summaryrefslogtreecommitdiff
path: root/source3/utils/net.c
AgeCommit message (Collapse)AuthorFilesLines
2003-09-07Nobody complained on the team-list, so commit it ...Volker Lendecke1-0/+47
This implements some kind of improved AFS support for Samba on Linux with OpenAFS 1.2.10. ./configure --with-fake-kaserver assumes that you have OpenAFS on your machine. To use this, you have to put the AFS server's KeyFile into secrets.tdb with 'net afskey'. If this is done, on each tree connect smbd creates a Kerberos V4 ticket suitable for use by the AFS client and gives it to the kernel via the AFS syscall. This is meant to be very light-weight, so I did not link in a whole lot of libraries to be more platform-independent using the ka_SetToken function call. Volker (This used to be commit 5775690ee8e17d3e98355b5147e4aed47e8dc213)
2003-08-28Fixed warnings in secret code.Jeremy Allison1-26/+0
Jeremy. (This used to be commit 86ebf990431903b12ec24a4d9af00d665e828145)
2003-08-28fixing typos pointed out by Vance in WHATSNEWGerald Carter1-0/+52
Include patch to manually set the machine trust account password (on request from jht) to mimic 2.2. behavior. last changes before RC2 (not counting syncing the docs). (This used to be commit ce090371449097d4e5010e1219d449db8b0ccac5)
2003-08-19 - Make 'net' use a single funciton for setting the 'use machine account' code.Andrew Bartlett1-15/+23
- Make winbindd try to use kerberos for connections to DCs, so that it can access RA=2 servers, particularly for netlogon. - Make rpcclient follow the new flags for the NETLOGON pipe - Make all the code that uses schannel use the centralised functions for doing so. Andrew Bartlett (This used to be commit 96b4187963cedcfe158ff02868929b8cf81c6ebf)
2003-07-30Add a command line option (-S on|off|required) to enable signing on clientJeremy Allison1-2/+2
connections. Overrides smb.conf parameter if set. Jeremy. (This used to be commit 879309671df6b530e0bff69559422a417da4a307)
2003-07-22Replace the eight (!) copies of dummy become/unbecome root with a single one.Tim Potter1-15/+0
(This used to be commit 8b818ce381595cdcb36631a2440d6aa0038805f1)
2003-07-19According to the result of voting, net has default debug level withRafal Szczesniak1-3/+12
ability to change it by command line instead of turn-off cmdline switch for debug messages. It's a bit more comfortable to use now. (This used to be commit b65fe75bec8170ad48d1ad0a9017ccc4de651eba)
2003-07-09more compile fixes for become/unbecome_root()Gerald Carter1-0/+15
(This used to be commit f005f1cf12b839f3985ab00315da63c584ce803e)
2003-06-25large change:Gerald Carter1-8/+6
*) consolidates the dc location routines again (dns and netbios) get_dc_list() or get_sorted_dc_list() is the authoritative means of locating DC's again. (also inludes a flag to get_dc_list() to define if this should be a DNS only lookup or not) (however, if you set "name resolve order = hosts wins" you could still get DNS queries for domain name IFF ldap_domain2hostlist() fails. The answer? Fix your DNS setup) *) enabled DOMAIN<0x1c> lookups to be funneled through resolve_hosts resulting in a call to ldap_domain2hostlist() if lp_security() == SEC_ADS *) enables name cache for winbind ADS backend *) enable the negative connection cache for winbind ADS backend *) removes some old dead code *) consolidates some duplicate code *) moves the internal_name_resolve() to use an IP/port pair to deal with SRV RR dns replies. The namecache code also supports the IP:port syntax now as well. *) removes 'ads server' and moves the functionality back into 'password server' (which can support "hostname:port" syntax now but works fine with defaults depending on the value of lp_security()) (This used to be commit d7f7fcda425bef380441509734eca33da943c091)
2003-06-21This removes the StrCaseCmp() stuff from 'net idmap' and 'netAndrew Bartlett1-144/+0
groupmap'. The correct way to implement this stuff is via a function table, as exampled in all the other parts of 'net'. This also moves the idmap code into a new file. Volker, is this your code? You might want to put your name on it. Andrew Bartlett (This used to be commit 477f2d9e390bb18d4f08d1cac9c981b73d628c4f)
2003-06-18Ok, this patch removes the privilege stuff we had in, unused, for some time.Simo Sorce1-1/+1
The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e)
2003-06-14Add 'net idmap restore'. This restores a broken idmap fileVolker Lendecke1-0/+70
from the output of 'net idmap dump'. 'net idmap dump' now also prints the USER/GROUP HWM. Volker (This used to be commit c0575be936572bb091a77c58361bd3a4fe9549ff)
2003-06-14This patch modifies 'net rpc vampire' to add new and existing users to bothAndrew Bartlett1-0/+4
the idmap and the SAM. The basic idea is this: Lookup the user with GetPwnam(), and if they exist then use that uid. This is what people expect. If the user does not exist, try and run the right script. This is also what people expect from previous Samba 3.0 behaviour, where the Get_Pwnam() was at runtime. If the idmap entry for this SID isn't valid, or isn't the right value, modify the idmap to account for this mapping. Also, the same logic is applied to the primary gid - if it has changed, update the user's primary unix group. This patch allows users to be added without a mapping - this is fine for machine accounts, for example. I've given it a quick test against my Win2k DC, and I *think* it's sane. Andrew Bartlett (This used to be commit d2a70bfff182352da50cd6c23ddfa80fe1b353c7)
2003-06-13Trivial extension to 'net' to dump current local idmap.Volker Lendecke1-0/+55
(This used to be commit 18f3a5efea7c60d764d5ed82f3a83e1608f8c34e)
2003-05-10Reverse previous patch from Stefan and me after comments by Andrew BartlettJelmer Vernooij1-4/+0
(This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e)
2003-05-10Patch from metze and me that adds dummy smb_register_*() functions soJelmer Vernooij1-0/+4
that is now possible to, for example, load a module which contains an auth method into a binary without the auth/ subsystem built in. (This used to be commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d)
2003-04-21Make it easier to select which domain to show the sid for.Andrew Bartlett1-2/+2
(This used to be commit 4c7efe25c3f2336938050086ffe5f4cfe462e6f6)
2003-04-21Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett1-5/+27
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-19Merging smbgroupedit into 'net groupmap'. Not entirely done.Gerald Carter1-0/+21
Need to check on where the privilege code is sitting and update the docs. Examples: root# bin/net help groupmap net groupmap add Create a new group mapping net groupmap modify Update a group mapping net groupmap delete Remove a group mapping net groupmap list List current group map # bin/net groupmap add Usage: net groupmap add rid=<int> name=<string> type=<domain|local|builtin> [comment=<string>] # bin/net groupmap delete Usage: net groupmap delete name=<string|SID> # bin/net groupmap modify Usage: net groupmap modify name=<string|SID> [comment=<string>] [type=<domain|local> (This used to be commit f2fd0ab41ffbc0355db95529b6bda1b21aa4860a)
2003-04-14- Change ADS CHOSTPASS -> ADS CHANGETRUSTPWJelmer Vernooij1-0/+9
- Add general CHANGETRUSTPW function that calls ADS CHANGETRUSTPW or RPC CHANGETRUSTPW (Merged from HEAD) (This used to be commit f0982e1102276453d79e438ffb90c9fa305ff98b)
2003-04-14Merge:Tim Potter1-18/+9
- Jelmer's latest popt changes (This used to be commit 6a54d9a0a77c71664dc6cdbed1adf492c28c0cce)
2003-03-18Jeremy merged across my string parinoia fixes, but forgot to enable them! :-)Andrew Bartlett1-1/+1
This patch catches up on the rest of the work - as much string checking as is possible is done at compile time, and the rest at runtime. Lots of code converted to pstrcpy() etc, and other code reworked to correctly call sizeof(). Andrew Bartlett (This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be)
2003-02-25Merge: add popt_common_version to command line options table.Tim Potter1-0/+1
(This used to be commit 8de62f7896a53084e87b95c013d8693214c8ab85)
2003-01-21Properly display popt errors. Also fix debug to be -d for consistency with ↵Jim McDonough1-2/+3
other progs. (This used to be commit c58c84e8066d5d17e1cde99b83d259030f15458b)
2003-01-15merging some rpcclient and net functionality from HEADGerald Carter1-0/+79
(This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
2003-01-15[merge]Gerald Carter1-0/+2
* removed unused variable from rpcclient code * added container option to net command (patch from SuSE) * Makefile patch for examples/VFS from SuSE (This used to be commit 25a9681ddda47a41fac8fdc97ca50b7f4c579eaf)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-7/+9
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-20/+11
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-11-09Merge fix for uninitialised IP variable from HEADAndrew Bartlett1-0/+1
(This used to be commit e3310ac832f78f08d6ec6421222a651efe8767a6)
2002-11-06Merge of get_dc_list() api change from HEAD.Tim Potter1-19/+6
(This used to be commit 6ba7847ce2756fde94e530fd0bf2a055f3e27373)
2002-10-17Added new error codes. Fix up connection code to retry in the same wayJeremy Allison1-2/+2
that app-head does. Jeremy. (This used to be commit ec7953f20145799f6286a295472df4826bfdfb8f)
2002-10-01Updates from Samba HEAD:Andrew Bartlett1-1/+6
- Fix segfaults in the 'net ads' commands when no password is provided - Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the old options, but the actual code is available on all ldap systems. - Fix shadow passwords (as per work with vl) - Fix sending plaintext passwords to unicode servers (again vl) - Add a bit of const to secrets.c functions - Fix some spelling and grammer by vance. - Document the -r option in smbgroupedit. There are more changes in HEAD, I'm only merging the changes I've been involved with. Andrew Bartlett (This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter1-2/+74
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-08-17sync 3.0 branch with HEADJelmer Vernooij1-3/+2
(This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-12/+58
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-04-05Lots more net consistency work:Jim McDonough1-82/+10
- Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-04Multiple changes:Jim McDonough1-11/+16
- Get rid of improper "Invalid option: d (100)" message when setting debug from commandline. - Eliminate got_pass global and only use opt_password. This enables re-use of password that may have been enetered in failed ads connect. - Auto-detect method for net user command - use new net_ads_check rather than lp_security==ADS test on net join - Get rid of annoying debug level 0's (This used to be commit 1280968000595c28ed62d9e74acecfdc84e33710)
2002-04-04Add ability to get specific net ads subcommand help. Not all have beenJim McDonough1-1/+1
implemented yet... (This used to be commit 24c6bf4e8b6d519340d5f9f3353ffc6b5f7520b3)
2002-03-21There is no reason we can't join a domain with secuirty=user. In fact weAndrew Bartlett1-5/+0
need to when we are a BDC or a PDC doing a self-join. Andrew Bartlett (This used to be commit 996cd3a0979a92b087003982bc61796a8090a787)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-2/+2
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-15Add autodetect for net join, as well as some more help updatesJim McDonough1-1/+18
(This used to be commit 951006374e48d80a5128d870bdc255bf8c22cb6a)
2002-03-15Some help cleanups. Formatting and consistency issues. Line up text ↵Jim McDonough1-24/+48
nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-01The beginning of trusted and trusting domain support fromAndrew Bartlett1-13/+41
Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-01-30Removed version number from file header.Tim Potter1-1/+0
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-25Enable net ads commands to use existing tickets if the user doesn't specify ↵Jim McDonough1-0/+2
a username on the commandline. Also don't continue past the kinit if a password is entered and fails because existing tickets would be used, which may not be desired if the username was specified. (This used to be commit 7e5d7dfa834c0161460bde8a2f0d4824c0a0d1fe)
2001-12-31Add 'net rpc shutdown' and 'net rpc abortshutdown'.Andrew Bartlett1-0/+6
These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-20added net lookup commandAndrew Tridgell1-1/+3
(This used to be commit 51268c512dbae94aba308668df9facaf15a2ce9e)
2001-12-20net now sends its debug to stderr so its output can be relied upon inAndrew Tridgell1-1/+1
scripts (This used to be commit 6d2f7ed708e75687d23f432ba9a186e88fa14118)
2001-12-14Display a nice error message for NT_STATUS_LOGON_FAILURE in connect_to_ipc()Tim Potter1-0/+7
(This used to be commit 60eb4dc7b1114275f035d27a890e0301a65e0e42)
2001-12-14Set the debuglevel after the call to lp_load() so the change sticks.Tim Potter1-2/+2
(This used to be commit 3c927e39e7354d2f65b3ff7148fc325b41552310)
generated by cgit (git 2.34.1) at 2024-07-06 09:04:20 +0000