Age | Commit message (Collapse) | Author | Files | Lines |
|
The motivating factor is to not require more privileges for
the user account than Windows does when joining a domain.
The points of interest are
* net_ads_join() uses same rpc mechanisms as net_rpc_join()
* Enable CLDAP queries for filling in the majority of the
ADS_STRUCT->config information
* Remove ldap_initialized() from sam/idmap_ad.c and
libads/ldap.c
* Remove some unnecessary fields from ADS_STRUCT
* Manually set the dNSHostName and servicePrincipalName attribute
using the machine account after the join
Thanks to Guenther and Simo for the review.
Still to do:
* Fix the userAccountControl for DES only systems
* Set the userPrincipalName in order to support things like
'kinit -k' (although we might be able to just use the sAMAccountName
instead)
* Re-add support for pre-creating the machine account in
a specific OU
(This used to be commit 4c4ea7b20f44cd200cef8c7b389d51b72eccc39b)
|
|
simple bind operation was successful or not.
Guenther
(This used to be commit e4734cb99cae189edf49c4d8f4e4324f5c51f443)
|
|
we have a reason to do so.
Guenther
(This used to be commit 4da79bd10c17277171aad26ee0278f8e5b64abdb)
|
|
directly in winbindd.
Jeremy.
(This used to be commit 2e65fcc9def5f1386a33ca4a76e494838e3a0632)
|
|
Jeremy.
(This used to be commit 45cfba12cfd87bebd3876087cac0575f586e395f)
|
|
metze
(This used to be commit a48b1f7fae538a4220e087a1863015dd8c564005)
|
|
we created the profiling shmem segment and don't bogusly
refuse to look at it.
(This used to be commit eb31ef3a0e5e7c3b4029a3c2e124d2df646f10a2)
|
|
non-critical and fallback to only parse the argv options in that case.
Guenther
(This used to be commit 9dac3ab328e9c7ba374e0efc3fe16d940ecc9d3b)
|
|
Guenther
(This used to be commit 3546187bb4a74b14071e2c23561e70e57ad13e86)
|
|
(This used to be commit e439660f916050291107f699e32ba2872ba95fcf)
|
|
prevents a nasty failure condition in winbindd's pam_auth where a tgt
and a service ticket could have been succefully retrieved, but just not
validated.
Guenther
(This used to be commit a75dd80c6210d01aff104a86b0a9d39d65f2c348)
|
|
Guenther
(This used to be commit a0548914c21bb769c3e97b47c9bc521c595f579b)
|
|
(This used to be commit f06d94382fa0f501fb1da7e308012b91a9eadb44)
|
|
(This used to be commit 624318245fbd4060617d9404700a04df23d667ac)
|
|
the fastest clock available on uniprocessors.
(This used to be commit d44862928206b524f826bd7c2997ab5353c0b6a0)
|
|
(This used to be commit 800f4cd158c5de8a0031abf4d030f633d784999f)
|
|
(This used to be commit 8cedbbfbcf137b6a0c0323572982e9cb25648b0b)
|
|
(This used to be commit 8cdfe404ef095901bf1d87fb80b3252eca49c8df)
|
|
ldap_get_values_len, because they were handed a NULL msgs pointer, for
example in ads_pull_sid().
This occurs when the AD server fails at the connect stage. (The
toubled AD server is actually Samba4 in my example).
Andrew Bartlett
(This used to be commit 221a6de7d028f5c9bb9da038650868582d44e7e5)
|
|
Volker
(This used to be commit 7729799be9984a02a2a309289067b7500696e657)
|
|
(This used to be commit ac79bba1a118635ed18d23cf84bdf15923b354c0)
|
|
(This used to be commit 7188ec6bd81715c4df17528bca2b2e658173043f)
|
|
agreed upon
on irc.
Thanks,
Volker
(This used to be commit 51b415d2306f8244d7449756e4fa873adfc8fbe7)
|
|
auth_sam
and auth_domain. Thanks for Simo to point this out.
Volker
(This used to be commit 293b89dfb109d6e220ced433f025cf987aa1f500)
|
|
changing the token generation. I *hate* this code!
Jerry, you have been looking at this as well, can you double-check that I did
not screw it up?
Thanks,
Volker
(This used to be commit 2765c4ff8d44c970db3e075b0a2412662f1936c6)
|
|
(This used to be commit d2f39ae7fe79fd31846c555849655023a2d1cbc7)
|
|
(This used to be commit f21adc04f745a966dbe6ef0b4ffd9729afa3fa78)
|
|
Jeremy.
(This used to be commit e9b016ced636dfdfcb1c4d7d4313f89ddb5e7cbc)
|
|
And we don't install any JavaScript (hold over from a prior SWAT
svn ci trunk/ branches/SAMBA_3_0 -m
(This used to be commit 9bf07ba6cc82113b94f4d1bdac3a95262fff18c0)
|
|
Fixes bug #3702.
deryck
(This used to be commit 4ad7276cef02b28308446c0eb76ea1190ffe9b05)
|
|
(This used to be commit 43f5d09a164ae111807222bdcbef949206766097)
|
|
host)
(This used to be commit b0160f893393a446927c751961d101ddbcba4db4)
|
|
locating AD DC's with out own DNS SRV queries.
Testing on Linux and Solaris.
(This used to be commit cf71f88a3cdcabf99c0798ef4cf8c978397a57eb)
|
|
Guenther
(This used to be commit f4af888282ff39665f186550b9ccbbf7a9128fc2)
|
|
objectClass which is not indexed on AD) in LDAP queries.
Guenther
(This used to be commit 847882a98328b91a2157959c5dad0a2023223846)
|
|
samr_query_domain_info(2) for consistency reasons.
Guenther
(This used to be commit 870495e2c8628deee0498e68cc1d93abfbc56da4)
|
|
difference between samr_query_domain_info and samr_query_domain_info2,
wrap the info2 call around the info call. There have been various "could
not access LDAP when not root" bugs lurking around in
samr_query_domain_info2 anyway.
Guenther
(This used to be commit 3e181b46bea87797d654d57a6c8231cba6ff5a7b)
|
|
call.
Guenther
(This used to be commit 9b0731b2a9b45153356f9f7fad384a02028a8bd3)
|
|
Guenther
(This used to be commit 6ed7d7fa70e3f750f921192c0f75594d608875b7)
|
|
of it expect.
(This used to be commit 7a0c4f4997f359645a9113e19a8831bde7f9ec58)
|
|
globals. This catches mismatched start/end calls and removes
the need for special nested profiling calls.
(This used to be commit ee750498812190edd3ec52ca3c750258f3b8a97a)
|
|
is incorrect).
(This used to be commit e7ddcd8c33de1d2f053ac4c5fdaef5c31c280318)
|
|
(This used to be commit a19d4f2bb4aa94ab40e371efbad9f17e38e3bbc4)
|
|
might be interesting. Push the spacing across a bit so that
it all lines up nicely.
(This used to be commit efd961e4eefb774c7bdaef098e2b67062a7dffd3)
|
|
consistent. Bring oplocks withing the purview of the locking debug
channel.
(This used to be commit e817cfd7d3a42d141198122eada58b5a7ba90e9c)
|
|
starting with the global SAM sid, not an exact search.
Jeremy.
(This used to be commit 755c272ebf5d0f4de15178814f998d1ec5ecb718)
|
|
Guenther
(This used to be commit ef40428d935831bdb19111c933d20e381647f6f8)
|
|
Also return the hostname for the level 6 call (to be consistent with the
server name in level 2).
Guenther
(This used to be commit 41b72e77ae70c96de4659af6b4b6bd842dd67981)
|
|
Guenther
(This used to be commit 6e225e0528604c797a953eb8d3b49a873b21584f)
|
|
name eversince instead of the domain name when we are a DC.
Yes, there are applications relying on this call to be correct.
Guenther
(This used to be commit 26dd22c9af8caf3db236984e4683ba210376ca59)
|