Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
|
|
user object in AD to be the username alias.
For example:
$ net ads search "(uid=coffeedude)"
distinguishedName: CN=Gerald W. Carter,CN=Users,DC=pink,DC=plainjoe,DC=org
sAMAccountName: gcarter
memberOf: CN=UnixUsers,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Domain Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Enterprise Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Schema Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
uid: coffeedude
uidNumber: 10000
gidNumber: 10000
unixHomeDirectory: /home/gcarter
loginShell: /bin/bash
$ ssh coffeedude@192.168.56.91
Password:
coffeedude@orville:~$ id
uid=10000(coffeedude) gid=10000(PINK\unixusers) groups=10000(PINK\unixusers)
$ getent passwd PINK\\gcarter
coffeedude:*:10000:10000::/home/gcarter:/bin/bash
$ getent passwd coffeedude
coffeedude:*:10000:10000::/home/gcarter:/bin/bash
$ getent group PINK\\Unixusers
PINK\unixusers:x:10000:coffeedude
|
|
string.
Jeremy.
(This used to be commit fe30a523dfc77cc373145624246fd3ad5c62b9ac)
|
|
extended rights GUID from ad while dumping the security descriptors's aces.
This would perform much better with a guid cache, but for the rare cases where
it is used
net ads search cn=mymachine ntSecurityDescriptor -U user%pass
it should be ok for now.
Guenther
(This used to be commit b36913433eb74203b29f2b7d412a86e60591ea22)
|
|
Guenther
(This used to be commit a4d5206d0bcbee713790834f119b182e0b419e8c)
|
|
Guenther
(This used to be commit a84fd8300661fd895ed7a8a104b743628718dfc8)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
Guenther
(This used to be commit 11b390309b9677805e5b68f3a1b780658ae85137)
|
|
This allows a provider to supply the homedirectory, etc...
attributes for a user without requiring support in core
winbindd code. The idmap_ad.c module has been modified
to provide the idmap 'ad' library as well as the rfc2307 and sfu
"winbind nss info" support.
The SID/id mapping is working in idmap_ad but the nss_info
still has a few quirks that I'm in the process of resolving.
(This used to be commit aaec0115e2c96935499052d9a637a20c6445986e)
|
|
Guenther
(This used to be commit 2fc63fb8f7927ea61c565801b4c6308d3a4afcd1)
|
|
Guenther
(This used to be commit 8bb6e82f02044a715dbeee020bcc4a01a83c4a64)
|
|
Compiled it on systems with and without LDAP, I hope it does not break the
build farm too badly. If it does, I'll fix it tomorrow.
Volker
(This used to be commit b2ff9680ebe0979fbeef7f2dabc2e3f27c959d11)
|
|
get duplicate OID's returned in the oids_out list it is
still good programming practice to clear out a malloc'ed
string before re-writing it (especially in a loop).
Jeremy
(This used to be commit ae02c05bfca46eb6a8ba25b124c18a358a759cb5)
|
|
failed. Noticed by Bob Gautier.
Guenther
(This used to be commit 7327f94546a90df25c688dcafd42e0993133057a)
|
|
Expand the "winbind nss info" to also take "rfc2307" to support the
plain posix attributes LDAP schema from win2k3-r2.
This work is based on patches from Howard Wilkinson and Bob Gautier
(and closes bug #3345).
Guenther
(This used to be commit 52423e01dc209ba5abde808a446287714ed11567)
|