summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2004-03-02Idra, your privileges patch allowed login only with tdbsam. The problem isVolker Lendecke1-1/+1
that pdb_default_get_privilege_set returns NOT_IMPLEMENTED and not a privilege set that does not grant anything. I don't really understand privileges yet, so work around that by not failing if pdb_get_privilege_set fails. Volker (This used to be commit b790753f443092a65eeef7b146a18d4c5ffcb323)
2004-03-02Sorry, forgot to commit an essential piece.Simo Sorce1-0/+363
(This used to be commit fa6500fe773ae1f0aa70f370600b6f7aa7f65f3d)
2004-03-02Expand aliases for winbind-generated groups.Volker Lendecke1-0/+154
Do: wbinfo -C alias net groupmap set alias alias -L net rpc group addmem alias DOMAIN\\group -S localhost -Uroot%secret getent group alias And hopefully the members of domain\\group show up :-) Still have to get them to show up in 'getent group'. Volker (This used to be commit 18e48190838907a29347d471e81945257f540aa7)
2004-03-02merging from 3.0Gerald Carter2-50/+54
(This used to be commit fae17e0f9d228bab9992287507babd6a8fd53f97)
2004-03-01BUG 1147; bad pointer case in get_stored_queue_info() causing seg faultGerald Carter1-1/+1
(This used to be commit eb8a8c290f893b6ffa3d16e282829230be56b212)
2004-03-01Ok here it is my latest work on privilegesSimo Sorce24-140/+838
This patch add privilege support for samba Currently it is implemented only for tdbsam backend but estending it to other sam backends is straightforward. I must make a big thank to JFM for his teachings on the matter and the functions at the base of this work. At thye moment only samr_create_user honours SeAddUsersPrivilege and SeMachineAccountPrivilege to permit any user to add machines and/or users to the server. The command "net priv" has been provided to manipulate the privileges database. There are still many things to do (like support in "net rpc vampire") but the working core is here. Feel free to comment/extend on this work. Of course I will deny that any bug may affect this code :-) Simo. This patch adds also my patch about add share command enhancements. (This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
2004-03-01Fix Tim's fix for #1144. Tim, could you look at that again?Volker Lendecke1-7/+12
With only your fix in for example smb.conf was expected in /smb.conf... Thanks, Volker (This used to be commit eb18cb83d13d664896468d200d9dc353da13c561)
2004-03-01When asked to delete an alias member, don't add it ...Volker Lendecke1-1/+1
Volker (This used to be commit f95a5d81479b467c837b727831c2224832c8205c)
2004-03-01Add aliases to winbindd_getgroups().Volker Lendecke4-86/+109
su - WINDOWS\\vl now includes the locally defined aliases I'm member of. Next will be getent group. Volker (This used to be commit 52dae45684317ac8ac529017607bb5787dda7c50)
2004-03-01Fix bugzilla #1144 where running configure --with-fhs=anything wouldTim Potter1-1/+5
turn on fhs compliant paths. Spotted by Timur Bakeyev. (This used to be commit e0382635a5490e1a6b6388dc98e6ce318e197808)
2004-02-29Apply my experimental aliases support to HEAD. This will be a bit difficult toVolker Lendecke6-4/+614
merge to 3_0, as the pdb interfaces has changed a bit between the two. This has not been tested too severly (which means it's completely broken ;-), but I want it in for review. Feel free to revert it :-) TODO: make 'net groupmap' a bit more friendly for alias members. Put that stuff into pdb_ldap. Getting the information over to winbind. One plan without linking pdb into winbind would be to fill group_mapping.tdb with the membership information and have that as a cache (or use gencache.tdb?). smbd on a PDC or stand-alone could trigger that itself, the problem is a BDC using LDAP. This needs to do it on a regular basis. The BDC smbd needs to be informed about SAM changes somehow... Volker (This used to be commit 30ef8fe1e85c0ca229b54f3f1595c4330f7191d1)
2004-02-29net_rpc.c: Don't complain if [add|del]mem was successful.Volker Lendecke2-5/+5
srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 26d99204b7cbfa8e259f2a8438eadc9ff6be0709)
2004-02-29Trivial commit to make 'smbdiff 3_0/source head/source' two files smaller.Volker Lendecke2-0/+2
Volker (This used to be commit 73117f5e41aa923b07d200a18c84b8082d8b71a6)
2004-02-29Print an informative error message if trying to add/remove members fromVolker Lendecke1-0/+6
something not a group. Volker (This used to be commit 9cfc97df456199c22e199831d28597132cf001a8)
2004-02-28Add 'net rpc group [add|del]mem' for domain groups and aliases.Volker Lendecke4-3/+732
Volker (This used to be commit 6785dc84ce4d9c2d5ebe3113c7f506947b09a7f8)
2004-02-28Fix my fix to net rpc group list. We can certainly have more than a singleVolker Lendecke1-3/+6
set of groups. Volker (This used to be commit 710969acaa9ce4467ec09c2fadb03e49fbc207be)
2004-02-28Can't set allocation size on directories, return correct error code onJeremy Allison3-1/+18
fail if file exists and target is a directory. gentest. Jeremy. (This used to be commit 4b1262322995c8794cd73d84712f82d8c91abdc6)
2004-02-28More gentest fixes. Fix up regression in IS_NAME_VALID and renames.Jeremy Allison2-13/+34
Jeremy. (This used to be commit 2a457e2e28cd1f78778cb41fbb381883ced99592)
2004-02-27Added copyrights I forgot about looong ago...Rafal Szczesniak2-2/+4
rafal (This used to be commit ed26b550b5f24741db6be38542f341be18741e62)
2004-02-27Adding ability to operate on trust passwords to pdbedit. This enablesRafal Szczesniak2-6/+176
new functionality and testing interface for new pdb functions. Also, quite a bit of objects is being added to pdbedit in order to make it able to find domain sid automatically (if not given explicitly). If such amount of "wisdom" is not required to be in pdbedit, I'll move it to 'net' which will have this new functionality, anyway. rafal (This used to be commit cfb1b7bda905c8391bf065ecb99bb28806dfe96a)
2004-02-27Disabling GUMS (gums_tdbsam2) temporarily, to fix the build.Rafal Szczesniak1-1/+1
rafal (This used to be commit 39bc55e4d407adb31030a57185f7431434b43a51)
2004-02-26Fix for writable printerdata problem - bugzilla #1112.Tim Potter1-6/+12
(This used to be commit 892b16404033bbaf72a5a04f558cb41ef544739e)
2004-02-26That const was one too manyVolker Lendecke1-3/+2
(This used to be commit b9ae67a3a232875361d3056eef3b654e6b92c244)
2004-02-26Implement 'net groupmap set' and 'net groupmap cleanup'.Volker Lendecke3-0/+157
I was rather annoyed by the net groupmap syntax, I could never get it right. net groupmap set "domain admins" domadm creates a mapping, net groupmap set "domain admins" -C "Comment" -N "newntname" should also do what you expect. net groupmap cleanup solves a problem I've had two times now: Our SID changed, and a user's primary group was mapped to a SID that is not ours. net groupmap cleanup removes all mappings that are not from our domain sid. Volker (This used to be commit 69879ceffa587ccf2bf59e1c716424e1d20a7f68)
2004-02-26And another little constVolker Lendecke1-1/+1
(This used to be commit a3a15be5a2ae419992af004425592cca6796edcd)
2004-02-26Apply some constVolker Lendecke1-2/+3
Volker (This used to be commit f1b66461ebce4e89eb65620a09c079ae9697537b)
2004-02-26Interesting fact found by IFSTEST /t LockOverlappedTest...Jeremy Allison1-1/+8
Even if it's our own lock context, we need to wait here as there may be an unlock on the way. So I removed a "&& !my_lock_ctx" from the following if statement. if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { Jeremy. (This used to be commit 17c88758ae82b20bc7260d5d927325f3f73ba33c)
2004-02-25(merge from 3.0)Andrew Bartlett2-1/+6
Fix bug in previous global_sam_sid() commit. I broke the 'read from MACHINE.SID' file functionality. Also, before we print out the results of 'net getlocalsid' and 'net getdomainsid', ensure we have tried to read that file, or have generated one. Andrew Bartlett (This used to be commit af1b6447b8292a83851361570219ee6d889e0898)
2004-02-25Adds some more tests of renaming an open file that has been opened withRichard Sharpe1-7/+76
different share modes. It also has a commented out test to see if we can actually open a renamed file, and it turns out that we can, it seems. I am not sure at this stage how long that is the case for, though. (This used to be commit 89d810d234f53c9731ded85848bd9c17d45d5125)
2004-02-25(merge from 3.0)Andrew Bartlett4-31/+61
I *hate* global variables... OK, what was happening here was that we would invalidate global_sam_sid when we set the sid into secrets.tdb, to force a re-read. The problem was, we would do *two* writes into the TDB, and the second one (in the PDC/BDC case) would be of a NULL pointer. This caused smbd startups to fail, on a blank TDB. By using a local variable in the pdb_generate_sam_sid() code, we avoid this particular trap. I've also added better debugging for the case where this all matters, which is particularly for LDAP, where it finds out a domain SID from the sambaDomain object. Andrew Bartlett (This used to be commit f3ecdea56d9ea6d562ace84f0e653a641eb96f6e)
2004-02-25Fixup strange rename error case (gentest).Jeremy Allison1-1/+2
Jeremy. (This used to be commit e46aaffe97919afb1c92f56376f9578825012b92)
2004-02-25Do the query part of the previous fix...reset time and duration are set in ↵Jim McDonough1-2/+2
minutes, not seconds. Works from usrmgr. (This used to be commit d02dd0e5f5fae3256b1922c2963e18c8fa36a3e6)
2004-02-25reset time and duration are set in minutes, not seconds. Works from usrmgr.Jim McDonough1-2/+2
(This used to be commit 08a7c9697d49719e4cfb32a06720873c98585f67)
2004-02-25Figured out a new flags bit with gentest and ethereal....Jeremy Allison2-2/+11
Jeremy. (This used to be commit 755b66303d04b73a855fa8db5fe3ae920a901bf3)
2004-02-25More gentest fun :-). NB. I'm not fixing OpenX breakage 'cos if you lookJeremy Allison1-5/+27
at what W2K3 accepts here it's COMPLETELY BROKEN ! :-). Jeremy. (This used to be commit 9aa37cb84090260b33d32ad123ddc4d211e3913b)
2004-02-25More gentest fixes.Jeremy Allison1-6/+17
Jeremy. (This used to be commit fc9811693933327a15b7dbe4893219c7ef44d1e8)
2004-02-24Add 'net rpc group add'. For this parse_samr.c had to be changed: TheVolker Lendecke5-5/+167
group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 9cadd14aa53d390a2419d7ce4fe48d58cf372279)
2004-02-24Remove unused variable.Volker Lendecke1-1/+0
Volker (This used to be commit f5af0326e67c0eb7be6f4b07f8b89c4c680903ac)
2004-02-24'net idmap restore' is too useful to be left broken :-)Volker Lendecke1-1/+105
Set the HWM values correctly after having manipulated the tdb. Volker (This used to be commit efad125f40858176145c69265d06b25295292132)
2004-02-24Ensure '.' and '..' don't match in delete requests.Jeremy Allison1-1/+4
Jeremy. (This used to be commit c85b617aa03c1524f659100030a8e96cef38fb62)
2004-02-24More gentest error fixups.Jeremy Allison3-2/+13
Jeremy. (This used to be commit f353cafa9d9e6142b4aec45cfbc567dc4ab20d7e)
2004-02-24Fixup bad-path error found by gentest.Jeremy Allison1-4/+6
Jeremy. (This used to be commit 55f13d743e78ed8f48bf209e838ea77df3121047)
2004-02-24Added NTrename SMB (0xA5) - how did we miss this.... ?Jeremy Allison4-2/+55
Jeremy. (This used to be commit d236372876918be2a886a89383cf843b82d4c8db)
2004-02-24Fixup correct timeout values for blocking lock timeouts (tested at connectathonJeremy Allison1-1/+1
by Herb). Jeremy. (This used to be commit 6356b792683100122500db9cf222b7e8518d834e)
2004-02-23(merge from 3.0)Andrew Bartlett1-1/+1
Found by Fabien Chevalier <fabien.chevalier@supelec.fr> and JustFillBug <mozbugbox@yahoo.com.au> on the Samba lists - a 'max password age' of zero should be considered as 'never expire'. For the timebeing we just set it like -1, but we might revisit this for closer-to-ms behaviour. Andrew Bartlett (This used to be commit 2003cdc65e1b9f6514d97334997fee5c49813bac)
2004-02-23Fix "unable to initialize" bug when smbd hasn't been run withJeremy Allison2-2/+8
new system and a user is being added via pdbedit/smbpasswd. Found at Connectathon setup. Jeremy. (This used to be commit 93580927dc255f205283b64c72fb95be990d2216)
2004-02-23Add bad password count/time attributesJim McDonough2-0/+3
(This used to be commit 2fa56111d37a09702b31e1769a687b630aff1c1b)
2004-02-22Add bad password count/time attributesJim McDonough1-1/+12
(This used to be commit 51a8d050e9242192c2670b09242cf4fdbbae8940)
2004-02-21Add calls to password lockout functions. Should now work against tdbsam only.Jim McDonough1-0/+38
(This used to be commit 6ccb90acfd8591f6ef0d91b4ada89c5ad8ac98d5)
2004-02-21printf -> d_printfTim Potter1-1/+1
(This used to be commit 3f3a744e925aa943c901406f1565ebf346fe8707)