Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 4d91f9501cd041ee42410eeace6a9acd9cc57d1c)
|
|
(This used to be commit 612ec4de75ad06f2b12176439f96f8e5662a7d77)
|
|
build farm
reacts :-)
Volker
(This used to be commit 9f99d04a54588cd9d1a1ab163ebb304437f932f7)
|
|
(This used to be commit b9d1a659109daeeb625f3e6caf7ec706ccdde230)
|
|
Jeremy.
(This used to be commit 3804c4ca3914788e3d3780817ef016421418e11f)
|
|
(This used to be commit 53f15a0881de489e809bb58217ecabccd6d77e2c)
|
|
Guenther
(This used to be commit 0705fed566efdeab05d605dd239afe67ca5e9811)
|
|
Fix that, and also add in comments for all possible CL and CO PDU
types. Make sure we process them correctly.
Jeremy.
(This used to be commit 672113a627aa9060795871bc2ea3a02e696d7d7d)
|
|
search enumeration, fixed count of groups and users to return
zero if we're getting domain info on the builtin domain (need
to fix the enumgroup and enumuser calls also). Added count_sam_aliases
to return the correct alias count. Need to push the SID arg
down into the group mapping interface so we only return the
correct aliases. Upped passdb version numer for Volkers
changes. SAM-MYSQL guys - you will need to fix your backend
now. More tests needed.
Jeremy.
(This used to be commit b53d5cd565b05b0595979efba6176d0cafc8cb03)
|
|
samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
the pdb module. Remove the latter, this might happen more often.
Volker
(This used to be commit 57f0cf8cdd6928f4759036e5dd53d41736aa910d)
|
|
against the Sun LDAP client libs. But not for AD support; just ldap support
(This used to be commit a33e78acedb37df47905d326411e017794721250)
|
|
Can anyone remember why we initialize groups only with 0x03 instead of 0x07 ?
Guenther
(This used to be commit 3282c7c458d390547fbaca44821eff376e8f9aaa)
|
|
Guenther
(This used to be commit c54430a7b5e40d3bdf8afdc813eb722c0a3b861e)
|
|
Guenther
(This used to be commit a8bc4bc902075cfd009dc92674c4560a44a74277)
|
|
client behaviour (ie.:
open pipe/open SAMR handle/enumerate 0 - 1024
close SAMR handle, close pipe.
open pipe/open SAMR handle/enumerate 1024 - 2048...
close SAMR handle, close pipe.
And on ad-nausium. Amazing.... probably object-oriented
client side programming in action yet again.
This change should *massively* improve performance when
enumerating users from an LDAP database.
Jeremy.
(This used to be commit 8ce705d9cc1b6a79d710a10ff38f72a0f1006dda)
|
|
if changing to support samr_connect5 might help so quickly coded
it up. No it doesn't :-(. Don't merge this for 3.0.21 please.
Jeremy.
(This used to be commit bff1df678a8948d382f4555e83a1df23146a4b12)
|
|
This feature got broken in some of the other updates.
Now each open handle stores an pointer to an open tdb
data structure (not the tdb pointer itself).
Clearing can be done with a simple elog_close_tdb( elog, True )
to force a close and then calling elog_open_tdb( logname, True )
to force an tdb truncate. Permissions on existing tdbs are
maintained which is important.
* We don't currently handle backup. Haven't looked at the
format of a backuped up eventlog to know what the deal is.
(This used to be commit 2df34c9403446d12f1ceeac38cbda5d3ba805b02)
|
|
any code that includes libsmbclient.h that also calls the
system close() fn. Doh ! Thanks to John Terpstra for
reporting this.
Jeremy.
(This used to be commit 6e1cb7047aae80523a53d5552a4f704cd6e62997)
|
|
you the IP
address but also the fqdn of the remote dc and site info.
Volker
(This used to be commit 62d01ce7e6c14971084c208ab61f379cb172cb22)
|
|
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes
the auth module interface to 2 (from 1). The effect of this is
that clients can access resources as a machine account if they
set these flags. This is the same as Windows (think of a VPN
where the vpn client authenticates itself to a VPN server
using machine account credentials - the vpn server checks
that the machine password was valid by performing a machine
account check with the PDC in the same was as it would a
user account check. I may add in a restriction (parameter)
to allow this behaviour to be turned off (as it was previously).
That may be on by default.
Andrew Bartlett please review this change carefully.
Jeremy.
(This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
|
|
to be set in local.h. Change from the default (131) to
another prime (1049). Should this be an smb.conf tunable parameter
based on the number of open file descriptors available ?
If so what scaling factor ? More tests to follow.
Jeremy.
(This used to be commit 6a902ec49ffea5d0ca0308d5ff51584cece41043)
|
|
(This used to be commit f5f40633bc3f641a0fef4934375d0d829899b0d7)
|
|
with Sun compiler)
(This used to be commit dd28582efbacd02c4134298be000cd2338c822ad)
|
|
This avoids that each time a full-group-dump is requested from ADS; the
bitwise match allows to only query those groups we are interested in.
The ADS LDAP server changed to RFC compliant behaviour when decoding the ldap
filter with extensible match in the latest SPs (fixes). From the patch:
/* Workaround ADS LDAP bug present in MS W2K3 SP0 and W2K SP4 w/o
* rollup-fixes:
*
* According to Section 5.1(4) of RFC 2251 if a value of a type is it's
* default value, it MUST be absent. In case of extensible matching the
* "dnattr" boolean defaults to FALSE and so it must be only be present
* when set to TRUE.
*
* When it is set to FALSE and the OpenLDAP lib (correctly) encodes a
* filter using bitwise matching rule then a buggy AD fails to decode
* the extensible match. As a workaround set it to TRUE and thereby add
* the dnAttributes "dn" field to cope with those older AD versions.
* It should not harm and won't put any additional load on the AD since
* none of the dn components have a bitmask-attribute.
*
* Thanks to Ralf Haferkamp for input and testing */
Guenther
(This used to be commit db38ed6be607d08515920d46fb8a12f8cb4ddd6e)
|
|
Jeremy.
(This used to be commit af8545806770a7530eecc184bdd230ca14999884)
|
|
Guenther
(This used to be commit 908ac0c9eccd1ba368a6305fee9673770fc74a53)
|
|
This does 2 things.
1). Makes dfree command a per-share parameter (it should be anyway IMHO).
2). Adds a "dfree cache time" parameter in seconds that specifies how long a
dfree command output should be cached for. Default is zero (no caching).
Jeremy.
(This used to be commit 49ef8b88a3e12883148eb28d8e86fb07dbc3d12d)
|
|
x86_64 box.
Jeremy.
(This used to be commit d720867a788c735e56d53d63265255830ec21208)
|
|
rewrite. His comments:
I've gotten the libmsrpc code to work with TRUNK.
I've put the patch at:
www.uoguelph.ca/~cnicholl/libmsrpc_trunk_v1.patch.gz
It is from revision 11093.
I also fixed a minor bug in the svcctl code, the timeout
parameter for all the control functions was working
in milliseconds instead of seconds.
Also fixed bug in Makefile when building libmsrpc.a
(This used to be commit d3a52900ec223316779e59a13cea87ecb500bccc)
|
|
(This used to be commit 1aeb7950d36b8faee529cb6dcd36c05809cfe1d0)
|
|
(This used to be commit 1bcf7e82ede63a851a244162a3b939373787b693)
|
|
added new parameter : map readonly = [yes|no|permissions]
If yes: map inverse of user "w" bit to mean readonly.
If no: never set DOS readonly bit.
If permissions: check file permissions for user and set readonly
bit if the current user cannot write.
If store dos attributes is set to yes then this parameter
is ignored.
Jeremy.
(This used to be commit da4238d18c7a57d1264db8517fb027a10a11baed)
|
|
the unlink call (del tmp\foo)
(This used to be commit 49b8d7d7f5ed93a2b9b21404194452f35bcf7b26)
|
|
This gets it working before replacing tdb with the samba4 version.
(This used to be commit 8210b0503a050e12ee1b4335fa6e50d10ad06577)
|
|
(This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
|
|
(This used to be commit ef3845366bc883e735b2008243b7c05a403f42ca)
|
|
* only keep the registry,tdb file open when we have an open key handle
* tpot's setup.py fix
* removing files that no longer exist in trunk and copying some
that were missing in 3.0
(This used to be commit 6c6bf6ca5fd430a7a20bf20ed08050328660e570)
|
|
Based on the Samba4 solution - stores data in
$samba/private/schannel_store.tdb.
This tdb is not left open but open and closed on demand.
Jeremy.
(This used to be commit a6d8a4b1ff31c5552075455dbd98cb58795958a9)
|
|
(This used to be commit f10aa9fb84bfac4f1a22b74d63999668700ffaac)
|
|
Ensure that the mach_acct and remote machine entries are
set correctly in struct dcinfo - we'll need this as a key
for a persistent schannel state later.
Jeremy.
(This used to be commit 47269b5c7161d740c2e86227de3acd9e08c53817)
|
|
Volker
(This used to be commit cb816e65a95802d5172c410d1acda2da070b871d)
|
|
(This used to be commit 85e61ff69c92143f54860dfce02f95a1e6070bc3)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
Jeremy.
(This used to be commit 155dc2d52a971bfb8d7565c06f3efc637e130b11)
|
|
<steve@celineandsteve.com>.
Jeremy.
(This used to be commit 17598846e7ee2748f2dcb3821823108fa8410480)
|
|
others to examine & test. May not end up here eventually...
Jeremy.
(This used to be commit 7cc70ae63399eacd55bd0bf51ac2c7b004d761bf)
|
|
files
(This used to be commit 32bebc452dffa8348b94c5b866350b1fe761986f)
|
|
(This used to be commit 554c22faeefe6932a01aa7bd6e2861c5abd37510)
|
|
* Users with SeRestorePrivilege may chown files to anyone (be it as a
backup software or directly using the ownership-tab in the security
acl editor on xp), while
* Users with SeTakeOwnershipPrivilege only can chown to themselves.
Simo, Jeremy. I think this is correct now.
Guenther
(This used to be commit 1ef7a192eed457d302a08c692bb54a73a1af4afd)
|
|
Guenther
(This used to be commit 12029e902277053a4066eae1b3ae311fae5e6422)
|