| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
I've been grumbling about under-efficient calls in SAMR, and finally
got around to fixing some of them.
We now call sys_getgroups() (which in turn calls initgroups(), until
glibc 3.4 is released) to figure out a user's group membership. This
is far, far more efficient than scanning all the groups looking for a
match, and is still the 'posix way', just using an effiecient call.
The seperate issue of 'who is in this group' remains, but this one has
been biting some people.
I need to talk to VL about how best to exersise nasty corner cases,
but my initial tests hold strong. (The code is also much simpiler
than before, which has to count for something :-)
Andrew Bartlett
(This used to be commit dc19f161698dab5b71d61fa2bacc7e7b8da5fbba)
|
|
in finding out who is causing the massive performance problems with
large LDAP directories.
Andrew Bartlett
(This used to be commit f16ed2616a67c412bc9b78354a5faf673e64cf42)
|
|
Thanks to Bjoern Jacke for his moral support :)
Guenther
(This used to be commit ab875d3ecf3a80f5648432f7f4573f57442e6698)
|
|
policy-handles. Also remove some unused vars.
Guenther
(This used to be commit 5181c1b2192d1802616e8c30cd9458c00a306a46)
|
|
'..' from all #include preprocessor commands. This fixes bugzilla #1880
where OpenVMS gets confused about the '.' characters.
(This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
|
|
security descriptor for a file. Return an error in this case instead
of panicing trying to unpack a zero length buffer. Found by Brett
Funderburg.
(This used to be commit 588de0d4a84a5228d0f99f743ad327ad3b70ead1)
|
|
User-, Group- and Machine-Accounts in Active Directory (this got lost
during the last trunk-merge).
This way we match e.g. default containers moved by redircmp.exe and
redirusr.exe in Windows 2003 and don't blindly default to cn=Users or
cn=Computers.
Further wkguids can be examied via "net ads search wellknownobjects=*".
This should still keep a samba3-client joining a samba4 dc. Fixes
Bugzilla #1343.
Guenther
(This used to be commit 8836621694c95779475fa9a1acf158e5e0577288)
|
|
Add sd->type field to security descriptor Python representation.
(This used to be commit b157a1b7c3e15a960fbc943d37abbb1bf5053a63)
|
|
a patch by Ronan Waide
(This used to be commit a48b3b291cfe5883da1a36b368ddf725b5ff9375)
|
|
very rarely used, but we sohuldn't be removing a feature in a minor
release of this kind.
(This used to be commit 4ce0505bc369243aa77013519ce4e4f6e50f5a48)
|
|
nt_create_andx() function.
(This used to be commit fa3e8365641e84ca361dc95bac33a9d56e9d799b)
|
|
Qiao Yang.
(This used to be commit 30ae13cb9fbe5f04e46bcbd5e0c19da9b33341d5)
|
|
64bit AMD platform.
(This used to be "Windows AMD64" and "AMD64" in one of the release
candidates of SP2 for Windows XP. AMD64 is obviously still supported but
not documented.)
Guenther
(This used to be commit cc5892f0411b8eb5daebe746164a2cf21d3d4c68)
|
|
Currently we cannot store more then 15 password history entries (windows
NT4 allows to store 24) in ldapsam. When choosing more then "15" with
pdbedit -P "password history", we fail to initialize the password
history upon password change and overwrite the history, effectively
using a password history of "1". We do already decrease any
history-policy larger then 15 to 15 while storing the password history
list attribute in ldap.
Guenther
(This used to be commit a4b47e71475a06c2e2287613b00648c5f53ae52c)
|
|
rafal
(This used to be commit 7fa94c38951fcd803a8e769a867a008e47f4129a)
|
|
At least temporarily, since I've got the impression that _real_ fix
is more complex...
rafal
(This used to be commit 982912f0c8547b0f0edc8d0b26e36e9701cdee82)
|
|
Allow 'require_membership_of' and 'require-membership-of'.
Really use a different struct for the SID->Name lookup.
Andrew Bartlett
(This used to be commit 83dadcd089905aa8ff3392010177ffa1dc8237ba)
|
|
Russel for some help in designing the new algorithm.
(This used to be commit 38144f8d2cda32edacf90725f28e763689128d0d)
|
|
allow e.g. two umlauts and one ascii char to comply with account-policy
"min password length" of 5.
Thanks to Uwe Morgenroth from CC Compunet and Volker.
TODO: we do check the length against AP_MIN_PASSWORD_LEN *and*
lp_min_passwd_length() - both can have differing values.
(This used to be commit d03683772942e8c32507be210b8fd35bfba2c048)
|
|
<bjacke@sernet.de>
"Do not use display charset for swat output. In HTML we do not care
about the "locale charmap" because HTML code is UTF-8 only now.
Additionally take care that we convert files from statuspage from unix
charset to UTF-8. Thus we have correct HTML output under all
circumstances. We now also convert the share names correctly from unix
encoding to web encoding and vice vera. "
Guenther
(This used to be commit 6d9f77c2bb95db4939b8ef375e22b188168b70ab)
|
|
(This used to be commit 316302ca4a79cfc201311e12df71fdbb974c09c4)
|
|
reuse when filling in the spolss replies (also gets rid of get_called_name()
(This used to be commit 57db8ca91f52329c7f8985c04463b6b69015b0c4)
|
|
naming of the require_membership_of parameter in pam_winbind and fix
the error code for 'you didn't specify a domain' in ntlm_auth.
Andrew Bartlett
(This used to be commit 4bf0b94011fe6bfbec5635e58cafbfe3dc898569)
|
|
Andrew Bartlett
(This used to be commit 1833d0ab724d88411ebd79ac26f5642e7c8cfee3)
|
|
inside a function. Bugzilla #1762.
(This used to be commit 002cdd4a5b34611983a32018248f9fe122c4111a)
|
|
in struct secmethod_table as AIX 5.2. Patch from The Written Word.
(This used to be commit 4f8496ad626478c31e9372e07652d50f581256d0)
|
|
and the wbinfo -a test tool.
If 'client ntlmv2 auth' is set, then we will send an NTLMv2, rather
than an NT/LM response to the server.
Andrew Bartlett
(This used to be commit ce2456e436c5d57cd95cd10c6edf759592d0e843)
|
|
_samr_query_useraliases shows up with all kind of very weird memberships
(global-groups, machine-accounts, etc.). Sometimes even if there is no
alias-membership at all.
One of the biggest mistakes is to convert any unix-group the user is a
member of, into an alias by default in get_group_from_gid.
get_alias_user_groups should be rewritten to use
pdb_enum_alias_memberships.
Guenther
(This used to be commit 73ab2d2a74d3992167d9304dd41f60ad0805dd67)
|
|
smb.conf-parameter for samba's "algorithmic rid base" in ldapsam are
identical.
It tried to get the value of LDAP_ATTR_ALGORITHMIC_RID_BASE via
get_userattr_key2string() for a very long time now. This just can not
work because LDAP_ATTR_ALGORITHMIC_RID_BASE is neither in attrib_map_v22
nor in attrib_map_v30. Instead, get it directly from dominfo_attr_list.
Ldapsam will now correctly refuse to initialize when admins tried
manually to have differing values for "algorithmic rid base" in ldap and
smb.conf. idmap_ldap is another story...
Guenther
(This used to be commit c5b8bc6c2e9a3f789f41742438b31152721c0bf4)
|
|
Guenther
(This used to be commit 4886d6663d7479978e2c395602392accb5939fa0)
|
|
(This used to be commit 8ec28d613d6dcade135b314c6764fbafcc8ed79c)
|
|
Guenther
(This used to be commit 8521891ee87551e62fedecef2f5efa49f6c90a99)
|
|
Volker
(This used to be commit ef057e9534cc3713d3bcd7427cf34c74f7e3ea13)
|
|
"Unify charset-handling in Content-Type:-headers to UTF-8 (fixes #1766),
making UTF-8 the only supported (but fully functional) charset. Also
remove html-header-files for ja and tr that have become obsolete now.
Reformat msgstr in msg-files to UTF-8."
Guenther
(This used to be commit 0f8e1a0d0083ffb25b1888f5cae2613f7a7dbc46)
|
|
Samba4 torture tester treates maxentries = 0 as maxentries ==1.
Jeremy.
(This used to be commit 38f3d3e263f59f94f243907447b5a82f67d3e3f7)
|
|
of the response packet) was outside of the if() that determined whether
the query was successful or not. As a result, the MAC address would print
out even if there was no MAC address. At least the garbage it printed was
relatively consistent. :)
I moved the MAC printing into the if() block and added an 'else' to print
"No reply..." if the query fails.
Chris -)-----
(This used to be commit 2a5d66791fa5e1b19e0ec9072af254142245d0c2)
|
|
Jeremy.
(This used to be commit ba69c7229c27e917a24e6d608d59e7c0bdd47551)
|
|
st_blksize, it isn't what you think....
Jeremy.
--his line, and those below, will be ignored--
M source/smbd/dosmode.c
(This used to be commit 0a40c1a50f0e4b1b7efc9a53d22ceac14841bccf)
|
|
Limit share names returned by RAP based on windows character width, not unix
character width.
(This used to be commit 5d57058d912a42d55879352e904f0bcaa6531075)
|
|
Optimization for 'idmap backend = ldap': When asking sid2id for the wrong
type, don't ask ldap when we have the opposite mapping in the local tdb.
Volker
(This used to be commit c91cff3bd38c1a8e23628b032f09829f9abf792d)
|
|
Jeremy.
(This used to be commit 8a7741dddf17dca136144fb26e2d7a42d313467a)
|
|
info level. Outputs data on the file in the same format the the
stat command in Linux. Should be useful to people wanting to learn
how to parse the UNIX extension output.
Yes I will add the docs later :-).
Jeremy.
(This used to be commit b25cc596417d29815814c3968ac2627bf59ffc0b)
|
|
clients. This upsets the smb client in the Linux kernel (and Linus :-).
Jeremy.
(This used to be commit dad699ce0b36d23b80fe70b74d5e98df568a0495)
|
|
supports it. This might be a fix for bugs 1823 and 1545, notifying both.
Also ignore object class violation errors from the extended operation. We
don't have the userPassword field in sambaSamAccount, and if we have such
broken setup with user in /etc/passwd and only samba attribs in ldap, we fail
this :-)
Volker
(This used to be commit a32ea3bc881f516fb733cb4767ae5cf22d658b12)
|
|
we still need to set errno = E2BIG when we overflow.
Jeremy.
(This used to be commit 7b0560dcccbd44f1f7b67ba1d46f6a5680b6b47c)
|
|
Jeremy.
(This used to be commit ca9516520ffe007a7dccd4d6cbf1c5d77fc4ce29)
|
|
corruption.
(This used to be commit 557e12d1b593b582ea1157d278bcdde6aba5a879)
|
|
groupnames. In template homedir, leave %D alone uppercased.
Volker
(This used to be commit dcb577f1cd8cf60557c0d061afeec206f58a6b31)
|
|
- I recently found out that charaters below 0x3F are guaranteed not to
occur as secondary bytes in any multi-byte character set. This
allows for a very simple optimisation in strchr_m() and
strrchr_m(). It might be a good idea to pick this up for Samba3.
Jeremy.
(This used to be commit 0465e2d23d27e535bad4652037b37041049bfa96)
|
|
tester).
Jeremy.
(This used to be commit fc51c97ea86bd1a86830d4ab2c6c7c4ec9fccc88)
|
