Age | Commit message (Collapse) | Author | Files | Lines |
|
cut...
(This used to be commit 3662f86f41b83a5c944294ca02b6e216ee87f88c)
|
|
the LGPL. Original code by Krishna Ganugapati <krishnag@centeris.com>.
Additional work by me.
It's still got some warts, but non-secure updates do
currently work. There are at least four things left to
really clean up.
1. Change the memory management to use talloc() rather than
malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
dnserr.h)
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
(and under the LGPL).
A few notes:
* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
issues.
(This used to be commit 36f04674aeefd93c5a0408b8967dcd48b86fdbc1)
|
|
farm. If
we want to walk more printing code in the build farm I think doing that with a
customized printing backend is much easier than with a set of shell scripts.
Jerry, comments?
Volker
(This used to be commit 949cd6b992364d2bc60fd59051b6ac1c4cc4288c)
|
|
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
environment.
Patch from Robert O'Callahan, modified with some fixes
by me.
Jeremy.
(This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3)
|
|
Let's see what it breaks. For me it works :-)
Volker
(This used to be commit 337be14b432e5dfd80c7418b2db4fe0087259b77)
|
|
(This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9)
|
|
Volker
(This used to be commit 68db058fdf508d5b4d38731ece21f5d92feca00c)
|
|
keys,
this can trivially be added later.
Volker
(This used to be commit 6915adb9780052952e4a1d9e1c3e6cac06f48463)
|
|
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30ffceb798e3a8362d20e103e20b2897)
|
|
examples directory.
(This used to be commit c085355c323c65ee782516859eed8a76b53e6035)
|
|
code will be released.
(This used to be commit 5b1db0151461af18d994359e86c649922fc6de65)
|
|
(This used to be commit 72312cb2e255301f978455a559461ad83b13b6cb)
|
|
(This used to be commit 86687b804a60973883965700e755686e7d7d24f3)
|
|
(This used to be commit c005049043b01e85d42a9c230ed3c41f1a1e185e)
|
|
modularizes our interface into the special posix API used on
the system. Without this patch the specific API flavor is
determined at compile time, something which severely limits
usability on systems with more than one file system. Our
first targets are AIX with its JFS and JFS2 APIs, at a later
stage also GPFS. But it's certainly not limited to IBM
stuff, this abstraction is also necessary for anything that
copes with NFSv4 ACLs. For this we will check in handling
very soon.
Major contributions can be found in the copyright notices as
well as the checkin log of the vl-posixacls branch. The
final merge to 3_0 post-3.0.23 was done by Peter Somogyi
<psomogyi@gamax.hu>
(This used to be commit ca0c73f281a2a65a988094a46bb3e46a94011a53)
|
|
(This used to be commit 3fea233802dd2f6a5528fdb183a2ff30d572020d)
|
|
(This used to be commit 72bac13f21bf2c71538e3b3bafa0fc447e1e8af8)
|
|
deleted).
Jeremy.
(This used to be commit 58e5e270d2957cdf07c29757a83b53f73372d62a)
|
|
(This used to be commit 07c67fbfc0790169ee748c0e62da14c89d3add23)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
not the $(srcdir) to allow multiple concurrent compiles when the
source tree is shared via nfs.
(This used to be commit b79e1c011d577581eebb90b95dbdee11f8a96c3b)
|
|
(This used to be commit 9ae1d016d44492327d180fe5e629f3a81ddfe6e4)
|
|
the same change 3 times......
Fix pam_winbind compilation again.
(This used to be commit f3d2bbf0d222794bbb39b51a0f19167c6e8add1a)
|
|
(This used to be commit 4490fbdfc27eab02bf0140d3ffb70402858423e1)
|
|
include directory like other parts of the build files.
(This used to be commit 0fca41efde36d535a274b983e032c1def33f081e)
|
|
(This used to be commit 8421d1b080dd65d1459cc66f0bd4e20fed5d0385)
|
|
Guenther
(This used to be commit 4e1816855a8f86d1228c44b39126fbfb3cb893c0)
|
|
(This used to be commit 44d4bab991d5fc88005a542d2490ae3254a0f5b5)
|
|
Paul
(This used to be commit f5be3e12e2dc42a2092b71c9e4cab6f5d0ef8860)
|
|
on Solaris.
Jeremy.
(This used to be commit b65c6468651282879a39fa8029c190f2d1a91a28)
|
|
password via stdin
(This used to be commit 60d4aabc3205aa80f8d49c3c2db95927c61a81a5)
|
|
this one
(This used to be commit 8f5b198acaca5ce14ab1098d86f34df9a67619d4)
|
|
(since removal implies greater permissions that Windows clients require)
(This used to be commit ad1f947625612ef16adb69fc2cfeffc68a9a2e02)
|
|
Expand the "winbind nss info" to also take "rfc2307" to support the
plain posix attributes LDAP schema from win2k3-r2.
This work is based on patches from Howard Wilkinson and Bob Gautier
(and closes bug #3345).
Guenther
(This used to be commit 52423e01dc209ba5abde808a446287714ed11567)
|
|
source code.
(This used to be commit 9559886a92b1fdd33d380bf0100dcddb12477ff2)
|
|
(This used to be commit ae56154fc7694042496a55d4dade8ef1a7ba361c)
|
|
(This used to be commit d19dad88155f985f113c667b6bdad5a1b25eca18)
|
|
The motivating factor is to not require more privileges for
the user account than Windows does when joining a domain.
The points of interest are
* net_ads_join() uses same rpc mechanisms as net_rpc_join()
* Enable CLDAP queries for filling in the majority of the
ADS_STRUCT->config information
* Remove ldap_initialized() from sam/idmap_ad.c and
libads/ldap.c
* Remove some unnecessary fields from ADS_STRUCT
* Manually set the dNSHostName and servicePrincipalName attribute
using the machine account after the join
Thanks to Guenther and Simo for the review.
Still to do:
* Fix the userAccountControl for DES only systems
* Set the userPrincipalName in order to support things like
'kinit -k' (although we might be able to just use the sAMAccountName
instead)
* Re-add support for pre-creating the machine account in
a specific OU
(This used to be commit 4c4ea7b20f44cd200cef8c7b389d51b72eccc39b)
|
|
metze
(This used to be commit a48b1f7fae538a4220e087a1863015dd8c564005)
|
|
locating AD DC's with out own DNS SRV queries.
Testing on Linux and Solaris.
(This used to be commit cf71f88a3cdcabf99c0798ef4cf8c978397a57eb)
|
|
stack tracing support. This provides an easy way for users to provide
stack traces (hopefully it will be implemented on something other than
ia64).
(This used to be commit 0b5e07e12daa98095dae27e0a6d53fe8ec3f3700)
|
|
Guenther
(This used to be commit 6161e525de55769ed5e45d505f26f6cd9d6555e5)
|
|
kerberized pam_winbind and workstation restrictions are in effect.
The krb5 AS-REQ needs to add the host netbios-name in the address-list.
We don't get the clear NT_STATUS_INVALID_WORKSTATION code back yet from
the edata of the KRB_ERROR but the login at least fails when the local
machine is not in the workstation list on the DC.
Guenther
(This used to be commit 8b2ba11508e2730aba074d7c095291fac2a62176)
|
|
not support shared libraries.
(This used to be commit a1c12d7949f9110530526cc7133424e842cdcc71)
|
|
should list
long share names.
Volker
(This used to be commit d3d388180dacb7b9db5d122bc3f2ce1045434f53)
|
|
handling anymore when we remove $(LIBS) from pam_winbind again.
Also make sure to build our own copy of iniparser with -fPIC.
Guenther
(This used to be commit e32c4f6f6e090ca5babe9f131bbcb9babedcec05)
|
|
Temporary linking fix for --with-included-iniparser
(gd will do a proper fix later).
(This used to be commit 7d5adcf3a7237d130efea6cc9f6e5d28e65e2e51)
|
|
Guenther
(This used to be commit 5ae22cf46b1077b8892a2941a2891fe7412f1b9f)
|
|
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.
Guenther
(This used to be commit 0fed66926f4b72444abfc8ffb8c46cca8d0600aa)
|
|
/etc/security/pam_winbind.conf as config file for the PAM module by
default.
Guenther
(This used to be commit 41b79ee80c7b0f4836ded51d42c7dc91cba75ccd)
|