summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2003-07-05Fixes to our LDAP/vampire codepaths:Andrew Bartlett7-48/+123
- Try better to add the appropriate mapping between UID and SIDs, based on Get_Pwnam() - Look for previous users (lookup by SID) and correctly modify the existing entry in that case - Map the root user to the Admin SID as a 'well known user' - Save the LDAPMessage result on the SAM_ACCOUNT for use in the next 'update' call on that user. This means that VL's very nice work on atomic LDAP updates now really gets used properly! - This also means that we know the right DN to update, without the extra round-trips to the server. Andrew Bartlett (This used to be commit c7118cb31dac24db3b762fe68ce655b17ea102e0)
2003-07-05PAM should operate on the Unix username, not the NT username (which might notAndrew Bartlett1-6/+6
have the domain\ qualification). Andrew Bartlett (This used to be commit 7cfa1e7c4abee10fe8c75e36aee68ee9f557656e)
2003-07-05Allow modification of an existing entry.Andrew Bartlett1-15/+36
We still have a lot of work to do to allow this in quite the same way as we have in the TDB, but it certainly is getting closer. Andrew Bartlett (This used to be commit b9ef4e138843e3a9d1157e197de0964daf29f0dd)
2003-07-05Fix typosJelmer Vernooij2-3/+3
(This used to be commit 1a6cdbddbd008c9fe5255ed29871f9a3172fec6b)
2003-07-05Update from Andrew Bartlett with documentation forJelmer Vernooij2-0/+54
'client lanman auth' and 'client ntlmv2 auth' (This used to be commit 60f0934a6dc7a34dad42ba86744a1e3426e99967)
2003-07-05Clear up the difference between 'smb signing' and 'sign&seal' - which has toAndrew Bartlett1-3/+3
this point referred to schannel. Andrew Bartlett (This used to be commit b67479076ddf0c51bc7e319d7fc91a5da52eb8bf)
2003-07-04Add smb_event_id to list of return types (patch from metze)Jelmer Vernooij1-1/+1
(This used to be commit 95c4c801fe80a4d8fce366e63b7f92cbf24930e5)
2003-07-04More conversions I missed. Thanks metze.Jeremy Allison3-7/+7
Jeremy. (This used to be commit 4f78d747e66b38edcd2a5754681f9a01aeaf7864)
2003-07-04Fixed strlower changes I missed. Pointed out by metze.Jeremy Allison2-4/+4
Jeremy (This used to be commit da5ee2b765fc321b14e92eb27bde8ec8930b61d4)
2003-07-04Don't allow RIDs (in our domain) below 1000 (or algorithmic rid base) to beAndrew Bartlett1-0/+5
mapped with the rid algorithm. Instead, a uid/gid from the UID/GID range will be allocated for this RID. Andrew Bartlett (This used to be commit 68245e9cfae9a8cb663503301c21498dd9a3a560)
2003-07-04Update WHATSNEW with the further LDAP schema changes in previous commit.Andrew Bartlett1-3/+5
Andrew Bartlett (This used to be commit 81f84cc57fb39cc8d5edf8cf1005159c67031142)
2003-07-04This patch cleans up some of our ldap code, for better behaviour:Andrew Bartlett9-994/+745
We now always read the Domain SID out of LDAP. If the local secrets.tdb is ever different to LDAP, it is overwritten out of LDAP. We also store the 'algorithmic rid base' into LDAP, and assert if it changes. (This ensures cross-host synchronisation, and allows for possible integration with idmap). If we fail to read/add the domain entry, we just fallback to the old behaviour. We always use an existing DN when adding IDMAP entries to LDAP, unless no suitable entry is available. This means that a user's posixAccount will have a SID added to it, or a user's sambaSamAccount will have a UID added. Where we cannot us an existing DN, we use 'sambaSid=S-x-y-z,....' as the DN. The code now allows modifications to the ID mapping in many cases. Likewise, we now check more carefully when adding new user entires to LDAP, to not duplicate SIDs (for users, at this stage), and to add the sambaSamAccount onto the idmap entry for that user, if it is already established (ensuring we do not duplicate sambaSid entries in the directory). The allocated UID code has been expanded to take into account the space between '1000 - algorithmic rid base'. This much better fits into what an NT4 does - allocating in the bottom part of the RID range. On the code cleanup side of things, we now share as much code as possible between idmap_ldap and pdb_ldap. We also no longer use the race-prone 'enumerate all users' method for finding the next RID to allocate. Instead, we just start at the bottom of the range, and increment again if the user already exists. The first time this is run, it may well take a long time, but next time will just be able to use the next Rid. Thanks to metze and AB for double-checking parts of this. Andrew Bartlett (This used to be commit 9c595c8c2327b92a86901d84c3f2c284dabd597e)
2003-07-04Fix memleak in groupdb. Spotted by MetzeAlexander Bokovoy1-1/+1
(This used to be commit 5280c6953195c2664628ecaab59ea82b4863e8f7)
2003-07-04Display libraries detected by configure but before configureTim Potter1-0/+12
summary as suggested by abartlet. (This used to be commit 7b2c6181b17a0d62043569ffa49cdf6c5b0b6859)
2003-07-04Debian updates.Eloy Paris1-0/+11
(This used to be commit c14fca49e99395c064b0365e902dd97119974bb6)
2003-07-03Removed strupper/strlower macros that automatically map to ↵Jeremy Allison56-280/+268
strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03Fix for bug #199 (xp driver uploads). Needed to supportGerald Carter1-6/+14
the "OSVersion" print server data value. (This used to be commit 02bc7be1ac6b75bf6559ea684bbc89ab3e19402e)
2003-07-03fix for bug #200. flush connections if the machine trsut accountGerald Carter1-1/+31
changed underneath us. (This used to be commit 6a1ad1ded1d619394ed4ca9e05fdffaa3b902b3b)
2003-07-03Missed this in the previous patch - we now have a seperate idea of theAndrew Bartlett1-1/+1
'unix username' from the NT username, in the auth subsystem at least. Andrew Bartlett (This used to be commit df1aa2a669edc9f26007595411720742d7dff5d9)
2003-07-03This patch takes the work the jerry did for beta2, and generalises it:Andrew Bartlett11-64/+97
- The 'not implmented' checks are now done by all auth modules - the ntdomain/trustdomain/winbind modules are more presise as to what domain names they can and cannot handle - The become_root() calls are now around the winbind pipe opening only, not the entire auth call - The unix username is kept seperate from the NT username, removing the need for 'clean off the domain\' in parse_net.c - All sid->uid translations are now validated with getpwuid() to put a very basic stop to logins with 'half deleted' accounts. Andrew Bartlett (This used to be commit 85f88191b9927cc434645ef4c1eaf5ec0e8af2ec)
2003-07-03Some fixes for ads printer publish:Tim Potter1-6/+26
- check error return for cli_full_connection() when trying to obtain printer data - check error return on ads_find_machine_acct() - Minor reformatting to separate fetching printer data from publishing it (This used to be commit 94fe3b2cdfa67c9d74edc00a436b5eacbf3e0dc4)
2003-07-03Implemented 'net ads printer search' which searches the directory forTim Potter2-1/+46
published printers. At the moment we don't search using any parameters but this can be fixed by changing the LDAP search string. Also we should contact the global catalog at SRV _gc._tcp instead of the ldap server we get back from ads_startup(). (This used to be commit 814519c5de7f962623163b732c8589abd355d845)
2003-07-03fix bug #190; WINS server was getting marked as dead when it was not.Gerald Carter1-2/+14
(This used to be commit fa354f3ceefe53bdfd4f543559041d337b75613f)
2003-07-03Fix bug in doxygen comments for ads search functions.Tim Potter1-4/+4
(This used to be commit ae6c05ea726da13fc1a18398d1ffe56f34e1edb9)
2003-07-03More Debian updates.Eloy Paris19-262/+409
(This used to be commit 1f7de8c42e05c70cdb76c4f917b7ff128f5249e6)
2003-07-03well this was easy...Gerald Carter2-4/+19
When winbindd is running on a PDC the SAM_ACCOUNT for a trusted user has a username of DOMAIN\user. Make sure to trim the domain part from the username when filling in the net_sam_logon reply. This fixes the browsing issues i was seen across domain trusts. (This used to be commit 62e36e6ede067ace23f5473d04917c7eeedf07e2)
2003-07-03Debian updates.Eloy Paris4-38/+16
(This used to be commit 617902427688de58b21c176e060b9b678ebfcd10)
2003-07-02Fix for idmap startup bug with remote ldap backend.Jeremy Allison1-21/+47
Jeremy. (This used to be commit 16a5461dd36f138a1bb1e3a2b70d4000bba0c980)
2003-07-02Fixing problems in the iconv discovery stuff in configure.in.Richard Sharpe2-1/+2
This is the first part of the fix that at least allows configure to walk the list of supplied locations where libiconv etc might be found. aclocal.m4 also needs a fix, as does a later test. (This used to be commit 20786543139c546d112f8f6b6d4d796ee7fed609)
2003-07-02Added fix for Japanese case names in statcache - these can changeJeremy Allison3-4/+82
size on upper casing. Based on patch from monyo@home.monyo.com. Jeremy. (This used to be commit 72e382e99b92666acdaf50a040b14aa16d48b80d)
2003-07-02Propagate changes to WHATSNEW.txt from release tree so that they would not ↵Alexander Bokovoy1-58/+59
be out of sync with reality. (This used to be commit 8deb6370efe9ca6baac54dc5d0b0a3df04d8258f)
2003-07-02SAMBA_3_0 will now become beta3Gerald Carter1-1/+1
beta2 is captured in the release branch (This used to be commit 4b3a15917dd6935353d8998e918c750a6c090671)
2003-07-02The default_realm parameter needs to be set in a minimal krb5.conf.Tim Potter1-0/+3
(This used to be commit 32e872f23d573057b9719e8ef37c2bdbd3e12194)
2003-07-02Fix poptOption definition for --no-pass and --kerberos options. The 'value'Tim Potter1-2/+2
field for an option should be set to an identifier to use in a switch statement or zero if the the arg field is to be updated only. This fixes smbclient -k always prompting for a password which we don't need. (This used to be commit 0744e2dad372904a554019146ff6f6e31ca1b2d2)
2003-07-02Suggest the user runs kinit if smbclient -k returns ↵Tim Potter1-0/+4
NT_STATUS_MORE_PROCESSING_REQUIRED. (This used to be commit 66c4beb28672ef335ff4d6d6a3447e4c2c337f76)
2003-07-02Update my email address.Tim Potter1-1/+1
(This used to be commit 9648e9762561296c33401079389b5d201d1e8a2f)
2003-07-02Uppercase first letter of debug level 0 statements.Tim Potter1-2/+2
(This used to be commit 05679968e207f795237bbee7b6564f365415d02f)
2003-07-02#ifdef out apparently unused function.Tim Potter1-0/+4
(This used to be commit 9324703066cfdcb65208420a12e4ab8f358ccc09)
2003-07-02Regenerate manpagesJelmer Vernooij4-153/+290
(This used to be commit ace326ffe5adc957f4e058926e5af4e0c97bd892)
2003-07-02Whitespace reformat before applying a patch.Jeremy Allison1-184/+187
Jeremy. (This used to be commit bbe1276b516e1803a4a9285691674784b989b72f)
2003-07-01regenerate docsJelmer Vernooij86-16174/+3965
(This used to be commit cc02d3bc170fe5c8c4474156edb6c83720a47aa0)
2003-07-01Fix for bug 189 from MORIYAMA Masayuki <msyk@mtg.biglobe.ne.jp>. IncorrectJeremy Allison1-1/+1
call for Japanese characters. Jeremy. (This used to be commit c6de5df01d470c2dab48cdd6298f450fa94f9a8e)
2003-07-01Adding jcmd's share ACL on XP patch. Thanks Jim !Jeremy Allison3-4/+27
Jeremy. (This used to be commit 7ed1118ae61a13de2c781a94fc2394090efd1f9b)
2003-07-01Generate docs.Jelmer Vernooij2-27885/+28069
(This used to be commit 4255b96134e4cd8cbb29219ac2702ad8346f62f8)
2003-07-01Use entitiesJelmer Vernooij1-1/+1
(This used to be commit d2ceb1ada0e8ae4b0154904ab450c3153e679feb)
2003-07-01Fix some syntax errors and typo'sJelmer Vernooij3-1/+5
(This used to be commit 371c9796bb3d6c0705f2e5af055a713cc9b4a652)
2003-07-01Adding idmap uid/gid smb.conf man page entries. Marking winbind uid/gid as ↵John Terpstra4-5/+40
deprecated. (This used to be commit 8bfaf39680ea1fa2a347fa19052f69d6789ed99d)
2003-07-01Fix a typoJelmer Vernooij1-1/+1
(This used to be commit aba86db38f2f930d2f7d9d1f9bb70d1eaa3118c0)
2003-07-01Document "client use spnego"Jelmer Vernooij1-0/+16
(This used to be commit b7b45794c233e37d3b78db19852ef1d44d63288c)
2003-07-01sync with release branchGerald Carter1-11/+62
(This used to be commit 57f9333668cc56f338d8b2252a6217612b694a9f)
generated by cgit (git 2.34.1) at 2024-07-08 20:32:00 +0000