summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_unix.c
AgeCommit message (Collapse)AuthorFilesLines
2003-04-29This is a nice rewrite:Simo Sorce1-1/+1
SAM_ACCOUNT does not have anymore uid and gid fields all the code that used them has been fixed to use the proper idmap calls fix to idmap_tdb for first time idmap.tdb initialization. auth_serversupplied_info structure has now an uid and gid field few other fixes to make the system behave correctly with idmap tested only with tdbsam, but smbpasswd and nisplus should be ok have not tested ldap ! (This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
2003-04-29Change order of parameters to smb_register_passdb()Jelmer Vernooij1-1/+1
(This used to be commit 63cf5637c16dc770f0ab2f73ff00577c7cd426ee)
2003-04-28Use NTSTATUS as return value for smb_register_*() functions and init_module()Jelmer Vernooij1-1/+1
function. Patch by metze with some minor modifications. (This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
2003-04-07Restore previous behaviour to update on pdb_unix (auto-upgrade to new account)Andrew Bartlett1-0/+1
(This used to be commit 0509cbc59174354b7c57206a07f7bd222cc87db4)
2003-03-19Put in the new modules system. It's now used by passdb and rpc. I willJelmer Vernooij1-0/+5
put a doc about it in dev-doc later today. (This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
2003-02-22Remove 'unixsam' from the default passdb backends.Andrew Bartlett1-88/+0
The intention is to remove the muliple passdb backends, but we need the 'guest' account to always be there. If the admin adds the guest account to (say) LDAP, there will only be one backend required for operation. This helps remove some nasty behaviours with adding accounts to the system for both the RPC 'create user' and the SAMSYNC code. Users 'added' with an 'add user/machine' script won't magicly appear, and machine accounts 'pre-added' to unix, but not the smbpasswd file will not cause mayhem. This commit also implements somthing tridge discussed with me, the concept of 'default' passdb operation pointers - so that each backend does not need it's own stub funcitons wrapping the default tdb privilages/group mapping code. This also removes an implicit 'sid->name' and 'name->sid' mapping from our own local SID space, to winbind usernames. When adding mapping for NIS/LDAP non-sam users in future, we need to be careful. Andrew Bartlett (This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
2002-10-21pdb_unix.c did not really expect group RIDs dictated by a PDC and lookingVolker Lendecke1-2/+4
like user RIDs. Volker (This used to be commit 872c7d40454545108ec9e7eee12894af77b4adc3)
2002-10-21This moves the group mapping API into the passdb backend.Volker Lendecke1-0/+51
Currently this calls back to mapping.c, but we have the framework to get the information into LDAP and the passdb.tdb (should we? I think so..). This has received moderate testing with net rpc vampire and usrmgr. I found the add_groupmem segfault in add_aliasmem as well, but that will be another checkin. Volker (This used to be commit f30095852fea19421ac8e25dfe9c5cd4b2206f84)
2002-09-26move all the passdb internal interface to NTSTATUSSimo Sorce1-21/+41
only the interface has been fully moved to NTSTATUS not all the plugins make full use of it, but have been all converted. My testings passed completely, however a bit of more testing is welcome Simo. (This used to be commit 102a26e06591928a03b49cd312a65811ed46314f)
2002-08-17Rework the 'guest account get's RID 501' code again...Andrew Bartlett1-7/+20
This moves it right into the passdb subsystem, where we can do this in just one (or 2) places. Due to the fact that this code can be in a tight loop, I've had to make 'guest account' a 'const' paramater, where % macros cannot be used. In any case, if the 'guest account' varies, we are in for some nasty cases in the other code, so it's useful anyway. Andrew Bartlett (This used to be commit 8718e5e7b2651edad15f52a4262dc745df7ad70f)
2002-08-05I must have missed this when I was adding 'const' to these earlier...Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit ce6c8a647ca56dcbb60ff898d77c2df297c1fe79)
2002-06-13Latest patch from metze <metze@metzemix.de> to move most of samba acrossAndrew Bartlett1-1/+2
to using SIDs instead of RIDs. The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument. The idea here is to prevent mistakes where the SID is implict, but isn't the same one that we have in the struct. Andrew Bartlett (This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
2002-05-26change: pdb_getsampwrid() ->pdb_getsampwsid()Simo Sorce1-1/+8
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions. srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one. (This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
2002-05-24Make function match the defintion require for assignment as a functionAndrew Bartlett1-1/+1
pointer. (This used to be commit 38012edaca4c181f3d3a9e9df4fc434bba78f9dc)
2002-05-18Passdb:Andrew Bartlett1-18/+11
Kill off the silly code that attempts to do NT -> Unix username mapping. This is done well before here, no need to repeat it. Add some small fixes and extra debugs, trying to track down current build farm failures. pdb_unix: When 'updating' a pdb_unix account, instead add it to the default passdb. This means that you don't need to specify '-a' to smbpasswd any more when messing with an existing unix user, the account is simply 'upgraded'. The idea here is that these accounts are just as 'real' as any other, they just don't have the extra attributes an smbpasswd file does. I'm open for debate on the pdb_unix issue, and will remove it if given good reason. (without this, an attempt to add an account already in pdb_unix to smbpasswd would fail, as it would fail to update pdb_unix). rpc_server/srv_netlog_nt.c Change a couple of things around, so as to show the client workstation etc. WRONG_PASSWORD is certainly not the right default error. Try ACCESS_DENIED for now. Andrew Bartlett (This used to be commit d78b74b338df9accd9ad84c56a49fa4f787425e2)
2002-05-18A few things in this commit:Andrew Bartlett1-0/+126
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)