summaryrefslogtreecommitdiff
path: root/source3/sam/idmap.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r13316: Let the carnage begin....Gerald Carter1-17/+24
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12964: Rewind rem_backend in the case we have to workaround the idmap_ prefix.Lars Müller1-0/+6
Else SAFE_FREE seg faults. Thanks to Günther for pointing me at this. I've implemented in in this was as we should announce to remove the idmap_ strip stuff after some time at all. (This used to be commit 6a5bf399a59b4f07a1560d534629cb14e20b5d3f)
2007-10-10r12936: Fix bug #3264.Lars Müller1-0/+6
If we detect a leading 'idmap_' for the idmap backend setting we strip this and inform about the deprecated config with DEBUG 0. I'm not sure if we should set a TTL of one year or five additional releases from now for this code. This is required for the changes Günther made as the first step to solve bug #3264. With this fix we can even run with an old config. This is very important as we else will break existing configurations with an update. (This used to be commit 34c7d8c0694369760340843318f873e26546cb2e)
2007-10-10r8093: Next round. Now it compiles with --enable-socket-wrapper.Volker Lendecke1-2/+2
Volker (This used to be commit 25cbcfba30f534f3fb31627ba43421c42ccd5b0f)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-3/+8
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-1/+1
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3137: Do not simply ignore failing idmap-module init for remotemaps.Günther Deschner1-1/+4
(in preparation of adding idmap_rid) Guenther (This used to be commit e7691f4862da141f530a8e8b1364b9c02e8dc732)
2007-10-10r2691: Increase a debug level for a quite frequent operation.Volker Lendecke1-0/+27
Optimization for 'idmap backend = ldap': When asking sid2id for the wrong type, don't ask ldap when we have the opposite mapping in the local tdb. Volker (This used to be commit c91cff3bd38c1a8e23628b032f09829f9abf792d)
2007-10-10r1430: Although prepared for only one remote backend, make the 'idmap backend'Volker Lendecke1-3/+4
parameter a list instead of a string. This makes idmap backend = ldap:"ldap://localhost/ ldap://fallback/" possible. Volker (This used to be commit ea718347937ec0e5640b29e0e9edf6eda2b45e34)
2007-10-10r1297: Yes, it does survive valgrind for my tests :-)Volker Lendecke1-0/+29
Check in the 'winbind proxy only' mode -- no new parameter required :-) If you don't set idmap uid or idmap gid, winbind will not do idmap stuff, it will only proxy the netlogon request and thus speed up the authentication of domain users. Volker (This used to be commit 29235f0c69035376ad7ac27b08a59069fa151102)
2003-08-01Fix copyright statements for various pieces of Anthony Liguori's work.Jim McDonough1-1/+1
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
2003-07-22Fixup a bunch of printf-style functions and debugs to use unsigned long whenTim Potter1-2/+3
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings on some of the 64-bit build farm machines as well as help us out when 64-bit uid/gid/pid values come along. (This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
2003-07-11moving more code around.Gerald Carter1-1/+14
* move rid allocation into IDMAP. See comments in _api_samr_create_user() * add winbind delete user/group functions I'm checking this in to sync up with everyone. But I'm going to split the add a separate winbindd_allocate_rid() function for systems that have an 'add user script' but need idmap to give them a RID. Life would be so much simplier without 'enable rid algorithm'. The current RID allocation is horrible due to this one fact. Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow. Nothing has changed in the way a samba domain is represented, stored, or search in the directory so things should be ok with previous installations. going to bed now. (This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d)
2003-07-09Large set of changes to add UNIX account/group managementGerald Carter1-0/+15
to winbindd. See README.idmap-and-winbind-changes for details. (This used to be commit 1111bc7b0c7165e1cdf8d90eb49f4c368d2eded6)
2003-07-01Don't set a mapping that is already there.Volker Lendecke1-0/+15
Volker (This used to be commit 9d317fb533c5236bef1701d322abd537beea02d5)
2003-06-30Merge of Volkers patch to make the logic clearer (with my mod).Jeremy Allison1-44/+45
Jeremy. (This used to be commit 1714eb6bef627ebcfb6db03e58fdd02ea502c6e1)
2003-06-30Fix missing ret = found by Volker.Jeremy Allison1-1/+1
Jeremy. (This used to be commit ba112bb3fdb4e81d8f6ab1ccc4a68960f71ccb23)
2003-06-27Some const correctness. Stop tdb being used as a remote backend. If anJeremy Allison1-57/+74
idmap backend is specified cause smbd to ask winbindd (use winbindd if you want a consistant remote backend solution). Should work well enough for next beta now... Jeremy. (This used to be commit 8f830c509af5976d988a30f0b0aee4ec61dd97a3)
2003-06-26Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLYJeremy Allison1-5/+5
and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. (This used to be commit 5b998cdc1d552234236862f6a2bbae703b0c146e)
2003-06-26As has been pointed out, ordering here doesn't matter so use normalJeremy Allison1-2/+2
add. Jeremy. (This used to be commit 030b35ca0fc9fe49610084c6c1be95241157564b)
2003-06-25Ensure idmap backends are added in the correct order (DLIST_ADD putsJeremy Allison1-2/+2
things at the *front* of the list). Add more debug. Still broken.. :-(. Jeremy. (This used to be commit dd9251e6f51f229ca1fab23d9b06f5bb68644fab)
2003-06-22Found out a good number of NT_STATUS_IS_ERR used the wrong way.Simo Sorce1-9/+9
As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. (This used to be commit c501e84d412563eb3f674f76038ec48c2b458687)
2003-06-09Fix for crash bug noticed by Luke Howard | PADL Software Pty Ltd | www.padl.com.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 6a07d19b6342e28a4827c16fcc379952bb1808b4)
2003-06-06* break out more common code used between pdb_ldap and idmap_ldapGerald Carter1-2/+13
* remove 'winbind uid' and 'winbind gid' parameters (replaced by current idmap parameter) * create the sambaUnixIdPool entries automatically in the 'ldap idmap suffix' * add new 'ldap idmap suffix' and 'ldap group suffix' parametrer * "idmap backend = ldap" now accepts 'ldap:ldap://server/' format (parameters are passed to idmap init() function (This used to be commit 1665926281ed2be3c5affca551c9d458d013fc7f)
2003-05-29Add smb_register_idmap(). Based on a patch from metzeJelmer Vernooij1-27/+58
(This used to be commit 7e352f5c62c4889bdf2662dded1e74a354890dc7)
2003-05-16add idmap_winbind unless I made a better way to solve SID type for domainSimo Sorce1-0/+1
SIDs (This used to be commit b24c0efc4b363cb0d4ed71588e9617d668c16be9)
2003-05-01*id_to_*id call reshape to return NTSTATUS errorsSimo Sorce1-30/+0
plus internal fixes 1st stage (This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
2003-04-30auto-init for utility functionsSimo Sorce1-0/+18
(This used to be commit db571a9fd7fbce1c13ed652616ad9725db00b49f)
2003-04-29consolidate idmap code in one placeSimo Sorce1-1/+1
(This used to be commit f7041ec5d74475013c839b5ea9ecac10322e5e65)
2003-04-27make winbind use idmap as well.Simo Sorce1-4/+3
change idmap_init call removed ldap backend for winbind idmap, seem it had problems anyway and it have to be reworked to work with idmap without calling winbind code. simo (This used to be commit 9d7d007443fc75264b2764b90f272ffc40c9be6c)
2003-04-26add idmap only parameterSimo Sorce1-0/+29
make idmap not map SIDs outside the uid/gid range defined by default this is to keep backward compatibility (This used to be commit bec45093c379915082d7b7f44113f5c17110d123)
2003-04-19fixesSimo Sorce1-3/+6
fix debug, add "idmap" string to the list of classes fix idmap, check init failures, and enhance debugging fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that before) fix smbd/uid.c, use gid_t for gids and uid_t for uids (This used to be commit bc95de4ebb014080bc70173e7df94c672cea8df6)
2003-04-16NTSTATUS strings are much more use than raw numbers...Andrew Bartlett1-2/+2
(This used to be commit aeaa60c8432fe06ad51bac52f473e5fdc6c00afc)
2003-04-08some more debugging in case of failureSimo Sorce1-0/+2
(This used to be commit 9374f8692f6587b5f773c72b7847b64edeee9614)
2003-04-06fix commitSimo Sorce1-2/+2
(This used to be commit ad1a2ab0d6330a0b0fbce7b30ec5f6f502133921)
2003-04-02THE Idmap patch :-)Simo Sorce1-58/+35
includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. (This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
2003-03-08more on idmapSimo Sorce1-34/+100
two layers structure with - local tdb cache - remote idmap repository compiles (This used to be commit 8fb4e210bc7564ed491d121c20d598ba0bfbddff)
2003-03-08some more codeSimo Sorce1-0/+3
(not tested yet) (This used to be commit 0d6cec90c13731827abcbc61974efc993e794003)
2003-03-07initial work for the new idmpa interfaceSimo Sorce1-0/+145
(This used to be commit 8338e74ac4e5f31150c96f459a67e52090dc6013)