Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit d12b793d9ca10f966da3446982a5b1d987d51814)
|
|
domains, this patch ensures that we always use the ADS backend when
security=ADS, and the remote server is capable.
The routines used for this behaviour have been upgraded to modern Samba
codeing standards.
This is a change in behaviour for mixed mode domains, and if the trusted
domain cannot be reached with our current krb5.conf file, we will show
that domain as disconnected.
This is in line with existing behaviour for native mode domains, and for
our primary domain.
As a consequence of testing this patch, I found that our kerberos error
handling was well below par - we would often throw away useful error
values. These changes move more routines to ADS_STATUS to return
kerberos errors.
Also found when valgrinding the setup, fix a few memory leaks.
While sniffing the resultant connections, I noticed we would query our
list of trusted domains twice - so I have reworked some of the code to
avoid that.
Andrew Bartlett
(This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
|
|
Supports recursive downloads and resume, progress indication and shows
estimated time remaining.
(This used to be commit 82bd1b45a4205706b57bae42c7b03974f8b44753)
|
|
Jeremy.
(This used to be commit cae5f158e583572436a2f4c20d919816d763f93d)
|
|
2.2.x quota methods.
:-).
"here's a patch which ports the samba 2.2 samba_linux_quota.h stuff to 3_0.
This is needed because of so many broken quota files outthere.
Please, test this with old, new kernels
(strucr dqblk, struct mem_dqblk, and struct if_dqblk)
, quota.user, aquota.user formats
what is when a user is over soft quota and over hard quotas..."
Jeremy.
(This used to be commit 4350aa6ce6cfdaf71cdcfd2aebcdc9560fa7efcf)
|
|
- Add pgSQL backend (based on patch by Hamish Friedlander)
- Use query generate functions from pdb_mysql and pdb_pgsql
- Only pdb_pgsql.c needs to be changed whenever the fields in SAM_ACCOUNT change
(This used to be commit 65ad2c02fd2bf36d535c279ad290ab81e39f6816)
|
|
subsystem into a seperate file - ntlm_check.c.
This allows us to call these routines from ntlm_auth. The purpose of this
exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to
avoid talking to winbind. This should allow for easier debugging.
ntlm_auth itself has been reorgainised, so as to share more code between
the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode
has been added, for use with a Cyrus-SASL module I am writing (based on vl's
work)
Andrew Bartlett
(This used to be commit 48315e8fd227978e0161be293ad4411b45e3ea5b)
|
|
(This used to be commit 8f6cd36fa03edf75e8e3a806ab178d8563dea081)
|
|
(This used to be commit b19472e108508935e6c80f61fd1394e852cb0902)
|
|
tells me that this should not be expanded, so I implemented
net status [sessions|shares] [parseable]
Volker
(This used to be commit 63d877c6b4786dcddf5f389842f798857be282c0)
|
|
MacOSX (Darwin) specific charset module code. Also had to add AC_CHECK_CPP
to configure.in (this took a *long* time to track down) to make autoconf
work correctly on Fedora Core 1.
Jeremy.
(This used to be commit c51d974b18e31a38608a3837d3fee04a209f91c8)
|
|
(This used to be commit 92a138f027cf2f1c2b13c6f3d59493fb21885d5e)
|
|
this is not called by default and I don't think it should be - I think
the programmer should specifically ask for pch generation when they
want it.
(This used to be commit ef01aedfb4e97af9283b0d54dd362aad809016af)
|
|
Volker
(This used to be commit b628ba0fc00585cbe1443e0b146ee673f25bc50f)
|
|
(This used to be commit e306c962685c8b17df520aebccf6f0d8e3d7ce3c)
|
|
occurs before any library specification. Closes bug #661.
(This used to be commit 7af7fa9be22b4406c83fa24c46ed8af1a7bcf173)
|
|
compliant implementations of snprintf.
(This used to be commit a38ab77b70c0918be411a6c299a23b5735393a2d)
|
|
to see if SGI and other platforms will build.
(This used to be commit cf9311044c372695592db1b95b814b0870b8cf29)
|
|
#534
(This used to be commit 4e86243ea1d4bbe96720caaaf02300f5e15bee5a)
|
|
(This used to be commit 3098a9e4b0cf6c0d6a6f2cda9ac60387bcda8198)
|
|
(This used to be commit 17d71852ae0ea9577ec31429dfc6ae7b36f34c26)
|
|
(This used to be commit 63a82debd80eeb27f326c9c0643735dd5f9b99bf)
|
|
the trouble of detecting what the PIC suffix should actually be.
Change PICFLAG in configure.in to PICFLAGS for consistency.
Patches from Joachim Schmitz <schmitz@hp.com> for bug 574.
(This used to be commit ecfbc5f5295c64d1ba553356dd09f65e9b5d1ccb)
|
|
(This used to be commit 266fa232d95e86a86ec00570657508ed42c80228)
|
|
(no need to include all of smbd files to use some basic sec functions)
also minor compile fixes
couldn't compile to test these due to some kerberos problems wirh 3.0,
but on HEAD they're working well, so I suppose it's ok to commit
(This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
|
|
this (HPUX 11). Currently it's initialised to 'ar' but this may have
to be changed if any systems pop up that have archivers that aren't
named 'ar'. Closes bug #552.
(This used to be commit 6aada3bd3e08abedc4c043d1ceb667ca73f8cd62)
|
|
(This used to be commit dc6d14c2bd1a8509e40c198065b8dc930c37d3ed)
|
|
More work on SWAT i18n support to appear in later releases.
(This used to be commit c3267749054ade219d214bdaf6c21e4207bd2011)
|
|
(This used to be commit c972fac195fd9280ab2a0da28b8ed11aaacd3bff)
|
|
library variable names.
(This used to be commit 9b0b0256a8bb93482fad4032902a4ab6d1e99e23)
|
|
This implements some kind of improved AFS support for Samba on Linux with
OpenAFS 1.2.10. ./configure --with-fake-kaserver assumes that you have
OpenAFS on your machine. To use this, you have to put the AFS server's KeyFile
into secrets.tdb with 'net afskey'. If this is done, on each tree connect
smbd creates a Kerberos V4 ticket suitable for use by the AFS client and
gives it to the kernel via the AFS syscall. This is meant to be very
light-weight, so I did not link in a whole lot of libraries to be more
platform-independent using the ka_SetToken function call.
Volker
(This used to be commit 5775690ee8e17d3e98355b5147e4aed47e8dc213)
|
|
kerberos symbols unless I do the same as smbd does. It does not hurt
on my debian, so simply give a pointer to LDAPLIBS as well.
Volker
(This used to be commit 353d5272912ac11aa3ebf7403593177c45b20147)
|
|
relocatable form.
Added a comment about this in the hope that it won't happen again.
Renamed PAM_WINBIND_OBJ to PAM_WINBIND_PICOBJ to make it a bit clearer.
(This used to be commit 04797e12d85a4b4d616397dd1283e5a65af5adab)
|
|
(This used to be commit fb446ba8117c5e24489520aaea6abd25d6396287)
|
|
Now all 8-bit charsets with gaps (not all symbols defined) could be produced through
one macro -- SMB_GENERATE_CHARSET_MODULE_8_BIT_GAP(CHARSETNAME) within source file
with three charset tables. Full source code for such modules can be generated by
source/script/gen-8bit-gap.sh script which was taken from GNU libc and changed slightly
to follow our data types and structure.
(This used to be commit 37042c7bc0f349370e93e4bed37d8fa371013247)
|
|
(This used to be commit ffc82460f2b6b703739d9f95dc878d31bc9b3367)
|
|
pam_smbpass.so will load ok. Had to move some functions around to work
around dependency problems (hence the new passdb/lookup_sid.c)
Also make sure that libsmbclient.a is built and installed when
we support shared libraries.
(This used to be commit 780055f4422f11fb0524ac1f003cdc5f317f8b19)
|
|
CAP-compatible encoded file names for CJKV
(This used to be commit e8a5a962ed2218144cbb9c593d8e996c7d034b0c)
|
|
We now fallback to Samba-provided CP850 charset module if CP850 or IBM850 does not exist on target system at runtime.
1. Introduce CP850 charset module based on charmaps table from GNU libc 2.2.5
2. Make CP850 charset module shared and build it by default
Should fix Solaris run-time
(This used to be commit e855dc8c9115fa11d315eb34d57722ff612daa11)
|
|
neccessary files & libs
(This used to be commit e52f95d681ef2263166f5468f2a3f068b67915b7)
|
|
smbadduser must obeys the paths from configure options
* Try to get libsmbclient files installed during 'make install'
Still one outstanding problem with static lib. INSTALLCLIENTCMD_A
is not getting set correctly.
(This used to be commit 50ab28bd2524187b851732176553382fb811a051)
|
|
(This used to be commit b7ccfb1592e45366bef92ea6439f81797840ec28)
|
|
(This used to be commit 4d49ebf7138f1e27c39b511f7f0417bfb146fc26)
|
|
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
|
|
after the Makefile changes.
(This used to be commit 104f62272d75e9d89ab330b620011b337eb2a435)
|
|
IP and TCP checksums are not calculated, but that should not matter.
(This used to be commit aa96f780015c031e0c5a0e8773f192502c10c919)
|
|
same ads_verify_ticket routine that smbd uses, so in the current state
we have to be have the host password in secrets.tdb instead of the
keytab. This means we have to be an ADS member, but it's a start.
Volker
(This used to be commit dc2d2ad467927affbd1461df75f77f07ddfbc3b1)
|
|
10 for data contents as well) and creates a packet trace readable by
ethereal.
What does not work yet:
- SMB data contents (log level 5)
- SMB data contents beyond the 512 byte range (log level 99 or something?)
(This used to be commit 95b1d4933b0de63613fe041c273d413d86909b4b)
|
|
There is a workaround documented in the bug report.
This patch does:
* add server support for the LSA_DS UUID on the lsarpc pipe
* store a list of context_ids/api_structs in the pipe_struct
so that we don't have to lookup the function table for a pipe.
We just match the context_id. Note that a dce/rpc alter_context
does not destroy the previous context so it is possible to
have multiple bindings active on the same pipe. Observed from
standalone win2k sp4 client.
* added server code for DsROleGetPrimaryDOmainInfo() but disabled it
since it causes problems enumerating users and groups from a 2ksp4
domain member in a Samba domain.
(This used to be commit 96bc2abfcb0dd0912696fad76e43cb217b33e061)
|
|
NTLMSSP with "" username, NULL password), and add --machine-pass (-P) to
all of Samba's clients.
When connecting to an Active Directory DC, you must initiate the CIFS level
session setup with Kerberos, not a guest login. If you don't, your machine
account is demoted to NT4.
Andrew Bartlett
(This used to be commit 3547cb3def45a90f99f67829a533eac1ccba5e77)
|