| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit 20e6d8c036a4c4ecfa2afb1dd29342c81ce00f8b)
|
|
as to what it now does in 3.0. Needs more work, but better than documenting
the old functionality :-).
As the security benifits of this are nullified by a setting of 'guest ok' on
any share, we might want to put some documentation there too.
Andrew Bartlett
(This used to be commit ab812ada56b740ac986de8e1f4ca36641ec61c01)
|
|
(This used to be commit 43cd6e5a702bb1004b36a5845e0765851395ebf2)
|
|
(This used to be commit b24e0e9e6d77604ca23fe55734457d8a3d74d585)
|
|
(This used to be commit 218395ac7e5963a773691fb5a0539cce9e3b92f2)
|
|
(This used to be commit 7f9b0dbf5bddf6b49fdb8788ab6745ed46cb9cca)
|
|
(This used to be commit 570c3b2fab6368726213bb786e33902f261eb606)
|
|
(This used to be commit 5c6041f713f1931072aa25f49e8210c4c7e36ba9)
|
|
attributes rather than calling getpwnam() on the user.
This should help fix some of metze's performance issues - particularly on
enumerations.
There is a consequential change to the operation of 'non unix account's in LDAP
- they are no longer restricted to being 'within' the NUA range, but will
always be added to that range.
Finally, there is the doco for this and the previous LDAP SSL changes.
(This used to be commit 18abaeffda300074a507561d8372d5bfddc8fe50)
|
|
(This used to be commit 257a1ff880d58a262169885336e5090d986e7d3c)
|
|
(This used to be commit 85eeb8870f5a1e04c607fbcc18f8da50eb7a694f)
|
|
characters used in the prefix for 8.3 names in the hash2
algorithm. The longer the prefix the more readable the 8.3 names will
be, but the weaker the hash.
this was added because of someone complaining that the new hashing
algorithm was unreadable but the old one was broken :)
(This used to be commit 3ca3cc838e5b957c7244b21947daddc4ee4c3099)
|
|
(This used to be commit 28fb5f00c0683ed7af6ea05ac5e005215ad7a7c7)
|
|
(This used to be commit 7fe52d378d7e4ce6381be3544d865088a7659009)
|
|
(This used to be commit 068d7ab14c0f6f83b61e6fe1724ef00ca2e0e590)
|
|
(This used to be commit 36a9fe66c50021443a9d4336f9413a2afd5d3af3)
|
|
domain admin group
domain guest group
use rhosts
status
(This used to be commit 475594a43938aaace7868b4fadc50d571ce18414)
|
|
English typo fixes and updates of documentation
(This used to be commit bba2ee620a286dcc7fcd509c8954227e203274a1)
|
|
(This used to be commit 685387b0109e880e30191fbea0aad1e5c677273a)
|
|
the new 'ldap passwd sync' option.
Andrew Bartlett
(This used to be commit 4d20cf56f2fbe60f2dfa2ae62de1f132f24348aa)
|
|
(This used to be commit 67543ea43d6c76f10f6757ae35a29044ce0020c5)
|
|
(This used to be commit 46c49248e3f2ab307218b476b9a659bf54c3031e)
|
|
(This used to be commit 4fc06a9e2274546807beb411e9bcf47931f8b4f6)
|
|
(This used to be commit debf77cd3a7a48ad833255c42917d7e7660d3d15)
|
|
add printer command -> addprinter command
delete printer command -> deleteprinter command
display charset
dos charset
hide unwriteable -> hide unwriteable files
hostname lookups
name cache timeout
ntlm auth
paranoid server security
realm
smb ports
unicode
unix charset
wtmp directory
wins partners
block size
vfspath
(This used to be commit 80a25fe365ac83b7331fa95b3287dd275a229fdc)
|
|
add user to group script
delete group script
ads server
delete user from group script
disable netbios
block size
hide unwriteable
mangling method
(This used to be commit 6cb00e444f3acd7b3339c46813830fbdc3d7d027)
|
|
(This used to be commit 0db310d82c9d8f403c41e158662be1260c609542)
|
|
This moves it right into the passdb subsystem, where we can do this in
just one (or 2) places. Due to the fact that this code can be in a tight loop,
I've had to make 'guest account' a 'const' paramater, where % macros cannot be
used. In any case, if the 'guest account' varies, we are in for some nasty
cases in the other code, so it's useful anyway.
Andrew Bartlett
(This used to be commit 8718e5e7b2651edad15f52a4262dc745df7ad70f)
|
|
I think these were originally from Jelmer, but I've lost
the original message.
Also had some syntax errors in the manpages (does no one regenerate
after making changes to the SGML source?)
Still have some developer specific docs to add from Jelmer in the next
go around....
(This used to be commit 5f673b788314325699a64377d514dda435e6c478)
|
|
can someone regenerate and commit the other formats?
thanks
(This used to be commit cfc03b9257feeec1ae4b4cbf19d5ddcdabade133)
|
|
Andrew Bartlett
(This used to be commit 70929a970e7ca0488a6c9ed8664a6857d86349eb)
|
|
(This used to be commit 0e10ba465daada29cf57337fbb929c480bbce488)
|
|
Importantly:
The removal of the silly 'delete user script' behaviour when secuity=domain.
I have left the name the same - as it still does the (previously documented,
but not in smb.conf(5)) sane behaviour of deleting users on request.
When we decide what to do with the 'add user' functionality, we might
rename it.
Andrew Bartlett
(This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
|
|
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
|
|
and there is no real reason for it to depend on more than the abilty
to compile the code.
(This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
|
|
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
|
|
a little while back. We might have to look at the migration path for these
options. (or as --with-ldap has always been 'experimental' we could ignore
it...)
Andrew Bartlett
(This used to be commit 35e909b33870f6c5d8af9398d6f9f816e83e2ca4)
|
|
(This used to be commit e8ede079b5af4187573f1b8ed0d94b6f03cbbd22)
|
|
* fix typos
* regenerate pages
(This used to be commit edfafa1d40649101d599859951f7289c1d057cfa)
|
|
Volker
(This used to be commit 8973a01f5efa547ed356e27fe1660da732b24cdd)
|
|
(This used to be commit 206f1158bd059de9bf4290935d131f42e4639f99)
|
|
(This used to be commit 1650bc969fbd36a02758fafd9addc66ea715e835)
|
|
Andrew Bartlett
(This used to be commit 012b3326c40ca0f8f4c7673310d73f695cc4f79b)
|
|
All uids and gids must create valid RIDs, becouse other code expects this, and
can't handle the failure case. (ACL code in particular)
Allow admins to adjust the base of the RID algorithm, so avoid clashes with
users brought in from NT (for example).
Put all the algorithm code back in one place, so that this change is global.
Better coping with NULL sid pointers - but it still breaks a lot of stuff.
BONUS: manpage entry for new paramater :-)
counter based rids for normal users in tdbsam is disabled for the timebeing,
idra and I will work out some things here soon I hope.
Andrew Bartlett
(This used to be commit 5275c94cdf0c64f347d4282f47088d084b1a7ea5)
|
|
* addedd "private dir" to smb.conf.5.sgml
* regenerated man pages, HOWTOs, etc...
(This used to be commit 3b29006e35a991d20cda1c92d535ef016099d0d4)
|
|
(This used to be commit 9a9e4e92ae079eb906dcc7123df092f4917b5dad)
|
|
(This used to be commit 8b357e6551c3a91aa7017ae8dcf38558f15f1c0b)
|
|
"code page directory", "character set", et. al.)
(This used to be commit 6ff236249559f8a11381cab9cc1757b26764a39d)
|
|
(This used to be commit 55c53ef08974947cf10a79882b63d6d8e8baad4c)
|
|
(This used to be commit 2137c7163475691056fe1701b75128e238520b05)
|
