| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
J.F.
(This used to be commit 706acb17cffd8d6a84209dadb97916f0346cd174)
|
|
don't overwrite backend values with defaults values.
J.F.
(This used to be commit a204a9adb84c41658def08cb75670995aec02baa)
|
|
LDAP database were being initialised using unix_to_nt_time on -1, rather
than -1 as an NTTIME (which is very different).
Problems solved (hopefully):
* "Access Denied" when accessing an NT share in a Samba controlled domain.
* "Your password has expired" sometimes when logging in.
(This used to be commit 740d8388cb6dfebb26681a45fd1b293383d08a6d)
|
|
- cleanup
- #defined report to sprintf as it's #defined to another function in
other uses of cmd_lsarpc.c
(This used to be commit 8fb2ff247a2fe0ec5ce0c232d8a3da9774f7e6ae)
|
|
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
|
|
parameter is "builtin rid file".
Copyright 1999 Bertl <bp@vpnet.at>
(This used to be commit 80d36778432d42eb265ed9428f27a27250ba5e08)
|
|
as they are generic "file line-by-line" reading routines. lines with
"#" at the front are ignored (as comments). this code started out as
the password file reading code.
(This used to be commit ef6df590fdf65a6d94b343998bac3a4d48ae07e0)
|
|
anyway!)
(This used to be commit 91d5bda9ad22c922a918f0942dcbff04202b9991)
|
|
found by Bertl <bs@vpnet.at>
(This used to be commit 389c17a225884b39d097dc0851a794d3669fdc31)
|
|
(This used to be commit baab30815238a803badeafa1ed8f029d7782242f)
|
|
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
|
|
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.
Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
(This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
|
|
(This used to be commit 899fc053c50448db65092d9f25fea99433cfb29f)
|
|
next problem: user group adding not supported so an "access denied"
message is reported instead of "ok" when a new user is created.
(This used to be commit f5f61bd477b4910cb90675c926381342c30a5b16)
|
|
used to add workstation to domain. unix account db not modified: only
SAM password db is used.
(This used to be commit 129a9a4d4b74897ed753a697a3aed9b194c25568)
|
|
----------------------------
- removed DOM_RID4
- removed SAMR_UNKNOWN_32
- added SAMR_SET_USERINFO (opcode 0x32)
- added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user)
- fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- added mod_sam21pwd_entry()
- preparing to call mod_sam21pwd_entry()
- added "user session key" to user_struct.dc. this is md4(nt#) and is
needed to decode user's clear-text passwords in SAMR_SET_USERINFO.
- split code out in chgpasswd.c to decode 516 byte password buffers.
(This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
|
|
should instead have &&.
(This used to be commit 1143fd4297b946d4ffd3c6ca104188cdcb48fac8)
|
|
(This used to be commit 65b0abe8b7594ff6c662da86dc2e35bd83a2d13d)
|
|
(This used to be commit 5b1d0789007bfcb09326643eb271746cee386846)
|
|
using smbpasswd command.
(This used to be commit 62d499f83256c6e8b3308dc4bd8e9f5df873b14b)
|
|
results in garbage. with no password length argument doing dump_data(
100, password, strlen(password)) is the next best alternative.
(This used to be commit 073c8652c13408b883fc73203e5558b1a9a64d62)
|
|
(This used to be commit 167b0b20e33bef4af5deaff961937dd5fadf481d)
|
|
(This used to be commit eb63fbdb68f1189593e68272e05d7ebf76652c4c)
|
|
resolved.
(This used to be commit d59a2e669aed7ee33fdca8b8ec126b1c0a984981)
|
|
Copyright (C) Benjamin Kuit <bj@mcs.uts.edu.au> 1999.
(This used to be commit fdf61e1dabc2c977ee5cf1e9d60e3380f19840da)
|
|
pwdb_sam_map_names() was using a "blank" static string instead of
a NULL pointer for nt names. NULL means over-ride, so the nt name
got left as "blank".
this causes nt clients to terminate with extreme prejudice.
(This used to be commit ddd350198202d6a1d2c715b3dce7db3a5d76a63a)
|
|
to resolution of unix name to nt name being unnecessarily _inside_
another loop.
(This used to be commit d455c9d2c9f60289d78d0331228f5922152070bf)
|
|
endlessly repeating a network SAMLOGON (hoping it to change, hmmm...).
( Guess what I found in pwdb_init_sam...
unix_to_nt_time(&user->logon_time, (time_t)-1);
unix_to_nt_time(&user->logoff_time, (time_t)-1);
unix_to_nt_time(&user->kickoff_time, (time_t)-1);
... )
(This used to be commit e9c79c85e6d1352693ab13e907b07d4706975891)
|
|
* Added new APIs for modifying groups.
* RIDs are allocated similarly to NT, starting from 1000 and incrementing by 1
for each new user/group.
* RIDs are now consistently in hex
* Fixed bugs reported by Allan Bjorklund <allan@umich.edu>:
- ldap_close_connection is exported by OpenLDAP - changed to ldap_disconnect
- Missing ldap_connect() in getusergroups functions
- ldap_next_entry was being called too early while retrieving a sam_struct
- LDAP globals should be extern in sampassldap.c
* Fixed bugs reported by Martin Hofbauer <mh@bacher.at>
- Newly added workstation trust accounts had attributes DU rather than W.
- User dn's were forced to start with "uid=XX" rather than using the existing
dn.
(This used to be commit 91c77f5432169553572bb4d85ad5f09d17524f20)
|
|
change it now?" message when you login to a Samba Controlled domain.
The fix is a hard coded 42 days from right now until you need to
change you pasword again time (see passdb/sampassdb.c:pwdb_smb_to_sam())
Also fixed getsmbfilepwent() so that it will read in the last password
change time correctly.
* Related to this lib/util_pwdb.c:StrnCaseCmp() returns 0 if the
strings match. Chouldn't this be the pther way? Oh well. I
didn't change the return code as it was used in several
other cases (see lib/util_pwdb.c:pwdb_get_last_set_time())
(This used to be commit 175e598dccd042c0f8b045db45fbe3ae928a7387)
|
|
(This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226)
|
|
(This used to be commit f4b8a283065a7c1ae233a0ae01ac76f32fea6b31)
|
|
(This used to be commit f36cf3b6a70d0a91bce923ab51780d20d69e3bd6)
|
|
(This used to be commit f11eb4165836ce8d15a453d37c4e07913562d778)
|
|
(This used to be commit 2bc031e8fafeafdc58c6a8056597b647d00657ae)
|
|
of a private/smbpasswd file, this will not be the case for other
database APIs. removed startsmbdb and endsmbpwdb calls because
add_smbpwd_entry() and mod_smbpwd_entry() don't need them.
(This used to be commit 8b36c7c08ffa408506c35219e6453a595cbc3a4f)
|
|
(This used to be commit 2c438c86cbb38833b3abd4fbead6324687633b25)
|
|
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.
might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...
issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.
noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
|
|
a call _outside_ of this was _also_ calling getpwnam. the calls to
getsmbpwnam() were therefore overwriting the static buffer.
(This used to be commit c5ba5fa6feab2884a23b8bcb5dcb349ee1a7c139)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
added their replacements, added sam password database API modules
(This used to be commit b1d1c1337c69c6f6bf25ab932a1a6a757e3ea2ae)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
would only be a domain group rid. it can also be a local group rid,
which causes us problems in attempting to turn a unix gid into the
correct rid (domain group or local group).
sooo.... the fix is _in_ there, we just can't use it because it causes
link / knock-on problems in nmbd.
(This used to be commit e4ee6538709c33000774eb1676608f2dd67d5a30)
|
|
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
|
|
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
|
|
(This used to be commit 90a24664318da97a6e8cfe4622a8573c0e3cbe5e)
|
|
(This used to be commit 06b9100c1c1590bad392a8d9bdd79a6c554a3cac)
|
|
(This used to be commit 6de2b03d1c6714d63c6dbe7a417fb442e95ee0d9)
|
|
(This used to be commit b67d66a1e9d879cd5960380c94422c0af8dedaad)
|
|
(This used to be commit 30b3f339f8d55c2d3a4cbc380b7f12eb040bf381)
|
