summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2003-10-30If nothing to do, return success. Fix from Aur?lien Degr?mont ↵Jeremy Allison1-1/+1
<adegremont@idealx.com> Jeremy. (This used to be commit a92555e6060294afcfecc075bfac5c836f150b01)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-1/+1
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-09Merge from 3.0:Tim Potter1-1/+1
>Make pdb_ldap.c compile with SUN iPlanet headers. Whether this works will be >tested soon, but this fix is somewhat obvious. > >Volker (This used to be commit e4551b3d7f85bf39778a1de952eaa370bc3716e3)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison1-1/+19
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
2003-09-15Merge from Samba 3.0:Tim Potter1-267/+226
>remove getpwnam() calls from init_sam_from_xxx(). >This means that %u & %g will no longer expand, but %U >and %G still do. The payback is that winbindd local >accounts for users work with 'wbinfo -u' when winbind >is running on a PDC. >Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting >to/from utf8 for some calls. The libads code gets this right. Wonder why >the passdb code doesn't use it ? >Jeremy. (This used to be commit 1e60bbff70efe3b5c306bc1ef560ee8032b1a852)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter1-4/+17
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce1-27/+33
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-1843/+436
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-05-28Merge of cut and paste fix from 3.0Tim Potter1-3/+3
(This used to be commit 34a0c7313a12d581e9aaf08322b105216cc94478)
2003-05-27cut-n-paste errorGerald Carter1-1/+1
(This used to be commit 1f02ca540dff5366a1ad2e8a98b626635a8e9018)
2003-05-27fix bug 118; replace hard coded 'next[User|Group]Rid' attribute namesGerald Carter1-6/+8
(This used to be commit dc18ffcc5a215975a90232374a84ffbe6b6903ea)
2003-05-22fix bug #108; sambaSambaAccount string attributes are case insensitive; ↵Gerald Carter1-1/+4
don't try to change a string that only differs in case (This used to be commit 60c6bc9883b4b969626da85af834362ca2bfcd54)
2003-05-14readding reverted changes during idmap merge (noticed by Andrew b.)Gerald Carter1-16/+33
(This used to be commit d9fd4b8be36b0175d68f9b3c3200dbb03df64c76)
2003-05-14fix group mapping in LDAP under new schemaGerald Carter1-35/+61
(This used to be commit 59328b8c8add974c7edaeecdf8eac0fb0d328fc2)
2003-05-14syncing LDAP schema changes with Samba_3_0Gerald Carter1-292/+802
(This used to be commit a1326ea34831bf49942f7bcb954999091c3ea820)
2003-05-14Fix pointer return bug in get_unix_attributes()Tim Potter1-1/+1
(This used to be commit 04e2fe104dfa4508b59276ecd7bee201d453462e)
2003-05-14spellingTim Potter1-2/+2
(This used to be commit 6097b050d082c7c88dca5416389617306e6dab0c)
2003-05-12Fix compiler warnings.Jeremy Allison1-1/+0
Jeremy. (This used to be commit e12934c67b6aea9e3e449009e159ce6814dcbd11)
2003-05-12fixing typos in debug statementsGerald Carter1-1/+1
(This used to be commit bd660f45df4df686f58a181f002ca1d88e7c1015)
2003-04-29This is a nice rewrite:Simo Sorce1-44/+12
SAM_ACCOUNT does not have anymore uid and gid fields all the code that used them has been fixed to use the proper idmap calls fix to idmap_tdb for first time idmap.tdb initialization. auth_serversupplied_info structure has now an uid and gid field few other fixes to make the system behave correctly with idmap tested only with tdbsam, but smbpasswd and nisplus should be ok have not tested ldap ! (This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
2003-04-29Merge Samba 3.0 pdb_ldap from 3.0 into HEAD, so as to allow idra to continueAndrew Bartlett1-412/+1591
his IDMAP work. This version also works properly (the HEAD version had suffered from bitrot), and should be a good basis to change into the new IDMAP rules. It also includes UTF8 conversions. Included also are the schema changes, and a note about the now very old scripts in examples/LDAP (they don't work for this, or even the previous schema). Andrew Bartlett (This used to be commit 38a8f2b23a12f6a964d447f7904dd722a1ca046c)
2003-04-28Use NTSTATUS as return value for smb_register_*() functions and init_module()Jelmer Vernooij1-3/+2
function. Patch by metze with some minor modifications. (This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
2003-04-27prepare to get _nua out of the door (but back in from the window ;-)Simo Sorce1-25/+7
(This used to be commit 09eb02cba0747ae47aa4a76f4fac69af293a774a)
2003-04-16This code is no longer referenced - moved to the new libsmb/ldap.cAndrew Bartlett1-62/+0
Andrew Bartlett (This used to be commit c98bbc750773f7c49dbb1e69a5936f52416dd51c)
2003-04-09Fix double free on error and typoJelmer Vernooij1-2/+1
(This used to be commit 84b116f9c007c0f933af82462dff4324ffa53f0f)
2003-04-03The ldap idmap backend from Anthony Liguori (aliguori@us.ibm.com):Jim McDonough1-703/+94
This patch moves the ldap routines out of passdb into a generic library and implements an LDAP backend for IDMAP. THe backend can be enabled with "idmap backend = ldap" in smb.conf. THere are also schema changes to make sure to update teh ldap schema files. (This used to be commit 87c7c582c60521da3a93d997386fe79935012aea)
2003-04-02Fix a crash bug if LDAP doesn't fill in ld_error.Andrew Bartlett1-18/+18
Andrew Bartlett C VS: ---------------------------------------------------------------------- (This used to be commit d84a3fc522a588bdcd36cb86df304572947a456a)
2003-03-30This fixes group updates in LDAP the same way as user updatesVolker Lendecke1-77/+98
are handled, though we assume that always everything needs to be updated in LDAP. PDB_IS_* is not done yet for groups. Do we need it? Volker (This used to be commit 409a26282f8fcbd583a85df40c70b504eac26f6e)
2003-03-28Merge from HEAD - get better error strings from the ldap server in pdb_ldap.Andrew Bartlett1-11/+38
Andrew Bartlett (This used to be commit 5dc29b10b08658178133aee7b4c47197fadc533a)
2003-03-27This is no functional change. It just makes pdb_ldap.c a bitVolker Lendecke1-24/+50
easier to understand by moving the logic for init_ldap_from_sam and friends around. Volker (This used to be commit 124c80facba364033f72b20660f347390effba59)
2003-03-25Apply metze's change correctly this time. Playing 'patch' byVolker Lendecke1-6/+6
hand can be somewhat error-prone.. Volker (This used to be commit 12fabd07148c21f5481cb750f1cfdab2e8112e4b)
2003-03-23Implement abartlet's suggestion to add attribs to ldap if theyVolker Lendecke1-24/+30
are 'SET' when adding the account. I really don't like passing flags down to inner routines and complicated if/else conditions, but this time he might be right. ;-) Volker (This used to be commit 80d2578108da14f60133df3a308b867beb27e920)
2003-03-23This adds 'ldap delete dn' as the recommended parameterVolker Lendecke1-2/+2
for the 'ldap del only sam attr' functionality. So we are compatiple to the current SuSE patches as well as to TNG... ;-) Volker (This used to be commit 353309e2a3bc27e918bd0a6cf22833d57895fbc8)
2003-03-23Metzes change:Volker Lendecke1-4/+10
> Hi Volker, > > if 'displayName' is not available we should fallback to 'cn' for map->nt_name > 'cn' is used as unix group name by nss_ldap. > > and if nt_name is not available we should fail (so does this patch) Volker (This used to be commit 3a7d1e72e208b9609da4ff65d9fff9179799ecac)
2003-03-22Never touch complicated if/else/elsif structures :-)Volker Lendecke1-23/+27
This repairs domain join with fully existing wks-account which I broke with my last patch... Volker (This used to be commit 582a34efbe3c1570b852c93318ff6002954ddf6a)
2003-03-22This changes the way we do LDAP updates. We don't use LDAP_MOD_MODIFYVolker Lendecke1-121/+175
anymore, but instead look at what is currently stored in the database. Then we explicitly delete the existing attribute and add the new value if it is not NULL or "". This way we can handle appearing and disappearing attributes quite nicely. This currently breaks pdbedit -o, as this does not set the CHANGED flag on the SAM_ACCOUNT. Jelmer suggested that we set all the fields on CHANGED in context_add_sam_account. This sounds not too unreasonable. Volker (This used to be commit f7149cf500d2b10ee72163c018a39fdd192d7632)
2003-03-20Use True, not TRUE and False, not FALSEJelmer Vernooij1-1/+1
(This used to be commit 44e9bf88cc2bbb2aa34711354258c3abb319cb9b)
2003-03-20Merge Herb's change.Volker Lendecke1-1/+1
Volker (This used to be commit e8725913f9f174c03683a35bbce16ee33ab4c707)
2003-03-19Put in the new modules system. It's now used by passdb and rpc. I willJelmer Vernooij1-16/+4
put a doc about it in dev-doc later today. (This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
2003-03-19Add paramter 'ldap del only sam attr'.Volker Lendecke1-59/+97
This patch is heavily based on a patch by SuSE. Thanks to Guenther Deschner <gd@suse.de> for providing it. Volker (This used to be commit 5eaf9195eefda5ababba85cc0f6d581ff6f0f454)
2003-03-19Hey -- there is an error code NT_STATUS_CANNOT_DELETE :-)Volker Lendecke1-1/+1
(This used to be commit aa9b8382d38346cb3e94ddf2e7caf6d663034579)
2003-03-19If we fail, return an error code :-)Volker Lendecke1-0/+1
Volker (This used to be commit a5218499eb3f0a62cd663a06157591fbb0dfcbef)
2003-03-19Put group mapping into LDAP.Volker Lendecke1-1/+501
Volker (This used to be commit f0f1518fc450834725902e9cdf33fb8d35f99360)
2003-03-17Fix memory leak.Volker Lendecke1-0/+2
Volker (This used to be commit e8975d6e7bdcceb78a83a3446cf1430e1e3f1a72)
2003-02-22Remove 'unixsam' from the default passdb backends.Andrew Bartlett1-59/+0
The intention is to remove the muliple passdb backends, but we need the 'guest' account to always be there. If the admin adds the guest account to (say) LDAP, there will only be one backend required for operation. This helps remove some nasty behaviours with adding accounts to the system for both the RPC 'create user' and the SAMSYNC code. Users 'added' with an 'add user/machine' script won't magicly appear, and machine accounts 'pre-added' to unix, but not the smbpasswd file will not cause mayhem. This commit also implements somthing tridge discussed with me, the concept of 'default' passdb operation pointers - so that each backend does not need it's own stub funcitons wrapping the default tdb privilages/group mapping code. This also removes an implicit 'sid->name' and 'name->sid' mapping from our own local SID space, to winbind usernames. When adding mapping for NIS/LDAP non-sam users in future, we need to be careful. Andrew Bartlett (This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
2003-02-01More ldap parinoia - if we ever get more than one result, bail. The order weAndrew Bartlett1-5/+23
get them in should be indeterminate, so just picking the first one would be bad... Andrew Bartlett (This used to be commit 21da8c3bb39c507eb90865549c3bb3538dcea138)
2003-02-01Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm toAndrew Bartlett1-3/+19
blame for the realloc() stuff. Plus a couple of minor updates to libads. Andrew Bartlett (This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
2003-01-15initialize acct_ctrl before using itHerb Lewis1-2/+1
remove ldap_msgfree(result); as result is unitialized at this point (This used to be commit dc8882778694289ca461de57d443992f52ab7524)
2003-01-14Fix some debug lines, and add a bit more info to help track down ldapAndrew Bartlett1-8/+15
connectivity problems. Andrew Bartlett (This used to be commit 68de9a59203ed9778f11b78f233dc437b9dab55d)
2003-01-14clearer debug message when the user is already in the ldap dbAndrew Tridgell1-1/+2
(This used to be commit 31894ba0e5847eb934688598cd8d65bead23c58b)