summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2004-01-07Typo fix.Rafal Szczesniak1-1/+1
rafal (This used to be commit 5d7f81eea2f3d9ba59eb549a45de030b0a277263)
2004-01-07Don't duplicate pulling the 'IPC' username from secrets.tdb, insteadAndrew Bartlett1-1/+39
just use one function for both places. Andrew Bartlett (This used to be commit 85da181e8a0ade839f6d595fabdf4cea606f82e1)
2004-01-06isolate ldap debug messages to the common smbldap_XXX() functionsGerald Carter1-3/+0
(This used to be commit 7d7a262f45182e67daecdca49df85445c2b9700a)
2004-01-04- Put functions for generating SQL queries in pdb_sql.cJelmer Vernooij3-501/+1008
- Add pgSQL backend (based on patch by Hamish Friedlander) - Use query generate functions from pdb_mysql and pdb_pgsql - Only pdb_pgsql.c needs to be changed whenever the fields in SAM_ACCOUNT change (This used to be commit 65ad2c02fd2bf36d535c279ad290ab81e39f6816)
2004-01-02JHT came up with a nasty (broken) torture case in preparing examples forAndrew Bartlett1-1/+1
his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name->sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
2003-12-26Check the return value of string_to_sid in a few more places. (ButAndrew Bartlett1-2/+10
string_to_sid also needs to be less permissive on what it thinks are valid sids...) Andrew Bartlett (This used to be commit 9080c30de8aa96ed3b9b121ca111f1632572754e)
2003-12-26Show the error message for failure to set the ldap password.Andrew Bartlett1-2/+8
(For 'ldap password sync = yes') Andrew Bartlett (This used to be commit 5b682aef678cc9ee135852d7ee6b8c159902fab7)
2003-12-22add well known rid for pre win2k compatible access group; bug 897Gerald Carter1-0/+1
(This used to be commit 33a1a374ebb44c839d995d11e1229767fc679678)
2003-12-22Patch from Jianliang Lu j.lu@tiesse.com to manage Power UsersJeremy Allison1-0/+1
group. Jeremy. (This used to be commit 72252fb0b207205d41a2ec50f6d364bf0bb21747)
2003-12-11Fix uninitialized variable in passdb code. Reported by Andy Polyakov ↵Alexander Bokovoy1-1/+1
<appro@fy.chalmers.se> (This used to be commit ac7a60abf2c465b518a3eb7502fa8eee767c8b22)
2003-12-10more group lookup access fixes on the neverending bug 281Gerald Carter1-6/+16
(This used to be commit 9359a6ea80d1228e87ea825a100a2d289c37162d)
2003-12-04support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter1-3/+15
(This used to be commit 1c3c16abc94d197e69e3350de1e5cc1e99be4322)
2003-12-01another strequal() == 0 fixGerald Carter1-1/+1
(This used to be commit 464b410734c46bc55f2427e99ecf61bad7e3b244)
2003-12-01add Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608Gerald Carter1-0/+2
(This used to be commit 4bc58129e073973620aed1bfb161ee83c1863f81)
2003-11-24more access fixes for group enumeration in LDAP; bug 281Gerald Carter1-3/+14
(This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85)
2003-11-17* make sure we only enumerate group mapping entriesGerald Carter1-14/+0
(not /etc/group) even when doing local aliases * remove "hide local users" parameter; we have this behavior built into 3.0 (This used to be commit a7685a069766ac720f0b26fe01b0e17fc388fca3)
2003-11-14fix more memory leaks in the LDAP backend code; patches from metzeGerald Carter1-22/+38
(This used to be commit e079c8842a24ff4f50483bea8ca6b11db4b2dc99)
2003-11-07* only install swat html files onceGerald Carter1-1/+4
* revert the change that prevent the guest account from being added to a passdb backend since it broke the build farm. * apply patch from Alex Deiter to fix the "smbldap_open: cannot access when not root error" messages when looking up group information (bug 281) (This used to be commit 9b8bf6a950186bd95abe952af4a7d35829b34ff8)
2003-11-07fix for bug 680 (heads up). This gist is to map theGerald Carter1-5/+17
UNIX entity foo to DOMAIN\foo instead of SERVER\foo on members of a Samba domain when all UNIX accounts are shared via NIS, et. al. * allow winbindd to match local accounts to domain SID when 'winbind trusted domains only = yes' * remove code in idmap_ldap that searches the user suffix and group suffix. It's not needed and provides inconsistent functionality from the tdb backend. This has been tested. I'm still waiting on some more feedback but This needs to be in 3.0.1pre2 for widespread use. (This used to be commit ee272414e9965d7d550ba91d4e83997134dd51e6)
2003-11-07don't allow setting of the guest accountGerald Carter1-0/+8
(This used to be commit e0eea3639425aa6f4b621cce6b33df9e9c67ba6d)
2003-11-07I agree with vl's #if 0 here, and am not quite sure what I wasAndrew Bartlett1-13/+0
thinking with regard to the original code. Let's keep samba simple, and just remove it. Andrew Bartlett (This used to be commit 156cf8bede52e1d33be980fd8841367253a60b9e)
2003-11-06bug 624; make sure to set the GUEST SID rather than using the PDB_DEFAULT flagGerald Carter1-1/+1
(This used to be commit ccc7634b1c4b7813a1d09af93572b1209e72dffb)
2003-10-31Patch from Aurélien Degrémont <adegremont@idealx.com>. "entry" is dependentJeremy Allison1-2/+4
on "result", don't free result first. Jeremy. (This used to be commit c61a230c5ab7250c0812b422e0a533fbf5efbf17)
2003-10-30If nothing to do, return success. Fix from Aur?lien Degr?mont ↵Jeremy Allison1-1/+1
<adegremont@idealx.com> Jeremy. (This used to be commit aa668a0206b027923a333417309cb483c5a64265)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison2-2/+2
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit d7e35dfb9283d560d0ed2ab231f36ed92767dace)
2003-10-10Match Samba 2.2, and make ACB_NORMAL the default ACB value.Andrew Bartlett1-0/+7
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing) Andrew Bartlett (This used to be commit dfd6bef580525cf719988c3a6eaaf47c46542de5)
2003-10-06split some security related functions in their own files.Simo Sorce1-2/+2
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes couldn't compile to test these due to some kerberos problems wirh 3.0, but on HEAD they're working well, so I suppose it's ok to commit (This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
2003-10-03Typo in error message.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 8996c51770845d60b41c2c967b030ff30eef1001)
2003-10-02Portability fix from schmitz@hp.com (Joachim Schmitz). Bug #547.Jeremy Allison1-0/+4
Jeremy. (This used to be commit bbc7b189b9b4b3a5ef0a5ddbb7d2d755f6341fdf)
2003-10-02Make pdb_ldap.c compile with SUN iPlanet headers. Whether this works will beVolker Lendecke1-1/+1
tested soon, but this fix is somewhat obvious. Volker (This used to be commit 227882d6f79fb5909998996e1be08df723c49e8e)
2003-09-20Fix a bug and warn when configuration file values are incorrect. Thanks toJelmer Vernooij1-10/+28
Wilco Baan Hofman <wilco@andoburg.nl> (This used to be commit 2c584efae69f328581d4f863a8f8ef3ff8228423)
2003-09-19Fix pdb_mysql. Jelmer will look into details tonight.Alexander Bokovoy1-3/+5
(This used to be commit b00a81b543a58f46e54ce0e5362ba21bb16fc35f)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison5-23/+75
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
2003-09-18Oops. Proper fix for #470.Jeremy Allison1-18/+20
Jeremy. (This used to be commit 82f98b066d345fdac40a584078a19453bda53d5b)
2003-09-18Fix for #470 - unable to display SIDs in ACLs.Jeremy Allison1-2/+11
Jeremy. (This used to be commit 56df89eff38e4c89defa5fd56bbb6c9d2012f82d)
2003-09-16Fix typo. Found by Aurelien DegremontJelmer Vernooij1-1/+1
(This used to be commit 4765e56f92f0906afe3073184c4fa255e1b1a647)
2003-09-11remove getpwnam() calls from init_sam_from_xxx().Gerald Carter2-61/+30
This means that %u & %g will no longer expand, but %U and %G still do. The payback is that winbindd local accounts for users work with 'wbinfo -u' when winbind is running on a PDC. (This used to be commit eb02fcf3c212eee1dc267959f23da5a26c1eac4f)
2003-09-10Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not convertingJeremy Allison1-250/+219
to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. (This used to be commit 910d21d3164c2c64773031fddaad35ea88e72a04)
2003-09-07Nobody complained on the team-list, so commit it ...Volker Lendecke1-0/+53
This implements some kind of improved AFS support for Samba on Linux with OpenAFS 1.2.10. ./configure --with-fake-kaserver assumes that you have OpenAFS on your machine. To use this, you have to put the AFS server's KeyFile into secrets.tdb with 'net afskey'. If this is done, on each tree connect smbd creates a Kerberos V4 ticket suitable for use by the AFS client and gives it to the kernel via the AFS syscall. This is meant to be very light-weight, so I did not link in a whole lot of libraries to be more platform-independent using the ka_SetToken function call. Volker (This used to be commit 5775690ee8e17d3e98355b5147e4aed47e8dc213)
2003-09-06Only set sids when they're retrurned by the MySQL queryJelmer Vernooij1-2/+2
(This used to be commit 9a603f6f077a2e1ddc41849cca3641421ecbaf11)
2003-09-05More tuning from cachegrind. Change most trim_string() calls to trim_char(0,Jeremy Allison2-5/+7
as that's what they do. Fix string_replace() to fast-path ascii. Jeremy. (This used to be commit f35e9a8b909d3c74be47083ccc4a4e91a14938db)
2003-08-27remove 'ldap trust ids' since there was no way for it to work nowGerald Carter1-0/+5
(This used to be commit 3724063f1518c25e33ba6b65cd3bb1e36cec51fa)
2003-08-27Fix bug 327 (again and I think for the last time). Make sure thatGerald Carter1-0/+488
pam_smbpass.so will load ok. Had to move some functions around to work around dependency problems (hence the new passdb/lookup_sid.c) Also make sure that libsmbclient.a is built and installed when we support shared libraries. (This used to be commit 780055f4422f11fb0524ac1f003cdc5f317f8b19)
2003-08-21fix for BUG 245; make sure we set the sid type when falling back to the rid ↵Gerald Carter1-1/+7
algorithm stuff (This used to be commit f6363aa31aa3479a9566328752ecb4aeadde10b7)
2003-08-15get rid of some sompiler warnings on IRIXHerb Lewis4-12/+11
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
2003-08-132 fixesGerald Carter1-0/+48
* bug #280 (my fault) - initialize sambaNextUserRid and sambaNextGroupRid * Unix users shared vis LDAP or NIS between a samba domain member of a Samba domain are not seen as domain users on the member servers. not as local users. (This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
2003-08-11fix bug #281 by surrounding pdb_getgrgid() with become/unbecome_root()Gerald Carter1-1/+8
(This used to be commit f6a01f51159ccd822c6e764b7243fff375f22747)
2003-08-06fix bug #208; have to get the gid of the user's primary group for %GGerald Carter2-1/+17
(This used to be commit 575483a1efe18a90055490117ba6894512ae568a)
2003-08-06oops; fix typo. Noticed by gcc warningGerald Carter1-2/+2
(This used to be commit 4c36ef65e5101899f730adaeacf754f5f3647d89)
2003-08-05fix bug #245; local_lookupsid() needed to make a getpwuid() call to get the ↵Gerald Carter1-9/+20
username instead of making up unix_user.## (This used to be commit b947fc3eed464d7a64914f3965964d29be031614)