Age | Commit message (Collapse) | Author | Files | Lines |
|
domains) would not have the tokenGroups or memberOf attributes filled in.
This would cause a user to have no supplementary group membership.
Detect this by the fact that the primaryGid must be present in the tokenGroups,
and if it isn't (ie, if there is no tokenGroups at all), do a server-side
search on all groups using the 'member' attribute and the user's DN.
Andrew Bartlett
(This used to be commit a074f74e627e1d947a76bcf3a39e3c5df4d4ffe5)
|
|
inline the call to prs_copy_all_data_out() so that we can know we are not
overrunning our buffer.
Also check more return values.
Andrew Bartlett
(This used to be commit e3b73d5d658584428c81c9ef3ccf024687a56e2f)
|
|
section...does this make sense?
(This used to be commit 822083f73e8ba4e096c53ff0f7578f47bc21b7b5)
|
|
(This used to be commit 1ea27d7987d2c0f67977371a99efec3ded13c872)
|
|
This patch adds the architecture for an IDMAP backend system including a new
smb.conf parameter "winbind backend". Right now, the only valid value is "tdb"
but I'm currently working on an LDAP backend.
(This used to be commit 35e4448dcb2deb0d5d34d9e974a49f2fb31f1356)
|
|
return a DN for the user. Make sure we don't segfault.
Andrew Bartlett
(This used to be commit 9fdedeff6a3a9f8e8d048e6afd7001ad676c4e91)
|
|
replace.c function).
(This used to be commit adad4c66fcfe756277de8c325ac9f8010f9d6f9c)
|
|
(According to the manpages, you cannot put a stack variable into putenv()).
Yes, this leaks memory.
Andrew Bartlett
(This used to be commit 50bced1e26434ecc7474964062746e2831e5f433)
|
|
(pdbedit already has a -V option..)
(This used to be commit 5de622968d95c1436dbd34edc8d0a9bbff68916b)
|
|
(This used to be commit fe449328b226a33ad1c64e087fe63e79f90ab4ac)
|
|
all cm_get_XX calls and their subsequent requests in a retry loop in case
we've temporarily lost connection to the DC. Makes winbindd more reliable.
Jeremy.
(This used to be commit 81f358b632dbf7043d2a716359b0fcf7c647af0a)
|
|
Needed to move to disk based i/o later.
Jeremy.
(This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
|
|
(Sorry - I should have checked this in yesterday but forgot)
(This used to be commit 7420ddcda8e7189cedacb2c60f5ea265b8c35bda)
|
|
(This used to be commit 6186c10ceb2e61cd684968b56d3f32d9916538f8)
|
|
blame for the realloc() stuff.
Plus a couple of minor updates to libads.
Andrew Bartlett
(This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
|
|
Jeremy.
(This used to be commit 6624fa59d749b0c0d6aacc35b9b6ba2b567d6eb4)
|
|
(This used to be commit d3962da61a5717dda7e99996bbeb4735d4373041)
|
|
Jeremy.
(This used to be commit 3d04872499332ef2d8e7479b924afc8fc1ac29d7)
|
|
of the SWAT code, and adding a base64 encoder.
The main purpose of this patch is to add NTLMSSP support to 'ntlm_auth', for
use with Squid. Unfortunetly the squid side doesn't quite support what we need
yet.
Changes to winbind to get us the info we need, and a couple of consequential
changes/cleanups in the rest of the code.
Andrew Bartlett
(This used to be commit fe50ca8f54ded2e119bde08831785fbe0db2ee99)
|
|
Jeremy.
(This used to be commit af8a5d79682410482646eea075dff2d344d60e31)
|
|
(This used to be commit 9ac196dad4893b0ceef13281a140be5d85391e6c)
|
|
seem to do anything useful anymore other than call
secrets_fetch_trust_account_password().
(This used to be commit 7b0c03cbf1376f82b0bb5f4cf86e2db3b0bc1dec)
|
|
(This used to be commit c64e2308bae31d48171685b3b67b8cace1b003b5)
|
|
simpler as the rescanning of trusted domains helps us out a bit.
(This used to be commit 089729c02cb2088e85f0e7f8ec79afb58fe98be7)
|
|
Andrew Bartlett
(This used to be commit 90d05176534cfd97ed3827bddfeb3a0cb7f22683)
|
|
name, not vice versa.
(This used to be commit be835d01e10a75aecfb1b166bc6e0ea796c60cce)
|
|
(This used to be commit e3b1e64d9f23347a5ecefeb15329b6ec8971a55e)
|
|
groups.
Jeremy.
(This used to be commit cde517cedf3521b815faf2bdaf7940a611a28650)
|
|
(This used to be commit 4c48c475a28450ad4fd8dcc8263e841c0c39a80e)
|
|
So a < 0 check is pointless, instead check against -1, which will be cast to
unsigned.
Andrew Bartlett
(This used to be commit c7e5797a95804d5779cdfc93795adcdf2fe82a59)
|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
|
|
server = DC1 *
(This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
|
|
can't create the socket.
Andrew Bartlett
(This used to be commit 13b9af53bff8e42126a38f93c3bdd5b4d9b20aba)
|
|
variable hack, the feild on the pipe, and the server-side.
It only controlled some enum operations in any case.
This is to try and have less 'magic' environment variables.
Andrew Bartlett
(This used to be commit e4be82e4e2c7cdf15f3e20f73fe9f281f6384423)
|
|
cache code.
This uses gencache, mimir's new caching code that stores at text-based cache
of various data.
Mimir has done a *lot* of work on this patch, and it is finally time to
get it in CVS.
Andrew Bartlett
(This used to be commit 47f3bfe9564e7f3aff60cefaefd599e0abb30a31)
|
|
90% fix for CR 1076. The password server parameter will no take things
like
password server = DC1 *
which means to contact DC1 first and the go to auto lookup if it
fails.
jerry
(This used to be commit c31a17889e3e4daf7c1e807038efc2c0fba78be3)
|
|
before reading smb.conf parameters, not after.
(This used to be commit 2beebe252f8fc76366d38024b0578f83d8542d1d)
|
|
domain)
(This used to be commit 3ac98b59632fd771b8819f88a479ef4c0daade68)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
|
|
(This used to be commit d422a51b3a076b6398f7b755d16319d9e7c48c75)
|
|
(This used to be commit 488e985caa0b0e3e2a6665eb2515a2c99745d861)
|
|
append writes.
(blessed by jra)
Andrew Bartlett
(This used to be commit 81633064dd196c40541ecece8def51745f514646)
|
|
Keep the rest of the cleanups though.
(This used to be commit f0a1177acf82fceb174df1852d87a6e16d63fd63)
|
|
the holding pattern when started up when security = user or security = ads.
Clean up return value of winbindd_common_init() - what a mess!
(This used to be commit 8a6d37752182e0de7fd04b2c31f90e145dde783b)
|
|
than the version in APPLIANCE so watch out for boogs.
(This used to be commit 1e054e3db654801fbb5580211529cdfdea9ed686)
|
|
(This used to be commit 48ed9dce0dab53066d3304baa0f24639a1f1755b)
|
|
empty username/password is passed on the command line. Previously we were
leaving the domain name set and the password set to a NULL character.
Added a --get-auth-user command to display the restrict anonymous username
information. Can only be run successfully by root.
(This used to be commit 0bb9bc196207fb35c9de6accbe101937a687762f)
|
|
- move winbindd client handling into accessor functions in
winbindd_util.c
- move some winbindd socket routines into accessor functions in
winbindd_utils.c
(The deadlock situation mentioned in the appliance branch is probably
not applicable since we don't clear the connection cache on SIGHUP.
Perhaps we should?)
(This used to be commit 846b5494942c73e68616e7eae0d2fd5ae4b2bc05)
|
|
anonymous support) is blank.
(This used to be commit 7badccda46a0837dd9da802b44c2fbcb4f38845a)
|