Age | Commit message (Collapse) | Author | Files | Lines |
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
|
|
Guenther
|
|
strlcpy.
|
|
Guenther
|
|
Guenther
|
|
source3/lib/username.c
Guenther
|
|
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Guenther
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.
Guenther
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
Guenther
|
|
Guenther
|
|
passdb.
pdb_{get,set}_comment were already existing in the API but were never used.
Guenther
|
|
|
|
|
|
Guenther
|
|
This patch changes the way smbpasswd behaves when adding/deleting users.
smbpasswd now calls pdb_create_user/pdb_delete_user, this means that if
add/delete user scripts are configured then they are used to create or
delete unix users as well. If the scripts are not defined the behavioris
unchanged.
This also allow to use smbpasswd -a/-x with ldapsam:editposix to allow
automatic creation/deletion of users.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
It is not used anywhere else, so make it also static and remove
it from proto.h
|
|
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
|
|
Guenther
|
|
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain
This partially reverts d8c54fdd
|
|
After a lot of testing against various Windows servers (W2K, W2K3, W2K8),
within an AD domain it seems that unknown domains will only be translated
to the local account domain, not the netbios name of the member server's
domain. This makes samba act more like Windows.
|
|
|
|
The upgrade is required because of the followin TDBSAM_VERSION
upgrade.
metze
|
|
This marshalling isn't specific to tdbsam and it's
ugly to have the related functions in two different files.
metze
|
|
attribute warn_unused_result"
Jeremy.
|
|
talloc_autofree_context() instead of NULL.
Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting
to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should
be deleted when their parent context is deleted, so freeing them at some arbitrary point later
will be a double-free.
Jeremy.
|
|
|
|
This combined check has been replaced by is_dc_trusted_domain_situation()
which does not check for lp_allow_trusted_domains().
Michael
(This used to be commit 0a24c038b7bc6edef0021eb121a072cc7e8f9165)
|
|
Before fetching legacy password hash, check for trusted domain situation,
but also fail if trusted domain support is not enabled.
Michael
(This used to be commit aa1b8287f44f47f23bd4158112d0a132df04426c)
|
|
Michael
(This used to be commit 5f197c659e9c8a573ba5032c7f90c816df45770c)
|
|
(but trusted domain situation was found)
This completes the fix for bugs #5425 and #5451 by Steven Dannemann,
in that now no special cases are left uncovered.
Michael
(This used to be commit 0b26bcd3becb869319bca48bbf244c18b6e8e3dd)
|
|
This is like is_trusted_domain_situation() except that it does not
check for lp_allow_trusted_domains().
Michael
(This used to be commit a284c8843528972904d142b573f1170a08c97751)
|
|
looking up trust credentials in our tdb.
commit fd0ae47046d37ec8297396a2733209c4d999ea91
Author: Steven Danneman <sdanneman@isilon.com>
Date: Thu May 8 13:34:49 2008 -0700
Use machine account and machine password from our domain when
contacting trusted domains.
(This used to be commit 69b37ae60757075a0712149c5f97f17ee22c2e41)
|
|
Guenther
(This used to be commit 92fca97951bf7adf8caaeabdaff21682b18dd91f)
|
|
Guenther
(This used to be commit e1bcb7d82f22810e342a18aacbcfe49c3902bcb4)
|
|
I very much doubt that this is called enough to justify a global. If this turns
out to be a hot code path, we might reconsider :-)
(This used to be commit 5223d18ea2d891418a0f833f58cc3502cb26ce03)
|
|
Michael
(This used to be commit 0a9874c1c76c0ccc71caba7ee85a0ee1a91808c5)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
Michael
(This used to be commit b2e12365b56f24586a7dfcb845f4de51f0b0e7d5)
|
|
Michael
(This used to be commit 0cde7ac9cb39a0026a38ccf66dbecefc12931074)
|
|
get_trust_pw() just now computes the md4 hash of the result of
get_trust_pw_clear() if that was successful. As a last resort,
in the non-trusted-domain-situation, get_trust_pw() now tries to
directly obtain the hashed version of the password out of secrets.tdb.
Michael
(This used to be commit 4562342eb84e6fdcec15d8b7ae83aa146aabe2b7)
|
|
Up to now each caller used its own logic.
This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.
I hope I have not missed an important point here!
Michael
(This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f)
|