Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
routines.
Guenther
(This used to be commit 0ef504a0a6dc8f5db1dbc7f2410aa981e11fd56c)
|
|
Guenther
(This used to be commit af3779a51624977088c322ac98f52c02e9291b54)
|
|
Guenther
(This used to be commit 1fe4724f57f4f25ed486240cb1e741da60f0c997)
|
|
Guenther
(This used to be commit e852bc46464fe6dbdf8530f43fcb88fd2eafae67)
|
|
Guenther
(This used to be commit 6f301b2dc3dd64b4396e1d0307b3d539bda67d45)
|
|
Guenther
(This used to be commit 714ea3ceab714e23e97eb3e4d7261456a18abbac)
|
|
cache the SAF name under both the domain name
and the realm name, as we could be looking up
under both. Jerry please check.
Jeremy.
(This used to be commit 9d954d2deb46698b3834c7caf5ee0cfe628086b5)
|
|
(This used to be commit 86f4ca84f2df2aa8977eb24828e3aa840dda7201)
|
|
Compiled it on systems with and without LDAP, I hope it does not break the
build farm too badly. If it does, I'll fix it tomorrow.
Volker
(This used to be commit b2ff9680ebe0979fbeef7f2dabc2e3f27c959d11)
|
|
set_dc_type_and_flags().
Fix problem when DC is down in ads_connect, where
we fall back to NetBIOS and try exactly the same
IP addresses we just put in the negative connection
cache.... We can never succeed, so don't try lookups
a second time.
Jeremy.
(This used to be commit 2d28f3e94a1a87bc9e9ed6630ef48b1ce17022e8)
|
|
server in winbindd when it's down and listed
in the -ve connection cache. Fix memory leak,
reduce timeout for cldap calls - minimum 3 secs.
Jeremy.
(This used to be commit 10b32cb6de234fa17fdd691bb294864d4d40f782)
|
|
the get_dc_list code to get the _kerberos. names
for site support. This way we don't depend on one
KDC to do ticket refresh. Even though we know it's
up when we add it, it may go down when we're trying
to refresh.
Jeremy.
(This used to be commit 77fe2a3d7418012a8dbfb6aaeb2a8dd57c6e1a5d)
|
|
get the syntax right... :-).
Jeremy.
(This used to be commit ecca467e463ef5c9acd48ee0a5f446755bd2f306)
|
|
Jeremy.
(This used to be commit 515f86167bd9ec64170218f2ea4fb20d12a28365)
|
|
Jeremy.
(This used to be commit 5f84c8c815ff0c941ef06d682dcc4be52e8867d2)
|
|
Jeremy.
(This used to be commit ba311ac4eac060c12cafeeb8e458f45c2927aabf)
|
|
Jeremy.
(This used to be commit f1c5409b9fa201c6d726857b02515167b0d7cef1)
|
|
of 700, and 644 instead of 600. Reading might help
debugging.
Jeremy.
(This used to be commit 99f100cfecb53e00d17f7426251a3d4022db791a)
|
|
krb5.conf files under lockdir, not privatedir.
Jeremy.
(This used to be commit c59eff3e53f5bfae3a9fb136e8566628339863ad)
|
|
Jeremy.
(This used to be commit 188eb9794df265e8a55602d46b6bb4bd7daffa7f)
|
|
separate directory.
Jeremy.
(This used to be commit 541594153b3a29a4ca30f1897264f2cc715b0698)
|
|
working right. Don't update the server site when we
have a client one...
Jeremy.
(This used to be commit 7acbcf9a6c71f8e7f9167880488613c930cef4d9)
|
|
(This used to be commit 95f6b22e5179e1fb738c07112de2e06024fc9a83)
|
|
SID<->uid/gid cache. FIxes a bug in token creation
(This used to be commit fa05708789654a8a34cb4a4068514a0b3d950653)
|
|
Remove all reference to "Default-First-Site-Name" and
treat it like any other site.
Jeremy.
(This used to be commit 5ae3564d6844f44a6943b2028917bd457371af1e)
|
|
Jeremy.
(This used to be commit 638d53e2ad524dfe4666b79d36997dea8a44c8cd)
|
|
struct so we can see when they match - only create
the ugly krb5 hack when they do.
Jeremy.
(This used to be commit 9be4ecf24b6b5dacf4c2891bddb072fa7543753f)
|
|
Jeremy.
(This used to be commit 408267a2d725a0596be37b019fe4513502b2c0ec)
|
|
writing out a custom krb5.conf file containing
the KDC I need. This may suck.... Needs some
testing :-).
Jeremy.
(This used to be commit d500e1f96d92dfcc6292c448d1b399195f762d89)
|
|
the client sitename is "Default-First-Site-Name".
Treat this as a blank site (no site configured).
Jeremy.
(This used to be commit 5c46381bd7dd1b3f11f427d111ded0b76fc1bec8)
|
|
Cause winbindd to set site support before doing the
generic AD server lookup.
Jeremy.
(This used to be commit a9833941715472ece747bce69ef53ba8ad98d7a5)
|
|
the code to redo the CLDAP query to restrict DC
DNS lookups to the sitename. Jerry, please check
to stop me going insane :-).
Jeremy.
(This used to be commit 8d22cc111579c57aec65be8884b41564b79b133a)
|
|
support when looking up DC's. On every CLDAP
call store the returned client sitename (if
present, delete store if not) in gencache with
infinate timeout. On AD DNS DC lookup, try looking
for sitename DC's first, only try generic if
sitename DNS lookup failed.
I still haven't figured out yet how to ensure
we fetch the sitename with a CLDAP query before
doing the generic DC list lookup. This code is
difficult to understand. I'll do some experiments
and backtraces tomorrow to try and work out where
to force a CLDAP site query first.
Jeremy.
(This used to be commit ab3f0c5b1e9c5fd192c5514cbe9451b938f9cd5d)
|
|
(This used to be commit 9810d74e171542408eea3ec22a0ebb57a9e1e87e)
|
|
deref null. Make interface explicit.
Jeremy.
(This used to be commit 4e99606ec16b978a76219b5362a23a7b06ee5468)
|
|
Jeremy.
(This used to be commit e77949175144cbe4cfa58788d13acc704eebc251)
|
|
get_sorted_dc_list
return NTSTATUS.
If we want to differentiate different name resolution problems we might want
to introduce yet another error class for Samba-internal errors. Things like no
route to host to the WINS server, a DNS server explicitly said host not found
etc might be worth passing up.
Because we can not stash everything into the existing NT_STATUS codes, what
about a Samba-specific error class like NT_STATUS_DOS and NT_STATUS_LDAP?
Volker
(This used to be commit 60a166f0347170dff38554bed46193ce1226c8c1)
|
|
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 91878f9b6fbe5187fb7d0464008ea0abe7f11a73)
|
|
the LGPL. Original code by Krishna Ganugapati <krishnag@centeris.com>.
Additional work by me.
It's still got some warts, but non-secure updates do
currently work. There are at least four things left to
really clean up.
1. Change the memory management to use talloc() rather than
malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
dnserr.h)
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
(and under the LGPL).
A few notes:
* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
issues.
(This used to be commit 36f04674aeefd93c5a0408b8967dcd48b86fdbc1)
|
|
error. Fix our DNS SRV lookup code to deal with multi-homed hosts.
We were noly remembering one IP address per host from the Additional
records section in the SRV response which could have been an unreachable
address.
(This used to be commit 899179d2b9fba13cc6f4dab6efc3c22e44e062bc)
|
|
Michael Adam/Volker, please check.
Guenther
(This used to be commit d0feb85781f69325ee70aff98370cfac037c4cc2)
|
|
(This used to be commit 09e7c010f03ac3c621f7a7fad44685d278c1481a)
|
|
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 6e641c90b8f52a822a83701cdf305c60416d7f0c)
|
|
(This used to be commit de76217cfb9d20431189e838999a634e4de067a9)
|
|
NO_LOGON_SERVERS if no domain controller was found.
Thanks to Michael Adam <ma@sernet.de>.
Volker
(This used to be commit d44599de3a61707a32851f37ddfb2425949622f8)
|
|
inspired
by Christian M Ambach <CAMBACH1@de.ibm.com>.
Volker
(This used to be commit cf7c83d462dc766fa6f48728d0a4e8d534cc2bd4)
|
|
(This used to be commit 0f483cf66c203d8590998b83cbeeb236ba06ab63)
|
|
(This used to be commit 21c8fa2fc8bfd35d203b089ff61efc7c292b4dc0)
|
|
is not an A record for each SRV name
(This used to be commit 42608b8bb974e1bd88cf2105bf1774622c045458)
|