Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
|
|
|
|
Jeremy.
|
|
Guenther
(cherry picked from commit 26139344fd0fac4fdd2a6752628b252fbd9b7450)
(cherry picked from commit 866efa63a26f75bbf17cd4bebf639594e2feafba)
|
|
(This used to be commit 9b863a10da8762f715c16f147d6cd1e79422d248)
|
|
Karolin
(This used to be commit 7dae8b04f126d0ac86a452dcf373a690ee687ead)
|
|
retieve -> retrieve
Karolin
(This used to be commit 37c64130701ab13b6f34998ac17fec2d128c2e08)
|
|
(This used to be commit 3d2913d599a4cd773614110ec7b7493aa7adb547)
|
|
(This used to be commit 26fb3fea812867f8b0dfe6a1be59e4922ed86e45)
|
|
(This used to be commit 347772fc39d9c7a96fcc72c9707696cc6abd89d7)
|
|
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
|
|
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
|
|
(This used to be commit 1dd8fa9a521046f1de8173ac00224706c5249665)
|
|
(cherry picked from commit a40781bafa3a8f0c7737164bca6cf74b0a452e72)
(This used to be commit 86cabcad74ac06d888f2a352a2bef3abea1ed85c)
|
|
Karolin, this needs to be in 3-2-stable.
Guenther
(This used to be commit 0d73bde6de4391e7aec862424762473441fa0905)
|
|
accounts which may be located in a different ou. This is an extension to e71a48bb80cee85afcccacbce2884c0d600f4d72.
Karolin
(This used to be commit e5cc8b683cba3f2f3a84b1636b3d5bee1bfc0dda)
|
|
accounts which may be organized in a different ou.
Karolin
(This used to be commit e71a48bb80cee85afcccacbce2884c0d600f4d72)
|
|
The check for out of memory was the wrong way round.
Michael
(This used to be commit d7a7b793203b986823859ac5171d2d4c30e52415)
|
|
Michael
(This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
|
|
Failure to change password in ldap is mapped to NT_STATUS_UNSUCCESSFUL unconditionally.
Jeremy.
(This used to be commit 9369d6e907a49da1fbf2a5690118412b8d1a0383)
|
|
(This used to be commit 9e80b969fb40766de2c9b1a05d16bf4d4c6e46f7)
|
|
least surprise for callers
(This used to be commit eb523ba77697346a365589101aac379febecd546)
|
|
This adds 28 fstrings on the stack, but I think an fstring on the stack is
still far better than a static one.
(This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
|
|
(This used to be commit 0a911d38b8f4be382a9df60f9c6de0c500464b3a)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
(This used to be commit f00ab810d2540679bec109498ac89e1eafe18f03)
|
|
No more temptations to use static length strings.
Jeremy.
(This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
|
|
Don't use pstr_sprintf() on an fstring - change to talloc.
Jeremy.
(This used to be commit 6cae4b5fa1bcb848cb2a28daaafeefd6bcd08274)
|
|
(This used to be commit 8bcd2df841bae63e7d58c35d4728b7d853471697)
|
|
Fix bug 5056, thanks to debian package maintainer
(This used to be commit 5b4ba4bfc54e2fa468abe15383e5b33eb5bd1324)
|
|
from pdb_ldap.c. I don't have an LDAP passdb setup here,
so I'm going to need some help on testing this.
Jeremy.
(This used to be commit 00760451b6c2b65f3a8a9187789ca4f270b622a2)
|
|
(This used to be commit 5490e2d77233f594a42cb32eda8215014db544e3)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
string.
Jeremy.
(This used to be commit fe30a523dfc77cc373145624246fd3ad5c62b9ac)
|
|
passdb backend = ldapsam.
Along with reproducing the functionality of the secrets.tdb
code, I have prepared the handling of the previous trust password
(in case we are contacting a dc which does not yet know of a recent
password change). This information has still to be propagated
to the outside, but this requires a change of the api and also
a change of the secrets.tdb code.
Michael
(This used to be commit 6c3c20e6c4a2b04de8111f2c79b431f0775c2a0f)
|
|
(for passdb backen = ldapsam). At a first step, add the hooks,
calling the secrets_ functions.
Michael
(This used to be commit 9c03cdf3a449149c50451a44deb420341e65af34)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
"N" is not a valid format entry for ber_printf, should be "n"
Jeremy.
(This used to be commit f3bb102c24018f0a91f8b51de6fe646c091da6be)
|
|
* strptime() failure check
* make legcacy sid/uid/gid calls static
(This used to be commit 3c9fb1c6f3263c0ce6edbf2a8824c153317a84a3)
|
|
winbind
who did not run the idle events to drop ldap connections.
Volker
(This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997)
|
|
Patch from Zack Kirsch <zack.kirsch@isilon.com>.
Jeremy.
(This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
|
|
Coverity finds them :-)
Jeremy.
(This used to be commit cbe725f1b09f3d0edbdf823e0862edf21e16d336)
|
|
Fix escaping of DN components and filters around the code
Add some notes to commandline help messages about how to pass DNs
revert jra's "concistency" commit to nsswitch/winbindd_ads.c, as it was
incorrect.
The 2 functions use DNs in different ways.
- lookup_usergroups_member() uses the DN in a search filter,
and must use the filter escaping function to escape it
Escaping filters that include escaped DNs ("\," becomes "\5c,") is the
correct way to do it (tested against W2k3).
- lookup_usergroups_memberof() instead uses the DN ultimately as a base dn.
Both functions do NOT need any DN escaping function as DNs can't be reliably
escaped when in a string form, intead each single RDN value must be escaped
separately.
DNs coming from other ldap calls (like ads_get_dn()), do not need escaping as
they come already escaped on the wire and passed as is by the ldap libraries
DN filtering has been tested.
For example now it is possible to do something like:
'net ads add user joe#5' as now the '#' character is correctly escaped when
building the DN, previously such a call failed with Invalid DN Syntax.
Simo.
(This used to be commit 5b4838f62ab1a92bfe02626ef40d7f94c2598322)
|
|
(This used to be commit e43aa4e03d8d2d3ffa3a0383b0b0835dd1a51cda)
|
|
we never mix malloc and talloc'ed contexts in the
add_XX_to_array() and add_XX_to_array_unique()
calls. Ensure that these calls always return
False on out of memory, True otherwise and always
check them. Ensure that the relevent parts of
the conn struct and the nt_user_tokens are
TALLOC_DESTROYED not SAFE_FREE'd.
James - this should fix your crash bug in both
branches.
Jeremy.
(This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)
|
|
(This used to be commit 714971b34aad01cd855484d550c41bc0265ef051)
|
|
(This used to be commit 6c4d68d84987a88f91bca976a0396dff720043e5)
|
|
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
|