| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri May 4 20:32:37 CEST 2012 on sn-devel-104
|
|
|
|
There is no need to call pdb_set_pass_must_change_time() because
nothing ever consults that value. It is always calculated from the
domain policy.
Also, this means we no longer store the value in LDAP. The value
would only ever be set when migrating from tdbsam or smbpasswd, not on
password changes, so would become incorrect over time.
Andrew Bartlett
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 12 19:28:12 CEST 2011 on sn-devel-104
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);
and replace with their _m equivalents, as they are identical.
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
|
|
Guenther
|
|
strlcpy.
|
|
Guenther
|
|
Guenther
|
|
source3/lib/username.c
Guenther
|
|
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Guenther
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.
Guenther
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
Guenther
|
|
Guenther
|
|
passdb.
pdb_{get,set}_comment were already existing in the API but were never used.
Guenther
|
|
|
|
|
|
Guenther
|
|
This patch changes the way smbpasswd behaves when adding/deleting users.
smbpasswd now calls pdb_create_user/pdb_delete_user, this means that if
add/delete user scripts are configured then they are used to create or
delete unix users as well. If the scripts are not defined the behavioris
unchanged.
This also allow to use smbpasswd -a/-x with ldapsam:editposix to allow
automatic creation/deletion of users.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
It is not used anywhere else, so make it also static and remove
it from proto.h
|
|
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
|
|
Guenther
|
|
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain
This partially reverts d8c54fdd
|
|
After a lot of testing against various Windows servers (W2K, W2K3, W2K8),
within an AD domain it seems that unknown domains will only be translated
to the local account domain, not the netbios name of the member server's
domain. This makes samba act more like Windows.
|
|
|
|
The upgrade is required because of the followin TDBSAM_VERSION
upgrade.
metze
|
|
This marshalling isn't specific to tdbsam and it's
ugly to have the related functions in two different files.
metze
|
|
attribute warn_unused_result"
Jeremy.
|
|
talloc_autofree_context() instead of NULL.
Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting
to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should
be deleted when their parent context is deleted, so freeing them at some arbitrary point later
will be a double-free.
Jeremy.
|
|
|
|
This combined check has been replaced by is_dc_trusted_domain_situation()
which does not check for lp_allow_trusted_domains().
Michael
(This used to be commit 0a24c038b7bc6edef0021eb121a072cc7e8f9165)
|
|
Before fetching legacy password hash, check for trusted domain situation,
but also fail if trusted domain support is not enabled.
Michael
(This used to be commit aa1b8287f44f47f23bd4158112d0a132df04426c)
|
|
Michael
(This used to be commit 5f197c659e9c8a573ba5032c7f90c816df45770c)
|
|
(but trusted domain situation was found)
This completes the fix for bugs #5425 and #5451 by Steven Dannemann,
in that now no special cases are left uncovered.
Michael
(This used to be commit 0b26bcd3becb869319bca48bbf244c18b6e8e3dd)
|
|
This is like is_trusted_domain_situation() except that it does not
check for lp_allow_trusted_domains().
Michael
(This used to be commit a284c8843528972904d142b573f1170a08c97751)
|
|
looking up trust credentials in our tdb.
commit fd0ae47046d37ec8297396a2733209c4d999ea91
Author: Steven Danneman <sdanneman@isilon.com>
Date: Thu May 8 13:34:49 2008 -0700
Use machine account and machine password from our domain when
contacting trusted domains.
(This used to be commit 69b37ae60757075a0712149c5f97f17ee22c2e41)
|
|
Guenther
(This used to be commit 92fca97951bf7adf8caaeabdaff21682b18dd91f)
|
|
Guenther
(This used to be commit e1bcb7d82f22810e342a18aacbcfe49c3902bcb4)
|
