summaryrefslogtreecommitdiff
path: root/source3/libads/ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2008-12-13s3:libads/ldap.c: if the client belongs to no site at all any dc is the closestStefan Metzmacher1-0/+5
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b)
2008-12-13s3:libads/ldap.c: pass the real workgroup name to get_dc_name()Stefan Metzmacher1-1/+10
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc)
2008-12-13s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP caseStefan Metzmacher1-1/+25
We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f)
2008-11-24s3:libads/ldap.c: return an error instead of crashing when no realm is givenStefan Metzmacher1-4/+4
The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't ex and "disable netbios = yes". metze Signed-off-by: Michael Adam <obnox@samba.org>
2008-11-18Fix extended DN parse error when AD object does not have a SID.Steven Danneman1-24/+38
Some AD objects, like Exchange Public Folders, can be members of Security Groups but do not have a SID attribute. This patch adds more granular return errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse error occured because of bad input, or the DN was valid but contained no SID. I updated all callers to ignore SIDless objects when appropriate. Also did some cleanup to the out paths of lookup_usergroups_memberof()
2008-11-18Whitespace and >80 column cleanups.Steven Danneman1-12/+12
2008-10-14Use GUID_string rather than smb_uuid_string().Jelmer Vernooij1-2/+2
2008-10-13fix build warnings.Günther Deschner1-1/+1
Guenther
2008-10-12Use common strlist implementation in Samba 3 and Samba 4.Jelmer Vernooij1-2/+2
2008-10-04Fix an uninitialized variable found by the IBM CheckerVolker Lendecke1-0/+1
2008-09-24s3-nbt: use the new generated nbt.Günther Deschner1-1/+1
Guenther
2008-08-20libads: remove unused vars.Günther Deschner1-3/+0
Guenther (This used to be commit ea9fc3bea31b11e715d9524defc18b75e5943842)
2008-06-27libads: Add API call to connect to a global catalog server.Gerald W. Carter1-5/+140
Extends ads_connect() to a new call ads_connect_gc() which connects on port 3268 rather than port 389. Also makes ads_try_connect() static and only used internally to ldap.c (This used to be commit f4c37dbe2c986fb7bfe510cdff3b4a9fbc06d079)
2008-06-24libads: add ads_connect_user_creds() that won't overwrite given user creds.Günther Deschner1-0/+12
Guenther (This used to be commit 026018c9f1ed0680b3ca5b26dd6b8dc466e27e0d)
2008-06-17libads: add ads_get_machine_kvno() to make ads_get_kvno() a bit more generic.Günther Deschner1-7/+29
Guenther (This used to be commit cb7ace209c2051ae02647188715fa6ee324c2bf6)
2008-06-17libads: fix logic error in ads_get_kvno().Günther Deschner1-1/+1
Guenther (This used to be commit 132b038581a1a91b4e70c7c44f97f52866609812)
2008-06-17Revert "Fix a memleak in ads_find_dc() in case get_sorted_dc_list() fails"Volker Lendecke1-1/+0
This reverts commit df8d089bc63c2a52cbdf3504cded8df620a59902. (This used to be commit 342f8858200ed7c446516c270e1b4284d92010d8)
2008-06-05Fix a memleak in ads_find_dc() in case get_sorted_dc_list() failsVolker Lendecke1-0/+1
This is really not a proper place to fix this, but as get_gc_list() and friends are about to be replaced anyway, just work around the broken existing API (This used to be commit df8d089bc63c2a52cbdf3504cded8df620a59902)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty1-20/+43
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-05-15libads/cldap: store client sitename also keyed by dns domain name.Günther Deschner1-0/+1
Guenther (This used to be commit 0388b2f0cc4d14b005c5b42f2c17ddcbc8bef12a)
2008-05-14Fix Bug #5465 (joining with createcomputer=ou1/ou2/ou3).Günther Deschner1-5/+5
Guenther (This used to be commit f3251ba03a69c2fd0335861177159a32b2bc9477)
2008-05-09cldap: let ads_cldap_netlogon() return all possible cldap replies.Günther Deschner1-1/+1
Guenther (This used to be commit 6f9d5e1cc94bc90685b54c04622b8f3357bd2f69)
2008-04-26Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s ↵Steven Danneman1-2/+24
of entries The ads_do_search_all_args() function attempts to string together several LDAPMessage structures, returned across several paged ldap requests, into a single LDAPMessage structure. It does this by pulling entries off the second LDAPMessage structure and appending them to the first via the OpenLDAP specific ldap_add_result_entry() call. The problem with this approach is it skips non-entry messages such as the result, and controls. These messages are leaked. The short term solution as suggested by Volker is to replace the ads_*_entry() calls with ads_*_message() calls so we don't leak any messages. This fixes the leak but doesn't remove the dependence on the OpenLDAP specific implementation of ldap_add_result_entry(). (This used to be commit f1a5405409c396df394611e2a234522572d2860a)
2008-04-21cldap: avoid duplicate definitions so remove ads_cldap.h.Günther Deschner1-4/+4
Guenther (This used to be commit 538eefe22ad69540b9f73ffaa613d6be045de199)
2008-04-21cldap: add talloc context to ads_cldap_netlogon().Günther Deschner1-10/+21
Guenther (This used to be commit 4cee7b1bd5cd97c414b73d6f39238958480cdcf3)
2008-04-21libads: Use libnbt for CLDAP reply parsing.Günther Deschner1-12/+12
Guenther (This used to be commit 751f3064a508341c0ebae45e8de9f5311d915d70)
2008-03-28Add ads_check_ou_dn().Günther Deschner1-0/+47
Guenther (This used to be commit 380e9d26db5341d10807ccbfb413d0f53d3ffc71)
2008-03-23Fix Coverity ID 487Volker Lendecke1-0/+1
(This used to be commit 22cee9c1afbc33b4920b72bc81569d79642172af)
2008-03-17Coverity fixesMarc VanHeyningen1-1/+4
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
2008-02-04str_list_free is not needed anymoreVolker Lendecke1-2/+2
(This used to be commit feddc1447d585fd108d22a36bccc576fa81197ef)
2008-02-04Always pass a TALLOC_CTX to str_list_make and str_list_copyVolker Lendecke1-2/+2
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
2008-01-31When running with debug level > 10, dump ads_struct in ads_connect().Günther Deschner1-9/+33
Guenther (This used to be commit 2dd7c64fa8845fe502789068b877f5eaf060afc7)
2008-01-08Do not ignore provided machine_name in ads_get_upn().Günther Deschner1-5/+5
Guenther (This used to be commit ddc1307844379f99b3dde48fc351d0326d22a7ce)
2008-01-04Re-Indent function ldap_open_with_timeout().Michael Adam1-1/+1
This reverts commit #cafda34783f0961c9b463803c19cfcb69f836e3f . I just learned (the hard way) that these indeted functions are not indented by accident but that the intention of this is to not include the prototype into proto.h. Michael (This used to be commit 2e5d01b2146bb9e057b2779d9fe7691ed46d9f45)
2008-01-04Add a debug message (when the LDAP server has really been connected).Michael Adam1-0/+1
Michael (This used to be commit 7d9d2de39072b3291b95ac3965df0d19f83792b9)
2008-01-04Untangle assignment and result check.Michael Adam1-3/+3
Michael (This used to be commit 465a3b356cffb855e26569d3752f15cac07208c0)
2008-01-04Enhance DEBUG-verbosity of ldap_open_with_timeout().Michael Adam1-1/+7
Michael (This used to be commit 9e70d1f24dd304c363a1bde97b5af618b46edc49)
2008-01-04Unindent function header.Michael Adam1-1/+1
Michael (This used to be commit cafda34783f0961c9b463803c19cfcb69f836e3f)
2008-01-04Fix a misleading DEBUG message.Michael Adam1-1/+1
At this stage, the (tcp) connection to the LDAP server has not been established, this is what is about to be attempted. What has been succesfully done, is a CLDAP netlogon query. Michael (This used to be commit 71c3c8ad4c92c5f6267b84ee1d207e5e49e9a4ec)
2008-01-03Add ads_get_joinable_ous().Günther Deschner1-0/+60
Guenther (This used to be commit 5bbceac88159ef6ff83d9cc62c77c7af2116967d)
2007-12-29Make use of [un]marshall_sec_descVolker Lendecke1-9/+11
(This used to be commit 54576733d6c0511dc7379f964b1cb035913b7c8d)
2007-12-16make use of unmarshall_sec_descVolker Lendecke1-19/+12
(This used to be commit ced0c42f055a672f6b4ab6ba809b0f63c83b431e)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-1/+1
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-15Replace sid_string_static with sid_to_stringVolker Lendecke1-1/+2
This adds 28 fstrings on the stack, but I think an fstring on the stack is still far better than a static one. (This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-2/+2
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-12-06Remove an incredible amount of whitespace.Michael Adam1-1/+1
Sorry - could not resist. Michael (This used to be commit 1000c98eae0886dbdf60beb1fe64d66ec009746b)
2007-12-03Make strhex_to_str clear on string limits. Remove pstring from web/*.cJeremy Allison1-2/+2
Jeremy. (This used to be commit f9c8d62389f8cb47837e5360209936176537df13)
2007-11-27Remove some staticsVolker Lendecke1-4/+7
(This used to be commit 1fab16ffb888cd4ec18e52d9da33976a67a5d104)
2007-11-20More pstring removal....Jeremy Allison1-13/+13
Jeremy. (This used to be commit 809f5ab4c595740b28425e1667e395a6058b76a8)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison1-12/+23
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)