| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
better job of working with usrmgr. Previously we were blanking out entires,
and all sort of mischif.
The new patch (which I've now had a chance to test/modify) also takes care not
to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to store
\\server\user back) and to correctly notice 'not set' compared to 'null string'
etc.
Andrew Bartlett
(This used to be commit ab878b6cc4132594fc33f78aeebf0d8b7266c150)
|
|
pdb_ldap and adds a 'ldap passwd sync' option.
The idea with this option is to do allow an ldap backend to do all the fancy
password hashing etc - and to tell smbd no to try and double-up. Using 'ldap
passwd sync = only' will do this, but is not recommended unless such a backend
is in place...
Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd
sync = yes' and having both PAM and pam_ldap correctly configured for 'magic
root' behaviour, but only using ldap connection, and one set of credentials.
This also gets us closer to allowing ldap to say 'password too short' etc,
which might assist in maintaining a consistant password policy.
Andrew Bartlett
(This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
|
|
See mx-ldap.sf.net for his current progress.
(This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
|
|
if we ever want to get rid of the magic macros.
(This used to be commit 13f33e466ed31d35221157d6b3a1a05507157b66)
|
|
and domainname
- Allocate sam_methods, set domain_sid, domain_name and backend_name in make_sam_methods_backend_entry instead of in the backend
- Remove sam_context and domain_sid pointers from the sam_init_function - we don't need those arguments anymore since they're
available in sam_methods as well
(This used to be commit 50d2527eed0eb26c16f2f7e28badbf08d771380e)
|
|
Volker
(This used to be commit 8c41b5cd1b8b0c2639def9552bd20b8aca39785c)
|
|
Fix small bug in sam/interface.c
Make sam backend to default to a define
(This used to be commit 60ab55fedf03a0b505b0b73527e031124a46304e)
|
|
Jeremy.
(This used to be commit 91e41ebe97c143f413e2a5614b20f3db4642490f)
|
|
(This used to be commit aa52351384abace54a89c9fbfa5e4c31a8464c91)
|
|
Jeremy.
(This used to be commit 5881f0a22633ed9fb73e6cd788d0751c4db6cd32)
|
|
the DC being out of sync with the local machine.
(This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
|
|
--with-ads=no or ./configure --without-ads Samba will build without
linking to the various kerberos libraries.
(This used to be commit edb6172abf0f07fead8ed3aaaebe0411d757aa64)
|
|
Jeremy.
(This used to be commit 6425f169779ce65509b77cf6d5634de24894a965)
|
|
Jeremy.
(This used to be commit f956a4d29d0d88cd92fac0f0c9f636fc152afe0a)
|
|
still needs more work. Don't add --with-sendfile-support yet...
Jeremy.
(This used to be commit c6ece53ac2a7a6115ca1160cf02247d7cc0bbb95)
|
|
Added new SWAT Flags for Advanced and Developer modes.
(This used to be commit 0250e2c52c7d7aa25308b6c20b8e2a51184cb598)
|
|
(This used to be commit bd7245dc6fcff805fcb69f6bd1f4852dadf5aa84)
|
|
field.
(This used to be commit d153d692a0f8499e1d6dac791a4d119cd9c15e45)
|
|
Jeremy.
(This used to be commit 2d080d7579c0a59bcb03608600c6b28243bbe353)
|
|
and doesn't actually call sendfile. Needs to be vectored through the
VFS and tested on all supported platforms (Solaris/HPUX/FreeBSD/Linux).
Linux doesn't actually work (2.4.19 kernel) at the moment because it
doesn't have a 64-bit clean sendfile.
Jeremy.
(This used to be commit fd772ca7b16cd86e0d50c7ed8d537c202976a6d2)
|
|
pushing it onto the blocking queue.
Jeremy.
(This used to be commit 237e36124cedf0485deaff81f34688fa862c3317)
|
|
(This used to be commit b5227f0a645fdf2358fcb880f22e4662efdfe8e3)
|
|
Jeremy.
(This used to be commit af2168c0344d49041b1fe78cd5219ac50308deb3)
|
|
(This used to be commit 771878a2d94009b6eccef5f98d4e782cd85c291e)
|
|
The global winbind file descriptor can cause havoc in some situations -
particulary when it becomes 0, 1 or 2. This patch (based on some very nice
work by Hannes Schmidt <mail@schmidt-net.via.t-online.de>) starts to recitfy
the problem by ensuring that the close-on-exec flag is set, and that we move
above 3 in the file descriptor table.
I've also decided that the PAM module can close it's pipe handle on every
request - this isn't performance-critical code.
The next step is to do the same for nss_winbind. (But things like getent()
might get in our way there).
This also cleans up some function prototypes, puts them in just one place.
Andrew Bartlett
(This used to be commit 442eb39657b98f67cd229ed3110b63aae8bf4e3c)
|
|
#ifdef mess...) in readline.c, we don't need or use them in the rest of Samba.
(This OK was of course conditional on 'if you break it, you better fix it...')
Andrew Bartlett
(This used to be commit 55ee289f587f107fa03c5f889491fdaab101df2d)
|
|
SAM_ASSERT if we are not going to crash.
(This used to be commit f91fcb166107e45ffb3de95a3da65c79992341eb)
|
|
of my own changes.
In particular: I've added a SAM_ASSERT macro. This expands to either
SMB_ASSERT() (which should help us track down bugs) or a return of
NT_STATUS_CHECK_FAIL.
Metze's changes are mostly to bring the code into line with current discussions
on things like adding users/groups, flags etc.
I've adjusted a fair bit of the 'const' in the SAM stuff. Const is currently
used only for pointers, not for local variables or non-pointer paramters. The
benifits and reasons for extending this further need discussion on
samba-technical.
Also, some of the 'context' paramters should not be const, to allow backend
modules to do fancy caching etc in them.
Andrew Bartlett
(This used to be commit e13bc432628a6131be082caedc75cd8a3d206e5a)
|
|
(This used to be commit 601b56e04fddd9ddfb9be5b0a625d6d279df7f4c)
|
|
to extend the ADS_STATUS system to include NTSTATUS, and to provide a better
general infrustructure for his sam_ads work.
I've also added some extra failure mode DEBUG()s to parts of the code.
NOTE: The ADS_ERR_OK() macro is rather sensitive to braketing issues - without
the final set of brakets, the test is essentially inverted - causing some
intersting 'error = success' messages...
Andrew Bartlett
(This used to be commit 5b9a7ab901bc311f3ad08462a8a68d133c34a8b4)
|
|
syslog() since Paul Green's POSIX patch.
(This used to be commit d3b29b0b2d2ffd5c050900ff8cae441b91f95526)
|
|
in includes.h
Andrew Bartlett
(This used to be commit ed184ed1905b49956528b6835f48a69ba3c1a045)
|
|
applicable any more.
Jeremy.
(This used to be commit 8828e2ea3c668aab6cda1b4be9a7e4ce1c23ca81)
|
|
sending broadcast messages. Also initial cut-down of printing notify
messages (not yet finished).
Jeremy.
(This used to be commit aca333719695b278843c59e1c6eb07d6655fd59c)
|
|
pointers.
(This used to be commit e9b71b354d923b2cd0f028dd197e7ca81339ec3a)
|
|
(This used to be commit f435bf0095694a283db47e33c9eb1b5b6df13d03)
|
|
we now do this:
- look for suported SASL mechanisms on the LDAP server
- choose GSS-SPNEGO if possible
- within GSS-SPNEGO choose KRB5 if we can do a kinit
- otherwise use NTLMSSP
This change also means that we no longer rely on having a gssapi
library to do ADS.
todo:
- add TLS/SSL support over LDAP
- change to using LDAP/SSL for password change in ADS
(This used to be commit b04e91f660d3b26d23044075d4a7e707eb41462d)
|
|
- Rename user -> account
- Add sam_* functions (api.c)
- Several small fixes
(This used to be commit eafcc387045f4f265631a952297caf3f6db779d8)
|
|
Jeremy.
(This used to be commit df3e467eb7cce059782870bfec222293577c4f69)
|
|
(This used to be commit 6395c34f2f981d59b761d8615851a8fd54c1c304)
|
|
might be ugly, etc - please don't blame me for anything but instead try to fix
the code :-). Compiling of the new sam system can be enabled with the
configure option --with-sam
Removing passdb/passgrp.c as it's unused
fix typo in utils/testparm.c
(This used to be commit 4b7de5ee236c043e6169f137992baf09a95c6f2c)
|
|
(This used to be commit a760bca56a55b119cf399c5ac6f8b0db418be2e0)
|
|
Jeremy.
(This used to be commit 095e2bf9469a4c26814fb049f2870983c090ed81)
|
|
- SAM_DELTA_RENAME{USER,GROUP,ALIAS}
- SAM_DELTA_DELETE{USER,GROUP}
Renamed some of the unknown delta types and their unmarshalling functions:
- SAM_DELTA_TRUST_DOMS
- SAM_DELTA_SECRET_INFO
(This used to be commit 1f29276c2ff450c4ca3705c27fb0be71ddcda4ad)
|
|
(This used to be commit 78cfbebc69fb15326d8f6dbbce1090c301a1f270)
|
|
(This used to be commit 9b49d97b94a7e3842cdcbfa4ebfa961586857aea)
|
|
J.F.
(This used to be commit 2f68d6f5ec925f07a387f784db6de0cfbaa53278)
|
|
(This used to be commit addf29e6765393b25c35bd833d29e29e4581c233)
|
|
(Wrapping to zero does not create problems in this cache)
Andrew Bartlett
(This used to be commit c58e3d5c7d78dd02584b1490a27f7007e11b8712)
|
|
Jeremy.
(This used to be commit e53a81261ed189881c0f07e1b46f97aa6770cab7)
|
