summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2009-11-19s3:pdb_ldap: fix a comment typoMichael Adam1-1/+1
Michael
2009-11-19s3: shortcut uid_to_sid when "ldapsam:trusted = yes"Michael Adam1-0/+75
The normal uid_to_sid behaviour is to call sys_getpwuid() to get the name for the given uid and then call the getsampwnam passdb method for the resulting name. In the ldapsam:trusted case we can reduce the uid_to_sid operation to one simple search for the uidNumber attribute and only get the sambaSID attribute from the correspoinding LDAP object. This reduces the number of ldap roundtrips for this operation. Michael
2009-11-13s3:smbd: also fill the memcache with sid<->id mappings in ldapsam_sid_to_id()Michael Adam1-0/+2
not only the persistent idmap cache. Michael
2009-11-13s3:smbd: make idmap cache persistent for "ldapsam:trusted".Michael Adam1-0/+4
This stores the mappings found in the idmap cache (which lives inside gencache). This cache is already read in sid_to_Xid() and Xid_to_sid() for ldapsam:trusted, this fills the opposite direction, massively reducing the number of ldap roundtrips across smbd restarts. Michael
2009-11-13Fix large paged searchVolker Lendecke1-0/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2009-11-02s3:ldap: don't search when no values where foundBjörn Jacke1-1/+1
2009-10-31ѕ3:ldap: search for account policies in objectclass sambaDomain, not *Björn Jacke1-1/+6
2009-10-20s3-pdb_ldap: fix crash bug in ldapsam_set_trusteddom_pw().Günther Deschner1-2/+2
Thanks Volker for the hint. Guenther
2009-09-02s3-pdb_ldap: Fix bug #4296: Clean up group membership while deleting a user.Günther Deschner1-0/+46
Note that this only is tried with editposix=yes. Guenther
2009-08-03s3-pdb_ldap: Make ldapsam_alias_memberships behave like the tdbsam equivalent.Günther Deschner1-0/+7
This lets samr_GetAliasMembership return with NT_STATUS_OK when called with 0 sids (just what w2k3 does). Guenther
2009-07-14Fix bug 5886Volker Lendecke1-8/+26
Ok, that's a very long-standing one. I finally got around to install a recent OpenLDAP and test the different variants of setting a NULL password etc. Thanks all for your patience! Volker
2009-07-14s3-account_policy: add pdb_policy_type enum.Günther Deschner1-19/+21
Guenther
2009-07-09Make escape_ldap_string take a talloc contextVolker Lendecke1-23/+22
2009-06-30Fix bug #6431 - local groups from 3.0 setups no longer found.Volker Lendecke1-8/+8
Search for groups without group suffix, group suffix is only used for new entries.
2009-06-28Turn the pdb_rid_algorithm into a capabilities call that returns flagsVolker Lendecke1-3/+3
2009-06-08Pass a talloc_ctx to pdb_enum_aliasmemVolker Lendecke1-1/+2
2009-06-07s3-samr: fix return code of _samr_LookupRids when run with pdb_ldap.Günther Deschner1-0/+5
when _samr_LookupRids is called with no rids, it needs to return NT_STATUS_NONE_MAPPED (not NT_STATUS_NO_MEMORY). Found by RPC-SAMR torture test. Guenther
2009-05-31Fix some nonempty blank linesVolker Lendecke1-52/+52
2009-05-12Fix the last few format arg missmatches I missed.Jeremy Allison1-4/+4
Jeremy.
2009-05-12Fix bug 6157Volker Lendecke1-1/+1
This patch picks the alphabetically smallest one of the multi-value attribute "uid". This fixes a regression against 3.0 and also becomes deterministic.
2009-05-11Fix a bunch of compiler warnings about wrong format types.Jeremy Allison1-7/+7
Should make Solaris 10 builds look cleaner. Jeremy.
2009-05-08s3/ldap: also handle DirX return codesBjörn Jacke1-0/+2
2009-05-05s3-ldap: fix more callers of smbldap_dn_talloc() that were passing a NULL ↵Günther Deschner1-1/+1
context. Guenther
2009-05-05s3-ldapsam: Fix Bug #6313: ldapsam_update_sam_account() crashes while doing ↵Günther Deschner1-1/+1
talloc_free on malloced memory. Guenther
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-0/+1
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-04-14Convert Samba3 to use the common lib/util/charset APIAndrew Bartlett1-11/+11
This removes calls to push_*_allocate() and pull_*_allocate(), as well as convert_string_allocate, as they are not in the common API To allow transition to a common charcnv in future, provide Samba4-like strupper functions in source3/lib/charcnv.c (the actual implementation remains distinct, but the API is now shared) Andrew Bartlett
2009-04-06s3:smbldap Remove smbldap_get_dnAndrew Bartlett1-28/+15
This removes one more caller to pull_utf8_allocate() Signed-off-by: Günther Deschner <gd@samba.org>
2009-03-07Shape up pdb_search a bit by making it a talloc ctx with a destructorVolker Lendecke1-10/+10
2009-02-19Fix printf warnings found on systems where time_t <> long int.Jeremy Allison1-8/+8
Jeremy.
2009-01-21Memory leaks and other fixes found by Coveritytodd stecher1-0/+1
2008-12-23Fix more ‘asprintf’, declared with attribute warn_unused_result.Jeremy Allison1-3/+4
Jeremy.
2008-12-09s3-ldapsam: Fix Bug 5957: do not abort rename process on valid rename script.Günther Deschner1-1/+1
Guenther (cherry picked from commit 26139344fd0fac4fdd2a6752628b252fbd9b7450) (cherry picked from commit 866efa63a26f75bbf17cd4bebf639594e2feafba)
2008-07-24pdb_ldap: Raise level for debug message to avoid log file flooding.John H Terpstra1-1/+1
(This used to be commit 9b863a10da8762f715c16f147d6cd1e79422d248)
2008-07-18Use LDAP macros instead of attribute names.Karolin Seeger1-20/+19
Karolin (This used to be commit 7dae8b04f126d0ac86a452dcf373a690ee687ead)
2008-07-14Fix typo.Karolin Seeger1-1/+1
retieve -> retrieve Karolin (This used to be commit 37c64130701ab13b6f34998ac17fec2d128c2e08)
2008-07-10Fix some memleaks regarding trustdom passwordsVolker Lendecke1-3/+15
(This used to be commit 3d2913d599a4cd773614110ec7b7493aa7adb547)
2008-07-10Fix some uninitialized variable references via ndr_printVolker Lendecke1-1/+3
(This used to be commit 26fb3fea812867f8b0dfe6a1be59e4922ed86e45)
2008-07-10Give a nice error message if trying to join with a non-privileged userVolker Lendecke1-1/+1
(This used to be commit 347772fc39d9c7a96fcc72c9707696cc6abd89d7)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty1-24/+54
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-03-17Coverity fixesMarc VanHeyningen1-4/+10
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
2008-03-14Fix bug 4901Volker Lendecke1-3/+8
(This used to be commit 1dd8fa9a521046f1de8173ac00224706c5249665)
2008-03-05Fix a memleak -- Coverity ID 222Volker Lendecke1-1/+2
(cherry picked from commit a40781bafa3a8f0c7737164bca6cf74b0a452e72) (This used to be commit 86cabcad74ac06d888f2a352a2bef3abea1ed85c)
2008-03-04Fix crash bug in pdb_init_ldapsam().Günther Deschner1-2/+2
Karolin, this needs to be in 3-2-stable. Guenther (This used to be commit 0d73bde6de4391e7aec862424762473441fa0905)
2008-02-19Change ldap search filter. This function is also used to search machine ↵Karolin Seeger1-2/+2
accounts which may be located in a different ou. This is an extension to e71a48bb80cee85afcccacbce2884c0d600f4d72. Karolin (This used to be commit e5cc8b683cba3f2f3a84b1636b3d5bee1bfc0dda)
2008-02-11Change ldap search filter. This function is also used to search machine ↵Karolin Seeger1-1/+1
accounts which may be organized in a different ou. Karolin (This used to be commit e71a48bb80cee85afcccacbce2884c0d600f4d72)
2008-01-09Fix memleak in ldapsam_rename_sam_account() found by IBM checker.Michael Adam1-1/+1
The check for out of memory was the wrong way round. Michael (This used to be commit d7a7b793203b986823859ac5171d2d4c30e52415)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam1-7/+11
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2008-01-02Fix for bug #5163 from Laurent Pinchart <pinchart@skynet.be>Jeremy Allison1-0/+4
Failure to change password in ldap is mapped to NT_STATUS_UNSUCCESSFUL unconditionally. Jeremy. (This used to be commit 9369d6e907a49da1fbf2a5690118412b8d1a0383)
2007-12-26Remove the sampwent interfaceVolker Lendecke1-102/+0
(This used to be commit 9e80b969fb40766de2c9b1a05d16bf4d4c6e46f7)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-8/+8
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)