summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2001-12-19- added initial support for trusted domains in winbindd_adsAndrew Tridgell1-0/+11
- gss error code patch from a.bokovoy@sam-solutions.net - better sid dumping in ads_dump - fixed help in wbinfo (This used to be commit ee1c3e1f044b4ef62169ad74c5cac40eef81bfda)
2001-12-19Make TALLOC_CTX and talloc_chunk private to talloc.c.Martin Pool1-16/+1
Add a global singly-linked list of all active talloc pools, so that we can eventually show how much memory is used for different purposes. This also gives a check that pools are not being doubly freed. talloc_init_named now handle a NULL name properly (ie does nothing) Add accessor talloc_pool_name(). (This used to be commit 4c6c03c8c7c18762dd9ef1a1bd88350b8960542f)
2001-12-19DocMartin Pool1-1/+9
(This used to be commit 7da982e9268be7eb93fe7d6ad7da5b33ce44181c)
2001-12-19Put PRINTF_ATTRIBUTE on talloc_init_named, talloc_asprintf,Martin Pool1-0/+8
talloc_vasprintf. (This used to be commit e6be48671d520f952be0b6dc0848569d0d834179)
2001-12-19Doc.Martin Pool1-1/+3
(This used to be commit 5b6c22a209a26cb9adbf6d7733d396038c729633)
2001-12-19Start adding some debugging features to talloc based on Samba'sMartin Pool1-0/+10
ancient mem_man.c: Each TALLOC_CTX now has a field to store its purpose, to aid in tracking down memory bloat. A new call talloc_init_named() should be used instead of talloc_init() so that this is set. Added talloc_vasprintf to be called by varargs functions. (This used to be commit 25b97a743573b8c5e0ac886e4bfab581c11b3714)
2001-12-19added info level 1 to samr_query_alias()Jean-François Micouleau1-0/+11
(This used to be commit 589aa4fe226ee5bdae0a244631193714b0b556ac)
2001-12-17there is no unknown field in LSA_SEC_QOSJean-François Micouleau1-1/+0
some cleanup of the lsa_open_policy and lsa_open_policy2 parser. the length fields are not correct but that's what NT send. We don't anymore underflow or overflow the decoding. added the domain admins group to the default SD. we are now checking the desired access flag in the lsa_open_policy_X() calls and in most functions also. J.F. (This used to be commit a217c4e4ff4d13122703d22258792fe5e8e9f02f)
2001-12-17Added some constants for registry data types.Tim Potter1-4/+14
(This used to be commit 6b20d863b75b2b27d8dd8683cc3dc4486b18ceff)
2001-12-15Added HPUX ACL code.Jeremy Allison2-0/+42
Jeremy. (This used to be commit 6d03184f8c039ad81de47b5f3bde7dac5b2815ad)
2001-12-14Added the group enum code from 2.2Jeremy Allison1-6/+18
Jeremy. (This used to be commit 59e01a22c5cb1046758c8cd6b09333c19d6cd26e)
2001-12-14add lsa_query_secobj server code. level 4 is the ACL, level 1 is theJean-François Micouleau1-16/+47
owner. that's basic stuff. got the POLICY_ define from TNG but they are also in an include file in the NT SDK. J.F. (This used to be commit 84289a9bf42847981926e198ad36c050904fa9ed)
2001-12-14Updated Solaris link options from DaveCB.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 064a3e0fc406d5ab408da0fbfbf68c89ce8defdd)
2001-12-14Rafal (mimir) patch for trusts r.Jean-François Micouleau1-0/+1
(This used to be commit c26623671e2b0b2e80c6d6383a99880c4f439f04)
2001-12-13update the ldap support code. it compiles.Jean-François Micouleau1-0/+7
Ignacio you can update your howto ;-) samsync: a small patch to try chaning challenges. J.F. (This used to be commit c99bc305599698f2291efbfe20024355cb2bcde0)
2001-12-12allow IRIX to build nsswitch/libnss_wins.soHerb Lewis1-0/+3
(This used to be commit 564bfd77287b3006c7246065990ca9b91f79826a)
2001-12-12decoded SAM_DELTA 0x0e and 0x12.Jean-François Micouleau1-0/+59
One is an entry for the trusted domains The other is an entry for the trusting domains They are pretty basic, I'll improve them. J.F. (This used to be commit 8d359e62138aa327cb00875dc446234ce4be6f02)
2001-12-12a ugly decoder for SAM_DELTA_DOM_INFO (0x0d)Jean-François Micouleau1-3/+88
a correct decoder for SAM_PRIVS_INFO (0x10) this code is totally useless right now, it's just fun to decode those and will save tpot some time. J.F. (This used to be commit 314b675ed9ebacba9db25938c43cfa304462ebe2)
2001-12-10added info level 3 to samrgetgroupinfo. I don't know what the value is.Jean-François Micouleau1-3/+8
It's just to keep usermanager happy ;-) clean up a bit samr_query_aliasinfo to return the group description added: samr_del_aliasmem, samr_del_groupmem and samr_del_domuser with the correct scripts, you can now entirely manage the users from usermanager ! Closer to full PDC every day ;-) J.F. (This used to be commit 0a727afc669704cda9b44d44dbac9e989e906ae3)
2001-12-10Added client and server code for the GetPrintProcessorDirectory SPOOLSSTim Potter1-2/+25
rpc. This was supposed to fix a printer driver download bug but it didn't but it seemed a shame to trash all this code so I'm commiting it #ifdef'ed out in case someone needs it one day. (This used to be commit bef43656471741c6c10b12e7516c15de9ae76394)
2001-12-08check for gssapi_generic.hAndrew Tridgell2-0/+8
(This used to be commit 838fbac7a086ff82498c3f0ba95b714123a7428c)
2001-12-08added internal sasl/gssapi code. This means we are no longer dependent on ↵Andrew Tridgell3-7/+9
cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm (This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
2001-12-06allow a MAX_DEBUG_LEVEL setting in local.h (or the Makefile)Andrew Tridgell2-6/+21
This allows embedded systems to compile out the higher debug levels. It should gain speed as well as reducing the code size. Setting it to 1 saves about 300k of code on my system. (This used to be commit f34cac3b312f273a2363919655ddd1e25cb91305)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-0/+6
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05added a REALLY gross hack into kerberos_kinit_password so thatAndrew Tridgell1-0/+1
winbindd can do a kinit this will be removed once we have code that gets a tgt and puts it in a place where cyrus-sasl can see it (This used to be commit 7d94f1b7365215a020d3678d03d820a7d086174f)
2001-12-05added timeouts and retries to ldap operationsAndrew Tridgell1-0/+7
(This used to be commit 4f004eb54d66b6f811cb2f4791da6c70d77f87c2)
2001-12-04added a boolean to the group mapping functions to specify if we need orJean-François Micouleau1-0/+3
not the privileges. Usually we don't need them, so the memory is free early. lib/util_sid.c: added some helper functions to check an SID. passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass an RID all the way. If the group doesn't exist on the domain SID, don't return a faked one as it can collide with a builtin one. Some rpc structures have been badly designed, they return only rids and force the client to do subsequent lsa_lookup_sid() on the domain sid and the builtin sid ! rpc_server/srv_util.c: wrote a new version of get_domain_user_groups(). Only the samr code uses it atm. It uses the group mapping code instead of a bloody hard coded crap. The netlogon code will use it too, but I have to do some test first. J.F. (This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
2001-12-03added a tdb to store the account policy informations.Jean-François Micouleau2-4/+15
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
2001-12-03added another ATYPE_Andrew Tridgell1-1/+2
(This used to be commit 514bc61daa3f6d11dadac1baed5a5bf61313b1f9)
2001-12-03added a basic ADS backend to winbind. More work needed, but atAndrew Tridgell1-0/+3
least basic operations work (This used to be commit 88241cab983b2c7db7d477c6c4654694a7a56cd3)
2001-12-03Writing decimal constants as "02" has been shown to cause cancer inMartin Pool1-3/+3
rats. (This used to be commit 142d3dad0ab6870acb0d46d1f189d5e2e1f71b17)
2001-12-01The beginnings of alternative backends for winbinddAndrew Tridgell1-1/+1
This just splits off the dispinfo call behind a methods structure. I'll split off a few more functions soon, then we will be ready for LDAP replacement methods (This used to be commit 0216b0fca115c903ec31ed21427a83c62077dc95)
2001-11-30XFS quota patch for Linux.Jeremy Allison1-1/+4
Jeremy. (This used to be commit ce099faf6ce07e14bd9610960bd09f56c5bee864)
2001-11-30Renamed sid field in SEC_ACE to trustee to be more in line with MS'sTim Potter1-1/+1
definitions. (This used to be commit 9712d3f15a47155f558d0034ef71fd06afb11301)
2001-11-30Comment deconfusification.Tim Potter1-1/+1
(This used to be commit b5fac3a56d917b13fedc0ace3ea56ae82f51ccdd)
2001-11-29Changed again how the privilege list is handled in the group mapping code.Jean-François Micouleau2-1/+51
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
2001-11-28merge from APPLIANCE_HEADGerald Carter1-0/+2
(This used to be commit c60aa6c06f376684b6d6d9a2c14305ca9f4657ef)
2001-11-28added samr_set_domain_info and samr_unknown_2E.Jean-François Micouleau1-30/+27
We now get the full account policy window in usermanager, and the framework to store all those values. I plan to add a TDB file to store them. oh, and found that the last value in a sam_unknown_info_12_inf struct is an uint16 and not a uint32. andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it to a value setable in usermanager. J.F. (This used to be commit 99471d25693f6672d433b90a060378f6faad867f)
2001-11-27added test for krb5.hAndrew Tridgell2-1/+11
this was causing the kerberos stuff to fail compilation on several platforms (This used to be commit 17e2f3897374c76dd66b21fdcd93c3a04671f4ce)
2001-11-27Added PRINTER_ALREADY_EXISTS error check from Gerry.Jeremy Allison1-0/+2
Jeremy (This used to be commit c7f1d3d6f776da8619f1221d38619d084ffb990b)
2001-11-27sigh.Andrew Tridgell1-2/+2
some systems have libkrb5 but not krb5.h (This used to be commit 4b89fdecfcf384e7434470a9dcc963f9d96498d1)
2001-11-27prevent a memory leak of cli structuresAndrew Tridgell1-0/+4
(This used to be commit 911c57403bd116405876e73913ad73efd15f659b)
2001-11-26challange -> challengeTim Potter1-3/+3
(This used to be commit d6318add27f6bca5be00cbedf2226b642341297a)
2001-11-25Fixed compiler warning.Tim Potter1-1/+1
Why do people keep adding stuff to includes.h (OK I am guilty of this too)? It's getting really huge and full of random junk. )-: I've noticed TNG have started to split stuff up in to individual header files included as needed. (This used to be commit 36630f3984cb2bc4e60d910889e0396891cbc088)
2001-11-25added 'security=ADS'Andrew Tridgell1-1/+1
(This used to be commit 5a735a88e472a48cd4329832998dc31c1e230ecb)
2001-11-25added HAVE_LDAP_H checkAndrew Tridgell1-2/+2
(This used to be commit a1304be045d9cfd7bb793bb55ff49e158440a90e)
2001-11-25check for liblber separatelyAndrew Tridgell1-0/+1
(This used to be commit d7216424d94ee89e1760596c8f87d1883f369771)
2001-11-25oops, I forgot to include the header fileAndrew Bartlett1-0/+2
(This used to be commit c28956d8601c103c3f8dab4253de80e6a00a02d7)
2001-11-24added "net join" commandAndrew Tridgell2-0/+13
this completes the first stage of the smbd ADS support (This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-6/+48
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)