summaryrefslogtreecommitdiff
path: root/source3/include/smbldap.h
AgeCommit message (Collapse)AuthorFilesLines
2012-05-24s3-smbldap: Add API for external callback to perform LDAP bind in smbldapAlexander Bokovoy1-0/+2
In order to support other bind methods, introduce a generic bind callback. When smbldap_state.bind_callback is set, it means there is an alternative way to perform LDAP bind to ldap_simple_bind_s() so call it instead. The call is wrapped in become_root()/unbecome_root() to allow proper permissions in smbd to access needed resources in the callback, for example, credential caches. When run outside smbd, become_root()/unbecome_root() are no-op. The API expectation is similar to ldap_simple_bind_s(). A caller of smbldap API can pass additional information to the callback by setting smbldap_state.bind_callback_data pointer. Both callback and the data pointer elements of smbldap_state structure get cleaned up if someone sets proper credentials on smbldap_state with smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn with the callback, make sure to set callback after credentials are set.
2011-11-17s3-smbldap: include talloc.h and tevent.h in smbldap.hGünther Deschner1-0/+3
Guenther
2011-11-17s3-smbldap: improve smbldap.h readability and rearrange some defines.Günther Deschner1-59/+22
Guenther
2011-11-17s3-smbldap: remove duplicate prototype.Günther Deschner1-6/+0
Guenther
2011-11-16s3-smbldap: extend smbldap_init() with binddn/bindsecret arguments.Günther Deschner1-2/+5
Guenther
2011-11-16s3-smbldap: remove duplicate prototype of smbldap_init().Günther Deschner1-3/+0
Guenther
2011-11-16s3-passdb: split out passdb/pdb_ldap_schema.cGünther Deschner1-102/+0
Guenther
2011-11-16s3-smbldap: use include/smb_ldap.h in smbldap.hGünther Deschner1-1/+1
Guenther
2011-10-28s3-smbldap: use tevent_context in smbldap.Günther Deschner1-3/+3
Guenther
2011-10-11s3-passdb: split out passdb/pdb_ldap.h.Günther Deschner1-11/+0
Guenther
2011-10-11s3-smbldap: rearrange prototypes a bit.Günther Deschner1-19/+18
Guenther
2011-10-04s3-smbldap: remove an obsolete prototype.Günther Deschner1-1/+0
Guenther
2011-04-06s3-smbldap: make octet_strings/DATA_BLOBs const.Sumit Bose1-2/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2011-04-06s3-smbldap: support storing octet_strings/DATA_BLOBs.Günther Deschner1-0/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org>
2011-03-30s3-passdb: use passdb headers where needed.Günther Deschner1-0/+1
Guenther
2011-03-16s3-build: stop including ldap and lber headers everywhere in the code.Günther Deschner1-12/+2
Instead use new header smb_ldap.h where all LDAP API related things are handled, while smbldap.h only deals with our smbldap_X() API. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Mar 16 10:54:51 CET 2011 on sn-devel-104
2011-03-06s3: Move EXOP definitions to smbldap.hVolker Lendecke1-0/+25
This attempts to fix the build on Solaris Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Mar 6 10:45:16 CET 2011 on sn-devel-104
2011-02-16s3-build: move priv2ld proto to smbldap.h (in order to fix non-ldap builds).Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 16 15:20:14 CET 2011 on sn-devel-104
2011-02-16s3-ipasam: add IPA specific attributesSumit Bose1-0/+3
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16s3-ipasam: implement {get,set,del}_trusted_domainSumit Bose1-0/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16s3-passdb: Add minimal stub for IPA passdb backendSumit Bose1-0/+3
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20s3-build: only include smbldap.h where needed.Günther Deschner1-0/+37
Guenther
2010-09-08s3/ldap: use monotonic clock for timeouts in smbldapBjörn Jacke1-3/+3
tevent would need monotonic clock features to make also smbldap's idle handling aware of backward clock jumps. Other areas in smbldap are clock jump save now.
2010-08-05s3: avoid global include of ads.h.Günther Deschner1-0/+6
Guenther
2010-07-05s4:include/smbldap.h - introduce a placeholder for "LDAPMessage" if we don't ↵Matthias Dieter Wallnöfer1-0/+1
link against a LDAP library
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-1/+1
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-02-08s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches.Stefan Metzmacher1-0/+5
ldapsam_alias_memberships() does the same LDAP search twice, triggered via add_aliases() from create_local_nt_token(). This happens when no domain aliases are used. metze
2010-01-14s3:smbldap: add smbldap_talloc_first_attribute()Stefan Metzmacher1-0/+3
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit c992127f8a96c37940a6d298c7c6859c47f83d9b)
2009-05-31Fix some nonempty blank linesVolker Lendecke1-4/+4
2009-05-29Add smbldap_talloc_single_blob()Volker Lendecke1-0/+3
2009-05-28Add smbldap_pull_sidVolker Lendecke1-0/+2
2009-05-12Fix bug 6157Volker Lendecke1-0/+3
This patch picks the alphabetically smallest one of the multi-value attribute "uid". This fixes a regression against 3.0 and also becomes deterministic.
2009-04-06s3:smbldap Remove smbldap_get_dnAndrew Bartlett1-2/+1
This removes one more caller to pull_utf8_allocate() Signed-off-by: Günther Deschner <gd@samba.org>
2008-06-26Fix the non-LDAP, non-krb5 build, fix gcc -O3 warnings.Jeremy Allison1-0/+7
Jeremy. (This used to be commit 9e2ab30d3cf6950fc79152b2169e7aeae8d6a366)
2008-06-03Add ldap connection timeout for OpenLDAP and Netscape LDAP libs. This can be ↵Björn Jacke1-1/+2
controlled via the ldap connection timeout parameter. This fixes fallbacks to secondary LDAP servers in multi LDAP server setups like in #4544 (This used to be commit 8e59a2fedc940b081222b0e8f90fe0c5a0981c06)
2007-11-27Remove unused prototype for smbldap_get_single_pstring().Jeremy Allison1-2/+0
Don't use pstr_sprintf() on an fstring - change to talloc. Jeremy. (This used to be commit 6cae4b5fa1bcb848cb2a28daaafeefd6bcd08274)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-4/+4
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25092: Add support for storing trusted domain passwords in LDAP forMichael Adam1-0/+1
passdb backend = ldapsam. Along with reproducing the functionality of the secrets.tdb code, I have prepared the handling of the previous trust password (in case we are contacting a dc which does not yet know of a recent password change). This information has still to be propagated to the outside, but this requires a change of the api and also a change of the secrets.tdb code. Michael (This used to be commit 6c3c20e6c4a2b04de8111f2c79b431f0775c2a0f)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r21784: Replace smb_register_idle_event() with event_add_timed(). This fixes ↵Volker Lendecke1-1/+3
winbind who did not run the idle events to drop ldap connections. Volker (This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997)
2007-10-10r20215: Next step trying to fix the Solaris build.Volker Lendecke1-1/+1
I think "anonimous" is correctly spelled "anonymous". The Solaris compile is referring to this as "anonymous" in line 814 of smbldap.c. Simo, please check. Thanks, Volker (This used to be commit a77d8fa08e5a7c9c0c7c415ce3b7848b265b4b95)
2007-10-10r20116: Start merging in the work done to create the new idmap subsystem.Simo Sorce1-0/+4
Simo. (This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
2007-10-10r16122: As we use 'inetOrgPerson' as structural objectclass for new accounts forGünther Deschner1-0/+1
eDir, we already add 'sn' as required attribute on LDAP add operations. When we modify an entry, we need to request 'sn' as well in our attribute lists, so that we don't try to add it a second time. Guenther (This used to be commit e018ea3d1d70e68e6802843f88b3245dc09244c9)
2007-10-10r13460: by popular demand....Gerald Carter1-7/+2
* remove pdb_context data structure * set default group for DOMAIN_RID_GUEST user as RID 513 (just like Windows) * Allow RID 513 to resolve to always resolve to a name * Remove auto mapping of guest account primary group given the previous 2 changes (This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-3/+12
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-4/+9
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r9303: Clobber compiler warnings. Patch from Jason Mader ↵James Peach1-2/+24
<jason@ncac.gwu.edu> plus some extra function declarations. Bugzilla bug #2523. (This used to be commit 98d364459daa48aca3d239926cf40a0655e27e97)
2007-10-10r6351: This is quite a large and intrusive patch, but there are not many ↵Volker Lendecke1-0/+1
pieces that can be taken out of it, so I decided to commit this in one lump. It changes the passdb enumerating functions to use ldap paged results where possible. In particular the samr calls querydispinfo, enumdomusers and friends have undergone significant internal changes. I have tested this extensively with rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will follow later. The code is based on a first implementation by Günther Deschner, but has evolved quite a bit since then. Volker (This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
2007-10-10r5655: Added support for Novell NDS universal password. Code donated byJeremy Allison1-0/+25
Vince Brimhall <vbrimhall@novell.com> - slight tidyup by me to use Samba conventions. Vince - thanks a *lot* for this code - please test to make sure I haven't messed anything up. Jeremy. (This used to be commit 6f5ea963abe8e19d17a1803d4bedd9d87a317e58)