Age | Commit message (Collapse) | Author | Files | Lines |
|
This gets us closer to W2k+ in what we return for file ACLs. Fix horribly
broken make_sec_desc() that screwed up the size when given a SD with no
owner or group (how did it get this bad... ?).
Jeremy.
(This used to be commit 183c9ed4052ab14e269ed1234ca557053f77e77a)
|
|
unless we are trying to be an ADS DC
(This used to be commit bf20976e5a993f4cfa05c1e0a9ecab2c7da99263)
|
|
in add groupmem code.
Jeremy.
(This used to be commit f41eb9ce9af2075f62abaecd8792d30617d05818)
|
|
thanks
(This used to be commit 29dc40639fad7652f7f99995be7552f5143ff052)
|
|
Jeremy.
(This used to be commit b754089a2660975c593a6651e5e72b7360a0aba1)
|
|
VFS_ macros at system side. We currently have one clash with AIX and its VFS_LOCK. Compiled and tested -- no new functionality or code, just plain rename of macros for yet-unreleased VFS API version. Needs to be done before a24 is out
(This used to be commit c2689ed118b490e49497a76ed6a2251262018769)
|
|
Jeremy.
(This used to be commit 2a6d0c2481c3c34351e57c30a85004babdbf99b0)
|
|
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
|
|
1. Finally work with cascaded modules with private data storage per module
2. Convert VFS API to macro calls to simplify cascading
3. Add quota support to VFS layer (prepare to NT quota support)
Patch by Stefan (metze) Metzemacher, with review of Jelmer and me
Tested in past few weeks. Documentation to new VFS API for third-party developers to follow
(This used to be commit 91984ef5caa2d13c5d52e1f535bd3bbbae1ec978)
|
|
lp_workgroup(), for all other server this is global_myname().
This is the name of the domain for accounts on *this* system, and getting
this wrong caused interesting bugs with 'take ownership' on member servers
and standalone servers at Snap.
(They lookup the username that they got, then convert that to a SID - but
becouse the domain out of the smbpasswd entry was wrong, we would fail the
lookup).
Andrew Bartlett
(This used to be commit 5fc78eba20411f3f5a8ccadfcba5c4ab73180dba)
|
|
to the system. This means that we always run Get_Pwnam(), and can never add
FOO when foo exists on the system (the idea is to instead add foo into
the passdb, using it's full name, RID etc).
Andrew Bartlett
(This used to be commit bb79b127e02cefae13c822fd0fd165f1f214b740)
|
|
(This used to be commit c0807e21999ec718d722fc0be6b3353c9369db04)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
|
|
(This used to be commit f7cfdf20b7b3b7743c0c3af4ff62fdde00e45fdc)
|
|
for rpc_pull_string. If we had a NULL or zero-length string, we would use
uninitialised data in the result string.
Andrew Bartlett
(This used to be commit df10aee451b431a8a056a949a98393da256185da)
|
|
a pstrcpy/fstrcpy or at most a safe_strcpy().
These have the advantage of being compiler-verifiable.
Get these out of the way, along with a rewrite of 'get_short_archi' in the
spoolss client and server. (This pushes around const string pointers, rather
than copied strings).
Andrew Bartlett
(This used to be commit 32fb801ddc035e8971e9911ed4b6e51892e9d1cc)
|
|
etc, move the SAMR create_user code back to using the 'pdb_init_sam_pw' method
to fill out the attributes.
This is basicly the same code, but we really didn't need the duplication.
Also, take advantage of the fact that RIDs will always be returned back into
the SAM_ACCOUNT on ADD, so we don't need to duplicate the 'get'.
This should also help in sites with replicated LDAP - the second fetch might
occour before the first is replicated back.
Andrew Bartlett
(This used to be commit 39714c24fd9da4701d4fe69ddd3d61a25254409f)
|
|
samlogon call certainly breaks the credential chain. Do it once during
the bind response.
Volker
(This used to be commit d4262c37f13642e034d3e207bfbb563c17a8a176)
|
|
Andrew Bartlett
(This used to be commit 898ff89632a394ff32fd38f1c4e94412388fa8bd)
|
|
include a domain portion, do a gethostbyname() lookup on that name.
Use this name in our PolicyPrimaryDomainInformation reply (_lsa_query_info2)
that Win2k uses when trying to trust us as a trusted domain.
(We need to do a better mapping between our Netbios and Win2k domain names,
but this will do for now - particularly annoying is the way this possibly needs
to map with our kerberos realm).
Andrew Bartlett
(This used to be commit 3be03271030208a69da29c6e2a7b92cdbaa8c6aa)
|
|
the credentials from secrets.tdb
(This used to be commit bb8b63b865b941abecc0d821e710702dd12866fe)
|
|
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC.
Jeremy.
(This used to be commit ff66d4097088409205b6bad5124a78ef9946010d)
|
|
(This used to be commit aca7319e8d45eb604f28b8bd490413b08e2c98f2)
|
|
Whitespace syncup.
(This used to be commit c69237edf2bfdb426447d808fbd1dc6eb5cffabe)
|
|
(This used to be commit 21166e87bfeeaa5079dfbcac3df9232d73986532)
|
|
Only compiled in when --enable-developer argument passed to configure.
(This used to be commit 017da9393bab276543d0d5c50df8c760780f2450)
|
|
used to be commit 381649916ecbaddefbb6ee0e6137b7cc73eb54b1)
|
|
* fix bug found by clobber_region()
(This used to be commit ad2765bb5e0c1c4d8f12583e49df5b1bc7ffc389)
|
|
* fix bug found by clobber_region()
(This used to be commit b2e29c7bd45f8f33d9ed58fe75bbf5ffc78350f5)
|
|
Use the client address from the pipe->conn->client_address
instead of trying to resolve the name in the _spoolss_rffpcn()
request. Should make us more robust as well when the clients
are not registered in DNS or WINS.
(This used to be commit 78b2c1be7d9923716841627044c4e1578a5b9546)
|
|
Use the client address from the pipe->conn->client_address
instead of trying to resolve the name in the _spoolss_rffpcn()
request. Should make us more robust as well when the clients
are not registered in DNS or WINS.
(This used to be commit 23f0fcf6421b1e8dd6ed6ab14af14ea7eb380c1c)
|
|
requests and responses and is only compiled in when --enable-developer
is passed to configure. It includes server and client side code for
generating and responding to functions on this pipe. The functions are:
- AddOne: add one to the uint32 argument and return ig
- EchoData: echo back a variable sized char array to the caller
- SourceData: request a variable sized char array
- SinkData: send a variable sized char array and throw it away
There's a win32 implementation of the client and server in the
junkcode CVS repository in the rpcecho-win32 subdirectory.
(This used to be commit 4ccd34ef836eba05f81dc2da73fd7cfaac201798)
|
|
Added jobid debug when unpacking message.
Jeremy.
(This used to be commit 8a6f3313e69c6d47e20838f42ebc9f8a2ce9ddc4)
|
|
Added jobid debug when unpacking message.
Jeremy.
(This used to be commit 8bab6e32069e1636a52efa31ca55b49f1b3fa768)
|
|
schannel clients.
Volker
(This used to be commit 0f348a35d09ff020837119157ef7f4b9e6f07643)
|
|
schannel clients.
Volker
(This used to be commit 41e92409e1c6912db05acc80b6c0d5dccd51859b)
|
|
open_printer when 2k client opens with admin privs & fix reply for ChangeId printer data reply
(This used to be commit c7c3d42cd5954b040ee7027886ea8d9d0f2da9a5)
|
|
open_printer when 2k client opens with admin privs & fix reply for ChangeId printer data reply
(This used to be commit 12eb3e993788eb8bc0e9eb62e60a8b55079df5ad)
|
|
(This used to be commit 4d42067cb89220a1b275bc8408c9c1ba2ef7766a)
|
|
(This used to be commit 51d330dcf3bd74367fc18f4229a9cfa0392f0b36)
|
|
No more XP requiresignorseal anymore!
Thanks again to Luke :-)
Volker
(This used to be commit 6b2b55901d66cab0c0c0c90bd0585c870be6e468)
|
|
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG
as I found out later :-)
It adds a new parameter: server schannel = yes/auto/no defaulting to
auto.
What does this mean to the user: No requireSignOrSeal registry patch
for XP anymore.
Many thanks for this code to Luke Leighton, Elrond and anybody else I
forgot to mention.
My next thing will be to see if this applies cleanly to 3_0.
Please test and comment!
Volker
(This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
|
|
includes a --with-idmap=no switch to disable idmap usage if you find
problems.
cosmetic fixes and param aliases to separate winbind from idamp roles.
A temporarily remote idmap winbind compatibility backend.
As I have time I will further change code to not call directly winbind
(partly done but not tested) and a specilized module will be built in place
for the current glue hack.
The patch has been tested locally in my limited time, the patch is simple and
clear and should not reserve problems, if any just disable it.
As usual, comments and fisex are welcome :-)
Simo.
(This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
|
|
Jeremy.
(This used to be commit e5e83544dc0acf812bfa5ea17960b5a6be954ca1)
|
|
Jeremy.
(This used to be commit 48f3bf0ea51b9fd09dfb017870e32ca4a8cc4b8c)
|
|
CR2102; reviewed by jra
(This used to be commit 3d37e1ece913707f346c3c2459c3c42192a3a1a7)
|
|
CR2102; reviewed by jra
(This used to be commit 50c25e54ff05bfb01a93e84afd2ad92e90d5a5c2)
|
|
printer open; CR 2102 (reviewed by jreilly)
(This used to be commit 26478158bc03fdf019589ce68062100a39149b52)
|
|
printer open; CR 2102 (reviewed by jreilly)
(This used to be commit a179c2cefb15b1b8869a83fe5f14a85d1eb96114)
|
|
(This used to be commit 453813ec6e2c25a3f6a664212aedcad15cfd6000)
|