summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7994: This adds support in Winbindd's "security = ads"-mode to retrieve the ↵Günther Deschner7-47/+127
POSIX homedirectory and the loginshell from Active Directory's "Services for Unix". Enable it with: winbind sfu support = yes User-Accounts without SFU-Unix-Attributes will be assigned template-based Shells and Homedirs as before. Note that it doesn't matter which version of Services for Unix you use (2.0, 2.2, 3.0 or 3.5). Samba should detect the correct attributes (msSFULoginShell, msSFU30LoginShell, etc.) automatically. If you also want to share the same uid/gid-space as SFU then also use PADL's ad-idmap-Plugin: idmap backend = ad When using the idmap-plugin only those accounts will appear in Name Service Switch that have those UNIX-attributes which avoids potential uid/gid-space clashes between SFU-ids and automatically assigned idmap-ids. Guenther (This used to be commit 28b59699425b1c954d191fc0e3bd357e4a4e4cd8)
2007-10-10r7949: Work around for broken Solaris header files.Jeremy Allison1-0/+26
Jeremy (This used to be commit 4d5002931056d2a88d49ce060c10bc0fecf4ba50)
2007-10-10r7903: Attempt to fix the AIX buildVolker Lendecke1-10/+10
(This used to be commit bb884b0bf96899bf3cf477bfe2220cdfc7aa596d)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison17-387/+386
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r7877: Attempt to fix a smb_panic reported by Pavel Rochnyack.Volker Lendecke2-15/+29
Volker (This used to be commit 7d1b890fead61551465e2a972e4097d9c1a4d6fd)
2007-10-10r7785: This looks much larger than it is. It changes the top-level functions ↵Volker Lendecke9-298/+368
of the parent winbind not to return winbindd_result. This is to hopefully fix all the problems where a result has been scheduled for write twice. The problematic ones have been the functions that might have been delayed as well as under other circumstances immediately gets answered from the cache. Now a request needs to be explicitly replied to with a request_error() or request_ok(). Volker (This used to be commit 7365c9accf98ec1dd78a59dd7f62462bbb8528d4)
2007-10-10r7454: couple of winbindd fixesGerald Carter4-9/+17
* make sure to use our domain as the account name in the net_req_auth2() request when running on a Samba DC * make sure to lookup the correct domain (not default to ours) when getting an async getpwnam() call (This used to be commit c9c3e3c122a6a04847c448d298b6f1adb4f35a60)
2007-10-10r7440: * merge registry server changes from trunk (so far) for moreGerald Carter1-4/+4
printmig.exe work * merge the sys_select_signal(char c) change from trunk in order to keeo the winbind code in sync (This used to be commit a112c5570a7f8ddddde1af0fa665f40a6067e8cf)
2007-10-10r7423: Fix the build on sol10Volker Lendecke1-1/+1
(This used to be commit e8fde1bd92e8b19c8b5ce22f92cb048de773be1c)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter20-2637/+6290
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r7243: Don't look at gencache.tdb for the trusted domains if winbind is around.Volker Lendecke1-0/+31
Volker (This used to be commit 94acb93f57b963bf137c6ddd644a147f4d0b5175)
2007-10-10r7148: Fix #2736: winbind race condition with detecting idle clientsJim McDonough1-6/+12
winbind idle connection closing logic is getting invoked under high loads for clients which may already have commands in the pipe. This race condition causes clients to fail with NSS_STATUS_UNAVAIL sometimes. We now retry several times hoping (still not guaranteed, though) it will work. (This used to be commit 05c04cfd2526b8b9a82916b5dffc18bf27c3f198)
2007-10-10r7145: reuse the WINBIND_REQUIRED_MEMBERSHIP constant.Günther Deschner1-12/+14
This is just cosmetic but prevents people from thinking that the pam_winbind "require_membership_of"-option is not yet implemented :) Guenther (This used to be commit ef80a49a858d7d81d427c7bac71fdac4fc0d1bd6)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter1-11/+1
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r7130: remove 'winbind enable local accounts' code from the 3.0 treeGerald Carter6-1828/+1
(This used to be commit 318c3db4cb1c85be40b2f812f781bcf5f1da5c19)
2007-10-10r6755: removing domain_sid() since it is not referenced anymoreGerald Carter5-95/+0
(This used to be commit 8104149e6f490fa1a298e61becc8df01ddd92008)
2007-10-10r6682: patch from Qiao Yang <qyang@stbernard.com> to use out own DC when ↵Gerald Carter2-7/+15
getting the SID for a domain (This used to be commit 2e0941ebc1d6a9a9498cc5a9f072d501293f8933)
2007-10-10r6643: fix some build issues on IRIX;l patch from james peachGerald Carter3-4/+10
(This used to be commit 8f78ee6abab9c1dd3e8b15ea3d1d96a651ee0426)
2007-10-10r6627: Fix debug messageVolker Lendecke1-2/+2
(This used to be commit 6a5a9f17fb3c18e9dd8d447889b527055e5e3bd5)
2007-10-10r6566: fix a couple of local group bugs.Gerald Carter1-1/+6
* ensure that we set full access on the handle returned from _samr_create_dom_alias() so that future set_alias commands succeed * fix bug when looking for internal domains in winbindd (caused winbindd_getgrgid() for local groups to fail). (This used to be commit 4615c96ccb8906af4eb1fbe6d0cbf6bb3bcc3fcf)
2007-10-10r6450: * fix typo in htlm_auth help messageGerald Carter1-4/+2
* add synonym for idmap_rid in better lining with other idmap backend names * remove old debug messages when idmap {uid|gid} options are not defined (This used to be commit 03ebf3ebfe83897d8c18e57ed378154d1377874b)
2007-10-10r6401: Fix a debug messageVolker Lendecke1-1/+1
(This used to be commit fb561fe26cc61272e24965b81e276fa5420b146d)
2007-10-10r6351: This is quite a large and intrusive patch, but there are not many ↵Volker Lendecke1-12/+22
pieces that can be taken out of it, so I decided to commit this in one lump. It changes the passdb enumerating functions to use ldap paged results where possible. In particular the samr calls querydispinfo, enumdomusers and friends have undergone significant internal changes. I have tested this extensively with rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will follow later. The code is based on a first implementation by Günther Deschner, but has evolved quite a bit since then. Volker (This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
2007-10-10r6296: add message about known interoperability issue with Windows 2003 SP1 DCsGerald Carter1-0/+10
(This used to be commit 88c2ed1534d5239273458768b7b3f05102a2af16)
2007-10-10r6273: Remove some unused code, minor cleanupVolker Lendecke2-12/+3
(This used to be commit b451434e378e52e8ab6b932d7b26657ea9d0353c)
2007-10-10r6263: Get rid of generate_wellknown_sids, they are const static and ↵Volker Lendecke3-6/+1
initializable statically. Volker (This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
2007-10-10r6225: get rid of warnings from my compiler about nested externsHerb Lewis3-13/+12
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
2007-10-10r6217: After talking to jerry, commit the partial fix for wbinfo -r. This ↵Volker Lendecke1-15/+23
fixes the expansion of domain local groups in case the netsamlogon_cache is valid. The non-samlogon-cache side needs more work, as well as the samlogon cache itself. Volker (This used to be commit b6352a3c46f8e67503945eeac33e157ecea01bfb)
2007-10-10r6216: Brown paper-bag bug fix for wbinfo --user-sids.... Nobody seems to ↵Volker Lendecke1-2/+2
really use domain local groups ... Volker (This used to be commit ed2d76d663a4388acc26a724cf2cdb5c40763def)
2007-10-10r6158: fix some misleading error messagesGerald Carter1-2/+2
(This used to be commit 91a8e1ac6debffe457624a625e0f407bdbbbcb15)
2007-10-10r6154: fix winbindd <-> Windows 2003 sp1 issue.Gerald Carter1-1/+5
Can't do LsaOpenPolicy() over schannel anymore. This is an interesting find as it could imply that there are other changes we haven't seen yet in sp1. Volker, You might want to look at this for trunk. (This used to be commit 82e3a9d9b526522376ea967c66c67b02f2c68dd8)
2007-10-10r6149: Fixes bugs #2498 and 2484.Derrell Lipman4-5/+8
1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task. (This used to be commit 994694f7f26da5099f071e1381271a70407f33bb)
2007-10-10r6127: Eliminated all compiler warnings pertaining to mismatched ↵Derrell Lipman4-4/+5
"qualifiers". The whole of samba comiles warning-free with the default compiler flags. Temporarily defined -Wall to locate other potential problems. Found an unused static function (#ifdefed out rather than deleted, in case it's needed for something in progress). There are also a number of uses of undeclared functions, mostly krb5_*. Files with these problems need to have appropriate header files included, but they are not fixed in this update. oplock_linux.c.c has undefined functions capget() and capset(), which need to have "#undef _POSIX_SOURCE" specified before including <sys/capability.h>, but that could potentially have other side effects, so that remains uncorrected as well. The flag -Wall should be added permanently to CFLAGS, and all warnings then generated should be eliminated. (This used to be commit 5b19ede88ed80318e392f8017f4573fbb2ecbe0f)
2007-10-10r6080: Port some of the non-critical changes from HEAD to 3_0. The main one ↵Volker Lendecke1-4/+53
is the change in pdb_enum_alias_memberships to match samr.idl a bit closer. Volker (This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f)
2007-10-10r6040: finish out 'net rpc service list'Gerald Carter1-1/+0
(This used to be commit 42588ba50cb1b47a00f3e0bed33ca3431eb8af14)
2007-10-10r6036: patch from Lin Li <linl@xandros.com> to ensure trusted domains are ↵Gerald Carter2-0/+7
initialized whenenumerating users and groups (This used to be commit 105a63c207e8d2b03a30dec2b8b55b92047cba80)
2007-10-10r5945: BUG 2516: fix compile issue on True64Gerald Carter1-1/+1
(This used to be commit 5205949dac4566a815ea443114309c284270ba91)
2007-10-10r5751: fix another (correct) compiler warningGerald Carter1-1/+1
(This used to be commit 642a2d5a0aecd507d4f26dc2250de3667af3abbf)
2007-10-10r5724: Fix compiler warningVolker Lendecke1-1/+1
(This used to be commit c2f710e3219aab647c0ed294d1d3481f5578b930)
2007-10-10r5654: Fix bug 1604 -- make winbind work with more than 10 trusted domains.Volker Lendecke1-3/+34
TODO: This needs to be merged to trunk separately, it has changed a little, but it's friday evening here. Volker (This used to be commit 49c3e04632e9fcdf552259412e8ec54d18269516)
2007-10-10r5471: In cli_samr_lookup_rids, flags is not a flags but an array size. W2k3 ↵Volker Lendecke1-1/+1
rejects everything but 1000 here, so there's no point in exposing that to the caller. Thanks, Volker (This used to be commit 03ec1bd9e54b065c0494bc57a3d78ac0ae28e234)
2007-10-10r5428: Apply some const. LDAP attribs should now be declared const char ↵Volker Lendecke1-1/+1
*attr[]. This gives some new warnings in smbldap.c, but a the callers are cleaned up. Volker (This used to be commit 543799fc0ddc3176469acc1fab7093c41556d403)
2007-10-10r5336: BUG 2329: fix to re-enable winbindd to locate DC's when 'disable ↵Gerald Carter2-69/+86
netbios = yes' (This used to be commit 75a223f1188ae0041c9e3c748af107d642f73810)
2007-10-10r5331: Support SIDs as %s replacements in the afs username map parameter.Volker Lendecke1-0/+12
Add 'log nt token command' parameter. If set, %s is replaced with the user sid, and %t takes all the group sids. Volker (This used to be commit e7dc9fde45c750013ad07f584599dd51f8eb8a54)
2007-10-10r5314: Some const, and an uninitialized variable fix.Volker Lendecke1-4/+4
Volker (This used to be commit b48a46162d7971be3d44d403a2d62247ef2321f7)
2007-10-10r5207: patches from Jay Fenlason @ RedHat (scooped from their Fedora packages)Gerald Carter2-3/+4
(This used to be commit 9019a8436162d3606f6b8584701b0832cf5a7439)
2007-10-10r4967: Not being in any domain local groups is obviously valid...Volker Lendecke1-1/+1
Volker (This used to be commit 78975ab9a996ac61be37410f18ddedb9df58d04b)
2007-10-10r4905: patch from abartlet to remove storing the auth-user credentials from ↵Gerald Carter1-4/+0
the cli* in cm_prepare_connection(). using credentials from a domain other thanour primary domain will cause the schannel setup to fail (This used to be commit a13e29b5f2f1e48225b5b5964bc0777948f16622)
2007-10-10r4760: Make wbinfo --user-sids expand domain local groups. Andrew B., my testingVolker Lendecke6-0/+206
shows that this info is correctly returned to us in to info3 struct, so check_info3_in_group does not need to be adapted. Volker (This used to be commit a84e778cafcefdc1809474c2123e757c8c9d9b70)
2007-10-10r4749: Fix memleakVolker Lendecke1-0/+2
(This used to be commit a8aab6de7516b70cae6c096883874fa152777b13)
generated by cgit (git 2.34.1) at 2024-07-12 08:42:45 +0000