summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r12406: Since w2k3 sp1 we fail to create user accounts using e.g. "net ads userGünther Deschner1-1/+1
add" with "Server is unwilling to perform". Seems we have to put in the same userAccountControl bits the server would pick when we wouldn't send them at all. Guenther (This used to be commit fd5da5875cdc47fc6ef6ba1615a9635f9f157589)
2007-10-10r12196: patch from Krishna Ganugapati <krishnag@centeris.com>Gerald Carter1-1/+17
Use the subtree delete ldap control when running 'net ads leave' to ensure that the machine account is actually deleted. (This used to be commit e96000c16cd182b2e2cbdc1a287002306d2965e6)
2007-10-10r12043: It's amazing the warnings you find when compiling on a 64-bitJeremy Allison2-6/+6
box with gcc4 and -O6... Fix a bunch of C99 dereferencing type-punned pointer will break strict-aliasing rules errors. Also added prs_int32 (not uint32...) as it's needed in one place. Find places where prs_uint32 was being used to marshall/unmarshall a time_t (a big no no on 64-bits). More warning fixes to come. Thanks to Volker for nudging me to compile like this. Jeremy. (This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
2007-10-10r11875: Allow to use START_TLS (by manually setting "ldap ssl = start_tls") forGünther Deschner1-0/+5
LDAP connections to ADS (Windows 2003). Guenther (This used to be commit 95543fab0f6aa1c483b40247c16cde79cbc9c012)
2007-10-10r11863: BUG 3196: patch from Alex Deiter <tiamat@komi.mts.ru> to compile ↵Gerald Carter1-1/+7
against the Sun LDAP client libs. But not for AD support; just ldap support (This used to be commit a33e78acedb37df47905d326411e017794721250)
2007-10-10r11846: Destroy the TALLOC_CTX on error in the Kerberos session setup and give aGünther Deschner1-3/+3
more precise inline comment why PAC verification may fail. Guenther (This used to be commit 43b57715e9b44a0a0c7cc7fe3674a5fd4369e78b)
2007-10-10r11651: After talking to Jeremy, commit my winbindd "Do the Right Thing" patch.Gerald Carter1-1/+18
Still needs some more testing ni domains with multiple DCs. Coming next.... (This used to be commit aaed605206a8549cec575dab31e56bf6d32f26a6)
2007-10-10r11551: Add a few more initialize_krb5_error_tableVolker Lendecke2-0/+4
(This used to be commit d92c83aa42fe64a0e996094d1a983f0279c7c707)
2007-10-10r11508: Removed incorrect patch hunk. Thanks to AndrewJeremy Allison1-2/+0
Bartlett for pointing this out. Jeremy. (This used to be commit c93a08be4a29854354a16c6e8f984477e19f41c0)
2007-10-10r11504: Added Andrew Bartletts removal of another NTLMSSP implementationJeremy Allison2-85/+91
patch. Jeremy. (This used to be commit 4591984176fd32ba25155fbc6889a1c637019a08)
2007-10-10r11451: Fix -O1 "might be using uninitialized" errors.Jeremy Allison1-1/+1
Jeremy. (This used to be commit cab76c3c33883aad444eefb6562ab1b27d9ca88a)
2007-10-10r11183: add small helper function to return a PAC_LOGON_INFO.Günther Deschner1-0/+16
Guenther (This used to be commit a8d5d6b845efb62e73e281549528376f3ee74211)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison2-2/+3
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10907: Handle the case when we can't verify the PAC signature because theGünther Deschner1-5/+7
ticket was encrypted using a DES key (and the Windows KDC still puts CKSUMTYPE_HMAC_MD5_ARCFOUR in the PAC). In that case, return to old behaviour and ignore the PAC. Thanks to Chengjie Liu <chengjie.liu@datadomain.com>. Guenther (This used to be commit 48d8a9dd9f573d0d913a26a62e4ad3d224731343)
2007-10-10r10710: Fix uninitialized variable. (Thanks to Chengjie LiuGünther Deschner1-1/+1
<chengjie.liu@datadomain.com>) Guenther (This used to be commit 241466ee650d1db1b89a4b5b640f27f6b83644c6)
2007-10-10r10671: Attempt to fix the build on machines without kerberos headers.Volker Lendecke1-1/+1
Volker (This used to be commit cb816e65a95802d5172c410d1acda2da070b871d)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter5-109/+483
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10285: Doh ! Guenther spotted this stupid cut-n-paste bug...Jeremy Allison1-1/+0
Thanks Guenther ! Jeremy. (This used to be commit 7335440e480599a6e16780976ab36651a6fb969d)
2007-10-10r10211: Fix another memleak (this time in the kerberos keytab code)Günther Deschner1-1/+5
Guenther (This used to be commit 9796bf45895681fee243ca8fd8297ff270c7547c)
2007-10-10r9780: Clean up a bunch of compiler warnings.James Peach1-6/+0
(This used to be commit 623d2e69319ffead31a780a4d6156dae45f386d7)
2007-10-10r9739: conver the reg_objects (REGSUBKEY_CTR & REGVAL_CTR) to useGerald Carter1-17/+24
the new talloc() features: Note that the REGSUB_CTR and REGVAL_CTR objects *must* be talloc()'d since the methods use the object pointer as the talloc context for internal private data. There is no longer a regXXX_ctr_intit() and regXXX_ctr_destroy() pair of functions. Simply TALLOC_ZERO_P() and TALLOC_FREE() the object. Also had to convert the printer_info_2->NT_PRINTER_DATA field to be talloc()'d as well. This is just a stop on the road to cleaning up the printer memory management. (This used to be commit ef721333ab9639cb5346067497e99fbd0d4425dd)
2007-10-10r9163: Rename UNKNOWN_TYPE_10 to PAC_LOGON_NAME (merge from samba4)Günther Deschner1-16/+16
Guenther (This used to be commit d14dcba9635d10d2d8bf9f60c601b8c9078ec340)
2007-10-10r8989: Fix a warningVolker Lendecke1-1/+1
(This used to be commit 3d491ebf9ca8edae938aee08abb924905fd83deb)
2007-10-10r8899: various compiler warning fixes reported by Jason Mader ↵Gerald Carter1-2/+2
<jason@ncac.gwu.edu> (This used to be commit d8ae9f2b3e5387ef2c4e84cd9c33f4a7c795b0d3)
2007-10-10r8675: fix some compile warnings.Günther Deschner1-1/+1
Guenther (This used to be commit afa8ae831a8d9cde8c6474c5fc807a9ca8155273)
2007-10-10r8654: merging cli_spoolss_XX() updates from trunkGerald Carter1-18/+3
(This used to be commit cd961e50a3029898868d21263ccacb7d5f1f07b9)
2007-10-10r8062: Remove some unused codeVolker Lendecke1-129/+0
(This used to be commit fa6cc0bdefe272ec538a71a2b6ba72a724411764)
2007-10-10r8048: Replace "done" with "failed".Günther Deschner1-5/+5
Guenther (This used to be commit 7285edc4fe71f47ab648c31760c357fc2af29ce7)
2007-10-10r8047: "oid" is defined in a heimdal header. With my gcc this generates a ton ofVolker Lendecke1-4/+4
shadowed variable warnings. Fix that. Volker (This used to be commit 3846c0afa1db96239b3aaf2e7ee2427b48f6e2f0)
2007-10-10r7994: This adds support in Winbindd's "security = ads"-mode to retrieve the ↵Günther Deschner2-1/+100
POSIX homedirectory and the loginshell from Active Directory's "Services for Unix". Enable it with: winbind sfu support = yes User-Accounts without SFU-Unix-Attributes will be assigned template-based Shells and Homedirs as before. Note that it doesn't matter which version of Services for Unix you use (2.0, 2.2, 3.0 or 3.5). Samba should detect the correct attributes (msSFULoginShell, msSFU30LoginShell, etc.) automatically. If you also want to share the same uid/gid-space as SFU then also use PADL's ad-idmap-Plugin: idmap backend = ad When using the idmap-plugin only those accounts will appear in Name Service Switch that have those UNIX-attributes which avoids potential uid/gid-space clashes between SFU-ids and automatically assigned idmap-ids. Guenther (This used to be commit 28b59699425b1c954d191fc0e3bd357e4a4e4cd8)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-2/+1
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter2-8/+3
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r6595: This is Volkers new-talloc patch. Just got the go-ahead fromJeremy Allison1-1/+1
Volker to commit. Woo Hoo ! Jeremy. (This used to be commit 316df944a456f150944761dab34add5e8c4ab699)
2007-10-10r6586: get rid of a few more compiler warningsHerb Lewis1-1/+1
(This used to be commit 173375f8d88bf8e8db8d60e5d5f0e5dcc28767d9)
2007-10-10r6149: Fixes bugs #2498 and 2484.Derrell Lipman4-8/+13
1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task. (This used to be commit 994694f7f26da5099f071e1381271a70407f33bb)
2007-10-10r6127: Eliminated all compiler warnings pertaining to mismatched ↵Derrell Lipman1-1/+2
"qualifiers". The whole of samba comiles warning-free with the default compiler flags. Temporarily defined -Wall to locate other potential problems. Found an unused static function (#ifdefed out rather than deleted, in case it's needed for something in progress). There are also a number of uses of undeclared functions, mostly krb5_*. Files with these problems need to have appropriate header files included, but they are not fixed in this update. oplock_linux.c.c has undefined functions capget() and capset(), which need to have "#undef _POSIX_SOURCE" specified before including <sys/capability.h>, but that could potentially have other side effects, so that remains uncorrected as well. The flag -Wall should be added permanently to CFLAGS, and all warnings then generated should be eliminated. (This used to be commit 5b19ede88ed80318e392f8017f4573fbb2ecbe0f)
2007-10-10r5956: more compile warngin fixes from the Mr. MaderGerald Carter1-3/+3
(This used to be commit f3f315b14d261fa56ab040db036a6f858ac06e65)
2007-10-10r5952: BUG 2469: patch from Jason Mader to cleanup compiler warning when not ↵Gerald Carter1-0/+4
using krb5 (This used to be commit 19a639ac468237b22f16d917c0150fbf10c9623e)
2007-10-10r5948: more compile cleanups from Jason MaderGerald Carter1-6/+1
(This used to be commit cc6c769c3c26164919dd13777d671abe02c084d9)
2007-10-10r5762: Modified version of patch from Michael Brown ↵Jeremy Allison1-65/+99
<mbrown@fensystems.co.uk> to case insentively search for a principal match on logon verification in the system keytab. UNTESTED (although it compiles). Please test. Jeremy. (This used to be commit 1ace2ca1be65b4d6e92a98040fd09fdca74e8c8a)
2007-10-10r5759: Patch from Doug VanLeuven <roamdad@sonic.net> to add more case/realm/nameJeremy Allison1-2/+21
permutations to the kerberos keytab. Jeremy. (This used to be commit c687e73f242967cd3a78db66c1dd23349766ebb8)
2007-10-10r5336: BUG 2329: fix to re-enable winbindd to locate DC's when 'disable ↵Gerald Carter1-1/+1
netbios = yes' (This used to be commit 75a223f1188ae0041c9e3c748af107d642f73810)
2007-10-10r5207: patches from Jay Fenlason @ RedHat (scooped from their Fedora packages)Gerald Carter1-1/+1
(This used to be commit 9019a8436162d3606f6b8584701b0832cf5a7439)
2007-10-10r4882: Fix for #2255. Debug should have been 10 not 0.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 5557e1409a9a22759ca3bea021d4a662099e683a)
2007-10-10r4736: small set of merges from rtunk to minimize the diffsGerald Carter1-1/+1
(This used to be commit 4b351f2fcc365a7b7f8c22b5139c299aa54c9458)
2007-10-10r4665: Fix inspired by posting from Joe Meadows <jameadows@webopolis.com>.Jeremy Allison1-10/+10
Make all LDAP timeouts consistent. Jeremy. (This used to be commit 0f0281c2348b10ffdea744ecade6b2be0814c872)
2007-10-10r4346: Fix cut-and-paste error - bugid #2189. Fixed by Buck Huppmann ↵Jeremy Allison1-1/+1
<buckh@pobox.com> Jeremy. (This used to be commit 5c22cb082c86088add0db21541a8079c516c9fd9)
2007-10-10r4334: Fix for bugid #2186 - from Buck Huppmann <buckh@pobox.com>Jeremy Allison1-1/+2
to prevent uninitialized creds being freed. Jeremy. (This used to be commit c3f9c81a8fcb26f7110f75b3096d5d1eb30aac13)
2007-10-10r4273: Same fix for r4272 in SAMBA_3_0 branch.Tim Potter1-1/+1
(This used to be commit 4f1927acfa6569fc90317d76ed34e5ee088df7c1)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison9-69/+58
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)