| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This patch add privilege support for samba
Currently it is implemented only for tdbsam backend but estending it to
other sam backends is straightforward.
I must make a big thank to JFM for his teachings on the matter and the
functions at the base of this work.
At thye moment only samr_create_user honours SeAddUsersPrivilege and
SeMachineAccountPrivilege to permit any user to add machines and/or users to
the server.
The command "net priv" has been provided to manipulate the privileges
database.
There are still many things to do (like support in "net rpc vampire") but
the working core is here.
Feel free to comment/extend on this work.
Of course I will deny that any bug may affect this code :-)
Simo.
This patch adds also my patch about add share command enhancements.
(This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
|
|
new functionality and testing interface for new pdb functions.
Also, quite a bit of objects is being added to pdbedit in order to make
it able to find domain sid automatically (if not given explicitly).
If such amount of "wisdom" is not required to be in pdbedit, I'll move
it to 'net' which will have this new functionality, anyway.
rafal
(This used to be commit cfb1b7bda905c8391bf065ecb99bb28806dfe96a)
|
|
HEAD PDC tomorrow)
(This used to be commit c57b24ee49aee0f0687742da7f8d741c62f6effe)
|
|
When we set a domain sid, force get_global_sam_sid() to do it's work again.
This should ensure that the value it returns is always consistant.
Andrew Bartlett
(This used to be commit fb13c61d4eee943e44632a0d1ba57b19602d67a4)
|
|
Make more functions static, and remove duplication in the use of functions
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c
(These should perhaps be pulled back out to smbpasswd.c, but that can occour
later).
This also includes some >14 character password changes, and the start
of a move away from using 'admin user' to determine if the user is
root (as root can login without setting 'admin user').
Andrew Bartlett
(This used to be commit be0704abb919152c359a735023283acbf9be3076)
|
|
(This used to be commit 9ea39d1c782c2111b086a83bf5f24c8b18fd879e)
|
|
Ensure the remote_password_change() gets a valid prototype from proto.h
Andrew Bartlett
(This used to be commit 765757b3573b75a3df09d6130b025049d9c93e14)
|
|
(to enable it, run ./configure --with-static-modules=pdb_gums)
(This used to be commit df7666161f75b61058a017fea04b733751d5ac06)
|
|
This adds client-side support for the unicode/SAMR password change scheme.
As well as avoiding DOS charset issues, this scheme returns useful error
codes, that we can map back via the pam interface.
This patch also cleans up the interfaces used for password buffers, to
avoid duplication of code.
Andrew Bartlett
(This used to be commit 8063b8b6c2eb30cb116988e265fb289109d7c348)
|
|
meaning of fields_present bit mask. Also avoid it being saved in backends (0
is saved where removing the unit32 would have produced a format change).
Also add support in samr functions to correctly interpret the flags.
Flags still not set properly (eg. still set all flags 0xffffff as previous
code), need a tool to test this properly (I',ve done preliminary tests with
samba4 rpc torture and it seem to work properly against w2k).
2. Patch for handlig the flag user must change password at next logon
in usrmgr based on Jianliang Lu <j.lu@tiesse.com> patch
(This used to be commit 78975e9483e64412e436c5dbfe2b71e20b79de29)
|
|
(This used to be commit 835a28337f97da143d5b9201a5080fde06bbedf1)
|
|
(This used to be commit c98399e3c9d74e19b7c9d806ca8028b48866931e)
|
|
(This used to be commit 69a9cfdad809a9b3fc7f6dc4ad5a708b6559b714)
|
|
Move our basic password checking code from inside the authentication
subsystem into a seperate file - ntlm_check.c.
This allows us to call these routines from ntlm_auth. The purpose of this
exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to
avoid talking to winbind. This should allow for easier debugging.
ntlm_auth itself has been reorgainised, so as to share more code between
the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode
has been added, for use with a Cyrus-SASL module I am writing (based on vl's
work)
Andrew Bartlett
(This used to be commit 2f196bb31ac83cf7922583063c74a5f679ca5be7)
|
|
(This used to be commit 61cbd5c9be1962d0c33c28ff472a2f82d3aa2a80)
|
|
(This used to be commit c16e51bfaf59b2d5b1b800ee272ac45b13b9a9fc)
|
|
(This used to be commit 915b5eb67f8d4acc901d78b7b7d4d615aef817cd)
|
|
tells me that this should not be expanded, so I implemented
net status [sessions|shares] [parseable]
Volker
(This used to be commit ed38341c8a6454a8ec0f8240d83239f6869536b8)
|
|
MacOSX (Darwin) specific charset module code. Also had to add AC_CHECK_CPP
to configure.in (this took a *long* time to track down) to make autoconf
work correctly on Fedora Core 1.
Jeremy.
(This used to be commit a5711943428e4b586fb7f064739c78fa0a3ebd52)
|
|
Add module support for configuration loading
Add a first implementation of config_ldap module to put samba configuration
on ldap
It worked on my test machine, please try it out and send bugfixes :-)
have fun,
Simo.
INSTRUCTIONS:
Just add something like this to your smb.conf file:
config backend = config_ldap:ldap://localhost
config_ldap:basedn = dc=samba,dc=org
the config tree must follow this scheme:
ou=foo, dc=samba, dc=org <- global section
|- sambaOptionName=log level, ou=foo, ... <- options
|- ...
|- sambaShareName=testlc, ou=foo, ... == [testlc]
|- sambaOptionName=path, sambaShareName=testlc, ou=foo, ... <- option
here is a sample ldif:
# foo, samba, org
dn: ou=foo, dc=samba, dc=org
objectClass: organizationalUnit
objectClass: sambaConfig
ou: foo
description: Test Foo
# log level, foo, samba, org
dn: sambaOptionName=log level, ou=foo, dc=samba, dc=org
objectClass: sambaConfigOption
sambaOptionName: log level
sambaIntegerOption: 10
description: log level 10 is suitable for good debugging
# testlc, foo, samba, org
dn: sambaShareName=testlc, ou=foo, dc=samba, dc=org
objectClass: sambaShare
sambaShareName: testlc
description: share to test ldap config module actually works
# path, testlc, foo, samba, org
dn: sambaOptionName=path, sambaShareName=testlc, ou=foo, dc=samba, dc=org
objectClass: sambaConfigOption
sambaOptionName: path
sambaStringOption: /tmp
description: Path for share testlc
# read only, testlc, foo, samba, org
dn: sambaOptionName=read only, sambaShareName=testlc, ou=foo, dc=samba,
dc=org
objectClass: sambaConfigOption
sambaOptionName: read only
sambaBoolOption: TRUE
description: Share testlc is read only
# guest ok, testlc, foo, samba, org
dn: sambaOptionName=guest ok, sambaShareName=testlc, ou=foo, dc=samba,
dc=org
objectClass: sambaConfigOption
sambaOptionName: guest ok
sambaBoolOption: TRUE
description: Guest users are allowed to connect to testlc share
(This used to be commit 207968eafc2c2a185e50e2132702d7bab2142aba)
|
|
Volker
(This used to be commit 11da19dd5c2a6434b73a03eadedb5b877776b1f7)
|
|
Revision 1.468.2.193:
Add ldaplibs to pdbedit link line. Fixes bug #651.
(This used to be commit 079e00d1030130943791acd54b2af6036891c534)
|
|
(This used to be commit c96d470af8dd9b5782d7c4f3e9fe5fa92f416f77)
|
|
- Revision 1.468.2.187
CP* modules are not related to development
- Revision 1.468.2.191
Compile fix for tdbbackup when Samba needs to override non-C99
compliant implementations of snprintf
Sync up formatting for PAM_WINBIND_PICOBJ variable.
(This used to be commit b4f3c8d2f62e6d75a5c01529190e71289dea8df5)
|
|
#534
(This used to be commit 99f4fa54497ba1c0fc0ba39d51b3ce201a8e6cd2)
|
|
of the problems with this.
From: Derrell.Lipman@unwireduniverse.com
(This used to be commit 8e3d2708c5e5a9968aeb9a6fe6c828aa8a5b22a9)
|
|
mapping, but this is the base for changes to come.
(This used to be commit 73882e970a3aea1c3c9f34779b4220bbf28f6dad)
|
|
(This used to be commit 9b13dae5a9cec827f854d5d0eb77eb16709b39b9)
|
|
(This used to be commit c8ec714119a620af3481e40a94c361704ecbc39b)
|
|
(This used to be commit 747501893c1d9b591c81a0e819f28d0102d596a5)
|
|
(This used to be commit 5537ccf95ae8c8d737cbcf9e5575b80b6b7bac6f)
|
|
this target will build parse file with genstruct
it is the duty of the developer to commit updated files
this is made to make build platforms independent of a working perl
installation as always been with samba
so currently you need to run:
make genparse
and commit:
cvs ci include/tdbsam2_parse_info.h
if you change anything in genparse/genstruct code or tdbsam2 code.
Simo.
(This used to be commit 7e2d5da2dcfad32b733c28535490e98e578bcc3a)
|
|
the trouble of detecting what the PIC suffix should actually be.
Change PICFLAG in configure.in to PICFLAGS for consistency.
Patches from Joachim Schmitz <schmitz@hp.com> for bug 574.
(This used to be commit 0abe1964f7de184d836b167dbc581454e6ec9df8)
|
|
laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.
As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)
Simo.
(This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
|
|
>Explicitly initialise the value of AR for vendor makes that don't do
>this (HPUX 11). Currently it's initialised to 'ar' but this may have
>to be changed if any systems pop up that have archivers that aren't
>named 'ar'. Closes bug #552.
>fixed for /sbin/mount.smbfs link when using $DESTDIR; bug 525
(This used to be commit fd18356fe2c59877860383219b6e71f182aec1fe)
|
|
(This used to be commit 759990833ef192ffddec58039db1a41a0fafa399)
|
|
(no need to include all of smbd files to use some basic sec functions)
also minor compile fixes
(This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)
|
|
* set version string to "CVS 3.1.0alpha1"
(This used to be commit c6a61ffcbd0c95afd94bd33fd832b24bc8209de5)
|
|
(This used to be commit 2ac5ac495025f6c673216c1922ff51b913a0aeac)
|
|
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
|
|
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
|
|
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE
(This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
|
|
define it in SHLD for those systems that use CC for SHLD
(This used to be commit 142c54ca924bd854e7d840c2a67692c9f61ee396)
|
|
programmer can't work around, but hopefully enough that people will
notice that they should be using the 3.0 branch at the moment
(This used to be commit d6de8e8a94c8fb7d7837ed2b43092a275cc9d6c5)
|
|
build/install
(This used to be commit f59a99d8efce960b058e837f261b0482d5a0101e)
|
|
(This used to be commit 946192393d530f116f9ff4cede311700b26c3171)
|
|
(This used to be commit 7149dc65c7e22d53110c5e8bbab8ba96963ade76)
|
|
directly - fixed problem where the last line of the link command was
'\ @LDAP_LIBS@'. If @LDAP_LIBS@ is zero then the backslash
incorrectly includes the next line of the Makefile in the current
target.
This should fix a bucketload of build farm failures.
(This used to be commit 895bef1a62f60f4e91dc6b1c244820b024c36a5c)
|
|
Also merged a little bit of abartlet's recent configure.in change of
duplicated IRIX stuff.
(This used to be commit d15406ad910bc952c741e8d4d574064dbc5e88ef)
|
|
add winbindd_passdb backend
this makes it possible to have nua accounts on security = user servers to
show up in unic through nss_winbind.so
the problem is that we do not have group support, so nss group support is
not very good at this time (read: totally absent)
we NEED group support in passdb
(This used to be commit 921215cf4bfbd4d7457f81e181bb1a74a4531ca1)
|
