Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-01-29 | s3: fix bug #6073: prevent ads_connect() from using SSL unless explicitly ↵ | Michael Adam | 1 | -3/+5 | |
requested This fixes "net ads join". It copes with the changed default "ldap ssl = start tls". A new boolean option "ldap ssl : ads" is added to allow for explicitly requesting ssl with ads. Michael | |||||
2009-01-16 | ads_connect: Return immediately on a failed GC connection. | Gerald (Jerry) Carter | 1 | -3/+14 | |
ads_connect_gc() feeds an explicit server to ads_connect(). However, if the resulting connection fails, the latter function was attempting to find a DC on its own and continuing the connection. This resulting in GC searches being sent over a connection using port 389 which would fail when using the base search suffix outside of the domain naming context. The fix is to fail immediately in ads_connect() since the GC lookup ordering is handled already in ads_connect_gc(). | |||||
2009-01-16 | s3:libads: use lock_path for creating paths to local krb5.conf files | Michael Adam | 1 | -2/+3 | |
instead of manually doing an asprintf with lp_lockdir() Michael squash | |||||
2009-01-16 | s3:libads: give create_local_private_krb5_conf_for_domain() a common exit point | Michael Adam | 1 | -30/+20 | |
Michael | |||||
2009-01-04 | Async wrapper for open_socket_out_send/recv | Volker Lendecke | 1 | -12/+19 | |
2009-01-03 | open_socket_out is always used with SOCK_STREAM, remove argument "type" | Volker Lendecke | 1 | -1/+1 | |
2008-12-31 | Replace a static variable and alarm() calls by using sys_select() | Volker Lendecke | 1 | -23/+24 | |
Günther, please check! | |||||
2008-12-31 | Fix some nonempty blank lines | Volker Lendecke | 1 | -5/+5 | |
2008-12-30 | Fix more "ignore return value" warnings from gcc 4.3. | Jeremy Allison | 1 | -9/+22 | |
Jeremy | |||||
2008-12-23 | Fix more asprintf warnings and some error path errors. | Jeremy Allison | 1 | -2/+10 | |
Jeremy. | |||||
2008-12-23 | More asprintf warning fixes. | Jeremy Allison | 3 | -8/+28 | |
Jeremy. | |||||
2008-12-23 | More asprintf warning fixes. | Jeremy Allison | 1 | -9/+18 | |
Jeremy. | |||||
2008-12-23 | Fix more asprintf errors and error code paths. | Jeremy Allison | 2 | -9/+31 | |
Jeremy. | |||||
2008-12-13 | s3:libads/ldap.c: store the dc name in the saf cache as in all other places | Stefan Metzmacher | 1 | -3/+2 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59) | |||||
2008-12-13 | s3:libads/ldap.c: if the client belongs to no site at all any dc is the closest | Stefan Metzmacher | 1 | -0/+5 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b) | |||||
2008-12-13 | s3:libads/ldap.c: pass the real workgroup name to get_dc_name() | Stefan Metzmacher | 1 | -1/+10 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc) | |||||
2008-12-13 | s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case | Stefan Metzmacher | 1 | -1/+25 | |
We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) | |||||
2008-12-13 | s3: correctly detect if the current dc is the closest one | Stefan Metzmacher | 1 | -1/+0 | |
ads->config.tried_closest_dc was never set. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3) | |||||
2008-12-03 | s3: Change sockaddr util function names for consistency | Tim Prouty | 1 | -3/+3 | |
Also eliminates name conflicts with OneFS system libraries | |||||
2008-12-02 | s3-net: allow to list a keytab generated using net rpc vampire. | Günther Deschner | 1 | -2/+5 | |
Guenther | |||||
2008-11-24 | s3:libads/ldap.c: return an error instead of crashing when no realm is given | Stefan Metzmacher | 1 | -4/+4 | |
The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't ex and "disable netbios = yes". metze Signed-off-by: Michael Adam <obnox@samba.org> | |||||
2008-11-18 | Fix extended DN parse error when AD object does not have a SID. | Steven Danneman | 1 | -24/+38 | |
Some AD objects, like Exchange Public Folders, can be members of Security Groups but do not have a SID attribute. This patch adds more granular return errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse error occured because of bad input, or the DN was valid but contained no SID. I updated all callers to ignore SIDless objects when appropriate. Also did some cleanup to the out paths of lookup_usergroups_memberof() | |||||
2008-11-18 | Whitespace and >80 column cleanups. | Steven Danneman | 1 | -12/+12 | |
2008-11-01 | Rename dos_errstr() to win_errstr() for consistency with Samba 4. | Jelmer Vernooij | 1 | -3/+3 | |
2008-10-23 | Use sockaddr_storage only where we rely on the size, use sockaddr | Jelmer Vernooij | 1 | -4/+5 | |
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in). | |||||
2008-10-22 | s3-asn1: make all of s3 asn1 code do a proper asn1_init() first. | Günther Deschner | 2 | -96/+110 | |
Guenther | |||||
2008-10-22 | s3: use shared asn1 code. | Günther Deschner | 2 | -7/+7 | |
Guenther | |||||
2008-10-20 | s3-build: no need to duplicate generated ndr_ prototypes. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2008-10-19 | Add TALLOC_CTX pointer to generate_random_str(), for consistency with | Jelmer Vernooij | 1 | -1/+1 | |
Samba 4. | |||||
2008-10-15 | kerberos: fix some heimdal build warnings. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2008-10-14 | Use GUID_string rather than smb_uuid_string(). | Jelmer Vernooij | 2 | -6/+6 | |
2008-10-13 | fix build warnings. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-10-12 | Use common strlist implementation in Samba 3 and Samba 4. | Jelmer Vernooij | 1 | -2/+2 | |
2008-10-11 | Cope with changed signature of http_timestring(). | Jelmer Vernooij | 1 | -2/+2 | |
2008-10-04 | Fix an unlikely memleak found by the IBM checker | Volker Lendecke | 1 | -0/+2 | |
2008-10-04 | Fix an uninitialized variable found by the IBM Checker | Volker Lendecke | 1 | -0/+1 | |
2008-10-02 | The IRIX compiler does not like embedded unnamed unions | Volker Lendecke | 1 | -1/+1 | |
2008-09-24 | s3-nbt: use the new generated nbt. | Günther Deschner | 2 | -99/+20 | |
Guenther | |||||
2008-09-23 | s3: fix NETLOGON_NT_VERSION version flags. | Günther Deschner | 1 | -10/+10 | |
Guenther | |||||
2008-09-23 | s3: use samba4 prototype for ndr_push/pull_struct_blob. | Günther Deschner | 2 | -8/+8 | |
Guenther | |||||
2008-09-16 | * Allow an admin to define the "uid" attribute for a RFC2307 | Gerald (Jerry) Carter | 1 | -3/+12 | |
user object in AD to be the username alias. For example: $ net ads search "(uid=coffeedude)" distinguishedName: CN=Gerald W. Carter,CN=Users,DC=pink,DC=plainjoe,DC=org sAMAccountName: gcarter memberOf: CN=UnixUsers,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Domain Admins,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Enterprise Admins,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Schema Admins,CN=Users,DC=pink,DC=plainjoe,DC=org uid: coffeedude uidNumber: 10000 gidNumber: 10000 unixHomeDirectory: /home/gcarter loginShell: /bin/bash $ ssh coffeedude@192.168.56.91 Password: coffeedude@orville:~$ id uid=10000(coffeedude) gid=10000(PINK\unixusers) groups=10000(PINK\unixusers) $ getent passwd PINK\\gcarter coffeedude:*:10000:10000::/home/gcarter:/bin/bash $ getent passwd coffeedude coffeedude:*:10000:10000::/home/gcarter:/bin/bash $ getent group PINK\\Unixusers PINK\unixusers:x:10000:coffeedude | |||||
2008-09-04 | kerberos: fix indent of enc type lines in generated krb5.conf files. | Günther Deschner | 1 | -3/+3 | |
Guenther (This used to be commit 18a26f08b6fab4119a1421a7ca59c32dde8bb8cb) | |||||
2008-08-29 | kerberos: use KRB5_KT_KEY macro where appropriate. | Günther Deschner | 1 | -9/+2 | |
Guenther (This used to be commit a042dffd7121bda3dbc9509f69fcfae06ed4cc22) | |||||
2008-08-20 | libads: remove unused vars. | Günther Deschner | 1 | -3/+0 | |
Guenther (This used to be commit ea9fc3bea31b11e715d9524defc18b75e5943842) | |||||
2008-07-30 | Fix uninitialized variables. | Jeremy Allison | 1 | -0/+1 | |
Jeremy. (This used to be commit 1db7e00a5400863fd5dbb81c1a4c6ea6092d0495) | |||||
2008-07-18 | kerberos: make smb_krb5_kt_add_entry() static. | Günther Deschner | 1 | -6/+6 | |
Guenther (This used to be commit 04b1847f87d166819dfe0f8c27c8cd9fc062544f) | |||||
2008-07-11 | Revert "Pass NULL to gencache_get when we are not interested in the timeout ↵ | Volker Lendecke | 1 | -1/+2 | |
value" This reverts commit 16062dfc3dcc8f1ca0024a3ae21effb889c7ffc0. (This used to be commit 114ca8577568cdb5a81d8734f1d1d096f1b36c36) | |||||
2008-07-03 | Pass NULL to gencache_get when we are not interested in the timeout value | Volker Lendecke | 1 | -2/+1 | |
(This used to be commit 16062dfc3dcc8f1ca0024a3ae21effb889c7ffc0) | |||||
2008-06-30 | kerberos: allow to keep entries with old kvno's while creating keytab. | Günther Deschner | 1 | -2/+4 | |
Guenther (This used to be commit 6194244bd9fcc1fb736f3d91433f107270cac1c9) | |||||
2008-06-30 | kerberos: rename smb_krb5_kt_add_entry to smb_krb5_kt_add_entry_ext. | Günther Deschner | 1 | -25/+39 | |
Guenther (This used to be commit 48600a0019d70d22574cf08e8fe19d44cc332a0f) |