Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 5e2571f424a40df4d67fe279517a9b21184b78e1)
|
|
to using SIDs instead of RIDs.
The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument.
The idea here is to prevent mistakes where the SID is implict, but isn't
the same one that we have in the struct.
Andrew Bartlett
(This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
|
|
(This used to be commit aff65bf6c9f339ae1d3122d12114005c017b9b5d)
|
|
O'Connor(billy@oconnoronline.net)
(This used to be commit 88718883e031a3249152861300432dfc895ac587)
|
|
Jeremy.
(This used to be commit 64af68924b8fc36caac3f978dc0f9deccc41e059)
|
|
the (now static) global_sam_sid.
The only place it was being used was to return global_sid_NULL to some
uid->sid functions - and I'm not convinced this is correct in any case.
Andrew Bartlett
(This used to be commit e2a76a7fc94dd59c09bba3cda91446fad9f8c0e0)
|
|
initialising function. This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>
This is partly to enable the transition to SIDs in the the passdb.
Andrew Bartlett
(This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
|
|
(This used to be commit 39c3f245f5e5d5e7532f9097683e6af3190dc872)
|
|
(This used to be commit e80e6637064a39635faba5311f774a90b1d5ab43)
|
|
they're only used there.
Added a PRINTER_NOTIFY_VERSION constant.
(This used to be commit 9d3933a59219388c209d8be4ae6decfa337d229f)
|
|
(This used to be commit 18854bcd2df88ab49c263c86d111a50d83411885)
|
|
functions
(This used to be commit 1cf3228fdc20f0314d1f8e71ad710a5e548b3f72)
|
|
(This used to be commit 4b18a94590a25882f06f88c3c7dd1a08bf990044)
|
|
client state to implement smb signing - this is a test at present.
Jeremy.
(This used to be commit a234e303558a25c4ea26b7f6788006e4fee651bf)
|
|
(This used to be commit ea55d470e485a0448428c60a12fbb4a42c6b2019)
|
|
of files. This was done to better enable net rpc file. Perhaps we can start
giving back real info this way, too.
(This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
|
|
(This used to be commit 8fc3dba8bd99c55bef9ac137976dd35134a49342)
|
|
(This used to be commit 742413b2846af44ac43830f488c15c5c11c1cb27)
|
|
(This used to be commit ca61f68d5ca8791bea34732bd358cfb63273fc5c)
|
|
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions.
srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one.
(This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
|
|
The problem was the NTLMv2 uses extra data in order to make reply/lookup
more difficult. That extra data includes the hostname, and the domain.
This matches Win2k (sort of) by sending this information.
Win2k connects with LMCompatibilityLevel=5 without a problem.
We can change the negotiation bits if we want, this should allow us to make
NTLMv2 the default for other clients as well.
Some of the extra #defines were found in the squid source.
Andrew Bartlett
(This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
|
|
that the passdb code now uses. Similarly, move the 'pluggable' stuff
over from passdb as well, allowing runtime loading of new authenticaion
modules.
(NOTE: The interfaces here can *and do* change - module writers are
not assured source-level compatibilty, and certainly not binary
compatibility).
(This used to be commit 3897cf5e048f50be91ae434f636affc6d539d0d1)
|
|
(This used to be commit 18c6db6a0014fd23383361485ec03eb871a85faa)
|
|
(This used to be commit 5512618d3493a04c84a43beaa752c307bce146fc)
|
|
(This used to be commit efb119fb88a511e026239773422242fff636ae13)
|
|
this is a first step only passdb stuff has beein "classized".
- so what can you do?
set debug level to: 1 poasdb:10
that will make all the code run at debug level 1 except the code in
passdb/* files that will run at level 10
TODO: fix the man page
- also smbcontrol has this nice feature so smbcontrol smbd debug 3 passdb:5
will set every smbd to have a default log level of 3 while passdb stuff
will be at level 5
and so no..
minor cosmetic fix to pdbedit is there too
(This used to be commit be5c3b3f5781ddc002ffcc98df04ab024dcef4ca)
|
|
The idea is that pdb_add_sam_account() should have a non-const SAM_ACCOUNT,
and update some of the the properties generated during the add.
Andrew Bartlett
(This used to be commit b014d9ae4bc38d83d474888b73d350a62704341f)
|
|
(This used to be commit bf82ac14c826a765b33d368e4cb62c7fb3cd3c4f)
|
|
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
|
|
(This used to be commit 173aac4a810782dddc85494c328a6917cb3fe0c2)
|
|
I think we may still need to look at our server enumeration code, but
other than that, its much better in the tree than out.
Andrew Bartlett
(This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
|
|
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
|
|
when assigning on va_list to another, or when passing a va_list as an
argument to a function. Not using it causes segv's and other unpredictable
results.
We need to check all over the place for this...
(This used to be commit 331132678c2e25e5f220de34968f6b16f4fbbc97)
|
|
Do it bit-by-bit to ensure that no breakage creeps in.
(This used to be commit bccbf3569801e8f16aed897c9d04c3f7e1430641)
|
|
Jeremy.
(This used to be commit 41cec26ee36458c2f6fdf768d25a83031e4d5bbb)
|
|
<Michael.Gerdts@alcatel.com>. The struct passwd in Solaris contains some
extra fields which must be initialised otherwise nscd crashes.
(This used to be commit a67323d07177ebc8e46dc14476efaf7e95944504)
|
|
free printer msg id.
Jeremy.
(This used to be commit 64c819b71e6b8831106847153fbbc3123602b397)
|
|
Jeremy
(This used to be commit 32fa089adead6ff3279172fd36560f4f9e2aeef0)
|
|
(This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6)
|
|
(This used to be commit 6aa31435388fdd1569884479e7e0b80714658fb6)
|
|
(This used to be commit aaa996355287fcd86873697f51a069ccb5a908b9)
|
|
is detected.
(This used to be commit 0377448b8c3e2bd8d5bc9f49a585292dc5c5b5a1)
|
|
(This used to be commit 38fd99e84176106ed700f637e9292d2a4c1385b4)
|
|
(This used to be commit 0827bd4184256a87d6cf6c58bc314309503da7be)
|
|
(This used to be commit 2dde9f711979c04cd02107447395a55307f7a30a)
|
|
Jeremy.
(This used to be commit 3853234c2649c501e9876f940f802be86cb6383d)
|
|
(This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a)
|
|
(This used to be commit 66d6d4810ab7b0a1bf2039c387938aad69e01569)
|
|
(This used to be commit 78ead781261d397ace22640e3820d0f4fe17722c)
|
|
(This used to be commit bac0093a9713416b1679d1bc167b70f02b06ef78)
|