Age | Commit message (Collapse) | Author | Files | Lines |
|
this more but it gets around the primary group issue.
* don't map a SID to a name from the group mapping code if
the map doesn't have a valid gid. This is only an issue
in a tdb setup
* Always allow S-1-$DOMAIN-513 to resolve (just like Windows)
* if we cannot resolve a users primary GID to a SID, then set
it to S-1-$DOMAIN-513
* Ignore the primary group SID inside pdb_enum_group_memberships().
Only look at the Unix group membersip.
Jeremy, this fixes a fresh install startup for smbd as far as my tests
are concerned.
(This used to be commit f79f4dc4c58a6172bf69d37469fdd8de05a812df)
|
|
(This used to be commit a95d7d722273863efa820674672393fe6e5a33b7)
|
|
Jeremy.
(This used to be commit e755155b0e665cb6d10c28fe7fc6c1f6699d18e6)
|
|
blocks. This fixes the problem I had with missing groups in the
net_samlogon() reply from a Samba PDC.
(This used to be commit 06b83fe35048c84dfd68be2ee656317c51e89bce)
|
|
Bartlett's
Samba4 code.
Jeremy.
(This used to be commit a2fb436fc5dd536cfe860be93f55f9cb58139a0e)
|
|
key and delete records that are old. We will need this
for the full 16 byte session key support.
Jeremy.
(This used to be commit cef240d571f9ba1cdf596cd4cab4ec0790f943a0)
|
|
Jeremy.
(This used to be commit fe63a6ee06149195032320dd0fb9b6c7dfb460d3)
|
|
revision 13383.
(This used to be commit 6e212e2a5d63422130bb5e745603f5e11998520d)
|
|
a node status on all IP's when requested.
Jeremy.
(This used to be commit 1fcac478cb5ba432282612fbb785caaed4d2f9b8)
|
|
width again.
(This used to be commit 7716c697291246f427c60a0aa20d861929feb87c)
|
|
(This used to be commit 5db7e9a42ab27871891be8a1314c32e13620da36)
|
|
(This used to be commit e00505cc942dd5cf755aa6b5d2f565eeff95629e)
|
|
(This used to be commit 66990adface697a75f7e25f8df83375e8dd8b72b)
|
|
time in the code.
Even if we now have an additional if statement after the free I prefer
this solution in opposite to the duplicated code we had before.
(This used to be commit 4272419b1146b1c03e070655f3a31d027c00ad20)
|
|
This fixes bug #1386.
The initial changes had been made by Carsten Höger <choeger at
open-xhange dot com> for Samba 2.2 while being at SuSE. *sigh*
To not duplicate code from smbpasswd in pdbedit stdin_new_passwd() and
get_pass() are moved from smbpasswd to utils/passwd_util.c.
(This used to be commit dbdc5ba497c6010dbad47c9d77fc8bec5557a328)
|
|
Guenther
(This used to be commit 85435bf96114679253551a3e6c5db046b8320611)
|
|
Guenther
(This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
|
|
Jeremy.
(This used to be commit 6ec0e9124a1a7b19c9853b8e26075cbbb8751f10)
|
|
I mean it this time :-).
Jeremy.
(This used to be commit 80f4868944d349015d2b64c2414b06466a8194aa)
|
|
(This used to be commit d0efb435e51ee4d5454b55aee1596355ecc4a2c6)
|
|
(This used to be commit a918e4ac2426d4cb3cd526c4fad7480b832e6a12)
|
|
(This used to be commit 3857d3693a2c14917df88f4338ac9b78abba9ca1)
|
|
* enable privileges = yes
* enable asu support = no
Remove unused function after the tdbsam rewrite.
(This used to be commit 5385a01ee19d9c7e00b4dd7a6ab3ec1d4b03b558)
|
|
on the tdb file. This allow recusive calls to succeed
without complaining about failed opens since a tdb can
only be opened once per process. We probably still need to backport
the transaction support from Samba 4 here though.
(This used to be commit 94c37e06522bfc1753cc8f3c6c7bd4329587007e)
|
|
Make sure to associate the DOMAIN dispinfo cache
with a User/Group SAMR handle (not the SID of the user or group).
Ensure that enumeration after deleting a user works.
(This used to be commit 7967f89caa17ea93cb7e9d8695f1904ccb9a2864)
|
|
(This used to be commit 381c327a65489bf8b0fd4935662ca1df6f9e1183)
|
|
(This used to be commit c3702e804a74276ee53eb73f2d9b1fa9d3874b48)
|
|
running. More generic error return cleanup in libsmb/
needs doing (everything returning NTSTATUS not BOOL).
Jeremy
(This used to be commit 654bb9853b450c5d509d182f67ec26ac320fd590)
|
|
(This used to be commit ed619421de024c44f5f05b3c03bb5311ce73830f)
|
|
Jeremy.
(This used to be commit 006cf9c3654e7f18e01b75a5fe87798df862d26a)
|
|
Jeremy.
(This used to be commit a28bc614a0eb8409a98b254b32ad17c50c2eec0e)
|
|
Guenther
(This used to be commit c0d91f9d19b33995237847389e4c37e086938b9e)
|
|
Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
|
|
error.
Volker
(This used to be commit 5a92df31d69ff7b0f2de6564d644949c2906c8f1)
|
|
Fix parse_domain_user to fail when splitting a full name like "DOM\user"
when "winbind use default domain" and "winbind trusted domains only" are
not enabled.
This allows pam_winbind to behave correctly when more modules are
stacked in the "account" or "password" PAM facility. pam_winbindd calls
WINBINDD_GETPWNAM which can decide whether or not a user is a winbind
user and return correct PAM error codes.
Guenther
(This used to be commit e6d52c1e9d8cec7be6d552c2a67a392df21c3ec9)
|
|
with < 0.
Jeremy.
(This used to be commit 9a083837070c6540a9b92f6a055f8ecc23a32a49)
|
|
Jeremy.
(This used to be commit 4204794cc7c5e2671259652879c33f539d26958c)
|
|
(This used to be commit 62b02a68438e0ff1119e68347b1ac3495572fa8a)
|
|
(This used to be commit a78d94f539e41ac384e09cd6e44cb611dd8e1570)
|
|
set to avoid unnecessary polling.
(This used to be commit 1dce945ccbba25092cf54890301c8f78f8aede33)
|
|
(This used to be commit c15f1d553f03ad1ed4e1d52b8e46c52202bc3a83)
|
|
Jeremy.
(This used to be commit e8e2fc79b4afd6625e1d50e23b31eb49f67526d9)
|
|
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
(This used to be commit b9b8cd1752aeab049983c1a6038edf2231ec10a4)
|
|
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
previous 2 changes
(This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
|
|
Jeremy.
(This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
|
|
Jeremy.
(This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
|
|
Jeremy.
(This used to be commit 2274709587bd1f27bea2eacf633182f20cd07b1e)
|
|
Guenther
(This used to be commit d27771ca1d046aa7fc0c15d410d9fe83da85428f)
|
|
Jeremy.
(This used to be commit a9e1d0f3b4fd7a0732a5023d0b4dcc2c4b1b03f8)
|
|
Guenther
(This used to be commit 7eacb47660fdb4b0100a778062623ad74b755f34)
|