Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-02-28 | Fix some types | Jelmer Vernooij | 1 | -2/+2 | |
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104 | |||||
2011-02-22 | s3:auth: change num_groups to from size_t to uint32_t | Stefan Metzmacher | 1 | -4/+4 | |
This will help with the change from UNIX_USER_TOKEN to security_unix_token metze | |||||
2011-02-19 | s3: Add "len" to pdb_set_hours | Volker Lendecke | 1 | -1/+1 | |
2011-02-16 | s3-passdb: make priv2ld() public | Sumit Bose | 1 | -1/+1 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2011-02-16 | s3-passdb: Add minimal stub for IPA passdb backend | Sumit Bose | 1 | -0/+2 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-10-12 | libcli/security Provide a common, top level libcli/security/security.h | Andrew Bartlett | 1 | -1/+1 | |
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104 | |||||
2010-09-20 | s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. | Günther Deschner | 1 | -4/+5 | |
Guenther | |||||
2010-09-11 | s3-auth Change type of num_sids to uint32_t | Andrew Bartlett | 1 | -2/+3 | |
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-26 | s3-idmap: only include idmap headers where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-14 | s3:pdb_ldap: move some code in ldapsam_create_dom_group() | Michael Adam | 1 | -22/+25 | |
to make the flow more similar to ldapsam_create_user(). This prepares for calling winbind_sid_to_gid() instead of winbind_allocate_gid(): we need the group_sid for this... Michael | |||||
2010-08-05 | s3-secrets: only include secrets.h when needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-07-06 | s3:pdb_ldap: change LDAP password before samba password hashes | Björn Jacke | 1 | -33/+34 | |
this way we can catch up with password change refuses from ldap password policy overlays and abort the password change early. Thanks to Andy Hanton <andyhanton@gmail.com> for the initial patch. | |||||
2010-07-06 | s3: Fix another aspect of bug 7262 and make paged results work again | Volker Lendecke | 1 | -4/+4 | |
2010-07-05 | s3: Make talloc_attrs() static | Volker Lendecke | 1 | -1/+1 | |
2010-06-10 | s3: Fix EnumDomainAliases when no aliases are in LDAP | Volker Lendecke | 1 | -6/+4 | |
We used to return NT_STATUS_ACCESS_DENIED, now we just return 0 entries, just like W2k8 does. usrmgr.exe was pretty unhappy with the NT_STATUS_ACCESS_DENIED | |||||
2010-06-10 | s3:pdb_ldap: fix bug 7505 - init_sam_from_ldap stores group in sid2uid cache | Michael Adam | 1 | -1/+1 | |
2010-05-21 | s3:dom_sid Global replace of DOM_SID with struct dom_sid | Andrew Bartlett | 1 | -51/+51 | |
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-21 | s3:passdb Remove use of uint8 uint16 and uint32 in favour of C99 types | Andrew Bartlett | 1 | -60/+60 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3-rpc_misc: clean out include/rpc_misc.h. | Günther Deschner | 1 | -1/+1 | |
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther | |||||
2010-04-29 | s3-pdb_ldap: fix memleak. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2010-03-16 | s3: Make login_cache_write take a pointer | Volker Lendecke | 1 | -1/+1 | |
2010-03-16 | s3: Make login_cache_read take a pointer, avoid a malloc | Volker Lendecke | 1 | -9/+8 | |
2010-03-16 | s3: Remove a typedef | Volker Lendecke | 1 | -2/+2 | |
2010-02-10 | s3: change ldap filter to what really was intended | Björn Jacke | 1 | -1/+1 | |
2010-02-08 | s3:pdb_ldap: don't search for the users primary group, if we already know it | Stefan Metzmacher | 1 | -31/+35 | |
metze | |||||
2010-02-08 | s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches. | Stefan Metzmacher | 1 | -7/+29 | |
ldapsam_alias_memberships() does the same LDAP search twice, triggered via add_aliases() from create_local_nt_token(). This happens when no domain aliases are used. metze | |||||
2010-02-08 | s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted ↵ | Stefan Metzmacher | 1 | -5/+85 | |
support And also store the gid_to_sid mappings in the idmap_cache. metze | |||||
2010-02-08 | s3: shortcut gid_to_sid when "ldapsam:trusted = yes" | Stefan Metzmacher | 1 | -0/+71 | |
The normal gid_to_sid behaviour is to call sys_getgrgid() to get the name for the given gid and then call the getsamgrnam passdb method for the resulting name. In the ldapsam:trusted case we can reduce the gid_to_sid operation to one simple search for the gidNumber attribute and only get the sambaSID attribute from the correspoinding LDAP object. This reduces the number of ldap roundtrips for this operation. metze | |||||
2010-02-05 | s3: Hide some uses of pdb_get_init_flags (which I would love to remove...) | Volker Lendecke | 1 | -1/+1 | |
2010-01-23 | s3: Remove some pointless uses of string_sid_talloc | Volker Lendecke | 1 | -8/+6 | |
2010-01-21 | s3:pdb_ldap: Fix large paged search. | Volker Lendecke | 1 | -0/+1 | |
Fix bug #6981 (Paged Search with DirX LDAP server broken). (cherry picked from commit 0a3b576c0a4298cbe600ad8943e401e3a0639359) | |||||
2010-01-14 | s3:pdb_ldap: restore Samba 3.0.x behavior and use the first "uid" value. | Stefan Metzmacher | 1 | -1/+1 | |
See bug #6157 for more details. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 25806f43ddee7e2653e907eea2c6fcc075960fa1) | |||||
2010-01-12 | s3: Remove a pointless if-statement | Volker Lendecke | 1 | -3/+2 | |
2010-01-07 | s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check | Michael Adam | 1 | -3/+3 | |
to enhance readability and denbuggability. Michael | |||||
2009-11-19 | s3:pdb_ldap: fix a comment typo | Michael Adam | 1 | -1/+1 | |
Michael | |||||
2009-11-19 | s3: shortcut uid_to_sid when "ldapsam:trusted = yes" | Michael Adam | 1 | -0/+75 | |
The normal uid_to_sid behaviour is to call sys_getpwuid() to get the name for the given uid and then call the getsampwnam passdb method for the resulting name. In the ldapsam:trusted case we can reduce the uid_to_sid operation to one simple search for the uidNumber attribute and only get the sambaSID attribute from the correspoinding LDAP object. This reduces the number of ldap roundtrips for this operation. Michael | |||||
2009-11-13 | s3:smbd: also fill the memcache with sid<->id mappings in ldapsam_sid_to_id() | Michael Adam | 1 | -0/+2 | |
not only the persistent idmap cache. Michael | |||||
2009-11-13 | s3:smbd: make idmap cache persistent for "ldapsam:trusted". | Michael Adam | 1 | -0/+4 | |
This stores the mappings found in the idmap cache (which lives inside gencache). This cache is already read in sid_to_Xid() and Xid_to_sid() for ldapsam:trusted, this fills the opposite direction, massively reducing the number of ldap roundtrips across smbd restarts. Michael | |||||
2009-11-13 | Fix large paged search | Volker Lendecke | 1 | -0/+1 | |
Signed-off-by: Michael Adam <obnox@samba.org> | |||||
2009-11-02 | s3:ldap: don't search when no values where found | Björn Jacke | 1 | -1/+1 | |
2009-10-31 | ѕ3:ldap: search for account policies in objectclass sambaDomain, not * | Björn Jacke | 1 | -1/+6 | |
2009-10-20 | s3-pdb_ldap: fix crash bug in ldapsam_set_trusteddom_pw(). | Günther Deschner | 1 | -2/+2 | |
Thanks Volker for the hint. Guenther | |||||
2009-09-02 | s3-pdb_ldap: Fix bug #4296: Clean up group membership while deleting a user. | Günther Deschner | 1 | -0/+46 | |
Note that this only is tried with editposix=yes. Guenther | |||||
2009-08-03 | s3-pdb_ldap: Make ldapsam_alias_memberships behave like the tdbsam equivalent. | Günther Deschner | 1 | -0/+7 | |
This lets samr_GetAliasMembership return with NT_STATUS_OK when called with 0 sids (just what w2k3 does). Guenther | |||||
2009-07-14 | Fix bug 5886 | Volker Lendecke | 1 | -8/+26 | |
Ok, that's a very long-standing one. I finally got around to install a recent OpenLDAP and test the different variants of setting a NULL password etc. Thanks all for your patience! Volker | |||||
2009-07-14 | s3-account_policy: add pdb_policy_type enum. | Günther Deschner | 1 | -19/+21 | |
Guenther | |||||
2009-07-09 | Make escape_ldap_string take a talloc context | Volker Lendecke | 1 | -23/+22 | |
2009-06-30 | Fix bug #6431 - local groups from 3.0 setups no longer found. | Volker Lendecke | 1 | -8/+8 | |
Search for groups without group suffix, group suffix is only used for new entries. | |||||
2009-06-28 | Turn the pdb_rid_algorithm into a capabilities call that returns flags | Volker Lendecke | 1 | -3/+3 | |
2009-06-08 | Pass a talloc_ctx to pdb_enum_aliasmem | Volker Lendecke | 1 | -1/+2 | |