summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-11-09s4:dsdb/common: create a DSDB_SECRET_ATTRIBUTES define with all secret ↵Stefan Metzmacher2-12/+15
attributes We should have them just in one place, so that we don't forget some of them. metze
2010-11-09s3: Quieten a bogus error messageVolker Lendecke1-3/+1
This happens if you set "auth methods = winbind" without a fallback method. The return NT_STATUS_LOGON_FAILURE; is not strictly require here, because we fall through to the equivalent statement a few lines down, but it makes the code a bit clearer IMO. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Nov 9 20:15:59 UTC 2010 on sn-devel-104
2010-11-09s3: Package autorid moduleVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Nov 9 16:21:48 UTC 2010 on sn-devel-104
2010-11-09raw.h is only needed in the S4 buildVolker Lendecke1-0/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Nov 9 14:49:14 UTC 2010 on sn-devel-104
2010-11-09s4:provision_self_join.ldif - the object SID in AD is called "objectSid"Matthias Dieter Wallnöfer1-1/+1
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 9 13:18:29 UTC 2010 on sn-devel-104
2010-11-09s4:provision.py - strip trailing whitespacesMatthias Dieter Wallnöfer1-106/+106
2010-11-09s4:provision - switch to "clearTextPassword" for setting passwordsMatthias Dieter Wallnöfer4-8/+8
This is the default password set/change attribute for s4 specific purposes (otherwise in respect to Windows it's "unicodePwd"). We move away from "userPassword" since on Windows it's not activated by default - and s4 will follow soon.
2010-11-09s4-test: make sure the selftest prefix existsAndrew Tridgell1-0/+3
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Nov 9 00:05:22 UTC 2010 on sn-devel-104
2010-11-08s4-drs: reduce verbosity of dreplsrv_out_connection_attachAndrew Tridgell1-2/+2
2010-11-08heimdal: fixed a shadowed variable warning for error_messageAndrew Tridgell1-23/+23
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-08s4-attid: Uppercase ATTID type constantsKamen Mazdrashki3-10/+10
Thanks Metze for noting this! Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Mon Nov 8 23:06:41 UTC 2010 on sn-devel-104
2010-11-08s4-test: Initial implementation for Schema replication black box testKamen Mazdrashki1-0/+174
2010-11-08Second part of fix for bug #7777 - When requesting lookups for BUILTIN sids, ↵Jeremy Allison1-1/+3
winbindd allocates new uids/gids in error. Ensure we return after calling passdb for SID lookups for which we are authoritative. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Nov 8 22:24:34 UTC 2010 on sn-devel-104
2010-11-08Ensure we always have a mapped group for "Domain Users".Jeremy Allison1-1/+6
Needed for DC tests to pass with bugfix for bug #7777. Jeremy.
2010-11-08First part of fix for bug #7777 - When requesting lookups for BUILTIN sids, ↵Jeremy Allison1-0/+10
winbindd allocates new uids/gids in error. Ensure idmap_init_passdb_domain() correctly initialized the default domain first. Jeremy.
2010-11-08s3/configure: fix typo and warningBjörn Jacke1-1/+1
Autobuild-User: Björn Jacke <bjacke@samba.org> Autobuild-Date: Mon Nov 8 20:58:20 UTC 2010 on sn-devel-104
2010-11-08s4:password_hash LDB module - introduce a "userPassword" flag which ↵Matthias Dieter Wallnöfer1-15/+37
enables/disables the two "userPassword" behaviours - Enabled: "userPassword" password change behaviour (will later be linked to the "dSHeuristics") - Disabled: "userPassword" plain attribute behaviour (default) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 15:28:06 UTC 2010 on sn-devel-104
2010-11-08s4:pyldb.c - fix "py_ldb_contains" according to the comment by JelmerMatthias Dieter Wallnöfer1-4/+2
2010-11-08s3-waf: add idmap_autorid to the build.Günther Deschner2-1/+10
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Nov 8 14:17:27 UTC 2010 on sn-devel-104
2010-11-08s3: Fix an uninitialized variableVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Nov 8 13:22:06 UTC 2010 on sn-devel-104
2010-11-08s3: Build idmap_autorid by defaultVolker Lendecke1-0/+1
2010-11-08s3:idmap: add a new ID mapping module autoridChristian Ambach4-0/+610
This is an initial implementation of the idmap_autorid module. It works similar to the idmap_rid module but requires less configuration. It will automatically pick ranges for each domain, so you do not have to bother any more about adding an idmap configuration for all of the domains in the forest. This is very easy to use and to configure and much more deterministic and faster than idmap_tdb, the typical choice of Samba users up to now.
2010-11-08s3:winbind add wcache_tdc_fetch_domainbysidChristian Ambach2-0/+53
add a function to lookup a domain in the winbind cache by domain SID
2010-11-08s3: Put some parentheses around conditionalsVolker Lendecke1-2/+2
2010-11-08s3: Consistently use stdbool types in new codeVolker Lendecke1-11/+11
2010-11-08s3:winbind add timeouts to winbind cacheChristian Ambach1-14/+57
This adds a timeout value to cache entries and the NDR records in the winbind cache. The previous approach of just comparing the sequence number has some issues, e.g. when retrying a wbinfo -n operation for a user in a not yet trusted domain was always failing even after the trusted domain was added. The new approach compares sequence number and timeout value to determine if a cache entry is still valid or not. I increased the cache version number so an old cache will be wiped automatically after upgrade.
2010-11-08s4:passwords.py - test empty password attributes behaviourMatthias Dieter Wallnöfer1-1/+154
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 12:09:56 UTC 2010 on sn-devel-104
2010-11-08s4:password_hash LDB module - deleting password attributes is a little more ↵Matthias Dieter Wallnöfer1-6/+6
complicated
2010-11-08s4:samdb_msg_find_old_and_new_ldb_val - reworkMatthias Dieter Wallnöfer2-10/+38
- don't crash when no values where specified - return ERR_CONSTRAINT_VIOLATION on malformed messages - only check for flags when we are involved in a LDB modify operation
2010-11-08s4:password_hash LDB module - clear the fact that a delete of password ↵Matthias Dieter Wallnöfer1-1/+1
attributes isn't possible
2010-11-08s4:acl LDB module - define the delete passwords special case a bit betterMatthias Dieter Wallnöfer1-3/+4
2010-11-08s4:passwords.py - add another two failure casesMatthias Dieter Wallnöfer1-0/+21
2010-11-08ldb:pyldb.c - "py_ldb_msg_element_get" - here we can safely use "unsigned ↵Matthias Dieter Wallnöfer1-3/+3
int" for the element reference We don't make use of "Py_List*" calls Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 11:21:27 UTC 2010 on sn-devel-104
2010-11-08ldb:pyldb.c - "py_ldb_contains" - return only "0" not found, "1" found, "-1" ↵Matthias Dieter Wallnöfer1-3/+10
error
2010-11-08ldb:pyldb.c - most of the times "time_t" is defined as "long int"Matthias Dieter Wallnöfer1-5/+5
Therefore use a signed long int for conversions. http://stackoverflow.com/questions/471248/what-is-ultimately-a-time-t-typedef-to
2010-11-08ldb:pyldb.c - fix some "Py_ssize_t" output warningsMatthias Dieter Wallnöfer1-3/+2
2010-11-08ldb:pyldb.c - use "Py_ssize_t" for counting list entriesMatthias Dieter Wallnöfer1-12/+11
This seems to be the most appopriate type
2010-11-08ldb:pyldb.c - fix indentationMatthias Dieter Wallnöfer1-2/+3
2010-11-08s4:pydsdb.c - use "Py_ssize_t" for Python list countersMatthias Dieter Wallnöfer1-1/+1
Seems to be the most appropriate type
2010-11-08s4:pydsdb.c - introduce Python 2.4 compatibility definesMatthias Dieter Wallnöfer1-0/+11
2010-11-08s4:objectguid/repl_meta_data LDB module - deny "objectGUID" updatesMatthias Dieter Wallnöfer3-0/+29
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 10:36:50 UTC 2010 on sn-devel-104
2010-11-08s4:objectclass LDB module - no idea why we'd need the "objectGUID" hereMatthias Dieter Wallnöfer1-1/+1
2010-11-08s4:objectguid LDB module - make use of "dsdb_next_callback"Matthias Dieter Wallnöfer2-30/+6
2010-11-08s4:drsuapi RPC server - writespn.c - fix indentationsMatthias Dieter Wallnöfer1-15/+24
2010-11-08s4-drs: allow bypass of writespn checking for some SPNsAndrew Tridgell1-1/+111
this allows accounts (and in particular RODCs) to make SPN updates on their own account if they take the form SERVICE/hostname we may be able to remove this in the future after some changes in our ACL checking for userPrincipalName Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 08:45:16 UTC 2010 on sn-devel-104
2010-11-08heimdal Add clock-skew handling to DCE-style GSSAPIAndrew Bartlett1-39/+65
The clock skew handling was previously only on properly wrapped GSSAPI, and was skipped for DCE-style. This allows the ASN.1 errors from the krb5_rd_req to suggest parsing as a kerberos error packet. Andrew Bartlett Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 07:58:09 UTC 2010 on sn-devel-104
2010-11-08s4-auth Supply more useful error messages on Kerberos failureAndrew Bartlett3-13/+28
The practice of returning only NT_STATUS_INVALID_PARAMETER hasn't helped our users to debug problems effectivly, and so we now return more errors and try and give a more useful debug message when then happen. Andrew Bartlett
2010-11-08s4-auth Fix typos in samba4 auth codeBrad Hards1-7/+7
2010-11-08s4-dsdb Explain why we may not use the GC name in some situations.Andrew Bartlett1-0/+8
This delicate balance caused us a bit of a puzzle when we could not work out why an DC join failed with the new python scripts. Andrew Bartlett
2010-11-08s4-selftest fix indentationAndrew Bartlett1-3/+3
generated by cgit (git 2.34.1) at 2024-11-03 01:15:16 +0000