Age | Commit message (Collapse) | Author | Files | Lines |
|
And a small cosmetic change.
I like to have the real attribute names in the function denominations
|
|
To make it more understandable
|
|
|
|
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
|
|
|
|
|
|
|
|
suppress parameter declaration warnings
Always Tru64 in file "param/loadparm.c" and possibly others.
|
|
|
|
results
|
|
This means we request the "Single UNIX Specification, Version 3" with C99
compatibility as the Python 2.5 release on the system. This prevents
redefinitions with different values.
> [ 451/1918] Compiling scripting/python/pyglue.c
> cc: Warning: /usr/local/include/python2.5/pyconfig.h, line 951: The redefinition of the macro "_XOPEN_SOURCE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef)
> #define _XOPEN_SOURCE 600
> ----------------------^
> cc: Warning: default/source4/include/config.h, line 54: The redefinition of the macro "_XOPEN_SOURCE" conflicts with a current definition because the replacement lists differ. The redefinition is now in effect. (macroredef)
> #define _XOPEN_SOURCE 500
> ----------------------^
|
|
returned here
Tested using User Manager for Domains against Windows Server 2008.
MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team.
|
|
We were returning the index, not the LUID value
Andrew Bartlett
|
|
|
|
s4 uses a different location for the winbind pipe to s3
|
|
the .2 is what libc adds to the name for this version of the nss API
|
|
|
|
these made debugging much harder. We should replace these with
generated macros
|
|
|
|
This ensures we get whenChanged, which is needed by the s3 winbind
code to ensure we don't repeatedly try to change the password
|
|
|
|
Otherwise we get a "declared inside parameter list" warning.
|
|
Obviously we really need both definitions ("socklen_t" has been found by
"_XOPEN_SOURCE"=500). But now FIONREAD wasn't accessible.
|
|
|
|
|
|
These are related, but slightly different concepts. The biggest difference
is that rights are not enumerated as a system-wide list.
This moves the rights to security.idl due to dependencies.
Andrew Bartlett
|
|
The idea of this patch is: Don't support a mix of different kerberos
features.
Either we should prepare a GSSAPI (8003) checksum and mark the request as
such, or we should use the old behaviour (a normal kerberos checksum of 0 data).
Sending the GSSAPI checksum data, but without marking it as GSSAPI broke
Samba4, and seems well outside the expected behaviour, even if Windows accepts it.
Andrew Bartlett
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
These functions work on the bitmap, and are only exposed because
the source3/ privileges storage uses the bitmap in account_policy.tdb
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This no longer needs to be global, and should be const. We now also
init it with the C99 style initialisers.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This happens all the time, particularly now that we don't keep the
db around after a reboot. Don't scare the admins with the level 0.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Now that this is a scalar, this isn't required.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We update privileges on a per-record basis instead of all at once, as
this maintains maximum compatibility is someone uses old tools with a
new version of Samba. The also auto-detects the byte order of the old
entries in the database, and copes with either native or reversed byte
order.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
the ones brought across from s3 have higher values
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
failure
This is clearer and more consistent than using a magic -1 return
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This avoids us dealing with the privilege bitmap in the LSA server, and
overhauls much of the rest of the handling to be currnet with the modern
world of talloc.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The new wrappers avoid anything but the core privileges code
dealing with the bitmap values directly.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This moves one more privileges call away from direct bitmap manipuation.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
All the callers to these functions have been removed or reworked.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This allows the privileges bitmap to be used only when setting
privileges, and uses an the LUID constant for all 'does this user
have this privilege' operations.
The advantage is that we now only need one API to determine if a
token has a privilege, and much less code needs to know what type
is used for the underlying bitmap.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|