summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2003-01-30Revert tpot's HEAD merge which broke the Heimdal build.Jeremy Allison1-45/+15
Jeremy. (This used to be commit 1298ecd0b8a3a9e0a2de42d0c049856cad65e272)
2003-01-30Sync of Heimdal kerberos stuff with HEAD. If this breaks I'm blamingTim Potter1-15/+45
the dog again. (This used to be commit 6f89ee2c9dc7f03e3dbe7aa734bf67c6a434d135)
2003-01-28Get smbd to link with Heimdal. Still missing some client progs...Jeremy Allison1-5/+2
Jeremy. (This used to be commit 85dda434763bbcea260c800599e4b6b73afcf174)
2003-01-23Thanks Meeester Potter, for reverting *all* my Heimdal changes becauseJeremy Allison1-40/+13
I mistyped a comma :-). Jeremy. (This used to be commit 04cc149c756c396012cfa321a74724b077302b95)
2003-01-22Merge of kerberos changes to make this branch build again!Tim Potter1-13/+40
(This used to be commit 51b319f57f28e3993919d7f3db0251a724902332)
2003-01-21Get closer to Heimdal compile... Damn. HEAD has different code inJeremy Allison1-14/+3
kerberos_verify... Jeremy. (This used to be commit e8c4098da619a1429cc4c8251761333a7c0f3458)
2003-01-21More fixes getting us closer to full Heimdal compile....Jeremy Allison1-11/+7
Jeremy. (This used to be commit a7ee6ed64500a0d949849da6996b7dc837518f00)
2003-01-21sanity checks from Ken CrossGerald Carter2-3/+7
(This used to be commit 9f35846b8e0d711c9101ade9e79394219045383c)
2003-01-15[merge]Gerald Carter1-5/+5
* removed unused variable from rpcclient code * added container option to net command (patch from SuSE) * Makefile patch for examples/VFS from SuSE (This used to be commit 25a9681ddda47a41fac8fdc97ca50b7f4c579eaf)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett3-8/+8
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-12-30Catching up with old patches. Add define for VERITAS quota support.Jeremy Allison1-0/+2
Check return in ldap. Jeremy. (This used to be commit 66eff26fc930e37035bba8672f5fd3aeae71078d)
2002-12-20Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2-9/+9
named. Ensure we can query them. Jeremy. (This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
2002-12-13More printer publishing code.Jim McDonough1-0/+26
- Add published attribute to info2, needed for win clients to work properly - Return proper info on getprinter 7 This means you can now look at the sharing tab of a printer and get correct info about whether it is published or not, and change it. (This used to be commit d57bddc9b22e809c79294c7eacbd5d0f115fe990)
2002-12-05More printer data to publishJim McDonough1-0/+1
(This used to be commit 6e2f0c4e304a09313f933a3c9c2a7b3a0219006d)
2002-12-03Stop using hardcoded key/value strings, be more forgiving of ↵Jim McDonough1-70/+74
dsspooler/dsdriver info existence. (This used to be commit 59ced15a1b0d88a24a89b3aa9717599aa110272b)
2002-11-23[merge from APP_HEAD]Gerald Carter1-1/+2
90% fix for CR 1076. The password server parameter will no take things like password server = DC1 * which means to contact DC1 first and the go to auto lookup if it fails. jerry (This used to be commit 016ef8b36b30846311a5321803298f8e28719244)
2002-11-18Don't pass a function to ADS_ERR_OK().Jim McDonough1-6/+13
(This used to be commit dff4c93d85717ba29799a0ebaaba8b8539c8d68d)
2002-11-18Next step of printer publishing.Jim McDonough1-106/+242
net ads printer publish <printername> [servername] Will retreive the DsSpooler and DsDriver info by rpc for a remote server then publish it. Next comes doing it within smbd (This used to be commit 8f047a4492f7bd66ac2afd2a2f6194d5dad4a434)
2002-11-15Updates from HEAD:Andrew Bartlett1-1/+1
- const for PACKS() in lanman.c - change auth to 'account before password' - add help to net rpc {vampire,samsync} - configure updates for sun workshop cc - become_root() around pdb_ calls in auth_util for guest login. Andrew Bartlett (This used to be commit 43e90eb6e331d478013a9c038292f245edc51bd0)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison4-27/+26
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-11-10After the lord mayors parade......Jeremy Allison1-2/+9
Janitor for tridge :-). Jeremy. (This used to be commit 76cdfbd5107fff0c38f5fc339f1c27b33fec3a91)
2002-11-06Merge of get_dc_list() api change from HEAD.Tim Potter1-12/+7
(This used to be commit 6ba7847ce2756fde94e530fd0bf2a055f3e27373)
2002-10-30Take out gcb2gtype and gtype2gcb fns. They were using symbols not definedJim McDonough1-46/+0
in 3.0 (new SAM in HEAD). Nobody was referencing these fns... (This used to be commit 386cc92dfa23b4e20172dff20fb14c2ad3172a58)
2002-10-29Merge from HEAD:Jim McDonough1-5/+33
GUID formatting on ads dump Allow rc4-hmac when available .NET likes both forms of servicePrincipalName in machine account record (This used to be commit 89e3a3da5d5bc9e6aedeaea5a87553d72fcaac99)
2002-10-24Merge tridge's blank password fix from HEAD.Jeremy Allison1-2/+6
Jeremy. (This used to be commit eadfd312ba92a780f655cf117c44b30457f007e8)
2002-10-01syncing up with HEAD. Seems to be a lot of differences creeping inGerald Carter7-73/+194
(i ignored the new SAMBA stuff, but the rest of this looks like it should have been merged already). (This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
2002-10-01Updates from Samba HEAD:Andrew Bartlett1-1/+8
- Fix segfaults in the 'net ads' commands when no password is provided - Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the old options, but the actual code is available on all ldap systems. - Fix shadow passwords (as per work with vl) - Fix sending plaintext passwords to unicode servers (again vl) - Add a bit of const to secrets.c functions - Fix some spelling and grammer by vance. - Document the -r option in smbgroupedit. There are more changes in HEAD, I'm only merging the changes I've been involved with. Andrew Bartlett (This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
2002-10-01This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2-0/+241
used to be commit eb5ce70e2f0e3ebf6bab168108b410174e42818b)
2002-09-28Try to compile as much as possible with only ldap, but not kerberos.Andrew Bartlett4-36/+35
(This used to be commit 9615ab10c006d8027f6a8b7dd3770eb77304dbdc)
2002-09-28Add the beginings of sam_ads to the tree.Andrew Bartlett4-3/+46
This module, primarilly the work of "Stefan (metze) Metzmacher" <metze@metzemix.de>, uses the Active Directory schema to store the user/group/other information. I've been testing it against a real AD server, and it is intended to work with OpenLDAP as well. I've moved a few functions around in our other libads code, which has made it easier to tap into that existing code. Also, I've made some changes to the SAM interface, I hope there are not too many objections... To ensure we don't get silly bugs in the skel module, it is now in the default compile. This way you should not forget to update it :-) Andrew Bartlett (This used to be commit 24fb0cde2f0b657df1c99474cd694438c94a566e)
2002-09-28This needs to be #ifdef HAVE_LDAP.Andrew Bartlett1-0/+3
(This used to be commit 2b54a2fc2c85ea139e2acdbbc2f14b969c0c6315)
2002-09-27Move a number of ADS related functions out into utility libs, so that thingsAndrew Bartlett5-31/+332
like metze's sam_ads can also use them. Also add error checking etc to a few more functions. Andrew Bartlett (This used to be commit c864edf4fbf8a6c37888a14b861d7c12cf503d4f)
2002-09-27Some small cleanups to the libads code (mainly error checking), and give aAndrew Bartlett2-5/+28
sane prototype for the push_utf8_allocate code. Andrew Bartlett (This used to be commit ce00a3238ed8a82639c4d0ee3e960f7000b1a7b0)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter7-66/+356
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User1-0/+171
used to be commit 9a5541595f78f2cbba16030552c6e780f6fddcf6)
2002-09-25Another patch from metze, towards his work on sam_ads.Andrew Bartlett2-2/+98
See mx-ldap.sf.net for his current progress. (This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
2002-09-25Avoid a segfault in net join when you have not done an kinit, and it's fallingAndrew Bartlett1-0/+5
back to NTLMSSP. We need to get the password out of the user, and this eventually does. Andrew Bartlett (This used to be commit bb518a3bae3bf91a589021fcc5b1e715247c5ded)
2002-09-17Add clock skew handling to our kerberos code. This allows us to cope withAndrew Tridgell5-22/+75
the DC being out of sync with the local machine. (This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
2002-09-17another const cleanupAndrew Tridgell1-1/+1
(This used to be commit 443d5ebafad46a9a62527642628aff8e5d9dc10c)
2002-09-06Seems I missed commiting this when I added the rest of metze's ADS patch.Andrew Bartlett1-0/+75
Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06Patch from "Stefan (metze) Metzmacher" <metze@metzemix.de>Andrew Bartlett2-8/+42
to extend the ADS_STATUS system to include NTSTATUS, and to provide a better general infrustructure for his sam_ads work. I've also added some extra failure mode DEBUG()s to parts of the code. NOTE: The ADS_ERR_OK() macro is rather sensitive to braketing issues - without the final set of brakets, the test is essentially inverted - causing some intersting 'error = success' messages... Andrew Bartlett (This used to be commit 5b9a7ab901bc311f3ad08462a8a68d133c34a8b4)
2002-09-06Add some DEBUG()s to some libads failure modes.Andrew Bartlett1-1/+5
(This used to be commit ad3c8da13b9d510f78fd56364cd0987de88a9b9f)
2002-08-30convert the LDAP/SASL code to use GSS-SPNEGO if possibleAndrew Tridgell2-34/+221
we now do this: - look for suported SASL mechanisms on the LDAP server - choose GSS-SPNEGO if possible - within GSS-SPNEGO choose KRB5 if we can do a kinit - otherwise use NTLMSSP This change also means that we no longer rely on having a gssapi library to do ADS. todo: - add TLS/SSL support over LDAP - change to using LDAP/SSL for password change in ADS (This used to be commit b04e91f660d3b26d23044075d4a7e707eb41462d)
2002-08-20fix irix compile errors - cannot initialize array in declaration statementHerb Lewis1-2/+9
with non-const values - strsep not defined (This used to be commit a5c59b2cd10016ecbd931531602ad1cb3660bbf9)
2002-08-17sync 3.0 branch with headJelmer Vernooij7-169/+358
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
2002-08-06when using netbios lookup methods make sure we try any BDCs even ifAndrew Tridgell1-9/+21
we get a response from WINS for a PDC, if the PDC isn't responding. (This used to be commit 57916316ffc70b0b6659f3ad9d14aad41fad4c71)
2002-08-06fixed a memory corruption bug in ads_try_dns()Andrew Tridgell1-3/+3
(This used to be commit 2ee0abb50f25e5a4529d8c9409c979a7a00e5984)
2002-08-05This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell7-170/+335
setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
2002-08-04Now that I got the function arguments sane, remove the silly (void **) castsAndrew Bartlett1-9/+9
from some of the callers. Andrew Bartlett (This used to be commit eb3354aa6c7293df9a728565a6774049b2e6d57f)
2002-07-30net ads info now reports the IP of the LDAP server as well as its name - ↵Andrew Tridgell1-0/+6
very useful in scripts (This used to be commit fc0d5479b575c1f495b9251413eed18ec1e37e02)