summaryrefslogtreecommitdiff
path: root/source3/libads/ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2002-05-17This is meant to be accessed via the helper fn, not directly.Andrew Bartlett1-1/+1
(This used to be commit b84882a628b3f2f0890322f25694c1932aa3e5ec)
2002-04-19fixed trust relationships in ADS winbindd after breaking them with my BDC ↵Andrew Tridgell1-2/+6
changes ... (This used to be commit 8096032663690eafb6bb8b4f405d6231389d4f80)
2002-04-18fixed the fallback to a BDC for ADS connectionsAndrew Tridgell1-0/+24
(This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a)
2002-04-10A few more updates:Jim McDonough1-132/+348
- Add doxygen comments - remove server sort control (ms implementation was not reliable) - rename ads_do_search_all2() to ads_do_search_all_fn() (This used to be commit 7aa5fa617221019de0f4565d07842df72673e154)
2002-04-05Several updates to get server side sorting going:Jim McDonough1-26/+78
- Added sort control to ads_do_paged_search. It allows a char * to be passed as the sort key. If NULL, no sort is done. - fixed a bug in the processing of controls (loop wasn't incremented properly) - Added ads_do_search_all2, which funs a function that is passed in against each entry. No ldapmessage structures are returned. Allows results to be processed as the come in on each page. I'd like ads_do_search_all2 to replace ads_do_search_all, but there's some work to be done in winbindd_ads.c first. Also, perhaps now we can do async ldap searches? Allow us to process a page while the server retrieves the next one? (This used to be commit 95bec4c8bae0e29f816ec0751bf66404e1f2098e)
2002-04-04Try harder next time to not duplicate function...take ads_err2string backJim McDonough1-15/+0
out since it's already in ads_errstr() in ads_status.c (This used to be commit 0475126ffb69f0485fd31511cb13d98df74a8d5b)
2002-04-04Add ads_err2string() function for generating error strings from an ADS_STATUS.Jim McDonough1-0/+15
I've got the cases besides gssapi...anyone know how to get those? (This used to be commit c937e1352207ad90e8257ad6c9f8b7c9cf92030d)
2002-03-29Added ads_process_results(), which takes a function that is called for eachJim McDonough1-20/+73
entry returned from a search, and applies it to the results. Re-structured ads_dump to use this, plus changed the ber_free in ads_dump from (b,1) to (b,0), in accordance with openldap manpages. Also allows proper free of result using ldap_msgfree afterwards, so you can do something with the results after an ads_dump. (This used to be commit f01f02fc569b4f5101a37d3b493f2fe2d2b2677a)
2002-03-27Whoops, left the paged control not critical in the paged search...kind ofJim McDonough1-1/+1
defeats the purpose. (This used to be commit 71806c49b366faf2466eee7352c71fcdfefd8cc1)
2002-03-27Add server control to prevent referrals in paged searches. This keepsJim McDonough1-6/+18
the scope limited to the domain at hand, and also keeps the openldap libs happy, since they don't currently chase referrals and return server controls properly at the same time. (This used to be commit 2bebc8a391bd80bd0e5adbedb3757fb4279ec414)
2002-03-19added a ads_do_search_all() call, which is a more convenient interfaceAndrew Tridgell1-0/+42
to paged searches. This makes updating winbindd to used paged searches trivial. (This used to be commit 514c11b4e3fcc765a8087405333bd351c05c9e36)
2002-03-19fixed paged controls on my box. The problem seems to be incorrectAndrew Tridgell1-4/+21
referrals parsing in the openldap libs. By disabling referrals we get valid controls back and the cookies work. (This used to be commit 8bf487ddff240150d7a92aaa0f978dd30062c331)
2002-03-14This adds the Paged Result Control to ads searching. The new function, ↵Jim McDonough1-0/+79
ads_do_paged_search, is the same as ads_do_search, but it also contains a count of records returned in this page, and a cookie for resuming, to be passed back. The cookie must start off NULL, and when it returns as NULL, the search is done. (This used to be commit 9afba67f9a56699e34735e1e425f97b2464f2402)
2002-03-13detect SIZELIMIT_EXCEEDED in ldap queries and truncateAndrew Tridgell1-0/+4
the problem is, how the heck do we properly handle these? Jerry? It seems that the Win2000 ADS server only returns a max of 1000 records! (This used to be commit 93389647203395da0e894c2e57348081e755884a)
2002-03-11put in the ADS DNS hack, but commented outAndrew Tridgell1-0/+11
(This used to be commit 3396a671c59e6afe70a22ce64e4a9381b1d6fef8)
2002-03-10yipee! Finally put in the patch from Alexey KotovichAndrew Tridgell1-8/+121
<a.kotovich@sam-solutions.net> that adds the security decsriptor code for ADS workstation accounts thanks for your patience Cat, and thanks to Andrew Bartlett for extensive reviews and suggestions about this code. (This used to be commit 6891393b5db868246fe52ff62b3dc6aa5ca6f726)
2002-03-04fix for IRIX compile errorHerb Lewis1-3/+4
(This used to be commit 2d620909f9def17dacf2af997a32d596f4dbd827)
2002-02-13Fix LDAP modification operation. Cut and paste error: was LDAP_MOD_ADD, ↵Jim McDonough1-1/+1
should be LDAP_MOD_REPLACE. Caught by Alexey Kotovich. (This used to be commit be48a05ed95f0f4ed02ffb996cb1ecc10811d9a0)
2002-02-12talloc'ify ads modify functions. Also add more complete berval support.Jim McDonough1-122/+119
(This used to be commit 1f186c60ad957c0e8157a6fd903857121c65a2e0)
2002-02-11Add ability to extend ads modification list on the fly. Also add some ↵Jim McDonough1-23/+39
malloc checks and return ADS_ERROR(LDAP_NO_MEMORY) if they fail. (This used to be commit 81d76f05d8b886a86eb421d1bd8737ec7d05cbde)
2002-02-07when a trusted domain is down an ADS server will return a success on aAndrew Tridgell1-2/+3
get trusted domains query but leave the domain SID blank - we need to fail the add of the trusted domain in winbindd in that case (This used to be commit 24c7e7a3849df3a3378f7e7f20099de048f0b7bd)
2002-02-06Fix ldapmod list overrun check. Also better document and format ldap ↵Jim McDonough1-16/+13
control for permissive modify. (This used to be commit 01e7f7c3d9006883b71e43d917d32e325cff7a15)
2002-02-02merge in some changes from Alexey Kotovich. Return ADS_STATUS instead of ↵Jim McDonough1-33/+88
BOOLs. Add support for bervals in mod lists. Also put undocumented AD ldap control in to allow modifications when an attribute does not yet exist. (This used to be commit 1a2d27b21e61be5a314f7d6c4ea0dff06a5307be)
2002-02-02Minor bug fixes, plus support to remove a printer. Commented out optional ↵Jim McDonough1-11/+56
attributes until a method for checking for their existence is done. (This used to be commit 538c19a6983e0423b94f743184263cd8ef9c701e)
2002-02-01Fix build errors on non-ldap systems...change function parms from LDAPMod ** ↵Jim McDonough1-24/+27
to void ** (This used to be commit 9467792843fdd9bc55e92bfaa2f2205279074297)
2002-02-01Add functions for modifying an entry in ADS. Needed for printer publishing.Jim McDonough1-1/+118
(This used to be commit 3d8d8cef64c674f9f1240759a05766db95bfde4e)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-25Enable net ads commands to use existing tickets if the user doesn't specify ↵Jim McDonough1-1/+3
a username on the commandline. Also don't continue past the kinit if a password is entered and fails because existing tickets would be used, which may not be desired if the username was specified. (This used to be commit 7e5d7dfa834c0161460bde8a2f0d4824c0a0d1fe)
2002-01-16much better support for organisational units in ADS joinAndrew Tridgell1-1/+21
(This used to be commit 7e876057d5e392f85e6fdb0f2c233b0fe76df688)
2002-01-11Fix up 'net ads join' to delete and rejoin if the account already exists.Andrew Bartlett1-2/+7
This fixes up a problem where a machine would join (or downgrade by trust password change) to NT4 membership and not be able to regain full ADS membership until a 'net ads leave'. Andrew Bartlett (This used to be commit ab8ff85f03b25a0dfe4ab63886a10da81207393c)
2002-01-03added nTSecurityDescriptor field to host acct dumpAndrew Tridgell1-1/+3
(This used to be commit f383e19e095eab975bf3d4e622a5c1d1f823171b)
2001-12-30Make Samba compile on RH 6.2 again.Andrew Bartlett1-59/+0
We now include the libber.h file if required, but currently we just don't use ldap. (I'll chase this up). In the meantime, I've moved the ads_status code about, its now in its own file, and has a couple of #ifdefs to allow smbd to link - becouse the lack of LDAP caused HAVE_ADS to be undefined. (I hope its not too ugly). Andrew Bartlett (This used to be commit 14407c87e2dcccae1784290e3eb7a2d611516aff)
2001-12-20added ads_domain_sid() functionAndrew Tridgell1-0/+18
(This used to be commit ff002a458afa6ca378f0c6d2ec9fb74233c839a7)
2001-12-20net ads password and net ads chostpass commands from Remus KoosAndrew Tridgell1-1/+11
(This used to be commit 412e79c448bf02e3097b5c14a36fe0172d8d2895)
2001-12-19much better ADS error handling systemAndrew Tridgell1-93/+141
(This used to be commit 05a90a28843e0d69183a49a76617c5f32817df16)
2001-12-19- added initial support for trusted domains in winbindd_adsAndrew Tridgell1-8/+69
- gss error code patch from a.bokovoy@sam-solutions.net - better sid dumping in ads_dump - fixed help in wbinfo (This used to be commit ee1c3e1f044b4ef62169ad74c5cac40eef81bfda)
2001-12-17allow selection of the organisational unit when joining a realmAndrew Tridgell1-4/+4
(This used to be commit f1231c2b54cac9d4fda7fa9d45fd329f1fd7b779)
2001-12-10make sid_binstring available without HAVE_ADSAndrew Tridgell1-39/+0
(This used to be commit 4a6d29768665f71b72cf48ee34ee9a9c451232f6)
2001-12-08fix a DEBUG() lineAndrew Tridgell1-2/+3
(This used to be commit 18da530293b11d895c62d08895ee1f77d8f97a12)
2001-12-08added internal sasl/gssapi code. This means we are no longer dependent on ↵Andrew Tridgell1-67/+71
cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm (This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
2001-12-06added a propoer kerberos_kinit_password callAndrew Tridgell1-1/+1
contribution from remus@snapserver.com thanks! (This used to be commit 3ace8f1fcc27492d26f5ad0c3cdfc63235ca0609)
2001-12-05fixed a minor password memory leakAndrew Tridgell1-0/+1
(This used to be commit 5985d7e6eec1eb80d8d7470ee2ceda8981c7410c)
2001-12-05handle ldap server down betterAndrew Tridgell1-1/+3
(This used to be commit 0d85815c992c6ca77ba64dfb2d7538be4684654d)
2001-12-05added a REALLY gross hack into kerberos_kinit_password so thatAndrew Tridgell1-0/+4
winbindd can do a kinit this will be removed once we have code that gets a tgt and puts it in a place where cyrus-sasl can see it (This used to be commit 7d94f1b7365215a020d3678d03d820a7d086174f)
2001-12-05added timeouts and retries to ldap operationsAndrew Tridgell1-9/+53
(This used to be commit 4f004eb54d66b6f811cb2f4791da6c70d77f87c2)
2001-12-05moved the sequence number fetch into the backend, and fetch theAndrew Tridgell1-1/+1
sequence number via ldap when using ads (This used to be commit 9a084f0bb91883224ad44e2b76417d10c15cce42)
2001-12-05paranoia fixes in based ldap routines for potential memory leaksAndrew Tridgell1-10/+16
(This used to be commit 13b933104e1389608e4831ca47dd8106ea0c60a5)
2001-12-05more memory leak fixesAndrew Tridgell1-0/+8
(This used to be commit eb6f0e91ddd2a97a907a569bc60beca99b494884)
2001-12-05added functions that convert a ads binary blob to a string (forAndrew Tridgell1-0/+39
searching on SID) (This used to be commit 31d6d049b30e364e062f108d6f9221bbdc2ebec5)
2001-12-04added ads_search_dn() and ads_pull_sids()Andrew Tridgell1-1/+42
(This used to be commit bc83d55f4400cdcdfed44622954f11580b6d2f87)