diff -ur samba-3.0.1pre3.orig/source/include/smbldap.h samba-3.0.1pre3/source/include/smbldap.h --- samba-3.0.1pre3.orig/source/include/smbldap.h 2003-10-10 20:08:35.000000000 +0200 +++ samba-3.0.1pre3/source/include/smbldap.h 2003-11-29 18:57:18.000000000 +0100 @@ -29,6 +29,11 @@ #define SCHEMAVER_SAMBAACCOUNT 1 #define SCHEMAVER_SAMBASAMACCOUNT 2 +/* differentiate between attributes for deletion and other actions */ + +#define FULL_ATTRIBUTES 1 +#define DELETION_ATTRIBUTES 2 + /* objectclass names */ #define LDAP_OBJ_SAMBASAMACCOUNT "sambaSamAccount" @@ -100,7 +105,9 @@ /* structures */ extern ATTRIB_MAP_ENTRY attrib_map_v22[]; +extern ATTRIB_MAP_ENTRY attrib_map_v22_to_delete[]; extern ATTRIB_MAP_ENTRY attrib_map_v30[]; +extern ATTRIB_MAP_ENTRY attrib_map_v30_to_delete[]; extern ATTRIB_MAP_ENTRY dominfo_attr_list[]; extern ATTRIB_MAP_ENTRY groupmap_attr_list[]; extern ATTRIB_MAP_ENTRY groupmap_attr_list_to_delete[]; diff -ur samba-3.0.1pre3.orig/source/lib/smbldap.c samba-3.0.1pre3/source/lib/smbldap.c --- samba-3.0.1pre3.orig/source/lib/smbldap.c 2003-11-07 18:37:35.000000000 +0100 +++ samba-3.0.1pre3/source/lib/smbldap.c 2003-11-29 18:45:47.000000000 +0100 @@ -69,6 +69,29 @@ { LDAP_ATTR_LIST_END, NULL } }; +ATTRIB_MAP_ENTRY attrib_map_v22_to_delete[] = { + { LDAP_ATTR_PWD_LAST_SET, "pwdLastSet" }, + { LDAP_ATTR_PWD_CAN_CHANGE, "pwdCanChange" }, + { LDAP_ATTR_PWD_MUST_CHANGE, "pwdMustChange" }, + { LDAP_ATTR_LOGON_TIME, "logonTime" }, + { LDAP_ATTR_LOGOFF_TIME, "logoffTime" }, + { LDAP_ATTR_KICKOFF_TIME, "kickoffTime" }, + { LDAP_ATTR_DISPLAY_NAME, "displayName" }, + { LDAP_ATTR_HOME_PATH, "smbHome" }, + { LDAP_ATTR_HOME_DRIVE, "homeDrives" }, + { LDAP_ATTR_LOGON_SCRIPT, "scriptPath" }, + { LDAP_ATTR_PROFILE_PATH, "profilePath" }, + { LDAP_ATTR_USER_WKS, "userWorkstations"}, + { LDAP_ATTR_USER_RID, "rid" }, + { LDAP_ATTR_PRIMARY_GROUP_RID, "primaryGroupID"}, + { LDAP_ATTR_LMPW, "lmPassword" }, + { LDAP_ATTR_NTPW, "ntPassword" }, + { LDAP_ATTR_DOMAIN, "domain" }, + { LDAP_ATTR_OBJCLASS, "objectClass" }, + { LDAP_ATTR_ACB_INFO, "acctFlags" }, + { LDAP_ATTR_LIST_END, NULL } +}; + /* attributes used by Samba 3.0's sambaSamAccount */ ATTRIB_MAP_ENTRY attrib_map_v30[] = { @@ -100,6 +123,29 @@ { LDAP_ATTR_LIST_END, NULL } }; +ATTRIB_MAP_ENTRY attrib_map_v30_to_delete[] = { + { LDAP_ATTR_PWD_LAST_SET, "sambaPwdLastSet" }, + { LDAP_ATTR_PWD_CAN_CHANGE, "sambaPwdCanChange" }, + { LDAP_ATTR_PWD_MUST_CHANGE, "sambaPwdMustChange" }, + { LDAP_ATTR_LOGON_TIME, "sambaLogonTime" }, + { LDAP_ATTR_LOGOFF_TIME, "sambaLogoffTime" }, + { LDAP_ATTR_KICKOFF_TIME, "sambaKickoffTime" }, + { LDAP_ATTR_DISPLAY_NAME, "displayName" }, + { LDAP_ATTR_HOME_DRIVE, "sambaHomeDrive" }, + { LDAP_ATTR_HOME_PATH, "sambaHomePath" }, + { LDAP_ATTR_LOGON_SCRIPT, "sambaLogonScript" }, + { LDAP_ATTR_PROFILE_PATH, "sambaProfilePath" }, + { LDAP_ATTR_USER_WKS, "sambaUserWorkstations" }, + { LDAP_ATTR_USER_SID, LDAP_ATTRIBUTE_SID }, + { LDAP_ATTR_PRIMARY_GROUP_SID, "sambaPrimaryGroupSID" }, + { LDAP_ATTR_LMPW, "sambaLMPassword" }, + { LDAP_ATTR_NTPW, "sambaNTPassword" }, + { LDAP_ATTR_DOMAIN, "sambaDomainName" }, + { LDAP_ATTR_OBJCLASS, "objectClass" }, + { LDAP_ATTR_ACB_INFO, "sambaAcctFlags" }, + { LDAP_ATTR_LIST_END, NULL } +}; + /* attributes used for alalocating RIDs */ ATTRIB_MAP_ENTRY dominfo_attr_list[] = { diff -ur samba-3.0.1pre3.orig/source/passdb/pdb_ldap.c samba-3.0.1pre3/source/passdb/pdb_ldap.c --- samba-3.0.1pre3.orig/source/passdb/pdb_ldap.c 2003-11-14 04:40:36.000000000 +0100 +++ samba-3.0.1pre3/source/passdb/pdb_ldap.c 2003-11-29 19:04:45.000000000 +0100 @@ -132,14 +132,20 @@ Return the list of attribute names given a user schema version. **********************************************************************/ -static char** get_userattr_list( int schema_ver ) +static char** get_userattr_list( int schema_ver, int attrs_type ) { switch ( schema_ver ) { case SCHEMAVER_SAMBAACCOUNT: - return get_attr_list( attrib_map_v22 ); + if ( attrs_type == DELETION_ATTRIBUTES ) + return get_attr_list( attrib_map_v22_to_delete ); + else + return get_attr_list( attrib_map_v22 ); case SCHEMAVER_SAMBASAMACCOUNT: - return get_attr_list( attrib_map_v30 ); + if ( attrs_type == DELETION_ATTRIBUTES ) + return get_attr_list( attrib_map_v30_to_delete ); + else + return get_attr_list( attrib_map_v30 ); default: DEBUG(0,("get_userattr_list: unknown schema version specified!\n")); break; @@ -948,7 +954,7 @@ get_objclass_filter(ldap_state->schema_ver)); all_string_sub(filter, "%u", "*", sizeof(pstring)); - attr_list = get_userattr_list(ldap_state->schema_ver); + attr_list = get_userattr_list(ldap_state->schema_ver, FULL_ATTRIBUTES); rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, attr_list, &ldap_state->result); free_attr_list( attr_list ); @@ -1023,7 +1029,7 @@ char ** attr_list; int rc; - attr_list = get_userattr_list( ldap_state->schema_ver ); + attr_list = get_userattr_list( ldap_state->schema_ver, FULL_ATTRIBUTES ); rc = ldapsam_search_suffix_by_name(ldap_state, sname, &result, attr_list); free_attr_list( attr_list ); @@ -1068,7 +1074,7 @@ switch ( ldap_state->schema_ver ) { case SCHEMAVER_SAMBASAMACCOUNT: - attr_list = get_userattr_list(ldap_state->schema_ver); + attr_list = get_userattr_list(ldap_state->schema_ver, FULL_ATTRIBUTES); rc = ldapsam_search_suffix_by_sid(ldap_state, sid, result, attr_list); free_attr_list( attr_list ); @@ -1081,7 +1087,7 @@ return rc; } - attr_list = get_userattr_list(ldap_state->schema_ver); + attr_list = get_userattr_list(ldap_state->schema_ver, FULL_ATTRIBUTES); rc = ldapsam_search_suffix_by_rid(ldap_state, rid, result, attr_list ); free_attr_list( attr_list ); @@ -1278,7 +1284,7 @@ DEBUG (3, ("ldapsam_delete_sam_account: Deleting user %s from LDAP.\n", sname)); - attr_list= get_userattr_list( ldap_state->schema_ver ); + attr_list= get_userattr_list( ldap_state->schema_ver, DELETION_ATTRIBUTES ); rc = ldapsam_search_suffix_by_name(ldap_state, sname, &result, attr_list); if (rc != LDAP_SUCCESS) { @@ -1335,7 +1341,7 @@ result = pdb_get_backend_private_data(newpwd, my_methods); if (!result) { - attr_list = get_userattr_list(ldap_state->schema_ver); + attr_list = get_userattr_list(ldap_state->schema_ver, FULL_ATTRIBUTES); rc = ldapsam_search_suffix_by_name(ldap_state, pdb_get_username(newpwd), &result, attr_list ); free_attr_list( attr_list ); if (rc != LDAP_SUCCESS) { @@ -1432,7 +1438,7 @@ } /* free this list after the second search or in case we exit on failure */ - attr_list = get_userattr_list(ldap_state->schema_ver); + attr_list = get_userattr_list(ldap_state->schema_ver, FULL_ATTRIBUTES); rc = ldapsam_search_suffix_by_name (ldap_state, username, &result, attr_list);