summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2002-08-06Ooops...forgot to put this in with the new nmbd samlogon response code.Jim McDonough1-1/+2
THis should fix the build. (This used to be commit ef984b99614c07ef5934849a9ad85190b636d421)
2002-08-06Add AD version of samlogon replies for getdc. ATM it will only functionJim McDonough3-11/+127
if you have an ADS DC. (This used to be commit 059a352ebb7c7286d205bc86a92f5fd26ab1ff8e)
2002-08-06Add SAMR 0x3e, which is samr_connect4. Seems to be the same as ourJim McDonough4-10/+171
existing connect (which I've been told is really connect2), with one extra dword. We've only seen 0x00000002 there... (This used to be commit 266344634944dff30f56453f9d86c490e7ac7a55)
2002-08-06Try to bind with LDAPv3 if possible.Andrew Bartlett1-7/+19
Andrew Bartlett (This used to be commit 0e420878f26bdd19b5defb78a5fe4c31662ec941)
2002-08-06Back out idra's change (at his request) - the values in the tdb *should* beAndrew Bartlett1-1/+1
upper cased already. However, if you created your registry tdb in the very early versions of jerry's patch, you could find that usrmgr doesn't function. Simply delete the registry.tdb, it will be recreated on startup. Andrew Bartlett (This used to be commit 17136a88c326bf338f948a67c92bb048c5a148af)
2002-08-06fixed 'net ads chostpass' for new ads structuresAndrew Tridgell1-1/+11
(This used to be commit 3b0e60e522b669bad77e70d9c6f484a08ff84612)
2002-08-06when using netbios lookup methods make sure we try any BDCs even ifAndrew Tridgell1-9/+21
we get a response from WINS for a PDC, if the PDC isn't responding. (This used to be commit 57916316ffc70b0b6659f3ad9d14aad41fad4c71)
2002-08-06fixed a memory corruption bug in ads_try_dns()Andrew Tridgell1-3/+3
(This used to be commit 2ee0abb50f25e5a4529d8c9409c979a7a00e5984)
2002-08-06Compile fix for new cli_lsa_enum_trust_dom() argument list.Tim Potter1-2/+2
(This used to be commit 2f46bdeb4fa1d32fe948af5d7fa80480ff2d2c86)
2002-08-06fixed a memory corruption bug in the wins codeAndrew Tridgell1-1/+1
(This used to be commit 3f6ca04003172c22d02111f2170ad60f0d7936d9)
2002-08-05added 'net rpc testjoin' and 'net ads testjoin' commandsAndrew Tridgell3-20/+125
unfortuately we don't seem to be able to auto-test the ADS join due to a rather nasty property of the GSSAPI library. (This used to be commit 87c34a974a91e940bd26078a68dd84f4341d6913)
2002-08-05Spelling fix.Tim Potter1-1/+1
(This used to be commit 28ba237a9e02e284fb541562270db758612e425a)
2002-08-05fixed wbinfo -t for netbiosless domainsAndrew Tridgell1-1/+7
(This used to be commit 68e70b000b273ba72206c87ad1efd6efc2c7c487)
2002-08-05I must have missed this when I was adding 'const' to these earlier...Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit ce6c8a647ca56dcbb60ff898d77c2df297c1fe79)
2002-08-05Try to make this easier to debug - display the username that failed.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 8405bccd4e7a5315e58890ffa5d481031636f88a)
2002-08-05This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell24-362/+629
setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
2002-08-04passwords where not checked (you cannot check if the same buffer differs ↵Simo Sorce1-6/+18
from itself). they where alo not clean after use! Simo. (This used to be commit 5a257096e9afdcd1dea863dff43952457a74a9f1)
2002-08-04commented out strupper before key check against internal db, it's no goodSimo Sorce1-1/+1
to check for uppercased strings when we store them not uppercased. jerry, this fix is needed to make usrmgr.exe work again. meanwhile we found out that NT_STATUS code may not be appropriate there. In particular it seem that an NT PDC will send back 02 as error (ERRbadfile) not 0xc000000f (NT_STATUS_NO_SUCH_FILE NT) I think further investigation is need to understand which are aprropriate return codes here. (This used to be commit 2ad0e81c8da62b7e15ab3e414b5e15a94fe5de87)
2002-08-04Now that I got the function arguments sane, remove the silly (void **) castsAndrew Bartlett1-9/+9
from some of the callers. Andrew Bartlett (This used to be commit eb3354aa6c7293df9a728565a6774049b2e6d57f)
2002-08-03fixed a bug where we were truncating the returned names in a netbiosAndrew Tridgell1-1/+1
name status query to 14 bytes, so we could not join a DC who had a netbios name of 15 bytes in length. (This used to be commit a7588f21c24dac833f098c48e2337c100cf75ba4)
2002-08-03updates the log level parameter man sectionSimo Sorce1-3/+6
can someone regenerate and commit the other formats? thanks (This used to be commit cfc03b9257feeec1ae4b4cbf19d5ddcdabade133)
2002-08-03fix log level, set a default, and also copy the value set in smb.conf into ↵Simo Sorce2-10/+13
parm_struct.ptr this one also fixes log level not shown in swat fix swat help system (This used to be commit 7532e828966f3baaa418b528a5b7fe450c488401)
2002-08-02Fix length on mailslots. Looks like it should have been 0x17, not decimal 17.Jim McDonough1-1/+1
(This used to be commit 8e906a948196be7d630a9b20f3c3d2cbafd545f1)
2002-08-02Escape ampersand(&) to better comply to SGML syntaxJelmer Vernooij1-1/+1
(This used to be commit d234f04a5f3ecd4debf66ce80e76f6b9aedaed6c)
2002-08-02Moved rpc client routines from libsmb back to rpc_client where they belong.Tim Potter16-7671/+3635
(This used to be commit cb946b5dadf3cfd21bf584437c6a8e9425f6d5a7)
2002-08-02Added connect, session_request, session_setup and tconx methods.Tim Potter1-21/+138
(This used to be commit 76eacaa28546d65b9ddb7ff356f0bd2aaf2f86d8)
2002-08-02Broke out unpacking of a username/password stored in a PythonTim Potter2-28/+74
dictionary into a separate function. (This used to be commit 10889241d5f5813f499501a45edccc4acd3e9f74)
2002-08-02Merge of print notify fixes from APPLIANCE_HEAD.Tim Potter3-6/+27
(This used to be commit 7bf9ca6ca36fa319a57eab05567d49a003237bb5)
2002-08-01Fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 81322f4d63095d828be7983eb4b47775abe8d33f)
2002-08-01make sure we null terminate plaintext passwordsAndrew Tridgell1-1/+1
(This used to be commit cf2abf677ed9942d841ef61ffb2565244c8979ac)
2002-07-31merge from SAMBA_2_2Gerald Carter1-0/+154
(This used to be commit 72d36c9b2596cda6c3c25c18ddb4c58d55519ff8)
2002-07-31forgot to change the makefile system, sorrySimo Sorce2-12/+10
(This used to be commit 3e6a11f56a3878e75c4354db214971208d911be3)
2002-07-31Add the current working document on the interface to the tree that we haveAndrew Bartlett1-0/+123
*somthing* in the directory. (Stops cvs update -P eating it). This is the combined effort of many from #samba-technical, kai, metze, ctrlsoft, idra and abartlet in particular. It will no doubt change :-) Andrew Bartlett (This used to be commit 40fc43296def1f5ac3c23aba8b283a91f1d10239)
2002-07-31Let everybody enjoy my new toy - make it the default!Andrew Bartlett1-2/+2
Authenticaions will now attempt to use winbind, and only fall back to 'ntdomain' (the old security=domain) code if that fails (for any reason, including wrong password). I'll fix up the authenticaion code to better handle the different types of failures in the near future. Andrew Bartlett (This used to be commit 78f0d4337bd263d26d7b349eaf8148e863c62f69)
2002-07-31Winbind updates!Andrew Bartlett9-51/+201
This updates the 'winbind' authentication module and winbind's 'PAM' (actually netlogon) code to allow smbd to cache connections to the DC. This is particulary relevent when we need mutex locks already - there is no parallelism to be gained anyway. The winbind code authenticates the user, and if successful, passes back the 'info3' struct describing the user. smbd then interprets that in exactly the same way as an 'ntdomain' logon. Also, add parinoia to winbind about null termination. Andrew Bartlett (This used to be commit 167f122b670d4ef67d78e6f79a2bae3f6e8d67df)
2002-07-31Rework parinioa to ensure we never get passwords longer than MAX_PASS_LEN, norAndrew Bartlett1-18/+11
longer than the buffer they claim to be in. Many thanks to tridge for explaining the macros. Andrew Bartlett (This used to be commit 3efd462bf2f1ed50c108c2b8ddecc461d002745d)
2002-07-31fixed the length checking for plaintext passwords (thanks to andrewbAndrew Tridgell1-2/+11
for spotting this) (This used to be commit d4c905e5a0a67c8e01a4fcf78aa992a3b7beff02)
2002-07-31Don't accidenity mess with the wrong domain's sids.Andrew Bartlett1-2/+2
(This used to be commit 0e2207c9c1ce573098f764e85a65c17cc1f1d284)
2002-07-31fix debug, at idra's suggestion.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit bc17b91c2f1a1df58614b67bff94f228be6b9bb2)
2002-07-31Only allow 'security=ads' when we HAVE_ADS.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit f77335b6f86c736e72b66eab6a2aee046ddbee41)
2002-07-31support netbiosless search for the DC using ADS in the winbindd AUTHAndrew Tridgell1-58/+110
code. (This used to be commit 3929532e3bfb98b925d73d331c8cbb319fdc8b9a)
2002-07-31fixed multi-line strings for portabilityAndrew Tridgell1-2/+2
(This used to be commit 9f9e0cbd2c9920b730286f8bf560dc3415c29aa6)
2002-07-31make sure we zero the unusued elements in a SID when parsingAndrew Tridgell1-0/+3
(This used to be commit aa5beb63f1b1133c4ad28118ddd33e21198d79bb)
2002-07-31added 'disable netbios = yes/no' option, default is noAndrew Tridgell2-2/+34
When this option is disabled we should not do *any* netbios operations. You should also not start nmbd at all. I have put initial checks in at the major points we do netbios operations in smbd but there are bound to be more needed. Right now I've disabled all netbios name queries, all WINS lookups and node status queries in smbd and winbindd. I've been testing this option and the most noticable thing is how much more responsive things are! wthout those damn netbios timeouts things certainly are much slicker. (This used to be commit 12e7953bf2497eeb7c0bc6585d9fe58b3aabc240)
2002-07-31fixed a net crash bug if we can't find a DC in a 'net rpc' commandAndrew Tridgell1-0/+4
(This used to be commit ced5dc4e05badfb07cbae7a2880825b9bad4e68d)
2002-07-31added support for smbd listening on port 445 and 139. It now listensAndrew Tridgell4-47/+88
on both by default, and you can specify a list of ports to listen on either with "smb ports = " in smb.conf or using the -p option to smbd. this is needed for proper netbiosless operation. (This used to be commit 5dee0a7b5e0fcb298a9d36661c80e60d8b9bcc3a)
2002-07-31the ads_connect() here doesn't need to actually succeed, as its onlyAndrew Tridgell1-3/+1
needed to find the DC IP. Just don't check its return value! (This used to be commit ab144cd8af1622894d446ce48dde99babeb30bd6)
2002-07-31make sure that 'net ads info' gives info on the server we specify, notAndrew Tridgell1-0/+4
our smb.conf setup. (This used to be commit cffa881092e48db10a712575a8671f695e8ef813)
2002-07-31Remove VFS module build so RPMs can build for now.John Terpstra1-13/+13
(This used to be commit 0c1e759cd3ee70f509fe7ccd30f986f24ad20464)
2002-07-30Fix the build for now..Jim McDonough1-1/+1
Tridge, please look at this. Did you mean to take out the last parm? (This used to be commit f70886df942e8b37fecb503b2d87f39f19c9bdab)