summaryrefslogtreecommitdiff
path: root/source3/nsswitch/wb_client.c
AgeCommit message (Collapse)AuthorFilesLines
2002-01-27Some more 'winbind default domain' support patches from Alexander BokovoyAndrew Bartlett1-81/+1
<a.bokovoy@sam-solutions.net>. This patch is designed to remove the 'special cases' required for this support. In particular this now kills off winbind_initgroups, as it appears no longer to be required. Andrew Bartlett (This used to be commit f1d8d509766e9169d39332559162cfec249bfc70)
2002-01-26Change the winbind interface to use seperate 'domain' and 'username' feilds forAndrew Bartlett1-131/+7
the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username. (This used to be commit ce1b4d4c309e4a60bec5a53224585bd504264672)
2002-01-18This is the 'winbind default domain' patch from Alexander BokovoyAndrew Bartlett1-19/+51
<a.bokovoy@sam-solutions.net>. The idea is the domain\username is rather harsh for unix systems - people don't expect to have to FTP, SSH and (in particular) e-mail with a username like that. This 'corrects' that - but is not without its own problems. As you can see from the changes to files like username.c and wb_client.c (smbd's winbind client code) a lot of assumptions are made in a lot of places about lp_winbind_seperator determining a users's status as a domain or local user. The main change I will shortly be making is to investigate and kill off winbind_initgroups() - as far as I know it was a workaround for an old bug in winbind itself (and a bug in RH 5.2) and should no longer be relevent. I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters to determine a user/groups's 'local' status, rather than the presence of the seperator. As such, this functionality is recommended for servers providing unix services, but is currently less than optimal for windows clients. (TODO: remove all references to lp_winbind_seperator() and lp_winbind_use_default_domain() from smbd) Andrew Bartlett (This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4)
2001-12-13make sure we find NSS_STATUS structAndrew Tridgell1-0/+1
(This used to be commit 7db718d44a62aee9610a9dfd9e671345a0ea7737)
2001-12-05Fixed parse_domain_user to be bool.Jeremy Allison1-11/+9
Jeremy. (This used to be commit 9563de2ef8c1197f4941671d2fdade7d933c32d0)
2001-12-03added name_to_sid to the backendAndrew Tridgell1-1/+1
(This used to be commit 816e40a51af80a7f703c0451304de406deab3dd8)
2001-11-13Fix winbind client code so that winbind calls are not made if theJeremy Allison1-15/+22
requested name does not have a winbind separator character. This makes the intent explicit. Tim, contact me if this is not what you indended. Jeremy. (This used to be commit 86b7cf7f85840316052ff29115bf55c04dc17486)
2001-10-29This commit is number 4 of 4.Andrew Bartlett1-4/+4
In particular this commit focuses on: Actually adding the 'const' to the passdb interface, and the flow-on changes. Also kill off the 'disp_info' stuff, as its no longer used. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes introduces a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username --- This finishes this line of commits off, your tree should now compile again :-) Andrew Bartlett (This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
2001-09-17move to SAFE_FREE()Simo Sorce1-2/+2
(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
2001-08-24get rid of compiler warningsHerb Lewis1-2/+3
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
2001-08-18More Realloc fixes.Jeremy Allison1-1/+1
Jeremy. (This used to be commit b4fa49fe13cb93d578b1714d5863a9f50395bf65)
2001-08-13Fixed up 'orrible formatting.Tim Potter1-21/+21
(This used to be commit 73addddb2e038946e38a6a15f46f61148a49ac08)
2001-08-12this is a big global fix for the ptr = Realloc(ptr, size) bug.Simo Sorce1-3/+4
many possible mem leaks, and segfaults fixed. someone should port this fix to 2.2 also. (This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9)
2001-07-18the nss and pam modules in winbind don't have strchr_m() yet, so useAndrew Tridgell1-3/+3
strchr() for the moment (This used to be commit c2c1f2027e6e623bba59610e3aa41618773e6361)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-3/+3
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-06-07Fixed bug in winbind_sid_to_gid() function.Tim Potter1-1/+1
(This used to be commit 9a77f8530f58852f07d523facc61ea1daf6184d7)
2001-06-06Indent dodgy function prototype to avoid make proto picking it up andTim Potter1-1/+1
causing mayhem throughout the tree. (This used to be commit 369c911b446c311d4a5c8b4fddfe7fbffffefeba)
2001-06-04More compile fixups for winbind portability.Tim Potter1-2/+6
(This used to be commit 086f332bb11ff0b2474554f81ef257e6a444a5cc)
2001-05-07Preliminary merge of winbind into HEAD. Note that this compiles and linksTim Potter1-0/+22
but I haven't actually run it yet so it probably doesn't work. (-: (This used to be commit 59f95416b66db6df05289bde224de29c721978e5)
2001-03-20Fix for crash when doing name lookup with a quoted string. Part ofJeremy Allison1-1/+1
lookup_name was expecting to be able to write to the string. Changed lookup_name to use const. Jeremy. (This used to be commit 80c18d88491f1148ade623e81c33f84ba4f952f3)
2001-01-15Changes from APPLIANCE_HEAD:David O'Neill1-2/+9
source/rpc_parse/parse_lsa.c - off by one unistr length bug in init_lsa_trans_name() source/lib/util_sid.c - resolve more BUILTIN sid values to names. source/nsswitch/wb_client.c - fix typo in debug message - set errno on error so we don't get bogus value from last failure. source/rpc_server/srv_spoolss_nt.c - add debug to track number of open printer handles for ease of tracking handle leaks in the future. source/rpc_server/srv_lsa.c - fix off-by-one string bug. This was preventing NT from displaying names for well-know SIDs in printer permissions dialog. (This used to be commit 59229b9025cff54cbdd05e374616ffbf9c6fee33)
2001-01-04Changes from APPLIANCE_HEAD:David O'Neill1-1/+2
source/Makefile.in - changes to ctags and etags rules that somehow got lost along the way. source/include/proto.h - make proto source/smbd/sec_ctx.c source/smbd/password.c - merge debugs for debugging user groups and NT token stuff. source/lib/util_str.c - capitalise domain name returned from parse_domain_user() source/nsswitch/wb_client.c - fix broken conditional in debug statement. source/include/rpc_secdes.h source/include/rpc_spoolss.h source/printing/nt_printing.c source/lib/util_seaccess.c - fix printer permission bugs related to ACE masks for printers. This adds mapping of generic access rights to object specific rights for NT printers. Still need to work out whether or not to ignore ACEs with certain flags set, though. See comments in util_seaccess.c:check_ace() for details. source/printing/nt_printing.c source/printing/printing.c - use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER until we sort out printer/printjob permission stuff. (This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
2000-10-25Fix for uidtoname not returning DOMAIN\name but just name. This causedJeremy Allison1-2/+9
printer_access_check to break in a domain environment. Jeremy. (This used to be commit 0fc1a461504f87c145f5f91189bd767989c488f2)
2000-10-13Fix to allow smbd to call winbindd if it is running for all group enumeration,Jeremy Allison1-196/+51
falling back to the UNIX calls on error. This should fix all problems with smbd enumerating all users in all groups in all trusted domains via winbindd. Also changed GETDC to query 1C name rather than 1b name as only the PDC registers 1b. Jeremy. (This used to be commit 5b0038a2afd8abbd6fd4a58f5477a40d1926d498)
2000-10-11Use sys_setgroups - systems with broken getgroups need this.Jeremy Allison1-1/+1
Jeremy. (This used to be commit c7c90c83372df53eac0f3779dffedd4b28c8c757)
2000-10-11Renamed WINBINDD_INITGROUPS constant to WINBINDD_GETGROUPS.Tim Potter1-1/+1
(This used to be commit 5f3cf2eb78bfa6fb00890d449d38e9f13964712c)
2000-10-11Modified initgroups to provide a get groups a user is a member ofTim Potter1-6/+132
functionality. This is much faster than inverting the group database. Added client side command for this to wbinfo. (This used to be commit e87b2d3d1fb84311d83d21a76900f994e4ff71dd)
2000-10-10Added debug so we can see how winbindd converts SIDS.Jeremy Allison1-13/+40
Jeremy. (This used to be commit 6696bf203c90dc20c00b47737f5ea1d9b8e23d75)
2000-10-05Spelling flames. (-:Tim Potter1-6/+6
(This used to be commit 178e6971005505d2debd74b761ecfaa982336a53)
2000-10-05Fixed compiler warnings.Tim Potter1-4/+6
(This used to be commit ec7f7e350dc1dfa757436cb0efe777c3e0719877)
2000-09-01Fix from John Reilly @ HP for my typo with the parameters being reversed. Ooops.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 8317d70a35086c5539e67d60cbcf937b6ce0932c)
2000-08-23Added code to do SID to uid/gid conversion. Needed for ACL support.Jeremy Allison1-10/+178
Jeremy. (This used to be commit 81c5380f91839b6416c8a42739dadf00e7388528)
2000-08-02Started to canonicalize our handling of uid -> sid code in order toJeremy Allison1-23/+83
get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy. (This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
2000-07-11Add local fallback for name lookup if no winbindd running...Jeremy Allison1-9/+20
Jeremy. (This used to be commit d85deb9e4e9c9784006292d3cb5a6b7b408ff972)
2000-07-10Moved winbind client functions from various odd locations toTim Potter1-0/+174
nsswitch/wb_client.c Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG. (This used to be commit f866c18f6be65db67d9d2a6c0b42e1af3b421e6c)