summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r12245: eDirectory returns LDAP_UNWILLING_TO_PERFORM if theJeremy Allison1-0/+9
account is disabled. If we get this we can't check the password so have to tell the client the account was disabled. Jeremy. (This used to be commit 43c2d545ab98fef341c7e22d3b82c98bd0afebc2)
2007-10-10r12163: Change lookup_sid and lookup_name to return const char * instead of ↵Volker Lendecke5-66/+73
char *, use a temporary talloc_ctx for clarity. Volker (This used to be commit b15815c804bf3e558ed6357b5e9a6e3e0fac777f)
2007-10-10r12129: Fix uninitialized variables.Volker Lendecke1-1/+1
Volker (This used to be commit 8a7d6eb2c081c0d74b62aa76dc243946df62ced2)
2007-10-10r12051: Merge across the lookup_name and lookup_sid work. Lets see how the ↵Volker Lendecke8-404/+769
build farm reacts :-) Volker (This used to be commit 9f99d04a54588cd9d1a1ab163ebb304437f932f7)
2007-10-10r12043: It's amazing the warnings you find when compiling on a 64-bitJeremy Allison1-11/+9
box with gcc4 and -O6... Fix a bunch of C99 dereferencing type-punned pointer will break strict-aliasing rules errors. Also added prs_int32 (not uint32...) as it's needed in one place. Find places where prs_uint32 was being used to marshall/unmarshall a time_t (a big no no on 64-bits). More warning fixes to come. Thanks to Volker for nudging me to compile like this. Jeremy. (This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
2007-10-10r11999: Re-add "passdb expand explicit".Volker Lendecke2-6/+26
We came to the conclusion that changing the default is something that has to wait one or two more releases, but it will happen one way or the other. Volker (This used to be commit 30fcdf84d8943e630af78a96320607c42e4d15aa)
2007-10-10r11947: Back out passdb:expand_explicit until we find consensus. I'll file ↵Volker Lendecke2-28/+6
this as a bugzilla entry. Volker (This used to be commit d228cb62a7be6ae128d3418aeb0ea466c7329802)
2007-10-10r11923: Add samr_lookup_rids for the builtin domain. Doing it this way feels ↵Volker Lendecke1-11/+26
a bit wrong, but so far we don't have proper multi-domain support in passdb yet... Volker (This used to be commit c917cfc320f0250d23fda3525a7632bc01643707)
2007-10-10r11922: Looks bigger than it is: There's no point in allocating arrays inVolker Lendecke2-41/+24
samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in the pdb module. Remove the latter, this might happen more often. Volker (This used to be commit 57f0cf8cdd6928f4759036e5dd53d41736aa910d)
2007-10-10r11920: Rename local_lookup_rid to lookup_global_sam_rid, add ↵Volker Lendecke3-20/+62
lookup_builtin_rid. Volker (This used to be commit bc8836d5d7361041ce935f65bf2d172e1eb43299)
2007-10-10r11919: The generic mappings in srv_samr_nt.c are only used there -- make themVolker Lendecke3-45/+38
static. One long overdue simplification: Change local_lookup_sid to local_lookup_rid its responsible for "our" domain only, in fact it checked for it. Volker (This used to be commit 35ba5e083cddfa5ddba5ad84233262fadfbe87b2)
2007-10-10r11914: After talking to Jeremy, implement passdb:expand_explicit with a ↵Volker Lendecke2-6/+28
default of no. This changes our default behaviour. Sorry, Ingo, this *is* a bug that needs fixing. Jerry, you might want to put a marker into the WHATSNEW.txt when this is due. Volker (This used to be commit 6622db97bb575b028b3c0bc016b91f62a8c561a2)
2007-10-10r11874: Merge LDAP connection setup in lib/smbldap.c and pdb_nds.c.Günther Deschner1-54/+5
Also allow to use START_TLS in the pdb_nds_update_login_attempts function when doing simple binds to eDir. Guenther (This used to be commit 04a3ac5e50e93f74dfddfead5cb3f335ce991e9a)
2007-10-10r11863: BUG 3196: patch from Alex Deiter <tiamat@komi.mts.ru> to compile ↵Gerald Carter1-0/+5
against the Sun LDAP client libs. But not for AD support; just ldap support (This used to be commit a33e78acedb37df47905d326411e017794721250)
2007-10-10r11847: Fix typo.Günther Deschner1-1/+1
Guenther (This used to be commit 6aefb3aebbbba486ea44ec9ef7bc46e0776eeba8)
2007-10-10r11256: Remove use of long long and strtoll in libsmbclient (weJeremy Allison1-1/+0
can't assume long long is always there). Removed unused var in new a/c rename code. long long still used in eventlog code but Jerry has promised to fix that. Jeremy. (This used to be commit f46d8470652b8bc5c4b8cac8e96973c6165ab19a)
2007-10-10r11236: Implement user rename for smbpasswd and ldap backends. Some cleanup onJim McDonough3-4/+110
tdb as well to make naming consistent. (This used to be commit ee91eb9a39cc5e3edd9e97eb040e7557930e4e62)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison4-113/+114
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10911: part of #2861: add rename support for usrmgr.exe when using tdbsamJim McDonough2-40/+266
This gets it working before replacing tdb with the samba4 version. (This used to be commit 8210b0503a050e12ee1b4335fa6e50d10ad06577)
2007-10-10r10792: Fix the "schannel not stored across client disconnects" problem.Jeremy Allison1-0/+209
Based on the Samba4 solution - stores data in $samba/private/schannel_store.tdb. This tdb is not left open but open and closed on demand. Jeremy. (This used to be commit a6d8a4b1ff31c5552075455dbd98cb58795958a9)
2007-10-10r10658: It's so nice to have CVSIN to blame for this kind of bugs :-)Volker Lendecke1-1/+1
Volker (This used to be commit cf06a090a3fe6ed1f769aa9744637833bdc3b7d0)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter9-207/+614
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10606: pdb_*sql patches fromGerald Carter2-26/+24
Uli Meis <a.sporto@gmail.com> Peter Rindfuss <rindfuss@wz-berlin.de> (This used to be commit 8bf124adaf4d6cacc18ebca82d96eabe47088151)
2007-10-10r9661: fallback to cn attribubte if displayName is not availableGerald Carter1-14/+14
(This used to be commit b1524999e0b4fc99d213fc6e56182a8fa8e88ef1)
2007-10-10r9660: real fix for group enumeration bug in 3.0.20; only affected the ↵Gerald Carter1-4/+5
ldapsam code (This used to be commit 62f9fb5e3a9bce539c9fedc5fdec1b8741a922c7)
2007-10-10r9522: Give better error-message when "NDS Universal Password" change fails.Günther Deschner1-2/+6
Guenther (This used to be commit df90ea016a1e5b48ad5731f9bee3764cf5478bc8)
2007-10-10r9303: Clobber compiler warnings. Patch from Jason Mader ↵James Peach1-6/+6
<jason@ncac.gwu.edu> plus some extra function declarations. Bugzilla bug #2523. (This used to be commit 98d364459daa48aca3d239926cf40a0655e27e97)
2007-10-10r9051: Fix from Fernando Schapachnik <fernando@mecon.gov.ar> to add logon hoursLars Müller1-2/+3
support for the Postgres backend. Also add these changes from svn rev 7787 to trunk. (This used to be commit 7423895900817ab31e0ae6a44f1cae250e782c7d)
2007-10-10r8797: avoid unset rids for builtin-aliases.Günther Deschner1-1/+2
Guenther (This used to be commit c2810bcf662771113dccdd603cd658d19a09de80)
2007-10-10r8787: Make enumeration of builtin-aliases work again.Günther Deschner1-5/+41
Guenther (This used to be commit 0c8859474da609c69435c2acdfa4fa012d87eed3)
2007-10-10r8542: - (re-)add better search-semantics: look for Interdomain trust accountsGünther Deschner1-2/+2
below the machine-suffix (this is where we create them)) to avoid digging through thousands of user-accounts just to find a handful of trust-accounts in the enumdomusers-samr-call. - don't access freed data in DEBUG-statement Guenther (This used to be commit 793c82c0172c4f834e43d04bf3f9d39858761e88)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison4-191/+191
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r7787: Fix from Fernando Schapachnik <fernando@mecon.gov.ar> to add logon hoursJeremy Allison3-58/+213
support for the Postgres backend. Jeremy. (This used to be commit dd5d36c95f97356be1b76c1ace641861022e2aa3)
2007-10-10r7730: Some mergesVolker Lendecke1-22/+4
(This used to be commit 5b4720598b4c7f4af1027a181fbe9c1568e71361)
2007-10-10r7718: Remove some unused codeVolker Lendecke1-39/+0
(This used to be commit 10606be0509743b1acfcafbf826b1a02765db158)
2007-10-10r7577: switching to macro for IS_DCGerald Carter1-15/+4
(This used to be commit e6df9a7ac74a4e4f8de15fc01799bf42dfdd530c)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-2/+40
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r7142: removing 'ldap filter' smb.conf optionGerald Carter1-4/+4
(This used to be commit e2f8eeb4e26e8f7bec4d9dc820b86a7b548f82da)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter1-0/+65
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r6774: Fix 2 memleaksVolker Lendecke1-1/+2
(This used to be commit 6af57d4bae3ee0a28ab12294e813bb37b62e00f5)
2007-10-10r6770: Fix bug 2705. Thanks, John, for beating my stuff :-)Volker Lendecke1-2/+0
Volker (This used to be commit f406dda687b457b8247151cf86d39f03608b5503)
2007-10-10r6748: With reconnects, state->connection->ldap_struct can change in ↵Volker Lendecke1-3/+8
smbldap_search and friends. This should be a fix for bug 2701. Thanks to jht for giving me access to his box! Volker (This used to be commit 85320c12578f183d4ed0450949e0aee8d020e036)
2007-10-10r6713: another talloc() fix. This time in pdb_xml.cGerald Carter1-1/+1
(This used to be commit b0289d22587b0b532921a9b18c1efb767029bdcc)
2007-10-10r6635: Fix build of the various sql pdb backends after new talloc.Jelmer Vernooij3-91/+101
(This used to be commit 0a7eabd46d40ddbd9dfbb7602653b28fd84dcf6f)
2007-10-10r6595: This is Volkers new-talloc patch. Just got the go-ahead fromJeremy Allison1-1/+2
Volker to commit. Woo Hoo ! Jeremy. (This used to be commit 316df944a456f150944761dab34add5e8c4ab699)
2007-10-10r6445: Make us survive the PARANOID_MALLOC_CHECKER. Should we enable that forVolker Lendecke2-6/+6
--enable-developer=yes? Volker (This used to be commit 61d40ac60dd9c8c9bbcf92e4fc57fe1d706bc721)
2007-10-10r6421: use add machine script when creating a user (ACB_NORMAL)Gerald Carter1-1/+2
who has a name ending in '$' (usrmgr.exe does this for domain trusts (that's was jfm's original comment I think). avoid an assert() call in libldap. (This used to be commit 0ac57ae94202190ddbe538f7180a0443463b48cf)
2007-10-10r6367: Slim down pdb_interface.c a bit. next_entry and search_end are functionVolker Lendecke2-194/+69
pointers now. Yes, Jeremy, this is about re-inventing C++... :-) Volker (This used to be commit a831e54738c7854e68c696e9cbb132c012ff223c)
2007-10-10r6351: This is quite a large and intrusive patch, but there are not many ↵Volker Lendecke2-153/+717
pieces that can be taken out of it, so I decided to commit this in one lump. It changes the passdb enumerating functions to use ldap paged results where possible. In particular the samr calls querydispinfo, enumdomusers and friends have undergone significant internal changes. I have tested this extensively with rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will follow later. The code is based on a first implementation by Günther Deschner, but has evolved quite a bit since then. Volker (This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
2007-10-10r6277: This implements a new caching API for enumerating the pdb elements. It isVolker Lendecke1-0/+358
modeled after query_displayinfo and should hide the differences between users, groups and aliases while allowing a cache analog load_sampw_entries: struct pdb_search *pdb_search_users(uint16 acct_flags); struct pdb_search *pdb_search_groups(void); struct pdb_search *pdb_search_aliases(const DOM_SID *sid); uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx, uint32 max_entries, struct samr_displayentry **result); void pdb_search_destroy(struct pdb_search *search); Why this API? Eventually we will need to apply the work gd has started on enumerating users with paged ldap searches to groups and aliases. Before doing that I want to clean up the search routines we have. The sample application (more to follow) is 'net maxrid'. Volker (This used to be commit 8b4f67a1e9d459145cde10b1064781d58d62b805)