summaryrefslogtreecommitdiff
path: root/source3/passdb/passdb.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-8/+8
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison1-38/+38
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r7730: Some mergesVolker Lendecke1-22/+4
(This used to be commit 5b4720598b4c7f4af1027a181fbe9c1568e71361)
2007-10-10r6774: Fix 2 memleaksVolker Lendecke1-1/+2
(This used to be commit 6af57d4bae3ee0a28ab12294e813bb37b62e00f5)
2007-10-10r5951: gotta love that SGI compiler :-) (thanks Jason)Gerald Carter1-1/+1
(This used to be commit e84d070275464de43107b6b5910e25ccc3339302)
2007-10-10r5421: Fix a memleakVolker Lendecke1-1/+3
(This used to be commit a7df3b5f06085d55cbf1e491aa606312b87e0448)
2007-10-10r5349: After talking with Jerry, reverted the addition of account policies toGünther Deschner1-8/+8
passdb in 3_0 (they are still in trunk). Guenther (This used to be commit fdf9bdbbac1d8d4f3b3e1fc7e49c1e659b9301b1)
2007-10-10r5337: BUG 1439: make sure to initialize pointer to prevent invalide ↵Gerald Carter1-42/+42
free()'s on exit (This used to be commit a882a349df1488a4d64c892dbd1ec1ee3624ea42)
2007-10-10r5058: Due to the fragileness how windows reacts on unmapped sids sometimes,Günther Deschner1-0/+6
don't leave administator-sid unmapped. Simply return "Administrator" Guenther (This used to be commit 168ddf31d1af49d52d17dd09c9653d3deafb9442)
2007-10-10r4988: After speaking with Jerry, remove old lp_admin_users toGünther Deschner1-14/+0
administrator-sid mapping completely. Guenther (This used to be commit 4cbe37ecd544b01c57c7fce5b3be28669f4ba6c3)
2007-10-10r4964: Fix our lsa lookupsid $OURDOMAINSID-500.Günther Deschner1-14/+15
Give the admin-user (rid 500) a chance to be found in passdb, not returning the (possibly obscure) first entry of "admin users" before that. Guenther (This used to be commit d319c0e189bc67a4552dafaff80113603b551eb3)
2007-10-10r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).Günther Deschner1-8/+8
Does automated migration from account_policy.tdb v1 and v2 and offers a pdbedit-Migration interface. Jerry, please feel free to revert that if you have other plans. Guenther (This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5)
2007-10-10r4860: fix silly limitation in ldapsam and tdbsam. Expand variables in the ↵Gerald Carter1-10/+16
profile path, logon home and logon script values (This used to be commit 504ea4ac68f47b71542a88b17cbb6b546e1cb881)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-3/+3
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3875: Allow to look up at least or own sid in _lsa_lookup_sids.Günther Deschner1-0/+8
This fixes Bugzilla #1076 and Exchange 5.5 SP4 can then be finally installed on NT4 in a samba-controlled domain. Guenther (This used to be commit bb191c1098dea06bf2cd89276c74e32279fbb3d4)
2007-10-10r3563: During a typical logon a modern workstation makes a lot of anonymous ↵Volker Lendecke1-0/+22
session setups on its way to open a pipe. This gets rid of many round-trips to the LDAP server during logon by setting up the server_info_guest once and not asking the LDAP server and nss every time. Make sure that the ldap connection is reopened in the child. (I did not look at the sql backends.) Volker (This used to be commit 3298f6105e6a88c9390cac02245c8f2eee1e5046)
2007-10-10r1906: Revert lukeh's change for primary uid/gid change. This creates a ↵Volker Lendecke1-19/+7
recursion loop between uid_to_sid -> getsampwnam -> uid_to_sid. It needs further inspection. Volker (This used to be commit 67d8bc48531dd1a7d9b5db93f7d71f920a27e8fb)
2007-10-10r1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly useJeremy Allison1-7/+19
uid_to_sid() and gid_to_sid() in pdb_set_sam_sids(). Jeremy. (This used to be commit dae084d7134ae3f532861210907cd252d0001c9b)
2007-10-10r1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" asJeremy Allison1-33/+26
that's what it actually does, and "fallback_" is just confusing. Jeremy. (This used to be commit f44b4ba38147e353716c02c899bd45beaf71e6ad)
2007-10-10r1810: Patch from Richard Renard <rrenard@idealx.com> to storeJeremy Allison1-0/+51
logon hours attributes in an LDAP database. Jeremy. (This used to be commit dac72638fb3a05e805136698e0ad0612620ac8af)
2007-10-10r1661: Changed the password history format so that each history entryJeremy Allison1-6/+8
consists of a 16 byte salt, followed by the 16 byte MD5 hash of the concatination of the salt plus the NThash of the historical password. Allows these to be exposed in LDAP without security issues. Jeremy. (This used to be commit 82e4036aaa2d283534a5bd8149857320fcf0d0dc)
2007-10-10r1539: If a account was locked out by an admin (and has a bad password count ↵Jeremy Allison1-6/+19
of zero) leave it locked out until an admin unlocks it (but log a message). Jeremy. (This used to be commit 14bd2a9ffc30d55d9737b4819797db8c38b46c66)
2007-10-10r1412: Fix password history list in tdbsam. Fix some memory leaks. AddJeremy Allison1-4/+19
my (C) to a header file that was at least 50% mine :-). Jeremy. (This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)
2007-10-10r1392: Added password history code to tdbsam backend. Not yet tested (ie. mayJeremy Allison1-385/+383
core dump) but compiles and links correctly. I will run the full set of tests on the ldap sam and the tdb sam for password history tomorrow. Jeremy. (This used to be commit ac846420d0ef2c60d2dc71319b24401c73699249)
2007-10-10r989: Calling sid_to_gid from within winbind makes no sense, as this callsVolker Lendecke1-0/+1
winbind_sid_to_gid. For the consistency check, local_sid_to_gid must set the name_type it found. Volker (This used to be commit 5070c1b68f2add16916ba3135984f6e70bbe42cf)
2007-10-10r801: Fix from "Jianliang Lu" <j.lu@tiesse.com> to return correct groupJeremy Allison1-10/+8
types. Jeremy. (This used to be commit d97b9146a137d43278f3125bafe8a453da82f4ce)
2007-10-10r505: Break out algorithmic_gid_to_sid so that those of us who need it can ↵Richard Sharpe1-3/+19
use it. (This used to be commit 5d7ee320cca80558a4b71295ef8b7de02f21554a)
2007-10-10r501: Fix a small cut-n-pasteo ...Richard Sharpe1-1/+1
(This used to be commit b1825184d313b97c7fa232990f60962aa86e7e17)
2007-10-10r316: Fix split_domain_name. This defaulted to get_myname() instead ofVolker Lendecke1-13/+0
get_global_sam_name(). Error case: Adding a domain user to a XP local group did a lsalookupname on the user without domain prefix, and this then failed. Jerry: This is a must-fix before 3.0.3. Volker (This used to be commit f35e353454b6825da1de138a3f0d8106787e938b)
2004-03-31Apply some constVolker Lendecke1-1/+1
(This used to be commit aa220cffa7b3507452ffed51c048333c7cde0ca2)
2004-02-20handle both 0 and -1 as disabling reset count and lockout durationJim McDonough1-4/+4
(This used to be commit 84fe24e64ee405bb25878c1e5fdf50592eb75f73)
2004-02-19Clean up bad pw count and autolock flag update fn()sJim McDonough1-79/+95
(This used to be commit 9a79f9fbcb43085e419dbccd670a54256d01cb4b)
2004-02-19Add bad pw count and autolock flag update fn()sJim McDonough1-2/+127
(This used to be commit 600fcd534b6e101b6a12774946b0e9814c6f54a8)
2004-02-19Add functions to get/set bad password timeJim McDonough1-1/+2
(This used to be commit 557f598c63f64c1c5b982a9057c0eea2a2ff2ee5)
2004-02-13Move tdbsam versioning/upgrade code into 3.0Jim McDonough1-15/+445
(This used to be commit 730c07cac2166812f4a2da5cfba7152d168b2bdd)
2004-02-12More sync between passdb on 3.0 and HEAD.Jim McDonough1-6/+6
Replace unknown_3 with fields_present. Also causes rpc_samr structure field changes. (This used to be commit 1976843345efb6ca4f9cebd964a61acd8ae11d41)
2004-02-12Start of merging HEAD changes. Right now, just move one fn() to eliminateJim McDonough1-67/+63
the prototype at the beginning, and change some comments so diffs to HEAD aren't filled with useless info. (This used to be commit 7b40f6c464ecbd40ab3fdf32b53da1e61475d2e7)
2004-02-09And another build fix.Volker Lendecke1-2/+2
Volker (This used to be commit 6c78a096a5c4a8ae21e846505f6ac2df826d5cbd)
2004-02-09Fix the build & get rid of a compiler warning.Volker Lendecke1-0/+3
Volker (This used to be commit 38c9b775ce029e1d480d89d4adb0d1bd45a28fe6)
2004-02-08Add static, and assert that we will never overflow the static fstringAndrew Bartlett1-1/+4
in pdb_encode_acct_ctrl() (All current callers are fine) Andrew Bartlett (This used to be commit 01be89eb438567cfe0a002a247fe2d314b01f9da)
2004-01-07Typo fix.Rafal Szczesniak1-1/+1
rafal (This used to be commit 5d7f81eea2f3d9ba59eb549a45de030b0a277263)
2004-01-02JHT came up with a nasty (broken) torture case in preparing examples forAndrew Bartlett1-1/+1
his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name->sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
2003-12-11Fix uninitialized variable in passdb code. Reported by Andy Polyakov ↵Alexander Bokovoy1-1/+1
<appro@fy.chalmers.se> (This used to be commit ac7a60abf2c465b518a3eb7502fa8eee767c8b22)
2003-12-10more group lookup access fixes on the neverending bug 281Gerald Carter1-6/+16
(This used to be commit 9359a6ea80d1228e87ea825a100a2d289c37162d)
2003-11-24more access fixes for group enumeration in LDAP; bug 281Gerald Carter1-3/+14
(This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85)
2003-11-17* make sure we only enumerate group mapping entriesGerald Carter1-14/+0
(not /etc/group) even when doing local aliases * remove "hide local users" parameter; we have this behavior built into 3.0 (This used to be commit a7685a069766ac720f0b26fe01b0e17fc388fca3)
2003-10-10Match Samba 2.2, and make ACB_NORMAL the default ACB value.Andrew Bartlett1-0/+7
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing) Andrew Bartlett (This used to be commit dfd6bef580525cf719988c3a6eaaf47c46542de5)
2003-10-03Typo in error message.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 8996c51770845d60b41c2c967b030ff30eef1001)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison1-7/+13
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
2003-09-18Oops. Proper fix for #470.Jeremy Allison1-18/+20
Jeremy. (This used to be commit 82f98b066d345fdac40a584078a19453bda53d5b)