Age | Commit message (Collapse) | Author | Files | Lines |
|
field at all. It seems to be an optional 12 byte structure of some
kind. mkaplan found a situation where the structure was not present at
all (depending on ptr_0)
(This used to be commit d7f18c60f73a3acb00ec9b1f9c605cc8c9d690a7)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
|
|
Volker
(This used to be commit 32d6bcf3acefc77873a7241cc0c7e26241a65301)
|
|
The actual design change is relitivly small however:
It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into
ldap. This was a great win for admins, and this patch follows in the same way.
This patch extends the concept - we don't store values back into LDAP unless
they have been changed. So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value. This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.
Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild. Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.
This also applies to many other attributes, and helps to eliminate a nasty
race condition. (Time between get and set)
This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).
The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.
Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
|
|
better job of working with usrmgr. Previously we were blanking out entires,
and all sort of mischif.
The new patch (which I've now had a chance to test/modify) also takes care not
to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to store
\\server\user back) and to correctly notice 'not set' compared to 'null string'
etc.
Andrew Bartlett
(This used to be commit ab878b6cc4132594fc33f78aeebf0d8b7266c150)
|
|
(This used to be commit 482d873c26bf02e27ffcd92042b476eda765a5ff)
|
|
(This used to be commit 8bca3085836255536794444248e7ff3a2460c045)
|
|
additional parm compared to samr connect, but I've only seen 0x00000002
in that field...
(This used to be commit ed2370b91f7f6a36efdf6b65340a5b29a26e7e7a)
|
|
existing connect (which I've been told is really connect2), with one
extra dword. We've only seen 0x00000002 there...
(This used to be commit 266344634944dff30f56453f9d86c490e7ac7a55)
|
|
(This used to be commit 290a304d2c1b70d20129236e20a0ff664179023e)
|
|
the 'user cannot change password' button work. Needs help from a future SAM
backend, but at least this parses the data, and returns an error.
Andrew Bartlett
(This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1)
|
|
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem.
Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the
eventual hope that we might one day support muliple domains off a single
passdb. To extract the RID, we use sid_peek_check_rid(), and supply an
'expected' domain SID.
The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to
srv_samr_util.c, to ease linking in passdb users.
Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in
pdb_compat.c
Andrew Bartlett
(This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
|
|
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
|
|
Jeremy.
(This used to be commit 64af68924b8fc36caac3f978dc0f9deccc41e059)
|
|
(This used to be commit 2e25b5c3099e48869e83a1e03943d3cc2a875f24)
|
|
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
|
|
<mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly
enumerate its trusted domains - by exaimining the keys in the secrets.tdb file.
This patch has been tested with both NT4 and rpcclient/wbinfo, and adds
some extra functionality to talloc and rpc_parse to allow it to deal with
already unicode strings.
Finally, this cleans up some const warnings that were in net_rpc.c by pushing
another dash of const into the rpc client code.
Andrew Bartlett
(This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296)
|
|
(This used to be commit 5b43519219991fe14c8ce1993c16557bf5ceccb4)
|
|
Jeremy.
(This used to be commit 3f9063167f3fc9ae7e7fd753d76ece23c1d97800)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
J.F.
(This used to be commit 87928c4d91940447191af4fe83a2be7ac3477361)
|
|
calculate them and always reply a size of 32 bytes whereas NT4 did the
maths. Anyway, it looks like the clients don't complain.
in query_dom_info() at level 2, return the real number of users and
groups. That's the fix to the W95/98 userlist bug !
as W95/98 does a query_dom_info(2) followed by a query_disp_info(4) on
the SAME context handle (err we call it an lsa policy handle ! plain
wrong name), I was tempted to keep the snapshoot in memory, to prevent
2 full user db enumerations in a row and just have one shared. But if some
client does the 2 calls on two different handles, we would have 2 copies
in memory not free'ed before the samr_close().
We still have too many fixed constant and too many magic values in that
code. And btw, I really hates how the sequence number is generated !
J.F.
(This used to be commit c0178e1a03f8225e5b350feb8fcbfb02f43327b4)
|
|
instead of enumerating the whole user db or group db every time, we store
a in memory copy linked to the handle.
that's much faster for large enumeration where the db can't fit in a
single rpc packet. And as it's a copy, it's constant between enumeration.
still some stuff to clean. But now I can fix the W95 userlist bug, as I've
finally found it.
J.F.
(This used to be commit 3ab45215369e8e93d750f4687e9c1f7d47782590)
|
|
(This used to be commit 589aa4fe226ee5bdae0a244631193714b0b556ac)
|
|
It's just to keep usermanager happy ;-)
clean up a bit samr_query_aliasinfo to return the group description
added: samr_del_aliasmem, samr_del_groupmem and samr_del_domuser
with the correct scripts, you can now entirely manage the users from
usermanager ! Closer to full PDC every day ;-)
J.F.
(This used to be commit 0a727afc669704cda9b44d44dbac9e989e906ae3)
|
|
(This used to be commit 64bf8f81c49744fc0653db655e457981f3bcbac2)
|
|
You can change them with either usermanager->policies->account
or from a command prompt on NT/W2K: net accounts /domain
we can add a rpc accounts to the net command. As the net_rpc.c is still
empty, I did not start. How should I add command to it ? Should I take the
rpcclient/cmd_xxx functions and call them from there ?
alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more
for jeremy ;-)
J.F.
(This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
|
|
We now get the full account policy window in usermanager, and the
framework to store all those values. I plan to add a TDB file to store
them.
oh, and found that the last value in a sam_unknown_info_12_inf struct is
an uint16 and not a uint32.
andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it
to a value setable in usermanager.
J.F.
(This used to be commit 99471d25693f6672d433b90a060378f6faad867f)
|
|
discovered that our reply is short by 4 bytes since day 1 of this code.
Added a decode function to rpcclient too.
splitted the STRING2 fields filling while trying to understand the win9x
userlist bug. (didn't fix the bug, but the reply looks closer to NT).
J.F.
(This used to be commit bfbe7f377e5fcb09e87bfc866196dfc51a8fe64d)
|
|
In particular this commit focuses on:
Actually adding the 'const' to the passdb interface, and the flow-on changes.
Also kill off the 'disp_info' stuff, as its no longer used.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes introduces a large dose of 'const' to the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
---
This finishes this line of commits off, your tree should now compile again :-)
Andrew Bartlett
(This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
(This used to be commit c9cbe3237e01983a5063e5680ad71c7579009f28)
|
|
Jeremy.
(This used to be commit c51cfc7f0d3ad1614ca1e0330c8707f7b263b8e6)
|
|
According to the incorruptible judges find and grep, the latter won.
Mmm - procrastination. (-:
(This used to be commit 2e339403605177b15d5185a8fdd1b06f3f043168)
|
|
add query dominfo level 5
some cleanup, don't free talloced memory.
implement delete domain and local groups.
J.F.
(This used to be commit 3f14dda2a21850edfd540be2624867e5f70a382c)
|
|
Jeremy.
(This used to be commit 5059fbbb76ffa24658a878080a36e355df4894f5)
|
|
Jeremy.
(This used to be commit d4872c94c2e6b63be0fb12e5dd2d0459fda54959)
|
|
hi jeremy,
can you commit the following patch against HEAD. I can't do it right now
Thanks Tim for me. He changed the SAM_DISPINFO_1 array without checking if
he didn't break the server code. And he did.
So on my way I cleaned info_1, 2, .. 5
it may break winbind. I leave to tim the pleasure to fix it ;-)
jf.
I added some talloc changes and checks for alloc fails.
Jeremy.
(This used to be commit 001e9b7b540f04c80ba65c879aaa41acddc86f3e)
|
|
(This used to be commit 008628fb8ac9f92d984218f37fffdfa3cb9e3d62)
|
|
Jermey.
(This used to be commit 05a2911403a0710d994a618e72743205a3b0b87a)
|
|
depend on it...
Jeremy.
(This used to be commit 0fe11c329f7b379299be65795031e4f1b14e0bec)
|
|
Jeremy.
(This used to be commit a600c96e596375bf27c15026c032944a066e7290)
|
|
and parse function.
(This used to be commit d2eafa7483a53958b6c930ca05da6e6a6c21b785)
|
|
to use tallocated memory instead of dodgy static arrays.
(This used to be commit 35d27941141ecdc3bfe18651e5225a94d818e8c1)
|
|
stuff. (-:
(This used to be commit 5bbd946d592fde9ac6bf1c66268ef608d5988363)
|
|
in as well as tallocating space for one itself. I've deleted code so the
passed in container is used to store the SAM user info. This may have
broken some server side SAM stuff which probably isn't used anyway. )-:
(This used to be commit fc44cec0de68c92001c4313b4f0ee9f69ba6b9b5)
|
|
Not ready yet.
J.F.
(This used to be commit 62a7a567fdea230b77cc97a3f74d868542c34700)
|
|
parse structure.
(This used to be commit 139e767e78adafa4d4469d2d63415d46267f2fc9)
|