Age | Commit message (Collapse) | Author | Files | Lines |
|
Currently this calls back to mapping.c, but we have the framework
to get the information into LDAP and the passdb.tdb (should we? I
think so..).
This has received moderate testing with net rpc vampire and
usrmgr. I found the add_groupmem segfault in add_aliasmem as
well, but that will be another checkin.
Volker
(This used to be commit f30095852fea19421ac8e25dfe9c5cd4b2206f84)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
(This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
|
|
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).
Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.
Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.
J.F.
(This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
|
|
an array of uint32. That's not perfect but that's better.
Added more privileges too.
Changed the local_lookup_rid/name functions in passdb.c to check if the
group is mapped. Makes the LSA rpc calls return correct groups
Corrected the return code in the LSA server code enum_sids.
Only enumerate well known aliases if they are mapped to real unix groups.
Won't confuse user seeing groups not available.
Added a short/long view to smbgroupedit.
now decoding rpc calls to add/remove privileges to sid.
J.F.
(This used to be commit f29774e58973f421bfa163c45bfae201a140f28c)
|
|
fixed lsa_enum_rpivs server code. This time it works as W2K.
fixed smbgroupedit to compile and work.
J.F.
(This used to be commit 646651018a2736833e49e76f6ca735a4647d9746)
|
|
I did some basic tests but I have probably broken something. Notably the
password changing. So don't cry ;-)
J.F.
(This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
|
|
J.F.
(This used to be commit 7154deb026d53cb0cd503562174c3332a372be63)
|