Age | Commit message (Collapse) | Author | Files | Lines |
|
lsa_add_acct_rights function.
This allows us to add privileges remotely to accounts using rpcclient.
(This used to be commit 2e5e659e095a94b0716d97f673f993f0af99aabe)
|
|
(This used to be commit 5d43346761cd120c12766536efb0513994d7bace)
|
|
other progs.
(This used to be commit 97133f7168852dc185dbf4492afcaf4b68180f65)
|
|
(This used to be commit e3d00fa47d38cd214f5e350e1d6b30d90ed8a52c)
|
|
calls to init_unistr2() in the code and every one of them got the 3rd
argument incorrect, so I thought it best just to remove the argument.
The incorrect usage was caused by callers using strlen() to determine
the length of the string. The 3rd argument to init_unistr2() was
supposed to be the character length, not the byte length of the
string, so for non-english this could come out wrong.
I also removed the bogus 'always allocate at least 256 bytes'
hack. There may be some code that relies on this, but if there is then
the code is broken and needs fixing.
(This used to be commit b9eff31b1433c81fbff733e194914a40f25e3bda)
|
|
They still accept a SID, it just can be tedious to have to type SIDs
instead of names all the time.
(This used to be commit 665cc9b1aceb454074e9de9c6e8636b39be29493)
|
|
* added container option to net command (patch from SuSE)
* Makefile patch for examples/VFS from SuSE
(This used to be commit 4a6d8280ea27ca7a6998219aacc4b15b1227a659)
|
|
principal similar to the existing cli_lsa_enum_privsaccount() call,
except that cli_lsa_enum_account_rights() doesn't require a call to
open_account first. There is also the minor matter that
cli_lsa_enum_account_rights() works whereas
cli_lsa_enum_privsaccount() doesn't!
this call can be used to find what privileges an account or group
has. This is a first step towards proper privileges support in Samba.
(This used to be commit 65bac11d716f873dcdbda528313c33634c26a072)
|
|
sizeof(var) in slprintf statements, so as to ensure we don't get mixups there.
Also remove fstrcpy() into a variable that is about to be printed into anyway.
Andrew Bartlett
(This used to be commit 9b761237321d475c324a3995fe6f0922550ae995)
|
|
debug level 0.
(This used to be commit 451286febd251d25b8beeae9b41a09102240c219)
|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
this commit change the structure and code to reflect this
some test revelead I'm right.
some other revelead currently the abort shutdown does not work against my test machine even if it returns successfully ... need investigation
(This used to be commit c5892b656dedd0367adc33d9606311d1dde99a58)
|
|
Jeremy.
(This used to be commit 784d15761c3271bfd602866f8f9f880dac77671c)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
|
|
(This used to be commit 8877ff2482bfa880614a9f40eed448d60216419d)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
|
|
(This used to be commit 101727335fffd4011659bfa9f7f8ab24b641fc4e)
|
|
(This used to be commit f20de1f9b0dcac15fbf968e6d5d5af2fdd5fbda1)
|
|
(This used to be commit 6d1d2849a7b2f99d927ba168ed2d01a879b09e69)
|
|
(This used to be commit a22fdf26fef0cd58c84ca13891a762e3fdc6af8b)
|
|
(This used to be commit a2e17d4344f996b64cd9c4f01b6b15c069fde41b)
|
|
Also tidied up some of Richard's code (I don't think he uses the compiler
flags -g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual like
I do :-) :-).
Jeremy.
(This used to be commit 10024ed06e9d91f24fdc78d59eef2f76bf395438)
|
|
than the version in APPLIANCE so watch out for boogs.
(This used to be commit 1e054e3db654801fbb5580211529cdfdea9ed686)
|
|
that app-head does.
Jeremy.
(This used to be commit b521abd86b10573ca8f9116907c81e6deb55f049)
|
|
(This used to be commit 821b27037b991e143b87f0f1c7186c9a403376f0)
|
|
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
|
|
from APP_HEAD
(This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
|
|
AllowDebugChange, saving the debuglevel across lp_load() calls etc.
(This used to be commit 561204905b78323fd0a03cc7ec5c9dbb2295bd5b)
|
|
(This used to be commit a7616b2b942eaf3be4e16fb9d38cdb42d8b95a94)
|
|
function. Also fixed crash bug - I don't think anyone uses this
command anymore...
(This used to be commit 82c9bf2a6f03c801e701636aff726090483cea25)
|
|
pointers.
(This used to be commit e9b71b354d923b2cd0f028dd197e7ca81339ec3a)
|
|
J.F.
(This used to be commit 3cf419bdfbd3c56f31fb0794b206ab4bd2ac7120)
|
|
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch.
pass also the negociation flags all the way.
all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient.
in the future we will be able to call auth_2 or auth_3 as we want.
J.F.
(This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
|
|
(This used to be commit 4631e1fd1039c7eed58d3738bd7310219acc9000)
|
|
(This used to be commit 355d28d9eae2fd4b94bb591c5c51cad2fab9d2fd)
|
|
(This used to be commit 4e142ba3749d2eb45687425ff87c153fb6147056)
|
|
(This used to be commit e09007dd5d17d5f84aea3c2fed16ce79ba7be1f2)
|
|
server name and everything works as advertised. See the MSDN doco for details.
(This used to be commit d6b10fe9691bfc96d5933c029990c60fd292bdc9)
|
|
(This used to be commit b8dba26978c281259e02b9d6ebacaa7cba4f7787)
|
|
(This used to be commit 6ec267618a7ba2c4a7170b78ccfe95120c5430c4)
|
|
- SAM_DELTA_RENAME{USER,GROUP,ALIAS}
- SAM_DELTA_DELETE{USER,GROUP}
Renamed some of the unknown delta types and their unmarshalling functions:
- SAM_DELTA_TRUST_DOMS
- SAM_DELTA_SECRET_INFO
(This used to be commit 1f29276c2ff450c4ca3705c27fb0be71ddcda4ad)
|
|
samsync operations (as a BDC)
(This used to be commit e4cb106d2e3e6a41529369545a7a6ce5fe6d8986)
|
|
try to keep to functions inside libsmbclient.
Andrew Bartlett
(This used to be commit 340bc31fdb031d79fa87de27c2c46215dd8113a3)
|
|
(This used to be commit 009b331182b1338e07968388004f5d44b835e7f5)
|
|
(This used to be commit f2c48cadb22256564f2ddaa5169812c7c4383ec5)
|
|
which lsaqueryinfo to do based in infoclass. Currently 12 is the only one
that causes a queryinfo2.
(This used to be commit f4ec2d52a7b093da701d68906cce6de197f182be)
|
|
what 2k does.
(This used to be commit 99437db17aa7c2e3448f28f627e993e8ab762d31)
|
|
(This used to be commit fe43c2ac2d2e1dd3b3a25c807d4dd379c5ac4960)
|
|
setups.
- split up the ads structure into logical pieces. This makes it much
easier to keep things like the authentication realm and the server
realm separate (they can be different).
- allow ads callers to specify that no sasl bind should be performed
(used by "net ads info" for example)
- fix an error with handing ADS_ERROR_SYSTEM() when errno is 0
- completely rewrote the code for finding the LDAP server. Now try DNS
methods first, and try all DNS servers returned from the SRV DNS
query, sorted by closeness to our interfaces (using the same sort code
as we use in replies from WINS servers). This allows us to cope with
ADS DCs that are down, and ensures we don't pick one that is on the
other side of the country unless absolutely necessary.
- recognise dnsRecords as binary when displaying them
- cope with the realm not being configured in smb.conf (work it out
from the LDAP server)
- look at the trustDirection when looking up trusted domains and don't
include trusts that trust our domains but we don't trust
theirs.
- use LDAP to query the alternate (netbios) name for a realm, and make
sure that both and long and short forms of the name are accepted by
winbindd. Use the short form by default for listing users/groups.
- rescan the list of trusted domains every 5 minutes in case new trust
relationships are added while winbindd is running
- include transient trust relationships (ie. C trusts B, B trusts A,
so C trusts A) in winbindd.
- don't do a gratuituous node status lookup when finding an ADS DC (we
don't need it and it could fail)
- remove unused sid_to_distinguished_name function
- make sure we find the allternate name of our primary domain when
operating with a netbiosless ADS DC (using LDAP to do the lookup)
- fixed the rpc trusted domain enumeration to support up to approx
2000 trusted domains (the old limit was 3)
- use the IP for the remote_machine (%m) macro when the client doesn't
supply us with a name via a netbios session request (eg. port 445)
- if the client uses SPNEGO then use the machine name from the SPNEGO
auth packet for remote_machine (%m) macro
- add new 'net ads workgroup' command to find the netbios workgroup
name for a realm
(This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
|
|
(This used to be commit a5a0ff8bd7ee4a3586647d14fd750ec6df73efa8)
|