Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 6ce7932520c0e5417e3b8a214a97244d10bdf4ad)
|
|
Thanks to Ralf Spenneberg for the fix.
Volker
(This used to be commit bc383582b248518e39225405d0def411d552aa7d)
|
|
(This used to be commit 9a7774306dfa29f0b343343844a2c08650d5ba1a)
|
|
* updating version in Makefile
(This used to be commit 3249e69274c00922c6d8710019c19d8c8add8255)
|
|
directory and fix display bug.
(This used to be commit f43546d0af7c7ad74b3bf0bae1652822184a04da)
|
|
(This used to be commit b798f30f0a83ba00ebbe1b82983ca6690642ad02)
|
|
(This used to be commit d463abb035a19dce84902039623275cd72e16edc)
|
|
(This used to be commit 1c3c16abc94d197e69e3350de1e5cc1e99be4322)
|
|
functionality directly from an application.
This is under a liberal license as we want application vendors to be
able to use the example code
(This used to be commit 8d848de45d75bf6ac69cb921e04abf36a66117c4)
|
|
(This used to be commit af42af75a45d6e6538009694704e11eb83c88457)
|
|
(This used to be commit 58c21bc0d1e9a39e64ce7b9efd637dc776c06029)
|
|
(This used to be commit 3f67b2bbfdbedc76d7265fc5333d5f71577d9c7b)
|
|
FreeBSD 4.3. They might on Linux.
(This used to be commit 1f115c95d635377a36c0a3a1f56b4b8def04fd7e)
|
|
(This used to be commit c1546a5311a4e9ad2d6566e71e11c6d5f8f120a9)
|
|
(This used to be commit 5c45b799d1b87fed8afa4665e075f2c8ccb6da84)
|
|
(This used to be commit bd9b90a391e3346ff22888bbc589e65ccdddd482)
|
|
(This used to be commit 64fa24dbabd8d211d276e19745561a11b7465158)
|
|
remove it. Closes bug #473.
(This used to be commit a9f22ed9d715e4acf529ff873b0d99d4b29c5f1b)
|
|
Keeps with IBM convention of separate attributetype and objectclass definitions.
(This used to be commit 5dcf974c22b4bd54193dff876020bacd5b1691b2)
|
|
(This used to be commit 88725350d248fe017b77c7609544888ba40b7995)
|
|
(This used to be commit 3f97a5ce47bbdd3010dd8e234a7aa5838b524b46)
|
|
(This used to be commit c9c7150a627abe93a5d3c866605f2300a3cc5ec9)
|
|
(This used to be commit 90133558073deb96a0e5baf26e44cf1af1acd538)
|
|
(This used to be commit 7105f4bcabb29126999b5494f6d60d6f766ab5cc)
|
|
(This used to be commit 29885eae591bdbb899d18ac2e7ae355751cd4be6)
|
|
(This used to be commit 5b20494aff3da9414ac0100220de96750c3f06a3)
|
|
sambaSamAccount schema
(This used to be commit 5f41cd76b793305e1e9e4da76d58daa2d8438c63)
|
|
addition to add
(This used to be commit 49457669f32ed1d8122633e2d0abdebaf05790da)
|
|
(This used to be commit 25753e2a336a72dc2275a0046003c3a659a0f880)
|
|
(This used to be commit 766a5070d58ada7a871a7fab45b5f7e203264952)
|
|
(This used to be commit f72f51d39ff3e6d22dbda8b9c115ca10e93e7022)
|
|
(This used to be commit a1e1421d1ef70088e1cf2308e8cfbf139e25ddaa)
|
|
(This used to be commit f27e696cd38501754fb996ca3ffbe48b28e861ae)
|
|
Jeremy.
(This used to be commit 80e14b176526a3038ea03214fc3dd0fd00fef922)
|
|
Jeremy.
(This used to be commit 3f8c77b116b96b01fd333c4b45d84666ef108fe9)
|
|
(This used to be commit c9b209be2b17c2e4677cc30b46b1074f48878f43)
|
|
We now always read the Domain SID out of LDAP. If the local secrets.tdb
is ever different to LDAP, it is overwritten out of LDAP. We also
store the 'algorithmic rid base' into LDAP, and assert if it changes.
(This ensures cross-host synchronisation, and allows for possible
integration with idmap). If we fail to read/add the domain entry, we just
fallback to the old behaviour.
We always use an existing DN when adding IDMAP entries to LDAP, unless
no suitable entry is available. This means that a user's posixAccount
will have a SID added to it, or a user's sambaSamAccount will have a UID
added. Where we cannot us an existing DN, we use
'sambaSid=S-x-y-z,....' as the DN.
The code now allows modifications to the ID mapping in many cases.
Likewise, we now check more carefully when adding new user entires to LDAP,
to not duplicate SIDs (for users, at this stage), and to add the sambaSamAccount
onto the idmap entry for that user, if it is already established (ensuring
we do not duplicate sambaSid entries in the directory).
The allocated UID code has been expanded to take into account the space
between '1000 - algorithmic rid base'. This much better fits into what
an NT4 does - allocating in the bottom part of the RID range.
On the code cleanup side of things, we now share as much code as
possible between idmap_ldap and pdb_ldap.
We also no longer use the race-prone 'enumerate all users' method for
finding the next RID to allocate. Instead, we just start at the bottom
of the range, and increment again if the user already exists. The first
time this is run, it may well take a long time, but next time will just
be able to use the next Rid.
Thanks to metze and AB for double-checking parts of this.
Andrew Bartlett
(This used to be commit 9c595c8c2327b92a86901d84c3f2c284dabd597e)
|
|
(This used to be commit 6237fae9b8407ee04226b984a932150799191d29)
|
|
(This used to be commit f3fd321b61dbf53b1dc33a42afe8a943c94c1135)
|
|
(This used to be commit 56d2049561e5d5c22ac9d76cb013643083d9644e)
|
|
(This used to be commit be82b3d9dfef938030731e1021076df4dcfdb443)
|
|
(This used to be commit 8c18174a899e9578e0e82d17c7602e84b342644c)
|
|
Jeremy
(This used to be commit 7c4cc2086d59e163ab89366c24ba399994a49462)
|
|
Includes sambaUnixIdPool objectclass
Still needs cleaning up wrt to name space.
More changes to come, but at least we now have a
a working distributed winbindd solution.
(This used to be commit 824175854421f7c27d31ad673a8790dd018ae350)
|
|
and one for transparent. Also add configure support for compiling third-party modules. Patch from Stefan Metzmacher <metze@metzemix.de>
(This used to be commit fcdf215753630d4173e50b7d93d6bc8ba254a5ff)
|
|
which one should be used for new servers. I'll add a note about uncommenting the older items for ldapsam_compat in the release notes
(This used to be commit 469c5ad1acfb452617b10653e06ce3b34ec9e146)
|
|
(This used to be commit 0714dda7cc4a1df73e1b9d11daae80a1f46583de)
|
|
(This used to be commit 925c60f5e2f5301da90fc26dddc1bad610eea0d0)
|
|
Net::LDAP::LDIF
(This used to be commit 9cde1aa32aed55a3d7cb28881c6acd9800b02065)
|
|
New objectclass named sambaSamAccount which uses attribute
prefaced with the phrase 'samba' to prevent future name clashes.
Change in functionality of the 'ldap filter' parameter. This always
defaults to "(uid=%u)" now and is and'd with the approriate objectclass
depending on whether you are using ldapsam_compat or ldapsam
conversion script for migrating from sambaAccount to
sambaSamAccount will come next.
(This used to be commit 998586e65271daa919e47e1206c0007454cbca66)
|