Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 8fc3dba8bd99c55bef9ac137976dd35134a49342)
|
|
(This used to be commit 742413b2846af44ac43830f488c15c5c11c1cb27)
|
|
(This used to be commit ca61f68d5ca8791bea34732bd358cfb63273fc5c)
|
|
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions.
srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one.
(This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
|
|
The problem was the NTLMv2 uses extra data in order to make reply/lookup
more difficult. That extra data includes the hostname, and the domain.
This matches Win2k (sort of) by sending this information.
Win2k connects with LMCompatibilityLevel=5 without a problem.
We can change the negotiation bits if we want, this should allow us to make
NTLMv2 the default for other clients as well.
Some of the extra #defines were found in the squid source.
Andrew Bartlett
(This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
|
|
that the passdb code now uses. Similarly, move the 'pluggable' stuff
over from passdb as well, allowing runtime loading of new authenticaion
modules.
(NOTE: The interfaces here can *and do* change - module writers are
not assured source-level compatibilty, and certainly not binary
compatibility).
(This used to be commit 3897cf5e048f50be91ae434f636affc6d539d0d1)
|
|
(This used to be commit 18c6db6a0014fd23383361485ec03eb871a85faa)
|
|
(This used to be commit 5512618d3493a04c84a43beaa752c307bce146fc)
|
|
(This used to be commit efb119fb88a511e026239773422242fff636ae13)
|
|
this is a first step only passdb stuff has beein "classized".
- so what can you do?
set debug level to: 1 poasdb:10
that will make all the code run at debug level 1 except the code in
passdb/* files that will run at level 10
TODO: fix the man page
- also smbcontrol has this nice feature so smbcontrol smbd debug 3 passdb:5
will set every smbd to have a default log level of 3 while passdb stuff
will be at level 5
and so no..
minor cosmetic fix to pdbedit is there too
(This used to be commit be5c3b3f5781ddc002ffcc98df04ab024dcef4ca)
|
|
The idea is that pdb_add_sam_account() should have a non-const SAM_ACCOUNT,
and update some of the the properties generated during the add.
Andrew Bartlett
(This used to be commit b014d9ae4bc38d83d474888b73d350a62704341f)
|
|
(This used to be commit bf82ac14c826a765b33d368e4cb62c7fb3cd3c4f)
|
|
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
|
|
(This used to be commit 173aac4a810782dddc85494c328a6917cb3fe0c2)
|
|
I think we may still need to look at our server enumeration code, but
other than that, its much better in the tree than out.
Andrew Bartlett
(This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
|
|
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
|
|
when assigning on va_list to another, or when passing a va_list as an
argument to a function. Not using it causes segv's and other unpredictable
results.
We need to check all over the place for this...
(This used to be commit 331132678c2e25e5f220de34968f6b16f4fbbc97)
|
|
Do it bit-by-bit to ensure that no breakage creeps in.
(This used to be commit bccbf3569801e8f16aed897c9d04c3f7e1430641)
|
|
Jeremy.
(This used to be commit 41cec26ee36458c2f6fdf768d25a83031e4d5bbb)
|
|
<Michael.Gerdts@alcatel.com>. The struct passwd in Solaris contains some
extra fields which must be initialised otherwise nscd crashes.
(This used to be commit a67323d07177ebc8e46dc14476efaf7e95944504)
|
|
free printer msg id.
Jeremy.
(This used to be commit 64c819b71e6b8831106847153fbbc3123602b397)
|
|
Jeremy
(This used to be commit 32fa089adead6ff3279172fd36560f4f9e2aeef0)
|
|
(This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6)
|
|
(This used to be commit 6aa31435388fdd1569884479e7e0b80714658fb6)
|
|
(This used to be commit aaa996355287fcd86873697f51a069ccb5a908b9)
|
|
is detected.
(This used to be commit 0377448b8c3e2bd8d5bc9f49a585292dc5c5b5a1)
|
|
(This used to be commit 38fd99e84176106ed700f637e9292d2a4c1385b4)
|
|
(This used to be commit 0827bd4184256a87d6cf6c58bc314309503da7be)
|
|
(This used to be commit 2dde9f711979c04cd02107447395a55307f7a30a)
|
|
Jeremy.
(This used to be commit 3853234c2649c501e9876f940f802be86cb6383d)
|
|
(This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a)
|
|
(This used to be commit 66d6d4810ab7b0a1bf2039c387938aad69e01569)
|
|
(This used to be commit 78ead781261d397ace22640e3820d0f4fe17722c)
|
|
(This used to be commit bac0093a9713416b1679d1bc167b70f02b06ef78)
|
|
(This used to be commit 00511ae2b4bc0ef3bfda89cc0ae3e1fba092b6d6)
|
|
only some of the entries could be resolved.
(This used to be commit 0722e71d1ef59a72567f383e3572546ab78e9e6a)
|
|
<mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly
enumerate its trusted domains - by exaimining the keys in the secrets.tdb file.
This patch has been tested with both NT4 and rpcclient/wbinfo, and adds
some extra functionality to talloc and rpc_parse to allow it to deal with
already unicode strings.
Finally, this cleans up some const warnings that were in net_rpc.c by pushing
another dash of const into the rpc client code.
Andrew Bartlett
(This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296)
|
|
<jelmer@nl.linux.org>.
This patch also includes major rework of pdbedit to use popt, and the addition
of -i paramter (allowing the user to specify which PDBs is being
operated on) and -e to export a pdb - useful for backup and testing etc.
Use of -i and -e gets us pdb2pdb functionality for transition between backends,
much like the sam2sam in TNG.
Andrew Bartlett
(This used to be commit c10def37f506d3f2bab442418ac08fdb62659b02)
|
|
in the passdb module selection (after the : you have the options).
Andrew Bartlett
(This used to be commit 6949b630f10ebb76e8e59ca7e832f53571f2c20a)
|
|
(This used to be commit 7e92fb7453e4dbf1fe0c32c3dcc1e994cb95b5ea)
|
|
mangling implementation, selectable using "mangling method = " in smb.conf
It also tidies the interface a little, although it is still nasty.
(This used to be commit be23d87a178e7d0691e7d942adf89bb3d2d533c2)
|
|
Jeremy.
(This used to be commit 678f4f455e7ed0a6fafa3ad30ddadd1917e741ef)
|
|
defines into acconfig.h - only defined if seen.
Jeremy.
(This used to be commit 9f2753a1496c51fd56c97984b8def46a651dbfc8)
|
|
(This used to be commit 9126f008ef542b80f0040f621aa28478be5c80a0)
|
|
Jeremy.
(This used to be commit 16015c07eab2e57fa3771051e3e08fde21757cfa)
|
|
(This used to be commit b618b5943d53f33e6f03d8d47cf87efc5e1ad3e5)
|
|
(This used to be commit 908b70f3e23846d0b438a68e45e076e65016e95e)
|
|
(This used to be commit 21c3dff4109a6a4dc6a1b618a489e49e88743d42)
|
|
POLICY_HND structure when passing new handles back from the appropriate
cli_* functions. When closing the policy handle free the memory.
Insure (and indeed other memory checkers) should detect handles that have
not been closed properly as memory leaks. Unfortunately this can only be
done when the program terminates (set insure++.summarize leaks in your
.psrc file) rather than when the policy handle falls out of scope.
Looks like Jeremy has squished all the policy handle leaks at the moment
but more are bound to crop up later.
(This used to be commit 6dc80d625752f0a3ce6fd7b2278095529c6ec29f)
|
|
have to add the server side now.
J.F.
(This used to be commit b83f87d6811dbad2c254cd5add4bbedb3196c629)
|