summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14618: add --no-process-group to all server programmsStefan Metzmacher1-2/+4
to make the following possible: timelimit 20000 bin/nmbd -F -S --no-process-group timelimit 20000 bin/smbd -F -S --no-process-group this is needed to 'make test' working without losing child processes metze (This used to be commit c3a9f30e2a12cc852c9fa3a7d161f5c6ee0694ce)
2007-10-10r14480: Kill one boolean flag passed down :-)Volker Lendecke1-1/+1
(This used to be commit d9b85e3b287c24d2a3e2076da331fe06192b0eef)
2007-10-10r14474: Also flush the nscd caches before entering the main winbindd loop.Günther Deschner1-0/+2
Guenther (This used to be commit c81eb71834dc827db63c8adb3f816bbbe916473c)
2007-10-10r14468: Better fix to avoid winbind panic when we have an inproper configurationGünther Deschner1-1/+4
and want to just shutdown and exit. Guenther (This used to be commit 0aa6328ed6ba6d0d24169ffdff0099405c9bfb00)
2007-10-10r14467: Reverting 13660. This needs to be fixed differently.Günther Deschner1-4/+1
Guenther (This used to be commit 4157bfe9cfe79ff78e7e527a50058cf9103cab61)
2007-10-10r13660: Attempt to better handle the failure that we cannot find our sid uponGünther Deschner1-2/+5
startup; don't panic, shutdown instead. Guenther (This used to be commit f209192e26c12fd48feb6195b724715fbada8b85)
2007-10-10r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter1-3/+3
macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-5/+9
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13212: r12414@cabra: derrell | 2006-01-28 17:52:17 -0500Derrell Lipman1-1/+1
lp_load() could not be called multiple times to modify parameter settings based on reading from multiple configuration settings. Each time, it initialized all of the settings back to their defaults before reading the specified configuration file. This patch adds a parameter to lp_load() specifying whether the settings should be initialized. It does, however, still force the settings to be initialized the first time, even if the request was to not initialize them. (Not doing so could wreak havoc due to uninitialized values.) (This used to be commit f2a24de769d1b2266e576597c57a8e3b1e2a2b51)
2007-10-10r12544: Fix segfaults in winbind, smbpasswd and netVolker Lendecke1-0/+2
(This used to be commit 9ca8edc26e66887d6333943bc6a9776352c657fc)
2007-10-10r11652: Reinstate the netsamlogon_cache in order to workGerald Carter1-0/+2
around failed query_user calls. This fixes logons to a member of a Samba domain as a user from a trusted AD domain. As per comments on samba-technical, I still need to add (a) cache the PAC info as werll as NTLM net_user_info_3 (b) expire the cache when the SMB session goes away Both Jeremy and Guenther have signed off on the idea. (This used to be commit 0c2bb5ba7b92d9210e7fa9f7b70aa67dfe9faaf4)
2007-10-10r11511: A classic "friday night check-in" :-). This moves muchJeremy Allison1-0/+2
of the Samba4 timezone handling code back into Samba3. Gets rid of "kludge-gmt" and removes the effectiveness of the parameter "time offset" (I can add this back in very easily if needed) - it's no longer being looked at. I'm hoping this will fix the problems people have been having with DST transitions. I'll start comprehensive testing tomorrow, but for now all modifications are done. Splits time get/set functions into srv_XXX and cli_XXX as they need to look at different timezone offsets. Get rid of much of the "efficiency" cruft that was added to Samba back in the day when the C library timezone handling functions were slow. Jeremy. (This used to be commit 414303bc0272f207046b471a0364fa296b67c1f8)
2007-10-10r11368: Remove a memleak that just cost me half an hour: If we terminate ↵Volker Lendecke1-1/+1
inside a message handler, the list of messages from retrieve_all_messages is not properly freed. Not important, just confusing :-) Volker (This used to be commit d20388750dcfe7e0680246f7e3e6beb3a6d51a4a)
2007-10-10r11319: read_buf_len and write_buf_len are no longer used, remove them.Volker Lendecke1-5/+3
Volker (This used to be commit 6948f748f689708c396e52097553ff222b1af744)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-12/+55
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r9588: remove netsamlogon_cache interface...everything seems to work fine. ↵Gerald Carter1-2/+0
Will deal with any fallout from special environments using a non-cache solution (This used to be commit e1de6f238f3981d81e49fb41919fdce4f07c8280)
2007-10-10r9330: Remove the classic dual daemon since it was not being used.Gerald Carter1-46/+0
It was already gone in trunk anyways. working on fixing BUG 3000 which does work now but we are flying without a cache. (This used to be commit 4936d6d8b28edc59a3d17defcdf255ea6e0ba4e0)
2007-10-10r9322: fixing debug log and ensuring that we set the right winbind_methodsGerald Carter1-1/+1
pointer in get_cache() by requiring that all domain structure be initialized with the set_dc_type_and_flags(). (This used to be commit c064609b942e88c70fe0a868e52c57ad1016850c)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison1-24/+24
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r7785: This looks much larger than it is. It changes the top-level functions ↵Volker Lendecke1-11/+27
of the parent winbind not to return winbindd_result. This is to hopefully fix all the problems where a result has been scheduled for write twice. The problematic ones have been the functions that might have been delayed as well as under other circumstances immediately gets answered from the cache. Now a request needs to be explicitly replied to with a request_error() or request_ok(). Volker (This used to be commit 7365c9accf98ec1dd78a59dd7f62462bbb8528d4)
2007-10-10r7454: couple of winbindd fixesGerald Carter1-1/+1
* make sure to use our domain as the account name in the net_req_auth2() request when running on a Samba DC * make sure to lookup the correct domain (not default to ours) when getting an async getpwnam() call (This used to be commit c9c3e3c122a6a04847c448d298b6f1adb4f35a60)
2007-10-10r7440: * merge registry server changes from trunk (so far) for moreGerald Carter1-4/+4
printmig.exe work * merge the sys_select_signal(char c) change from trunk in order to keeo the winbind code in sync (This used to be commit a112c5570a7f8ddddde1af0fa665f40a6067e8cf)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-312/+421
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r7130: remove 'winbind enable local accounts' code from the 3.0 treeGerald Carter1-9/+0
(This used to be commit 318c3db4cb1c85be40b2f812f781bcf5f1da5c19)
2007-10-10r6263: Get rid of generate_wellknown_sids, they are const static and ↵Volker Lendecke1-2/+0
initializable statically. Volker (This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-2/+1
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2470: Fix bug 1797: winbind and nmbd ignored "-l" option.Volker Lendecke1-2/+6
Thanks to Igor Zhbanov bsg@uniyar.ac.ru. Volker (This used to be commit 8a28475a0b7659cb0cdefe57edf801d9958c3755)
2007-10-10r2265: Volkers change to HEAD looks very good. Commit messageJeremy Allison1-5/+12
from HEAD follows : While torturing winbind a bit I found the following unfortunate behaviour: Sending multiple requests at a high rate for a slow operation exposed that no response comes back until the last request in the queue has been processed. This is an unfortunate result of serially going through all sockets> that have shown to be readable or writable. All client sockets become readable> at the same time, none of them is writable. We go through them, read the request, process the complete request. Before we enter the select system call the next time all requests have to have completed. This patch optimizes this by first looking at the sockets for writability. A write on a socket that came back from select does not block, so this additional loop might have a non-zero cost, but it can't prevent other operations from proceeding. After a possibly long-running winbindd_process() we directly start select() again. To avoid starvation the currently processed client is demoted to be the> last one in the list of clients. Jeremy. (This used to be commit bfdeb22c69d09eb73305b6034fa6d0ec67275789)
2007-10-10r1557: Add sigchld handling to winbindd. Next step is to have the child ↵Richard Sharpe1-0/+13
restarted if need be. We should also make sure the main line know we no longer have a child. (This used to be commit e3dc7934b50c8578d70fc01688a07bd369a7cf30)
2007-10-10r1297: Yes, it does survive valgrind for my tests :-)Volker Lendecke1-8/+5
Check in the 'winbind proxy only' mode -- no new parameter required :-) If you don't set idmap uid or idmap gid, winbind will not do idmap stuff, it will only proxy the netlogon request and thus speed up the authentication of domain users. Volker (This used to be commit 29235f0c69035376ad7ac27b08a59069fa151102)
2007-10-10r294: checking in volker's winbindd patches; tested on domain members (Samba ↵Gerald Carter1-0/+2
and AD) as well as on a Samba DC (This used to be commit 157d53782d6a7d0b7e30676a674ff2a25a15369c)
2007-10-10r116: volker's patch for local group and group nestingGerald Carter1-0/+1
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
2004-03-16BUG 1182: patch from john.klinger@lmco.com (John Klinger) to reanable the ↵Gerald Carter1-1/+1
-n 'no cache' option for winbindd (This used to be commit d1848988d9ee9fdd870bcdd32c938b907419558b)
2004-01-29Remove an unused parameter from reload_services_file.Richard Sharpe1-4/+3
(This used to be commit 0032c3f46aaef065e95d987dc0506016aabbe644)
2004-01-11update copyright to -2004Stefan Metzmacher1-1/+1
metze (This used to be commit 12d6bc3bd0684646e990c2fc6485fe1a92ac98fb)
2004-01-08This merges in my 'always use ADS' patch. Tested on a mix of NT and ADSAndrew Bartlett1-0/+2
domains, this patch ensures that we always use the ADS backend when security=ADS, and the remote server is capable. The routines used for this behaviour have been upgraded to modern Samba codeing standards. This is a change in behaviour for mixed mode domains, and if the trusted domain cannot be reached with our current krb5.conf file, we will show that domain as disconnected. This is in line with existing behaviour for native mode domains, and for our primary domain. As a consequence of testing this patch, I found that our kerberos error handling was well below par - we would often throw away useful error values. These changes move more routines to ADS_STATUS to return kerberos errors. Also found when valgrinding the setup, fix a few memory leaks. While sniffing the resultant connections, I noticed we would query our list of trusted domains twice - so I have reworked some of the code to avoid that. Andrew Bartlett (This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
2004-01-04Commit the translation of the realm to the netbios domain name in the kerberosVolker Lendecke1-0/+1
session setup. After talking to jht and abartlet I made this unconditional, no additional parameter. Jerry: This is a change in behaviour, but I think it is necessary. Volker (This used to be commit 3ce6c9f27368cfb278007fe660a0e44a84d67f8f)
2003-11-25Add a comment, and a useful debug message.Andrew Bartlett1-0/+1
(This used to be commit df14b0af31863680218b06ae9de2f010a38fba6e)
2003-11-19as discussed on irc, this is a small patch that allows a few moreAndrew Tridgell1-0/+1
winbind functions to be accessed via NSS. This provides a much cleaner way for applications that need (for example) to provide name->sid mappings to do this via NSS rather than having to know the winbindd pipe protocol (as this might change). This patch also adds a varient of the winbindd_getgroups() call called winbindd_getusersids() that provides direct SID->SIDs listing of a users supplementary groups. This is enough to allow non-Samba applications to do ACL checking. A test program for the new functionality will be committed shortly. I also added the 'wbinfo --user-sids' option to expose the new function in wbinfo. (This used to be commit 702b35da0ac7c73aa5a6603f871d865565bbe278)
2003-11-12a small include file rearrangement that doesn't affect normalAndrew Tridgell1-0/+1
compilation, but that allows Samba3 to take advantage of pre-compiled headers in gcc if available. (This used to be commit b3e024ce1da7c7e24fcacd8a2964dd2e4562ba39)
2003-11-06Final round of printf warnings fixes for the moment.Tim Potter1-3/+3
(This used to be commit 0519a7022b4979c0e8ddd4907f4b858a59299c06)
2003-10-13Add a better error message to wb_common.c when unable to connect to a pipeRichard Sharpe1-0/+7
socket and add a comment to winbindd.c to explain the fancy calculation of buffer offset. (This used to be commit 7c7ef9680b7378e12ffdd0bf95ee7ad673bea2f5)
2003-08-25make sure we keep the trusted domain cache up to dateGerald Carter1-8/+2
(This used to be commit 3324adcaceb9191b5d4d671ac9b51c85c6714598)
2003-08-20metze's autogenerate patch for version.hGerald Carter1-1/+1
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
2003-08-08fix 2 bugs:Gerald Carter1-1/+7
1) don't ask trusted DC's for a list of trusted domains. This causes us to treat non-transitive ones as if they were transitive. Not needed anyways 2) Fix dc lookup bug where we would always try to use DNS to resolve the DC's for a domain (even if it was a trusted NT4 domain). (This used to be commit 4d3acce5066d3adf53ee8fbaa627c42523b3cbc3)
2003-07-23convert snprintf() calls using pstrings & fstringsGerald Carter1-2/+2
to pstr_sprintf() and fstr_sprintf() to try to standardize. lots of snprintf() calls were using len-1; some were using len. At least this helps to be consistent. (This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
2003-07-22Fixup a bunch of printf-style functions and debugs to use unsigned long whenTim Potter1-8/+8
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings on some of the 64-bit build farm machines as well as help us out when 64-bit uid/gid/pid values come along. (This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
2003-07-22Replace the eight (!) copies of dummy become/unbecome root with a single one.Tim Potter1-14/+0
(This used to be commit 8b818ce381595cdcb36631a2440d6aa0038805f1)
2003-07-16fixes for 'net rpc vampire'. I can now take a blank Samba hostGerald Carter1-3/+0
and migrate an NT4 domain and still logon from domain members (tested logon scripts, system policies, profiles, & home directories) (passdb backend = tdbsam) removed call to idmap_init_wellknown_sids() from winbindd.c since the local domain should be handled by the guest passdb backend (and you don't really always want the Administrator account to be root) ...and we didn't pay attention to this anyways now. (This used to be commit 837d7c54d3ca780160aa0d6a2f0a109bb691948e)
2003-07-15Add support for MSG_SMB_CONF_UPDATED and MSG_SHUTDOWN to all daemons (smbd, ↵Alexander Bokovoy1-4/+22
nmbd, winbindd). Reviewed by jerry and tridge. (This used to be commit 02c5e2fc6f0721ebd82a9e6a2b34190607de55fe)