Age | Commit message (Collapse) | Author | Files | Lines |
|
consists of a 16 byte salt, followed by the 16 byte MD5 hash of
the concatination of the salt plus the NThash of the historical
password. Allows these to be exposed in LDAP without security issues.
Jeremy.
(This used to be commit 82e4036aaa2d283534a5bd8149857320fcf0d0dc)
|
|
of zero)
leave it locked out until an admin unlocks it (but log a message).
Jeremy.
(This used to be commit 14bd2a9ffc30d55d9737b4819797db8c38b46c66)
|
|
my (C) to a header file that was at least 50% mine :-).
Jeremy.
(This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)
|
|
core dump) but compiles and links correctly. I will run the full set of
tests on the ldap sam and the tdb sam for password history tomorrow.
Jeremy.
(This used to be commit ac846420d0ef2c60d2dc71319b24401c73699249)
|
|
winbind_sid_to_gid. For the consistency check, local_sid_to_gid must set the
name_type it found.
Volker
(This used to be commit 5070c1b68f2add16916ba3135984f6e70bbe42cf)
|
|
types.
Jeremy.
(This used to be commit d97b9146a137d43278f3125bafe8a453da82f4ce)
|
|
use it.
(This used to be commit 5d7ee320cca80558a4b71295ef8b7de02f21554a)
|
|
(This used to be commit b1825184d313b97c7fa232990f60962aa86e7e17)
|
|
get_global_sam_name().
Error case: Adding a domain user to a XP local group did a lsalookupname on
the user without domain prefix, and this then failed.
Jerry: This is a must-fix before 3.0.3.
Volker
(This used to be commit f35e353454b6825da1de138a3f0d8106787e938b)
|
|
(This used to be commit aa220cffa7b3507452ffed51c048333c7cde0ca2)
|
|
(This used to be commit 84fe24e64ee405bb25878c1e5fdf50592eb75f73)
|
|
(This used to be commit 9a79f9fbcb43085e419dbccd670a54256d01cb4b)
|
|
(This used to be commit 600fcd534b6e101b6a12774946b0e9814c6f54a8)
|
|
(This used to be commit 557f598c63f64c1c5b982a9057c0eea2a2ff2ee5)
|
|
(This used to be commit 730c07cac2166812f4a2da5cfba7152d168b2bdd)
|
|
Replace unknown_3 with fields_present. Also causes rpc_samr structure field changes.
(This used to be commit 1976843345efb6ca4f9cebd964a61acd8ae11d41)
|
|
the prototype at the beginning, and change some comments so diffs to HEAD
aren't filled with useless info.
(This used to be commit 7b40f6c464ecbd40ab3fdf32b53da1e61475d2e7)
|
|
Volker
(This used to be commit 6c78a096a5c4a8ae21e846505f6ac2df826d5cbd)
|
|
Volker
(This used to be commit 38c9b775ce029e1d480d89d4adb0d1bd45a28fe6)
|
|
in pdb_encode_acct_ctrl() (All current callers are fine)
Andrew Bartlett
(This used to be commit 01be89eb438567cfe0a002a247fe2d314b01f9da)
|
|
rafal
(This used to be commit 5d7f81eea2f3d9ba59eb549a45de030b0a277263)
|
|
his book.
This prompted me to look at the code that reads the unix group list. This
code did a lot of name -> uid -> name -> sid translations, which caused
problems. Instead, we now do just name->sid
I also cleaned up some interfaces, and client tools.
Andrew Bartlett
(This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
|
|
<appro@fy.chalmers.se>
(This used to be commit ac7a60abf2c465b518a3eb7502fa8eee767c8b22)
|
|
(This used to be commit 9359a6ea80d1228e87ea825a100a2d289c37162d)
|
|
(This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85)
|
|
(not /etc/group) even when doing local aliases
* remove "hide local users" parameter; we have this
behavior built into 3.0
(This used to be commit a7685a069766ac720f0b26fe01b0e17fc388fca3)
|
|
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing)
Andrew Bartlett
(This used to be commit dfd6bef580525cf719988c3a6eaaf47c46542de5)
|
|
Jeremy.
(This used to be commit 8996c51770845d60b41c2c967b030ff30eef1001)
|
|
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
(This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
|
|
Jeremy.
(This used to be commit 82f98b066d345fdac40a584078a19453bda53d5b)
|
|
Jeremy.
(This used to be commit 56df89eff38e4c89defa5fd56bbb6c9d2012f82d)
|
|
This means that %u & %g will no longer expand, but %U
and %G still do. The payback is that winbindd local
accounts for users work with 'wbinfo -u' when winbind
is running on a PDC.
(This used to be commit eb02fcf3c212eee1dc267959f23da5a26c1eac4f)
|
|
algorithm stuff
(This used to be commit f6363aa31aa3479a9566328752ecb4aeadde10b7)
|
|
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
|
|
* bug #280 (my fault) - initialize sambaNextUserRid and
sambaNextGroupRid
* Unix users shared vis LDAP or NIS between a samba domain member
of a Samba domain are not seen as domain users on the member servers.
not as local users.
(This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
|
|
(This used to be commit f6a01f51159ccd822c6e764b7243fff375f22747)
|
|
(This used to be commit 575483a1efe18a90055490117ba6894512ae568a)
|
|
(This used to be commit 4c36ef65e5101899f730adaeacf754f5f3647d89)
|
|
username instead of making up unix_user.##
(This used to be commit b947fc3eed464d7a64914f3965964d29be031614)
|
|
time. )-:
(This used to be commit 59dae1da66a5eb7e128263bd578f167d8746e9f0)
|
|
(This used to be commit ba4d334b822248d8ab929c9568533431603d967e)
|
|
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings
on some of the 64-bit build farm machines as well as help us out when 64-bit
uid/gid/pid values come along.
(This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
|
|
and migrate an NT4 domain and still logon from domain members
(tested logon scripts, system policies, profiles, & home directories)
(passdb backend = tdbsam)
removed call to idmap_init_wellknown_sids() from winbindd.c
since the local domain should be handled by the guest passdb backend
(and you don't really always want the Administrator account to be root)
...and we didn't pay attention to this anyways now.
(This used to be commit 837d7c54d3ca780160aa0d6a2f0a109bb691948e)
|
|
force user = foo)
(This used to be commit 399799c68cbc91cb3908b0d83ee4f51fa3bf3023)
|
|
(This used to be commit a926959391676d69bd7cbaf4ce0be0d3cb715418)
|
|
proved the last patch wrong.
Sorry.
Volker
(This used to be commit d8695eccc7acdee69ca0d0593b56a417f1f89167)
|
|
Volker
(This used to be commit 39308ff138da88c1a4c0958cd4c7a9090261d3d5)
|
|
Still testing this, but I'm checking it in
so Volker can test it as well. Should be right.
(This used to be commit 8edf193722f699cc33baed410917a78a5e28d0a4)
|
|
* move rid allocation into IDMAP. See comments in _api_samr_create_user()
* add winbind delete user/group functions
I'm checking this in to sync up with everyone. But I'm going to split
the add a separate winbindd_allocate_rid() function for systems
that have an 'add user script' but need idmap to give them a RID.
Life would be so much simplier without 'enable rid algorithm'.
The current RID allocation is horrible due to this one fact.
Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow.
Nothing has changed in the way a samba domain is represented, stored,
or search in the directory so things should be ok with previous installations.
going to bed now.
(This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d)
|
|
lookups.
Jeremy.
(This used to be commit 6bd47884030c9c124c4bba1f0d57cb8dd916530d)
|