"Fossies" - the Fresh Open Source Software Archive

Member "sssd-2.2.3/src/providers/ad/ad_gpo.h" (30 Nov 2019, 2293 Bytes) of package /linux/misc/sssd-2.2.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "ad_gpo.h" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 2.1.0_vs_2.2.0.

    1 /*
    2     SSSD
    3 
    4     Authors:
    5         Yassir Elley <yelley@redhat.com>
    6 
    7     Copyright (C) 2013 Red Hat
    8 
    9     This program is free software; you can redistribute it and/or modify
   10     it under the terms of the GNU General Public License as published by
   11     the Free Software Foundation; either version 3 of the License, or
   12     (at your option) any later version.
   13 
   14     This program is distributed in the hope that it will be useful,
   15     but WITHOUT ANY WARRANTY; without even the implied warranty of
   16     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   17     GNU General Public License for more details.
   18 
   19     You should have received a copy of the GNU General Public License
   20     along with this program.  If not, see <http://www.gnu.org/licenses/>.
   21 */
   22 
   23 #ifndef AD_GPO_H_
   24 #define AD_GPO_H_
   25 
   26 #include "providers/ad/ad_access.h"
   27 
   28 #define AD_GPO_CHILD_OUT_FILENO 3
   29 
   30 #define AD_GPO_ATTRS {AD_AT_NT_SEC_DESC, \
   31                       AD_AT_CN, AD_AT_FILE_SYS_PATH, \
   32                       AD_AT_MACHINE_EXT_NAMES, \
   33                       AD_AT_FUNC_VERSION, \
   34                       AD_AT_FLAGS, \
   35                       NULL}
   36 
   37 /*
   38  * This pair of functions provides client-side GPO processing.
   39  *
   40  * While a GPO can target both user and computer objects, this
   41  * implementation only supports targeting of computer objects.
   42  *
   43  * A GPO overview is at https://fedorahosted.org/sssd/wiki/GpoOverview
   44  *
   45  * In summary, client-side processing involves:
   46  * - determining the target's DN
   47  * - extracting the SOM object DNs (i.e. OUs and Domain) from target's DN
   48  * - including the target's Site as another SOM object
   49  * - determining which GPOs apply to the target's SOMs
   50  * - prioritizing GPOs based on SOM, link order, and whether GPO is "enforced"
   51  * - retrieving the corresponding GPO objects
   52  * - sending the GPO DNs to the CSE processing engine for policy application
   53  * - policy application currently consists of HBAC-like functionality
   54  */
   55 struct tevent_req *
   56 ad_gpo_access_send(TALLOC_CTX *mem_ctx,
   57                    struct tevent_context *ev,
   58                    struct sss_domain_info *domain,
   59                    struct ad_access_ctx *ctx,
   60                    const char *user,
   61                    const char *service);
   62 
   63 errno_t ad_gpo_access_recv(struct tevent_req *req);
   64 
   65 #endif /* AD_GPO_H_ */