summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r19579: BUG 4075: patch from Dmitry Butskoy <dmitry@butskoy.name>.Gerald Carter1-2/+4
Allow smbd to use winbindd to lookup uids/gids outside the idmap range if 'winbind trusted domains only = yes' (This used to be commit 5b3ac400a7d51dfc818563189bdf6649b2dc3a52)
2007-10-10r19419: BUG 4109: Patch from Timur Bakeyev. Fix bug causing smbd to turn offGerald Carter1-10/+6
winbindd and fail to disable the _NO_WINBIND environment. (This used to be commit a6366b40b3967853c20ca5399021108f09ffd505)
2007-10-10r19083: Fix objectclassVolker Lendecke1-1/+1
(This used to be commit 6c4d68d84987a88f91bca976a0396dff720043e5)
2007-10-10r19058: Implement "user cannot change password", and complete "user must changeJim McDonough4-77/+36
password at next logon" code. The "password last set time" of zero now means "user must change password", because that's how windows seems to use it. The "can change" and "must change" times are now calculated based on the "last set" time and policies. We use the "can change" field now to indicate that a user cannot change a password by putting MAX_TIME_T in it (so long as "last set" time isn't zero). Based on this, we set the password-can-change bit in the faked secdesc. (This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
2007-10-10r18722: Fix up password change times. The can change and must change times areJim McDonough1-2/+22
calculated based on the last change time, policies, and acb flags. Next step will be to not bother storing them. Right now I'm just trying to get them reported correctly. (This used to be commit fd5761c9e52cbf8f1f7e45e71693598b27ecbf57)
2007-10-10r18703: Fix the annoying effect that happens when nscd is running:Günther Deschner4-0/+18
We usually do not get the results from user/group script modifications immediately. A lot of users do add nscd restart/refresh commands into their scripts to workaround that while we could flush the nscd caches directly using libnscd. Guenther (This used to be commit 7db6ce295afbedfada7b207ad56566d2195a0d21)
2007-10-10r18684: pdb_get_group_sid() has to use the Get_Pwnam_alloc() callGerald Carter1-1/+1
to ensure it finds the Unix user. (This used to be commit 4cea9bfca1b84db31fae6f7a05ff3247a23fd409)
2007-10-10r18654: Rename "struct uuid" => "struct GUID" for consistency.Jelmer Vernooij1-8/+8
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
2007-10-10r18527: Janitor for Jeremy ;-)Volker Lendecke1-12/+12
(This used to be commit d72ba9ed1288e7f498a64c96dd6aa04bda59c8b2)
2007-10-10r18483: Ensure all pdb_XXX calls are wrapped in become_root()/unbecome_root()Jeremy Allison1-5/+32
pairs. Should fix bug #4097. Jeremy. (This used to be commit f787b9d156992e0069860cb1ab829970cb69eb81)
2007-10-10r18313: Nobody said "no" (yet.... gd?), so commit it:Volker Lendecke1-10/+0
Remove the account_policy_migrated() thingy, and make cache_account_policy_set use gencache. Account policies are now handled like groups and users are with respect to "passdb backend". Volker (This used to be commit fa8b2e2a585ab0c00a5fbde7aa790043261caf2e)
2007-10-10r18271: Big change:Gerald Carter5-39/+39
* autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2007-10-10r17971: Disable storing SIDs in the S-1-22-1 and S-1-22-2 domain to the ↵Gerald Carter1-0/+10
SID<->uid/gid cache. FIxes a bug in token creation (This used to be commit fa05708789654a8a34cb4a4068514a0b3d950653)
2007-10-10r17924: Get rid of warnings now that talloc is merged.Volker Lendecke1-3/+1
Destructors now take a pointer to the "real" destroyed object as an argument. Volker (This used to be commit 70edd716ef0ccb218fe18d1233bd30abe46b62bf)
2007-10-10r17831: Attempt to fix the build farm: 0x7fffffffffffffff needs special ↵Volker Lendecke1-1/+1
casing too I think. This broke 'make test' because the newly created user was set to be kicked off Mi, 22 Jan 1975 23:55:33 CET (unix time 159663333) with the setuserinfo21 call. I'm not 100% sure that 0x7ff... means max time as I do it here, I vaguely remember it to mean "don't touch". Does anybody know that for sure? Jeremy, please check this. Thanks, Volker (This used to be commit 872d1299ebffb7b7d696013fc676820f1fa1777c)
2007-10-10r17815: Revert Volker's change in 16014. I really do not believeGerald Carter1-1/+0
the this should be necessary. If there is still a bug, I believe that setting thr group RID from the passdb is masking it. Not fixing it. It is very likely that the change was necessary before but is no longer with the recent changes. But I'm not taking the chance of merging it to 3.0.23c. :-) (This used to be commit 1a5b90f3c1aa5dcaa29a9d62288d9e4dbc596f96)
2007-10-10r17813: Remove another instance of manually setting the group SID.Gerald Carter1-1/+7
The would have been primaryly used when adding a user to an smbpasswd file, but could have been introduce to other backends by using pdbedit -i -e. The symptom was [2006/08/09 13:07:43, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(6276) init_sam_user_info_21A: User nobody has Primary Group SID S-1-22-2-99, which conflicts with the domain sid S-1-5-21-1825997848-4107600307-1754506280. Failing operation. (This used to be commit 0a3aa8b43ace8c635423c2df10827e81d145b58f)
2007-10-10r17709: Fix cut-n-paste error with the name of gid_to_unix_group_sid().Gerald Carter2-2/+2
(This used to be commit dda0b8bce6b7e0146badd8aeb52b5cce6289de21)
2007-10-10r17673: volker's patch for re-adding Getpwnam() lookups to smbpasswd backend ↵Gerald Carter1-5/+1
(I hate username level) (This used to be commit 0939b6e20c6aef7a203c92fb0afa207c9fa779dd)
2007-10-10r17669: Remove RID algorithm support from unmapped users and groupsGerald Carter4-92/+19
when using smbpasswd (This used to be commit dde552336c732ddd6076a6a32575a37cb51aa94c)
2007-10-10r17592: Remove some unused functions pointed out by John E. Malmberg, makeVolker Lendecke1-0/+46
do_file_lock static to pdb_smbpasswd.c, the only user of it. Volker (This used to be commit 543f77a45f0a75ede48b0f2c674a0abdd386fed5)
2007-10-10r17554: CleanupVolker Lendecke4-32/+34
(This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9)
2007-10-10r17468: To minimize the diff later on, pre-commit some changes ↵Volker Lendecke1-9/+12
independently: Change internal mapping.c functions to return NTSTATUS instead of BOOL. Volker (This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a)
2007-10-10r17465: Get rid of add_initial_entry. In the two places it was called in it ↵Volker Lendecke1-5/+7
seemed a bit pointless to me. Volker (This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa)
2007-10-10r17463: A bit of cleanup work:Volker Lendecke3-17/+10
Remove some unused code: pdb_find_alias is not used anymore, and nobody I think has ever used the pdb_nop operations for group mapping. smbpasswd and tdb use the default ones and ldap has its own. Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right now really makes use of it, but it feels wrong to throw away information so early. Volker (This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc)
2007-10-10r17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as anVolker Lendecke3-9/+9
argument. Volker (This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f)
2007-10-10r17407: Don't do strchr_m twice when once will do.Jeremy Allison1-5/+4
Jeremy. (This used to be commit b5f0b1b6447ac3c77558b32d97ce96d357ce15c0)
2007-10-10r17406: We need to do a translation of winbind separator -> '\\' inVolker Lendecke1-1/+18
lookup_name_smbconf, otherwise force user = domain+administrator can not work. Also attempt to fix the 'valid users = domain+group' bug at the same time. Volker (This used to be commit 255475901c13fde29b1b476560d969cc99712767)
2007-10-10r17404: Is this XP (extreme programming)? :-)Volker Lendecke1-3/+3
With lp_workgroup we end up with remote names again... Volker (This used to be commit 250b9f353118bee4c080655f57d09011679deaf7)
2007-10-10r17403: add a helpful debug msgGerald Carter1-0/+3
(This used to be commit 63325b36872c92d9f9fe04a185d7bd3ac525d84c)
2007-10-10r17402: Added lookup_name_smbconf() to be called when lookingJeremy Allison1-0/+50
up names from smb.conf. If the name is unqualified it causes the lookup to be done in WORKGROUP\name, then "Unix [users|groups]"\name rather than searching the domain. Should fix the problems with "force user" selecting a domain user by preference. Jeremy. (This used to be commit 1e1fcb5eb2ac4bd360461b29f85c07dbf460025d)
2007-10-10r17271: Fix a regression in the ldapsam uri syntax.Gerald Carter1-7/+12
Allow multiple LDAP URIs to be grouped by "" (This used to be commit 21d69dcb3c5361f94d15b2d186e1aae6e246a24e)
2007-10-10r17246: BUG 3964: lower case username prior to getpwnam() call in smbpasswdGerald Carter1-1/+5
(This used to be commit dc4fec1f7d196cf7e18d4dd58149853011380ef9)
2007-10-10r17150: MMC User & group plugins fixes:Gerald Carter3-11/+52
* Make sure to lower case all usernames before calling the create, delete, or rename hooks. * Preserve case for usernames in passdb * Flush the getpwnam cache after renaming a user * Add become/unbecome root block in _samr_delete_dom_user() when trying to verify the account's existence. (This used to be commit bbe11b7a950e7d85001f042bbd1ea3bf33ecda7b)
2007-10-10r17075: Even without talloc_steal you can still create memory problems.... ;-)Volker Lendecke1-1/+1
(This used to be commit 03e9924f5c82537ca72c03e3b0f70ea002e76934)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison10-173/+402
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16866: No idea why I did not see the warning, sorry....Volker Lendecke1-1/+1
(This used to be commit 84913caebdb461fed2c94fadfa0039b32a83cb6d)
2007-10-10r16865: This is a proposal to fix bug 3915. Before sending patches around, ↵Volker Lendecke2-2/+7
this is what svn is for. The idea is that we fall back to a pure unix user with S-1-22 SIDs in the token in case anything weird is going on with the 'force user'. Volker (This used to be commit 9ec5ccfe851ac8a1f88b88c8c8461a5cf75b4c57)
2007-10-10r16683: Fix bug #3900 reported by jason@ncac.gwu.edu.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 8c7e40f2a469df34aff0e63270a78e669d240b59)
2007-10-10r16681: Fix bug #3899 reported by jason@ncac.gwu.edu.Jeremy Allison1-5/+0
Jeremy. (This used to be commit 1cd9a0ef834f8062500d1aea6183e147fc5e42f4)
2007-10-10r16678: Fix bug #3898 reported by jason@ncac.gwu.edu.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 5c5ea3152f8dbdfd7717b65e035191ffed3ec548)
2007-10-10r16663: Fix coverity #301, memleak in error path.Jeremy Allison1-1/+1
Jeremy. (This used to be commit dfdb4ce89155dc1528b455252751616cc2c6708c)
2007-10-10r16628: Fix bug #3880, reported by jason@ncac.gwu.eduJeremy Allison2-9/+7
by ensuring we return the correct enum for sid type, not a uint32. Jeremy. (This used to be commit 98a5e20ff4ceacda65dcc0ce5498ed4ffde520f8)
2007-10-10r16624: Fix bug #3877, reported by jason@ncac.gwu.eduJeremy Allison1-2/+1
Jeremy. (This used to be commit 1f52b8b40619679242da663f5e5e7836d547f0a2)
2007-10-10r16593: Make the invarient explicit to Klocwork. Bug #2023.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 720a9172050beb158a25fbb826676ba19cdcef20)
2007-10-10r16582: Fix Klocwork #1997 and all generic class of problemsJeremy Allison1-0/+6
where we don't correctly check the return from memdup. Jeremy. (This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
2007-10-10r16427: Fix bug # 3848. Thanks to Wilco Baan Hofman for testing the release ↵Volker Lendecke1-0/+13
candidate! Volker (This used to be commit adf2dcce09ae29a8c1677b25e1cd5f022b804d01)
2007-10-10r16383: Klocwork #1086. No null deref.Jeremy Allison1-0/+5
Jeremy. (This used to be commit 7b68a2acfc583d1559c02461cab13419185bcd74)
2007-10-10r16381: Now samu can't be null don't check it on set. KlockworkJeremy Allison1-131/+6
related fix. Jeremy. (This used to be commit 2e5a88147826113f78ee0d8845c704692942cebf)
2007-10-10r16360: Fix Klocwork ID 136 520 521 522 523 542 574 575 576 607Volker Lendecke1-0/+12
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749 in net_rpc_audit.c: 754 755 756 in net_rpc_join.c: 757 in net_rpc_registry: 766 767 in net_rpc_samsync.c: 771 773 in net_sam.c: 797 798 Volker (This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)