Age | Commit message (Collapse) | Author | Files | Lines |
|
call :-).
Jeremy.
(This used to be commit 3c9fd2bdee097394cb0d0b6683748835c6a2d3a0)
|
|
(This used to be commit fae17e0f9d228bab9992287507babd6a8fd53f97)
|
|
This patch add privilege support for samba
Currently it is implemented only for tdbsam backend but estending it to
other sam backends is straightforward.
I must make a big thank to JFM for his teachings on the matter and the
functions at the base of this work.
At thye moment only samr_create_user honours SeAddUsersPrivilege and
SeMachineAccountPrivilege to permit any user to add machines and/or users to
the server.
The command "net priv" has been provided to manipulate the privileges
database.
There are still many things to do (like support in "net rpc vampire") but
the working core is here.
Feel free to comment/extend on this work.
Of course I will deny that any bug may affect this code :-)
Simo.
This patch adds also my patch about add share command enhancements.
(This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
|
|
(This used to be commit aa67c77515097cc21a9de727bf3722c04de313f9)
|
|
(This used to be commit b94ca7e7be7a6f0674cafa76bf30a46f2f36bd8f)
|
|
* don't set the unix_ERR_XX code in mkdir_internal, let the error mapping
handle it.
(This used to be commit 758bbfb5f133c3c85e3092ad88294ae4abbbbc6f)
|
|
Remove source_env handler (no longer used in any codepath).
Jeremy.
(This used to be commit be60768e64ae2061f220faa3943dcb0588393dbc)
|
|
(This used to be commit c81c0ffaabaa805211d9c6e1ab5aa66a02365e26)
|
|
Jeremy.
(This used to be commit 72d8eea25dbb54d7ef78264cd6f419220dc85fb6)
|
|
(This used to be commit c98399e3c9d74e19b7c9d806ca8028b48866931e)
|
|
ldap rebind sleep -> ldap replication sleep
While writing documentation for metze's patch, it became clear that this is a
better name.
Andrew Bartlett
(This used to be commit bac2c20adf6a8f541f227652d4da3d8f31f1a648)
|
|
When smb.conf tells us to write to a read-only LDAP replica and we are
redirected by the LDAP server, the replication might take some seconds,
especially over slow links. This patch delays the next read after a rebind for
'ldap rebind sleep' milliseconds.
Metze, thanks for your patience.
Volker
(This used to be commit 7293550e3642e2553684a7011084dabb0b78fd24)
|
|
actually used.... 'afs username map' should not show up in the swat basic
view. :-)
Maybe I should use swat from time to time....
Volker
(This used to be commit 82f47aeca3d376d766efc36fdf2efe158f975484)
|
|
Jeremy.
(This used to be commit 4d49fb806db6868f97069a603a28a85dc31cfe21)
|
|
are written out surrounded by single quotes. This means that
both double and single quotes are now used to surround
strings in smb.conf. This is a slight change from the previous
behavior but needed or else things like
printer admin = +ntadmin, 'VALE\Domain, Admin'
get written to smb.conf by SWAT.
(This used to be commit 59e9d6e301c752e99fb6a50204d7941f7f84566a)
|
|
Jeremy.
(This used to be commit 2b39e3f12a12f0863bf76d996c0d0db422d593bc)
|
|
suffix values in SWAT; based on tpot's original patch; bug 328
(This used to be commit b1d5173b16c40d55cfb6265f1d1947ec78952b6f)
|
|
(not /etc/group) even when doing local aliases
* remove "hide local users" parameter; we have this
behavior built into 3.0
(This used to be commit 3b75e862dfba42c95e2279c300c06bb981f52993)
|
|
Add module support for configuration loading
Add a first implementation of config_ldap module to put samba configuration
on ldap
It worked on my test machine, please try it out and send bugfixes :-)
have fun,
Simo.
INSTRUCTIONS:
Just add something like this to your smb.conf file:
config backend = config_ldap:ldap://localhost
config_ldap:basedn = dc=samba,dc=org
the config tree must follow this scheme:
ou=foo, dc=samba, dc=org <- global section
|- sambaOptionName=log level, ou=foo, ... <- options
|- ...
|- sambaShareName=testlc, ou=foo, ... == [testlc]
|- sambaOptionName=path, sambaShareName=testlc, ou=foo, ... <- option
here is a sample ldif:
# foo, samba, org
dn: ou=foo, dc=samba, dc=org
objectClass: organizationalUnit
objectClass: sambaConfig
ou: foo
description: Test Foo
# log level, foo, samba, org
dn: sambaOptionName=log level, ou=foo, dc=samba, dc=org
objectClass: sambaConfigOption
sambaOptionName: log level
sambaIntegerOption: 10
description: log level 10 is suitable for good debugging
# testlc, foo, samba, org
dn: sambaShareName=testlc, ou=foo, dc=samba, dc=org
objectClass: sambaShare
sambaShareName: testlc
description: share to test ldap config module actually works
# path, testlc, foo, samba, org
dn: sambaOptionName=path, sambaShareName=testlc, ou=foo, dc=samba, dc=org
objectClass: sambaConfigOption
sambaOptionName: path
sambaStringOption: /tmp
description: Path for share testlc
# read only, testlc, foo, samba, org
dn: sambaOptionName=read only, sambaShareName=testlc, ou=foo, dc=samba,
dc=org
objectClass: sambaConfigOption
sambaOptionName: read only
sambaBoolOption: TRUE
description: Share testlc is read only
# guest ok, testlc, foo, samba, org
dn: sambaOptionName=guest ok, sambaShareName=testlc, ou=foo, dc=samba,
dc=org
objectClass: sambaConfigOption
sambaOptionName: guest ok
sambaBoolOption: TRUE
description: Guest users are allowed to connect to testlc share
(This used to be commit 207968eafc2c2a185e50e2132702d7bab2142aba)
|
|
Jeremy.
(This used to be commit 5d52e6b3016960cc3be33d3cd15725cce5fd0580)
|
|
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at
all and I really want to discourage that.
Jeremy.
(This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
|
|
laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.
As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)
Simo.
(This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
|
|
>Moving towards better i18n support in SWAT. This commit contains a
>bunch of updates to bug 413 from Monyo:
>
>1) pick up proper strings to call msg strings for example to add
> strings in wizard menu in web/swat.c, web/statuspage.c and
> param/loadparm.c.
>
>2) define N_() macro in include/intl.h to pick up some strings
> in param/loadparm.c
>
>3) quote all name and value tag with '"'
> For example in swat.c:720 the "Edit Parameter Values" string is
> displayd only as "Edit" because value tag is not quoted like:
> value=Edit Parameter Values
> These tags should be quoted though it sometimes works well
> without quotation.
>
>4) modify the msg strings not to contain HTML tags or other
> non-message strings. For example
> dprintf(_("test\n")); is modified to dprintf("%s\n", _("test"));
(This used to be commit 84a0433c528dc1fe8e057ce2def1d11dde5f9b07)
|
|
(This used to be commit b6433f5db77a1d62309946c6f23c18c6c299d0c5)
|
|
* set version string to "CVS 3.1.0alpha1"
(This used to be commit c6a61ffcbd0c95afd94bd33fd832b24bc8209de5)
|
|
(This used to be commit b5c5a9dc76c7584047e6ad8e7063b2da348e67d7)
|
|
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
|
|
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
|
|
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE
(This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
|
|
* quit obsessing over the sequence number so much
* share the updated sequence number between parent
and child winbindd processes in dual mode
(This used to be commit 6fb5bdb30e2b1341ba600ce0dfd397394f7a831c)
|
|
(This used to be commit a1326ea34831bf49942f7bcb954999091c3ea820)
|
|
(This used to be commit 6138093aa0ded3719f73ed3efbd7172131ca0fa3)
|
|
(This used to be commit 7daf5f004273156ae263129b847c601b210f4fdb)
|
|
(This used to be commit 09eb02cba0747ae47aa4a76f4fac69af293a774a)
|
|
(This used to be commit 16302b080a572a1cb0983f5044a7ebf51cdf2fa3)
|
|
make idmap not map SIDs outside the uid/gid range defined by default
this is to keep backward compatibility
(This used to be commit bec45093c379915082d7b7f44113f5c17110d123)
|
|
smb.conf parameters along with some other small fixes. Binary
compatible with older modules.
(This used to be commit aa07b12fda732ca19d8dc41cebc7bb09e2549a30)
|
|
(This used to be commit 540bb996766fc11fe0f26b708d49c2e46d2abbdd)
|
|
(This used to be commit c95a4a5aeb53cc401a7b43633f2a8cc006b1fd00)
|
|
Volker
(This used to be commit e99a40a711fad336305bc06beb62ba5668d0ed78)
|
|
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing platforms
different from NT4SP6.
Volker
(This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
|
|
(This used to be commit e46177acecef375aaea35704a513d9e7f8bf04a8)
|
|
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG
as I found out later :-)
It adds a new parameter: server schannel = yes/auto/no defaulting to
auto.
What does this mean to the user: No requireSignOrSeal registry patch
for XP anymore.
Many thanks for this code to Luke Leighton, Elrond and anybody else I
forgot to mention.
My next thing will be to see if this applies cleanly to 3_0.
Please test and comment!
Volker
(This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
|
|
includes a --with-idmap=no switch to disable idmap usage if you find
problems.
cosmetic fixes and param aliases to separate winbind from idamp roles.
A temporarily remote idmap winbind compatibility backend.
As I have time I will further change code to not call directly winbind
(partly done but not tested) and a specilized module will be built in place
for the current glue hack.
The patch has been tested locally in my limited time, the patch is simple and
clear and should not reserve problems, if any just disable it.
As usual, comments and fisex are welcome :-)
Simo.
(This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
|
|
* Remove 'ldap del only sam attr' after asking Lars Mueller from SuSE first.
It is replaced by 'ldap delete dn'
* Fix a typo in docs.
* Document 'set primary group script'. Alexander, could you check the
file in smbdotconf/ please? Thanks.
Volker
(This used to be commit f0a32b9c1bdec504ec285486adc05936547f6dc5)
|
|
for the 'ldap del only sam attr' functionality. So
we are compatiple to the current SuSE patches as well
as to TNG... ;-)
Volker
(This used to be commit 353309e2a3bc27e918bd0a6cf22833d57895fbc8)
|
|
Andrew Bartlett
(This used to be commit fb680f610ceb9a0f350c99456cf7ab1a507543fe)
|
|
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
Andrew Bartlett
(This used to be commit a7eba37aadeb0b04cb1bd89deddb58be8aba825c)
|
|
This patch is heavily based on a patch by SuSE. Thanks
to Guenther Deschner <gd@suse.de> for providing it.
Volker
(This used to be commit 5eaf9195eefda5ababba85cc0f6d581ff6f0f454)
|
|
rather than a runtime-parsed string.
Andrew Bartlett
(This used to be commit 3465cd6cd92c39c018979b5a82acbddca0927623)
|