Bug(s) fixed: 158235

Bug Description: Phonebook/gateway: Object class violation - missing attribute "ntUserDomainId" required by object class "ntGroup"
Reviewed by: David (Thanks!)
Fix Description: 1) Change all places that use ntgroupdomainid to use ntuserdomainid instead
2) Get rid of support for NT domains. There were many places in the code that
expected the nt user and nt group id to be prefixed with "domain:". Since we
do not support domains anymore, I removed that code.
Platforms tested: RHEL4
Flag Day: no
Doc impact: Yes, but I believe David is changing those docs
QA impact: need to test dsgw NT functionality
New Tests integrated into TET: none

ldap/clients/dsgw/config/display-ntgroup.html

@@ -156,9 +156,9 @@ New NT Group -
 </TD>
 <TD NOWRAP>
 <!-- IF "!Adding" -->
-<!-- DS_ATTRIBUTE "attr=ntGroupDomainId" "syntax=ntgroupname" "cols=>16" "options=readonly" "defaultvalue=none" -->
+<!-- DS_ATTRIBUTE "attr=ntUserDomainId" "syntax=ntgroupname" "cols=>16" "options=readonly" "defaultvalue=none" -->
 <!-- ELSE // Adding -->
-<!-- DS_ATTRIBUTE "attr=ntGroupDomainId" "syntax=ntgroupname" "cols=>16" -->
+<!-- DS_ATTRIBUTE "attr=ntUserDomainId" "syntax=ntgroupname" "cols=>16" -->
 <!-- ENDIF // Adding -->
 </TD></TR>
 
@@ -180,20 +180,6 @@ New NT Group -
 <!-- ENDIF // Adding -->
 </TD></TR>
 
-<TR>
-<TD NOWRAP
-<!-- IF "Displaying" -->
-    class="bold"
-<!-- ENDIF -->
->NT Group Domain: 
-<!-- IF "!Displaying" -->
-<B>*</B>
-<!-- ENDIF -->
-</TD>
-<TD NOWRAP>
-<!-- DS_ATTRIBUTE "attr=ntGroupDomainId" "syntax=ntdomain" "cols=>16" -->
-</TD></TR>
-
 <TR>
 <TD NOWRAP
 <!-- IF "Displaying" -->

ldap/clients/dsgw/config/display-ntperson.html

@@ -330,7 +330,7 @@ showAimIcon();
 
 <TABLE CELLSPACING="2" BGCOLOR=#FFFFFF WIDTH=95%>
 <TR>
-<TH COLSPAN=4 align=left>
+<TH COLSPAN=2 align=left>
 Windows NT Account Information</TH>
 </TR>
 
@@ -344,35 +344,24 @@ Windows NT Account Information</TH>
 <B>*</B>
 <!-- ENDIF -->
 </TD>
-<TD VALIGN="TOP" NOWRAP>
+<TD VALIGN="TOP" ALIGN="LEFT" NOWRAP>
 <!-- IF "!Adding" -->
 <!-- DS_ATTRIBUTE "attr=nTUserDomainId" "syntax=ntuserid" "cols=>16" "options=readonly" -->
 <!-- ENDIF // Adding -->
 <!-- IF "Adding" -->
 <!-- DS_ATTRIBUTE "attr=nTUserDomainId" "syntax=ntuserid" "cols=>16" -->
 <!-- ENDIF // Adding -->
-</TD>
-<TD VALIGN="TOP" NOWRAP
-<!-- IF "Displaying" -->
-    class="bold"
-<!-- ENDIF -->
->NT Domain Name:
-<!-- IF "!Displaying" -->
-<B>*</B>
-<!-- ENDIF -->
-</TD><TD VALIGN="TOP" NOWRAP>
-<!-- DS_ATTRIBUTE "attr=nTUserDomainId" "syntax=ntdomain" "cols=>16" -->
 </TD></TR>
 <INPUT TYPE="hidden" NAME="desc_uid" VALUE="user id">
 <!-- PCONTEXT -->
 
 <TR>
-<TD VALIGN="TOP" COLSPAN=2 NOWRAP
+<TD VALIGN="TOP" NOWRAP
 <!-- IF "Displaying" -->
     class="bold"
 <!-- ENDIF -->
 >Delete NT Account if Person deleted:</TD>
-<TD VALIGN="TOP" COLSPAN=2 NOWRAP>
+<TD VALIGN="TOP" ALIGN="LEFT" NOWRAP>
 <!-- DS_ATTRIBUTE "syntax=bool" "type=radio" "true=Yes" "false=No" "defaultvalue=FALSE" "attr=nTUserDeleteAccount" -->
 </TD></TR>
 

ldap/clients/dsgw/config/dsgwfilter.conf

@@ -112,8 +112,7 @@
     ".*"        ". _"   "(cn=%v1-))"                    "name is"
                         "(cn=*%v1-*))"                  "name contains"
                         "(cn~=%v1-))"                   "name sounds like"
-                        "(ntgroupdomainid=%v:*))"       "NT Domain name is"
-                        "(ntgroupdomainid=*:%v))"       "NT Group is"
+                        "(ntuserdomainid=%v))"       "NT Group is"
 
 "dsgw-organizations"
     "="		" "	"(%v))"				"LDAP filter is"
@@ -179,8 +178,7 @@
 
     ".*"	". "	"(|(cn=%v1)(sn=%v1)))"		"name is"
                         "(ntuserlogonserver=%v))"	"NT logon server is"
-                        "(ntuserdomainid=%v:*))"	"NT Domain name is"
-                        "(ntuserdomainid=*:%v))"	"NT username is"
+                        "(ntuserdomainid=%v))"	"NT username is"
 			"(|(cn=*%v1*)(sn=*%v1*)(cn~=%v1)(sn~=%v1)))"	"name sounds like or contains"
 
 # Do not remove this line, or place any directives after it.

ldap/clients/dsgw/config/dsgwsearchprefs.conf

@@ -100,7 +100,6 @@ subtree
 "user id"                       "uid"              111111  ""  ""
 "title"                         title              111111 "" ""
 "NT username"                   "ntuserdomainid"   110000 "" ""
-"NT domain"                     "ntuserdomainid"   101000 "" ""
 "NT logon server"               "ntuserlogonserver" 111111 "" ""
 END
 "is"               		"(%a=%v))"
@@ -142,8 +141,7 @@ not-used-by-dsgw
 not-used-by-dsgw
 subtree
 "name"  	                cn                    111111  ""       ""
-"NT groupname"                   "ntgroupdomainid"   110000 "" ""
-"NT domain"                     "ntgroupdomainid"   101000 "" ""
+"NT groupname"                   "ntuserdomainid"   110000 "" ""
 "description"                   description  	      111111  ""       ""
 "owner (DN)"                    "owner"               000011  "owner"  "Owner"
 "member (DN)"                   "uniquemember"        000011  ""       ""

ldap/clients/dsgw/config/list-NT-Groups.html

@@ -59,9 +59,6 @@
     <td class="boldbig">
         LDAP Group Name
     </td>
-    <td class="boldbig">
-        NT Domain Name
-    </td>
     <td class="boldbig">
         NT Group Name
     </td>
@@ -75,12 +72,9 @@
   <tr valign="top" bgcolor="#FFFFFF">
     <td >
 <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" -->
-    </td>
-    <td >
-<!-- DS_ATTRIBUTE "attr=ntgroupdomainid" "syntax=ntdomain" -->
     </td>
     <td>
-<!-- DS_ATTRIBUTE "attr=ntgroupdomainid" "syntax=ntgroupname" -->
+<!-- DS_ATTRIBUTE "attr=ntuserdomainid" "syntax=ntgroupname" -->
     </td>
     <td >
 <!-- DS_ATTRIBUTE "attr=description" -->

ldap/clients/dsgw/config/list-NT-People.html

@@ -92,9 +92,6 @@ document.write('<a href=\"aim:goim?Screenname=' + aimID.replace(/ /,"+") + '\"><
   <tr valign="top" bgcolor="#FFFFFF">
     <td >
 <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "hrefextra=onMouseOver=%22%0Awindow.status='Click here to view this entry in detail'; return true%22" -->
-    </td>
-    <td >
-<!-- DS_ATTRIBUTE "attr=ntuserdomainid" "syntax=ntdomain" -->      
     </td>
     <td>
 <!-- DS_ATTRIBUTE "attr=ntuserdomainid" "syntax=ntuserid" -->

ldap/clients/dsgw/domodify.c

@@ -62,10 +62,7 @@ static int starts_with( char *s, char *startswith );
 static char **post2multilinevals( char *postedval );
 static char **post2vals( char *postedval );
 static int require_oldpasswd( char *modifydn );
-static char *dsgw_processdomainid( LDAP *ld, char *dn, char *attr, char *val, int len);
 static int value_is_unique( LDAP *ld, char *dn, char *attr, char *value );
-static LDAPDomainIdStatus
-dsgw_checkdomain_uniqueness( LDAP *ld, char *attr, char *val, int len);
 static int	verbose = 0;
 static int	quiet = 0;
 static int	display_results_inline = 0;
@@ -417,20 +414,14 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
 {
     int		lderr, i, j, opoffset, modop, mls, unique, unchanged_count;
     char	*varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs;
-	char	*userid = NULL, *oc_ntuser = NULL;
-	char	userdomainid[512];
-
-    char	*groupname = NULL;
-    char	groupdomainid[512];
+    char	*ntuserid = NULL;
 
     LDAPMod	**pmods;
 
 	int		msgid;
 	LDAPMessage	*res = NULL;
 	char	*errmsg = NULL;
-
-    memset( userdomainid, 0, sizeof( userdomainid ));
-    memset( groupdomainid, 0, sizeof( groupdomainid ));
+	int     isNtUser = 0;
 
     pmods = NULL;
     unchanged_attrs = NULL;
@@ -476,26 +467,14 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
 	if ( starts_with( varname, "add_" )) {
 	    modop = LDAP_MOD_ADD;
 	    opoffset = 4;
+	    attr = varname + opoffset;
+	    if (!isNtUser && (strcasecmp(DSGW_OC_NTUSER, attr) == 0)) {
+		isNtUser = 1;
+	    }
 	} else if ( starts_with( varname, "replace_" )) {
 	    modop = LDAP_MOD_REPLACE;
 	    opoffset = 8;
 		attr = varname + opoffset;
-		if( strcasecmp( DSGW_ATTRTYPE_NTUSERDOMAINID, attr) == 0) {
-                    if( varvalue) {
-				if( !userid  )
-					userid = strdup( varvalue );
-				else
-					strcpy( userdomainid, varvalue ); 
-                    }
-                }
-		if( strcasecmp( DSGW_ATTRTYPE_NTGROUPDOMAINID, attr) == 0) {
-                    if( varvalue) {
-				if( !groupname ) 
-					groupname = strdup( varvalue );
-				else
-					strcpy( groupdomainid, varvalue ); 
-                    }
-                }
 	} else if ( starts_with( varname, "delete_" )) {
 	    modop = LDAP_MOD_DELETE;
 	    opoffset = 7;
@@ -516,22 +495,6 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
 		    remove_modifyops( pmods, attr );
 		}
 	    }
-	} else if ( starts_with( varname, "replace_" )) {
-	    modop = LDAP_MOD_REPLACE;
-	    opoffset = 8;
-		attr = varname + opoffset;
-		if( strcasecmp( DSGW_ATTRTYPE_USERID, attr) == 0)
-			if( varvalue) 
-				userid = strdup( varvalue );
-		if( strcasecmp( DSGW_ATTRTYPE_NTUSERDOMAINID, attr) == 0) 
-			if( varvalue) 
-				strcpy( userdomainid, varvalue ); 
-		if( strcasecmp( DSGW_ATTRTYPE_NTGROUPNAME, attr) == 0)
-			if( varvalue) 
-				groupname = strdup( varvalue );
-		if( strcasecmp( DSGW_ATTRTYPE_NTGROUPDOMAINID, attr) == 0) 
-			if( varvalue) 
-				strcpy( groupdomainid, varvalue ); 
 	}
 
 	if ( opoffset >= 0 ) {
@@ -576,72 +539,12 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
 				   LDAP_SUCCESS ) {
 			       return( lderr );
 			    }
-				if( strcasecmp( DSGW_OC_NTUSER, varvalue) == 0 && 
-					modop == LDAP_MOD_ADD ) {
-					oc_ntuser = strdup( vals[ j ] );
-				}
-
-				if( strcasecmp( DSGW_ATTRTYPE_NTUSERDOMAINID, attr) == 0) {
-					if( modop == LDAP_MOD_ADD ) {
-						if( userid == NULL ) {
-							userid = strdup( vals[ j ] );
-							break;
-						} else {
-    						memset( userdomainid, 0, sizeof( userdomainid ));
-							PR_snprintf( userdomainid, 512, "%s%c%s", 
-									   vals[ j ], DSGW_NTDOMAINID_SEP, userid );
-							if( dsgw_checkdomain_uniqueness( ld, attr, 
-								userdomainid, strlen( userdomainid ) ) != 
-										LDAPDomainIdStatus_Unique) {
-								dsgw_error( DSGW_ERR_DOMAINID_NOTUNIQUE, 
-											NULL, 0, 0, NULL );
-								return(LDAP_PARAM_ERROR);
-							} else {
-								/* don't free here because this is freed elsewhere */
-								/*
-								free( vals[ j ] );
-								*/
-								vals[ j ] = strdup( userdomainid ); 
-							}
-						}
-					} else {
-						if(( retval = dsgw_processdomainid( ld, dn, attr, 
-								vals[ j ], strlen( vals[ j ] ))) != 0) {
-							vals[ j ] = retval;
-						}
-					}
-				}
 				
-				if( strcasecmp( DSGW_ATTRTYPE_NTGROUPDOMAINID, attr) == 0) {
-					if( modop == LDAP_MOD_ADD ) {
-						if( groupname == NULL ) {
-							groupname = strdup( vals[ j ] );
-							break;
-						} else {
-    						memset( groupdomainid, 0, sizeof( groupdomainid ));
-							PR_snprintf( groupdomainid, 512, "%s%c%s", 
-									   vals[ j ], DSGW_NTDOMAINID_SEP, groupname );
-							if( dsgw_checkdomain_uniqueness( ld, attr, 
-								groupdomainid, strlen( groupdomainid ) ) != 
-										LDAPDomainIdStatus_Unique) {
-								dsgw_error( DSGW_ERR_DOMAINID_NOTUNIQUE, 
-											NULL, 0, 0, NULL );
-								return(LDAP_PARAM_ERROR);
-							} else {
-								/* don't free here because this is freed elsewhere */
-								/*  
-								free( vals[ j ] );
-								*/
-								vals[ j ] = strdup( groupdomainid ); 
-							}
-						}
-					} else {
-						if(( retval = dsgw_processdomainid( ld, dn, attr, 
-								vals[ j ], strlen( vals[ j ] ))) != 0) {
-							vals[ j ] = retval;
-						}
-					}
+			    if( isNtUser && (strcasecmp( DSGW_ATTRTYPE_NTUSERDOMAINID, attr) == 0)) {
+				if( !ntuserid  ) {
+				    ntuserid = strdup( vals[ j ] );
 				}
+			    }
 				addmodifyop( &pmods, modop, attr, vals[ j ],
 					strlen( vals[ j ] ));
 		    }
@@ -656,19 +559,14 @@ entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
 	free( varname );
     }
 
-    if( oc_ntuser != NULL &&
-	    ((strlen( userdomainid ) == 0) || userid == NULL )) {
-	dsgw_error( DSGW_ERR_USERID_DOMAINID_REQUIRED, NULL, 0, 0, NULL );
-	return(LDAP_PARAM_ERROR);
-    }
-
-    if( strlen( userdomainid ) > 0 && userid == NULL ) {
+    /* if the admin is adding an NT person, there must be an ntuserid */
+    if( (isNtUser) && (ntuserid == NULL) ) {
 	dsgw_error( DSGW_ERR_USERID_REQUIRED, NULL, 0, 0, NULL );
 	return(LDAP_PARAM_ERROR);
     }
 
-    if( strlen( userdomainid ) > 0 && userid &&
-	    strlen( userid ) > MAX_NTUSERID_LEN) {
+    /* if an ntuserid is being added, it must be the correct length */
+    if( (isNtUser) && ntuserid && (strlen( ntuserid ) > MAX_NTUSERID_LEN)) {
 	dsgw_error( DSGW_ERR_USERID_MAXLEN_EXCEEDED, NULL, 0, 0, NULL );
 	return(LDAP_PARAM_ERROR);
     }
@@ -1168,115 +1066,3 @@ value_is_unique( LDAP *ld, char *dn, char *attr, char *value )
 
     return( rc );
 }
-	 
-
-/* 
- * Check that the domain:userid is unique in the directory.
- */
-static LDAPDomainIdStatus
-dsgw_checkdomain_uniqueness( LDAP *ld, char *attr, char *val, int len)
-{
-    int rc, count;
-    LDAPMessage *msgp = NULL;
-    char filter[256];
-
-    if( val == NULL )
-        return LDAPDomainIdStatus_NullId;
-
-    if( strcasecmp( attr, DSGW_ATTRTYPE_NTUSERDOMAINID ) == 0 ) {
-	PR_snprintf( filter, 256, "%s=%s", DSGW_ATTRTYPE_NTUSERDOMAINID, val );
-    } else if ( strcasecmp( attr, DSGW_ATTRTYPE_NTGROUPDOMAINID ) == 0 ) {
-	PR_snprintf( filter, 256, "%s=%s", DSGW_ATTRTYPE_NTGROUPDOMAINID, val );
-    } else {
-	return LDAPDomainIdStatus_NullAttr;
-    }
-
-    if (( rc = ldap_search_s( ld, gc->gc_ldapsearchbase, LDAP_SCOPE_SUBTREE, 
-	    filter, NULL, 0, &msgp )) == LDAP_SUCCESS) {
-	count = (msgp == NULL) ? 0 : ldap_count_entries( ld, msgp );
-	if ( count > 0 ) {
-	    return LDAPDomainIdStatus_Nonunique;
-	} else {
-	    return LDAPDomainIdStatus_Unique;
-	}
-    } else {
-	    return LDAPDomainIdStatus_Nonunique;
-    }
-}
-
-
-/* 
- * Add the current value of uid in the entry to the ntdomain id before 
- * further processing of the domain id.
- */
-static char *
-dsgw_processdomainid( LDAP *ld, char *dn, char *attr, char *val, int len)
-{
-    int rc, count;
-    LDAPMessage *msgp = NULL;
-    LDAPMessage *entry;
-    char **attrlist, *attrs[ 2 ];
-    char *value, *newval;
-	char *pch, **vals;
-
-    if( strcasecmp( attr, DSGW_ATTRTYPE_NTUSERDOMAINID ) != 0 &&
-	strcasecmp( attr, DSGW_ATTRTYPE_NTGROUPDOMAINID ) != 0 )
-        return( NULL );
-
-    attrs[ 0 ] = NULL; 
-    attrs[ 1 ] = NULL;
-    attrlist = attrs;
-
-    if(( rc = ldap_search_s( ld, dn, LDAP_SCOPE_BASE, "(objectclass=*)", attrlist,
-   	     0, &msgp )) != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT) 
-	{
-	    return( NULL );
-    }
-
-    count = (msgp == NULL) ? 0 : ldap_count_entries( ld, msgp );
-
-    if( count > 0 ) 
-	{
-        entry = ldap_first_entry( ld, msgp );
-        if( entry ) 
-		{
-
-	        if(( vals = ldap_get_values( ld, entry, 
-		    strcasecmp( attr, DSGW_ATTRTYPE_NTUSERDOMAINID )? 
-		    DSGW_ATTRTYPE_NTGROUPDOMAINID : 
-		    DSGW_ATTRTYPE_NTUSERDOMAINID )) != NULL)
-			{
-				if( vals[0] != NULL )
-				{
-					value = dsgw_ch_strdup( vals[0] );
-					newval = dsgw_ch_malloc( len + strlen( value ) +1 );
-					strcpy( newval, val );
-					pch = strchr( value, DSGW_NTDOMAINID_SEP );
-					if( pch )  
-					{
-						strcat( newval, pch );
-						return( newval );
-					}
-				}
-			}
-        }
-    }
-    return NULL;
-}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

ldap/clients/dsgw/dsgw.h

@@ -172,8 +172,6 @@ extern char            *countri; /* The language chosen by libsi18n. */
 
 #define DSGW_OC_NTUSER			"ntuser"
 
-#define DSGW_ATTRTYPE_NTGROUPDOMAINID	"nTGroupDomainId"
-#define DSGW_ATTRTYPE_NTGROUPNAME	"nTGroupName"
 #define DSGW_ATTRTYPE_AIMSTATUSTEXT     "nsaimstatustext"
 
 #if defined( XP_WIN32 )

ldap/clients/dsgw/entrydisplay.c

@@ -273,7 +273,6 @@ struct attr_handler attrhandlers[] = {
     { "ces",	str_display,	str_edit,	CASE_EXACT       	},
     { "bool",	bool_display,	bool_edit,	CASE_INSENSITIVE	},
     { "time",	time_display,	str_edit,	CASE_INSENSITIVE	},
-    { "ntdomain", ntdomain_display, str_edit,	CASE_INSENSITIVE	},
     { "ntuserid", ntuserid_display, str_edit,	CASE_INSENSITIVE	},
     { "ntgroupname", ntuserid_display, str_edit,	CASE_INSENSITIVE	},
     { "binvalue", binvalue_display, str_edit, CASE_INSENSITIVE	},
@@ -1381,22 +1380,9 @@ output_text_elements( int argc, char **argv, char *attr, char **vals,
 	valcount = 0;
     } else {
 	for ( valcount = 0; vals[ valcount ] != NULL; ++valcount ) {
-            char *syntax = get_arg_by_name( DSGW_ATTRARG_SYNTAX, argc, argv );
-            if ( syntax && 0 == strcasecmp( syntax, "ntdomain" )) {
-                 char *pch = (char *)strchr( vals[ valcount ], DSGW_NTDOMAINID_SEP );
-                 if( pch )
-                     *pch = (char )NULL;
-	    }
-            if ( syntax && ( 0 == strcasecmp( syntax, "ntuserid" ) || 0 == strcasecmp( syntax, "ntgroupname") ) ) {
-                 char *pch = (char *)strchr( vals[ valcount ], DSGW_NTDOMAINID_SEP );
-                 if( pch )
-				 {
-                     pch++;
-					 vals[ valcount] = pch;
-				 }
-	    }
+		/* just count vals  */
+	}
 	}
-    }
 
     fields = numfields( argc, argv, valcount );
     element_sizes( argc, argv, vals, valcount, NULL, &cols );
@@ -1732,13 +1718,11 @@ ntuserid_display( struct dsgw_attrdispinfo *adip )
 {
     int		i;
 
-    /* Write values with a break (<BR>) separating them, after ":" */
     for ( i = 0; adip->adi_vals[ i ] != NULL; ++i ) {
 	if ( !did_output_as_special( adip->adi_argc, adip->adi_argv, 
 		  adip->adi_vals[ i ], adip->adi_vals[ i ] )) {
-            char *pch = strchr( adip->adi_vals[ i ], DSGW_NTDOMAINID_SEP );
+            char *pch = adip->adi_vals[ i ];
             if( pch ) {
-		pch++;
 
 		if ((adip->adi_opts & DSGW_ATTROPT_QUOTED ) != 0 ) {
 		    dsgw_emits( "\"" );