summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2003-02-25tokenGroups are SIDs, so dump them as such.Andrew Bartlett1-0/+1
(This used to be commit 43f07e9de70ad9993265e28a54239caba0121ab6)
2003-02-24Patch from Luke Howard to add mutual kerberos authentication, and SMB sessionAndrew Bartlett1-6/+26
keys for kerberos authentication. Andrew Bartlett (This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
2003-02-24Always initialiseAndrew Bartlett1-2/+2
(This used to be commit ff2b5b2f85f2d9dade67077cea1b68719cf65352)
2003-02-22Fix a DEBUG() formatting, add some more debug to our SID pulling code andAndrew Bartlett1-18/+33
inline the call to prs_copy_all_data_out() so that we can know we are not overrunning our buffer. Also check more return values. Andrew Bartlett (This used to be commit e3b73d5d658584428c81c9ef3ccf024687a56e2f)
2003-02-19libads/krb5_setpw.cJim McDonough1-1/+2
(This used to be commit 4c52d7bd933f61bdba3d4159a204fe16db3d4f0f)
2003-02-19Fix segv in net ads join...an extra & was the culpritJim McDonough1-1/+1
(This used to be commit 9874b233d55a0b1aea7eb033848f4b63a531833b)
2003-02-19Check return values of various join-related functions, and ensure we alwaysAndrew Bartlett1-9/+16
compare push_* returns with (size_t)-1, not < 0. Andrew Bartlett (This used to be commit 63f5e92536c6bcac54b796d6e91b755e7d328f66)
2003-02-19Try to get heimdal working with HEAD.Jim McDonough1-20/+7
- Provide generic functions for - get valid encryption types - free encryption types - Add encryption type parm to generic function create_kerberos_key_from_string() - Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c I think this should work for both MIT and heimdal, in HEAD. If all goes smooth, I'll move it over to 3.0 soon... (This used to be commit 45e409fc8da9f26cf888e13d004392660d7c55d4)
2003-02-18Fix of two warnings.Rafal Szczesniak1-5/+3
pull_ucs2_talloc function takes char** pointer, not (here explicitly casted) void** one. Rafal (This used to be commit e77c44efd95d42a8194f5c3d36c043f8e84dfd1d)
2003-02-15Antti Andreimann <Antti.Andreimann@mail.ee> has done some changes to enableAndrew Bartlett4-132/+337
users w/o full administrative access on computer accounts to join a computer into AD domain. The patch and detailed changelog is available at: http://www.itcollege.ee/~aandreim/samba This is a list of changes in general: 1. When creating machine account do not fail if SD cannot be changed. setting SD is not mandatory and join will work perfectly without it. 2. Implement KPASSWD CHANGEPW protocol for changing trust password so machine account does not need to have reset password right for itself. 3. Command line utilities no longer interfere with user's existing kerberos ticket cache. 4. Command line utilities can do kerberos authentication even if username is specified (-U). Initial TGT will be requested in this case. I've modified the patch to share the kinit code, rather than copying it, and updated it to current CVS. The other change included in the original patch (local realms) has been left out for now. Andrew Bartlett (This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-5/+11
Needed to move to disk based i/o later. Jeremy. (This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
2003-02-12add a note about a better method for finding netbios name of workgroupAndrew Tridgell1-0/+7
(not implemented yet) (This used to be commit 8a8cca78adebba640c6ce971d8888515bf0ea4be)
2003-02-04Mem alloc failure checks.Jeremy Allison3-23/+59
Jeremy. (This used to be commit 4e33e3f37fd548b9b1ed3c84f673a853b0dc4818)
2003-02-01Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm toAndrew Bartlett3-10/+39
blame for the realloc() stuff. Plus a couple of minor updates to libads. Andrew Bartlett (This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
2003-01-21More fixes getting us closer to full Heimdal compile....Jeremy Allison1-11/+7
Jeremy. (This used to be commit 193cc4f4fc876c66e97ea6b82bae431d0247c1fa)
2003-01-21sanity checks from Ken CrossGerald Carter2-3/+7
(This used to be commit ec26877f0b4fbe2c651a6069d22b9ac0637aa2d1)
2003-01-15* removed unused variable from rpcclient codeGerald Carter1-5/+5
* added container option to net command (patch from SuSE) * Makefile patch for examples/VFS from SuSE (This used to be commit 4a6d8280ea27ca7a6998219aacc4b15b1227a659)
2003-01-11Patch from Nik Conwell <nik@bu.edu>. Don't reference free()ed data when tryingAndrew Bartlett1-1/+3
to figure out if we have got our ticket yet. Andrew Bartlett (This used to be commit a66ced2cf69145c0a5be5ed91ac306db50c313d1)
2003-01-02BIG patch...Andrew Bartlett3-8/+8
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-12-30Catching up with old patches. Add define for VERITAS quota support.Jeremy Allison1-0/+2
Check return in ldap. Jeremy. (This used to be commit e789edbb287319f52f49f2999917a610565144d9)
2002-12-20Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2-9/+9
named. Ensure we can query them. Jeremy. (This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
2002-12-13More printer publishing code.Jim McDonough1-0/+26
- Add published attribute to info2, needed for win clients to work properly - Return proper info on getprinter 7 This means you can now look at the sharing tab of a printer and get correct info about whether it is published or not, and change it. (This used to be commit adda04379ee46f105436262663652f3f576fa3cf)
2002-12-05More printer data to publishJim McDonough1-0/+1
(This used to be commit 82f3a786bf01878629fe4c05b028ae8d58eb4394)
2002-12-03Stop using hardcoded key/value strings, be more forgiving of ↵Jim McDonough1-70/+74
dsspooler/dsdriver info existence. (This used to be commit ca8735532cb656a09c1586326cdce33984fe38b4)
2002-11-23[merge from APP_HEAD]Gerald Carter1-1/+2
90% fix for CR 1076. The password server parameter will no take things like password server = DC1 * which means to contact DC1 first and the go to auto lookup if it fails. jerry (This used to be commit c31a17889e3e4daf7c1e807038efc2c0fba78be3)
2002-11-18Don't pass a function to ADS_ERR_OK().Jim McDonough1-6/+13
(This used to be commit a148e4c290820a48c8b51e0e0459b2171b32c258)
2002-11-18Next step of printer publishing.Jim McDonough1-106/+242
net ads printer publish <printername> [servername] Will retreive the DsSpooler and DsDriver info by rpc for a remote server then publish it. Next comes doing it within smbd (This used to be commit 64951938cc5666a757683cbe9bee3a2c20a05323)
2002-11-15Include the hostname we are trying to match with $@, to allow easier debugging.Andrew Bartlett1-1/+1
(This used to be commit f5d8afc626b8f7792aa7dd7fa7082f55725b539c)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison4-27/+26
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-11-10make sure that if kerberos fails we can fall back on NTLMSSP for SASLAndrew Tridgell1-2/+5
(This used to be commit 69dba08c40c9739137b4f01d38be5228edc6dd6e)
2002-11-06Merge of get_dc_list() api change. This was slightly more intrusiveTim Potter1-12/+7
than the version in APPLIANCE so watch out for boogs. (This used to be commit 1e054e3db654801fbb5580211529cdfdea9ed686)
2002-10-31Re-enable use of existing kerberos tickets.Jim McDonough1-2/+6
(This used to be commit 6ec5dce69834e72e458a8acff7d1790cbdd46d67)
2002-10-23fixed a possible segv when dealing with a blank passwordAndrew Tridgell1-2/+6
(This used to be commit d5d0d0de50482ed16c594b1cc4cc113e2526a915)
2002-10-18Format objectGUIDs on ads dumps.Jim McDonough1-1/+18
(This used to be commit 7eaf7e7115c75e682b1b9368c6f28c60429885e5)
2002-10-04only set UF_USE_DES_KEY_ONLY if we are using krb5 libraries that can'tAndrew Tridgell1-3/+7
do type 23 (This used to be commit c0612272e8eea3d741854c0b4834bc687d787218)
2002-10-04support all permitted encoding types in tickets. This allows us toAndrew Tridgell1-15/+29
decode a type 23 ticket when the machine account is setup for non-DES tickets (This used to be commit 144d4429d7d91e8597263da6abc8041098f2a4c3)
2002-10-03.NET likes both forms of servicePrincipalName in the machine accountAndrew Tridgell1-1/+8
record (This used to be commit 8ff6d40d7fe4dc11e9ba194a55995c0926202df9)
2002-09-28Try to compile as much as possible with only ldap, but not kerberos.Andrew Bartlett4-36/+35
(This used to be commit 9615ab10c006d8027f6a8b7dd3770eb77304dbdc)
2002-09-28Add the beginings of sam_ads to the tree.Andrew Bartlett4-3/+46
This module, primarilly the work of "Stefan (metze) Metzmacher" <metze@metzemix.de>, uses the Active Directory schema to store the user/group/other information. I've been testing it against a real AD server, and it is intended to work with OpenLDAP as well. I've moved a few functions around in our other libads code, which has made it easier to tap into that existing code. Also, I've made some changes to the SAM interface, I hope there are not too many objections... To ensure we don't get silly bugs in the skel module, it is now in the default compile. This way you should not forget to update it :-) Andrew Bartlett (This used to be commit 24fb0cde2f0b657df1c99474cd694438c94a566e)
2002-09-28This needs to be #ifdef HAVE_LDAP.Andrew Bartlett1-0/+3
(This used to be commit 2b54a2fc2c85ea139e2acdbbc2f14b969c0c6315)
2002-09-27Move a number of ADS related functions out into utility libs, so that thingsAndrew Bartlett5-31/+332
like metze's sam_ads can also use them. Also add error checking etc to a few more functions. Andrew Bartlett (This used to be commit c864edf4fbf8a6c37888a14b861d7c12cf503d4f)
2002-09-27Some small cleanups to the libads code (mainly error checking), and give aAndrew Bartlett2-5/+28
sane prototype for the push_utf8_allocate code. Andrew Bartlett (This used to be commit ce00a3238ed8a82639c4d0ee3e960f7000b1a7b0)
2002-09-25Another patch from metze, towards his work on sam_ads.Andrew Bartlett2-2/+98
See mx-ldap.sf.net for his current progress. (This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
2002-09-25Avoid a segfault in net join when you have not done an kinit, and it's fallingAndrew Bartlett1-0/+5
back to NTLMSSP. We need to get the password out of the user, and this eventually does. Andrew Bartlett (This used to be commit bb518a3bae3bf91a589021fcc5b1e715247c5ded)
2002-09-17Add clock skew handling to our kerberos code. This allows us to cope withAndrew Tridgell5-22/+75
the DC being out of sync with the local machine. (This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
2002-09-17another const cleanupAndrew Tridgell1-1/+1
(This used to be commit 443d5ebafad46a9a62527642628aff8e5d9dc10c)
2002-09-06Seems I missed commiting this when I added the rest of metze's ADS patch.Andrew Bartlett1-0/+75
Oh well, here it is... Andrew Bartlett (This used to be commit 7c2a667640b01a0f19ddc3515c5ca7ac43d26e25)
2002-09-06Patch from "Stefan (metze) Metzmacher" <metze@metzemix.de>Andrew Bartlett2-8/+42
to extend the ADS_STATUS system to include NTSTATUS, and to provide a better general infrustructure for his sam_ads work. I've also added some extra failure mode DEBUG()s to parts of the code. NOTE: The ADS_ERR_OK() macro is rather sensitive to braketing issues - without the final set of brakets, the test is essentially inverted - causing some intersting 'error = success' messages... Andrew Bartlett (This used to be commit 5b9a7ab901bc311f3ad08462a8a68d133c34a8b4)
2002-09-06Add some DEBUG()s to some libads failure modes.Andrew Bartlett1-1/+5
(This used to be commit ad3c8da13b9d510f78fd56364cd0987de88a9b9f)
2002-08-30convert the LDAP/SASL code to use GSS-SPNEGO if possibleAndrew Tridgell2-34/+221
we now do this: - look for suported SASL mechanisms on the LDAP server - choose GSS-SPNEGO if possible - within GSS-SPNEGO choose KRB5 if we can do a kinit - otherwise use NTLMSSP This change also means that we no longer rely on having a gssapi library to do ADS. todo: - add TLS/SSL support over LDAP - change to using LDAP/SSL for password change in ADS (This used to be commit b04e91f660d3b26d23044075d4a7e707eb41462d)