Age | Commit message (Collapse) | Author | Files | Lines |
|
logon hours attributes in an LDAP database.
Jeremy.
(This used to be commit dac72638fb3a05e805136698e0ad0612620ac8af)
|
|
Guenther
(This used to be commit 153c813464eb54a06bf01146a0eb3d2c908f76bc)
|
|
consists of a 16 byte salt, followed by the 16 byte MD5 hash of
the concatination of the salt plus the NThash of the historical
password. Allows these to be exposed in LDAP without security issues.
Jeremy.
(This used to be commit 82e4036aaa2d283534a5bd8149857320fcf0d0dc)
|
|
coding have passed, but I could not find a way to get the OpenLDAP libraries
to reliably time out on any of the queries we make, *and* get correct error
returns. No, async calls and ldap_result does NOT work, or I was simply too
stupid to correctly interpret the OpenLDAP manpage and source.
We can not allow to hang indefinitely in an ldap query, especially not for
winbindd. "ldap timeout" now specifies the overall timeout for the complete
operation, that's why I increased that to 15 seconds.
Volker
(This used to be commit 269f0750872e5f8757e0a9667e007a0410319fcd)
|
|
(This used to be commit 430cf63b9148441bce42bfb15a8045de5da108f4)
|
|
compiler errors on IRIX
(This used to be commit b47971174da9ef882e7941e53033e23c679db9a2)
|
|
my (C) to a header file that was at least 50% mine :-).
Jeremy.
(This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)
|
|
"Jianliang Lu" <j.lu@tiesse.com>. Multi-string attribute changed to
linearised pstring due to ordering issues. A few other changes to
fix race conditions. I will add the tdb backend code next. This code
compiles but has not yet been tested with password history policy
set to greater than zero. Targeted for 3.0.6.
Jeremy.
(This used to be commit dd54b2a3c45e202e504ad69d170eb798da4e6fc9)
|
|
(This used to be commit 659ddcc4434afc302ebd3d48aca6b4ef68468eb2)
|
|
sleep time is not more than 5 seconds. Should fix issue
reported by Chris Garrigues <cwg@deepeddy.com>.
Jeremy.
(This used to be commit fbc06831d3a7e8645409158ee1ae1f9f192913a7)
|
|
add a timeout to the ldap open calls. New parameter, ldap timeout
added.
Jeremy.
(This used to be commit e5b3094c4cc75eb07f667dd1aeb73921ed7366ac)
|
|
(This used to be commit 3af4348fafd4c71513dfc50a86ef17b08a98caaf)
|
|
haven't broken krb5 ticket verification in the mainline code path,
also need to check with valgrind. Everything now compiles (MIT, need
to also check Heimdal) and the "net keytab" utility code will follow.
Jeremy.
(This used to be commit f0f2e28958cb9abfed216c71f291f19ea346d630)
|
|
Jeremy.
(This used to be commit 7067e274dc208a4ba6677dc19bd224cf03213ed8)
|
|
Jeremy.
(This used to be commit af5a08f5ad895cb33c9134771da19ba5e709e742)
|
|
then is the client supports it (current clients supported are Samba and
CIFSVFS - detected by the negprot strings "Samba", "POSIX 2" and a bare
"NT LM 0.12" string) then the setting of the per packet flag smb_flag
FLAG_CASELESS_PATHNAMES is taken into account per packet. This allows
the linux CIFS client to use Samba in a case sensitive manner.
Additional command in smbclient "case_sensitive", toggles the
flag in subsequent packets.
Docs to follow.
Jeremy.
(This used to be commit cf84c0fe1a061acc0313f7db124b8f947cdf623d)
|
|
Andrew Bartlett
(This used to be commit 61768f4cb3a268ce30911b15b30f82de36716b5f)
|
|
when linking against an app that does have vsnprintf() (bug #478)
(This used to be commit 9f1c978088321b09dea96c54026ebdfaaf770641)
|
|
fix. I'm
still doing more testing, but it fixes a behaviour that we've been wrong
on ever since the start of Samba.
Jeremy.
(This used to be commit 894cc6d16296b934c112786eec896846156aee5d)
|
|
for setting up an schannel connection. This solves the problem
of a Samba DC running winbind, trusting a native mode AD domain,
and needing to enumerate AD users via wbinfo -u.
(This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
|
|
Volker
(This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
|
|
update process and allow printers to have different sharenames from printernames
(This used to be commit 066b9c4276a968788a03709a00d4f672ac032df7)
|
|
support 128 bit encryption
(This used to be commit 316ba5ad89ddfa445d44d28141c5901fc64aec90)
|
|
to anywhere on the server filesystem so long as widelinks
is set to true.... :-).
Jeremy.
(This used to be commit ba9809fcd493a53b33c3a24c9f91b0c1d9bd9726)
|
|
share. Store external paths prefixed with smbln:.
Jeremy.
(This used to be commit 14a9997b2eb394174ccb36d2a10a755279740cba)
|
|
clean up the format of the file a bit.
(This used to be commit 63c846fa1da7be563a3df8fff001324268887c1d)
|
|
to connection struct entries (as they should have been from
the start). Jerry, once you've cut over to 3.0.4 release
branch I'll add this to 3.0 also.
- Jerry cut over :-).
Jeremy.
(This used to be commit 578a508509d21226ad3332fc54c3ab54cd8ae452)
|
|
Jeremy.
(This used to be commit b9e79004a4c1e4a472f0627d2c33c966af22ccd2)
|
|
Jeremy.
(This used to be commit a9d1738ebab42ab9bab73f18341d79e086e290b3)
|
|
(This used to be commit b7703799f8899affda205eacb0bf79cf8e2b9362)
|
|
because someone changed it in all other places too
- fix quotas support from windows explorer
we now got the unix file name of a fake_file
metze
(This used to be commit 87e97d7723674e3835578ef080ce554d9c5537ac)
|
|
Implement vfs_full_audit.c that can log every vfs.h operation. So if you
change vfs.h, from now on you also have to change full_audit :-)
Volker
(This used to be commit 9cb9c5f7c97fe8f76735a77b321c9500d28b55b2)
|
|
(This used to be commit bf9f02be5fc1d09c8c08c78c3f2df23b2099ba4f)
|
|
/etc/cups/cupsd.conf -- documentation to follow
(This used to be commit 2f323b0991c37022fb59ef8c69454eff03296662)
|
|
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
|
|
per share basis
(This used to be commit 14d3794eecd848d3d75e2b8e71cf8b4d0792b0c9)
|
|
UNIX info levels, and the short case preserve names. Tested
with NT - needs more testing. Will work on this more on Monday.
Jeremy.
(This used to be commit 88a9bca9aade3ee0ce9713857becfe0a13bbfd07)
|
|
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
|
|
We use cli_state.smb_rw_error to pass this specific case into cli_close_connection()
from smbmount as smb_rw_error can have only selected number of states and
it is ignored in cli_close_connection().
Compiled and tested by Lars Mueller from SuSE on x86, x86_64, ppc, ppc64, s390 and
s390x.
(This used to be commit 738666ce0a310fae14476020fd6dac027b0e3ec5)
|
|
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
(This used to be commit 724e8d3f33719543146280062435c69a835c491e)
|
|
cache entry time comparisons in password lockout. Fixes problems where
pdb_ldap tries to delete the operational attribute modifyTimestamp when
deleting a user account.
(This used to be commit 5ebcb9081e435d54c39d4d3a1ef1d7b651ccb53f)
|
|
* updateing WHATSNEW with vl's change
(This used to be commit a7e2730ec4389e0c249886a8bfe1ee14c5abac41)
|
|
For a (very) long time, we have had a bug in Samba were an NTLMv2-only
PDC would fail, because it converted the password into NTLM format for
checking.
This patch performs the direct comparison required for interactive
logons to function in this situation. It also removes the 'auth flags', which
simply where not ever used.
Natrually, this plays with the size of structures, so rebuild, rebuild
rebuild...
Andrew Bartlett
(This used to be commit 9598593bcf2d877b1d08cd6a7323ee0bc160d4ba)
|
|
dos attributes in an EA. Based on an original patch from tridge, but
modified somewhat to cover all cases.
Jeremy.
(This used to be commit ed653cd468213e0be901bc654aa3748ce5837947)
|
|
a DC it trusts.
Volker
(This used to be commit ae6840320ff47827c2817549fe3133a57e3fe77f)
|
|
New protocol option "ea support" to turn them on (off by default). Conrad
at Apple may like this as it allows MacOS resource forks to be stored on
a file. Passes valgrind. Documentation to follow.
Jeremy.
(This used to be commit 8cc10a6c0550c017a62e8a3790afd2172d173e00)
|
|
ago.
This patch re-adds support for 'optional' SMB signing. It also ensures that
we are much more careful about when we enable signing, particularly with
on-the-fly smb.conf reloads.
The client code will now attempt to use smb signing by default, and disable
it if the server doesn't correctly support it.
Andrew Bartlett
(This used to be commit e27b5cbe75d89ec839dafd52dd33101885a4c263)
|
|
Now for parsing out the retrieved EA's.
Jeremy.
(This used to be commit 5eeeee302cec2cc1f6c130ed44be9df028f73cde)
|
|
* force the PRINTER_ATTRIBUTE_LOCAL (nor PRINTER_ATTRIBUTE_NETWORK)
* ensure that we return the sec_desc in smb_io_printer_info_2
(allows prnui.dll to restore security descriptors from a data file).
(This used to be commit c335cb80d2e4c687279b7a6038a97518770ccae9)
|
|
Winbind tickets expired. We now check the expiration time, and acquire
new tickets. We couln't rely on renewing them, because if we didn't get
a request before they expired, we wouldn't have renewed them. Also, there
is a one-week limit in MS on renewal life, so new tickets would have been
needed after a week anyway. Default is 10 hours, so we should only be
acquiring them that often, unless the configuration on the DC is changed (and
the minimum is 1 hour).
(This used to be commit c2436c433afaab4006554a86307f76b6689d6929)
|