| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Michael
(This used to be commit 6bb107b17d557c27d035ca518ab61296814a3cea)
|
|
Karolin
(This used to be commit 6cee34703503fbf3629057345fe221b866560648)
|
|
Guenther
(This used to be commit 65b4cb20ea3fb806cfd50281e08f32bea70fafce)
|
|
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.
Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.
Guenther
(This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
|
|
Guenther
(This used to be commit 0ad00a452f03d8af6e6b6fabd4a05ca26a9910d0)
|
|
talloc_steal and talloc_free on the sam account already.
Guenther
(This used to be commit dbc7237a8a566f3e86bd6e4b48593b93c5bfb94e)
|
|
Thanks to oster@cs.usask.ca
(This used to be commit f18a80575921a241c7243c5af5a0101a2956ff17)
|
|
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not
provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC
mutex is needed per-node anyway, so it is perfectly fine to use a local mutex
only.
(This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
|
|
NTLMSSP and Kerberos session setup
Guenther
(This used to be commit 18b8c2c19e50aee8fc900c7507244cb95014a4fa)
|
|
Guenther
(This used to be commit 92fca97951bf7adf8caaeabdaff21682b18dd91f)
|
|
Guenther
(This used to be commit 5866c11b288c217f0c38240c44f8bfeff185890d)
|
|
Jeremy.
(This used to be commit b7628f3a47166791db4cd6451d52ea3881a45bed)
|
|
smbd doesn't need $(WBCOMMON_OBJ) anymore,
it works with any libwbclient.so now
and may talk to an older winbindd.
metze
(This used to be commit e3435930a307cff3066fe2047ed8c5c48911f001)
|
|
Karolin
(This used to be commit 906e19bad40ba0c0a473ec2601e9eb0fff169f83)
|
|
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
|
|
(This used to be commit 22e49ef2c0c9b641068ac5419b9c82fb97d3e8e6)
|
|
Interop fixes for AD specific flags. Original patch from Todd Stetcher.
(This used to be commit 5aadfcdaacd6f136eab9e107a88b8544e6d2105f)
|
|
Jeremy.
(This used to be commit d61831164b482d02e0eef3c28aeed93d3e44433f)
|
|
Michael
(This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
|
|
Jeremy.
(This used to be commit e289a0c8592f9e5c58100ddcde2577b452725b88)
|
|
get_root_nt_token asks for "struct nt_user_token". talloc_get_type is not smart
enough to see that this is the same as NT_USER_TOKEN... :-)
(This used to be commit 22a98bf7b81fb89dce1f32ef65cfe6caaba985b3)
|
|
(This used to be commit fada689893314bed2fc78588b3fd9b144f4c808a)
|
|
(This used to be commit dbcc213710a9af31b6094d4741a6f68f573dcdad)
|
|
(This used to be commit 22ac34a329c9be9cf7d1e6749ebcfb50215378e4)
|
|
Implements a wrapper layer in winbind_util.c which are just stubs
if compiled --without-winbind. When building with winbindd, it
is now required to build the libwbclient DSO first (in the Makefile)
and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the
library PATH.
(This used to be commit 42787bccff4fcffafc7aae6a678e792604ecaaa5)
|
|
All callers are replaced by Get_Pwnam_alloc
(This used to be commit 735f59315497113aebadcf9ad387e3dbfffa284a)
|
|
Jeremy.
(This used to be commit 299ea5d122e173adf6edb6399fc90798747b0c97)
|
|
Jeremy.
(This used to be commit dcf624aa02cf7415a4a55e6d45606e813ae6b91f)
|
|
Michael
(This used to be commit 5249b3d204bf5f9191c2a4a7e81d09227eb5ddea)
|
|
Michael
(This used to be commit 46bfbf5c8af6c030e67219a29c49fd2d40003b18)
|
|
Jeremy.
(This used to be commit 2a700c5a57a417add3b1975b2c396d20c8a5f301)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
(This used to be commit f00ab810d2540679bec109498ac89e1eafe18f03)
|
|
Michael
(This used to be commit da23684261f40c06dea30ab2df0c878ebb0d0d81)
|
|
Michael
(This used to be commit 0cde7ac9cb39a0026a38ccf66dbecefc12931074)
|
|
Up to now each caller used its own logic.
This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.
I hope I have not missed an important point here!
Michael
(This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f)
|
|
(This used to be commit aec5f1512660953168a2c55b2890cd6c076b8a92)
|
|
Jeremy, please check
(This used to be commit 60500fac30911500eade7c2a9aa13569dcab0911)
|
|
No more temptations to use static length strings.
Jeremy.
(This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
|
|
Jeremy.
(This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
|
|
Jeremy.
(This used to be commit 72c19d114b40ee307bbe45d9828667165a26d7a3)
|
|
Jeremy.
(This used to be commit f1680bada913af4eaf5c0d686983018d6c8b3e5f)
|
|
I have a plan for dealing with the remaining..... Watch
this space.
Jeremy.
(This used to be commit 963fc7685212689f02b3adcc05b4273ee5c382d4)
|
|
Jeremy.
(This used to be commit 95d01279a5def709d0a5d5ae7224d6286006d120)
|
|
statics. Part of my library cleanups.
Jeremy.
(This used to be commit e848506c858bd16706c1d7f6b4b032005512b8ac)
|
|
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
in create_token_from_username(). This caused set_nt_acl to
partially fail in certain circumstances.
This is expected to bring an improvement to bug #4308.
Michael
(This used to be commit e68671b59500d7e1b645c80ee264c49893f8df84)
|
|
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
