Age | Commit message (Collapse) | Author | Files | Lines |
|
least surprise for callers
(This used to be commit eb523ba77697346a365589101aac379febecd546)
|
|
them with malloc'ing accessor functions. Should save a
lot of static space :-).
Jeremy.
(This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05)
|
|
Display usage if superfluous arguments are given.
Karolin
(This used to be commit cb3a2dfeb047d45bb9eec8cb97d3ba288f21887e)
|
|
(This used to be commit 28c0a77ec1eb4bc69679c00dcdacaa6ee4d8e3f5)
|
|
Guenther
(This used to be commit a41f9aef843378b1f85f9b3d672d00f3399fa342)
|
|
server IP.
This was a logic bug (typo) in a call to get_pdc_ip() in net_find_server().
Michael
(This used to be commit 988c5ff3f47b7508b229464bbed2ca1948d6e27c)
|
|
zero_addr(&ss). All current uses were always of the
AF_INET form, so simplify the call. If in the future
we need to zero an addr to AF_INET6 this can be
done separately.
Jeremy.
(This used to be commit 2e92418a138bf2738b77b7e0fcb2fa37ad84fc0c)
|
|
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
|
|
where we meant int. Fix this. Thanks to metze for
pointing this out.
Jeremy.
(This used to be commit 793a9d24a163cb6cf5a3a0aa5ae30e9f8cf4744a)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
|
|
Thanks to Karolin Seeger <ks@sernet.de>
(This used to be commit 5ae4b2739853e2cd91e839909eb868dbb56be431)
|
|
return NTSTATUS to allow for better error propagation.
Michael
(This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
|
|
s/net_use_upn_machine_account/net_use_krb_machine_account/
rafal
(This used to be commit 86af9fedad71697f22cc739518340f7753b8f9da)
|
|
(This used to be commit c97600b96f6315df8ab0d7ad186423ab75dd4ab5)
|
|
pipe used when connecting to win2k and newer domain controllers. The
server may be configured to deny anonymous netlogon connections which
would stop domain join verification step. Still, winnt domains require
such smb sessions not to be authenticated using machine credentials.
Creds employed in smb session cannot have a username in upn form, so
provide the separate function to use machine account.
rafal
(This used to be commit 30d99d8ac3379caadc5bdb353977149d1ee16403)
|
|
Guenther
(This used to be commit 7e2fb14d6e4f58fe6645b7e7468f925c21cb4c9d)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
Michael
(This used to be commit df30f8d5c2999590aabe1e87f92fbdbafa7052aa)
|
|
this patch
is moving functions around to fix some linker dependencies for the registry.
Michael, I've renamed your auth_utils2.c to token_utils.c.
Thanks!
Volker
(This used to be commit 9de16f25c1c3e0b203da47391772ef2e2fe291ac)
|
|
Volker
(This used to be commit fd0ee6722ddfcb64b5cc9c699375524ae3d8709b)
|
|
Not used
yet, the next step will be a secrets_fetch_machine_account() function that
also pulls the account name to be used in the appropriate places.
Volker
(This used to be commit f94e5af72e282f70ca5454cdf3aed510b747eb93)
|
|
winbind
who did not run the idle events to drop ldap connections.
Volker
(This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997)
|
|
Simo.
(This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
|
|
Jeremy.
(This used to be commit 78b14de27a2220dc4a26d21d108242220b4a1598)
|
|
Jeremy.
(This used to be commit a31bbbaee1042143d750a29b8fcec4720bfdb374)
|
|
toolset.
In 3.0.23 all those commands have been limited to the DC of our primary
domain. Also distinguish calls that may go to remote DCs (search, info,
lookup, etc.) from those that should only go to our primary domain
(join, leave, etc.).
Guenther
(This used to be commit d573e64781667993478a289580fa65c34e847f64)
|
|
(This used to be commit 1d928f783a78b3e957b675f12f1ad56e84c2fcfb)
|
|
(This used to be commit 8c6088f2bd0a5e3a854a31fe428d841d61055a30)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
password via stdin
(This used to be commit 60d4aabc3205aa80f8d49c3c2db95927c61a81a5)
|
|
(This used to be commit 51df47c772f8bdd5a2c3a1e9814e625406e79b5f)
|
|
The motivating factor is to not require more privileges for
the user account than Windows does when joining a domain.
The points of interest are
* net_ads_join() uses same rpc mechanisms as net_rpc_join()
* Enable CLDAP queries for filling in the majority of the
ADS_STRUCT->config information
* Remove ldap_initialized() from sam/idmap_ad.c and
libads/ldap.c
* Remove some unnecessary fields from ADS_STRUCT
* Manually set the dNSHostName and servicePrincipalName attribute
using the machine account after the join
Thanks to Guenther and Simo for the review.
Still to do:
* Fix the userAccountControl for DES only systems
* Set the userPrincipalName in order to support things like
'kinit -k' (although we might be able to just use the sAMAccountName
instead)
* Re-add support for pre-creating the machine account in
a specific OU
(This used to be commit 4c4ea7b20f44cd200cef8c7b389d51b72eccc39b)
|
|
(This used to be commit 121a350b92dafec8f171a54f4b897c7f81757dd1)
|
|
affinity cache.
Guenther
(This used to be commit b8c07babbd22832132da8f70026aa1816983bc38)
|
|
domain code
(This used to be commit 9eb743584d32cdb67e0512ac915c34565bce1c01)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
lp_load() could not be called multiple times to modify parameter settings based
on reading from multiple configuration settings. Each time, it initialized all
of the settings back to their defaults before reading the specified
configuration file.
This patch adds a parameter to lp_load() specifying whether the settings should
be initialized. It does, however, still force the settings to be initialized
the first time, even if the request was to not initialize them. (Not doing so
could wreak havoc due to uninitialized values.)
(This used to be commit f2a24de769d1b2266e576597c57a8e3b1e2a2b51)
|
|
All 'usage' messages are still printed to stdout.
Fix some compiler warnings for system() calls where we didn't used the
return code. Add appropriate error messages and return with the error
code we got from system() or NT_STATUS_UNSUCCESSFUL.
(This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
|
|
(This used to be commit 9ca8edc26e66887d6333943bc6a9776352c657fc)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
Guenther
(This used to be commit bf67a8611491ed748c6975787ce2f0572586a3c6)
|
|
(This used to be commit 1e9a8854b1f3bd640096923dc79991654da7e845)
|
|
modeled after query_displayinfo and should hide the differences between users,
groups and aliases while allowing a cache analog load_sampw_entries:
struct pdb_search *pdb_search_users(uint16 acct_flags);
struct pdb_search *pdb_search_groups(void);
struct pdb_search *pdb_search_aliases(const DOM_SID *sid);
uint32 pdb_search_entries(struct pdb_search *search, uint32 start_idx,
uint32 max_entries,
struct samr_displayentry **result);
void pdb_search_destroy(struct pdb_search *search);
Why this API? Eventually we will need to apply the work gd has started on
enumerating users with paged ldap searches to groups and aliases. Before doing
that I want to clean up the search routines we have.
The sample application (more to follow) is 'net maxrid'.
Volker
(This used to be commit 8b4f67a1e9d459145cde10b1064781d58d62b805)
|
|
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
|
|
Implement 'net afs impersonate', generate a token for a specified user. You
obviously need to be root for this operation.
Volker
(This used to be commit 5818b092e6e50d38238b0520329eb8912125c90a)
|
|
To get all entries use a 0 acb_mask.
Guenther
(This used to be commit bc729f8fd877236a503cc9df64138b2be2e1a91d)
|
|
(This used to be commit f1d59c3a2693fe36b9abe9c1da4b703c5543f938)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|