Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 2137c7163475691056fe1701b75128e238520b05)
|
|
Thanks!
Andrew Bartlett
(This used to be commit 7f7a53e8489f97ced28936252eca322c09b01d61)
|
|
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
|
|
<a.bokovoy@sam-solutions.net>.
The idea is the domain\username is rather harsh for unix systems - people don't
expect to have to FTP, SSH and (in particular) e-mail with a username like
that.
This 'corrects' that - but is not without its own problems.
As you can see from the changes to files like username.c and wb_client.c (smbd's
winbind client code) a lot of assumptions are made in a lot of places about
lp_winbind_seperator determining a users's status as a domain or local user.
The main change I will shortly be making is to investigate and kill off
winbind_initgroups() - as far as I know it was a workaround for an old bug in
winbind itself (and a bug in RH 5.2) and should no longer be relevent.
I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters
to determine a user/groups's 'local' status, rather than the presence of the
seperator.
As such, this functionality is recommended for servers providing unix services,
but is currently less than optimal for windows clients.
(TODO: remove all references to lp_winbind_seperator() and
lp_winbind_use_default_domain() from smbd)
Andrew Bartlett
(This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4)
|
|
manpage.
(This used to be commit a10cdbfbed4e04609f511cbbf976df4b4d391729)
|
|
(This used to be commit 88b0e670426c216d754716dc6095b673b9645f1a)
|
|
All should be curent now.
(This used to be commit 91662683e3e690fb69f333fadf0f317c53995ba7)
|
|
my files were not being checked in sometimes.....
cvs update -A
cleared all the sticky tages and now I have to recheck some things in.
j-
(This used to be commit 241f4a548d57083b153afafafdd18ed5de5412b7)
|
|
(This used to be commit 789c1defa47a1efd25efafab2d8a5a51c03b85b4)
|
|
(This used to be commit 67c6a24344e31c417c8c6f5db27697e268524401)
|
|
(This used to be commit 9713bce0354009fb4d9c06989ff86900101eae0c)
|
|
(This used to be commit f7d900873c3553dde88d42d903b74dc49c9a6c71)
|
|
(This used to be commit 4aecb650e1ece234fb7359270deb74fe1c1a4a16)
|
|
Jeremy.
(This used to be commit a076e2e4c512cd2ef2f9c38447c44d93e4b6ac57)
|
|
(This used to be commit d57c43fd05d8759f09c8c460baeb513a8ed41479)
|
|
(This used to be commit fe7ad3761233f7adb13756d611a11dbf0594b77f)
|
|
(This used to be commit c5ee06b7c8fc9f1fec679acc7d7f47f333707456)
|
|
Jeremy.
(This used to be commit 6a10accbcaa130b51381d43cb10c55e86ba2a320)
|
|
(This used to be commit c6a01f0a67148a234175439bdfe439ae011d397d)
|
|
(This used to be commit c76bf8ed3275e217d1b691879153fe9137bcbe38)
|
|
(This used to be commit 865167203ceff157a7204418cda8905833314575)
|
|
(This used to be commit 68dc525e8e7906a8618b6d28c5543ce89768563d)
|
|
(This used to be commit f66899965ea3d9677ba75dff56df2319b3e4b7c0)
|
|
than 'var=value'.
Fixed up some dodgy quoting on the way.
(This used to be commit 0606c194d6e3aba0c1aac883fe04e0c6e9e9a578)
|
|
(This used to be commit 51795ca3509d9f1a076fae902211ebad02897c72)
|
|
Thanks,
Volker
(This used to be commit 3811b6a9eba8c5567b4df01c86cc4fe33b0a8079)
|
|
Volker
(This used to be commit 5fc8c51983f36b0b2bbb2704a522026dc64d0b65)
|
|
Volker
(This used to be commit ef5c09eebe29161920536cbe708b10659a77386e)
|
|
Volker
(This used to be commit 880c1cc751d017886bcd175eefa3d547a0f99c43)
|
|
Volker
(This used to be commit a1e97aafe54a2960409637d67af847420b003ec8)
|
|
Fix typo in lmhosts manpage
(This used to be commit 9fff946cf113b4858b730f5ba644d5648ba95027)
|
|
(This used to be commit 51b0ed2c2184b22f4e0435fe09c7cb73bf7afc6d)
|
|
without first having to create an account using the server manager.
(This used to be commit 5edfb53d7c3fe809256f080d5cd46ebc62c194fb)
|
|
(This used to be commit d8598efb5712c35cc0b59b4e232e3869077d11eb)
|
|
(This used to be commit 5932471a03e74ef7fcc71e22dbb52c530332a713)
|
|
(This used to be commit fdfd690538b02781e237831474d679307953ac8f)
|
|
(This used to be commit d11c871fc5480e8ba3846e1de9a2f1834d535325)
|
|
(This used to be commit 41fe64e70fdc99201ebbc76285897ab51af8c57d)
|
|
(This used to be commit 1e1a8ad528256f7e977534f25af6c250ab6a2a83)
|
|
manual/html pages???
(This used to be commit 73055f3f7d211ff6e45e46a56b0ea0614e78966d)
|
|
(This used to be commit 1bc58c21b15fcdb0a504d051f60e20c4e24441e6)
|
|
(This used to be commit ab05c8cf1b4b8f56974f358781011c922380fe45)
|
|
(This used to be commit 40e7834bb9c7440feba250832c3b85757ae4c9f9)
|
|
(This used to be commit ff4cdb5a346bd864d169f18a10f318f13f1afcd8)
|
|
(This used to be commit ffbbe67dbfde7f7ce4bb70becfc696c395dbf6b2)
|
|
(This used to be commit 19dba7fa1133120d54dbd3750b6dc82d067c50ba)
|
|
(This used to be commit 6322dd0c9e54ef69924686fee7d6b9a8ff7c64a5)
|
|
(This used to be commit 6b38c1cb253c2918f2d57b8540c32d9e5bf9bb02)
|
|
(This used to be commit 6270765ed5d4e94d34af6d512f17f403b9624699)
|
|
(This used to be commit f8e4876a04add168a17652431e85a9c2b5b6c619)
|