Age | Commit message (Collapse) | Author | Files | Lines |
|
* don't fall back to unmapped UNIX group for
get_local_group_from_sid()
* remove an extra become/unbecome_root() pair
from group enumeration
(This used to be commit c0f34b42a6a4af09ae4b76721bc350784d87f686)
|
|
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
|
|
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
|
|
put a doc about it in dev-doc later today.
(This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
|
|
- calling the initialization function in the module init_module() instead of rpc_pipe_init()
- calling smb_load_module() to do the dlopen(), dlsym() and init_module() calls
I'll merge this to 3.0, together with the smb_load_module() function.
Discussed with Anthony.
(This used to be commit 3757ed8df06ca2b306bef336bdb9c7671f5e6a65)
|
|
for instructions.
(This used to be commit d51e12df78ff8fc721d693fedbd1c633f39edd49)
|
|
also try to uniform names to a clean scheme.
first part.
(This used to be commit a123e05877caf90c28980be2d84b1d0b46e4fd21)
|
|
existing connect (which I've been told is really connect2), with one
extra dword. We've only seen 0x00000002 there...
(This used to be commit 266344634944dff30f56453f9d86c490e7ac7a55)
|
|
the 'user cannot change password' button work. Needs help from a future SAM
backend, but at least this parses the data, and returns an error.
Andrew Bartlett
(This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1)
|
|
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
J.F.
(This used to be commit 87928c4d91940447191af4fe83a2be7ac3477361)
|
|
We now get the full account policy window in usermanager, and the
framework to store all those values. I plan to add a TDB file to store
them.
oh, and found that the last value in a sam_unknown_info_12_inf struct is
an uint16 and not a uint32.
andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it
to a value setable in usermanager.
J.F.
(This used to be commit 99471d25693f6672d433b90a060378f6faad867f)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
Jeremy.
(This used to be commit 6bbcab5e48f91a80d4ebcbd2bee38f2e0a8bff78)
|
|
Not ready yet.
J.F.
(This used to be commit 62a7a567fdea230b77cc97a3f74d868542c34700)
|
|
I did some basic tests but I have probably broken something. Notably the
password changing. So don't cry ;-)
J.F.
(This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719)
|
|
J.F.
(This used to be commit 7154deb026d53cb0cd503562174c3332a372be63)
|
|
Parameterises the printing functions so other backends can be plugged
directly in (this is a good thing :-).
Jeremy.
(This used to be commit c0345bbaed5d1aac777f1a33ff84ad1899f2ed6d)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
authenticate against them. Big/little endian issues fixed.
Jeremy.
(This used to be commit 0e6a34510ed598eaec7fe71a9c91fda528a4675c)
|
|
srv_samr.c: duplicate gid fix.
srv_spoolss_nt.c: Merge of JF's work.
uid.c: Fix for returning names when a PDC.
Jeremy.
(This used to be commit d938ad6963a2dd4eda930d508600ec1902dc2b16)
|
|
(This used to be commit a86f219f2f63f63e43d5b99e3d190a536954d400)
|
|
srv_samr.c: Fix for pw caching.
smbd/nttrans.c: Fix to allow trans create to set ACL on open.
Jeremy.
(This used to be commit c4f810a7588a2faf41f4222dc77678c53ab1dec0)
|
|
(This used to be commit 793153ebde08db217a18882c5eec945b7b14de69)
|
|
smbd/reply.c:
Added fix needed for appliances. When using winbindd - a new user may
exist (from winbind) but have no home directory. Extend add user script
so it is called with a %H substitution when a user exists but their home
directory does not. Thanks to Alex Win at VA Linux for finding this one
and testing the fix.
libsmb/clidgram.c: Fixed missing return statements.
smbd/uid.c: Fixed typo in debug.
Jeremy.
(This used to be commit 7ba0a2192b89954604dd793c537b4a17c2d1ac07)
|
|
source/include/proto.h
source/param/loadparm.c
source/passdb/passdb.c
source/rpc_server/srv_samr.c
- add support for "hide local users" option to HEAD.
(This used to be commit 44dc339fe757b2b5578b30e74aad8c1b12c23f5f)
|
|
on read.
Jeremy.
(This used to be commit 76b8dd376d13eb4469417be217c966d54d333367)
|
|
o added BOOL own_memory flag in SAM_ACCOUNT so we could
use static memory for string pointer assignment or
allocate a new string
o added a reference TDB passdb backend. This is only a reference
and should not be used in production because
- RID's are generated using the same algorithm as with smbpasswd
- a TDB can only have one key (w/o getting into problems) and we
need three. Therefore the pdb_sam-getpwuid() and
pdb_getsampwrid() functions are interative searches :-(
we need transaction support, multiple indexes, and a nice open
source DBM. The Berkeley DB (from sleepycat.com seems to fit
this criteria now)
o added a new parameter "private dir" as many places in the code were
using lp_smb_passwd_file() and chopping off the filename part.
This makes more sense to me and I will docuement it in the man pages
o Ran through Insure-lite and corrected memory leaks. Need for
a public flogging this time Jeremy (-:
-- jerry
(This used to be commit 4792029a2991bd84251d152a62b1033dec62cee2)
|
|
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
|
|
the trust domain list reply on netlogon pipe was wrong, interim hack until
we have full trust relationships.
changed some unistr2 to parse the ending NULL char.
added a prs_align_needed() function. much like a prs_align but with a
condition. needed for the unistr2 parsing.
J.F.
(This used to be commit d8bf81553c17d9ee3419d8150b96119ebb0b8fa9)
|
|
.cvsignore remove config.h - not in this directory
include/profile.h profile changes
lib/messages.c added message to return debug level
libsmb/clierror.c cast to get rid of compiler warning
libsmb/smbencrypt.c cast to get rid of compiler warning
profile/profile.c add flush profile stats changes for profile struct
rpc_parse/parse_samr.c fix for compiler warning
rpc_server/srv_samr.c cast to get rid of compiler warning
smbd/ipc.c profile stats
message.c profile stats
smbd/negprot.c profile stats
smbd/nttrans.c profile stats
smbd/trans2.c profile stats
utils/smbcontrol.c new flush stats command
(This used to be commit bbb24daa25dca4e4b6b1f8942cd84ee3aa1bed8e)
|
|
a sam_user_info_24 doesn't have a uint16 at end
samr_create_user also creates the unix account now
samr_set_userinfo changes the password.
J.F.
(This used to be commit 94f4024481fcd0cb6647af1bd4364033be020641)
|
|
J.F.
(This used to be commit 044246fe7e40d83673120dc14b5d6572e6c23142)
|
|
J.F.
(This used to be commit c49cc884458d6efa0f7f4b1e40f7d98d84836e77)
|
|
cleanup of create_user
cleanup of rid/sid mix in samr. now we only have sid.
some prs_align() missing in parse_samr.c
a small debug change in srv_pipe.c
You still can't change a user's password in this commit.
Will be availble in the next one.
J.F.
(This used to be commit b655bc281fa183b1827a946ada1fcf500fb93aea)
|
|
Jeremy.
(This used to be commit d131ad1ce3f6e72e295f865a463f8dcbfa6f8d42)
|
|
was not correct.
Jeremy.
(This used to be commit 1a3f7ecde2ca031b2f93a079f75822354fe241a0)
|
|
And we create the disabled account. That means we can create user and
trust accounts remotely !
ifdef out a return in passdb/smbpass.c. I think I didn't break any
security. Jeremy could you check if I didn't make any mistakes ???
J.F.
(This used to be commit 416be1b64f366c8b859f25856fce2467ec0446d9)
|
|
so renamed and tidy up of the server function.
J.F.
(This used to be commit 0f707ac1fb5685b800d6599b9074ec1d4e65b1c1)
|
|
check these in before.
jerry
(This used to be commit e682d6a599934e5460abe0d30cb2465fa80c7937)
|
|
jerry
(This used to be commit a606131508592d72f3fd8a0dd63073e9c559062f)
|
|
(This used to be commit 20a7fefee8c85f02f6a0e2a02c0df04a8b22b7cb)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
NT_STATUS_XXX).
Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more
obscure way.
Jeremy.
(This used to be commit c55bcec817f47d6162466b193d533c877194124a)
|
|
and samr_enum_dom_aliases commands. Unfortunately the algorithm for
determining winbind groups from normal groups is simply to check for the
presence of the lp_winbind_separator() character. )-:
(This used to be commit 363a9c45bf0a7d3266ccdf4eeb0b9f5e3d38389f)
|
|
this stuff doesn't need to be done as root anyway.
(This used to be commit c3cad0ff6482784f95fd54ba51ee5be2354bb95d)
|
|
(This used to be commit 66372765e7c3f85240d54894547a150351426d5f)
|