Age | Commit message (Collapse) | Author | Files | Lines |
|
When we set a domain sid, force get_global_sam_sid() to do it's work again.
This should ensure that the value it returns is always consistant.
Andrew Bartlett
(This used to be commit fb13c61d4eee943e44632a0d1ba57b19602d67a4)
|
|
Add static, and assert that we will never overflow the static fstring
in pdb_encode_acct_ctrl() (All current callers are fine)
Andrew Bartlett
(This used to be commit badf7f64fb38dfd40bdf65b19e9dd8932d5e6c3b)
|
|
Make more functions static, and remove duplication in the use of functions
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c
(These should perhaps be pulled back out to smbpasswd.c, but that can occour
later).
This also includes some >14 character password changes, and the start
of a move away from using 'admin user' to determine if the user is
root (as root can login without setting 'admin user').
Andrew Bartlett
(This used to be commit be0704abb919152c359a735023283acbf9be3076)
|
|
I should have done this years ago...
This adds the very simple 'admin set password' capability to 'net rpc',
much as we have it for 'net ads'.
Andrew Bartlett
(This used to be commit 5243b89e33efd2ea8842a624d8abd6c5755afb64)
|
|
If we are setting the NT or LM password to NULL, remove the attribute
rather than writing XXXXX
Andrew Bartlett
(This used to be commit 2ae9672f811c91c95ee2ddfd4b0dcc6b0f4fa192)
|
|
ACB_PWNOTREQ bit set
(This used to be commit 6c4de7198b94a8cea176e1c9d86deb65705f9058)
|
|
(This used to be commit 63206b1204bd532bf99912cd4312baf7d69db1f6)
|
|
(This used to be commit 77335cc5bce46ab3498f9401099f110b0e5506c1)
|
|
(This used to be commit 4840b25dbd4d2eafc010389a711d42862d5fb0f0)
|
|
(This used to be commit c5634e0b713e594a32522df7a76c36639f772ed5)
|
|
meaning of fields_present bit mask. Also avoid it being saved in backends (0
is saved where removing the unit32 would have produced a format change).
Also add support in samr functions to correctly interpret the flags.
Flags still not set properly (eg. still set all flags 0xffffff as previous
code), need a tool to test this properly (I',ve done preliminary tests with
samba4 rpc torture and it seem to work properly against w2k).
2. Patch for handlig the flag user must change password at next logon
in usrmgr based on Jianliang Lu <j.lu@tiesse.com> patch
(This used to be commit 78975e9483e64412e436c5dbfe2b71e20b79de29)
|
|
rafal
(This used to be commit a284082716bf63569e5921eb33b1ecd1a9b4810d)
|
|
rafal
(This used to be commit 2d2c36cc3f691f31506fbd97e74cf225a2ef85c5)
|
|
from passdb backend level (tdbsam, in this case).
It is written as wrapper for secrets_ calls that use secrets.tdb file
and is not treated as eventual solution. Trust passwords are being
handled uniformly, SAM_TRUST_PASSWD structure, and so they should be
stored as well.
Note, this code is disabled ie. not used anywhere yet. I'm working
on next routines in line.
rafal
(This used to be commit 02ac9332ab1d34f47667b40ce23b2b5d04c4dff1)
|
|
rafal
(This used to be commit 336720416abd1f6d62f9a6748ae6a0454976c9d4)
|
|
(This used to be commit c98399e3c9d74e19b7c9d806ca8028b48866931e)
|
|
rafal
(This used to be commit f912d8c3403071582f776886f9793e3289b285b6)
|
|
rafal
(This used to be commit 4a2bd4de3f5a99bc19013a2878659e8686606e30)
|
|
backend-independent part ie. interface - does build and (it seems)
doesn't break anything else.
rafal
(This used to be commit 9ce6dc6476202d9db6ea1c2deab93e454e4db546)
|
|
(This used to be commit 4c877ccc16bcb69490c4d34d2ef5f727bf98438e)
|
|
JHT came up with a nasty (broken) torture case in preparing examples for
his book.
This prompted me to look at the code that reads the unix group list. This
code did a lot of name -> uid -> name -> sid translations, which caused
problems. Instead, we now do just name -> sid
I also cleaned up some interfaces, and client tools.
Andrew Bartlett
(This used to be commit cc535a6c70d8dcf677322e31b24dec58b23d80f0)
|
|
Check the return value of string_to_sid in a few more places. (But
string_to_sid also needs to be less permissive on what it thinks are
valid sids...)
Andrew Bartlett
(This used to be commit 74ea8682e4b5c78f456cc9284e953e35e4146a8b)
|
|
Show the error message for failure to set the ldap password.
(For 'ldap password sync = yes')
Andrew Bartlett
(This used to be commit ef5d2309c2252c9d6111738075f863b69b616722)
|
|
(This used to be commit 61cbd5c9be1962d0c33c28ff472a2f82d3aa2a80)
|
|
(This used to be commit 426a02cf678236f902c143b56eaaf854fca2237f)
|
|
group.
Jeremy.
(This used to be commit 72174634aa26c01431ccf85331aaa8b51e70c8ff)
|
|
<appro@fy.chalmers.se>
(This used to be commit ca21dd3bb682700d628e9fc1aeedd1594cda3094)
|
|
(This used to be commit 975ac6f5aa4d8d709733757e4e003f3c551fc9ba)
|
|
(This used to be commit acf9eae7b0c95776358292c3463951477575bcc6)
|
|
(This used to be commit 818bba4b796440453e5911369adf5bd147e9b961)
|
|
(This used to be commit 1bb2281e177d1f312c0c3c117c5b0dcabe57125b)
|
|
(This used to be commit c4ce92e80688fe7fd4b2fde2c31e94baf3e4dca0)
|
|
(not /etc/group) even when doing local aliases
* remove "hide local users" parameter; we have this
behavior built into 3.0
(This used to be commit 3b75e862dfba42c95e2279c300c06bb981f52993)
|
|
(This used to be commit 89a8c607af4ca67fcefe285480f7c9b832f6720c)
|
|
source/passdb/pdb_get_set.c:
I agree with vl's #if 0 here, and am not quite sure what I was
thinking with regard to the original code.
Let's keep samba simple, and just remove it.
source/rpc_server/srv_netlog_nt.c:
Remove compleatly wrong comments. (There were correct, 2 years ago...)
source/intl/lang_tdb.c:
Add newline to debug message
Andrew Bartlett
(This used to be commit 2a8dbe03690b60f3d9c83de3cf6ce873aa0657bc)
|
|
* revert the change that prevent the guest
account from being added to a passdb backend
since it broke the build farm.
* apply patch from Alex Deiter to fix the
"smbldap_open: cannot access when not root
error" messages when looking up group
information (bug 281)
(This used to be commit 20bd309239199d85accb2b7aac6d4dd73e414f85)
|
|
UNIX entity foo to DOMAIN\foo instead of SERVER\foo
on members of a Samba domain when all UNIX accounts
are shared via NIS, et. al.
* allow winbindd to match local accounts to domain SID
when 'winbind trusted domains only = yes'
* remove code in idmap_ldap that searches the user
suffix and group suffix. It's not needed and
provides inconsistent functionality from the tdb backend.
This has been tested. I'm still waiting on some more feedback
but This needs to be in 3.0.1pre2 for widespread use.
(This used to be commit cac4723e206bd001882011c9e12327064d032268)
|
|
(This used to be commit 1e461f06ec492dc3f139165932c3518a6dd416f9)
|
|
(This used to be commit 7a60693a47823c2a174886ad44e7af102440ba4d)
|
|
Adds support for an additional field (uint32) which represents the
lockout duration. I think this should be stored as an abolute
UNIX time_t that specifies when the lockout should end - set it
when the lockout is imposed. This new code also updates the on
disk tdb version on load. Being merged into HEAD so Simo can
add any other changes he wants before being back-ported to
SAMBA_3_0.
Jeremy.
(This used to be commit 0eea3f22aba25c1d0a8800bb1725238422cb30eb)
|
|
on "result", don't free result first.
Jeremy.
(This used to be commit 9b24715170c6ca5dd3d5df0675f430852ae6a50d)
|
|
(This used to be commit 9032e6eb2b4c7ed3d0689b95ed318cdf7ec048d7)
|
|
<adegremont@idealx.com>
Jeremy.
(This used to be commit a92555e6060294afcfecc075bfac5c836f150b01)
|
|
This eliminates RPC_UUID. It creates the following struct:
struct uuid
{
uint32 time_low;
uint16 time_mid;
uint16 time_hi_and_version;
uint8 clock_seq[2];
uint8 node[6];
};
which replaces RPC_UUID and various random struct uuid definitions
and a flat version:
#define UUID_FLAT_SIZE 16
typedef struct uuid_flat
{
uint8 info[UUID_FLAT_SIZE];
} UUID_FLAT;
which pretty much looks like GUID (which I will start eliminating).
I want us to use the FLAT one only on the wire (perhaps in files, too?), and
I want it to be obvious to the coder that it is the FLAT version.
This leaves a couple of compiler warnings, where GUID isn't completely
replaced by FLAT_UUID yet...I'll get to those soon.
(This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
|
|
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at
all and I really want to discourage that.
Jeremy.
(This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
|
|
* add server support for DsEnumerateDomainTrusts()
(This used to be commit 06bacf6e3434db5bd09b48f84206441712e69a63)
|
|
(This used to be commit 0ed85e6a2dff0953dbbd5ff4723ef6941ec32850)
|
|
laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.
As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)
Simo.
(This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
|
|
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing)
Andrew Bartlett
(This used to be commit 36ccf922a34127f2eb6b7da590e426544539ab25)
|
|
>Make pdb_ldap.c compile with SUN iPlanet headers. Whether this works will be
>tested soon, but this fix is somewhat obvious.
>
>Volker
(This used to be commit e4551b3d7f85bf39778a1de952eaa370bc3716e3)
|