Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 2137c7163475691056fe1701b75128e238520b05)
|
|
Thanks!
Andrew Bartlett
(This used to be commit 7f7a53e8489f97ced28936252eca322c09b01d61)
|
|
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
|
|
<a.bokovoy@sam-solutions.net>.
The idea is the domain\username is rather harsh for unix systems - people don't
expect to have to FTP, SSH and (in particular) e-mail with a username like
that.
This 'corrects' that - but is not without its own problems.
As you can see from the changes to files like username.c and wb_client.c (smbd's
winbind client code) a lot of assumptions are made in a lot of places about
lp_winbind_seperator determining a users's status as a domain or local user.
The main change I will shortly be making is to investigate and kill off
winbind_initgroups() - as far as I know it was a workaround for an old bug in
winbind itself (and a bug in RH 5.2) and should no longer be relevent.
I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters
to determine a user/groups's 'local' status, rather than the presence of the
seperator.
As such, this functionality is recommended for servers providing unix services,
but is currently less than optimal for windows clients.
(TODO: remove all references to lp_winbind_seperator() and
lp_winbind_use_default_domain() from smbd)
Andrew Bartlett
(This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4)
|
|
manpage.
(This used to be commit a10cdbfbed4e04609f511cbbf976df4b4d391729)
|
|
(This used to be commit 88b0e670426c216d754716dc6095b673b9645f1a)
|
|
All should be curent now.
(This used to be commit 91662683e3e690fb69f333fadf0f317c53995ba7)
|
|
my files were not being checked in sometimes.....
cvs update -A
cleared all the sticky tages and now I have to recheck some things in.
j-
(This used to be commit 241f4a548d57083b153afafafdd18ed5de5412b7)
|
|
(This used to be commit f7d900873c3553dde88d42d903b74dc49c9a6c71)
|
|
(This used to be commit 4aecb650e1ece234fb7359270deb74fe1c1a4a16)
|
|
Jeremy.
(This used to be commit a076e2e4c512cd2ef2f9c38447c44d93e4b6ac57)
|
|
(This used to be commit fe7ad3761233f7adb13756d611a11dbf0594b77f)
|
|
(This used to be commit c5ee06b7c8fc9f1fec679acc7d7f47f333707456)
|
|
Jeremy.
(This used to be commit 6a10accbcaa130b51381d43cb10c55e86ba2a320)
|
|
(This used to be commit c6a01f0a67148a234175439bdfe439ae011d397d)
|
|
(This used to be commit c76bf8ed3275e217d1b691879153fe9137bcbe38)
|
|
(This used to be commit 865167203ceff157a7204418cda8905833314575)
|
|
(This used to be commit 68dc525e8e7906a8618b6d28c5543ce89768563d)
|
|
(This used to be commit f66899965ea3d9677ba75dff56df2319b3e4b7c0)
|
|
than 'var=value'.
Fixed up some dodgy quoting on the way.
(This used to be commit 0606c194d6e3aba0c1aac883fe04e0c6e9e9a578)
|
|
(This used to be commit 51795ca3509d9f1a076fae902211ebad02897c72)
|
|
Volker
(This used to be commit 5fc8c51983f36b0b2bbb2704a522026dc64d0b65)
|
|
Volker
(This used to be commit ef5c09eebe29161920536cbe708b10659a77386e)
|
|
Volker
(This used to be commit 880c1cc751d017886bcd175eefa3d547a0f99c43)
|
|
Volker
(This used to be commit a1e97aafe54a2960409637d67af847420b003ec8)
|
|
Fix typo in lmhosts manpage
(This used to be commit 9fff946cf113b4858b730f5ba644d5648ba95027)
|
|
without first having to create an account using the server manager.
(This used to be commit 5edfb53d7c3fe809256f080d5cd46ebc62c194fb)
|
|
(This used to be commit d8598efb5712c35cc0b59b4e232e3869077d11eb)
|
|
(This used to be commit d11c871fc5480e8ba3846e1de9a2f1834d535325)
|
|
(This used to be commit 1e1a8ad528256f7e977534f25af6c250ab6a2a83)
|
|
manual/html pages???
(This used to be commit 73055f3f7d211ff6e45e46a56b0ea0614e78966d)
|
|
(This used to be commit 1bc58c21b15fcdb0a504d051f60e20c4e24441e6)
|
|
(This used to be commit ab05c8cf1b4b8f56974f358781011c922380fe45)
|
|
(This used to be commit 40e7834bb9c7440feba250832c3b85757ae4c9f9)
|
|
(This used to be commit 6270765ed5d4e94d34af6d512f17f403b9624699)
|
|
(This used to be commit fb512aee768787f06d4787cc7c284f2f9aa82aa5)
|
|
man pages
(This used to be commit caea759c9b4aa9920d3f4034c092e2bade8dde49)
|
|
(This used to be commit 435dbd0535dda564523521db1a820a84ad6d96e3)
|
|
(then all the ASCII stuff)
(This used to be commit 7247027e833616bfe9350253cc1e6cdb236b2cdf)
|
|
(This used to be commit 03f85cf3c80e8bb93d698da0a17ac61d0da91950)
|
|
(This used to be commit 5ffb96527ef3bf9f271633a219dcaa02471e4e80)
|
|
(This used to be commit 33310282d1c85613f7266c253598297e01ab8443)
|
|
(This used to be commit 583a7b3a8ca9934a72d2b67891ca36ad48c32168)
|
|
(This used to be commit 3d8f4113ebb178e2f8281edfce968d7035f443af)
|
|
(This used to be commit ec1dfb80b39f816faed702ace20a385aba9caf6b)
|
|
(This used to be commit 723bcb57e8bd54a36f2c217246f78a4301b6b25b)
|
|
(This used to be commit e5996f4948a4220c71070769dce2c5baf1a65ac8)
|
|
....
(This used to be commit 5aed6bf227e9a83eab810560a21dca0c96d14dcf)
|
|
(This used to be commit 773ccb36ad3186ad11d92185b66678d49d9ec4fd)
|
|
(This used to be commit 59323f7aa2fe2fe63c284a64a76406cc18d0023c)
|