summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r8062: Remove some unused codeVolker Lendecke1-129/+0
(This used to be commit fa6cc0bdefe272ec538a71a2b6ba72a724411764)
2007-10-10r8048: Replace "done" with "failed".Günther Deschner1-5/+5
Guenther (This used to be commit 7285edc4fe71f47ab648c31760c357fc2af29ce7)
2007-10-10r8047: "oid" is defined in a heimdal header. With my gcc this generates a ton ofVolker Lendecke1-4/+4
shadowed variable warnings. Fix that. Volker (This used to be commit 3846c0afa1db96239b3aaf2e7ee2427b48f6e2f0)
2007-10-10r7994: This adds support in Winbindd's "security = ads"-mode to retrieve the ↵Günther Deschner2-1/+100
POSIX homedirectory and the loginshell from Active Directory's "Services for Unix". Enable it with: winbind sfu support = yes User-Accounts without SFU-Unix-Attributes will be assigned template-based Shells and Homedirs as before. Note that it doesn't matter which version of Services for Unix you use (2.0, 2.2, 3.0 or 3.5). Samba should detect the correct attributes (msSFULoginShell, msSFU30LoginShell, etc.) automatically. If you also want to share the same uid/gid-space as SFU then also use PADL's ad-idmap-Plugin: idmap backend = ad When using the idmap-plugin only those accounts will appear in Name Service Switch that have those UNIX-attributes which avoids potential uid/gid-space clashes between SFU-ids and automatically assigned idmap-ids. Guenther (This used to be commit 28b59699425b1c954d191fc0e3bd357e4a4e4cd8)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-2/+1
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter2-8/+3
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r6595: This is Volkers new-talloc patch. Just got the go-ahead fromJeremy Allison1-1/+1
Volker to commit. Woo Hoo ! Jeremy. (This used to be commit 316df944a456f150944761dab34add5e8c4ab699)
2007-10-10r6586: get rid of a few more compiler warningsHerb Lewis1-1/+1
(This used to be commit 173375f8d88bf8e8db8d60e5d5f0e5dcc28767d9)
2007-10-10r6149: Fixes bugs #2498 and 2484.Derrell Lipman4-8/+13
1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task. (This used to be commit 994694f7f26da5099f071e1381271a70407f33bb)
2007-10-10r6127: Eliminated all compiler warnings pertaining to mismatched ↵Derrell Lipman1-1/+2
"qualifiers". The whole of samba comiles warning-free with the default compiler flags. Temporarily defined -Wall to locate other potential problems. Found an unused static function (#ifdefed out rather than deleted, in case it's needed for something in progress). There are also a number of uses of undeclared functions, mostly krb5_*. Files with these problems need to have appropriate header files included, but they are not fixed in this update. oplock_linux.c.c has undefined functions capget() and capset(), which need to have "#undef _POSIX_SOURCE" specified before including <sys/capability.h>, but that could potentially have other side effects, so that remains uncorrected as well. The flag -Wall should be added permanently to CFLAGS, and all warnings then generated should be eliminated. (This used to be commit 5b19ede88ed80318e392f8017f4573fbb2ecbe0f)
2007-10-10r5956: more compile warngin fixes from the Mr. MaderGerald Carter1-3/+3
(This used to be commit f3f315b14d261fa56ab040db036a6f858ac06e65)
2007-10-10r5952: BUG 2469: patch from Jason Mader to cleanup compiler warning when not ↵Gerald Carter1-0/+4
using krb5 (This used to be commit 19a639ac468237b22f16d917c0150fbf10c9623e)
2007-10-10r5948: more compile cleanups from Jason MaderGerald Carter1-6/+1
(This used to be commit cc6c769c3c26164919dd13777d671abe02c084d9)
2007-10-10r5762: Modified version of patch from Michael Brown ↵Jeremy Allison1-65/+99
<mbrown@fensystems.co.uk> to case insentively search for a principal match on logon verification in the system keytab. UNTESTED (although it compiles). Please test. Jeremy. (This used to be commit 1ace2ca1be65b4d6e92a98040fd09fdca74e8c8a)
2007-10-10r5759: Patch from Doug VanLeuven <roamdad@sonic.net> to add more case/realm/nameJeremy Allison1-2/+21
permutations to the kerberos keytab. Jeremy. (This used to be commit c687e73f242967cd3a78db66c1dd23349766ebb8)
2007-10-10r5336: BUG 2329: fix to re-enable winbindd to locate DC's when 'disable ↵Gerald Carter1-1/+1
netbios = yes' (This used to be commit 75a223f1188ae0041c9e3c748af107d642f73810)
2007-10-10r5207: patches from Jay Fenlason @ RedHat (scooped from their Fedora packages)Gerald Carter1-1/+1
(This used to be commit 9019a8436162d3606f6b8584701b0832cf5a7439)
2007-10-10r4882: Fix for #2255. Debug should have been 10 not 0.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 5557e1409a9a22759ca3bea021d4a662099e683a)
2007-10-10r4736: small set of merges from rtunk to minimize the diffsGerald Carter1-1/+1
(This used to be commit 4b351f2fcc365a7b7f8c22b5139c299aa54c9458)
2007-10-10r4665: Fix inspired by posting from Joe Meadows <jameadows@webopolis.com>.Jeremy Allison1-10/+10
Make all LDAP timeouts consistent. Jeremy. (This used to be commit 0f0281c2348b10ffdea744ecade6b2be0814c872)
2007-10-10r4346: Fix cut-and-paste error - bugid #2189. Fixed by Buck Huppmann ↵Jeremy Allison1-1/+1
<buckh@pobox.com> Jeremy. (This used to be commit 5c22cb082c86088add0db21541a8079c516c9fd9)
2007-10-10r4334: Fix for bugid #2186 - from Buck Huppmann <buckh@pobox.com>Jeremy Allison1-1/+2
to prevent uninitialized creds being freed. Jeremy. (This used to be commit c3f9c81a8fcb26f7110f75b3096d5d1eb30aac13)
2007-10-10r4273: Same fix for r4272 in SAMBA_3_0 branch.Tim Potter1-1/+1
(This used to be commit 4f1927acfa6569fc90317d76ed34e5ee088df7c1)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison9-69/+58
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r4023: Code tidyup to fix bug #2098.Jeremy Allison1-2/+3
Jeremy. (This used to be commit ebaf21e3e289d3570f20b22e00555eaebe060063)
2007-10-10r3841: Time out in ads search queries. Even AD servers can hang.Volker Lendecke1-7/+44
Volker (This used to be commit fc454c8ef6321fba9efa42a704c8e8c707361af3)
2007-10-10r3796: Patch from Jay Fenlason <fenlason@redhat.com>. Don't free static buffers.Jeremy Allison1-1/+0
Jeremy. (This used to be commit 53acf222a86a1420abbba08a2cde27a86debe403)
2007-10-10r3764: Ensure on failure that *res is always NULL.Jeremy Allison1-3/+8
Check for malloc fail. Fixes for bug #2036. Jeremy. (This used to be commit b815247747214ba413c054746e9732d5f2b10535)
2007-10-10r3711: Fix KRB5_SETPW-defines, no change in behaviour.Günther Deschner1-7/+5
A value of '2' is due to an expired internet draft, while 0xff80 comes from RFC3244. See Bugzilla #1661 for details. Thanks to Luke Mewburn <lukem@NetBSD.org> for his research. Guenther (This used to be commit 3906c1623fb3823612347a0533ad49d7dfbe1b99)
2007-10-10r3569: Fix for bug #1651, added extra servicePrincipalNames for kerberos ↵Jeremy Allison1-6/+44
interop. Modified the redhat patch some... Jeremy. (This used to be commit 2ae717cd2c876649464f91093e55bed64ac5588d)
2007-10-10r3502: Tidy up debugging in kerberos_keytab code.Jeremy Allison1-32/+48
Jeremy. (This used to be commit 82651c1b1704d90ca52be1463ee871801c607d3b)
2007-10-10r3495: Fix the build (recent kerberos-changes).Günther Deschner2-3/+4
Guenther (This used to be commit c7eab285d967345510a15e83bce508edb8e06e99)
2007-10-10r3492: Fixes from testing kerberos salted principal fix.Jeremy Allison2-24/+52
Jeremy. (This used to be commit b356a8fdc5a1ac45f2f7f56a0836e794bdecddc6)
2007-10-10r3451: Finish off kerberos salting patch. Needs testing !Jeremy Allison2-29/+34
Jeremy. (This used to be commit ff4cb6b5e80731856d6f3f7eebd8fc23902e3580)
2007-10-10r3439: Finally fix build for platforms without kerberos.Günther Deschner1-2/+2
Guenther (This used to be commit 05619cfdbf814e5c79e65934b82424eca00c76c4)
2007-10-10r3436: Fix build with recent heimdal-versions (0.6.3) as pointed out by LukeGünther Deschner1-0/+2
Mewburn <lukem@NetBSD.org> and close Bugzilla #1661. Leaving the old define for KRB5_KPASSWD_VERS_SETPW (added by Antti Andreimann) as fallback when the library does not provide one. Guenther (This used to be commit 00598877dfb7aab48d1b5d58b3a69ed2dd8a36a8)
2007-10-10r3381: More merging of the #1717 patch. Fixup some erroneous assumptions aboutJeremy Allison2-62/+77
memcpy's into fqdn names. I think the original intent was to create MYNAME.fqdn.tail.part. Will need testing to see I haven't broken keytab support. Jeremy. (This used to be commit 82acf83040654eb8b7e261518a3e5eb9caea7750)
2007-10-10r3379: More merging of kerberos keytab and salting fixes from Nalin ↵Jeremy Allison2-15/+89
Dahyabhai <nalin@redhat.com> (bugid #1717). Jeremy. (This used to be commit 30b8807cf6d5c3c5b9947a7e841d69f0b22eb019)
2007-10-10r3377: Merge in first part of modified patch from Nalin Dahyabhai ↵Jeremy Allison2-8/+549
<nalin@redhat.com> for bug #1717.The rest of the code needed to call this patch has not yet been checked in (that's my next task). This has not yet been tested - I'll do this once the rest of the patch is integrated. Jeremy. (This used to be commit 7565019286cf44f43c8066c005b1cd5c1556435f)
2007-10-10r3273: Ensure we're consistent in the use of strchr_m for '@'.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 0f3f7b035b37bfc51d3a59d0472003c3d4ac1511)
2007-10-10r2832: Readd WKGUID-binding to match the correct default-locations of newGünther Deschner1-4/+73
User-, Group- and Machine-Accounts in Active Directory (this got lost during the last trunk-merge). This way we match e.g. default containers moved by redircmp.exe and redirusr.exe in Windows 2003 and don't blindly default to cn=Users or cn=Computers. Further wkguids can be examied via "net ads search wellknownobjects=*". This should still keep a samba3-client joining a samba4 dc. Fixes Bugzilla #1343. Guenther (This used to be commit 8836621694c95779475fa9a1acf158e5e0577288)
2007-10-10r2569: Patch from Rob Foehl <rwf@loonybin.net>:Gerald Carter1-1/+1
- fix typo in libads/ldap_printer.c:39, ads_find_printer_on_server() (originally libads-typo.patch) - fix leak in printing/nt_printing.c, is_printer_published() (originally is_printer_published-leak.patch) - fix double print_backend_init() calls, now only called from main() - restructuring in printing/nt_printing.c - replaced (un)publish_it() with ads-specific functions - moved common code to nt_printer_publish() - improved error handling in several places - added check_published_printers() in printing/nt_printing.c, to verify that each published printer is actually in the directory at startup - changed calling semantics of mod_a_printer, dump_a_printer, and update_driver_init to be more consistent with the rest of the api and reduce some copying (This used to be commit 50a5a3dbd02acb0d09133b6e42cc37d091ea901d)
2007-10-10r2091: only use sAMAccountName and not userPrincipalName since the breaks ↵Gerald Carter1-0/+6
winbindd (lookup_name() only works with the sAMAccountName) -- *please* test this change. My tests all pass but there is probably something I missed (This used to be commit 2bf08aaa37f41681b3154514792bf29a3abfdbfd)
2007-10-10r1967: Fix a couple of krb5-DEBUG-messages.Günther Deschner1-4/+6
Guenther (This used to be commit 86a61c86a49a7e4d67e61201458c9b0229fb0825)
2007-10-10r1789: compiler warnings from SuSEGerald Carter1-0/+4
(This used to be commit 7e44193be103fad273796218c8f5e5f9a1657c3c)
2007-10-10r1381: fixing behavior found by gd@sernet.de; we must use the ↵Gerald Carter1-4/+4
userPrincipalName value (host/hostname@REALM) and not the servicePrincipalName (host/fqdn@REALM) in the SASL binds (This used to be commit 959da6e176da9f6a687265e50489b7db3d6712c0)
2007-10-10r1378: Better debugging so I don't get confused what principal we mean.Jeremy Allison1-2/+2
Jeremy. (This used to be commit de80e8b1698d34637cf9c105a8fe02f435d83b02)
2007-10-10r1373: Fix from Guenther Deschner <gd@sernet.de> to ensure last error return ↵Jeremy Allison1-1/+2
is not invalid. Jeremy. (This used to be commit 4bdf914cba2a63d186138d1341a7260ad79da1f5)
2007-10-10r1330: Fix the build for systems without ldap headersVolker Lendecke1-1/+1
(This used to be commit b7267121af45d7173c310299bb52ae031ae1d501)
2007-10-10r1317: Patch from Joe Meadows "Joe Meadows" <jameadows@webopolis.com> toJeremy Allison1-1/+30
add a timeout to the ldap open calls. New parameter, ldap timeout added. Jeremy. (This used to be commit e5b3094c4cc75eb07f667dd1aeb73921ed7366ac)