summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2004-01-22fix previously committed old version by mistakeSimo Sorce1-3/+3
(This used to be commit 4840b25dbd4d2eafc010389a711d42862d5fb0f0)
2004-01-22sorry for the conflict markers committed in by mistake :-(Simo Sorce1-7/+1
(This used to be commit c5634e0b713e594a32522df7a76c36639f772ed5)
2004-01-191. The most part of this patch changed the unknown_3 flag to the now knownSimo Sorce8-44/+22
meaning of fields_present bit mask. Also avoid it being saved in backends (0 is saved where removing the unit32 would have produced a format change). Also add support in samr functions to correctly interpret the flags. Flags still not set properly (eg. still set all flags 0xffffff as previous code), need a tool to test this properly (I',ve done preliminary tests with samba4 rpc torture and it seem to work properly against w2k). 2. Patch for handlig the flag user must change password at next logon in usrmgr based on Jianliang Lu <j.lu@tiesse.com> patch (This used to be commit 78975e9483e64412e436c5dbfe2b71e20b79de29)
2004-01-15Remove unused variables.Rafal Szczesniak1-3/+0
rafal (This used to be commit a284082716bf63569e5921eb33b1ecd1a9b4810d)
2004-01-15Remove unused function.Rafal Szczesniak1-13/+0
rafal (This used to be commit 2d2c36cc3f691f31506fbd97e74cf225a2ef85c5)
2004-01-14Initial design of some of the functions to operate on trust passwordsRafal Szczesniak1-0/+202
from passdb backend level (tdbsam, in this case). It is written as wrapper for secrets_ calls that use secrets.tdb file and is not treated as eventual solution. Trust passwords are being handled uniformly, SAM_TRUST_PASSWD structure, and so they should be stored as well. Note, this code is disabled ie. not used anywhere yet. I'm working on next routines in line. rafal (This used to be commit 02ac9332ab1d34f47667b40ce23b2b5d04c4dff1)
2004-01-14Comment and formatting fix.Rafal Szczesniak1-2/+3
rafal (This used to be commit 336720416abd1f6d62f9a6748ae6a0454976c9d4)
2004-01-13sync HEAD with recent changes in 3.0Gerald Carter1-0/+38
(This used to be commit c98399e3c9d74e19b7c9d806ca8028b48866931e)
2004-01-07This was cut-n-paste mistake, I guess... :)Rafal Szczesniak1-1/+1
rafal (This used to be commit f912d8c3403071582f776886f9793e3289b285b6)
2004-01-07Typo fix.Rafal Szczesniak1-1/+1
rafal (This used to be commit 4a2bd4de3f5a99bc19013a2878659e8686606e30)
2004-01-07Prototype version of trust passwords moved to SAM/pdb. This isRafal Szczesniak1-0/+141
backend-independent part ie. interface - does build and (it seems) doesn't break anything else. rafal (This used to be commit 9ce6dc6476202d9db6ea1c2deab93e454e4db546)
2004-01-06isolate ldap debug messages to the common smbldap_XXX() functionsGerald Carter1-3/+0
(This used to be commit 4c877ccc16bcb69490c4d34d2ef5f727bf98438e)
2004-01-05(merge from 3.0)Andrew Bartlett1-1/+1
JHT came up with a nasty (broken) torture case in preparing examples for his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name -> sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit cc535a6c70d8dcf677322e31b24dec58b23d80f0)
2004-01-05(merge from 3.0)Andrew Bartlett1-2/+10
Check the return value of string_to_sid in a few more places. (But string_to_sid also needs to be less permissive on what it thinks are valid sids...) Andrew Bartlett (This used to be commit 74ea8682e4b5c78f456cc9284e953e35e4146a8b)
2004-01-05(merge from 3.0)Andrew Bartlett1-2/+8
Show the error message for failure to set the ldap password. (For 'ldap password sync = yes') Andrew Bartlett (This used to be commit ef5d2309c2252c9d6111738075f863b69b616722)
2004-01-05Merge commit to 3_0: add pdb_pgsqlJelmer Vernooij3-501/+1008
(This used to be commit 61cbd5c9be1962d0c33c28ff472a2f82d3aa2a80)
2003-12-22add well known rid for pre win2k compatible access group; bug 897Gerald Carter1-0/+1
(This used to be commit 426a02cf678236f902c143b56eaaf854fca2237f)
2003-12-22Patch from Jianliang Lu j.lu@tiesse.com to manage Power UsersJeremy Allison1-0/+1
group. Jeremy. (This used to be commit 72174634aa26c01431ccf85331aaa8b51e70c8ff)
2003-12-11Fix uninitialized variable in passdb code. Reported by Andy Polyakov ↵Alexander Bokovoy1-1/+1
<appro@fy.chalmers.se> (This used to be commit ca21dd3bb682700d628e9fc1aeedd1594cda3094)
2003-12-10more group lookup access fixes on the neverending bug 281Gerald Carter1-6/+16
(This used to be commit 975ac6f5aa4d8d709733757e4e003f3c551fc9ba)
2003-12-04support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter1-3/+15
(This used to be commit acf9eae7b0c95776358292c3463951477575bcc6)
2003-12-01another strequal() == 0 fixGerald Carter1-1/+1
(This used to be commit 818bba4b796440453e5911369adf5bd147e9b961)
2003-12-01add Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608Gerald Carter1-0/+2
(This used to be commit 1bb2281e177d1f312c0c3c117c5b0dcabe57125b)
2003-11-24more access fixes for group enumeration in LDAP; bug 281Gerald Carter1-3/+14
(This used to be commit c4ce92e80688fe7fd4b2fde2c31e94baf3e4dca0)
2003-11-17* make sure we only enumerate group mapping entriesGerald Carter1-14/+0
(not /etc/group) even when doing local aliases * remove "hide local users" parameter; we have this behavior built into 3.0 (This used to be commit 3b75e862dfba42c95e2279c300c06bb981f52993)
2003-11-14fix more memory leaks in the LDAP backend code; patches from metzeGerald Carter1-22/+38
(This used to be commit 89a8c607af4ca67fcefe285480f7c9b832f6720c)
2003-11-09Merge from 3.0:Andrew Bartlett1-13/+0
source/passdb/pdb_get_set.c: I agree with vl's #if 0 here, and am not quite sure what I was thinking with regard to the original code. Let's keep samba simple, and just remove it. source/rpc_server/srv_netlog_nt.c: Remove compleatly wrong comments. (There were correct, 2 years ago...) source/intl/lang_tdb.c: Add newline to debug message Andrew Bartlett (This used to be commit 2a8dbe03690b60f3d9c83de3cf6ce873aa0657bc)
2003-11-07* only install swat html files onceGerald Carter1-1/+4
* revert the change that prevent the guest account from being added to a passdb backend since it broke the build farm. * apply patch from Alex Deiter to fix the "smbldap_open: cannot access when not root error" messages when looking up group information (bug 281) (This used to be commit 20bd309239199d85accb2b7aac6d4dd73e414f85)
2003-11-07fix for bug 680 (heads up). This gist is to map theGerald Carter1-5/+17
UNIX entity foo to DOMAIN\foo instead of SERVER\foo on members of a Samba domain when all UNIX accounts are shared via NIS, et. al. * allow winbindd to match local accounts to domain SID when 'winbind trusted domains only = yes' * remove code in idmap_ldap that searches the user suffix and group suffix. It's not needed and provides inconsistent functionality from the tdb backend. This has been tested. I'm still waiting on some more feedback but This needs to be in 3.0.1pre2 for widespread use. (This used to be commit cac4723e206bd001882011c9e12327064d032268)
2003-11-07don't allow setting of the guest accountGerald Carter1-0/+8
(This used to be commit 1e461f06ec492dc3f139165932c3518a6dd416f9)
2003-11-06bug 624; make sure to set the GUEST SID rather than using the PDB_DEFAULT flagGerald Carter1-1/+1
(This used to be commit 7a60693a47823c2a174886ad44e7af102440ba4d)
2003-11-03TDBSAM update code from Aur?lien Degr?mont <adegremont@idealx.com>.Jeremy Allison2-16/+620
Adds support for an additional field (uint32) which represents the lockout duration. I think this should be stored as an abolute UNIX time_t that specifies when the lockout should end - set it when the lockout is imposed. This new code also updates the on disk tdb version on load. Being merged into HEAD so Simo can add any other changes he wants before being back-ported to SAMBA_3_0. Jeremy. (This used to be commit 0eea3f22aba25c1d0a8800bb1725238422cb30eb)
2003-10-31Patch from Aurélien Degrémont <adegremont@idealx.com>. "entry" is dependentJeremy Allison1-2/+4
on "result", don't free result first. Jeremy. (This used to be commit 9b24715170c6ca5dd3d5df0675f430852ae6a50d)
2003-10-31Fix another unused warning.Tim Potter1-0/+3
(This used to be commit 9032e6eb2b4c7ed3d0689b95ed318cdf7ec048d7)
2003-10-30If nothing to do, return success. Fix from Aur?lien Degr?mont ↵Jeremy Allison1-1/+1
<adegremont@idealx.com> Jeremy. (This used to be commit a92555e6060294afcfecc075bfac5c836f150b01)
2003-10-30First round of merging various UUID structures.Jim McDonough1-11/+10
This eliminates RPC_UUID. It creates the following struct: struct uuid { uint32 time_low; uint16 time_mid; uint16 time_hi_and_version; uint8 clock_seq[2]; uint8 node[6]; }; which replaces RPC_UUID and various random struct uuid definitions and a flat version: #define UUID_FLAT_SIZE 16 typedef struct uuid_flat { uint8 info[UUID_FLAT_SIZE]; } UUID_FLAT; which pretty much looks like GUID (which I will start eliminating). I want us to use the FLAT one only on the wire (perhaps in files, too?), and I want it to be obvious to the coder that it is the FLAT version. This leaves a couple of compiler warnings, where GUID isn't completely replaced by FLAT_UUID yet...I'll get to those soon. (This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison2-2/+2
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-17* fix some compile warnings in the gums codeGerald Carter1-0/+2
* add server support for DsEnumerateDomainTrusts() (This used to be commit 06bacf6e3434db5bd09b48f84206441712e69a63)
2003-10-14sorry folks, forgot to cvs add/remove before commit.Simo Sorce1-0/+462
(This used to be commit 0ed85e6a2dff0953dbbd5ff4723ef6941ec32850)
2003-10-13So here it is a non-intrusive patch with my latest work on gums (theSimo Sorce2-7/+26
laternative to the current passdb). Currently it is run through a comatibility module in the passdb layer, with a subset of the functionality it may provide. It is still work in progress, but as someone asked me about it, and as it should make no difference to the normal code, I tought it was a good idea to put it into. It adds a dependency on perl. I know it is not very nice, but I'm sure we will work out a solution for that. As always blame me if I break something, but try to fix yourself, as I am busy-busy-busy :-) Simo. (This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
2003-10-10Match Samba 2.2, and make ACB_NORMAL the default ACB value.Andrew Bartlett1-0/+7
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing) Andrew Bartlett (This used to be commit 36ccf922a34127f2eb6b7da590e426544539ab25)
2003-10-09Merge from 3.0:Tim Potter1-1/+1
>Make pdb_ldap.c compile with SUN iPlanet headers. Whether this works will be >tested soon, but this fix is somewhat obvious. > >Volker (This used to be commit e4551b3d7f85bf39778a1de952eaa370bc3716e3)
2003-10-09Merge from 3.0:Tim Potter1-1/+1
>Typo in error message. >Jeremy. (This used to be commit 85eda9bc0c3d0e62c436a3958ec4a76d0e909d4c)
2003-10-06split some security related functions in their own files.Simo Sorce1-2/+2
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)
2003-10-02Portability fix from schmitz@hp.com (Joachim Schmitz). Bug #547.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 9519ffc7cbdb37a4279c8804230596978679220e)
2003-09-21Fix bug and do more error checking. Noticed by Wilco Baan Hofman ↵Jelmer Vernooij1-13/+33
<wilco@andoburg.nl> (This used to be commit ec32501cefe1ea27bcf08b5be9d53cdce8cbbbdc)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison5-23/+75
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
2003-09-18Oops. Proper fix for #470.Jeremy Allison1-18/+20
Jeremy. (This used to be commit e121a2ec0c243477ea318d573166f342abbd1cce)
2003-09-18Fix for #470 - unable to display SIDs in ACLs.Jeremy Allison1-2/+11
Jeremy. (This used to be commit 1b343f710550a39815001c668c48d9b194f19243)
2003-09-16Fix typo. Found by Aurelien DegremontJelmer Vernooij1-1/+1
(This used to be commit 271111d6a7f5011c8300e060a9da3a972a28a704)