summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell1-27/+27
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-12s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam1-4/+4
This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam1-2/+2
This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
2012-07-03s3-passdb: Remove obsolte ldapsam_compat support.Andreas Schneider1-96/+3
2012-05-02s3-idmap: convert most idmap_cache callers to unixid APIAndrew Bartlett1-9/+26
This will eventually allow the struct unixid to be passed all the way up and down the stack. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-passdb: Change pdb_sid_to_id() to return struct unixidAndrew Bartlett1-8/+8
This will make it easier to consistantly pass a struct unixid all the way up and down the idmap stack, and allow ID_TYPE_BOTH to be handled correctly. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-04-20s3:passdb: do not use the in-memory idmap cache (it will be removed)Michael Adam1-9/+0
2012-04-20s3: Remove an unused variableVolker Lendecke1-1/+0
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri Apr 20 12:44:20 CEST 2012 on sn-devel-104
2012-04-19s3-passdb: Remove unused sampass->pass_must_change_timeAndrew Bartlett1-20/+0
There is no need to call pdb_set_pass_must_change_time() because nothing ever consults that value. It is always calculated from the domain policy. Also, this means we no longer store the value in LDAP. The value would only ever be set when migrating from tdbsam or smbpasswd, not on password changes, so would become incorrect over time. Andrew Bartlett
2012-02-20s3: Fix bug 8567 -- segfault in dom_sid_compareVolker Lendecke1-0/+1
The underlying problem was that with ldapsam:trusted we require the a group mapping for the primary group of every user, including root. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon Feb 20 22:36:23 CET 2012 on sn-devel-104
2012-01-27Finally remove all malloc()'s from the substitute code. Now totallyJeremy Allison1-3/+3
talloc() based. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Jan 27 03:43:21 CET 2012 on sn-devel-104
2011-11-16s3-smbldap: extend smbldap_init() with binddn/bindsecret arguments.Günther Deschner1-2/+12
Guenther
2011-11-16s3-passdb: split out passdb/pdb_ldap_schema.cGünther Deschner1-0/+1
Guenther
2011-11-16s3: move smbldap_util to pdb_ldap_util.Günther Deschner1-0/+1
Guenther
2011-11-09s3-passdb Initialise the correct level of pointer dereferenceAndrew Bartlett1-1/+1
*pp_rmap may be NULL or un-initialised data. This was introduced by 995d1567265be178b4e45f79ea4562a7041ffa52. Andrew Bartlett
2011-10-28s3-passdb: use tevent_context in passdb.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Oct 28 13:09:47 CEST 2011 on sn-devel-104
2011-10-18pdb-interface: Do not use unid_t hereSimo Sorce1-7/+8
This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
2011-10-12s3-group-mapping: Remove fstrings from GROUP_MAP.Simo Sorce1-13/+34
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Oct 12 19:28:12 CEST 2011 on sn-devel-104
2011-10-11s3-passdb: split out passdb/pdb_ipa.h.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Oct 11 12:15:36 CEST 2011 on sn-devel-104
2011-10-11s3-passdb: split out passdb/pdb_nds.h.Günther Deschner1-0/+1
Guenther
2011-10-11s3-passdb: split out passdb/pdb_ldap.h.Günther Deschner1-0/+1
Guenther
2011-08-18s3/ldap: don't continue if we couldn't get the domain info on startupBjörn Jacke1-7/+4
while some things work without the domain info, some important things don't, which is highly irritating. As even calls like EnumTrustDom fail and thus clients' domain logins fail we are sufficiently broken to refuse to go on. Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Thu Aug 18 12:48:37 CEST 2011 on sn-devel-104
2011-08-13s3-passdb Make pdb_element_is_changed available to all passdb modulesAndrew Bartlett1-29/+6
This will allow pdb_samba4 to use this Andrew Bartlett
2011-06-09s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_P() to talloc()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_P isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett1-5/+5
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_REALLOC_ARRAY() to talloc_realloc()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_REALLOC_ARRAY isn't standard talloc. Andrew Bartlett
2011-05-06More const fixes. Remove CONST_DISCARD.Jeremy Allison1-6/+6
2011-03-30s3-passdb: add passdb.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-winbind: remove global inclusion of libwbclient.Günther Deschner1-0/+1
Guenther
2011-03-30lib/util/util_pw: share more code between lib/util/util_pw.c and ↵Günther Deschner1-0/+1
source3/lib/username.c Guenther
2011-03-27s3: Fix Coverity ID 513: UNINITVolker Lendecke1-1/+1
2011-03-24s3-ldapsam: fix ldapsam_create_user() with existing posix accounts.Günther Deschner1-1/+1
We were not taking into account the existing posix attributes and thus failed while trying to add a 2nd uid attribute. Found by Sumit. Guenther
2011-03-06s3: Move EXOP definitions to smbldap.hVolker Lendecke1-25/+0
This attempts to fix the build on Solaris Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Mar 6 10:45:16 CET 2011 on sn-devel-104
2011-02-28Fix some typesJelmer Vernooij1-2/+2
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
2011-02-22s3:auth: change num_groups to from size_t to uint32_tStefan Metzmacher1-4/+4
This will help with the change from UNIX_USER_TOKEN to security_unix_token metze
2011-02-19s3: Add "len" to pdb_set_hoursVolker Lendecke1-1/+1
2011-02-16s3-passdb: make priv2ld() publicSumit Bose1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16s3-passdb: Add minimal stub for IPA passdb backendSumit Bose1-0/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-1/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-09-20s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner1-4/+5
Guenther
2010-09-11s3-auth Change type of num_sids to uint32_tAndrew Bartlett1-2/+3
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-26s3-idmap: only include idmap headers where needed.Günther Deschner1-0/+1
Guenther
2010-08-14s3:pdb_ldap: move some code in ldapsam_create_dom_group()Michael Adam1-22/+25
to make the flow more similar to ldapsam_create_user(). This prepares for calling winbind_sid_to_gid() instead of winbind_allocate_gid(): we need the group_sid for this... Michael
2010-08-05s3-secrets: only include secrets.h when needed.Günther Deschner1-0/+1
Guenther
2010-07-06s3:pdb_ldap: change LDAP password before samba password hashesBjörn Jacke1-33/+34
this way we can catch up with password change refuses from ldap password policy overlays and abort the password change early. Thanks to Andy Hanton <andyhanton@gmail.com> for the initial patch.
2010-07-06s3: Fix another aspect of bug 7262 and make paged results work againVolker Lendecke1-4/+4
2010-07-05s3: Make talloc_attrs() staticVolker Lendecke1-1/+1
2010-06-10s3: Fix EnumDomainAliases when no aliases are in LDAPVolker Lendecke1-6/+4
We used to return NT_STATUS_ACCESS_DENIED, now we just return 0 entries, just like W2k8 does. usrmgr.exe was pretty unhappy with the NT_STATUS_ACCESS_DENIED
2010-06-10s3:pdb_ldap: fix bug 7505 - init_sam_from_ldap stores group in sid2uid cacheMichael Adam1-1/+1