Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch removes 'non unix account range' (same as idra's change in HEAD),
and uses the winbind uid range instead.
More importanly, this patch changes the LDAP schema to use 'ntSid' instead
of 'rid' as the primary attribute. This makes it in common with the group
mapping code, and should allow it to be used closely with a future idmap_ldap.
Existing installations can use the existing functionality by using the
ldapsam_compat backend, and users who compile with --with-ldapsam will get
this by default.
More importantly, this patch adds a 'sambaDomain' object to our schema -
which contains 2 'next rid' attributes, the domain name and the domain sid.
Yes, there are *2* next rid attributes. The problem is that we don't 'own'
the entire RID space - we can only allocate RIDs that could be 'algorithmic'
RIDs. Therefore, we use the fact that UIDs in 'winbind uid' range will be
mapped by IDMAP, not the algorithm.
Andrew Bartlett
(This used to be commit 3e07406ade81e136f67439d4f8fd7fe1dbb6db14)
|
|
parameters. Does not break binary compatibility with older modules.
(This used to be commit 147c4d56d873a20a49194c5b036a3694299b1b48)
|
|
(This used to be commit 80f2790eb9c1382c91e5e2668f3b8d82c220ce51)
|
|
a pstrcpy/fstrcpy or at most a safe_strcpy().
These have the advantage of being compiler-verifiable.
Get these out of the way, along with a rewrite of 'get_short_archi' in the
spoolss client and server. (This pushes around const string pointers, rather
than copied strings).
Andrew Bartlett
(This used to be commit 32fb801ddc035e8971e9911ed4b6e51892e9d1cc)
|
|
This includes the 'SIDs Rule' patch, mimir's trusted domains cacheing code,
the winbind_idmap abstraction (not idmap proper, but the stuff that held up
the winbind LDAP backend in HEAD).
Andrew Bartlett
(This used to be commit d4d5e6c2ee6383c6cceb5d449aa2ba6c83eb0666)
|
|
global_myname(), always either the name the client called us, or if they
didn't call us anything useful, our IP address.
Jerry, can you check this?
Andrew Bartlett
(This used to be commit 599e70bffbae9930b949c9b82cbc8dfc7c966d78)
|
|
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.
This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.
Andrew Bartlett
(This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
|
|
well now)
(This used to be commit 6220068d48f1fc5c85ff68a791e4e34e92cb4a0a)
|
|
(This used to be commit 3a99e5a2dbc88a2234ca08ca1e7b50f14ff9bce9)
|
|
- init_modules()
- smb_probe_module()
(This used to be commit b3328dab2fa069af300b4076695bf6c359501111)
|
|
Volker
(This used to be commit eef7db25ec786d4448915b08487b14b69b88ce64)
|
|
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing against platforms
different from NT4SP6.
Volker
(This used to be commit eaef0d8aeff1aa5a067679be3f17e08d7434e1e8)
|
|
No more XP requiresignorseal anymore!
Thanks again to Luke :-)
Volker
(This used to be commit 6b2b55901d66cab0c0c0c90bd0585c870be6e468)
|
|
* Remove 'ldap del only sam attr' after asking Lars Mueller from SuSE first.
It is replaced by 'ldap delete dn'
* Fix a typo in docs.
* Document 'set primary group script'.
Volker
(This used to be commit 0be502a9c09ff319c87394bb36665be9731c23bb)
|
|
This adds 'ldap delete dn' as the recommended parameter
for the 'ldap del only sam attr' functionality. So
we are compatiple to the current SuSE patches as well
as to TNG... ;-)
Volker
(This used to be commit 53b5704ff21de6fce097d74dd7f235d3ceccec66)
|
|
(This used to be commit 8315b9c3119dde62aeb72ad5e20f63aee89abd0b)
|
|
Small clenaup patches:
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
- connection.c - use safe_strcpy()
Andrew Bartlett
(This used to be commit c91e76bddbe1244ddc8d12b092eba875834029ac)
|
|
- pdb_guest (including change defaults)
- 'default' passdb actions (instead of 'not implemented' stubs in each module)
- net_rpc_samsync no longer assumes pdb_unix
Andrew Bartlett
(This used to be commit 4bec53c8c81019f0f06a93c4df0800bbf7281dd6)
|
|
Volker
(This used to be commit f42032060812e9bf409042c790e71fefb40ff17a)
|
|
Jeremy.
(This used to be commit 478a5c654a6d2765b726e9a8ef64af7716cb56c0)
|
|
(This used to be commit 533fe94db95fbb819b35251d9832c925584b7eca)
|
|
Yes I will add the docs....
Jeremy.
(This used to be commit e1b0001c8df9e9823b42a372ca675188570b252a)
|
|
(This used to be commit 68d34711279aa5959778974018df77726b915858)
|
|
- new kerberos code, allowing the account to change it's own password
without special SD settings required
- NTLMSSP client code, now seperated from cliconnect.c
- NTLMv2 client code
- SMB signing fixes
Andrew Bartlett
(This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
|
|
(This used to be commit 0104e80637fbf1cfa614043577376a073d717e94)
|
|
and probably SWAT too..
Andrew Bartlett
(This used to be commit 1df808ac8931979000d681bd086399ef306873b6)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
another share, and when clients connect to the first share, they will be
redirected to the proxied share.
(This used to be commit 514f548b183b73e1970989d47fb9e6a87e440748)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
|
|
(This used to be commit 1f2622f5ccae3ac2102a736cdc60b44d5aad5b07)
|
|
Jeremy.
(This used to be commit faf89f214f326bc07f728b354062b2287cda1208)
|
|
(This used to be commit 8b156ed0db3e54aa3265a2579e72c50c39b5beef)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
(This used to be commit 373f8bcd29fec254a563161d9d0897ad810ef682)
|
|
This hopefully provides a peformance boost by not hitting getpwnam() for every
entry in an enumeration, instead reteriving entries directly (if available).
idra has reviewed this patch.
Andrew Bartlett
(This used to be commit 8abe71c4d7a796001c5765f4dd88c2e6f5637802)
|
|
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
|
|
This is not 100% the same as what SuSE shipped in their Samba, there is
a crash bug fix, a race condition fix, and a few logic changes I'd like to
discuss with Andreas. Added Andreas to (C) notices for posix_acls.c
Jeremy.
(This used to be commit 40eafb9dde113af9f7f1808fda22908953f7e8c3)
|
|
Jeremy.
(This used to be commit 83261f43326ae65af498399b5c933dfb20df1df7)
|
|
* postscript
* printer driver
* printer driver location
* printer driver file
also removed the get_a_printer_driver_9x_compatible() function
(This used to be commit 743f2b8025effe57d8f075ff14a9357123c507a8)
|
|
Jeremy.
(This used to be commit 0bf7187e3ba57ee2422a0f6f736266a55502123c)
|
|
(This used to be commit 68036f4a415d2d2ad8c27320ae58fee04eee2960)
|
|
Jeremy.
(This used to be commit a09ba463b42893dc50a9d118ee114f55f47cb610)
|
|
MAX_PRINT_JOBS in a queue.
Jeremy.
(This used to be commit 9fe3c0b90d4bff2217e3cb5a34b4683ca314c06e)
|
|
(This used to be commit 5f1dff89be5dca013baed062e631144bacb2067b)
|
|
- Fix segfaults in the 'net ads' commands when no password is provided
- Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the
old options, but the actual code is available on all ldap systems.
- Fix shadow passwords (as per work with vl)
- Fix sending plaintext passwords to unicode servers (again vl)
- Add a bit of const to secrets.c functions
- Fix some spelling and grammer by vance.
- Document the -r option in smbgroupedit.
There are more changes in HEAD, I'm only merging the changes I've been involved
with.
Andrew Bartlett
(This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
(This used to be commit 97eb3a121d33200ee7559b2413d6252efc04ebaf)
|
|
mangling implementation, selectable using "mangling method = " in smb.conf
It also tidies the interface a little, although it is still nasty.
(This used to be commit be23d87a178e7d0691e7d942adf89bb3d2d533c2)
|