Age | Commit message (Collapse) | Author | Files | Lines |
|
account doesn't exist
(This used to be commit 477b6d27fd7281418739bc8ba0b984a53430ecda)
|
|
winbind function if the id is obviously going to be local. Cleanup
of winbind [ug]id parameter handling.
(This used to be commit 4ab9ca31a02b3388aa89a00e0390ea9e4c76283a)
|
|
(This used to be commit d6318add27f6bca5be00cbedf2226b642341297a)
|
|
and replaced with two functions:
void zero_ip(struct in_adder *ip);
BOOL is_zero_ip(struct in_addr ip);
(This used to be commit 778f5f77a66cda76348a7c6f64cd63afe2bfe077)
|
|
subdirectory.
(The insertion of these files was done with some CVS backend magic, hence the
lack of a commit message).
This also moves libsmb/domain_client_validate.c back into auth_domain.c,
becouse we no longer share it with winbind.
Andrew Bartlett
(This used to be commit 782835470cb68da2188a57007d6f55c17b094d08)
|
|
(This used to be commit 2e916222a915c27f919a9841bde5ba0967af2190)
|
|
(This used to be commit 5a735a88e472a48cd4329832998dc31c1e230ecb)
|
|
Jeremy.
(This used to be commit 97dca242a91c68048e510f42be53421b533183be)
|
|
map.
This little authentication module is #ifdef DEVELOPER, becouse it really is of
no use execept as a development tool
invoke by setting:
auth methods = guest sam name_to_ntstatus
in the smb.conf file (the SAM and guest elements are required for the member
server to authenticate itself).
Andrew Bartlett
(This used to be commit 9807e66f34c1088399657060977e384c5a7f0664)
|
|
Jeremy.
(This used to be commit 84b62d3c8ebd78cd578ac36168631b3bbcafdd8c)
|
|
this completes the first stage of the smbd ADS support
(This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)
|
|
(This used to be commit ad7afbfdea600a62fa1550bd354996ad38807533)
|
|
(large change to modularise the auth subsystem)
Andrew Bartlett
(This used to be commit 324c4676280641fee0647221dba1e826e03ba9ab)
|
|
subystem.
The particular aim is to modularized the interface - so that we
can have arbitrary password back-ends.
This code adds one such back-end, a 'winbind' module to authenticate
against the winbind_auth_crap functionality. While fully-functional
this code is mainly useful as a demonstration, because we don't get
back the info3 as we would for direct ntdomain authentication.
This commit introduced the new 'auth methods' parameter, in the
spirit of the 'auth order' discussed on the lists. It is renamed
because not all the methods may be consulted, even if previous
methods fail - they may not have a suitable challenge for example.
Also, we have a 'local' authentication method, for old-style
'unix if plaintext, sam if encrypted' authentication and a
'guest' module to handle guest logins in a single place.
While this current design is not ideal, I feel that it does
provide a better infrastructure than the current design, and can
be built upon.
The following parameters have changed:
- use rhosts =
This has been replaced by the 'rhosts' authentication method,
and can be specified like 'auth methods = guest rhosts'
- hosts equiv =
This needs both this parameter and an 'auth methods' entry
to be effective. (auth methods = guest hostsequiv ....)
- plaintext to smbpasswd =
This is replaced by specifying 'sam' rather than 'local'
in the auth methods.
The security = parameter is unchanged, and now provides defaults
for the 'auth methods' parameter.
The available auth methods are:
guest
rhosts
hostsequiv
sam (passdb direct hash access)
unix (PAM, crypt() etc)
local (the combination of the above, based on encryption)
smbserver (old security=server)
ntdomain (old security=domain)
winbind (use winbind to cache DC connections)
Assistance in testing, or the production of new and interesting
authentication modules is always appreciated.
Andrew Bartlett
(This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
|
|
Jeremy.
(This used to be commit a58d0f91f9ee7354c01a9c20cfe178d5dc02142d)
|
|
in smbd/process.c where the timezone is reinitialised. Was replaced with
check for a static is_initialised boolean.
(This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
|
|
(This used to be commit b51e5b07d9f7719180b28215236efc3fa09d8bea)
|
|
(This used to be commit edb556b47446f75dc4987eee15276661eb6cec8d)
|
|
(This used to be commit 096868bd35b374f97e570676fc23c006b6c7a1d3)
|
|
Spelling fix.
(This used to be commit 3d87c1a2444c3b9267e0dda7a2da77657fba143e)
|
|
(This used to be commit 1cbc18ae732671d9a60528f8300ca7609e124d11)
|
|
(This used to be commit d51ef6bfa3d194b58c3ee7706a7d475ef042676d)
|
|
(This used to be commit 507ef80f48a8fca762e41be5cdb80ce86544da3f)
|
|
waiting for DNS timeouts to occur. The correct place to do this is in the
code that displays the session information.
(This used to be commit 2e89165f22d9e9c1fa749ae54957d0ec84a1497d)
|
|
(This used to be commit 868999ad3c82ad72f11d5b3208b0e42b1ed95096)
|
|
default, rather than in preprocessor macros.
(This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
|
|
Jeremy.
(This used to be commit 9148bb9eaa67de60c3b0b4709a9c05a840c20c66)
|
|
Remove unused old file.
Test 42 byte reply to SMBntcreate (W2K does this).
Jeremy.
(This used to be commit a55a63a4ca55602ad9221af17c0bc8e185536433)
|
|
Jeremy.
(This used to be commit 60983782ed078593d122e0c0bc6b4e17c3e56e63)
|
|
Jeremy.
(This used to be commit 27081355a97550b26c870907a471352a11921ffc)
|
|
(This used to be commit 5c486bd28a5d4194b7cd50fd0fe3430d0d2eaa9b)
|
|
Jeremy
(This used to be commit 9391efb38ef1847ed2c3b2734c1177830d64a247)
|
|
Jeremy.
(This used to be commit 9ff6b0c20cc88ef0bcd62a596fcb96f898b5b29d)
|
|
modified mangle.c to use mosltly acnv_????() functions.
this should make also build farm happy
(This used to be commit 8bb5cb27c2012b8967482255d48a1b48d3acd9db)
|
|
that.
(This used to be commit a82c8638576b2c2164eaf046aa529e233ffb71d6)
|
|
To be replaced with a real restriction in consultation with jra. (Hence why
I've not touched loadparm.c).
Andrew Bartlett
(This used to be commit 95901449158a4ef7f95f75b22f63f6f8d43a01fe)
|
|
Add and fix comments
Add 'const' to some more input paramaters.
(This used to be commit 0c7eefcb5c5db63294d0584029e0d32cd1523e80)
|
|
Check the pdb_init_sam() for failure.
(This used to be commit 1808cd5210258bddc349f13a7bcf20a3f46aa672)
|
|
remove rudundent not null checks
fix indenting
(This used to be commit 3eada888fddb1f0cb7c0ed7037eb1c60e7988ad9)
|
|
(This used to be commit 600d83e43f61eb138115731ce089ba42d63e0924)
|
|
(This used to be commit 80667cb0dd1a2cdef17711c8580af9f524971cea)
|
|
note the useful acnv_uxu2 and acnv_u2ux functions in charcnv.c
(This used to be commit 64dde3b64fc091cda95fc4ed145595b5d79b2e01)
|
|
Jeremy.
(This used to be commit d20949fe509c1496bc434f0fbf403f0b69ab9954)
|
|
Jeremy.
(This used to be commit ab607cdf153d9187fe50af3377ece5a9fafde1b1)
|
|
per-share. I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.
Almost all the user's of this paramater used it as a global anyway...
While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.
This already removes an absolute truckload of extra attempted password lookups
on the guest account.
Andrew Bartlett
(This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)
|
|
grumble, mumble, ...
(This used to be commit 72c1af6f8d9893dd5b8b4d105b301d8c621749c6)
|
|
This changes the way we process guest logons - we now treat them as normal
logons, but set the 'guest' flag. In particular this is needed becouse Win2k
will do an NTLMSSP login with username "", therefore missing our previous guest
connection code - this is getting a pain to do as a special case all over the
shop.
Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the
anonymous or authenticated case, can you take a look at this?
Also some cleanups in the check_password() code that should make some of the
debugs clearer.
Various other minor cleanups:
- change the session code to just take a vuser, rather than having to do a
vuid lookup on vuser.vuid
- Change some of the global_client_caps linking
- Better debug in authorise_login(): show the vuid.
Andrew Bartlett
(This used to be commit 62f4e4bd0aef9ade653b3f8d575d2864c166ab4d)
|
|
(This used to be commit a99d9cec7e090736ab49c91720cfd2b43e2a6f00)
|
|
Jeremy.
(This used to be commit c339a99a891c9e4bbad59ee1243908c91f048834)
|
|
Jeremy.
(This used to be commit 36ea09d3a041fab0854dfdc20f6ea8db7ccbec2e)
|