Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 9b7182a9da24b53f3501f6562dc66bed67fb9133)
|
|
winbindd/ADS can now do initgroups()
(This used to be commit 43edeaca9f3a42699131939ed0d917111f57b678)
|
|
(This used to be commit 689f45d2079d06b09947b2cdd314867df98c938d)
|
|
fixed a winbindd crash when the group membership can't be looked up
(This used to be commit 088f4cc5be4a1a38781e4d019146d53993ed8c6f)
|
|
(This used to be commit 80010d80f93cfb32c53a1720c7564fb080846f35)
|
|
I spent quite a while trying to work out how to make this call
via ldap and failed. I then found that MS servers seem use rpc
for sid_to_name, and it works even when in native mode, I ended
up just implementing it via rpc
(This used to be commit 789833b44e342c0b5de463ed8f9b5f7474a99f27)
|
|
(This used to be commit 816e40a51af80a7f703c0451304de406deab3dd8)
|
|
least basic operations work
(This used to be commit 88241cab983b2c7db7d477c6c4654694a7a56cd3)
|
|
added a nsstest test program that directly tests all the nss
interfaces using dlopen()
(This used to be commit aee19090d3b957372b234a412cd9db8896650feb)
|
|
also created winbindd_rpc.c which contains the functions that
have been converted to the new structure. There will soon be
a winbindd_ads.c for the ldap backend
(This used to be commit e4ccc602ba65838646f2632120069f3274619dd9)
|
|
This just splits off the dispinfo call behind a methods structure.
I'll split off a few more functions soon, then we will be ready for
LDAP replacement methods
(This used to be commit 0216b0fca115c903ec31ed21427a83c62077dc95)
|
|
name_status_find() call here should look up a #1c name instead of #1d.
This fixes some bugs currently with BDC authentication in winbindd and in
smbd as you can't query the #1d name with the ip address of a BDC.
Who is Uncle Tom Cobbley anyway?
(This used to be commit 4215048f7b20a8f9e5877bdbb2f54841b2f7fa64)
|
|
M-x tabify
(This used to be commit 6446d2acd5ead098e5e51b06df5bf78b9e315418)
|
|
Jeremy.
(This used to be commit fceba7dea5b09ac9ce509c5252a46be8e4d3de85)
|
|
Jeremy.
(This used to be commit 4013ae87a1c73ceba346de2a0b905e7c8df355c4)
|
|
smbd/open.c: Fix "delete on close" for directories.
Jeremy.
(This used to be commit 014b0973a3b3b9eb22cce3053171fa55f5c16a63)
|
|
(This used to be commit b5999473482475ef64212f4f7204c7895cf8fdf3)
|
|
winbind function if the id is obviously going to be local. Cleanup
of winbind [ug]id parameter handling.
(This used to be commit 4ab9ca31a02b3388aa89a00e0390ea9e4c76283a)
|
|
and replaced with two functions:
void zero_ip(struct in_adder *ip);
BOOL is_zero_ip(struct in_addr ip);
(This used to be commit 778f5f77a66cda76348a7c6f64cd63afe2bfe077)
|
|
winbindd_lookup_usergroups()
(This used to be commit dd2048c418da7a08bc71305491953731fc427f5a)
|
|
(This used to be commit 1dd462844a9b90b498ee79ca33e4048980e2af5f)
|
|
subystem.
The particular aim is to modularized the interface - so that we
can have arbitrary password back-ends.
This code adds one such back-end, a 'winbind' module to authenticate
against the winbind_auth_crap functionality. While fully-functional
this code is mainly useful as a demonstration, because we don't get
back the info3 as we would for direct ntdomain authentication.
This commit introduced the new 'auth methods' parameter, in the
spirit of the 'auth order' discussed on the lists. It is renamed
because not all the methods may be consulted, even if previous
methods fail - they may not have a suitable challenge for example.
Also, we have a 'local' authentication method, for old-style
'unix if plaintext, sam if encrypted' authentication and a
'guest' module to handle guest logins in a single place.
While this current design is not ideal, I feel that it does
provide a better infrastructure than the current design, and can
be built upon.
The following parameters have changed:
- use rhosts =
This has been replaced by the 'rhosts' authentication method,
and can be specified like 'auth methods = guest rhosts'
- hosts equiv =
This needs both this parameter and an 'auth methods' entry
to be effective. (auth methods = guest hostsequiv ....)
- plaintext to smbpasswd =
This is replaced by specifying 'sam' rather than 'local'
in the auth methods.
The security = parameter is unchanged, and now provides defaults
for the 'auth methods' parameter.
The available auth methods are:
guest
rhosts
hostsequiv
sam (passdb direct hash access)
unix (PAM, crypt() etc)
local (the combination of the above, based on encryption)
smbserver (old security=server)
ntdomain (old security=domain)
winbind (use winbind to cache DC connections)
Assistance in testing, or the production of new and interesting
authentication modules is always appreciated.
Andrew Bartlett
(This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
|
|
Jeremy.
(This used to be commit a58d0f91f9ee7354c01a9c20cfe178d5dc02142d)
|
|
Jeremy.
(This used to be commit 20a4167599ce211f239d0f324e7e73a1c2d8a5a6)
|
|
winbindd.
(This used to be commit 72060a6f5af505d597f372d550d7f3fe559e5550)
|
|
winbindd_lookup_sid_by_name. Also if the lookup fails then clobber
the output parameters rather than leaving them looking potentially
valid.
Add doxygen.
(This used to be commit 61dba52a549039255e46393be1618d3eb54b79dd)
|
|
pointer itself. (Whatever that is.... ;-)
(This used to be commit 1393c7c4ede1d6d624c3f5d0bfa4c18b0c6dc27f)
|
|
in smbd/process.c where the timezone is reinitialised. Was replaced with
check for a static is_initialised boolean.
(This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
|
|
(This used to be commit 8f01a8b07883d18f44da665cbc8e5fba04d3bc91)
|
|
lookupname/lookupsid.
There was a bug in cli_lsa_lookup_name/lookup_sid where NT_STATUS_NONE_MAPPED was
being mapped to NT_STATUS_OK, and also the *wrong* number of entries mapped
was being returned. The correct field is mapped_count, *NOT* num_entries.
Jeremy.
(This used to be commit 9f8c644abc455510c06dbd5dbac49c6270746560)
|
|
Jeremy.
(This used to be commit 7883a2288a6e3198e10ab4e02ed4585e7bb313f6)
|
|
Jeremy.
(This used to be commit d039d4fa507a7284e7e1cada0026c63863fe0a2d)
|
|
Jeremy.
(This used to be commit d3f5d5a4aca0d5bc8c4db7dfa8b766b7cda808eb)
|
|
lookup uses password server parameter when looking for PDCs.
Jeremy.
(This used to be commit 54c968913d6553c6d834b068234ab176917075eb)
|
|
be easily added (a one liner) once we know the correct error codes returned
by a W2K DC.
All other winbindd calls should go through a similar transparent caching layer
(and will soon).
Jeremy.
(This used to be commit b16bb21d371772816a4331f5011c151be0e083d5)
|
|
Jeremy.
(This used to be commit 1f6cc536b2db0c36feee45cfd6ac1ad5ee8fb05a)
|
|
(This used to be commit ebd46aebf921c0026791ffb0afdcffaecb496e8c)
|
|
default, rather than in preprocessor macros.
(This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
|
|
connection caching. Getting ready for back-merge to 2.2.3.
Jeremy.
(This used to be commit 5e8df83ba9924adf9df6827c06ed1a2adbe36edf)
|
|
Now we just keep a record of the open pipes.
(This used to be commit 77c287e9460eed7bde7004c7e6c8cb0099c6ba6f)
|
|
loop in winbindd but it didn't work.
(This used to be commit 3ac32af83849e93c83cd1bb48dc7d23e47ccac59)
|
|
Get list of trusted domains if we haven't fetched them yet.
(This used to be commit ed16aa88a422e759d27dbfae39afc72250c80e8d)
|
|
(This used to be commit 1a9a36159104e1d6248254e1efd9925fc1c956d3)
|
|
Cache negative connection attempt lookups.
Fixed loginc bug in connection_ok()
(This used to be commit e07bcfcccd6d4a29f188d978b2c34a7b18ff21fa)
|
|
(This used to be commit 187663210055ecd7b717b3894e3189ca3aaa0ed2)
|
|
Get list of trusted domains if we haven't fetched them yet.
(This used to be commit a7ef2d20b1bb4bdb1b9a2769b5c654bd0be791b3)
|
|
Ignore the SIGUSR1 signal before we install a handler for it as glibc (?)
seems to just print out "User defined signal 1" and exit if no handler
is installed.
(This used to be commit 1212591095dfe65b5e708bee32be5d57b9f33bc8)
|
|
Remove unused old file.
Test 42 byte reply to SMBntcreate (W2K does this).
Jeremy.
(This used to be commit a55a63a4ca55602ad9221af17c0bc8e185536433)
|
|
call slprintf within a signal handler.
Jeremy.
(This used to be commit a9f7974cb8e266ce87d2979fa107bf7ebbb98b70)
|
|
field.... well, now at least the code is there when it does :-).
Jeremy.
(This used to be commit 22e323ca47325482b6ae527070509ed9c6cbccee)
|