Age | Commit message (Collapse) | Author | Files | Lines |
|
Volker
(This used to be commit e947f4bd91fcfa0dd27d12e8188ada381da541ff)
|
|
(This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c)
|
|
attribute
name attr:: instead of attr:
German domains tend to have umlauts in group names.
More to come tomorrow.
Volker
(This used to be commit 94cdd5d64cfaa5228209eebbb76244da0bf4b518)
|
|
easily,
as this puts me into svn blame in places I'm not sure I want my name to show
up....
Volker
(This used to be commit d00e73c49b5227db61d41a017eb9b71d9e7e2620)
|
|
(This used to be commit c152d20e9073eb741047cc4b5f8e8086e2bc9ddd)
|
|
and createcomputer options
(This used to be commit 87be77bf35635fc925e1be36073571f8c6ec3e81)
|
|
A patch to make ntlm_auth recognize three new commands in
ntlmssp-client-1 and squid-2.5-ntlmssp:
The commands are the following:
Command: SF <hex number>
Reply: OK
Description: Takes feature request flags similar to samba4's
gensec_want_feature() call. So far, only NTLMSSP_FEATURE_SESSION_KEY,
NTLMSSP_FEATURE_SIGN and NTLMSSP_FEATURE_SEAL are implemented, using the same
values as the corresponding GENSEC_FEATURE_* flags in samba4.
Command: GF
Reply: GF <hex number>
Description: Returns the negotiated flags.
Command: GK
Reply: GK <base64 encoded session key>
Description: Returns the negotiated session key.
(These commands assist a wine project to use ntlm_auth for signing and
sealing of bulk data).
Andrew Bartlett
(This used to be commit bd3e06a0e4435f1c48fa3b7862333efe273119ee)
|
|
share_mode_forall().
Volker
(This used to be commit f97f6cedffdc4d10afcac90a163b93a801acf514)
|
|
* createupn=[host_upn@realm]
* createcomputer=<ou path top to bottom> (this was previously
the only arg)
(This used to be commit 75054e984e5ca7249b1327630db9d09da974a54e)
|
|
Disable the one we created and whine.
(This used to be commit 1a7e81a4a8955e643d1c8a54365221a9e2ed8a12)
|
|
toolset.
In 3.0.23 all those commands have been limited to the DC of our primary
domain. Also distinguish calls that may go to remote DCs (search, info,
lookup, etc.) from those that should only go to our primary domain
(join, leave, etc.).
Guenther
(This used to be commit d573e64781667993478a289580fa65c34e847f64)
|
|
(This used to be commit 1d928f783a78b3e957b675f12f1ad56e84c2fcfb)
|
|
(This used to be commit 8c6088f2bd0a5e3a854a31fe428d841d61055a30)
|
|
> r16959 | vlendec | 2006-07-11 23:10:44 +0200 (Di, 11 Jul 2006) | 1 line
>
> get_share_security does not need snum, activate RPC-SAMBA3-SRVSVC
Volker
(This used to be commit c89471e15766fcdbfa4f40701e12c19f95c2d8ef)
|
|
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
|
|
Major points of interest:
* Figure the DES salt based on the domain functional level
and UPN (if present and applicable)
* Only deal with the DES-CBC-MD5, DES-CBC-CRC, and RC4-HMAC
keys
* Remove all the case permutations in the keytab entry
generation (to be partially re-added only if necessary).
* Generate keytab entries based on the existing SPN values
in AD
The resulting keytab looks like:
ktutil: list -e
slot KVNO Principal
---- ---- ---------------------------------------------------------------------
1 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
2 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
3 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
4 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
5 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
6 6 host/suse10@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
7 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
8 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
9 6 suse10$@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
The list entries are the two basic SPN values (host/NetBIOSName & host/dNSHostName)
and the sAMAccountName value. The UPN will be added as well if the machine has
one. This fixes 'kinit -k'.
Tested keytab using mod_auth_krb and MIT's telnet. ads_verify_ticket()
continues to work with RC4-HMAC and DES keys.
(This used to be commit 6261dd3c67d10db6cfa2e77a8d304d3dce4050a4)
|
|
being used.
Jeremy.
(This used to be commit 441c289fd21d00398fb7c4c7c0338b03129a7545)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
(This used to be commit ef6e9ca5276586c081fcf18bb178a2326309b539)
|
|
Jeremy.
(This used to be commit ddf35ad69201cf9a0aa45ff25e17eddef60d75ad)
|
|
Jeremy.
(This used to be commit 9b0df8d008bc5574526d68628f351eb4dbf98e8a)
|
|
by converting the lookup_XX functions to correctly
return SID_NAME_TYPE enums.
Jeremy.
(This used to be commit ee2b2d96b60c668e37592c79e86c2fd851e15f69)
|
|
Jeremy.
(This used to be commit 76cc25a37e145fb48a8a81df37e790690b5dceac)
|
|
the correct enumerated type in the macro.
Jeremy.
(This used to be commit 63ad19f71c6b9474042f4ea9d5859e2849a73da8)
|
|
Jeremy.
(This used to be commit 58b9adb849854610e7167e8aa02a02bd15b0bf00)
|
|
Jeremy.
(This used to be commit b4e9475d2ac65f72cab0d5c8276da27cf1aeb791)
|
|
Guenther
(This used to be commit 49fb1a3ebc44602302c347195752891bf28c7037)
|
|
share_mode struct. Allows us to know the unix
uid of the opener of the file/directory. Needed
for info level queries on open files.
Jeremy.
(This used to be commit d929323d6f513902381369d77bcd7b714346d713)
|
|
release - #785, #786, #787, #788.
Jeremy.
(This used to be commit 9017547cccadeecb80f3db58a43838dc656fce2f)
|
|
1177
In reg_perfcount.c: 1200 1202 1203 1204
In regfio.c: 1243 1245 1246 1247 1251
Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This
is really your code, and I'm not sure I did the right thing to return an
error.
smbcacls.c: 1377
srv_eventlog_nt.c: 1415 1416 1417
srv_lsa_nt.c: 1420 1421
srv_netlog_nt.c: 1429
srv_samr_nt: 1458 1459 1460
Volker
Volker
(This used to be commit d6547d12b1c9f9454876665a5bdb010f46b9f5ff)
|
|
Volker
(This used to be commit ce1d8423ef7cd86fc64200002fde707bca621d44)
|
|
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749
in net_rpc_audit.c: 754 755 756
in net_rpc_join.c: 757
in net_rpc_registry: 766 767
in net_rpc_samsync.c: 771 773
in net_sam.c: 797 798
Volker
(This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
|
|
Guenther
(This used to be commit 232566e1cb1eaaa6ae09e9de8a8a82d91acdfda7)
|
|
features.
Guenther
(This used to be commit 446d79a0007d3d99c73eb758216f18f64036f11d)
|
|
add" (as the documentation says, and currently onle "net ads user add"
did). Fixes #3843.
Guenther
(This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
|
|
<Jiri.Sasek@Sun.COM>
change priv_op and priv_info to names that don't
conflict with the solaris namespace.
Jeremy.
(This used to be commit db5b4e3f13bceeb2f078f412bdd4666516eedc5c)
|
|
int
in a format string.
Jeremy.
(This used to be commit face01ef01e1a3c96eae17c56cadf01020d4cb46)
|
|
specifier.
Jeremy.
(This used to be commit dc53d35b0a1491da94e231943a81547be4c75631)
|
|
limited. Fix memleak in printing gencache contents.
Jeremy.
(This used to be commit 81731e1f68cdf4af80733338238aeae0a7d108c0)
|
|
Guenther
(This used to be commit 689ae22c80a890278610d9ada1eb4fa5e37bd5ce)
|
|
Volker
(This used to be commit 678bbcf06109b276d3e4514c3788a9fb31348de0)
|
|
do
echo "I will always compile before commit :-)"
done
Also fix Klokwork ID 806.
Volker
(This used to be commit 4974c598c00abc20cfb73eee12a7c49c279e0f54)
|
|
(This used to be commit b82c95cb438b57bb8910e26657f8ffb590fe02df)
|
|
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
|
|
can return NULL. Ensure we check all returns correctly.
Jeremy.
(This used to be commit 6c61dc8ed6d84f310ef391fb7700e93ef42c4afc)
|
|
(This used to be commit 6c1f1c091f5e87bf9464fe8ad7eb2cb683819a62)
|
|
(adapt to the new UPN/SPN scheme).
Guenther
(This used to be commit 8fc70d0df0c93c29b49f924bac9ff5d9857cfd9d)
|
|
password via stdin
(This used to be commit 60d4aabc3205aa80f8d49c3c2db95927c61a81a5)
|
|
<aruna.prabakar@hp.com>
(This used to be commit 0a81af4fef5b794fea257d9e3e11b16c3a4de12f)
|
|
Jeremy.
(This used to be commit a8eb1186a12b44178a28b013373f6f8a4356d9ec)
|