Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 2137c7163475691056fe1701b75128e238520b05)
|
|
Thanks!
Andrew Bartlett
(This used to be commit 7f7a53e8489f97ced28936252eca322c09b01d61)
|
|
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
|
|
<a.bokovoy@sam-solutions.net>.
The idea is the domain\username is rather harsh for unix systems - people don't
expect to have to FTP, SSH and (in particular) e-mail with a username like
that.
This 'corrects' that - but is not without its own problems.
As you can see from the changes to files like username.c and wb_client.c (smbd's
winbind client code) a lot of assumptions are made in a lot of places about
lp_winbind_seperator determining a users's status as a domain or local user.
The main change I will shortly be making is to investigate and kill off
winbind_initgroups() - as far as I know it was a workaround for an old bug in
winbind itself (and a bug in RH 5.2) and should no longer be relevent.
I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters
to determine a user/groups's 'local' status, rather than the presence of the
seperator.
As such, this functionality is recommended for servers providing unix services,
but is currently less than optimal for windows clients.
(TODO: remove all references to lp_winbind_seperator() and
lp_winbind_use_default_domain() from smbd)
Andrew Bartlett
(This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4)
|
|
manpage.
(This used to be commit a10cdbfbed4e04609f511cbbf976df4b4d391729)
|
|
(This used to be commit 88b0e670426c216d754716dc6095b673b9645f1a)
|
|
All should be curent now.
(This used to be commit 91662683e3e690fb69f333fadf0f317c53995ba7)
|
|
my files were not being checked in sometimes.....
cvs update -A
cleared all the sticky tages and now I have to recheck some things in.
j-
(This used to be commit 241f4a548d57083b153afafafdd18ed5de5412b7)
|
|
(This used to be commit 789c1defa47a1efd25efafab2d8a5a51c03b85b4)
|
|
(This used to be commit 67c6a24344e31c417c8c6f5db27697e268524401)
|
|
(This used to be commit 9713bce0354009fb4d9c06989ff86900101eae0c)
|
|
(This used to be commit 9844ec33995316843567fc32d2ea276c565cf56c)
|
|
(This used to be commit f7d900873c3553dde88d42d903b74dc49c9a6c71)
|
|
(This used to be commit 4aecb650e1ece234fb7359270deb74fe1c1a4a16)
|
|
Jeremy.
(This used to be commit a076e2e4c512cd2ef2f9c38447c44d93e4b6ac57)
|
|
(This used to be commit d57c43fd05d8759f09c8c460baeb513a8ed41479)
|
|
Volker
(This used to be commit 768f90a6ca8538ffda5b46491281eea7673ae730)
|
|
(This used to be commit fe7ad3761233f7adb13756d611a11dbf0594b77f)
|
|
(This used to be commit 95308453b256fc51cbf1a2b2726ba8db7da1e80b)
|
|
(This used to be commit 188e59ae965e959e286eb650a90e62204a978fc2)
|
|
Volker
(This used to be commit 5b7a2a2441a238896cc3da0459e37536ac1906bf)
|
|
(This used to be commit b48d58c768999abf4f044e474880e47c5a7bb144)
|
|
(This used to be commit f1ead192c668abf20f328a691caafd76874c6e47)
|
|
(This used to be commit c5ee06b7c8fc9f1fec679acc7d7f47f333707456)
|
|
(This used to be commit 54a453478a087073a51822086bd9f985a5d8cf6a)
|
|
(This used to be commit 630e01cafde863beaa367be3c4e01c9c5232b682)
|
|
(This used to be commit e89543c7e90c5303e61674bb4a258176918e0111)
|
|
Jeremy.
(This used to be commit 6a10accbcaa130b51381d43cb10c55e86ba2a320)
|
|
(This used to be commit aaf111c9ff6247ea4071d6f69bdb01afaded5476)
|
|
(This used to be commit c39bf5ba05d04cbc6dd0a328ee43193588ea5134)
|
|
(This used to be commit 9ee13fecb1b623e760789d1df7178b085f820700)
|
|
(This used to be commit c6a01f0a67148a234175439bdfe439ae011d397d)
|
|
(This used to be commit c76bf8ed3275e217d1b691879153fe9137bcbe38)
|
|
(This used to be commit 9d8cbf3d5db35df6aa50636a48444caf10441c8c)
|
|
(This used to be commit efc6df5a3914da9e7b792ccaccd1403c72c09f78)
|
|
(This used to be commit 865167203ceff157a7204418cda8905833314575)
|
|
(This used to be commit 68dc525e8e7906a8618b6d28c5543ce89768563d)
|
|
(This used to be commit e101e945b78fbe53b6bdcf6ddaa9355547af09fd)
|
|
(This used to be commit f66899965ea3d9677ba75dff56df2319b3e4b7c0)
|
|
than 'var=value'.
Fixed up some dodgy quoting on the way.
(This used to be commit 0606c194d6e3aba0c1aac883fe04e0c6e9e9a578)
|
|
(This used to be commit 51795ca3509d9f1a076fae902211ebad02897c72)
|
|
Thanks,
Volker
(This used to be commit 3811b6a9eba8c5567b4df01c86cc4fe33b0a8079)
|
|
Volker
(This used to be commit 5fc8c51983f36b0b2bbb2704a522026dc64d0b65)
|
|
Volker
(This used to be commit ef5c09eebe29161920536cbe708b10659a77386e)
|
|
Volker
(This used to be commit 880c1cc751d017886bcd175eefa3d547a0f99c43)
|
|
Volker
(This used to be commit a1e97aafe54a2960409637d67af847420b003ec8)
|
|
Fix typo in lmhosts manpage
(This used to be commit 9fff946cf113b4858b730f5ba644d5648ba95027)
|
|
(This used to be commit 51b0ed2c2184b22f4e0435fe09c7cb73bf7afc6d)
|
|
without first having to create an account using the server manager.
(This used to be commit 5edfb53d7c3fe809256f080d5cd46ebc62c194fb)
|
|
(This used to be commit d8598efb5712c35cc0b59b4e232e3869077d11eb)
|