summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2002-05-17Make --with-ldapsam 'go away'. This is now a standard, stable, featureAndrew Bartlett1-3/+3
and there is no real reason for it to depend on more than the abilty to compile the code. (This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
2002-05-17A few more trusted domains updates from mimir.Andrew Bartlett1-13/+34
I think we may still need to look at our server enumeration code, but other than that, its much better in the tree than out. Andrew Bartlett (This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
2002-04-23Spelling fixes from vanceAndrew Bartlett1-6/+6
(This used to be commit 70c6f5fc6d3ec3121b29d1e46e7fd3933fbcce6b)
2002-04-14Partly based on the work by mimir (Rafal SzczesniakAndrew Bartlett1-9/+127
<mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly enumerate its trusted domains - by exaimining the keys in the secrets.tdb file. This patch has been tested with both NT4 and rpcclient/wbinfo, and adds some extra functionality to talloc and rpc_parse to allow it to deal with already unicode strings. Finally, this cleans up some const warnings that were in net_rpc.c by pushing another dash of const into the rpc client code. Andrew Bartlett (This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296)
2002-04-13Fix the compile-bug in pdb_ldap from my last patch.Andrew Bartlett1-4/+4
Andrew Bartlett (This used to be commit 81eaa7924b7bd3a13d049bce7fe7a16ab9174364)
2002-04-13Better handling of uid/gid -> RID and RID -> uid/gid code.Andrew Bartlett5-78/+67
All uids and gids must create valid RIDs, becouse other code expects this, and can't handle the failure case. (ACL code in particular) Allow admins to adjust the base of the RID algorithm, so avoid clashes with users brought in from NT (for example). Put all the algorithm code back in one place, so that this change is global. Better coping with NULL sid pointers - but it still breaks a lot of stuff. BONUS: manpage entry for new paramater :-) counter based rids for normal users in tdbsam is disabled for the timebeing, idra and I will work out some things here soon I hope. Andrew Bartlett (This used to be commit 5275c94cdf0c64f347d4282f47088d084b1a7ea5)
2002-04-13This is the 'multiple pdb backends' patch from ctrlsoft, aka Jelmer VernooijAndrew Bartlett4-153/+251
<jelmer@nl.linux.org>. This patch also includes major rework of pdbedit to use popt, and the addition of -i paramter (allowing the user to specify which PDBs is being operated on) and -e to export a pdb - useful for backup and testing etc. Use of -i and -e gets us pdb2pdb functionality for transition between backends, much like the sam2sam in TNG. Andrew Bartlett (This used to be commit c10def37f506d3f2bab442418ac08fdb62659b02)
2002-04-11Much better support for both non-algorithic RIDs (where the RID is stored inAndrew Bartlett1-135/+130
the passdb) and RIDs not in the passdb, due to being NIS users etc. The main fix here is to add become_root()/unbecome_root() at critical places. This (finally) fixes the bug where you could not see local users's names in a file's security properties as non-root. Tested. The similar bug in uid_to_sid is also fixed, but is not (yet) Tested. Andrew Bartlett (This used to be commit 79327a305e20d78ab5ca21d01c39b5f49dc0d632)
2002-04-08Fix up major logic reversal flaws in pdb_ldap.Andrew Bartlett1-36/+70
WARNING: if you relied on these logic flaws, you will need to manually edit your ldap backend (for things like account expries etc). Now correctly retunes the information needed for 'must change at next login' support. (This used to be commit 26842f1ac051b030c1295b68244a1f9007d4eefb)
2002-04-05Fixed up admin user / guest user lookup.Jeremy Allison1-5/+8
Jeremy. (This used to be commit 28ef07424f19652fdfa4ee79f1c69e0004fa39fe)
2002-04-04Fixed memory leak in make_pdb_context_name()Tim Potter1-17/+25
Some reformatting and spelling fixes. (This used to be commit a0f7bbad11a0c0f1ecd930626289c5ff493b0f1d)
2002-04-02Fix from Stefan "metze" Metzmacher <metze@metzemix.de> to prevent usJeremy Allison1-0/+5
overwriting an old MACHINE.SID sid. Jeremy. (This used to be commit 896d4fac98460778f72378b084a76d5aab11462e)
2002-03-27Removed HAVE_LIBDL from most places (except system.c). Added checks forJeremy Allison1-12/+0
dlopen & friends into configure.in. This should help building on *BSD where dl*** calls are in libc. Jeremy (This used to be commit ac1baba35d7a399bf800ced49a4384e39955e3eb)
2002-03-23Minor fixes:Andrew Bartlett1-8/+13
- Fix warnings in loadparm.c - Remove the unused 'passdb modules path' paramater - Make pdb_ldap use $ termination rather than the workstation trust account flag becouse some 'machine' accounts appear as normal accounts at creation time. Also covers domains etc. Andrew Bartlett (This used to be commit 8c82a3daf777bcd4cd4388d30222e370fe800819)
2002-03-21Don't leak memory on failure.Andrew Bartlett1-1/+3
(This used to be commit 438f028fc45ee6c5b12fa960beabea4b5fdcff38)
2002-03-21Make sure to initaliase SAM_ACCOUNT pointers to NULL, otherwise pdb_init_sam()Andrew Bartlett1-3/+3
fails. Andrew Bartlett (This used to be commit 56009ffbaa00259d15f286248a7ab73c55371819)
2002-03-20Make ldapsam compile again.Andrew Bartlett1-20/+0
(This used to be commit 520c8626dc238a1e338635981d1b41950f2219b6)
2002-03-20Allow a zero rid in pdb_smbpasswd. When given a zero rid the pdb backendAndrew Bartlett1-1/+3
should chose the next available RID. For smbpasswd it just means using the algorithm, but other backends can do somthing more useful. Andrew Bartlett (This used to be commit 0f0f87e6c31b468368c5a4729db892622e616cac)
2002-03-19second step to gain free uid<->rid mappingSimo Sorce6-148/+117
we still need to free gid<->rid mapping and few other stuff (This used to be commit aa4b6f8181f34196a28951264dd8b631a5deef7f)
2002-03-18more verbose checking in talloc and util_pwSimo Sorce2-39/+60
fixed tdbsam memory corruption (and segfault) reducing calls to pdb_uid_to_user_rid and countrary to 0 to move to a non alghoritmic rid allocation with some passdb modules. (This used to be commit 9836af7cd623357feaec07bc49cfb78f0aa01fc3)
2002-03-18Start to switch away from the alghorithmic uid->rid mapping modelSimo Sorce5-29/+179
(This used to be commit 724390a8daabbecd236960562e0a50f62c6904f1)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-1/+1
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-13I don't need my name on this twice :-)Andrew Bartlett1-1/+0
(This used to be commit 764b99a3906d6299650f984860a586f37b18326d)
2002-03-13Remove a stub function I forgot to fill in.Jeremy Allison1-6/+0
Jeremy. (This used to be commit d08cbcbc5d4fc3ec9554145de6b0b0a64dfbb8d1)
2002-03-12Removed unused var.Jeremy Allison1-1/+0
Jeremy. (This used to be commit 45bf5f6c050bbe69209a5c80141ef8e54354f5ea)
2002-03-12Ensure, if we're a PDC or BDC, that the SID stored for the domain nameJeremy Allison1-10/+70
and the machine name are identical. Jeremy. (This used to be commit 87e6b08964d13d6613342c9be21871a2e776e2e6)
2002-03-10rewrote the machine sid storage code to store the SID in secrets.tdbAndrew Tridgell1-208/+63
rather than MACHINE.SID. We try to load MACHINE.SID only if we can't fetch the SID from secrets.tdb This also fixes the value of global_sam_sid for the DC/non-DC case (This used to be commit bcd018f07c2e2c0aabdb4574d199d7f5f199a264)
2002-03-10make sure we use consistent keys in secrets.tdb by uppercasing domainAndrew Tridgell1-0/+4
names (This used to be commit 4cb7b6954b96e6964743e65413e122f7b4d39052)
2002-03-07Compile fixes for the pdb nisplus module.Tim Potter1-17/+27
(This used to be commit d4d2f3bd8922aa88f4940e5079f7157ea674b317)
2002-03-06Fix SIGSEGV on error message when trying to add a user to smbpasswd file ↵Jim McDonough1-1/+1
without a unix account. (This used to be commit 2fdd601f2efaf3515f0e4c30fa176651eb4bb387)
2002-03-02This patch merges my private LDAP tree into HEAD.Andrew Bartlett7-281/+692
The main change here is to move ldap into the new pluggable passdb subsystem and to take the LDAP location as a 'location' paramter on the 'passdb backend' line in the smb.conf. This is an LDAP URL, parsed by OpenLDAP where supported, and by hand where it isn't. It also adds the ldap user suffix and ldap machine suffix smb.conf options, so that machines added to the LDAP dir don't get mixed in with people. Non-unix account support is also added. This means that machines don't need to be in /etc/passwd or in nss_ldap's scope. This code has stood up well under my production environment, so it relitivly well tested. I'm commiting this now becouse others have shown interest in using it, and there is no point 'hording' the code :-). Andrew Bartlett (This used to be commit cd5234d7dd7309d88944b83d807c1f1c2ca0460a)
2002-03-02Fix up the trusted domains secrets code so as to have a slight chance ofAndrew Bartlett1-12/+10
working. (This used to be commit 4ecc170dcb84522135ddefb5f424cc756051a6d3)
2002-03-01merge from 2.2Gerald Carter1-2/+7
(This used to be commit 5b28a7c59c392c6352cb8915a13806ca772d8cac)
2002-03-01The beginning of trusted and trusting domain support fromAndrew Bartlett1-3/+89
Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-02-22made the domain secret key in secrets.tdb domain specific. This allowsAndrew Tridgell1-2/+14
you to join a 2nd domain then leave the old domain rather than the other way around (This used to be commit b26b6aef64e1042c9867a13761ded0c3c6f9670f)
2002-02-22Add the pdb_plugin module from Jelmer Vernooij <jelmer@nl.linux.org>.Andrew Bartlett2-3/+76
This allow the user to select 'passdb backend = plugin : /path/to/plugin.so : pluging args' And load any arbitary plugin. Apparently Jelmer has a mysql plugin in the works - hence this patch. We probably need to rework the interface a bit before 3.0 (add versioning of some kind) but this is a good start. Andrew Bartlett (This used to be commit d6d18b70f0c377344b0b3d9df5a11d209793bfe0)
2002-02-01update from 2.2Simo Sorce1-2/+3
(This used to be commit 8bb2a7446ed69020086aaedf2889795dd38ef9d4)
2002-01-30Back out herb's changes (to allow smbpasswd -x to work on accounts outsideAndrew Bartlett1-10/+9
/etc/passwd) and replace them with a version that works. Unfortunetly HEAD and 2.2 have different passdb interfaces and different local_password_change functions... Andrew Bartlett (This used to be commit 86d5326d0dc6a070dfeb24a5306a2b4404bfc0f1)
2002-01-30Removed version number from file header.Tim Potter10-18/+13
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-30merge change from @_2 to allow smbpasswd -x to delete user even if noHerb Lewis1-7/+10
entry in /etc/passwd. There are still differences in the local_password_change function. I'm not sure which was the latest so I didn't change any thing else. Someone needs to take a look and sync these up. (This used to be commit 539b025397e569796f2349d33438c2be469c8c69)
2002-01-26 - Provide sid->name lookup support for non-unix accounts.Andrew Bartlett1-13/+39
- Rework the name -> sid lookup function to always try local lookup first (for local domain names) before trying winbind. This seems to eliminate my winbind feedback loop problems. (I don't use winbind for nsswitch, where there are almost certainly further issues). Andrew Bartlett (This used to be commit 25cadce67bc8effd4248ab993ae78e1d8511d994)
2002-01-26local_lookup_name() doens't acutally use its 'domain' argument, so drop it andAndrew Bartlett1-5/+3
make its use clearer. (This used to be commit d1ea20cc2392f8ba4ac4241f9b5ec14489e49147)
2002-01-26fix typoAndrew Bartlett1-1/+1
(This used to be commit 8ffc024ebc73dee32a9dfc1873e824c996205475)
2002-01-26Add some information tidbits to an error DEBUG().Andrew Bartlett1-1/+1
(This used to be commit 3db417c2ebfda0d5872dee39e36edc4fb6299b9a)
2002-01-25Passdb changes:Andrew Bartlett3-11/+30
Modules now name themselves, which should allow for sane behaviour when we get an 'extern' passdb module (which in turn loads a .so). Fix up tdbsam for non-unix-accounts. Not sure if this fixes idra's bug, but its a start... Andrew Bartlett (This used to be commit 7d576d89d7b4a7b95e87a844568d7d7cd89f0542)
2002-01-23getpwnam -> getpwnam_alloc.Andrew Bartlett3-4/+11
idra has promised not to revert these this time :-) (This used to be commit f556ad67e82518f5a024ffe9184ff9430ab5c541)
2002-01-21getpwnam_alloc -> getpwnamSimo Sorce1-9/+8
same reason as per pdb_tdb.c there isn't (and will never be probably) another call to any getpw* fn, let's use getpwnam_alloc only when needed. (This used to be commit f12361b1327306e6a3fcf8ff138413ad9a6c69a3)
2002-01-21hmm, get it right this time.Simo Sorce1-1/+1
(This used to be commit 57a145bff6b382e6dc9a9af96451175d81462c8d)
2002-01-21fix also the comment.Simo Sorce1-2/+5
(This used to be commit 7f7a15e09a53a03dd423d40201f037f8da049cd7)
2002-01-21replace getpwnam_alloc with plain getpwnam.Simo Sorce1-2/+1
We are not going to reuse any getpw* call, so the extra alloc,copy and free only uses extra memory and extra cpu time for nothing. (This used to be commit 5c0bb0487bec00df494b72b64ddf274f42bfefea)