Age | Commit message (Collapse) | Author | Files | Lines |
|
We just open it to figure out if we need to be a Global Catalog server.
Andrew Bartlett
(This used to be commit f13572d9e9f1962b637cbd573588184d1459d252)
|
|
Conflicts:
source/dsdb/samdb/ldb_modules/simple_ldap_map.c
(This used to be commit 5d539b7da46e38e7570fa5af4549b142f25e4585)
|
|
We only ever have one backend partition per Samba partition.
Andrew Bartlett
(This used to be commit 316a9b312a2d4a4ea5a5c70946fb06b61fab1a7d)
|
|
(This used to be commit a3912801fb25f715725c06402d4bdff9a926f15d)
|
|
(This used to be commit 7fb8179f214bbba95eb35d221cb9892b55afe121)
|
|
Until I create a samba4openldaptop and samba4fedoratop...
Andrew Bartlett
(This used to be commit 6e232c4ae6dc4151599ab4e57add2ec232d4ac13)
|
|
(This used to be commit 5bde586bdb4a1523a62a764b9ff292a4a8cee4fe)
|
|
(This used to be commit 78416f4840df4f8d1f9cc5e46a48b19c86888050)
|
|
Fedora DS is still setup for simple binds only, at this point.
(it also fails on other issues).
Andrew Bartlett
(This used to be commit b24c572d5a38c1f6906751c2ad2f809e1995b510)
|
|
This reworks our LDAP backend code to move from anonymous access to a
shared-secret SASL-protected connection. (SASL selects NTLM or
DIGEST-MD5 on my system).
To get this working, we must pre-populate the LDAP backend with a DN
to store ths SASL secret on, and we use back-ldif for this.
This gives us a reasonable basis to deploy a replicated OpenLDAP
backend solution.
Andrew Bartlett
(This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa)
|
|
The DIGEST-MD5 SASL method requires a hostname, so provide one.
Andrew Bartlett
(This used to be commit edfb2ed1f22bc735af5a0c3d3ae6ab6771d28f2c)
|
|
(This used to be commit 28c784966809d634e8497e0716b30bad018467b4)
|
|
With these changes, we don't leak the LDAP socket, and don't reset all
credentials feature flags, just the ones we are actually incompatible
with.
Andrew Bartlett
(This used to be commit 72e52a301102941c41ab423e0212fe9a1aed0405)
|
|
This makes Samba4 behave much like Samba3 did, and use a single set of
administrative credentials for it's connection to LDAP.
Andrew Bartlett
(This used to be commit e396a59788d77aa2fbf3b523c3773fe0e5c976c0)
|
|
This includes a simple bind DN, or SASL credentials.
The error messages are reworked as on systems without an LDAP backend,
we will fail to find this record very often.
Andrew Bartlett
(This used to be commit 95825ae6d5e9d9846f3a7505a81ebe603826227e)
|
|
We don't really care (because nobody uses them) what we send as the
domain and workstation in the negotiate packet.
Andrew Bartlett
(This used to be commit 9ac07e14873df2c18d0e9501691c2d4c4047e218)
|
|
(This used to be commit 79c4d8e2fabc9c33d978c064b9c01ca45e463ced)
|
|
Andrew Bartlett
(This used to be commit 7ca421eb32bed3c400f863b654712d922c82bfb9)
|
|
This attribute is used in a very similar way (virtual attribute
updating the password) in AD on Win2003, so eliminate the difference.
This should not cause a problem for on-disk passwords, as by default
we do not store the plaintext at all.
Andrew Bartlett
(This used to be commit 1cf0d751493b709ef6b2234ec8847a7499f48ab3)
|
|
This code is now in common with ad2oLschema.
Andrew Bartlett
(This used to be commit 0a797388ca442c3ad4809888897b1c63b65a7fdf)
|
|
(This used to be commit f956908cde7dd40643ff49cf433d0cf7765027de)
|
|
Instead of extensibleObject, we use the new (more correct) ad2oLschema
tool, and a new objectClass called 'samba4Top', which we add and
remove in the same way we did extensibleObject.
Andrew Bartlett
(This used to be commit 5ab20aa8b43415751f77602fff3a3008bf2186db)
|
|
This will allow the kludge_acl and schema code to leverage the same
work. (We might even get schema validation soon! :-)
Andrew Bartlett
(This used to be commit cecd04ce1f8ce2af2fb654b3abc1499092405d60)
|
|
const char. The deletion earlier was a typo.
Jeremy.
(This used to be commit aa27344b96929c925b30965a1cd20e69c3dbd515)
|
|
that can store a timestamp along with the SD. Allows
us to check for validity against the POSIX st_ctime.
Keeps the IDL consistent with Samba3.3 IDL.
Jeremy.
(This used to be commit 29843a6b339a581de714924219632390b156aa4f)
|
|
Michael
(This used to be commit b7c14af3790bcf825367a7f16d2aaa375b04393c)
|
|
Michael
(This used to be commit ea99590046f50ec2d0c4afe0163fc8660a797ba4)
|
|
Michael
(This used to be commit 3b0917dbc5399dc6835b523d762b244bdcf45b79)
|
|
This reverts commit fafb8ad2b81b9a46cf8259bedc1dca5023b06115.
This fix is not valid:
1. convert_string() is not only used for key strings but also for data.
2. Some databases use string_tdb_data() i.e. non-null-terminated strings
as keynames and others (like the one I was using), use
string_term_tdb_data(), i.e. zero-terminated key strings.
After discussion with Metze, the easiest (and proper way) to
handle this is to specify key names as "keyname\0" for databases
which use string_term_tdb_data().
Sorry for the noise...
Michael
(This used to be commit 17c012c4645f4e9542537c15f80d9b4e74304d11)
|
|
This prevented all commands operating on keys (all non-traverse commands)
in tdbtool to fail with a "fetch failed" or "delete failed" message.
It seems that it fixes bug #2344 ...
Apparently this bug was introduced with 94e53472666ed in 2005.
Either nobody is using tdbtool or else tdb_find() has become
more strict about the key legth in the meantime. :-)
Michael
(This used to be commit fafb8ad2b81b9a46cf8259bedc1dca5023b06115)
|
|
metze
(This used to be commit 76dd521bcf53a245bd1412968e9b921e5c2f10c9)
|
|
metze
(cherry picked from commit 20795c4a0d5f75561561470231de1a2fad2906ff)
(This used to be commit 5d5b4e4ab23e1c630dfde2b9f296681e3979c4e0)
|
|
metze
(This used to be commit 9a5f7bf68b20e3b490b209b5cfc4408566320f2e)
|
|
metze
(This used to be commit 36a39b92d732a682e38ad4b3f733951fee4757ed)
|
|
metze
(This used to be commit d235ce673705641e06b4ad5f5679e146b59a19e1)
|
|
We now support async multi fragment SMBtrans calls.
metze
(This used to be commit ba8499867af90dcd88455476b1f58a2ab18f159b)
|
|
We now support async multi fragment SMBtrans calls.
metze
(This used to be commit 66e0c1754f14cf0100ca2d3e9c0cd8c87f9dc1e6)
|
|
We now support async multi fragment SMBtrans calls.
metze
(This used to be commit 6813e22e9d300696a40993476629227d5cc4d35f)
|
|
metze
(This used to be commit a6aa055097313975299f214d8ebe8d45aa51d10a)
|
|
metze
(This used to be commit 1b507a9b8e2ede5a4eb542bdf7a0eab9269b9f7b)
|
|
metze
(This used to be commit 48ccb51caf7976ec07c8a9bfc1afd3076bf4ee22)
|
|
metze
(This used to be commit e1d81388fcabba9a947ed0be9ccae875e2b19135)
|
|
metze
(This used to be commit ec67c61b6a82e4f39a15f37a98ae3fe93bb81316)
|
|
metze
(This used to be commit 5bf136e233e26b4372155f494bae5118ef777a76)
|
|
The recv helper will be called when a response comes
and the recv helper can decide to let the request
on the SMBCLI_REQUEST_RECV when more reponse packets
are expected. It's up to the helper function
to keep a reference to the in buffers, each incoming
response overwrites req->in.
metze
(This used to be commit 6d84af89ba96627abe142ba7080c24ae2421ed6c)
|
|
metze
(This used to be commit a65599cc83a12ec61e5a6ba6ad9628619a0dc8a3)
|
|
Also add a note about NT_STATUS_DOS(ERRSRV, ERRerror).
metze
(This used to be commit 4287b7c1323796cf0688d0fae9b5bd4e840e3d48)
|
|
We need to use smbsrv_setup_secondary_request(req) to send the
trans ack, because smbsrv_send_reply(req) destroys 'req'
and the partial trans list had dead elements in the list.
Also make sure the partial list element is removed by a talloc
destructor.
metze
(This used to be commit 221f4d6e534a40b7def6e51dc6b4f9e8057d18b7)
|
|
Windows seems to use 64 here, so we do now.
Before we got nca_proto_error fault because we send fragments
larger than the negotiated max frag size.
If the max frag size is 5840, we're sending 5837 bytes
when the auth_len is 45 and that matches w2k3 traffic.
metze
(This used to be commit 351947dba3f7a26ac871d4aa7b6bba4cd472383a)
|
|
metze
(This used to be commit 9ff0ce42b32bf0f1463d2cb9c2a6595f51b13d04)
|