summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2003-05-27cut-n-paste errorGerald Carter1-1/+1
(This used to be commit eb567e803e2da3ce11174812a5162642d8ef342b)
2003-05-27fix bug 118; replace hard coded 'next[User|Group]Rid' attribute namesGerald Carter1-6/+8
(This used to be commit f7ebb3c9e5d38d86d48459b7962a3da6d4900285)
2003-05-27I'm pretty sure these uint32's should be uid_t's. Can the passdb guysTim Potter2-3/+3
please check this? (This used to be commit af4b1f869a7dca0d24391fb2cefef7e05cca2c04)
2003-05-22fix bug #108; sambaSambaAccount string attributes are case insensitive; ↵Gerald Carter1-2/+5
don't try to change a string that only differs in case (This used to be commit 01ef08352007487040edefcc0b99ca79823cbddf)
2003-05-16Well spotted typo by Marco Berger <MARCOB@voelcker.com>Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit f16b0e025ea3112b4c231b67bc95f63418599f2e)
2003-05-16Fix from Alex Deiter <tiamat@komi.mts.ru>Simo Sorce1-1/+1
Reversed check. (This used to be commit 542ee1d3d6401c4d03770f07cfc907d016e166b4)
2003-05-16add metze's patch for smb_register functionsSimo Sorce1-1/+1
(This used to be commit 1480c7e8c7a84c34181118c449c50ca99fdcbc6b)
2003-05-14readding reverted changes during idmap merge (noticed by Andrew b.)Gerald Carter1-16/+33
(This used to be commit c6d836c61cb3e122dcc41b874ed5a03a130b6a4c)
2003-05-14fix group mapping in LDAP under new schemaGerald Carter1-35/+61
(This used to be commit 0714dda7cc4a1df73e1b9d11daae80a1f46583de)
2003-05-14*****LDAP schema changes*****Gerald Carter1-292/+802
New objectclass named sambaSamAccount which uses attribute prefaced with the phrase 'samba' to prevent future name clashes. Change in functionality of the 'ldap filter' parameter. This always defaults to "(uid=%u)" now and is and'd with the approriate objectclass depending on whether you are using ldapsam_compat or ldapsam conversion script for migrating from sambaAccount to sambaSamAccount will come next. (This used to be commit 998586e65271daa919e47e1206c0007454cbca66)
2003-05-14Fix pointer return bug in get_unix_attributes()Tim Potter1-1/+1
(This used to be commit 7aa54f0a7f3bcfb5d9560ca3bb88e1549b7ce421)
2003-05-14spellingTim Potter2-3/+3
(This used to be commit 865c11275685c85124b506c9bbd2a8bde2e760b9)
2003-05-14spellingTim Potter1-2/+2
(This used to be commit 1b4f904277b5e9331cdf4491163f856aa78d0453)
2003-05-13Restore a number of fixes that idra removed when he merged hisAndrew Bartlett3-10/+4
idmap-and-the-rest from HEAD. These are correctness fixes that were already in 3.0, and a memory leak fix. The pdb_ldap changes are held back at jerry's request (he is also playing with pdb_ldap ATM). Andrew Bartlett (This used to be commit c7d5e336bd91514a02974044742b058be387e490)
2003-05-13Try to fix up some code in pdb_smbpasswd that assumed we still had a 'uid'.Andrew Bartlett1-12/+22
This is to get non-unix accounts going for the build farm. Andrew Bartlett (This used to be commit 3daf7cba2393af768b253c419152ea305204f3d8)
2003-05-12Fix obvious compiler warnings.Jeremy Allison3-3/+0
Jeremy. (This used to be commit 2a6d0c2481c3c34351e57c30a85004babdbf99b0)
2003-05-12And finally IDMAP in 3_0Simo Sorce8-637/+294
We really need idmap_ldap to have a good solution with ldapsam, porting it from the prvious code is beeing made, the code is really simple to do so I am confident it is not a problem to commit this code in. Not committing it would have been worst. I really would have been able to finish also the group code, maybe we can put it into a followin release after 3.0.0 even if it may be an upgrade problem. The code has been tested and seem to work right, more testing is needed for corner cases. Currently winbind pdc (working only for users and not for groups) is disabled as I was not able to make a complete group code replacement that works somewhat in a week (I have a complete patch, but there are bugs) Simo. (This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
2003-05-12fixing typos in debug statementsGerald Carter1-1/+1
(This used to be commit f59bcb51cfe4e268ba43245d401d212aefdf2b72)
2003-05-11As discussed on samba-technical - move to 'primaryGroupSid' insted ofAndrew Bartlett1-17/+45
primaryGroupID (rid). This is consistant with the move from 'rid' to ntSid for the primary user identifier. Also cope with legacy installations where primaryGroupID might have been stored as 0. Andrew Bartlett (This used to be commit 0e432817cb927b41af7b49fb0b5081ffdb46f85e)
2003-05-11Using /dev/urandom for determining an ldap server backoff is a waste of systemAndrew Bartlett1-2/+6
entropy - use sys_random() instead. Andrew Bartlett (This used to be commit 640462a365235aa7ce6f817778f022530a25d909)
2003-05-10Reverse previous patch from Stefan and me after comments by Andrew BartlettJelmer Vernooij1-2/+2
(This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e)
2003-05-10Patch from metze and me that adds dummy smb_register_*() functions soJelmer Vernooij1-2/+2
that is now possible to, for example, load a module which contains an auth method into a binary without the auth/ subsystem built in. (This used to be commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d)
2003-05-10Fix typo.John Terpstra1-1/+1
(This used to be commit 7bec28f23c5bef8516e798a0808585ed1a30517e)
2003-05-07Fix irritating typo - non arg functions should be fn(void).Jeremy Allison1-1/+1
Jeremy. (This used to be commit 395dfd196cf4bcd432a4895d3dd09fefd46cd6d8)
2003-05-07Set our 'global sam name' in one place. For domain controllers, this isAndrew Bartlett3-8/+10
lp_workgroup(), for all other server this is global_myname(). This is the name of the domain for accounts on *this* system, and getting this wrong caused interesting bugs with 'take ownership' on member servers and standalone servers at Snap. (They lookup the username that they got, then convert that to a SID - but becouse the domain out of the smbpasswd entry was wrong, we would fail the lookup). Andrew Bartlett (This used to be commit 5fc78eba20411f3f5a8ccadfcba5c4ab73180dba)
2003-04-30Make the version numbers ints (patch from metze)Jelmer Vernooij2-3/+3
(This used to be commit dbe36b4c43dceddea9f14161c6cf7b34709287c8)
2003-04-29Use a common function to create the SAM_ACCOUNT being used to add accountsAndrew Bartlett1-25/+36
to the system. This means that we always run Get_Pwnam(), and can never add FOO when foo exists on the system (the idea is to instead add foo into the passdb, using it's full name, RID etc). Andrew Bartlett (This used to be commit bb79b127e02cefae13c822fd0fd165f1f214b740)
2003-04-29don't implement any group mapping functions in the guest sam moduleGerald Carter1-0/+11
(This used to be commit a354bf4b7eadec3e6aa5f5547b58c7856fda3471)
2003-04-28Use NTSTATUS as return value for smb_register_*() functions and init_module()Jelmer Vernooij8-26/+36
function. Patch by metze with some minor modifications. (This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
2003-04-28The caller must always set the RID on the SAM_ACCOUNT, so don't try and guessAndrew Bartlett1-3/+1
it from the UID. Andrew Bartlett (This used to be commit cdc1d0505107d05d784693d321b24208a386d4f0)
2003-04-28The RID must be 'SET', not 'DEFAULT' or we won't set it into LDAP, and tryAndrew Bartlett1-2/+2
to make it up from the algorithm... Andrew Bartlett (This used to be commit 0d8e4066a3bfbe89b464a90fc9f16a7dd1539573)
2003-04-28Guenther Deschner <gd@suse.de> notes that I missed out setting the defaultAndrew Bartlett1-1/+3
for the 'normal' case (not --with-ldapsam). Andrew Bartlett (This used to be commit ebe5c618189391e6adf27e565a5821f8d47c8c7d)
2003-04-28A new pdb_ldap!Andrew Bartlett3-276/+722
This patch removes 'non unix account range' (same as idra's change in HEAD), and uses the winbind uid range instead. More importanly, this patch changes the LDAP schema to use 'ntSid' instead of 'rid' as the primary attribute. This makes it in common with the group mapping code, and should allow it to be used closely with a future idmap_ldap. Existing installations can use the existing functionality by using the ldapsam_compat backend, and users who compile with --with-ldapsam will get this by default. More importantly, this patch adds a 'sambaDomain' object to our schema - which contains 2 'next rid' attributes, the domain name and the domain sid. Yes, there are *2* next rid attributes. The problem is that we don't 'own' the entire RID space - we can only allocate RIDs that could be 'algorithmic' RIDs. Therefore, we use the fact that UIDs in 'winbind uid' range will be mapped by IDMAP, not the algorithm. Andrew Bartlett (This used to be commit 3e07406ade81e136f67439d4f8fd7fe1dbb6db14)
2003-04-28Merge of a debuglevel downgrade from HEAD.Tim Potter1-2/+2
(This used to be commit d17e04e82b77256f10f4bdf4442dac6d30e197b5)
2003-04-28Fix number of arguments to asprintf()Jelmer Vernooij1-1/+1
(This used to be commit 42e76c312333c6e5b8feb2d687e3355235b0d4a0)
2003-04-28Make some more functions staticJelmer Vernooij1-3/+3
(This used to be commit ddd2e65586ff47daf4f63e9928413cc05bf5db85)
2003-04-26Remove the unpopular pdb_unix, which has served it's time well.Andrew Bartlett1-131/+0
Also get charset 'werid' for both --enable-developer options in configure. Andrew Bartlett (This used to be commit 2a99e77e91cd214296f12b0aaf30c3c51d5a2c0a)
2003-04-26After a quick run with the 'weird' charset, squash a few bugs in our newAndrew Bartlett1-5/+12
'UF8-safe' LDAP code. I hope I've caught all the places where we were pushing strings into or out of LDAP now. Andrew Bartlett (This used to be commit 70bf7a5f71f71aeb5338723d1f5b32a89d5c4f91)
2003-04-25Based on a patch by Alex Deiter <tiamat@komi.mts.ru>, make sure that we convertAndrew Bartlett1-20/+69
to and from UTF8 when talking to our LDAP server in pdb_ldap. Andrew Bartlett (This used to be commit 759ba40b12a28caea87c0d8b3baea8bb69c92c89)
2003-04-24Don't store UID or GIDJelmer Vernooij2-48/+13
(This used to be commit a986076a743fad31efac664fc16337e2d1165917)
2003-04-24- Get rid of module_path_get_name()Jelmer Vernooij1-11/+6
- Use find backend function to find duplicates - declare static function before using it (This used to be commit ad5ebd4f2065425a9edffc753c0f0414fd6f98d4)
2003-04-24Patch from Stephan Metzmacher to add default arguments to lp_parm() smb.confJelmer Vernooij2-96/+34
parameters. Does not break binary compatibility with older modules. (This used to be commit 147c4d56d873a20a49194c5b036a3694299b1b48)
2003-04-23This define does not always seem to be present, so define it if need be.Andrew Bartlett1-0/+4
Andrew Bartlett (This used to be commit 007143e2435904d941a62934986ac54e343f4936)
2003-04-23- Merge a memory leak fix from HEADAndrew Bartlett1-11/+16
- change update behaviour for new RIDs: - store the new RID into the SAM_ACCOUNT, so that the caller get's it back automaticly - use this to make the code paths simpiler for the normal 'need_update' code. We must always store a RID if we intend to use the sambaAccount objectClass Andrew Bartlett (This used to be commit 5edeee5116b9c775a1bded1d53cb2b22c7a2765f)
2003-04-23Merge idra's fix for pdb_tdb segfaults from HEAD to 3.0 - sombody changedAndrew Bartlett1-3/+7
unix_strlower semantics. Andrew Bartlett (This used to be commit 93bdd1a2925edb9dea3e85d8b025a65460896c05)
2003-04-22Remove ldapsam_search_one_user_by_uid from pdb_ldap.Andrew Bartlett2-68/+22
sambaAccount requires the rid to be present, and doing this fallback is quite dangerous, becouse it assumes that alorithmic RIDs are in use - which is quite often not the case. Also finish of vl's work on 'use a function pointer, not embedded logic' to tell lower levels that they should/should not attempt to set the user's password into LDAP with the extended operation. Andrew Bartlett (This used to be commit 715d0bd804b6bff4c0b365f98ca196d41ed9c5c4)
2003-04-22This is meant to be initialised to the size of the buffer.Andrew Bartlett1-1/+1
(This used to be commit ca489db7d3d4713401da3627b563af3cbef82c58)
2003-04-22Make pdb_ldap use a random factor in deciding how long we need to sleep.Andrew Bartlett1-7/+22
This might help avoid killing the ldap server when all 100 smbd processes reconnect in pulses... Also, reduces the maximum wait time, as SMB clients will time out after 30 seconds anyway... Andrew Bartlett (This used to be commit 08c5aaae6a92d6ee14f9bf8e3330191718e84edf)
2003-04-22Merge mimir's trusted domain code from HEAD -> 3.0, plus some memoryAndrew Bartlett1-37/+55
leak fixes. (secrets.c portion) Andrew Bartlett (This used to be commit 3ea8fdd0361623b38f30f0b815dc4935e2e17447)
2003-04-21Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett2-16/+101
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)