Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit a1326ea34831bf49942f7bcb954999091c3ea820)
|
|
Jeremy.
(This used to be commit e12934c67b6aea9e3e449009e159ce6814dcbd11)
|
|
add winbindd_passdb backend
this makes it possible to have nua accounts on security = user servers to
show up in unic through nss_winbind.so
the problem is that we do not have group support, so nss group support is
not very good at this time (read: totally absent)
we NEED group support in passdb
(This used to be commit 921215cf4bfbd4d7457f81e181bb1a74a4531ca1)
|
|
make a new sam_Account contain our domain by default, windows will complain
on logon otherwise.
fix stupid typo in idmap_util.c
(This used to be commit 21701876dc6c59ebfc51be708a98226a00a764e0)
|
|
correctly handle allocated rids in tdbsam
(This used to be commit 7ae6162e1dd668897628c4f7edff508616644d21)
|
|
add group mapping mappings to idmap at startup
(This used to be commit 62365023db61d5a4fa32845af3db73bce6cb94ea)
|
|
(This used to be commit 568feee8977ee1be210344c8ab1896512894cba2)
|
|
plus internal fixes
1st stage
(This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
|
|
few fixes to *id_to_*id functions, we don't set the mapping for algoritmic
RIDs, they are resolved in the classic way
eliminate getpw* calls from tdbsam
(This used to be commit 6a7689cf74cd4d5f29e0b12f4bf8ac3051d49157)
|
|
(This used to be commit db571a9fd7fbce1c13ed652616ad9725db00b49f)
|
|
SAM_ACCOUNT does not have anymore uid and gid fields
all the code that used them has been fixed to use the proper idmap calls
fix to idmap_tdb for first time idmap.tdb initialization.
auth_serversupplied_info structure has now an uid and gid field
few other fixes to make the system behave correctly with idmap
tested only with tdbsam, but smbpasswd and nisplus should be ok
have not tested ldap !
(This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
|
|
(This used to be commit 3c2963f8e3f98ecae9fe59336c35000cf4d386c5)
|
|
(This used to be commit f7041ec5d74475013c839b5ea9ecac10322e5e65)
|
|
change idmap_init call
removed ldap backend for winbind idmap, seem it had problems anyway and it
have to be reworked to work with idmap without calling winbind code.
simo
(This used to be commit 9d7d007443fc75264b2764b90f272ffc40c9be6c)
|
|
(This used to be commit ff051e9cf4b468aa9fe7e3f84483571d3d2de556)
|
|
make idmap not map SIDs outside the uid/gid range defined by default
this is to keep backward compatibility
(This used to be commit bec45093c379915082d7b7f44113f5c17110d123)
|
|
smb.conf parameters along with some other small fixes. Binary
compatible with older modules.
(This used to be commit aa07b12fda732ca19d8dc41cebc7bb09e2549a30)
|
|
fix debug, add "idmap" string to the list of classes
fix idmap, check init failures, and enhance debugging
fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that
before)
fix smbd/uid.c, use gid_t for gids and uid_t for uids
(This used to be commit bc95de4ebb014080bc70173e7df94c672cea8df6)
|
|
places where it was used, this caused me segfaults in the last week :(
add more debugging in idmap to chase down a problem
(This used to be commit 6393105bda12fb3f6211e4f0128aabf588431b49)
|
|
(This used to be commit aeaa60c8432fe06ad51bac52f473e5fdc6c00afc)
|
|
(This used to be commit 9374f8692f6587b5f773c72b7847b64edeee9614)
|
|
(This used to be commit ad1a2ab0d6330a0b0fbce7b30ec5f6f502133921)
|
|
first run if idmap.tdb is not found, and then eventually convert it to the
new format.
This is done to unify winbind and idmap databases and to make a backup of
winbindd_idmap.tdb in case you want to downgrade (of course it will not be
updated).
This is needed because idmap.tdb contains also local mappings, not only
foreign domains mappings.
Added some other fixes/improvements
Simo.
(This used to be commit cf17261519fd8775500f9b9d6caa2bc462e04633)
|
|
(This used to be commit 5ac94535d7b7ce0cc0d44b9a77d6e42ddfd0cd26)
|
|
(This used to be commit 9c706be7b4417a1dc36866c3bad7a156f30b8af6)
|
|
includes a --with-idmap=no switch to disable idmap usage if you find
problems.
cosmetic fixes and param aliases to separate winbind from idamp roles.
A temporarily remote idmap winbind compatibility backend.
As I have time I will further change code to not call directly winbind
(partly done but not tested) and a specilized module will be built in place
for the current glue hack.
The patch has been tested locally in my limited time, the patch is simple and
clear and should not reserve problems, if any just disable it.
As usual, comments and fisex are welcome :-)
Simo.
(This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
|
|
- Add some const
(This used to be commit e149e70717f38e082ce35d55f9b4d84ba8419af7)
|
|
two layers structure with
- local tdb cache
- remote idmap repository
compiles
(This used to be commit 8fb4e210bc7564ed491d121c20d598ba0bfbddff)
|
|
(not tested yet)
(This used to be commit 0d6cec90c13731827abcbc61974efc993e794003)
|
|
(This used to be commit 8338e74ac4e5f31150c96f459a67e52090dc6013)
|
|
genparser works fine, and it is a marvelous tool to store objects in tdb :)
(This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
|
|
- Building a tdbsam2 backend to see what I got right and what not about the proposed API
- Corrections to API based on tdbsam2 work
(This used to be commit 54f11b7de84233209b7db2d01d876f9c6c6340d6)
|
|
Jeremy.
(This used to be commit 784d15761c3271bfd602866f8f9f880dac77671c)
|
|
Jeremy.
(This used to be commit 20a44d4cf11d91e7a09176bfe673ad0cb230dffe)
|
|
introduce genparser will be used by tdbsam2
(This used to be commit 831d3d1ec751f23481f26b31d22b09f3d9c0709a)
|
|
(This used to be commit 2a9d183cf6ae8333dc7d9d9445c17dce005c1d24)
|
|
use FUNCTION_MACRO instead of __FUNCTION_
(This used to be commit 243763d6eb107ab2444d81025232c8fe795baaf1)
|
|
decide what to do with it.
Last updates are support for the right way to support privileges.
Simo.
(This used to be commit cae9074405dec5baf6bd34d48f36e2c81b24d2ea)
|
|
(This used to be commit 2a598d435d3eb46ca28b3591a4f7f9d856ce3c1f)
|
|
(This used to be commit 82a0abf4c84ddd0672b3c5ea4ba9759abd6778c6)
|
|
also try to uniform names to a clean scheme.
first part.
(This used to be commit a123e05877caf90c28980be2d84b1d0b46e4fd21)
|
|
(This used to be commit 598039599ca7c38a42ae75cf345c01b3cf3881ff)
|
|
In order to reduce complexity, this patch removes the upper layer of the SAM
API. Also, we remove the function pointers on the sam context - there really
is no point making these replaceable - that's for the modules.
Move a number of functions in include/interface.c around to allow for use of
'static' and to keep the external API in one chunk, at the bottem. All these
functions were renamed to remove the context_sam -> sam
Consequential changes in the samtest module, and back out metze's change for
ACB filtering, becouse I think it belongs in the SAM backeds. (But I will take
debate on this one).
Changes to the lib/util_sid.c code to create a 'system' token, and make it a
SAM_ASSERT() enforced requirement to have a token on those calls that specify
it. samtest now uses this.
We should have a samtest call to set your own token.
We also need to extend our se_access code to cover the things that Win2k is
returning in it's access tokens. Currently our system token doesn't pass, due
to unexpected flags. (When running sam_ads against Win2k)
Andrew Bartlett
(This used to be commit b9036900d0bb227ec16c6a5792c18ef943dcf015)
|
|
small fix for the previous merge.
Andrew Bartlett
(This used to be commit 85122800fce7a6f9eeee0651f6d9eb9218e35bb6)
|
|
(This used to be commit 470a1316324821984745bcf7321bafd8d0fd0a77)
|
|
(New accounts are created on thier internal talloc context, not a supplied one
and not the one beloning to the SAM)
Also actaully add the sam_skel to the tree.
I need to work out with Jelmer an appropriate way to ensure we still have an
example external build, and if this should move back out again.
Andrew Bartlett
(This used to be commit dc8b0d23e088d1e7f7fbc6ab0423eaa82f14e258)
|
|
This module, primarilly the work of "Stefan (metze) Metzmacher"
<metze@metzemix.de>, uses the Active Directory schema to store the
user/group/other information. I've been testing it against a real AD server,
and it is intended to work with OpenLDAP as well.
I've moved a few functions around in our other libads code, which has made it
easier to tap into that existing code.
Also, I've made some changes to the SAM interface, I hope there are not too
many objections... To ensure we don't get silly bugs in the skel module, it
is now in the default compile. This way you should not forget to update it :-)
Andrew Bartlett
(This used to be commit 24fb0cde2f0b657df1c99474cd694438c94a566e)
|
|
(This used to be commit 1430473d3fdcc8e711fe483b84dfeefa6bd54905)
|
|
(This used to be commit 81156d6556dab2ea23dea69da6940a0482d79d9b)
|
|
(This used to be commit d312e1c2b44905af87c4d550975eee78dbf2edee)
|