summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r1888: Bring the same level of "required_membership"-functionality thatGünther Deschner2-5/+56
ntlm_auth uses, to pam_winbindd as well. This allows to make successfull authentication via PAM dependent on SID-membership. At the moment, both ntlm_auth and pam_winbindd.so accept user/group-names or sid-strings - as discussed, recursive membership (e.g. local aliases) will be added later. Guenther (This used to be commit 7494569655f8d112a0c883a2748a1012bb64ad3a)
2007-10-10r1887: Fix deadlock loop in winbind's required_membership_sid-verification.Günther Deschner1-1/+1
Guenther (This used to be commit a0a6d7d72f2a24c422db255acf6c439a9b0921df)
2007-10-10r1658: Expand aliases for getusersids as well.Volker Lendecke1-0/+56
Volker (This used to be commit d5060c30e38b46b322615f0e0b465fbf73ed5245)
2007-10-10r1613: Patch from Tom Shaw <tomisfaraway@gmail.com> to useJeremy Allison1-4/+4
winbindd_fill_pwent consistently. Jeremy. (This used to be commit 8d355b9b9ddd6edf15c70977f5a719b549a56378)
2007-10-10r1583: Patch by Fabien Chevalier <fabien.chevalier@supelec.fr>Andrew Bartlett1-1/+1
We may not have any interfaces up at all, so initialise the return variable. Fixes Debian bug #252591 Andrew Bartlett (This used to be commit 35aabae9d9bf66ef2c8eb4e07a850c606d8236d2)
2007-10-10r1562: Make winbind for -S (sid->uid) and -Y (sid->gid) check whether the sidVolker Lendecke1-0/+41
requested actually is of type asked for. I've come across more than one installation where a group sid had ended up as a uid in idmap and vice versa. This just closes one possible for this misconfiguration, people are actually using wbinfo. Volker (This used to be commit acfbd34025c2fde3d6a3e582c120c2b9de8ed39b)
2007-10-10r1557: Add sigchld handling to winbindd. Next step is to have the child ↵Richard Sharpe1-0/+13
restarted if need be. We should also make sure the main line know we no longer have a child. (This used to be commit e3dc7934b50c8578d70fc01688a07bd369a7cf30)
2007-10-10r1532: Remove unused structure elementVolker Lendecke1-1/+0
(This used to be commit 128951cfe43e364970ec5760230a6450f54ae86d)
2007-10-10r1492: Rework our random number generation system.Andrew Bartlett2-2/+2
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
2007-10-10r1317: Patch from Joe Meadows "Joe Meadows" <jameadows@webopolis.com> toJeremy Allison1-32/+2
add a timeout to the ldap open calls. New parameter, ldap timeout added. Jeremy. (This used to be commit e5b3094c4cc75eb07f667dd1aeb73921ed7366ac)
2007-10-10r1297: Yes, it does survive valgrind for my tests :-)Volker Lendecke1-8/+5
Check in the 'winbind proxy only' mode -- no new parameter required :-) If you don't set idmap uid or idmap gid, winbind will not do idmap stuff, it will only proxy the netlogon request and thus speed up the authentication of domain users. Volker (This used to be commit 29235f0c69035376ad7ac27b08a59069fa151102)
2007-10-10r1127: Finding trusted domains is not so important as to require a DEBUG(1).Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 999b2501a14d1f611f6bfe1f800a852825a21526)
2007-10-10r991: Allow winbindd to use the domain trust account passwordGerald Carter2-11/+41
for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
2007-10-10r989: Calling sid_to_gid from within winbind makes no sense, as this callsVolker Lendecke1-1/+9
winbind_sid_to_gid. For the consistency check, local_sid_to_gid must set the name_type it found. Volker (This used to be commit 5070c1b68f2add16916ba3135984f6e70bbe42cf)
2007-10-10r988: When adding local aliases' gids to the user token, don't do a ↵Volker Lendecke1-11/+31
idmap_sid_to_gid on the user sid. This might lead to a user SID entered as a GID in the idmap. Volker (This used to be commit 98e10d149710d9b70404e77a4bc0560c2e48aeaf)
2007-10-10r914: Fix from "Jerome Borsboom" <j.borsboom@erasmusmc.nl> to ensureJeremy Allison1-2/+9
correct sid type returned for builtin sids. Jeremy. (This used to be commit 14cf55abb8239e7c90f8891565ac7ed8c51423eb)
2007-10-10r698: Now wb pipe is non-blocking remember to read in non-blocking mode...Jeremy Allison1-11/+44
Jeremy. (This used to be commit 3399727864f3aa8981f022254dfed622fcb50c49)
2007-10-10r651: Patch from kawasa_r@itg.hitachi.co.jp to connect to winbindJeremy Allison1-2/+94
pipe in non-blocking mode to prevent process hang. Jeremy. (This used to be commit dece22de8e0bd18ee5a152dea7f682ae04e5cba0)
2007-10-10r565: Uninitialized data fixes from kawasa_r@itg.hitachi.co.jp.Jeremy Allison3-0/+5
Jeremy. (This used to be commit c23a73324b335e42877551283b274f6d12f2c1a7)
2007-10-10r539: Mem leak fixes from kawasa_r@itg.hitachi.co.jpJeremy Allison1-0/+1
Jeremy. (This used to be commit 8fe47b0bf27a8ae690ab0fcff377c8fc12919f43)
2007-10-10r538: Mem leak fix from kawasa_r@itg.hitachi.co.jpJeremy Allison1-0/+2
Jeremy. (This used to be commit 4cbcd164147d25286fe8dd460c6123e961c4f657)
2007-10-10r535: Another memleak fix from kawasa_r@itg.hitachi.co.jpJeremy Allison1-0/+2
Jeremy. (This used to be commit 2d52562691d59b44546225454f6fff5b64552de8)
2007-10-10r395: BUG 1232: patch from landonf@opendarwin.org (Landon Fuller) to fixGerald Carter3-0/+14
user/group enumeration on systems whose libc does not call setgrent() before trying to enumerate users (i.e. FreeBSD 5.2) (This used to be commit 8106d8097258eae260ed834399881bf0be9b515b)
2007-10-10r376: BUG 1288: resolve any machine netbios name (0x00) and not just servers ↵Gerald Carter1-2/+2
(0x20) (This used to be commit d96929b5b1d8d149ac023a30964925952587c258)
2007-10-10r333: other half of fix for winbindd crask from gd@suse.deGerald Carter1-3/+7
(This used to be commit f902d52c82c31d38157d4f1c77c27ee1c395afc3)
2007-10-10r319: Fix a segfault in winbind. Thanks to Guenther Deschner for his ↵Volker Lendecke1-2/+6
valgrind log :-) Volker (This used to be commit 91296a6003417e8704114ea63511c2c9201da122)
2007-10-10r294: checking in volker's winbindd patches; tested on domain members (Samba ↵Gerald Carter11-129/+239
and AD) as well as on a Samba DC (This used to be commit 157d53782d6a7d0b7e30676a674ff2a25a15369c)
2007-10-10r288: combination of BUG 1081 and patch from J. Klinger -- added ↵Gerald Carter1-0/+2
remove_duplicate_gids() to smbd and winbindd (This used to be commit 95c68103ea9dbd02651e26fcaa15dd054b157529)
2007-10-10r248: Add support for printing out the MAC address on nmblookup.Richard Sharpe2-2/+2
(This used to be commit bf9f02be5fc1d09c8c08c78c3f2df23b2099ba4f)
2007-10-10r197: mistaken merge from trunkGerald Carter1-0/+4
(This used to be commit 6b18012dc8fe92a296c46a12214622d56e1f3fd8)
2007-10-10r195: adding files to ignore listGerald Carter1-4/+0
(This used to be commit 1501d58b8e23d0c9ae51514773d0429886fa9d58)
2007-10-10r175: Move this comment to the right place...Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit e5bbb086b2aeb826121d7fef88fcfaa49d876ea4)
2007-10-10r153: Fix memleakVolker Lendecke1-0/+1
(This used to be commit fbeff419913b01bf0e814ada6ec55d56fe90f179)
2007-10-10r139: Apply some constVolker Lendecke1-1/+1
(This used to be commit 3eab8ed5453f29516d8e0022bab87c271468d690)
2007-10-10r116: volker's patch for local group and group nestingGerald Carter9-56/+543
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
2007-10-10r115: finally checking in tridge's winbindd_schannel patch for connectionsGerald Carter1-0/+34
(This used to be commit 1fae60ab20c5cbe396dc8af1c8c9a98d5683fdf4)
2007-10-10r85: Update the winbind interface version, as I just extended the struct.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 039883043d15902096f6d5e80737f4a502ed0bf8)
2007-10-10r84: Implement --required-membership-of=, an ntlm_auth option that restrictsAndrew Bartlett2-5/+117
all authentication to members of this particular group. Also implement an option to allow ntlm_auth to get 'squashed' error codes, which are safer to communicate to remote network clients. Andrew Bartlett (This used to be commit eb1c1b5eb086f49a230142ad2de45dc0e9691df3)
2007-10-10r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session ↵Andrew Bartlett2-4/+4
key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it. (This used to be commit 724e8d3f33719543146280062435c69a835c491e)
2007-10-10r39: * importing .cvsignore filesGerald Carter1-4/+0
* updateing WHATSNEW with vl's change (This used to be commit a7e2730ec4389e0c249886a8bfe1ee14c5abac41)
2007-10-10r38: Fix caching of name->sid lookupsVolker Lendecke1-1/+2
Volker (This used to be commit 23c5769545dc8371a679ad4c679578c617f7d85b)
2004-04-01This restructures lib/afs.c so that the token data can be but into aVolker Lendecke3-0/+103
stream. This is to implement wbinfo -k that asks winbind for authentication which then creates the AFS token for the authenticated user. Volker (This used to be commit 2df6750a079820826013360fb9e47f90bc8223a5)
2004-04-01Cosmetic: Fix a const warning.Volker Lendecke1-5/+6
Volker (This used to be commit c814f7c43db9700ec08a30c45521181c754df247)
2004-03-30Merge a fix from HEAD to 3_0Volker Lendecke1-1/+4
Volker (This used to be commit 6bc88d91e569541e4d4a2147e28439db96d02bd6)
2004-03-30Apply some constVolker Lendecke4-12/+12
(This used to be commit 8037750df568e6b51b2b0cba9192468110470388)
2004-03-24Fix bugzilla # 1208Jim McDonough1-1/+5
Winbind tickets expired. We now check the expiration time, and acquire new tickets. We couln't rely on renewing them, because if we didn't get a request before they expired, we wouldn't have renewed them. Also, there is a one-week limit in MS on renewal life, so new tickets would have been needed after a week anyway. Default is 10 hours, so we should only be acquiring them that often, unless the configuration on the DC is changed (and the minimum is 1 hour). (This used to be commit c2436c433afaab4006554a86307f76b6689d6929)
2004-03-22missed one on BUG 1195; make sure to set the private * to NULLGerald Carter1-5/+2
(This used to be commit 97a24d13892e292d31a1a6d7a1c96893508d6222)
2004-03-22BUG 1185: use 'winbind cache time' as the reconnect period when seq_num == ↵Gerald Carter1-0/+2
-1 rather than multiplying it by 8 (the default cache time is 5 minutes now) (This used to be commit 8d6e370313b62556ba13d88e1ab5ff468ac103c8)
2004-03-22bug 1195: add flag to ADS_STRUCT so we know who owns the main structure's ↵Gerald Carter1-1/+22
memory (not the members though) (This used to be commit 4449e0e251190b741f51348819669453f0758f36)
2004-03-16BUG 1182: patch from john.klinger@lmco.com (John Klinger) to reanable the ↵Gerald Carter2-2/+4
-n 'no cache' option for winbindd (This used to be commit d1848988d9ee9fdd870bcdd32c938b907419558b)