1c5c4113dSnw /*
2c5c4113dSnw  * CDDL HEADER START
3c5c4113dSnw  *
4c5c4113dSnw  * The contents of this file are subject to the terms of the
5c5c4113dSnw  * Common Development and Distribution License (the "License").
6c5c4113dSnw  * You may not use this file except in compliance with the License.
7c5c4113dSnw  *
8c5c4113dSnw  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9c5c4113dSnw  * or http://www.opensolaris.org/os/licensing.
10c5c4113dSnw  * See the License for the specific language governing permissions
11c5c4113dSnw  * and limitations under the License.
12c5c4113dSnw  *
13c5c4113dSnw  * When distributing Covered Code, include this CDDL HEADER in each
14c5c4113dSnw  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15c5c4113dSnw  * If applicable, add the following below this CDDL HEADER, with the
16c5c4113dSnw  * fields enclosed by brackets "[]" replaced with your own identifying
17c5c4113dSnw  * information: Portions Copyright [yyyy] [name of copyright owner]
18c5c4113dSnw  *
19c5c4113dSnw  * CDDL HEADER END
20c5c4113dSnw  */
21c5c4113dSnw /*
22148c5f43SAlan Wright  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23fea136a0SMatt Barden  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
242dd4154fSMatt Barden  * Copyright 2023 RackTop Systems, Inc.
25c5c4113dSnw  */
26c5c4113dSnw 
27c5c4113dSnw #ifndef _IDMAP_CONFIG_H
28c5c4113dSnw #define	_IDMAP_CONFIG_H
29c5c4113dSnw 
30c5c4113dSnw 
31c5c4113dSnw #include "idmap.h"
32c8e26105Sjp #include "addisc.h"
33c5c4113dSnw #include <libscf.h>
34c5c4113dSnw #include <synch.h>
35b3700b07SGordon Ross #include <sys/uuid.h>
36c5c4113dSnw 
37c5c4113dSnw #ifdef __cplusplus
38c5c4113dSnw extern "C" {
39c5c4113dSnw #endif
40c5c4113dSnw 
41c5c4113dSnw #define	MAX_POLICY_SIZE 1023
42c5c4113dSnw 
43e3f2c991SKeyur Desai #define	DIRECTORY_MAPPING_NONE	0
44e3f2c991SKeyur Desai #define	DIRECTORY_MAPPING_NAME	1
45e3f2c991SKeyur Desai #define	DIRECTORY_MAPPING_IDMU	2
46e3f2c991SKeyur Desai 
47e3f2c991SKeyur Desai struct enum_lookup_map {
48e3f2c991SKeyur Desai 	int value;
49e3f2c991SKeyur Desai 	char *string;
50e3f2c991SKeyur Desai };
51e3f2c991SKeyur Desai 
52e3f2c991SKeyur Desai extern struct enum_lookup_map directory_mapping_map[];
53e3f2c991SKeyur Desai extern const char *enum_lookup(int value, struct enum_lookup_map *map);
54e3f2c991SKeyur Desai 
55c8e26105Sjp /* SMF and auto-discovery context handles */
56c8e26105Sjp typedef struct idmap_cfg_handles {
57c8e26105Sjp 	pthread_mutex_t		mutex;
58c5c4113dSnw 	scf_handle_t		*main;
59c5c4113dSnw 	scf_instance_t		*instance;
60c5c4113dSnw 	scf_service_t		*service;
61c5c4113dSnw 	scf_propertygroup_t	*config_pg;
62148c5f43SAlan Wright 	scf_propertygroup_t	*debug_pg;
63c8e26105Sjp 	ad_disc_t		ad_ctx;
64c8e26105Sjp } idmap_cfg_handles_t;
65c5c4113dSnw 
66c8e26105Sjp /*
67c8e26105Sjp  * This structure stores AD and AD-related configuration
68c8e26105Sjp  */
694d61c878SJulian Pullen typedef struct idmap_trustedforest {
704d61c878SJulian Pullen 	char		*forest_name;
71b3700b07SGordon Ross 	ad_disc_ds_t	*global_catalog;	/* global catalog hosts */
724d61c878SJulian Pullen 	ad_disc_domainsinforest_t
734d61c878SJulian Pullen 			*domains_in_forest;
744d61c878SJulian Pullen } idmap_trustedforest_t;
754d61c878SJulian Pullen 
764d61c878SJulian Pullen 
77c5c4113dSnw typedef struct idmap_pg_config {
78c5c4113dSnw 	uint64_t	list_size_limit;
79fea136a0SMatt Barden 	uint64_t	max_threads;
802dd4154fSMatt Barden 	uint64_t	discovery_retry_max_delay;
8148cd229bSGordon Ross 	uint64_t	id_cache_timeout;
8248cd229bSGordon Ross 	uint64_t	name_cache_timeout;
83b3700b07SGordon Ross 	uint64_t	rediscovery_interval;
8412b65585SGordon Ross 	char		*machine_uuid;		/* machine uuid */
854d61c878SJulian Pullen 	char		*machine_sid;		/* machine sid */
86c8e26105Sjp 	char		*default_domain;	/* default domain name */
87c8e26105Sjp 	char		*domain_name;		/* AD domain name */
88b3700b07SGordon Ross 	boolean_t	domain_name_auto_disc;
89b3700b07SGordon Ross 	char		*domain_guid;		/* GUID (string) */
90b3700b07SGordon Ross 	boolean_t	domain_guid_auto_disc;
91*dcd633c7SMatt Barden 	char		**cfg_domain_controller;
92b3700b07SGordon Ross 	ad_disc_ds_t	*domain_controller;	/* domain controller hosts */
937a8a68f5SJulian Pullen 	boolean_t	domain_controller_auto_disc;
94c8e26105Sjp 	char		*forest_name;		/* forest name */
957a8a68f5SJulian Pullen 	boolean_t	forest_name_auto_disc;
96c8e26105Sjp 	char		*site_name;		/* site name */
977a8a68f5SJulian Pullen 	boolean_t	site_name_auto_disc;
98*dcd633c7SMatt Barden 	char		**cfg_global_catalog;
99b3700b07SGordon Ross 	ad_disc_ds_t	*global_catalog;	/* global catalog hosts */
1007a8a68f5SJulian Pullen 	boolean_t	global_catalog_auto_disc;
1014d61c878SJulian Pullen 	ad_disc_domainsinforest_t
1024d61c878SJulian Pullen 			*domains_in_forest;
1034d61c878SJulian Pullen 	ad_disc_trusteddomains_t
1044d61c878SJulian Pullen 			*trusted_domains;	/* Trusted Domains */
1054d61c878SJulian Pullen 	int		num_trusted_forests;
1064d61c878SJulian Pullen 	idmap_trustedforest_t
1074d61c878SJulian Pullen 			*trusted_forests;	/* Array of trusted forests */
1084d61c878SJulian Pullen 
109*dcd633c7SMatt Barden 	char		**cfg_preferred_dc;
110b3700b07SGordon Ross 	ad_disc_ds_t	*preferred_dc;
111b3700b07SGordon Ross 	boolean_t	preferred_dc_auto_disc;
112b3700b07SGordon Ross 
113e8c27ec8Sbaban 	/*
114e8c27ec8Sbaban 	 * Following properties are associated with directory-based
115e8c27ec8Sbaban 	 * name-mappings.
116e8c27ec8Sbaban 	 */
117e8c27ec8Sbaban 	char		*ad_unixuser_attr;
118e8c27ec8Sbaban 	char		*ad_unixgroup_attr;
119e8c27ec8Sbaban 	char		*nldap_winname_attr;
120e3f2c991SKeyur Desai 	int		directory_based_mapping;	/* enum */
1217a8a68f5SJulian Pullen 	boolean_t	eph_map_unres_sids;
1221ed6b69aSGordon Ross 	boolean_t	use_ads;
123148c5f43SAlan Wright 	boolean_t	use_lsa;
124148c5f43SAlan Wright 	boolean_t	disable_cross_forest_trusts;
125c5c4113dSnw } idmap_pg_config_t;
126c5c4113dSnw 
127c5c4113dSnw typedef struct idmap_cfg {
128c8e26105Sjp 	idmap_pg_config_t	pgcfg;	    /* live AD/ID mapping config */
129c8e26105Sjp 	idmap_cfg_handles_t	handles;
130349d5d8fSnw 	int			initialized;
131c5c4113dSnw } idmap_cfg_t;
132c5c4113dSnw 
133c8e26105Sjp 
134fea136a0SMatt Barden extern void		idmap_cfg_unload(idmap_pg_config_t *);
135349d5d8fSnw extern int		idmap_cfg_load(idmap_cfg_t *, int);
136c8e26105Sjp extern idmap_cfg_t	*idmap_cfg_init(void);
137c5c4113dSnw extern int		idmap_cfg_fini(idmap_cfg_t *);
138e3f2c991SKeyur Desai extern int		idmap_cfg_upgrade(idmap_cfg_t *);
1390dcc7149Snw extern int		idmap_cfg_start_updates(void);
1400dcc7149Snw extern void		idmap_cfg_poke_updates(void);
141b3700b07SGordon Ross extern void		idmap_cfg_force_rediscovery(void);
1420dcc7149Snw extern void		idmap_cfg_hup_handler(int);
143c5c4113dSnw 
144b3700b07SGordon Ross #define	CFG_DISCOVER		0x1	/* Run discovery */
145b3700b07SGordon Ross #define	CFG_FORGET_DC		0x2	/* Forget current DC. */
146b3700b07SGordon Ross #define	CFG_LOG			0x4
147349d5d8fSnw 
148c5c4113dSnw #ifdef __cplusplus
149c5c4113dSnw }
150c5c4113dSnw #endif
151c5c4113dSnw 
152c5c4113dSnw #endif /* _IDMAP_CONFIG_H */
153