1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25 #ifndef _IDMAP_CONFIG_H 26 #define _IDMAP_CONFIG_H 27 28 29 #include "idmap.h" 30 #include "addisc.h" 31 #include <libscf.h> 32 #include <synch.h> 33 34 #ifdef __cplusplus 35 extern "C" { 36 #endif 37 38 #define MAX_POLICY_SIZE 1023 39 40 #define DIRECTORY_MAPPING_NONE 0 41 #define DIRECTORY_MAPPING_NAME 1 42 #define DIRECTORY_MAPPING_IDMU 2 43 44 struct enum_lookup_map { 45 int value; 46 char *string; 47 }; 48 49 extern struct enum_lookup_map directory_mapping_map[]; 50 extern const char *enum_lookup(int value, struct enum_lookup_map *map); 51 52 /* SMF and auto-discovery context handles */ 53 typedef struct idmap_cfg_handles { 54 pthread_mutex_t mutex; 55 scf_handle_t *main; 56 scf_instance_t *instance; 57 scf_service_t *service; 58 scf_propertygroup_t *config_pg; 59 scf_propertygroup_t *debug_pg; 60 ad_disc_t ad_ctx; 61 } idmap_cfg_handles_t; 62 63 /* 64 * This structure stores AD and AD-related configuration 65 */ 66 typedef struct idmap_trustedforest { 67 char *forest_name; 68 idmap_ad_disc_ds_t 69 *global_catalog; /* global catalog hosts */ 70 ad_disc_domainsinforest_t 71 *domains_in_forest; 72 } idmap_trustedforest_t; 73 74 75 typedef struct idmap_pg_config { 76 uint64_t list_size_limit; 77 char *machine_sid; /* machine sid */ 78 char *default_domain; /* default domain name */ 79 char *domain_name; /* AD domain name */ 80 boolean_t domain_name_auto_disc; 81 idmap_ad_disc_ds_t 82 *domain_controller; /* domain controller hosts */ 83 boolean_t domain_controller_auto_disc; 84 char *forest_name; /* forest name */ 85 boolean_t forest_name_auto_disc; 86 char *site_name; /* site name */ 87 boolean_t site_name_auto_disc; 88 idmap_ad_disc_ds_t 89 *global_catalog; /* global catalog hosts */ 90 boolean_t global_catalog_auto_disc; 91 ad_disc_domainsinforest_t 92 *domains_in_forest; 93 ad_disc_trusteddomains_t 94 *trusted_domains; /* Trusted Domains */ 95 int num_trusted_forests; 96 idmap_trustedforest_t 97 *trusted_forests; /* Array of trusted forests */ 98 99 /* 100 * Following properties are associated with directory-based 101 * name-mappings. 102 */ 103 char *ad_unixuser_attr; 104 char *ad_unixgroup_attr; 105 char *nldap_winname_attr; 106 int directory_based_mapping; /* enum */ 107 boolean_t eph_map_unres_sids; 108 boolean_t use_lsa; 109 boolean_t disable_cross_forest_trusts; 110 } idmap_pg_config_t; 111 112 typedef struct idmap_cfg { 113 idmap_pg_config_t pgcfg; /* live AD/ID mapping config */ 114 idmap_cfg_handles_t handles; 115 int initialized; 116 } idmap_cfg_t; 117 118 119 extern void idmap_cfg_unload(idmap_pg_config_t *); 120 extern int idmap_cfg_load(idmap_cfg_t *, int); 121 extern idmap_cfg_t *idmap_cfg_init(void); 122 extern int idmap_cfg_fini(idmap_cfg_t *); 123 extern int idmap_cfg_upgrade(idmap_cfg_t *); 124 extern int idmap_cfg_start_updates(void); 125 extern void idmap_cfg_poke_updates(void); 126 extern void idmap_cfg_hup_handler(int); 127 128 #define CFG_DISCOVER 0x1 129 #define CFG_LOG 0x2 130 131 #ifdef __cplusplus 132 } 133 #endif 134 135 #endif /* _IDMAP_CONFIG_H */ 136