summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2001-12-10use objectCategory instead of objectClass for faster searchingAndrew Tridgell1-3/+3
(This used to be commit 4d3b827e5ac1ac20ec31acdc1e2a0264f1c18e43)
2001-12-10Merge of memory leak fixes from APPLIANCE_TNG.Tim Potter1-0/+7
(This used to be commit b198de92d2149ba2f5010c76e715d274b8f29c2a)
2001-12-10winbindd backends can now be marked "consistent" or "inconsistent"Andrew Tridgell4-33/+93
consistent backends (like ADS) always give correct primary group info, so we can play cache tricks to speed things up a lot inconsistent backends (like MSRPC) need to fetch stuff more often (This used to be commit 217c39f23282e20f96a61a0d5a2434b3f5f66a86)
2001-12-10shrank the winbindd_cache.tdb somewhatAndrew Tridgell1-27/+63
on my system it now uses 132k for 308 users (This used to be commit 2b396f9172bb4c2d1d9216d724a1aaab8bb22ba8)
2001-12-10added some commentsAndrew Tridgell1-0/+2
(This used to be commit 34589d5a4786b7e441efecaef0575f9eaa0d7edf)
2001-12-10moved the domain sid lookup and enumeration of trusted domains intoAndrew Tridgell5-109/+143
the backends at startup, loop until we get the domain sid for our primary domain, trying every 10 seconds. This makes winbindd handle a room-wide power failure better (This used to be commit 7c60ae59378be1b2af2e57ee3927966a29a797a5)
2001-12-10added some commentsAndrew Tridgell2-4/+2
(This used to be commit 5ab2c8b8214236b4cd028f791e9ddb76a9973d74)
2001-12-10make sid_binstring available without HAVE_ADSAndrew Tridgell3-52/+8
(This used to be commit 4a6d29768665f71b72cf48ee34ee9a9c451232f6)
2001-12-10explicitly encode NULL strings in the cacheAndrew Tridgell1-1/+15
(This used to be commit 77c1376456765a7afe90afad96fab819fdcf8af3)
2001-12-10removed a debug lineAndrew Tridgell1-2/+0
(This used to be commit ec4c90fd7f56f8870884e5a27622cae71d154eca)
2001-12-09completely new winbindd cache infrastructureAndrew Tridgell9-756/+591
this one looks like just another winbind backend, and has the following properties: - does -ve and +ve cacheing of all queries - can be disabled with -n switch to winbindd - stores all records packed, so even huge domains are not a problem for a complete cache - handles the server being down - uses sequence numbers for all entries This fixes a lot of problems with winbindd. Serving from cache is now *very* fast. (This used to be commit fddb4f4c04473a60a97212c0c8e143d6a4d68380)
2001-12-09- use accountype not accountcontrolAndrew Tridgell1-8/+26
- better debug code (This used to be commit 01f63b9c92137e6de906412952c7a2c8da21dfbe)
2001-12-09fixed type passed to ads_searchAndrew Tridgell1-2/+1
(This used to be commit 0ff30848f3ef4f38e9bc80dc96be4f37bb2dcb0e)
2001-12-08added internal sasl/gssapi code. This means we are no longer dependent on ↵Andrew Tridgell2-11/+78
cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm (This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
2001-12-06Fixed typo in fix for typo in debug. (-:Tim Potter1-1/+1
(This used to be commit 7c64e5f1481e832767ae07e63d7d9d116131b331)
2001-12-05fixed a memory leakAndrew Tridgell1-1/+4
(This used to be commit 45c328800e42ba01c8d6113c0691546804137677)
2001-12-05added a REALLY gross hack into kerberos_kinit_password so thatAndrew Tridgell1-1/+1
winbindd can do a kinit this will be removed once we have code that gets a tgt and puts it in a place where cyrus-sasl can see it (This used to be commit 7d94f1b7365215a020d3678d03d820a7d086174f)
2001-12-05moved the sequence number fetch into the backend, and fetch theAndrew Tridgell6-80/+77
sequence number via ldap when using ads (This used to be commit 9a084f0bb91883224ad44e2b76417d10c15cce42)
2001-12-05don't double free ldap message listsAndrew Tridgell1-3/+0
(This used to be commit f64612b89bae1148d73555cac00f6019a01f9304)
2001-12-05fixed another leak - memory usage now seems to be quite smallAndrew Tridgell1-0/+2
(This used to be commit a45e3968590a021c1b464db5265a09ba48cb5797)
2001-12-05added very basic ads connection cacheingAndrew Tridgell2-84/+46
(This used to be commit 7de670cd15c1a87dd01ab22d74a7e6cbf5ae6673)
2001-12-05plugged most of the memory leaksAndrew Tridgell1-74/+120
(This used to be commit 60b5d4432abd905ee61fe381487ed87139134685)
2001-12-05added the last winbindd/ads backend functionAndrew Tridgell1-1/+66
winbindd is now fully functional with a native mode w2k server now for the memory leaks and speed ... (This used to be commit fad564c177049eb47e5bf48c98b62281c6348ffc)
2001-12-05finally worked out how to do ldap lookups by binary blobs, so I canAndrew Tridgell7-170/+250
now do searches on SID. This allows me to do a true ldap sid_to_name() function one one function to go! (This used to be commit 7d44aa3915bc88fd2b2f8454f190b11677cbb848)
2001-12-05Fixed parse_domain_user to be bool.Jeremy Allison8-80/+57
Jeremy. (This used to be commit 9563de2ef8c1197f4941671d2fdade7d933c32d0)
2001-12-04Correct message on wbinfo fail to open config file.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 9b7182a9da24b53f3501f6562dc66bed67fb9133)
2001-12-04added lookup_groups() to the ads backendAndrew Tridgell4-8/+69
winbindd/ADS can now do initgroups() (This used to be commit 43edeaca9f3a42699131939ed0d917111f57b678)
2001-12-04moved lookup_usergroups() into the backend structureAndrew Tridgell6-72/+83
(This used to be commit 689f45d2079d06b09947b2cdd314867df98c938d)
2001-12-04added a query_user backendAndrew Tridgell7-97/+169
fixed a winbindd crash when the group membership can't be looked up (This used to be commit 088f4cc5be4a1a38781e4d019146d53993ed8c6f)
2001-12-03changed query_dispinfo to query_user_listAndrew Tridgell4-23/+23
(This used to be commit 80010d80f93cfb32c53a1720c7564fb080846f35)
2001-12-03put sid_to_name behind the winbindd backend interfaceAndrew Tridgell5-30/+57
I spent quite a while trying to work out how to make this call via ldap and failed. I then found that MS servers seem use rpc for sid_to_name, and it works even when in native mode, I ended up just implementing it via rpc (This used to be commit 789833b44e342c0b5de463ed8f9b5f7474a99f27)
2001-12-03added name_to_sid to the backendAndrew Tridgell10-111/+186
(This used to be commit 816e40a51af80a7f703c0451304de406deab3dd8)
2001-12-03added a basic ADS backend to winbind. More work needed, but atAndrew Tridgell3-12/+233
least basic operations work (This used to be commit 88241cab983b2c7db7d477c6c4654694a7a56cd3)
2001-12-03fixed the nsswitch initgroups codeAndrew Tridgell1-8/+10
added a nsstest test program that directly tests all the nss interfaces using dlopen() (This used to be commit aee19090d3b957372b234a412cd9db8896650feb)
2001-12-03split winbindd_enum_dom_groups into the new backend structureAndrew Tridgell5-94/+142
also created winbindd_rpc.c which contains the functions that have been converted to the new structure. There will soon be a winbindd_ads.c for the ldap backend (This used to be commit e4ccc602ba65838646f2632120069f3274619dd9)
2001-12-01The beginnings of alternative backends for winbinddAndrew Tridgell5-66/+94
This just splits off the dispinfo call behind a methods structure. I'll split off a few more functions soon, then we will be ready for LDAP replacement methods (This used to be commit 0216b0fca115c903ec31ed21427a83c62077dc95)
2001-11-29I think the lookup_pdc_name() should be called lookup_dc_name() and theTim Potter1-4/+13
name_status_find() call here should look up a #1c name instead of #1d. This fixes some bugs currently with BDC authentication in winbindd and in smbd as you can't query the #1d name with the ip address of a BDC. Who is Uncle Tom Cobbley anyway? (This used to be commit 4215048f7b20a8f9e5877bdbb2f54841b2f7fa64)
2001-11-27Some reformatting.Tim Potter1-223/+229
M-x tabify (This used to be commit 6446d2acd5ead098e5e51b06df5bf78b9e315418)
2001-11-27Added negative caching to group lookups.Jeremy Allison2-48/+87
Jeremy. (This used to be commit fceba7dea5b09ac9ce509c5252a46be8e4d3de85)
2001-11-27Added negative caching to the user pw lookup by name and by uid.Jeremy Allison2-136/+159
Jeremy. (This used to be commit 4013ae87a1c73ceba346de2a0b905e7c8df355c4)
2001-11-27nsswitch/winbindd_group.c nsswitch/winbindd_user.c: formatting fixups.Jeremy Allison2-28/+29
smbd/open.c: Fix "delete on close" for directories. Jeremy. (This used to be commit 014b0973a3b3b9eb22cce3053171fa55f5c16a63)
2001-11-26don't die with a FPE if there are no DCsAndrew Tridgell1-0/+2
(This used to be commit b5999473482475ef64212f4f7204c7895cf8fdf3)
2001-11-26Another merge from appliance-head: in [ug]id_to_sid don't call theTim Potter1-47/+7
winbind function if the id is obviously going to be local. Cleanup of winbind [ug]id parameter handling. (This used to be commit 4ab9ca31a02b3388aa89a00e0390ea9e4c76283a)
2001-11-26Got medieval on another pointless extern. Removed extern struct ipzeroTim Potter1-2/+2
and replaced with two functions: void zero_ip(struct in_adder *ip); BOOL is_zero_ip(struct in_addr ip); (This used to be commit 778f5f77a66cda76348a7c6f64cd63afe2bfe077)
2001-11-26Removed bogus SAFE_FREE() call of talloced return data fromTim Potter3-19/+19
winbindd_lookup_usergroups() (This used to be commit dd2048c418da7a08bc71305491953731fc427f5a)
2001-11-26Fixed some indentation.Tim Potter1-2/+2
(This used to be commit 1dd462844a9b90b498ee79ca33e4048980e2af5f)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-5/+7
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-23Fixed delete on close bug. Added core dump code to winbindd.Jeremy Allison2-3/+59
Jeremy. (This used to be commit a58d0f91f9ee7354c01a9c20cfe178d5dc02142d)
2001-11-23Set type to NOTUSED if lookup fail.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 20a4167599ce211f239d0f324e7e73a1c2d8a5a6)
2001-11-23Got rid of that stupid parse_domain_user() warning when compilingTim Potter1-22/+0
winbindd. (This used to be commit 72060a6f5af505d597f372d550d7f3fe559e5550)