Age | Commit message (Collapse) | Author | Files | Lines |
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
Else SAFE_FREE seg faults. Thanks to Günther for pointing me at this.
I've implemented in in this was as we should announce to remove the
idmap_ strip stuff after some time at all.
(This used to be commit 6a5bf399a59b4f07a1560d534629cb14e20b5d3f)
|
|
If we detect a leading 'idmap_' for the idmap backend setting we strip
this and inform about the deprecated config with DEBUG 0.
I'm not sure if we should set a TTL of one year or five additional
releases from now for this code.
This is required for the changes Günther made as the first step to solve
bug #3264. With this fix we can even run with an old config. This is
very important as we else will break existing configurations with an
update.
(This used to be commit 34c7d8c0694369760340843318f873e26546cb2e)
|
|
Volker
(This used to be commit 25cbcfba30f534f3fb31627ba43421c42ccd5b0f)
|
|
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
(in preparation of adding idmap_rid)
Guenther
(This used to be commit e7691f4862da141f530a8e8b1364b9c02e8dc732)
|
|
Optimization for 'idmap backend = ldap': When asking sid2id for the wrong
type, don't ask ldap when we have the opposite mapping in the local tdb.
Volker
(This used to be commit c91cff3bd38c1a8e23628b032f09829f9abf792d)
|
|
parameter a list instead of a string. This makes
idmap backend = ldap:"ldap://localhost/ ldap://fallback/"
possible.
Volker
(This used to be commit ea718347937ec0e5640b29e0e9edf6eda2b45e34)
|
|
Check in the 'winbind proxy only' mode -- no new parameter required :-)
If you don't set idmap uid or idmap gid, winbind will not do idmap stuff, it
will only proxy the netlogon request and thus speed up the authentication of
domain users.
Volker
(This used to be commit 29235f0c69035376ad7ac27b08a59069fa151102)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings
on some of the 64-bit build farm machines as well as help us out when 64-bit
uid/gid/pid values come along.
(This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
|
|
* move rid allocation into IDMAP. See comments in _api_samr_create_user()
* add winbind delete user/group functions
I'm checking this in to sync up with everyone. But I'm going to split
the add a separate winbindd_allocate_rid() function for systems
that have an 'add user script' but need idmap to give them a RID.
Life would be so much simplier without 'enable rid algorithm'.
The current RID allocation is horrible due to this one fact.
Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow.
Nothing has changed in the way a samba domain is represented, stored,
or search in the directory so things should be ok with previous installations.
going to bed now.
(This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d)
|
|
to winbindd. See README.idmap-and-winbind-changes for details.
(This used to be commit 1111bc7b0c7165e1cdf8d90eb49f4c368d2eded6)
|
|
Volker
(This used to be commit 9d317fb533c5236bef1701d322abd537beea02d5)
|
|
Jeremy.
(This used to be commit 1714eb6bef627ebcfb6db03e58fdd02ea502c6e1)
|
|
Jeremy.
(This used to be commit ba112bb3fdb4e81d8f6ab1ccc4a68960f71ccb23)
|
|
idmap backend is specified cause smbd to ask winbindd (use winbindd if
you want a consistant remote backend solution).
Should work well enough for next beta now...
Jeremy.
(This used to be commit 8f830c509af5976d988a30f0b0aee4ec61dd97a3)
|
|
and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes
for multi-process access.
Jeremy.
(This used to be commit 5b998cdc1d552234236862f6a2bbae703b0c146e)
|
|
add.
Jeremy.
(This used to be commit 030b35ca0fc9fe49610084c6c1be95241157564b)
|
|
things at the *front* of the list). Add more debug. Still broken.. :-(.
Jeremy.
(This used to be commit dd9251e6f51f229ca1fab23d9b06f5bb68644fab)
|
|
As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK
This patch will cure the problem.
Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is
used correctly, but I'm not 100% sure, coders should check the use of
NT_STATUS_IS_ERR() in samba is ok now.
Simo.
(This used to be commit c501e84d412563eb3f674f76038ec48c2b458687)
|
|
Jeremy.
(This used to be commit 6a07d19b6342e28a4827c16fcc379952bb1808b4)
|
|
* remove 'winbind uid' and 'winbind gid' parameters (replaced
by current idmap parameter)
* create the sambaUnixIdPool entries automatically in the 'ldap
idmap suffix'
* add new 'ldap idmap suffix' and 'ldap group suffix' parametrer
* "idmap backend = ldap" now accepts 'ldap:ldap://server/' format
(parameters are passed to idmap init() function
(This used to be commit 1665926281ed2be3c5affca551c9d458d013fc7f)
|
|
(This used to be commit 7e352f5c62c4889bdf2662dded1e74a354890dc7)
|
|
SIDs
(This used to be commit b24c0efc4b363cb0d4ed71588e9617d668c16be9)
|
|
plus internal fixes
1st stage
(This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
|
|
(This used to be commit db571a9fd7fbce1c13ed652616ad9725db00b49f)
|
|
(This used to be commit f7041ec5d74475013c839b5ea9ecac10322e5e65)
|
|
change idmap_init call
removed ldap backend for winbind idmap, seem it had problems anyway and it
have to be reworked to work with idmap without calling winbind code.
simo
(This used to be commit 9d7d007443fc75264b2764b90f272ffc40c9be6c)
|
|
make idmap not map SIDs outside the uid/gid range defined by default
this is to keep backward compatibility
(This used to be commit bec45093c379915082d7b7f44113f5c17110d123)
|
|
fix debug, add "idmap" string to the list of classes
fix idmap, check init failures, and enhance debugging
fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that
before)
fix smbd/uid.c, use gid_t for gids and uid_t for uids
(This used to be commit bc95de4ebb014080bc70173e7df94c672cea8df6)
|
|
(This used to be commit aeaa60c8432fe06ad51bac52f473e5fdc6c00afc)
|
|
(This used to be commit 9374f8692f6587b5f773c72b7847b64edeee9614)
|
|
(This used to be commit ad1a2ab0d6330a0b0fbce7b30ec5f6f502133921)
|
|
includes a --with-idmap=no switch to disable idmap usage if you find
problems.
cosmetic fixes and param aliases to separate winbind from idamp roles.
A temporarily remote idmap winbind compatibility backend.
As I have time I will further change code to not call directly winbind
(partly done but not tested) and a specilized module will be built in place
for the current glue hack.
The patch has been tested locally in my limited time, the patch is simple and
clear and should not reserve problems, if any just disable it.
As usual, comments and fisex are welcome :-)
Simo.
(This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
|
|
two layers structure with
- local tdb cache
- remote idmap repository
compiles
(This used to be commit 8fb4e210bc7564ed491d121c20d598ba0bfbddff)
|
|
(not tested yet)
(This used to be commit 0d6cec90c13731827abcbc61974efc993e794003)
|
|
(This used to be commit 8338e74ac4e5f31150c96f459a67e52090dc6013)
|