Age | Commit message (Collapse) | Author | Files | Lines |
|
UNIX entity foo to DOMAIN\foo instead of SERVER\foo
on members of a Samba domain when all UNIX accounts
are shared via NIS, et. al.
* allow winbindd to match local accounts to domain SID
when 'winbind trusted domains only = yes'
* remove code in idmap_ldap that searches the user
suffix and group suffix. It's not needed and
provides inconsistent functionality from the tdb backend.
This has been tested. I'm still waiting on some more feedback
but This needs to be in 3.0.1pre2 for widespread use.
(This used to be commit ee272414e9965d7d550ba91d4e83997134dd51e6)
|
|
(This used to be commit 0519a7022b4979c0e8ddd4907f4b858a59299c06)
|
|
functions.
(This used to be commit 7710232ba21305a1e3c9523ace82a5a419526b50)
|
|
Jeremy.
(This used to be commit 119a89246bf84cb98b76cf3777c039fa8eb644f2)
|
|
platforms don't have setenv().
(This used to be commit a8b487c4cb5d181e59755f49063512b2729bccb5)
|
|
is given (patch from Tom Dickson)
(This used to be commit ca18ec0f901330c14a68c8a44d2a88a42bb7d92c)
|
|
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at
all and I really want to discourage that.
Jeremy.
(This used to be commit d7e35dfb9283d560d0ed2ab231f36ed92767dace)
|
|
(This used to be commit f0a0771c02404c91cd64961f85622022a4e56b2f)
|
|
(This used to be commit 1482933089bd1e6114ad29d77ce229482f2d161b)
|
|
DEBUG() should not be called in winbind client code as it's actually
dynamically linked by glibc into programs that use the nsswitch
database functions.
(This used to be commit 90380a684af244175d216344101e734c85220a7b)
|
|
socket and add a comment to winbindd.c to explain the fancy calculation of
buffer offset.
(This used to be commit 7c7ef9680b7378e12ffdd0bf95ee7ad673bea2f5)
|
|
(This used to be commit 5eca81c66096a01eda1731892d044c09d4c18556)
|
|
down; bug 437
(This used to be commit 1cfbd92404270e0c67a3b295fc9cf461b29d3503)
|
|
(This used to be commit a83266a927b81a9f7a62b211793faaf8d401767c)
|
|
(This used to be commit e1fac713e25692a5790c3261ba323732930f5249)
|
|
Jeremy.
(This used to be commit a43ca66290ac1df9b00e3e43e32d8117b3d1b873)
|
|
(This used to be commit 02ae82fb3f70dc37e815d8e88bfd31a8c3ff43db)
|
|
There was some confusion over dynamically allocated lists of pointers
(i.e you have to make space for the list of pointers and what they are
pointing too) in the memory buffer passed in from libc.
Valgrind is much happer now and as a bonus there is no segfault.
(This used to be commit 7907c44414acb841a9001e82285790eece73d032)
|
|
ads_search_XXX() calls.
(This used to be commit 74c02e5fbc411d6fd1b13a1e21599da030897efe)
|
|
flushing connections in winbindd_pam_auth[_crap]()
(This used to be commit 60c8796edd84249db5419329a0fea4bbc7f9bb98)
|
|
already have ads_search_retry() for this. However, neither
domain_sid() nor sequence_nunber() used this function. So modify
them to us ads_do_search_retry() so we can specify the base search
DN and scope.
(This used to be commit 89f6adf830187d020bf4b35d1a4b2b48c7a075d0)
|
|
smb.conf
Fixes to ensure we work with disable netbios = yes
(This used to be commit 3913e43724870c62a0d77ec3e73cbe9480cb6247)
|
|
(This used to be commit e3f5afb83142f44369dcd341d6e66ed2fe51248f)
|
|
Ken Cross. Sometimes ads conenction get stale but we don't know
they are dead until we try them. This patch may need some optimization
after people bang on it for a while.
(This used to be commit 7021cf63a4501c90620cf6a5f117eef345bbd291)
|
|
Also make sure thet ads_startup uses lp_realm instead of
just relying on the workgroup name. Fixes bug in net ads join
when the workgroup defaults to "WORKGROUP" and we ignore the
realm name.
(This used to be commit b1763ace4e85f41574894e3807cabb5196fec661)
|
|
if it already exists. FreeBSD 4.8 doesn't need the redefinition, 5.0 does.
(This used to be commit 4a3727b03b0488fa82687014cb476b1971a78be8)
|
|
nsswitch/pam_winbind.h so we can compile properly on this platform.
(This used to be commit 75411005fcab7ecf31940c5f7b87fd407166f98a)
|
|
(This used to be commit 934fb418a3a3628ee4cde699df872bc1035fc769)
|
|
Fix from Ken Cross.
(This used to be commit 45775b48a0d91390aa698b750d59cda0150cfbd0)
|
|
(This used to be commit 3324adcaceb9191b5d4d671ac9b51c85c6714598)
|
|
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
|
|
(This used to be commit 2d85612752daa26c0773b86bd40eb3430b1cce3b)
|
|
- Make winbindd try to use kerberos for connections to DCs, so that it can
access RA=2 servers, particularly for netlogon.
- Make rpcclient follow the new flags for the NETLOGON pipe
- Make all the code that uses schannel use the centralised functions for doing so.
Andrew Bartlett
(This used to be commit 96b4187963cedcfe158ff02868929b8cf81c6ebf)
|
|
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
|
|
* bug #280 (my fault) - initialize sambaNextUserRid and
sambaNextGroupRid
* Unix users shared vis LDAP or NIS between a samba domain member
of a Samba domain are not seen as domain users on the member servers.
not as local users.
(This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
|
|
and workstation to utf8 before sending the winbindd request. Also, don't
continue when the call to pull_utf8() fails but rather return a winbind
error. (This is what was causing the crash)
(This used to be commit ca1c463360b75538a93b56a87cbb4a6ee7b6cec6)
|
|
(This used to be commit f833d1f15691a418b99f82dbda75b673fb3428f6)
|
|
Add support for geting the sequence number, list of users, and list
of groups for a specific domain (assuming on reported back by
wbinfo -m)
wbinfo -u --domain=DOA
(This used to be commit 34fc6e1bf97d514d3b1763a808d08d730191e03b)
|
|
Use winbindd to get the group list if possible since we already
know it from netsamlogon_cache.tdb. More effecient than letting
libc call getgrent() to get seconary groups.
Tested by Ken Cross.
(This used to be commit 3c537c906f29a08e75895c8c8e3ed5c5abaaa940)
|
|
1) don't ask trusted DC's for a list of trusted domains. This causes
us to treat non-transitive ones as if they were transitive. Not
needed anyways
2) Fix dc lookup bug where we would always try to use DNS to resolve
the DC's for a domain (even if it was a trusted NT4 domain).
(This used to be commit 4d3acce5066d3adf53ee8fbaa627c42523b3cbc3)
|
|
(This used to be commit d98a68e0ebaf2fbd360b826f5df472bc3f94285b)
|
|
numbers; reported by Ken Cross
(This used to be commit 10c7a1af67e556c17d4b3495934a2dad19728d77)
|
|
(This used to be commit a2bd8f0bfa12f2a1e33c96bc9dabcc0e2171700d)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
(This used to be commit 042492b862c4f2389086275dd8a0e044d7432537)
|
|
we might leak the extra_data somewhere else as well.
Volker
(This used to be commit 5d379345fa06f4253f67b40cb8127b70072db561)
|
|
(we don't always get it back)
(This used to be commit 6e8f23d1b1dd5122691cd9363a5c572fcab182af)
|
|
* use DsEnumerateDomainTrusts() instead of LDAP search.
wbinfo -m now lists all trusted downlevel domains and
all domains in the forest.
Thnigs to do:
o Look at Krb5 connection trusted domains
o make sure to initial the trusted domain cache as soon
as possible
(This used to be commit 0ab00ccaedf204b39c86a9e1c2fcac5f15d0e033)
|
|
connections. Overrides smb.conf parameter if set.
Jeremy.
(This used to be commit 879309671df6b530e0bff69559422a417da4a307)
|
|
(This used to be commit ed61628d8b051049636f48ec4372b2e19090628c)
|