Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
user object in AD to be the username alias.
For example:
$ net ads search "(uid=coffeedude)"
distinguishedName: CN=Gerald W. Carter,CN=Users,DC=pink,DC=plainjoe,DC=org
sAMAccountName: gcarter
memberOf: CN=UnixUsers,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Domain Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Enterprise Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
memberOf: CN=Schema Admins,CN=Users,DC=pink,DC=plainjoe,DC=org
uid: coffeedude
uidNumber: 10000
gidNumber: 10000
unixHomeDirectory: /home/gcarter
loginShell: /bin/bash
$ ssh coffeedude@192.168.56.91
Password:
coffeedude@orville:~$ id
uid=10000(coffeedude) gid=10000(PINK\unixusers) groups=10000(PINK\unixusers)
$ getent passwd PINK\\gcarter
coffeedude:*:10000:10000::/home/gcarter:/bin/bash
$ getent passwd coffeedude
coffeedude:*:10000:10000::/home/gcarter:/bin/bash
$ getent group PINK\\Unixusers
PINK\unixusers:x:10000:coffeedude
|
|
Guenther
(This used to be commit 18a26f08b6fab4119a1421a7ca59c32dde8bb8cb)
|
|
Guenther
(This used to be commit a042dffd7121bda3dbc9509f69fcfae06ed4cc22)
|
|
Guenther
(This used to be commit ea9fc3bea31b11e715d9524defc18b75e5943842)
|
|
Jeremy.
(This used to be commit 1db7e00a5400863fd5dbb81c1a4c6ea6092d0495)
|
|
Guenther
(This used to be commit 04b1847f87d166819dfe0f8c27c8cd9fc062544f)
|
|
value"
This reverts commit 16062dfc3dcc8f1ca0024a3ae21effb889c7ffc0.
(This used to be commit 114ca8577568cdb5a81d8734f1d1d096f1b36c36)
|
|
(This used to be commit 16062dfc3dcc8f1ca0024a3ae21effb889c7ffc0)
|
|
Guenther
(This used to be commit 6194244bd9fcc1fb736f3d91433f107270cac1c9)
|
|
Guenther
(This used to be commit 48600a0019d70d22574cf08e8fe19d44cc332a0f)
|
|
(This used to be commit 8704c2ab37479236788c0a99465d73643d3d555a)
|
|
Extends ads_connect() to a new call ads_connect_gc() which connects on port
3268 rather than port 389. Also makes ads_try_connect() static and
only used internally to ldap.c
(This used to be commit f4c37dbe2c986fb7bfe510cdff3b4a9fbc06d079)
|
|
Guenther
(This used to be commit 026018c9f1ed0680b3ca5b26dd6b8dc466e27e0d)
|
|
Guenther
(This used to be commit b5aaf5aa0f280f69e05b613271c96473a79b812e)
|
|
salting them.
Guenther
(This used to be commit 7c4da23be1105dc224033b21eb486e7fcdc7d9c5)
|
|
Guenther
(This used to be commit cb7ace209c2051ae02647188715fa6ee324c2bf6)
|
|
Guenther
(This used to be commit 132b038581a1a91b4e70c7c44f97f52866609812)
|
|
This reverts commit df8d089bc63c2a52cbdf3504cded8df620a59902.
(This used to be commit 342f8858200ed7c446516c270e1b4284d92010d8)
|
|
Guenther
(This used to be commit 1ce726b951621cb4b34069c31d1318fc04ad2389)
|
|
This is really not a proper place to fix this, but as get_gc_list() and friends
are about to be replaced anyway, just work around the broken existing API
(This used to be commit df8d089bc63c2a52cbdf3504cded8df620a59902)
|
|
(This used to be commit e7f76a0c65085dd1e7b50ea3537e11922e7d9ecd)
|
|
Jeremy.
(This used to be commit 201bcc8ed291b51be6f4508c6aa1cb17ce6dcbe3)
|
|
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
|
|
(This used to be commit 30956c784f58870ad552a3869d80f99872c31375)
|
|
Guenther
(This used to be commit 0388b2f0cc4d14b005c5b42f2c17ddcbc8bef12a)
|
|
Guenther
(This used to be commit f3251ba03a69c2fd0335861177159a32b2bc9477)
|
|
Guenther
(This used to be commit 5b0eda98f3d127399770f7a037ad3277dbe23393)
|
|
Guenther
(This used to be commit 56be9c98d24e64bf855439df21766d30f448f407)
|
|
Guenther
(This used to be commit 6f9d5e1cc94bc90685b54c04622b8f3357bd2f69)
|
|
Guenther
(This used to be commit b261f063125f8454d8f4e8f6b6f8aa5bc393ea34)
|
|
On AIX, Solaris, and possibly some older glibc systems (e.g. SLES8)
truncated replies never give back a resp_len > buflen
which ends up causing DNS resolve failures on large tcp DNS replies.
Also add more debug lines about processing the DNS reply.
(This used to be commit 5ed9b92097460cd8180db806a08213e97cfb8daa)
|
|
of entries
The ads_do_search_all_args() function attempts to string together several
LDAPMessage structures, returned across several paged ldap requests, into a
single LDAPMessage structure. It does this by pulling entries off the second
LDAPMessage structure and appending them to the first via the OpenLDAP specific
ldap_add_result_entry() call.
The problem with this approach is it skips non-entry messages such as the
result, and controls. These messages are leaked.
The short term solution as suggested by Volker is to replace the ads_*_entry()
calls with ads_*_message() calls so we don't leak any messages.
This fixes the leak but doesn't remove the dependence on the OpenLDAP specific
implementation of ldap_add_result_entry().
(This used to be commit f1a5405409c396df394611e2a234522572d2860a)
|
|
(This used to be commit 42de50d2cd43e760d776694f7b5f003ba51d7f84)
|
|
Guenther
(This used to be commit 538eefe22ad69540b9f73ffaa613d6be045de199)
|
|
Guenther
(This used to be commit 4cee7b1bd5cd97c414b73d6f39238958480cdcf3)
|
|
Guenther
(This used to be commit 751f3064a508341c0ebae45e8de9f5311d915d70)
|
|
Also make sure that rpc_pipe_client->user_name is always talloced.
(This used to be commit 3f6c5b99664a75a6f490ee3b6980b89cacf7f579)
|
|
(This used to be commit 1d261e78b38e8080ca7122037d33c8ef913a4558)
|
|
This reduces the dependency on cli_state
(This used to be commit 783afab9c891dd7bcb78895b2a639b6f3a0edf5b)
|
|
Karolin
(This used to be commit 42fbbeb1caf93e4e17bb62f31ff90a853bd169fb)
|
|
Karolin
(This used to be commit 6cee34703503fbf3629057345fe221b866560648)
|
|
Guenther
(This used to be commit 380e9d26db5341d10807ccbfb413d0f53d3ffc71)
|
|
"status" was used uninitialized on success -- metze, please check
(This used to be commit a0859529c853ffb756b1deee946923b6fff6136e)
|
|
(This used to be commit 22cee9c1afbc33b4920b72bc81569d79642172af)
|
|
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
|
|
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not
provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC
mutex is needed per-node anyway, so it is perfectly fine to use a local mutex
only.
(This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
|
|
Correctly return if we can't create the temporary krb5.conf
Jeremy, please check!
(This used to be commit c2401811aa3d02a9e27969687b9ea035407000c3)
|
|
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
|
|
warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result
(This used to be commit ad37b7b0aee265a3e4d8b7552610f4b9a105434d)
|