Age | Commit message (Collapse) | Author | Files | Lines |
|
make a new sam_Account contain our domain by default, windows will complain
on logon otherwise.
fix stupid typo in idmap_util.c
(This used to be commit 21701876dc6c59ebfc51be708a98226a00a764e0)
|
|
correctly handle allocated rids in tdbsam
(This used to be commit 7ae6162e1dd668897628c4f7edff508616644d21)
|
|
(This used to be commit 568feee8977ee1be210344c8ab1896512894cba2)
|
|
plus internal fixes
1st stage
(This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
|
|
metze)
(This used to be commit 3895571eeef81db7ce4c71e85b0be5c235b16efd)
|
|
few fixes to *id_to_*id functions, we don't set the mapping for algoritmic
RIDs, they are resolved in the classic way
eliminate getpw* calls from tdbsam
(This used to be commit 6a7689cf74cd4d5f29e0b12f4bf8ac3051d49157)
|
|
(This used to be commit 1915ab7b95b2baade0f4293d5a7a96003888d1c9)
|
|
SAM_ACCOUNT does not have anymore uid and gid fields
all the code that used them has been fixed to use the proper idmap calls
fix to idmap_tdb for first time idmap.tdb initialization.
auth_serversupplied_info structure has now an uid and gid field
few other fixes to make the system behave correctly with idmap
tested only with tdbsam, but smbpasswd and nisplus should be ok
have not tested ldap !
(This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
|
|
set one - new accounts -> domain users, unless otherwise specified.
This moves that logic from pdb_set_sam_sids() into pdb_init_sam_new(), which
is called by all the 'new account' creators. (pdb_set_sam_sids() now only
deals with the mapping from an existing account)
Andrew Bartlett
(This used to be commit 2c7b3d9fd5bb327bdbd34ec27b36eb59cbc481af)
|
|
(This used to be commit 63cf5637c16dc770f0ab2f73ff00577c7cd426ee)
|
|
his IDMAP work.
This version also works properly (the HEAD version had suffered from bitrot),
and should be a good basis to change into the new IDMAP rules.
It also includes UTF8 conversions.
Included also are the schema changes, and a note about the now very old scripts
in examples/LDAP (they don't work for this, or even the previous schema).
Andrew Bartlett
(This used to be commit 38a8f2b23a12f6a964d447f7904dd722a1ca046c)
|
|
of sync-up for the rpc_server/srv_samr_nt.c
Andrew Bartlett
(This used to be commit 3c867aedd9abc29389f5d049dbc94ada6738d1b0)
|
|
(This used to be commit a4056e2cae21e1f7e1aac1414bfa4158947fbfc7)
|
|
reverted user making function, did not pass the abartlet test :-)
idmap is now fully integrated, we only miss user creation and removal of uid
and gid from SAM_ACCOUNT
(This used to be commit 67af8c26586c4829166795813a373bf9be27b753)
|
|
(This used to be commit 74826e7ebb62ab09df68bb00fbd6097852ec5b6d)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
|
|
(This used to be commit c7f06f3a480feb1c7b1a44d16c05e1c238800b15)
|
|
(This used to be commit 5e4e6a6ed08f1b4fe97bbd91f983039143cc9939)
|
|
(This used to be commit 09eb02cba0747ae47aa4a76f4fac69af293a774a)
|
|
(This used to be commit b2d9d450493f6fc0ceb94dd0007cedf56371bb4b)
|
|
in 3_0
(This used to be commit 9b969f877f8057930fb53da99ee8a0574b4f5531)
|
|
(This used to be commit d501946ef6e417b9d3fa4b492dd20991e3e56baf)
|
|
(This used to be commit 9822af500cf36e83fce54e49a062a8847d1c5431)
|
|
places where it was used, this caused me segfaults in the last week :(
add more debugging in idmap to chase down a problem
(This used to be commit 6393105bda12fb3f6211e4f0128aabf588431b49)
|
|
(This used to be commit 87f491d6a63e0818ada4ed21dd1f4905b20f846c)
|
|
Andrew Bartlett
(This used to be commit c98bbc750773f7c49dbb1e69a5936f52416dd51c)
|
|
workstation, we have to use the workstation type, if we have a BDC account,
we must use the BDC type - even if we are pretending to be a workstation
at the moment.
Also actually store and retreive the last change time, so we can do
periodic password changes again (for RPC at least).
And finally, a couple of minor fixes to 'net'.
Andrew Bartlett
(This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
|
|
(This used to be commit 84b116f9c007c0f933af82462dff4324ffa53f0f)
|
|
(This used to be commit 0509cbc59174354b7c57206a07f7bd222cc87db4)
|
|
(This used to be commit febd966b10b23238c93444256b8ad30b50b20ef8)
|
|
This patch moves the ldap routines out of passdb into a generic
library and implements an LDAP backend for IDMAP. THe backend
can be enabled with "idmap backend = ldap" in smb.conf. THere
are also schema changes to make sure to update teh ldap schema files.
(This used to be commit 87c7c582c60521da3a93d997386fe79935012aea)
|
|
(This used to be commit 674d0ca5d84b64be395fbeff773c8dd8aeb1518c)
|
|
Andrew Bartlett
C VS: ----------------------------------------------------------------------
(This used to be commit d84a3fc522a588bdcd36cb86df304572947a456a)
|
|
are handled, though we assume that always everything needs to
be updated in LDAP. PDB_IS_* is not done yet for groups.
Do we need it?
Volker
(This used to be commit 409a26282f8fcbd583a85df40c70b504eac26f6e)
|
|
- Make passdb work with absolute paths (passdb backend = /path/to/smbpasswd.so works now). vfs, rpc and charset will follow
(This used to be commit 794d3ed03619a4e41558d9ff65783a1aa1b2be90)
|
|
Andrew Bartlett
(This used to be commit 5dc29b10b08658178133aee7b4c47197fadc533a)
|
|
easier to understand by moving the logic for init_ldap_from_sam
and friends around.
Volker
(This used to be commit 124c80facba364033f72b20660f347390effba59)
|
|
hand can be somewhat error-prone..
Volker
(This used to be commit 12fabd07148c21f5481cb750f1cfdab2e8112e4b)
|
|
are 'SET' when adding the account.
I really don't like passing flags down to inner routines and
complicated if/else conditions, but this time he might be right. ;-)
Volker
(This used to be commit 80d2578108da14f60133df3a308b867beb27e920)
|
|
for the 'ldap del only sam attr' functionality. So
we are compatiple to the current SuSE patches as well
as to TNG... ;-)
Volker
(This used to be commit 353309e2a3bc27e918bd0a6cf22833d57895fbc8)
|
|
> Hi Volker,
>
> if 'displayName' is not available we should fallback to 'cn' for map->nt_name
> 'cn' is used as unix group name by nss_ldap.
>
> and if nt_name is not available we should fail (so does this patch)
Volker
(This used to be commit 3a7d1e72e208b9609da4ff65d9fff9179799ecac)
|
|
(This used to be commit 0efa773bac4b9fe2f79265413c32fecce55cc369)
|
|
This repairs domain join with fully existing wks-account which I broke
with my last patch...
Volker
(This used to be commit 582a34efbe3c1570b852c93318ff6002954ddf6a)
|
|
anymore, but instead look at what is currently stored in the
database. Then we explicitly delete the existing attribute and add the
new value if it is not NULL or "". This way we can handle appearing
and disappearing attributes quite nicely.
This currently breaks pdbedit -o, as this does not set the CHANGED
flag on the SAM_ACCOUNT.
Jelmer suggested that we set all the fields on CHANGED in
context_add_sam_account. This sounds not too unreasonable.
Volker
(This used to be commit f7149cf500d2b10ee72163c018a39fdd192d7632)
|
|
when setting the password.
Andrew Bartlett
(This used to be commit 552198b9e149c41f8cb2f976421ef030eac6fba6)
|
|
(This used to be commit 1002b0bbff295548b74580dbb0dc0c76474af23b)
|
|
(This used to be commit 44e9bf88cc2bbb2aa34711354258c3abb319cb9b)
|
|
(This used to be commit 5c6f5bef30db62f351d83ecdd6aa6990a567d842)
|
|
when debugging pdc stuff...
Volker
(This used to be commit e1c275a66aa8a0fe29c61f4742fed5953671cb43)
|
|
Volker
(This used to be commit e8725913f9f174c03683a35bbce16ee33ab4c707)
|