summaryrefslogtreecommitdiff
path: root/source3/auth
AgeCommit message (Collapse)AuthorFilesLines
2008-06-26Add server_info to pipes_structVolker Lendecke1-0/+16
(This used to be commit d621867bb8767e1c4236d28dd9294a61db6cbb10)
2008-06-24Fix for bug #5551, smbd recursing back into winbindd from a winbindd call.Jeremy Allison1-13/+66
Jeremy. (This used to be commit a07fe72538e8e724b9736d5a85cc590864c5cab2)
2008-06-24Fix bug #5555. Don't return NT_STATUS_PASSWORD_MUST_CHANGE error on machine ↵Jeremy Allison1-2/+3
account logon. Jeremy. (This used to be commit 10da498a2349bf5944183adf5a9284eafa2b8b74)
2008-06-19Wrap the unix token info in a unix_user_token in auth_serversupplied_infoVolker Lendecke1-23/+25
No functional change, this is a preparation for more current_user ref removal (This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
2008-05-30Fix security=server, bug 5502Volker Lendecke1-2/+4
This has brown paper bag quality and is definitely needed for 3.2.0. Thanks to Orion Poplawski for reporting this! Volker (This used to be commit 3b31f8cce3703645a57778bc752bc9b9e853df5d)
2008-05-11Make sure we have serversupplied_info->sanitized_username everywhereVolker Lendecke1-10/+53
(This used to be commit 88423a17b966652eba4085e88f7ddb5c86b463dd)
2008-05-10Add function make_serverinfo_from_username()Volker Lendecke1-0/+38
This will be used for 'security=share' and 'force user' (This used to be commit 88e43097cafcd2849d9f1200a377357fde4cce99)
2008-05-10Add a mem_ctx argument to make_server_info_guest()Volker Lendecke2-5/+6
(This used to be commit e4a9492967f3d2b64f27943f99414608e0c03d21)
2008-05-10Make copy_serverinfo non-static, add mem_ctxVolker Lendecke1-3/+4
(This used to be commit a3651ced9e0859578df8cc44da64e7a8066bde76)
2008-05-07Rename server_info->was_mapped to server_info->nss_tokenVolker Lendecke5-11/+7
"nss_token" from my point of view much better reflects what this flag actually represents (This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
2008-05-05Remove "userdom_struct user" from "struct user_struct"Volker Lendecke1-0/+10
(This used to be commit 420de035237bb08bc470c9eb820f3da2edaa6805)
2008-05-05Fix a typoVolker Lendecke1-1/+1
(This used to be commit 964bd02220c04030d8cb0f97ca9b409400d1238c)
2008-05-05Remove unused set_current_user_guest()Volker Lendecke1-33/+0
(This used to be commit a33e8d2ffa4daea1deba13b3571cb0b36d521476)
2008-04-30BUG 5429: Clarify log msgs re: failure to create BUILTIN\{Administrators,Users}Gerald W. Carter1-7/+9
Raise the debug msgs from Lvl 0 in the create_builtin_XX() functions to prevent unnecessary panic from people reading the logs. (This used to be commit 2983b9dc790e0f90ec1e6add131438c6bfd361b4)
2008-04-15auth: add SeDiskOperatorsPrivilege to get_root_nt_token to fix registry shares.Michael Adam1-0/+2
Michael (This used to be commit 6bb107b17d557c27d035ca518ab61296814a3cea)
2008-04-09Fix typos.Karolin Seeger1-1/+1
Karolin (This used to be commit 6cee34703503fbf3629057345fe221b866560648)
2008-04-04Use sid_array_from_info3 in lookup_usergroups_cached().Günther Deschner1-1/+1
Guenther (This used to be commit 65b4cb20ea3fb806cfd50281e08f32bea70fafce)
2008-04-02Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner1-1/+1
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther (This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
2008-03-26Add debug statement in auth_winbind to display wbcAuthenticateUserEx error code.Günther Deschner1-0/+5
Guenther (This used to be commit 0ad00a452f03d8af6e6b6fabd4a05ca26a9910d0)
2008-03-20Fix crash bug in check_sam_security() when make_server_info_sam() did aGünther Deschner1-1/+0
talloc_steal and talloc_free on the sam account already. Guenther (This used to be commit dbc7237a8a566f3e86bd6e4b48593b93c5bfb94e)
2008-03-14Fix bug 5317Volker Lendecke1-1/+1
Thanks to oster@cs.usask.ca (This used to be commit f18a80575921a241c7243c5af5a0101a2956ff17)
2008-03-10Use a separate tdb for mutexesVolker Lendecke2-14/+18
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. (This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
2008-03-06Be more verbose why create local token has failed duringGünther Deschner1-1/+2
NTLMSSP and Kerberos session setup Guenther (This used to be commit 18b8c2c19e50aee8fc900c7507244cb95014a4fa)
2008-02-17Use netr_SamInfo3 in remaining places.Günther Deschner1-5/+5
Guenther (This used to be commit 92fca97951bf7adf8caaeabdaff21682b18dd91f)
2008-02-17Use netr_SamInfo3 in make_server_info_info3().Günther Deschner1-25/+27
Guenther (This used to be commit 5866c11b288c217f0c38240c44f8bfeff185890d)
2008-02-14Allow auth_ntlmssp_end() to ignore null pointers passed in.Jeremy Allison1-1/+6
Jeremy. (This used to be commit b7628f3a47166791db4cd6451d52ea3881a45bed)
2008-02-13auth_winbind: use wbcAuthenticateUserEx()Stefan Metzmacher2-69/+277
smbd doesn't need $(WBCOMMON_OBJ) anymore, it works with any libwbclient.so now and may talk to an older winbindd. metze (This used to be commit e3435930a307cff3066fe2047ed8c5c48911f001)
2008-02-05Fix typo.Karolin Seeger1-1/+1
Karolin (This used to be commit 906e19bad40ba0c0a473ec2601e9eb0fff169f83)
2008-02-04Always pass a TALLOC_CTX to str_list_make and str_list_copyVolker Lendecke1-10/+26
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
2008-02-04tiny simplificationVolker Lendecke1-5/+3
(This used to be commit 22e49ef2c0c9b641068ac5419b9c82fb97d3e8e6)
2008-01-23Windows 2008 (Longhorn) auth2 flag fixes.Andreas Schneider1-1/+1
Interop fixes for AD specific flags. Original patch from Todd Stetcher. (This used to be commit 5aadfcdaacd6f136eab9e107a88b8544e6d2105f)
2008-01-08Fix CID 460 - resource leak on error.Jeremy Allison1-0/+1
Jeremy. (This used to be commit d61831164b482d02e0eef3c28aeed93d3e44433f)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam2-34/+52
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2008-01-04More logical operations on booleans. IBM checker.Jeremy Allison2-2/+6
Jeremy. (This used to be commit e289a0c8592f9e5c58100ddcde2577b452725b88)
2007-12-29Fix a panicVolker Lendecke1-1/+1
get_root_nt_token asks for "struct nt_user_token". talloc_get_type is not smart enough to see that this is the same as NT_USER_TOKEN... :-) (This used to be commit 22a98bf7b81fb89dce1f32ef65cfe6caaba985b3)
2007-12-28Convert get_root_nt_token to memcacheVolker Lendecke1-3/+15
(This used to be commit fada689893314bed2fc78588b3fd9b144f4c808a)
2007-12-28Remove static zerosVolker Lendecke1-3/+6
(This used to be commit dbcc213710a9af31b6094d4741a6f68f573dcdad)
2007-12-22Fix "may be used uninitialized" compiler warnings.James Peach1-3/+3
(This used to be commit 22ac34a329c9be9cf7d1e6749ebcfb50215378e4)
2007-12-21De-couple smbd from staticly linking against winbindd client files.Gerald (Jerry) Carter1-3/+3
Implements a wrapper layer in winbind_util.c which are just stubs if compiled --without-winbind. When building with winbindd, it is now required to build the libwbclient DSO first (in the Makefile) and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the library PATH. (This used to be commit 42787bccff4fcffafc7aae6a678e792604ecaaa5)
2007-12-19Remove Get_Pwnam and its associated static variableVolker Lendecke1-1/+2
All callers are replaced by Get_Pwnam_alloc (This used to be commit 735f59315497113aebadcf9ad387e3dbfffa284a)
2007-12-17Correctly define prototypes for accessor functions.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 299ea5d122e173adf6edb6399fc90798747b0c97)
2007-12-17More static fstring removal.Jeremy Allison1-33/+116
Jeremy. (This used to be commit dcf624aa02cf7415a4a55e6d45606e813ae6b91f)
2007-12-17Reformat: Remove trailing spaces.Michael Adam1-47/+47
Michael (This used to be commit 5249b3d204bf5f9191c2a4a7e81d09227eb5ddea)
2007-12-17Fix flags in caller of lookup_name() in create_builtin_administrators().Michael Adam1-1/+2
Michael (This used to be commit 46bfbf5c8af6c030e67219a29c49fd2d40003b18)
2007-12-16Remove another static string and static passwd.Jeremy Allison1-19/+22
Jeremy. (This used to be commit 2a700c5a57a417add3b1975b2c396d20c8a5f301)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke2-7/+8
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-12-15Use sid_string_talloc where we have a tmp talloc ctxVolker Lendecke1-2/+2
(This used to be commit f00ab810d2540679bec109498ac89e1eafe18f03)
2007-12-13Fix typo in debug statement.Michael Adam1-1/+1
Michael (This used to be commit da23684261f40c06dea30ab2df0c878ebb0d0d81)
2007-12-13Rename get_trust_pw() to get_trust_pw_hash().Michael Adam1-2/+2
Michael (This used to be commit 0cde7ac9cb39a0026a38ccf66dbecefc12931074)
2007-12-13Let get_trust_pw() determine the machine_account_name to use.Michael Adam1-2/+5
Up to now each caller used its own logic. This eliminates code paths where there was a special treatment of the following situation: the domain given is not our workgroup (i.e. our own domain) and we are not a DC (i.e. it is not a typical trusted domain situation). In situation the given domain name was previously used as the machine account name, resulting in an account name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me. get_trust_pw would not have obtained a password in this situation anyways. I hope I have not missed an important point here! Michael (This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f)