"Fossies" - the Fresh Open Source Software Archive

Member "sssd-2.2.3/src/providers/ad/ad_opts.c" (30 Nov 2019, 18589 Bytes) of package /linux/misc/sssd-2.2.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "ad_opts.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 2.2.2_vs_2.2.3.

    1 /*
    2     SSSD
    3 
    4     Authors:
    5         Stephen Gallagher <sgallagh@redhat.com>
    6 
    7     Copyright (C) 2012 Red Hat
    8 
    9     This program is free software; you can redistribute it and/or modify
   10     it under the terms of the GNU General Public License as published by
   11     the Free Software Foundation; either version 3 of the License, or
   12     (at your option) any later version.
   13 
   14     This program is distributed in the hope that it will be useful,
   15     but WITHOUT ANY WARRANTY; without even the implied warranty of
   16     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   17     GNU General Public License for more details.
   18 
   19     You should have received a copy of the GNU General Public License
   20     along with this program.  If not, see <http://www.gnu.org/licenses/>.
   21 */
   22 
   23 #include "src/providers/data_provider.h"
   24 #include "db/sysdb_services.h"
   25 #include "db/sysdb_autofs.h"
   26 #include "db/sysdb_sudo.h"
   27 #include "providers/ldap/ldap_common.h"
   28 #include "config.h"
   29 
   30 struct dp_option ad_basic_opts[] = {
   31     { "ad_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   32     { "ad_enabled_domains", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   33     { "ad_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   34     { "ad_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   35     { "ad_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   36     { "krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   37     { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING},
   38     { "ad_enable_dns_sites", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
   39     { "ad_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING},
   40     { "ad_enable_gc", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
   41     { "ad_gpo_access_control", DP_OPT_STRING, { AD_GPO_ACCESS_MODE_DEFAULT }, NULL_STRING },
   42     { "ad_gpo_implicit_deny", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
   43     { "ad_gpo_ignore_unreadable", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
   44     { "ad_gpo_cache_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
   45     { "ad_gpo_map_interactive", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   46     { "ad_gpo_map_remote_interactive", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   47     { "ad_gpo_map_network", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   48     { "ad_gpo_map_batch", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   49     { "ad_gpo_map_service", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   50     { "ad_gpo_map_permit", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   51     { "ad_gpo_map_deny", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   52     { "ad_gpo_default_right", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   53     { "ad_site", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   54     { "krb5_confd_path", DP_OPT_STRING, { KRB5_MAPPING_DIR }, NULL_STRING },
   55     { "ad_maximum_machine_account_password_age", DP_OPT_NUMBER, { .number = 30 }, NULL_NUMBER },
   56     { "ad_machine_account_password_renewal_opts", DP_OPT_STRING, { "86400:750" }, NULL_STRING },
   57     DP_OPTION_TERMINATOR
   58 };
   59 
   60 struct dp_option ad_def_ldap_opts[] = {
   61     { "ldap_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   62     { "ldap_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   63     { "ldap_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   64     { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   65     { "ldap_default_authtok_type", DP_OPT_STRING, { "password" }, NULL_STRING},
   66     { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB },
   67     { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
   68     { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
   69     { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 8 }, NULL_NUMBER },
   70     { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING },
   71     { "ldap_user_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   72     { "ldap_user_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
   73     { "ldap_user_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   74     { "ldap_user_extra_attrs", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   75     { "ldap_group_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   76     { "ldap_group_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
   77     { "ldap_group_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   78     { "ldap_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   79     { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   80     { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   81     { "ldap_sudo_full_refresh_interval", DP_OPT_NUMBER, { .number = 21600 }, NULL_NUMBER }, /* 360 mins */
   82     { "ldap_sudo_smart_refresh_interval", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, /* 15 mins */
   83     { "ldap_sudo_use_host_filter", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
   84     { "ldap_sudo_hostnames", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   85     { "ldap_sudo_ip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   86     { "ldap_sudo_include_netgroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
   87     { "ldap_sudo_include_regexp", DP_OPT_BOOL, BOOL_TRUE, BOOL_FALSE },
   88     { "ldap_autofs_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   89     { "ldap_autofs_map_master_name", DP_OPT_STRING, { "auto.master" }, NULL_STRING },
   90     { "ldap_schema", DP_OPT_STRING, { "ad" }, NULL_STRING },
   91     { "ldap_pwmodify_mode", DP_OPT_STRING, { "exop" }, NULL_STRING },
   92     { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
   93     { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
   94     { "ldap_enumeration_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER },
   95     { "ldap_purge_cache_timeout", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
   96     { "ldap_tls_cacert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   97     { "ldap_tls_cacertdir", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   98     { "ldap_tls_cert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
   99     { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  100     { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  101     { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  102     { "ldap_id_mapping", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  103     { "ldap_sasl_mech", DP_OPT_STRING, { "gssapi" }, NULL_STRING },
  104     { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  105     { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  106     { "ldap_sasl_minssf", DP_OPT_NUMBER, { .number = -1 }, NULL_NUMBER },
  107     { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  108     { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  109     /* use the same parm name as the krb5 module so we set it only once */
  110     { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  111     { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  112     { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  113     { "krb5_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  114     { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  115     { "krb5_kdcinfo_lookahead", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  116     { "ldap_pwd_policy", DP_OPT_STRING, { "none" }, NULL_STRING },
  117     { "ldap_referrals", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  118     { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
  119     { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING },
  120     { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER },
  121     { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  122     { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  123     { "ldap_group_nesting_level", DP_OPT_NUMBER, { .number = 2 }, NULL_NUMBER },
  124     { "ldap_deref", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  125     { "ldap_account_expire_policy", DP_OPT_STRING, { "ad" }, NULL_STRING },
  126     { "ldap_access_order", DP_OPT_STRING, { "filter" }, NULL_STRING },
  127     { "ldap_chpass_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  128     { "ldap_chpass_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  129     { "ldap_chpass_dns_service_name", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  130     { "ldap_chpass_update_last_change", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  131     { "ldap_enumeration_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
  132     /* Do not include ldap_auth_disable_tls_never_use_in_production in the
  133      * manpages or SSSDConfig API
  134      */
  135     { "ldap_auth_disable_tls_never_use_in_production", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  136     { "ldap_page_size", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER },
  137     { "ldap_deref_threshold", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
  138     { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  139     { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER },
  140     { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  141     { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
  142     { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000200000LL }, NULL_NUMBER },
  143     { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
  144     { "ldap_idmap_autorid_compat", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  145     { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  146     { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  147     { "ldap_idmap_helper_table_size", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
  148     { "ldap_use_tokengroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE},
  149     { "ldap_rfc2307_fallback_to_local_users", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  150     { "ldap_disable_range_retrieval", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  151     { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
  152     { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
  153     { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  154     { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER},
  155     DP_OPTION_TERMINATOR
  156 };
  157 
  158 struct dp_option ad_def_krb5_opts[] = {
  159     { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  160     { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  161     { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  162     { "krb5_ccachedir", DP_OPT_STRING, { DEFAULT_CCACHE_DIR }, NULL_STRING },
  163     { "krb5_ccname_template", DP_OPT_STRING, NULL_STRING, NULL_STRING},
  164     { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
  165     { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
  166     { "krb5_validate", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  167     { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  168     { "krb5_backup_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  169     { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  170     { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  171     { "krb5_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  172     { "krb5_renew_interval", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  173     { "krb5_use_fast", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  174     { "krb5_fast_principal", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  175     { "krb5_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  176     { "krb5_use_enterprise_principal", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  177     { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  178     { "krb5_kdcinfo_lookahead", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  179     { "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  180     DP_OPTION_TERMINATOR
  181 };
  182 
  183 struct sdap_attr_map ad_2008r2_attr_map[] = {
  184     { "ldap_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
  185     { "ldap_rootdse_last_usn", SDAP_AD_LAST_USN, SYSDB_HIGH_USN, NULL },
  186     SDAP_ATTR_MAP_TERMINATOR
  187 };
  188 
  189 struct sdap_attr_map ad_2008r2_user_map[] = {
  190     { "ldap_user_object_class", "user", SYSDB_USER_CLASS, NULL },
  191     { "ldap_user_name", "sAMAccountName", SYSDB_NAME, NULL },
  192     { "ldap_user_pwd", "unixUserPassword", SYSDB_PWD, NULL },
  193     { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
  194     { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
  195     { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
  196     { "ldap_user_home_directory", "unixHomeDirectory", SYSDB_HOMEDIR, NULL },
  197     { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
  198     { "ldap_user_principal", "userPrincipalName", SYSDB_UPN, NULL },
  199     { "ldap_user_fullname", "name", SYSDB_FULLNAME, NULL },
  200     { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
  201     { "ldap_user_uuid", "objectGUID", SYSDB_UUID, NULL },
  202     { "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
  203     { "ldap_user_primary_group", "primaryGroupID", SYSDB_PRIMARY_GROUP, NULL },
  204     { "ldap_user_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
  205     { "ldap_user_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
  206     { "ldap_user_shadow_last_change", NULL, SYSDB_SHADOWPW_LASTCHANGE, NULL },
  207     { "ldap_user_shadow_min", NULL, SYSDB_SHADOWPW_MIN, NULL },
  208     { "ldap_user_shadow_max", NULL, SYSDB_SHADOWPW_MAX, NULL },
  209     { "ldap_user_shadow_warning", NULL, SYSDB_SHADOWPW_WARNING, NULL },
  210     { "ldap_user_shadow_inactive", NULL, SYSDB_SHADOWPW_INACTIVE, NULL },
  211     { "ldap_user_shadow_expire", NULL, SYSDB_SHADOWPW_EXPIRE, NULL },
  212     { "ldap_user_shadow_flag", NULL, SYSDB_SHADOWPW_FLAG, NULL },
  213     { "ldap_user_krb_last_pwd_change", NULL, SYSDB_KRBPW_LASTCHANGE, NULL },
  214     { "ldap_user_krb_password_expiration", NULL, SYSDB_KRBPW_EXPIRATION, NULL },
  215     { "ldap_pwd_attribute", NULL, SYSDB_PWD_ATTRIBUTE, NULL },
  216     { "ldap_user_authorized_service", NULL, SYSDB_AUTHORIZED_SERVICE, NULL },
  217     { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
  218     { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
  219     { "ldap_ns_account_lock", NULL, SYSDB_NS_ACCOUNT_LOCK, NULL},
  220     { "ldap_user_authorized_host", NULL, SYSDB_AUTHORIZED_HOST, NULL },
  221     { "ldap_user_authorized_rhost", NULL, SYSDB_AUTHORIZED_RHOST, NULL },
  222     { "ldap_user_nds_login_disabled", NULL, SYSDB_NDS_LOGIN_DISABLED, NULL },
  223     { "ldap_user_nds_login_expiration_time", NULL, SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
  224     { "ldap_user_nds_login_allowed_time_map", NULL, SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
  225     { "ldap_user_ssh_public_key", NULL, SYSDB_SSH_PUBKEY, NULL },
  226     { "ldap_user_auth_type", NULL, SYSDB_AUTH_TYPE, NULL },
  227     { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL },
  228     { "ldap_user_email", "mail", SYSDB_USER_EMAIL, NULL },
  229     SDAP_ATTR_MAP_TERMINATOR
  230 };
  231 
  232 struct sdap_attr_map ad_2008r2_group_map[] = {
  233     { "ldap_group_object_class", "group", SYSDB_GROUP_CLASS, NULL },
  234     { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
  235     { "ldap_group_name", "sAMAccountName", SYSDB_NAME, NULL },
  236     { "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
  237     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
  238     { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
  239     { "ldap_group_uuid", "objectGUID", SYSDB_UUID, NULL },
  240     { "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
  241     { "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
  242     { "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
  243     { "ldap_group_type", "groupType", SYSDB_GROUP_TYPE, NULL },
  244     { "ldap_group_external_member", NULL, SYSDB_EXTERNAL_MEMBER, NULL },
  245     SDAP_ATTR_MAP_TERMINATOR
  246 };
  247 
  248 struct sdap_attr_map ad_netgroup_map[] = {
  249     { "ldap_netgroup_object_class", "nisNetgroup", SYSDB_NETGROUP_CLASS, NULL },
  250     { "ldap_netgroup_name", "cn", SYSDB_NAME, NULL },
  251     { "ldap_netgroup_member", "memberNisNetgroup", SYSDB_ORIG_NETGROUP_MEMBER, NULL },
  252     { "ldap_netgroup_triple", "nisNetgroupTriple", SYSDB_NETGROUP_TRIPLE, NULL },
  253     { "ldap_netgroup_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
  254     SDAP_ATTR_MAP_TERMINATOR
  255 };
  256 
  257 struct sdap_attr_map ad_service_map[] = {
  258     { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL },
  259     { "ldap_service_name", "cn", SYSDB_NAME, NULL },
  260     { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL },
  261     { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL },
  262     { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL },
  263     SDAP_ATTR_MAP_TERMINATOR
  264 };
  265 
  266 struct sdap_attr_map ad_autofs_mobject_map[] = {
  267     { "ldap_autofs_map_object_class", "nisMap", SYSDB_AUTOFS_MAP_OC, NULL },
  268     { "ldap_autofs_map_name", "nisMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
  269     SDAP_ATTR_MAP_TERMINATOR
  270 };
  271 
  272 struct sdap_attr_map ad_autofs_entry_map[] = {
  273     { "ldap_autofs_entry_object_class", "nisObject", SYSDB_AUTOFS_ENTRY_OC, NULL },
  274     { "ldap_autofs_entry_key", "cn", SYSDB_AUTOFS_ENTRY_KEY, NULL },
  275     { "ldap_autofs_entry_value", "nisMapEntry", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
  276     SDAP_ATTR_MAP_TERMINATOR
  277 };
  278 
  279 struct dp_option ad_dyndns_opts[] = {
  280     { "dyndns_update", DP_OPT_BOOL, BOOL_TRUE, BOOL_FALSE },
  281     { "dyndns_update_per_family", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  282     { "dyndns_refresh_interval", DP_OPT_NUMBER, { .number = 86400 }, NULL_NUMBER },
  283     { "dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  284     { "dyndns_ttl", DP_OPT_NUMBER, { .number = 3600 }, NULL_NUMBER },
  285     { "dyndns_update_ptr", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
  286     { "dyndns_force_tcp", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
  287     { "dyndns_auth", DP_OPT_STRING, { "gss-tsig" }, NULL_STRING },
  288     { "dyndns_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
  289     DP_OPTION_TERMINATOR
  290 };
  291 
  292 struct sdap_attr_map ad_sudorule_map[] = {
  293     { "ldap_sudorule_object_class", "sudoRole", SYSDB_SUDO_CACHE_OC, NULL },
  294     { "ldap_sudorule_object_class_attr", "objectCategory", SYSDB_OBJECTCATEGORY, NULL },
  295     { "ldap_sudorule_name", "cn", SYSDB_SUDO_CACHE_AT_CN, NULL },
  296     { "ldap_sudorule_command", "sudoCommand", SYSDB_SUDO_CACHE_AT_COMMAND, NULL },
  297     { "ldap_sudorule_host", "sudoHost", SYSDB_SUDO_CACHE_AT_HOST, NULL },
  298     { "ldap_sudorule_user", "sudoUser", SYSDB_SUDO_CACHE_AT_USER, NULL },
  299     { "ldap_sudorule_option", "sudoOption", SYSDB_SUDO_CACHE_AT_OPTION, NULL },
  300     { "ldap_sudorule_runas", "sudoRunAs", SYSDB_SUDO_CACHE_AT_RUNAS, NULL },
  301     { "ldap_sudorule_runasuser", "sudoRunAsUser", SYSDB_SUDO_CACHE_AT_RUNASUSER, NULL },
  302     { "ldap_sudorule_runasgroup", "sudoRunAsGroup", SYSDB_SUDO_CACHE_AT_RUNASGROUP, NULL },
  303     { "ldap_sudorule_notbefore", "sudoNotBefore", SYSDB_SUDO_CACHE_AT_NOTBEFORE, NULL },
  304     { "ldap_sudorule_notafter", "sudoNotAfter", SYSDB_SUDO_CACHE_AT_NOTAFTER, NULL },
  305     { "ldap_sudorule_order", "sudoOrder", SYSDB_SUDO_CACHE_AT_ORDER, NULL },
  306     { "ldap_sudorule_entry_usn", NULL, SYSDB_USN, NULL },
  307     SDAP_ATTR_MAP_TERMINATOR
  308 };