Age | Commit message (Collapse) | Author | Files | Lines |
|
changed a password via pam_chauthtok. Only do this if
a) a user logs on using an expired password (or a password that needs to
be changed immediately) or
b) the user itself changes his password.
Also make sure to delete the in-memory krb5 credential cache (when a
user did not request a FILE based cred cache).
Finally honor the krb5 settings in the first pam authentication in the
chauthtok block (PAM_PRELIM_CHECK). This circumvents confusion when
NTLM samlogon authentication is still possible with the old password after
the password has been already changed (on w2k3 sp1 dcs).
Guenther
(This used to be commit c3005c48cd86bc1dd17fab80da05c2d34071b872)
|
|
Jeremy.
(This used to be commit 4a74d042c9108ed68cc92f27b390c261c0bc8885)
|
|
Jeremy.
(This used to be commit 42a846b3dfa50eea6592c6bb425f7bdb672c25f9)
|
|
but explicit shares in "default service" :-).
Jeremy.
(This used to be commit 90bdcce765998cc0f5768d24926d52b8a4a44f90)
|
|
errno into an NTSTATUS immediately.
Jeremy.
(This used to be commit 71dd02cc164197152e76d8141f906390c4bd1526)
|
|
Jeremy
(This used to be commit 6be078da267677e3e558033c28099e3932a17712)
|
|
on terminate. Pointed out by Herb.
Jeremy.
(This used to be commit 08998b74a51acd55eb6cbe095e682e2a79334736)
|
|
(This used to be commit 5876bedda51fce0c932ca0cdab074629b31a9c94)
|
|
(This used to be commit e73a418b5b0100936efb4c1133da3cfe3fcb61cd)
|
|
But I'd
see this as a design flaw in data_blob() and it made me look in that routine.
Jeremy, revert or merge please :-)
Volker
(This used to be commit e7e6b8b5e0b00cc0746db4e9baa2e860074f903a)
|
|
fragmented into "max xmit" size security blob
chunks. Bug #4400. Needs limits adding, and also
a client-side version.
Jeremy.
(This used to be commit aa69f2481aafee5dccc3783b8a6e23ca4eb0dbfa)
|
|
Guenther
(This used to be commit 5c4a58ff3ab261e32789f39f2cf478367b727318)
|
|
with the 3.0.25 tree (for now)
(This used to be commit 53ab0d1822711038612f2ef9ccffaa3ed394c4ce)
|
|
Guenther
(This used to be commit ad063d9a944e923777e538c2cb050d47f9f8bea0)
|
|
Change
back the 'msdfs root = yes' default to 'no'.
Volker
(This used to be commit ec6ebdcdbf1146af21ab66731e018e2834b2b118)
|
|
(This used to be commit 19ee6779255a269830fa8ee51468a4738dadf942)
|
|
(This used to be commit c852d9b56971673fc62eec3460720478d81c279d)
|
|
need to
agree on the behaviour of non-existing records.
Tridge, can you comment? Should we change tdb_fetch, or should we have
different concepts in tdb_fetch() and tdb_parse_record() ?
Volker
(This used to be commit fba79e75c0138c3ae4e73014a1d1a2c2045c35bb)
|
|
identical in 3.0.25 and 3.0.
Jeremy.
(This used to be commit eabe14825877a05d544bb61080701170449c7d26)
|
|
Not as bad
as not doing it at all, but needs fixing. Also simplify the logic, I had
missed the "goto out" at the end of the function.
Volker
(This used to be commit 101789946130d51f3092d19f081071bdb5e43c21)
|
|
succeeded. Found while testing the brlock seqnum patch.
Tridge, please check!
Volker
(This used to be commit 815f2b19409dc015bb2a04b16224a7ac8071a991)
|
|
(This used to be commit 29a1892c131ed41a06d3dcfdb5d21371e60c1ba6)
|
|
(This used to be commit aa8f306fa545af653d8288919fa5a3b80f447bec)
|
|
(This used to be commit 9fe5f7885771e68b11c7794653d0e4771eeac403)
|
|
allow detection of libbiconv if all others fail - need for FreeBSD
(This used to be commit 7acc9421b0643cb04bff1f1d98ecb899f9b09601)
|
|
_nss_winbind_initgroups_dyn() on an empty group list.
Guenther
(This used to be commit 155b9e7c74d1a623e018fc2f8ca2e32e4aa3f213)
|
|
Guenther
(This used to be commit 7bbb3409a530a6ac9712992c87c63e056511517b)
|
|
(This used to be commit 78d6c88f10d600e05c4346affbba1d95c614dc34)
|
|
Avoid assigning 0 as primary group id for users in NSS calls.
Jerry, please check.
Guenther
(This used to be commit 03f5f7d0140c99411c137e7e2eac7e2d0c08202e)
|
|
(This used to be commit b84370513fbf790e599c33f177fb271a2a992b72)
|
|
is sending LMv2 make sure we test with the password
blob in the LM field as well as the NT field.
Jeremy.
(This used to be commit a6b55beae7ae0c70cf955d01f51f881f9f962910)
|
|
Jeremy, I'm afraid you removed the "domain->initialized" from the
set_dc_types_and_flags() call when the connect to PI_LSARPC_DS failed
(with rev. 19148).
This causes now that init_dc_connection_network is called again and
again which in turn rescans the DC each time (which of course fails each
time with NT_STATUS_BUFFER_TOO_SMALL). Just continue with the
non-PI_LSARPC_DS scan so that the domain is initialized properly.
Guenther
(This used to be commit c6f63a08f55a4121cbe5aac537d2ef983dc25a97)
|
|
(This used to be commit 3d85eb758d2261e0749f6db0ce368a7c0d4df149)
|
|
Fix dfree_retval to be SMB_BIG_UINT as well,
otherwise we may wrap up on > 2T file systems.
Simo.
(This used to be commit 0bb7f6492ccf4a965d70d43ee1483959c71bcdba)
|
|
(This used to be commit ab053a3b7186989b41180857e21e7d837de81cbd)
|
|
Guenther
(This used to be commit 639b7989b3ad1438a443a33dc41115bcc90f72d2)
|
|
Guenther
(This used to be commit e3c32583795631212dc0d5cd01981b27cde2a489)
|
|
print NSS_STATUS code with DEBUG_NSS when leaving a function.
Guenther
(This used to be commit 53ecd63d94fd0a502ef5cdeb512c8e38795698e1)
|
|
Guenther
(This used to be commit 7ad7847e5bbdd90fa6ae9ce91e5962f524ac2890)
|
|
Guenther
(This used to be commit 8462f323cf86f90b1bdf14a3953c5a4bda1b9533)
|
|
but for a level3 it makes no sense for
ptr_sec_desc to be NULL. JRA. Based on
a Vista sniff from Martin Zielinski <mz@seh.de>.
Jerry - part of the Vista patchset.
Jeremy.
(This used to be commit 60e26a9039fbe0fd632e306bf545331195fb1ce6)
|
|
* get rid of horrible ads.h parsing
* add LDAP_SERVER_SHUTDOWN_NOTIFY_OID
* display hex bitmasks
Guenther
(This used to be commit 97ce4ccea215098f574a40a3192d37910f30c79a)
|
|
moved up one layer.
(This used to be commit 552ae93b14ff1674a8b2f369e57ad2d7d0712a70)
|
|
Guenther
(This used to be commit dcbf7a1250aa5c6293ffba6a930ee23537ec9484)
|
|
it should be abstracted a little higher up so other os'es can have an
entry, but it will take a bit more work. Thanks to Chetan Shringarpure
and Mathias Dietz.
I didn't increment the vfs number again because the kernel change notify
stuff hasn't been released yet anyway.
(This used to be commit 9463211bf3b46ee408b88dfbf42d498e3839d4cc)
|
|
Guenther
(This used to be commit bc77622134e606b8a643454493ba316f84312d52)
|
|
(This used to be commit 0c8a364aec68bc7338d034b6f8223ec4085c9e07)
|
|
Cached logon with pam_winbind should work now also for NT4 and samba3
domains.
Guenther
(This used to be commit b2f91154820219959b8008b15802c70e1d76d158)
|
|
fix memory hierachy, and access to already freed memory
metze
(This used to be commit 05a23dd75655a80667627e00e0a441b54ec92b22)
|
|
Guenther
(This used to be commit 5a7b2fccb3cdc6a849aedcd256eea86faec1d54c)
|