summaryrefslogtreecommitdiff
path: root/source3/utils/net_groupmap.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r18271: Big change:Gerald Carter1-2/+2
* autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2007-10-10r17669: Remove RID algorithm support from unmapped users and groupsGerald Carter1-2/+9
when using smbpasswd (This used to be commit dde552336c732ddd6076a6a32575a37cb51aa94c)
2007-10-10r17554: CleanupVolker Lendecke1-42/+43
(This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9)
2007-10-10r17496: net groupmap add could add uninitialized sid_name_typeJeremy Allison1-10/+27
entries to the group mapping db. Ensure this can't happen. Jeremy. (This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511)
2007-10-10r17468: To minimize the diff later on, pre-commit some changes ↵Volker Lendecke1-3/+3
independently: Change internal mapping.c functions to return NTSTATUS instead of BOOL. Volker (This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a)
2007-10-10r17465: Get rid of add_initial_entry. In the two places it was called in it ↵Volker Lendecke1-33/+33
seemed a bit pointless to me. Volker (This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa)
2007-10-10r17463: A bit of cleanup work:Volker Lendecke1-6/+6
Remove some unused code: pdb_find_alias is not used anymore, and nobody I think has ever used the pdb_nop operations for group mapping. smbpasswd and tdb use the default ones and ldap has its own. Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right now really makes use of it, but it feels wrong to throw away information so early. Volker (This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc)
2007-10-10r17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as anVolker Lendecke1-3/+3
argument. Volker (This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f)
2007-10-10r14403: * modifies create_local_nt_token() to create a BUILTIN\AdministratorsGerald Carter1-5/+2
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators. (This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
2007-10-10r13648: Duh.Tim Potter1-1/+1
(This used to be commit 48cd81074e5a7cbba5892eedd62fff4ce0d826b5)
2007-10-10r13494: Merge the stuff I've done in head the last days.Volker Lendecke1-2/+2
Volker (This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-10/+28
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12986: Use d_fprintf(stderr, ...) for any error message in net.Lars Müller1-39/+39
All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2007-10-10r12185: Cosmetic cleanupVolker Lendecke1-1/+1
(This used to be commit d1e8f9afffecf986a428bfac29b22dcbce610016)
2007-10-10r12182: Cosmetic cleanupVolker Lendecke1-9/+5
(This used to be commit 81c358b511457fbc6304845acb4bfbf1b4adf062)
2007-10-10r12129: Fix uninitialized variables.Volker Lendecke1-0/+3
Volker (This used to be commit 8a7d6eb2c081c0d74b62aa76dc243946df62ced2)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-5/+5
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter1-1/+2
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r6706: * fix bug that prevented smbclient from creating directoriesGerald Carter1-3/+1
on non-dfs paths * add patch from James Peach to remove use of uninitialized variables (This used to be commit c71f20f1ae5ccfd49cf81af0299c96fe27351222)
2007-10-10r6080: Port some of the non-critical changes from HEAD to 3_0. The main one ↵Volker Lendecke1-10/+42
is the change in pdb_enum_alias_memberships to match samr.idl a bit closer. Volker (This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f)
2007-10-10r5918: Fix typo.John Terpstra1-1/+1
(This used to be commit 0d38d5f610a280a29617f887329d9084f0be6203)
2007-10-10r5234: Do not use the "Local Unix Group"-default description for all kinds ofGünther Deschner1-2/+16
group-mappings. Guenther (This used to be commit 2556e6570ec8074bb67827f95eb365800c5c9827)
2007-10-10r4285: Allow -v or -l for displaying verbose groupmap-listing as well asGünther Deschner1-0/+3
"verbose". Guenther (This used to be commit 0760d07b4c6f15489bea2f0fb4f1b0084bd62301)
2007-10-10r3566: Completely replace the queryuseraliases call. The previous ↵Volker Lendecke1-1/+1
implementation does not exactly match what you would expect. XP workstations during login actually do this, so we should better become a bit more correct. The LDAP query issued is not really fully optimal, but it is a lot faster and more correct than what was there before. The change in passdb.h makes it possible that queryuseraliases is done with a single ldap query. Volker (This used to be commit 2508d4ed1e16c268fc9f3676b0c6a122e070f93d)
2007-10-10r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid ofTim Potter1-1/+1
'..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2007-10-10r1720: Show correct help for net groupmap commands.Günther Deschner1-3/+3
Guenther (This used to be commit 3677c6a8f67628d5bea0764f84e624730d57b423)
2007-10-10r116: volker's patch for local group and group nestingGerald Carter1-0/+108
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
2004-02-26Implement 'net groupmap set' and 'net groupmap cleanup'.Volker Lendecke1-0/+141
I was rather annoyed by the net groupmap syntax, I could never get it right. net groupmap set "domain admins" domadm creates a mapping, net groupmap set "domain admins" -C "Comment" -N "newntname" should also do what you expect. I'd like to have some feedback on the usability of this. net groupmap cleanup solves a problem I've had two times now: Our SID changed, and a user's primary group was mapped to a SID that is not ours. net groupmap cleanup removes all mappings that are not from our domain sid. Volker (This used to be commit eb4d4faff8c14e999f414ca5b6e8c25a558859c8)
2004-02-16Fix success message for net groupmap modifyVolker Lendecke1-1/+1
Volker (This used to be commit 19b30334a7c0f6abde6dfc81550e50aa823117c2)
2003-09-22fix some warnings found by the Sun C compilerGerald Carter1-3/+2
(This used to be commit e1fac713e25692a5790c3261ba323732930f5249)
2003-09-15Fix from gregory@networksentry.co.za, don't clobber the comment if itJeremy Allison1-2/+2
exists. Jeremy. (This used to be commit c8bfde5be9f0a3603f7333ff4266ad19c20cb9f9)
2003-09-11Fix error message when calling namedtogid() fails adding a group mapTim Potter1-1/+1
entry. Bug #431. (This used to be commit bc8a181477866d0d97324bf45431bcdff895ad18)
2003-08-15Don't ask, it's too embarrassing :-)Volker Lendecke1-1/+1
Actually let the user explicitly specify a rid... Volker (This used to be commit 3aed9c8a4ac97ef55772ddae1e1cb0a5a1a15767)
2003-08-06When doing 'net groupmap add', default to algorithmic mapping for the rid.Volker Lendecke1-6/+11
Volker (This used to be commit 7ce94d39add6e056e3b1deea21bf0438ba61e4cc)
2003-07-15Fix memleakVolker Lendecke1-0/+2
(This used to be commit 517bb4d0df4cd120ef0ffc3cd879897971f0982e)
2003-06-21(fixing bug in my last commit)Andrew Bartlett1-6/+6
This isn't C++ - start your code *after* all the variables are declared... Andrew Bartlett (This used to be commit b7760faedc2181538ffc325e727808e6df8f943f)
2003-06-21This removes the StrCaseCmp() stuff from 'net idmap' and 'netAndrew Bartlett1-4/+46
groupmap'. The correct way to implement this stuff is via a function table, as exampled in all the other parts of 'net'. This also moves the idmap code into a new file. Volker, is this your code? You might want to put your name on it. Andrew Bartlett (This used to be commit 477f2d9e390bb18d4f08d1cac9c981b73d628c4f)
2003-06-18Ok, this patch removes the privilege stuff we had in, unused, for some time.Simo Sorce1-32/+7
The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e)
2003-05-15Patch from "Alex Deiter" <tiamat@komi.mts.ru> to fix incorrect error check.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 43ca4b8a8425b97a6bea08b91420bac6cde807b3)
2003-04-25fix and if () that should be an 'else if()'Gerald Carter1-1/+1
(This used to be commit 82f024723c5312fe2b6a57915de8e78c96f80ef0)
2003-04-24groupmap delet should take a name or a SIDGerald Carter1-2/+13
(This used to be commit d9277bd06401cb040390739ae730c8991736c886)
2003-04-23allow the unix group in a mapping to be changed; doesn't work with LDAP ↵Gerald Carter1-1/+21
right now but should be ok with tdb's (This used to be commit fdacad185c4f78958d56bccbd69a0f2628f1b792)
2003-04-22don't reset the group type unless specifiedGerald Carter1-14/+8
(This used to be commit 541f40a144461ca139ac53837d3f31ce6972d18c)
2003-04-22default new groups to domain groupsGerald Carter1-3/+3
(This used to be commit 665d21b8656bf85f9b372b44ff1f4af414551e5a)
2003-04-22support referencing group by sid in all operations; allow group name to be ↵Gerald Carter1-13/+60
changed (This used to be commit b6ccdb8f7b72eed4c4248db43fefa09b6f084852)
2003-04-22removing some ifdef'd out codeGerald Carter1-8/+0
(This used to be commit 43942398af7e7589fcf8534099eccf277f6e4295)
2003-04-21Fixup a few typos for Jerry.Jeremy Allison1-4/+4
Jeremy. (This used to be commit 1e5fe87d75ef4bb9d6af787abc501dcf105c9c6c)
2003-04-21* fix segfault when no vfs objects definedGerald Carter1-5/+15
* add "sid=..." to 'net groupmap add' (This used to be commit e5f6676639b5552f7dec90091c53cf14e78088ee)
2003-04-19Merging smbgroupedit into 'net groupmap'. Not entirely done.Gerald Carter1-0/+419
Need to check on where the privilege code is sitting and update the docs. Examples: root# bin/net help groupmap net groupmap add Create a new group mapping net groupmap modify Update a group mapping net groupmap delete Remove a group mapping net groupmap list List current group map # bin/net groupmap add Usage: net groupmap add rid=<int> name=<string> type=<domain|local|builtin> [comment=<string>] # bin/net groupmap delete Usage: net groupmap delete name=<string|SID> # bin/net groupmap modify Usage: net groupmap modify name=<string|SID> [comment=<string>] [type=<domain|local> (This used to be commit f2fd0ab41ffbc0355db95529b6bda1b21aa4860a)
generated by cgit (git 2.34.1) at 2024-11-01 18:20:38 +0000