] [%s] -- begin\n",
|
||||
slapi_sdn_get_dn(ds_subtree),
|
||||
slapi_sdn_get_dn(ad_subtree));
|
||||
|
||||
/* do the domain specific configuration based on the ds subtree */
|
||||
cbdata = ipa_winsync_config_new_domain(ds_subtree, ad_subtree);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_agmt_init -- end\n");
|
||||
LOG("<-- ipa_winsync_agmt_init -- end\n");
|
||||
|
||||
return cbdata;
|
||||
}
|
||||
@ -106,11 +102,9 @@ ipa_winsync_dirsync_search_params_cb(void *cbdata, const char *agmt_dn,
|
||||
char **base, int *scope, char **filter,
|
||||
char ***attrs, LDAPControl ***serverctrls)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_dirsync_search_params_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_dirsync_search_params_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_dirsync_search_params_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_dirsync_search_params_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -121,11 +115,9 @@ ipa_winsync_pre_ad_search_cb(void *cbdata, const char *agmt_dn,
|
||||
char **base, int *scope, char **filter,
|
||||
char ***attrs, LDAPControl ***serverctrls)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ad_search_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ad_search_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ad_search_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ad_search_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -136,16 +128,13 @@ ipa_winsync_pre_ds_search_entry_cb(void *cbdata, const char *agmt_dn,
|
||||
char **base, int *scope, char **filter,
|
||||
char ***attrs, LDAPControl ***serverctrls)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_search_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ds_search_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"-- ipa_winsync_pre_ds_search_cb - base [%s] "
|
||||
"scope [%d] filter [%s]\n",
|
||||
*base, *scope, *filter);
|
||||
LOG("-- ipa_winsync_pre_ds_search_cb - base [%s] "
|
||||
"scope [%d] filter [%s]\n",
|
||||
*base, *scope, *filter);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_search_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_search_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -156,9 +145,8 @@ ipa_winsync_pre_ds_search_all_cb(void *cbdata, const char *agmt_dn,
|
||||
char **base, int *scope, char **filter,
|
||||
char ***attrs, LDAPControl ***serverctrls)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_search_all_cb -- orig filter [%s] -- begin\n",
|
||||
((filter && *filter) ? *filter : "NULL"));
|
||||
LOG("--> ipa_winsync_pre_ds_search_all_cb -- orig filter [%s] -- begin\n",
|
||||
((filter && *filter) ? *filter : "NULL"));
|
||||
|
||||
/* We only want to grab users from the ds side - no groups */
|
||||
slapi_ch_free_string(filter);
|
||||
@ -167,8 +155,7 @@ ipa_winsync_pre_ds_search_all_cb(void *cbdata, const char *agmt_dn,
|
||||
indexed for equality only - need to add presence? */
|
||||
*filter = slapi_ch_strdup("(&(objectclass=ntuser)(ntUserDomainId=*))");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_search_all_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_search_all_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -178,14 +165,12 @@ ipa_winsync_pre_ad_mod_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, Slapi_Entry *ds_entry,
|
||||
Slapi_Mods *smods, int *do_modify)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ad_mod_user_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ad_mod_user_cb -- begin\n");
|
||||
|
||||
sync_acct_disable(cbdata, rawentry, ds_entry, ACCT_DISABLE_TO_AD,
|
||||
NULL, smods, do_modify);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ad_mod_user_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ad_mod_user_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -195,11 +180,9 @@ ipa_winsync_pre_ad_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, Slapi_Entry *ds_entry,
|
||||
Slapi_Mods *smods, int *do_modify)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ad_mod_group_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ad_mod_group_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ad_mod_group_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ad_mod_group_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -209,16 +192,14 @@ ipa_winsync_pre_ds_mod_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, Slapi_Entry *ds_entry,
|
||||
Slapi_Mods *smods, int *do_modify)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_mod_user_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ds_mod_user_cb -- begin\n");
|
||||
|
||||
sync_acct_disable(cbdata, rawentry, ds_entry, ACCT_DISABLE_TO_DS,
|
||||
NULL, smods, do_modify);
|
||||
|
||||
do_force_sync(rawentry, ds_entry, smods, do_modify);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_mod_user_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_mod_user_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -228,11 +209,9 @@ ipa_winsync_pre_ds_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, Slapi_Entry *ds_entry,
|
||||
Slapi_Mods *smods, int *do_modify)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_mod_group_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ds_mod_group_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_mod_group_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_mod_group_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -247,16 +226,14 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
char *type = NULL;
|
||||
IPA_WinSync_Config *global_ipaconfig = ipa_winsync_get_config();
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_add_user_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ds_add_user_cb -- begin\n");
|
||||
|
||||
if (!ipaconfig || !ipaconfig->domain_e || !ipaconfig->realm_name ||
|
||||
!ipaconfig->homedir_prefix) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"Error: configuration failure: cannot map Windows "
|
||||
"entry dn [%s], DS entry dn [%s]\n",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG_FATAL("Error: configuration failure: cannot map Windows "
|
||||
"entry dn [%s], DS entry dn [%s]\n",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -278,10 +255,9 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
{
|
||||
if (!slapi_entry_attr_has_syntax_value(ds_entry, type, sv)) {
|
||||
/* attr-value sv not found in ds_entry; add it */
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_add_user_cb -- "
|
||||
"adding val for [%s] to new entry [%s]\n",
|
||||
type, slapi_entry_get_dn_const(ds_entry));
|
||||
LOG("--> ipa_winsync_pre_ds_add_user_cb -- "
|
||||
"adding val for [%s] to new entry [%s]\n",
|
||||
type, slapi_entry_get_dn_const(ds_entry));
|
||||
|
||||
slapi_entry_add_value(ds_entry, type, sv);
|
||||
}
|
||||
@ -310,13 +286,12 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
upn = slapi_ch_smprintf("%s@%s", samAccountName, ipaconfig->realm_name);
|
||||
slapi_ch_free_string(&samAccountName);
|
||||
} else { /* fatal error - nothing to use for krbPrincipalName */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"Error creating %s for realm [%s] for Windows "
|
||||
"entry dn [%s], DS entry dn [%s] - Windows entry "
|
||||
"has no samAccountName, and DS entry has no uid.\n",
|
||||
type, ipaconfig->realm_name,
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG_FATAL("Error creating %s for realm [%s] for Windows "
|
||||
"entry dn [%s], DS entry dn [%s] - Windows entry "
|
||||
"has no samAccountName, and DS entry has no uid.\n",
|
||||
type, ipaconfig->realm_name,
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
}
|
||||
|
||||
if (upn) {
|
||||
@ -341,13 +316,12 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
samAccountName);
|
||||
slapi_ch_free_string(&samAccountName);
|
||||
} else { /* fatal error - nothing to use for homeDirectory */
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"Error creating %s for realm [%s] for Windows "
|
||||
"entry dn [%s], DS entry dn [%s] - Windows entry "
|
||||
"has no samAccountName, and DS entry has no uid.\n",
|
||||
type, ipaconfig->realm_name,
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG_FATAL("Error creating %s for realm [%s] for Windows "
|
||||
"entry dn [%s], DS entry dn [%s] - Windows entry "
|
||||
"has no samAccountName, and DS entry has no uid.\n",
|
||||
type, ipaconfig->realm_name,
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
}
|
||||
|
||||
if (homeDir) {
|
||||
@ -375,8 +349,7 @@ ipa_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
|
||||
sync_acct_disable(cbdata, rawentry, ds_entry, ACCT_DISABLE_TO_DS,
|
||||
ds_entry, NULL, NULL);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_add_user_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_add_user_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -385,11 +358,9 @@ static void
|
||||
ipa_winsync_pre_ds_add_group_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, Slapi_Entry *ds_entry)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ds_add_group_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ds_add_group_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ds_add_group_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ds_add_group_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -403,8 +374,7 @@ ipa_winsync_get_new_ds_user_dn_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
PRBool flatten = PR_TRUE;
|
||||
IPA_WinSync_Config *ipaconfig = ipa_winsync_get_config();
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_get_new_ds_user_dn_cb -- old dn [%s] -- begin\n",
|
||||
LOG("--> ipa_winsync_get_new_ds_user_dn_cb -- old dn [%s] -- begin\n",
|
||||
*new_dn_string);
|
||||
|
||||
slapi_lock_mutex(ipaconfig->lock);
|
||||
@ -425,8 +395,7 @@ ipa_winsync_get_new_ds_user_dn_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
*new_dn_string = slapi_ch_smprintf("%s,%s", rdns[0], slapi_sdn_get_dn(ds_suffix));
|
||||
ldap_value_free(rdns);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_get_new_ds_user_dn_cb -- new dn [%s] -- end\n",
|
||||
LOG("<-- ipa_winsync_get_new_ds_user_dn_cb -- new dn [%s] -- end\n",
|
||||
*new_dn_string);
|
||||
|
||||
return;
|
||||
@ -437,11 +406,9 @@ ipa_winsync_get_new_ds_group_dn_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
Slapi_Entry *ad_entry, char **new_dn_string,
|
||||
const Slapi_DN *ds_suffix, const Slapi_DN *ad_suffix)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_get_new_ds_group_dn_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_get_new_ds_group_dn_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_get_new_ds_group_dn_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_get_new_ds_group_dn_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -455,8 +422,7 @@ ipa_winsync_pre_ad_mod_user_mods_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
{
|
||||
Slapi_Mods *smods;
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ad_mod_user_mods_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ad_mod_user_mods_cb -- begin\n");
|
||||
|
||||
/* wrap the modstosend in a Slapi_Mods for convenience */
|
||||
smods = slapi_mods_new();
|
||||
@ -467,8 +433,7 @@ ipa_winsync_pre_ad_mod_user_mods_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
/* convert back to LDAPMod ** and clean up */
|
||||
*modstosend = slapi_mods_get_ldapmods_passout(smods);
|
||||
slapi_mods_free(&smods);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ad_mod_user_mods_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ad_mod_user_mods_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -480,11 +445,9 @@ ipa_winsync_pre_ad_mod_group_mods_cb(void *cbdata, const Slapi_Entry *rawentry,
|
||||
LDAPMod * const *origmods,
|
||||
Slapi_DN *remote_dn, LDAPMod ***modstosend)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_pre_ad_mod_group_mods_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_pre_ad_mod_group_mods_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_pre_ad_mod_group_mods_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_pre_ad_mod_group_mods_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -493,11 +456,9 @@ static int
|
||||
ipa_winsync_can_add_entry_to_ad_cb(void *cbdata, const Slapi_Entry *local_entry,
|
||||
const Slapi_DN *remote_dn)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_can_add_entry_to_ad_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_can_add_entry_to_ad_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_can_add_entry_to_ad_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_can_add_entry_to_ad_cb -- end\n");
|
||||
|
||||
return 0; /* false - do not allow entries to be added to ad */
|
||||
}
|
||||
@ -506,13 +467,11 @@ static void
|
||||
ipa_winsync_begin_update_cb(void *cbdata, const Slapi_DN *ds_subtree,
|
||||
const Slapi_DN *ad_subtree, int is_total)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_begin_update_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_begin_update_cb -- begin\n");
|
||||
|
||||
ipa_winsync_config_refresh_domain(cbdata, ds_subtree, ad_subtree);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_begin_update_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_begin_update_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -521,11 +480,9 @@ static void
|
||||
ipa_winsync_end_update_cb(void *cbdata, const Slapi_DN *ds_subtree,
|
||||
const Slapi_DN *ad_subtree, int is_total)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_end_update_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_end_update_cb -- begin\n");
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_end_update_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_end_update_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -534,13 +491,11 @@ static void
|
||||
ipa_winsync_destroy_agmt_cb(void *cbdata, const Slapi_DN *ds_subtree,
|
||||
const Slapi_DN *ad_subtree)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_destroy_agmt_cb -- begin\n");
|
||||
LOG("--> ipa_winsync_destroy_agmt_cb -- begin\n");
|
||||
|
||||
ipa_winsync_config_destroy_domain(cbdata, ds_subtree, ad_subtree);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_destroy_agmt_cb -- end\n");
|
||||
LOG("<-- ipa_winsync_destroy_agmt_cb -- end\n");
|
||||
|
||||
return;
|
||||
}
|
||||
@ -600,42 +555,35 @@ ipa_winsync_plugin_start(Slapi_PBlock *pb)
|
||||
int rc;
|
||||
Slapi_Entry *config_e = NULL; /* entry containing plugin config */
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_plugin_start -- begin\n");
|
||||
LOG("--> ipa_winsync_plugin_start -- begin\n");
|
||||
|
||||
if( slapi_apib_register(WINSYNC_v1_0_GUID, ipa_winsync_api) ) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_start -- failed to register winsync api -- end\n");
|
||||
return -1;
|
||||
LOG_FATAL("<-- ipa_winsync_plugin_start -- failed to register winsync api -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ( slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &config_e ) != 0 ) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"missing config entry\n" );
|
||||
return( -1 );
|
||||
LOG_FATAL("missing config entry\n" );
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
if (( rc = ipa_winsync_config( config_e )) != LDAP_SUCCESS ) {
|
||||
slapi_log_error( SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"configuration failed (%s)\n", ldap_err2string( rc ));
|
||||
return( -1 );
|
||||
LOG_FATAL("configuration failed (%s)\n", ldap_err2string( rc ));
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_start -- end\n");
|
||||
return 0;
|
||||
LOG("<-- ipa_winsync_plugin_start -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
ipa_winsync_plugin_close(Slapi_PBlock *pb)
|
||||
{
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_plugin_close -- begin\n");
|
||||
LOG("--> ipa_winsync_plugin_close -- begin\n");
|
||||
|
||||
slapi_apib_unregister(WINSYNC_v1_0_GUID);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_close -- end\n");
|
||||
LOG("<-- ipa_winsync_plugin_close -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -646,8 +594,7 @@ int ipa_winsync_plugin_init(Slapi_PBlock *pb)
|
||||
{
|
||||
void *plugin_id = NULL;
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"--> ipa_winsync_plugin_init -- begin\n");
|
||||
LOG("--> ipa_winsync_plugin_init -- begin\n");
|
||||
|
||||
if ( slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION,
|
||||
SLAPI_PLUGIN_VERSION_01 ) != 0 ||
|
||||
@ -658,23 +605,20 @@ int ipa_winsync_plugin_init(Slapi_PBlock *pb)
|
||||
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION,
|
||||
(void *)&ipa_winsync_pdesc ) != 0 )
|
||||
{
|
||||
slapi_log_error( SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_init -- failed to register plugin -- end\n");
|
||||
LOG_FATAL("<-- ipa_winsync_plugin_init -- failed to register plugin -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Retrieve and save the plugin identity to later pass to
|
||||
internal operations */
|
||||
if (slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &plugin_id) != 0) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_init -- failed to retrieve plugin identity -- end\n");
|
||||
LOG_FATAL("<-- ipa_winsync_plugin_init -- failed to retrieve plugin identity -- end\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
ipa_winsync_set_plugin_identity(plugin_id);
|
||||
|
||||
slapi_log_error( SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_winsync_plugin_init -- end\n");
|
||||
LOG("<-- ipa_winsync_plugin_init -- end\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -704,11 +648,10 @@ ipa_check_account_lock(Slapi_Entry *ds_entry, int *isvirt)
|
||||
rc = 0; /* account is disabled */
|
||||
}
|
||||
slapi_ch_free_string(&strval);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_check_account_lock - entry [%s] has real "
|
||||
"attribute nsAccountLock and entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
LOG("<-- ipa_check_account_lock - entry [%s] has real "
|
||||
"attribute nsAccountLock and entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
return rc;
|
||||
}
|
||||
|
||||
@ -734,18 +677,16 @@ ipa_check_account_lock(Slapi_Entry *ds_entry, int *isvirt)
|
||||
if (values != NULL) {
|
||||
slapi_vattr_values_free(&values, &actual_type_name, attr_free_flags);
|
||||
}
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_check_account_lock - entry [%s] has virtual "
|
||||
"attribute nsAccountLock and entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
LOG("<-- ipa_check_account_lock - entry [%s] has virtual "
|
||||
"attribute nsAccountLock and entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
} else {
|
||||
rc = 1; /* no attr == entry is enabled */
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- ipa_check_account_lock - entry [%s] does not "
|
||||
"have attribute nsAccountLock - entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
LOG("<-- ipa_check_account_lock - entry [%s] does not "
|
||||
"have attribute nsAccountLock - entry %s locked\n",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
rc ? "is not" : "is");
|
||||
}
|
||||
|
||||
return rc;
|
||||
@ -784,12 +725,11 @@ do_group_modify(const char *dn, const char *modtype, int modop, const char *modv
|
||||
|
||||
slapi_pblock_destroy(mod_pb);
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- do_group_modify - %s value [%s] in attribute [%s] "
|
||||
"in entry [%s] - result (%d: %s)\n",
|
||||
(modop & LDAP_MOD_ADD) ? "added" : "deleted",
|
||||
modval, modtype, dn,
|
||||
rc, ldap_err2string(rc));
|
||||
LOG("<-- do_group_modify - %s value [%s] in attribute [%s] "
|
||||
"in entry [%s] - result (%d: %s)\n",
|
||||
(modop & LDAP_MOD_ADD) ? "added" : "deleted",
|
||||
modval, modtype, dn,
|
||||
rc, ldap_err2string(rc));
|
||||
|
||||
return rc;
|
||||
}
|
||||
@ -863,12 +803,11 @@ sync_acct_disable(
|
||||
adval |= mask; /* set the 0x2 disable bit */
|
||||
}
|
||||
slapi_entry_attr_set_ulong(update_entry, "userAccountControl", adval);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s AD account [%s] - "
|
||||
"new value is [%ld]\n",
|
||||
(ds_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(update_entry),
|
||||
adval);
|
||||
LOG("<-- sync_acct_disable - %s AD account [%s] - "
|
||||
"new value is [%ld]\n",
|
||||
(ds_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(update_entry),
|
||||
adval);
|
||||
} else {
|
||||
/* iterate through the mods - if there is already a mod
|
||||
for userAccountControl, change it - otherwise, add it */
|
||||
@ -924,12 +863,11 @@ sync_acct_disable(
|
||||
mod_bval->bv_val = slapi_ch_strdup(acctvalstr);
|
||||
mod_bval->bv_len = strlen(acctvalstr);
|
||||
}
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s AD account [%s] - "
|
||||
"new value is [%ld]\n",
|
||||
(ds_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
adval);
|
||||
LOG("<-- sync_acct_disable - %s AD account [%s] - "
|
||||
"new value is [%ld]\n",
|
||||
(ds_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
adval);
|
||||
}
|
||||
}
|
||||
|
||||
@ -946,10 +884,9 @@ sync_acct_disable(
|
||||
|
||||
if (update_entry) {
|
||||
slapi_entry_attr_set_charptr(update_entry, attrtype, attrval);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG("<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
} else { /* do mod */
|
||||
struct berval tmpbval = {0, NULL};
|
||||
Slapi_Mod *smod = slapi_mod_new();
|
||||
@ -964,10 +901,9 @@ sync_acct_disable(
|
||||
slapi_mods_add_ldapmod(smods,
|
||||
slapi_mod_get_ldapmod_passout(smod));
|
||||
slapi_mod_free(&smod);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG("<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
if (do_modify) {
|
||||
*do_modify = 1; /* added mods */
|
||||
}
|
||||
@ -993,27 +929,24 @@ sync_acct_disable(
|
||||
}
|
||||
|
||||
dsdn = slapi_entry_get_dn_const(ds_entry);
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s DS account [%s] - "
|
||||
"deldn [%s] adddn [%s]\n",
|
||||
(ad_is_enabled) ? "enabling" : "disabling",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
deldn, adddn);
|
||||
LOG("<-- sync_acct_disable - %s DS account [%s] - "
|
||||
"deldn [%s] adddn [%s]\n",
|
||||
(ad_is_enabled) ? "enabling" : "disabling",
|
||||
slapi_entry_get_dn_const(ds_entry),
|
||||
deldn, adddn);
|
||||
/* first, delete the user from the deldn group - ignore (but log)
|
||||
value not found errors - means the user wasn't there yet */
|
||||
rc = do_group_modify(deldn, "member", LDAP_MOD_DELETE, dsdn);
|
||||
if (rc == LDAP_NO_SUCH_ATTRIBUTE) {
|
||||
/* either the value of the attribute doesn't exist */
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"Could not delete user [%s] from the [%s] group: "
|
||||
"either the user was not in the group already, "
|
||||
"or the group had no members\n",
|
||||
dsdn, deldn);
|
||||
LOG("Could not delete user [%s] from the [%s] group: "
|
||||
"either the user was not in the group already, "
|
||||
"or the group had no members\n",
|
||||
dsdn, deldn);
|
||||
} else if (rc != LDAP_SUCCESS) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"Error deleting user [%s] from the [%s] group: "
|
||||
"(%d - %s)\n", dsdn, deldn, rc,
|
||||
ldap_err2string(rc));
|
||||
LOG_FATAL("Error deleting user [%s] from the [%s] group: "
|
||||
"(%d - %s)\n", dsdn, deldn, rc,
|
||||
ldap_err2string(rc));
|
||||
}
|
||||
/* next, add the user to the adddn group - ignore (but log)
|
||||
if the user is already in that group */
|
||||
@ -1024,15 +957,13 @@ sync_acct_disable(
|
||||
}
|
||||
if (rc == LDAP_TYPE_OR_VALUE_EXISTS) {
|
||||
/* user already in that group */
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"Could not add user [%s] to the [%s] group: "
|
||||
"user is already in that group\n",
|
||||
dsdn, adddn);
|
||||
LOG("Could not add user [%s] to the [%s] group: "
|
||||
"user is already in that group\n",
|
||||
dsdn, adddn);
|
||||
} else if (rc != LDAP_SUCCESS) {
|
||||
slapi_log_error(SLAPI_LOG_FATAL, ipa_winsync_plugin_name,
|
||||
"Error adding user [%s] to the [%s] group: "
|
||||
"(%d - %s)\n", dsdn, adddn, rc,
|
||||
ldap_err2string(rc));
|
||||
LOG_FATAL("Error adding user [%s] to the [%s] group: "
|
||||
"(%d - %s)\n", dsdn, adddn, rc,
|
||||
ldap_err2string(rc));
|
||||
}
|
||||
#ifndef MEMBEROF_WORKS_FOR_INTERNAL_OPS
|
||||
/* memberOf doesn't currently listen for internal operations
|
||||
@ -1074,10 +1005,9 @@ sync_acct_disable(
|
||||
slapi_value_free(&sv);
|
||||
}
|
||||
#endif /* MEMBEROF_WORKS_FOR_INTERNAL_OPS */
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG("<-- sync_acct_disable - %s DS account [%s]\n",
|
||||
(ad_is_enabled) ? "enabled" : "disabled",
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
}
|
||||
}
|
||||
|
||||
@ -1125,10 +1055,9 @@ find_and_add_mod(Slapi_Entry *ent, Slapi_Mods *smods, const char *type,
|
||||
if (do_modify) {
|
||||
*do_modify = 1; /* added a mod */
|
||||
}
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"<-- find_and_add_mod - added value [%s] "
|
||||
"to attribute [%s] in entry [%s]\n",
|
||||
val, type, slapi_entry_get_dn_const(ent));
|
||||
LOG("<-- find_and_add_mod - added value [%s] "
|
||||
"to attribute [%s] in entry [%s]\n",
|
||||
val, type, slapi_entry_get_dn_const(ent));
|
||||
}
|
||||
slapi_value_free(&sv);
|
||||
|
||||
@ -1165,11 +1094,10 @@ do_force_sync(
|
||||
return; /* not supported */
|
||||
}
|
||||
|
||||
slapi_log_error(SLAPI_LOG_PLUGIN, ipa_winsync_plugin_name,
|
||||
"do_force_sync - forcing sync of AD entry [%s] "
|
||||
"with DS entry [%s]\n",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
LOG("do_force_sync - forcing sync of AD entry [%s] "
|
||||
"with DS entry [%s]\n",
|
||||
slapi_entry_get_dn_const(ad_entry),
|
||||
slapi_entry_get_dn_const(ds_entry));
|
||||
|
||||
find_and_add_mod(ds_entry, smods, "objectClass", "ntUser", (size_t)6, do_modify);
|
||||
|
||||
|
@ -52,7 +52,9 @@
|
||||
#include <dirsrv/winsync-plugin.h>
|
||||
#endif /* WINSYNC_TEST_IPA */
|
||||
|
||||
#define IPA_WINSYNC_PLUGIN_NAME "ipa-winsync"
|
||||
#include "util.h"
|
||||
|
||||
#define IPA_PLUGIN_NAME "ipa-winsync"
|
||||
|
||||
typedef struct ipa_winsync_config_struct {
|
||||
Slapi_Mutex *lock; /* for config access */
|
||||
|
Loading…
Reference in New Issue
Block a user