Age | Commit message (Collapse) | Author | Files | Lines |
|
This will allow pdb_samba4 to use this
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_P isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.
Andrew Bartlett
|
|
|
|
Guenther
|
|
Guenther
|
|
source3/lib/username.c
Guenther
|
|
|
|
We were not taking into account the existing posix attributes and thus failed
while trying to add a 2nd uid attribute.
Found by Sumit.
Guenther
|
|
This attempts to fix the build on Solaris
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Mar 6 10:45:16 CET 2011 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
|
|
This will help with the change from UNIX_USER_TOKEN to security_unix_token
metze
|
|
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Guenther
|
|
size_t is overkill here, and in struct security_token in the num_sids
is uint32_t.
This includes a change to the prototype of add_sid_to_array()
and add_sid_to_array_unique(), which has had a number of
consequnetial changes as I try to sort out all the callers using
a pointer to the number of sids.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Guenther
|
|
to make the flow more similar to ldapsam_create_user().
This prepares for calling winbind_sid_to_gid() instead of
winbind_allocate_gid(): we need the group_sid for this...
Michael
|
|
Guenther
|
|
this way we can catch up with password change refuses from ldap password policy
overlays and abort the password change early.
Thanks to Andy Hanton <andyhanton@gmail.com> for the initial patch.
|
|
|
|
|
|
We used to return NT_STATUS_ACCESS_DENIED, now we just return 0 entries, just
like W2k8 does.
usrmgr.exe was pretty unhappy with the NT_STATUS_ACCESS_DENIED
|
|
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.
Guenther
|
|
Guenther
|
|
|
|
|
|
|
|
|
|
metze
|
|
ldapsam_alias_memberships() does the same LDAP search twice, triggered
via add_aliases() from create_local_nt_token().
This happens when no domain aliases are used.
metze
|
|
support
And also store the gid_to_sid mappings in the idmap_cache.
metze
|
|
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
metze
|
|
|
|
|
|
Fix bug #6981 (Paged Search with DirX LDAP server broken).
(cherry picked from commit 0a3b576c0a4298cbe600ad8943e401e3a0639359)
|
|
See bug #6157 for more details.
metze
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 25806f43ddee7e2653e907eea2c6fcc075960fa1)
|
|
|
|
to enhance readability and denbuggability.
Michael
|
|
Michael
|
|
The normal uid_to_sid behaviour is to call sys_getpwuid()
to get the name for the given uid and then call the
getsampwnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the uid_to_sid
operation to one simple search for the uidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
Michael
|
|
not only the persistent idmap cache.
Michael
|
|
This stores the mappings found in the idmap cache (which lives
inside gencache). This cache is already read in sid_to_Xid()
and Xid_to_sid() for ldapsam:trusted, this fills the opposite
direction, massively reducing the number of ldap roundtrips
across smbd restarts.
Michael
|