Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 84913caebdb461fed2c94fadfa0039b32a83cb6d)
|
|
this is
what svn is for.
The idea is that we fall back to a pure unix user with S-1-22 SIDs in the
token in case anything weird is going on with the 'force user'.
Volker
(This used to be commit 9ec5ccfe851ac8a1f88b88c8c8461a5cf75b4c57)
|
|
Jeremy.
(This used to be commit 5c5ea3152f8dbdfd7717b65e035191ffed3ec548)
|
|
'valid users = +unixgroup' failed with smbpasswd if 'unixgroup' has a
(non-algorithmic) group mapping.
Thanks a lot!
People out there listening, please test current code, this release is
**BIG**
:-)
Volker
(This used to be commit 8f9ba5f96c9b506623ef97b7ed3d84f39d914a3c)
|
|
cache.
Jeremy.
(This used to be commit da26565a2e85dc36b283f6b81378a706f3ae5f26)
|
|
to stay.
Volker
(This used to be commit 898948d65409e5b63937fbd8050be04ac81df05d)
|
|
Volker
(This used to be commit ae9614ce019e25fb29dad8429d93f3140c2f84ad)
|
|
Volker
(This used to be commit dbdb8bdb9993b0136322530f0b8462bb9477dbf1)
|
|
(This used to be commit faf1d832a1b4c59e36814d560bdc5e9838309ca2)
|
|
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
char *,
use a temporary talloc_ctx for clarity.
Volker
(This used to be commit b15815c804bf3e558ed6357b5e9a6e3e0fac777f)
|
|
build farm
reacts :-)
Volker
(This used to be commit 9f99d04a54588cd9d1a1ab163ebb304437f932f7)
|
|
lookup_builtin_rid.
Volker
(This used to be commit bc8836d5d7361041ce935f65bf2d172e1eb43299)
|
|
static.
One long overdue simplification: Change local_lookup_sid to local_lookup_rid
its responsible for "our" domain only, in fact it checked for it.
Volker
(This used to be commit 35ba5e083cddfa5ddba5ad84233262fadfbe87b2)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
(This used to be commit 10606be0509743b1acfcafbf826b1a02765db158)
|
|
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
This fixes Bugzilla #1076 and Exchange 5.5 SP4 can then be finally
installed on NT4 in a samba-controlled domain.
Guenther
(This used to be commit bb191c1098dea06bf2cd89276c74e32279fbb3d4)
|
|
Guenther
(This used to be commit 906d5f88aabf091ee273e0ed9c3d2947b22c5390)
|
|
Samba 3.0.4.
If we fail a query for the members of the 'administrators' group (and we may well just have the IDL wrong), this destroys later parts of the domain logon process.
For reasons I can't understand, the client-side 'heck, what happened'
bailout causes the connection to the DC to be dropped, and causes the
mandetory profile not to be loaded. (This also only occours after a reboot)
Return the members of 'administrators', and it all works fine.
The reason we hit this is because we run winbindd (to support
pam_winbind) on our DC, and the winbindd lookup in sid_to_gid was
messing things up. As we don't care what type of thing this is,
provided it exists in the group mapping db, we should not bother
winbindd here.
Andrew Bartlett
(This used to be commit d626b5c6d401e72296cf570e50f324c145fd70e0)
|
|
(This used to be commit aa220cffa7b3507452ffed51c048333c7cde0ca2)
|
|
A windows DC does not reply to DCNAME\\Administrator, only to
DOMAIN\\Administrator. Fix that.
Without winbind we are wrong as domain members, we should forward the request
DOMAIN\\Username to the DC on behalf of the asking client. Winbind fixes that
nicely.
Volker
(This used to be commit 7ed61edbbedbdee25f750aa30c13479764aa1af2)
|
|
UNIX entity foo to DOMAIN\foo instead of SERVER\foo
on members of a Samba domain when all UNIX accounts
are shared via NIS, et. al.
* allow winbindd to match local accounts to domain SID
when 'winbind trusted domains only = yes'
* remove code in idmap_ldap that searches the user
suffix and group suffix. It's not needed and
provides inconsistent functionality from the tdb backend.
This has been tested. I'm still waiting on some more feedback
but This needs to be in 3.0.1pre2 for widespread use.
(This used to be commit ee272414e9965d7d550ba91d4e83997134dd51e6)
|
|
pam_smbpass.so will load ok. Had to move some functions around to work
around dependency problems (hence the new passdb/lookup_sid.c)
Also make sure that libsmbclient.a is built and installed when
we support shared libraries.
(This used to be commit 780055f4422f11fb0524ac1f003cdc5f317f8b19)
|