Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit e5b5c9b058b7f2a6188684019ffe42e497ac6b6c)
|
|
(This used to be commit 3d0661b0393804707eb42d9ee9377a622333f252)
|
|
Directory:
When having DC-less sites, AD assigns DCs from other sites to that site
that does not have it's own DC. The most reliable way for us to identify
the nearest DC - in that and all other cases - is the closest_dc flag in
the CLDAP reply.
Guenther
(This used to be commit ff004f7284cb047e738ba3d3ad6602e8aa84e883)
|
|
in core dump path.
(This used to be commit 9a51fba71c5fa7082c331e1a78a98638d9aa06cf)
|
|
make the change before theprevious commit.
(This used to be commit 815388c4c8be1274359679077a120fec4cc39b0f)
|
|
winbindd and fail to disable the _NO_WINBIND environment.
(This used to be commit a6366b40b3967853c20ca5399021108f09ffd505)
|
|
is completely useless (and in fact harmful :-) in
that it causes a winbindd error where there should
be none.
Jeremy.
(This used to be commit acf5419d62f4ac64449d4722c5ff3c9be35c0570)
|
|
get paranoid. I don't think this can really happen, but let's be
sure.
Jeremy.
(This used to be commit be4709984b8548abf10a5e9fabba21d53440c42a)
|
|
WINBINDD_ERROR.
Guenther
(This used to be commit 6089b3007bf92904ca4562d21958d7922143dbcb)
|
|
That one was hard to find: when coming from offline mode and switching
to online, a refresh sequence number call (using the default MS-RPC
mechanism) may reset domain->backend to NULL (by the set_domain_online
event). We need to make sure to reidentify the remote domain in that
case.
Guenther
(This used to be commit 4d6503d1377a262ba8b87f344be7daf04e011ef2)
|
|
just before writing to the winbind cache tdb.
Guenther
(This used to be commit bd8548998b06a84c2e66acbcb68542a4b5d8b8df)
|
|
field.
Guenther
(This used to be commit 66b92f27fa4edec180b8c8eee929ec8f31ef6a08)
|
|
Guenther
(This used to be commit a4d17ee9c960abdf21b9af1601bd1042e0cd7636)
|
|
Guenther
(This used to be commit 9621bb420a13e634badcc922c73c8bfb30aa6120)
|
|
Guenther
(This used to be commit 37dd019e21cab2f0df314b0b741f79422fc10d1b)
|
|
fields are initialized to zero.
Jeremy.
(This used to be commit 8a0ff70e8e562db17b8d90dbde7aeb0314d270da)
|
|
(This used to be commit 3ea8399bc9ae9de0a6eb0efe0f5b96f923b62082)
|
|
Jeremy.
(This used to be commit c55b9111f60debe4c5a7765273fc86ac3829f31c)
|
|
winbind module by Luke
Mewburn.
Volker
(This used to be commit 104f5e9ec9aea71950308b8b73479f06bf3c66a2)
|
|
(This used to be commit cc6cdabf19e9a610be064e26fdf3a9d2a3c76c2c)
|
|
Jerry.
If "enum users" is set to false, and the group being looked
up is the Domain Users SID: S-1-5-domain-513, then for the
list of members check if the querying user is in that group,
and if so only return that user as the gr_mem array.
We can change this to a different parameter than "enum users"
if neccessaey, or parameterize the group list we do this for.
Jeremy.
(This used to be commit 91b40e25cc38ed6e8df9e448da975d3e202d919f)
|
|
"winbind use default domain" is set. Defaults to "root, nobody, lp"
currently.
Guenther
(This used to be commit b5b42196a6f2869deefc700dc98060f5ab832e40)
|
|
here in winbindd_getdcname().
Guenther
(This used to be commit 58a181edc5ea8e87e9978f11a5a729ad4dc60091)
|
|
(This used to be commit e6560270499365ca42517f6a7cf40845ee80edfb)
|
|
network queries.
Jeremy.
(This used to be commit e4d5e1d90b40fee1edc5cf0134b276645eea63bf)
|
|
messages to internal domains, or to domains not being
serviced by a winbindd child. Ensure the child online
offline requests are domain specific.
Jeremy.
(This used to be commit 81a9dc4b9fbd4a9bb67f55aa744bf609d6aba1c2)
|
|
NSS protocols auth, chauthtok, logoff, ccache_ntlm_auth.
That way we ensure winbindd only deals with fully
qualified names internally. The NSS protocols
auth_crap and chng_pswd_auth_crap should be fixed
to do the same thing.
Jeremy.
(This used to be commit dbd2454d3337f64cddbdaf39e9efd6505e6b2590)
|
|
anymore in 3_0. I'm just adding a time(NULL) as value for the
WINBINDD_OFFLINE key.
Guenther
(This used to be commit 2bdf9f140f76d6eb73b34148c47f7d3447e2e563)
|
|
Jeremy.
(This used to be commit 99bebb65273c78d9867254c47438577bb21af4ee)
|
|
Jeremy.
(This used to be commit 42e5481ce4bebc65040d466b49e3c45cd4e79f5d)
|
|
work again. Still under test.
Jeremy.
(This used to be commit 40a455db78f805daa6bfeb9e78fb78dcc12fd9a7)
|
|
Guenther
(This used to be commit 44e228ac796fca2db8509915067511ed705032bf)
|
|
the moment) but winbindd isn't run in the build farm
so hopefully won't break anything too badly - I don't
want to lose this.
If winbindd starts offline then it falls back to using
MS-RPC backend. On going online it needs to reset the
backend and try and go to using the AD backend code if
possible, as the MS-RPC sequence number fetch just returns
1 as the sequence number if run against an AD DC.
In addition, the winbindd async child may end up
with the AD backend whilst the main winbindd - which
still contacts the DC for some non-async calls, is
left using MS-RPC. This can cause some trouble (as
you can imagine :-).
Attempt to ensure both main winbindd and async children
us AD backends on going online.
Jeremy.
(This used to be commit 5efd4b04b89ace4b264e9ac37a90e202749792be)
|
|
The attached patch cleans up pam_winbind a tiny bit. Instead of making
exceptions for all pam implementations except for Linux' it's better
to make an exception for the only pam implementation which is
different from all the others. This is equivalent to what pam_smb_auth
does already.
-----------------
Jeremy
(This used to be commit 8e5596470822d20740f86585a6cf67240f2face4)
|
|
(This used to be commit c53e2e54750764c9a0eb57a86fd226b4f8711a66)
|
|
(This used to be commit 45628f71cfc770b1ba67abf38aac53ac40773cd0)
|
|
HAVE_KRB5. If WITH_ADS does not imply KRB5, we have to fix that.
Lets see what the build farm thinks about this.
Volker
(This used to be commit 27b063078dff0d8c5eb552dd73825f6858d04e4b)
|
|
move into the domain struct. Allow message to go online
to set this state and cope with removing it.
Jeremy.
(This used to be commit 51f0e60cc3a652b0ff1658d4c07bfc9493fbc51a)
|
|
socket_wrapper defined ioctl swrap_ioctl
metze
(This used to be commit e43d1f6c17c8a44c989a57309b8378c1dd8f591c)
|
|
(the domain is NULL here)
(This used to be commit a36de910d289363a5374fe063099311712d4e57a)
|
|
it in.
(This used to be commit 4e464a2c35984752244f30ce9bb259eb16149e3f)
|
|
Guenther
(This used to be commit 143a48927b0e21d31a9f54cfc720b5d04a4b6751)
|
|
Guenther
(This used to be commit 2a605a0b175dc0ccc65ee2dc68e394bef7c954d1)
|
|
Guenther
(This used to be commit b1cd9d45e9581bec56bfdc21d2a8afb7f094be22)
|
|
cache time = 0".
Guenther
(This used to be commit 9ac6016e32d236e7470919c075df551d1d73498c)
|
|
this hopefully fixes the build on AIX
metze
(This used to be commit ef1001f5a269f3d6a66f40e3fb01eccc807dcd7e)
|
|
metze
(This used to be commit 454d9590de6ff94a1edd7321e26af0f0978a356a)
|
|
Guenther
(This used to be commit 8006cf962b4a33278414fcdf07bf94d739cb4aab)
|
|
We usually do not get the results from user/group script modifications
immediately. A lot of users do add nscd restart/refresh commands into
their scripts to workaround that while we could flush the nscd caches
directly using libnscd.
Guenther
(This used to be commit 7db6ce295afbedfada7b207ad56566d2195a0d21)
|
|
(This used to be commit 8c60e71229cd577f3b17345c5824363dd202eba9)
|