summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2003-09-04More FreeBSD PAM compile fixes. Don't redefine PAM_AUTHTOK_RECOVER_ERRTim Potter1-0/+3
if it already exists. FreeBSD 4.8 doesn't need the redefinition, 5.0 does. (This used to be commit 4a3727b03b0488fa82687014cb476b1971a78be8)
2003-09-02Fix for bug 261. Create a configure #define for FreeBSD and a check inTim Potter1-1/+1
nsswitch/pam_winbind.h so we can compile properly on this platform. (This used to be commit 75411005fcab7ecf31940c5f7b87fd407166f98a)
2003-08-27Typo fix.Rafal Szczesniak1-1/+1
(This used to be commit 934fb418a3a3628ee4cde699df872bc1035fc769)
2003-08-27Update last scan time in rescan_trusted_domains().Tim Potter1-0/+2
Fix from Ken Cross. (This used to be commit 45775b48a0d91390aa698b750d59cda0150cfbd0)
2003-08-25make sure we keep the trusted domain cache up to dateGerald Carter2-10/+33
(This used to be commit 3324adcaceb9191b5d4d671ac9b51c85c6714598)
2003-08-20metze's autogenerate patch for version.hGerald Carter2-2/+2
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
2003-08-20fix small logic error in cm_open_connection() to work with non-krb5 connectionsGerald Carter1-7/+31
(This used to be commit 2d85612752daa26c0773b86bd40eb3430b1cce3b)
2003-08-19 - Make 'net' use a single funciton for setting the 'use machine account' code.Andrew Bartlett1-10/+80
- Make winbindd try to use kerberos for connections to DCs, so that it can access RA=2 servers, particularly for netlogon. - Make rpcclient follow the new flags for the NETLOGON pipe - Make all the code that uses schannel use the centralised functions for doing so. Andrew Bartlett (This used to be commit 96b4187963cedcfe158ff02868929b8cf81c6ebf)
2003-08-15get rid of more compiler warningsHerb Lewis4-8/+8
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
2003-08-132 fixesGerald Carter1-4/+14
* bug #280 (my fault) - initialize sambaNextUserRid and sambaNextGroupRid * Unix users shared vis LDAP or NIS between a samba domain member of a Samba domain are not seen as domain users on the member servers. not as local users. (This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
2003-08-12Fix for bug 269. Change wbinfo and ntlm_auth to convert domain, usernameTim Potter2-7/+20
and workstation to utf8 before sending the winbindd request. Also, don't continue when the call to pull_utf8() fails but rather return a winbind error. (This is what was causing the crash) (This used to be commit ca1c463360b75538a93b56a87cbb4a6ee7b6cec6)
2003-08-11adding '.' special name to --domain to mean our domainGerald Carter1-5/+14
(This used to be commit f833d1f15691a418b99f82dbda75b673fb3428f6)
2003-08-10add --domain=DOMAINNAME to wbinfoGerald Carter5-18/+71
Add support for geting the sequence number, list of users, and list of groups for a specific domain (assuming on reported back by wbinfo -m) wbinfo -u --domain=DOA (This used to be commit 34fc6e1bf97d514d3b1763a808d08d730191e03b)
2003-08-09fix for BUG #267 (problem with supplementary groups).Gerald Carter1-0/+74
Use winbindd to get the group list if possible since we already know it from netsamlogon_cache.tdb. More effecient than letting libc call getgrent() to get seconary groups. Tested by Ken Cross. (This used to be commit 3c537c906f29a08e75895c8c8e3ed5c5abaaa940)
2003-08-08fix 2 bugs:Gerald Carter2-33/+36
1) don't ask trusted DC's for a list of trusted domains. This causes us to treat non-transitive ones as if they were transitive. Not needed anyways 2) Fix dc lookup bug where we would always try to use DNS to resolve the DC's for a domain (even if it was a trusted NT4 domain). (This used to be commit 4d3acce5066d3adf53ee8fbaa627c42523b3cbc3)
2003-08-06rework winbindd_accountdb_init() to reduce error messages in the logGerald Carter1-10/+5
(This used to be commit d98a68e0ebaf2fbd360b826f5df472bc3f94285b)
2003-08-02make sure to initialize the backend methods when enumerating sequence ↵Gerald Carter1-0/+2
numbers; reported by Ken Cross (This used to be commit 10c7a1af67e556c17d4b3495934a2dad19728d77)
2003-08-01Update my copyrights according to my agreement with IBMJim McDonough1-1/+1
(This used to be commit a2bd8f0bfa12f2a1e33c96bc9dabcc0e2171700d)
2003-08-01Fix copyright statements for various pieces of Anthony Liguori's work.Jim McDonough1-1/+1
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
2003-08-01fix cut-n-paste error found by abartletGerald Carter1-8/+10
(This used to be commit 042492b862c4f2389086275dd8a0e044d7432537)
2003-08-01Fix a memory leak. I did not check all the calls to winbindd_request, butVolker Lendecke1-0/+2
we might leak the extra_data somewhere else as well. Volker (This used to be commit 5d379345fa06f4253f67b40cb8127b70072db561)
2003-07-31make sure the domain sid is set when enumerating trusted domainsGerald Carter1-1/+24
(we don't always get it back) (This used to be commit 6e8f23d1b1dd5122691cd9363a5c572fcab182af)
2003-07-31working on transtive trusts issue:Gerald Carter5-69/+154
* use DsEnumerateDomainTrusts() instead of LDAP search. wbinfo -m now lists all trusted downlevel domains and all domains in the forest. Thnigs to do: o Look at Krb5 connection trusted domains o make sure to initial the trusted domain cache as soon as possible (This used to be commit 0ab00ccaedf204b39c86a9e1c2fcac5f15d0e033)
2003-07-30Add a command line option (-S on|off|required) to enable signing on clientJeremy Allison1-1/+2
connections. Overrides smb.conf parameter if set. Jeremy. (This used to be commit 879309671df6b530e0bff69559422a417da4a307)
2003-07-26fix typo in debugGerald Carter1-1/+1
(This used to be commit ed61628d8b051049636f48ec4372b2e19090628c)
2003-07-25domain in schannel bind credentials must be the dest domain, not oursGerald Carter1-0/+5
(This used to be commit e12f6a8c13f27c3caea96b467cc4294e20dad341)
2003-07-25Make wbinfo -p work again. Fixes bug 251.Tim Potter1-1/+1
(This used to be commit ad4dd4909ffa29dbfbbd9a4f234e976fd253846b)
2003-07-23convert snprintf() calls using pstrings & fstringsGerald Carter4-16/+16
to pstr_sprintf() and fstr_sprintf() to try to standardize. lots of snprintf() calls were using len-1; some were using len. At least this helps to be consistent. (This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
2003-07-23Move a function to avoid a warning.Tim Potter1-24/+24
(This used to be commit a3b4c57503e0966145b0adab247297e4c8e0f165)
2003-07-22Another round of uid/gid/pid format string changes I missed theTim Potter5-9/+9
first time. (This used to be commit 6616485dbad74dab7506609c6bfd183fc9c1f93c)
2003-07-22Fixup a bunch of printf-style functions and debugs to use unsigned long whenTim Potter8-76/+77
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings on some of the 64-bit build farm machines as well as help us out when 64-bit uid/gid/pid values come along. (This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
2003-07-22Replace the eight (!) copies of dummy become/unbecome root with a single one.Tim Potter1-14/+0
(This used to be commit 8b818ce381595cdcb36631a2440d6aa0038805f1)
2003-07-20Typo fixes.Rafal Szczesniak1-1/+1
(This used to be commit 85df8213fc67a9c8e8712cb64f27e5559dc11af9)
2003-07-16fixes for 'net rpc vampire'. I can now take a blank Samba hostGerald Carter2-17/+21
and migrate an NT4 domain and still logon from domain members (tested logon scripts, system policies, profiles, & home directories) (passdb backend = tdbsam) removed call to idmap_init_wellknown_sids() from winbindd.c since the local domain should be handled by the guest passdb backend (and you don't really always want the Administrator account to be root) ...and we didn't pay attention to this anyways now. (This used to be commit 837d7c54d3ca780160aa0d6a2f0a109bb691948e)
2003-07-15Add support for MSG_SMB_CONF_UPDATED and MSG_SHUTDOWN to all daemons (smbd, ↵Alexander Bokovoy1-4/+22
nmbd, winbindd). Reviewed by jerry and tridge. (This used to be commit 02c5e2fc6f0721ebd82a9e6a2b34190607de55fe)
2003-07-15remove -B and default to dual-daemon mode (-Y to run as a single process)Gerald Carter1-2/+2
(This used to be commit 369a914ebefd5625af19b76d71b502e5e13a7147)
2003-07-11patch for domain groups with no members (rpc only) from Ken CrossGerald Carter1-1/+1
(This used to be commit 05ec9c40f40be4d4dbb10b33e0def2374468ff8a)
2003-07-11fix sid_to_[uid|gid] (spotted by Volker).Gerald Carter1-70/+76
Still testing this, but I'm checking it in so Volker can test it as well. Should be right. (This used to be commit 8edf193722f699cc33baed410917a78a5e28d0a4)
2003-07-11moving more code around.Gerald Carter5-47/+350
* move rid allocation into IDMAP. See comments in _api_samr_create_user() * add winbind delete user/group functions I'm checking this in to sync up with everyone. But I'm going to split the add a separate winbindd_allocate_rid() function for systems that have an 'add user script' but need idmap to give them a RID. Life would be so much simplier without 'enable rid algorithm'. The current RID allocation is horrible due to this one fact. Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow. Nothing has changed in the way a samba domain is represented, stored, or search in the directory so things should be ok with previous installations. going to bed now. (This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d)
2003-07-10Just a few formatting fixed caught while testing.Rafal Szczesniak1-4/+0
rafal (This used to be commit 156554738cf4e4ffa5a811d9979acd19418e7908)
2003-07-10i guess i'm the only one this ever annyoed...Gerald Carter2-22/+105
fix the confusion when we tdb_lock_bystring() but we retrieve an entry using tdb_fetch_by_string. It's now always tdb.*bystring() (This used to be commit 66359531b89368939f0e8f584a45844b5f2f99e7)
2003-07-09Large set of changes to add UNIX account/group managementGerald Carter12-1059/+1430
to winbindd. See README.idmap-and-winbind-changes for details. (This used to be commit 1111bc7b0c7165e1cdf8d90eb49f4c368d2eded6)
2003-07-09fix linking issues in winbindd with become/unbecome_root() in passdb.cGerald Carter1-0/+14
(This used to be commit 389fe1e51abb533a781f69731a75771cb846d850)
2003-07-08fix some formattingGerald Carter1-25/+24
(This used to be commit fca08b1c8766ef1961a9dedc127224249cac9543)
2003-07-07and so it begins....Gerald Carter8-66/+179
* remove idmap_XX_to_XX calls from smbd. Move back to the the winbind_XXX and local_XXX calls used in 2.2 * all uid/gid allocation must involve winbindd now * move flags field around in winbindd_request struct * add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id() to prevent automatic allocation for unknown SIDs * add 'winbind trusted domains only' parameter to force a domain member server to use matching users names from /etc/passwd for its domain (needed for domain member of a Samba domain) * rename 'idmap only' to 'enable rid algorithm' for better clarity (defaults to "yes") code has been tested on * domain member of native mode 2k domain * ads domain member of native mode 2k domain * domain member of NT4 domain * domain member of Samba domain * Samba PDC running winbindd with trusts Logons tested using 2k clients and smbclient as domain users and trusted users. Tested both 'winbind trusted domains only = [yes|no]' This will be a long week of changes. The next item on the list is winbindd_passdb.c & machine trust accounts not in /etc/passwd (done via winbindd_passdb) (This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8)
2003-07-03Removed strupper/strlower macros that automatically map to ↵Jeremy Allison4-6/+6
strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03fix for bug #200. flush connections if the machine trsut accountGerald Carter1-1/+31
changed underneath us. (This used to be commit 6a1ad1ded1d619394ed4ca9e05fdffaa3b902b3b)
2003-07-01* fix the trustdom_cache to work when winbindd is not running.Gerald Carter1-0/+14
smbd will update the trustdom_cache periodically after locking the timestamp key (This used to be commit 7bc4b65b91f98271089335cc301146d5f0c76c3a)
2003-06-30* cleanup more DC name resolution issues in check_*domain_security()Gerald Carter1-68/+2
* is_trusted_domain() is broken without winbind. Still working on this. * get_global_sam_name() should return the workgroup name unless we are a standalone server (verified by volker) * Get_Pwnam() should always fall back to the username (minus domain name) even if it is not our workgroup so that TRUSTEDOMAIN\user can logon if 'user' exists in the local list of accounts (on domain members w/o winbind) Tested using Samba PDC with trusts (running winbindd) and a Samba 3.0 domain member not running winbindd. notes: make_user_info_map() is slightly broken now due to the fact that is_trusted_domain() only works with winbindd. disabled checks temporarily until I can sort this out. (This used to be commit e1d6094d066d4c16ab73075caba40a1ae6c56b1e)
2003-06-30* rename samstrict auth method to samGerald Carter3-79/+94
* rename original sam auth method to sam_ignoredomain * remove samstrict_dc auth method (now covered by 'sam') * fix wbinfo -a '...' and getent passwd bugs when running winbindd on a samba PDC (reported by Volker) (This used to be commit 52166faee793d337e045d64f7cb27ea7ac895f60)