Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
used to be commit b8d39651fb90ef170055735412417239a63afc5d)
|
|
Andrew Bartlett
(This used to be commit b5ec92d7a2e5ba33b641267d2319d101d70a0d9a)
|
|
(This used to be commit 39e11ef5b1090e51c6c447c8037a43b52e04b881)
|
|
this also gives a way to distinguish a 'native mode' server from a
non-native server. This call will fail for a native mode server.
(This used to be commit a7663428e05bdd41a1975d0db9be6537b7238b95)
|
|
the current machine account and password. This is useful both for
diagnostics and domain leave.
(This used to be commit 73b246981fd5b27cc1d835946b89e82f5b78f332)
|
|
Allow connection in the form of //server/share instead of just \\server\share
and show the reason for failure from cli_full_connection().
Andrew Bartlett
(This used to be commit 4687fac69d995e49a0f3701fb170d64af1ba4a47)
|
|
these errors happen all the time, so they shouldn't be level 0
(This used to be commit abc2aed26c6cb12a86987a3846ca5c9f7df9a5ae)
|
|
Now let's keep this in sync !
Jeremy.
(This used to be commit 3603cd4947df2c10df604447dc542932cb9e5d5a)
|
|
accept an extended syntax for 'wins server' like this:
wins server = group1:192.168.2.10 group2:192.168.3.99 group1:192.168.0.1
The tags before the IPs don't mean anything, they are just a way of
grouping IPs together. If you use the old syntax (ie. no ':') then
an implicit group name of '*' is used. In general I'd recommend people
use interface names for the group names, but it doesn't matter much.
When we register in nmbd we try to register all our IPs with each group
of WINS servers. We keep trying until all of them are registered with
every group, falling back to the failover WINS servers for each group
as we go.
When we do a WINS lookup we try each of the WINS servers for each group.
If a WINS server for a group gives a negative answer then we give up
on that group and move to the next group. If it times out then
we move to the next failover wins server in the group.
In either case, if a WINS server doesn't respond then we mark it dead
for 10 minutes, to prevent lengthy waits for dead servers.
(This used to be commit e125f06058b6b51382cf046b1dbb30728b8aeda5)
|
|
few more places to use it.
Andrew Bartlett
(This used to be commit 23689b0746d5ab030d8693abf71dd2e80ec1d7c7)
|
|
(This used to be commit 7f81e423d2fcfd3a97920d1c5f50d9020355428b)
|
|
Now smbclient, net, and swat use their own proto files - now the global
proto.h
The change to libads/kerberos.c was to break up the dependency on secrets.c -
we want to be able to write an ADS client that doesn't need local secrets.
I have other breakups in the works - I will remove the dependency of
rpc_parse on passdb (and therefore secrets.c) shortly.
(NOTE: This patch does *not* break up includes.h, or other such forbidden
actions).
Andrew Bartlett
(This used to be commit edb41dad2df0ae3db364dbc3896cc75956262edf)
|
|
though it is up to the calling function to decide whether values are
strings or not. Attributes are not converted at this point, though support
for it would be simple.
I have tested it with users and groups using non-ascii chars, and if the
check for alphanumeric user/domain names is removed form sesssetup.c, even
a user with accented chars can connect, or even login (via winbind).
I have also simplified the interfaces to ads_mod_*, though we will probably
want to expand this by a few functions in the near future. We just had
too many ways to do the same thing...
(This used to be commit f924cb53580bc081ff34e45abba57629018c68d6)
|
|
Replaced with "unsigned int".
Jeremy.
(This used to be commit 5841ca54b6a8c36f3d76c12570ff8f2211ed2363)
|
|
Andrew Bartlett
(This used to be commit 11b6d283d3c1408c89b03918f3a0c034411f5966)
|
|
(This used to be commit e2f9dd8b65063a276569d9c33aaf06606003b85c)
|
|
rather than a string when configuring mulitple backends.
Also adjust some of the users of get_global_sam_sid() to cope with the fact
that it just might not exist (uninitialised, can't access secrets.tdb).
More places need conversion.
Add some const and remove silly casts.
Andrew Bartlett
(This used to be commit c264bf2ec93037d2a9927c00295fa60c88b7219d)
|
|
modifications required to suppress the const warnings.
Andrew Bartlett
(This used to be commit ec4f1e9e2f6c162a475b424d63b9802387ad905e)
|
|
to using SIDs instead of RIDs.
The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument.
The idea here is to prevent mistakes where the SID is implict, but isn't
the same one that we have in the struct.
Andrew Bartlett
(This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
|
|
initialising function. This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>
This is partly to enable the transition to SIDs in the the passdb.
Andrew Bartlett
(This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
|
|
Samba LDAP code.
I have found using 'ldapsearch' rather frustrating, particularly with
kerberos authentication. Using 'net ads search' makes it easier to
track down ADS problems.
(This used to be commit 55cad87424787fc5f140d307888f4c557dc2b345)
|
|
net file
(This used to be commit fd938eca210602790c4d0e442f3aa9aa22b5fdf2)
|
|
(This used to be commit ebd07c3a295e3f8cd46441caac4dc8e8b178c2cc)
|
|
autoselect for this subcommand when appropriate.
(This used to be commit 77418256d3162b41a672a25f7e512999f1193926)
|
|
- convert net to popt
- convert status to popt
- adapt examples/pdb/ to multiple passdb system
- add dynamic debug class example to examples/pdb/
and some reformatting to better match the samba coding style.
Andrew Bartlett
(This used to be commit 2498bc69d4e5c38ec385f640489daa94c508c726)
|
|
didn't make any sense, and its was always just strlen(password) anyway.
This fixes it to be strlen(password)+1
Andrew Bartlett
(This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
|
|
rpc and rap too. Anyone know what key I'm supposed to use to encrypt
it for the rap one?
(This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02)
|
|
this:
More code cleanup - this lot a bit more dodgy than the last:
The aim is to trim pwd_cache down to size. Its overly complex, and a
pain to deal with. With a header comment like this:
'obfusticaion is planned'
I think it deserved to die (at least partly).
This was being done to allow 'cli_establish_connection' to die - its
functionality has been replaced by cli_full_connection(), which does
not duplicate code everywhere for creating names etc.
This also removes the little 'init' fucntions for the various pipes,
becouse they were only used in one place, and even then it was dodgy.
(I've reworked smbcacls not to use anonymous connections any more, as
this will (should) fail with a 'restrict anonymous' PDC).
This allowed me to remove cli_pipe_util.c, which was calling
cli_establish_connection.
tpot: I'm not sure what direction you were going with the client stuff,
and you may well have been wanting the init functions. If thats the case,
give me a yell and I'll reimplement them against cli_full_connection.
Andrew Bartlett
(This used to be commit fa67e4626bed623333c571e76e06ccd52cba5cc5)
|
|
These might be reimplmented as simple pass-through functions, but all users
really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that
there are not shared static buffers.
I don't beleive we actually need a getpw*() cache inside samba - if we do
then I think we should look at our code design first.
(some of these changes are for platforms I don't have access to, but
they look sane)
Andrew Bartlett
(This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f)
|
|
(This used to be commit 84ea2a434b510ed49838a04a4b30bd2fc9ec5673)
|
|
this is a first step only passdb stuff has beein "classized".
- so what can you do?
set debug level to: 1 poasdb:10
that will make all the code run at debug level 1 except the code in
passdb/* files that will run at level 10
TODO: fix the man page
- also smbcontrol has this nice feature so smbcontrol smbd debug 3 passdb:5
will set every smbd to have a default log level of 3 while passdb stuff
will be at level 5
and so no..
minor cosmetic fix to pdbedit is there too
(This used to be commit be5c3b3f5781ddc002ffcc98df04ab024dcef4ca)
|
|
silly global variables, and makes it come closer to a clean compile.
I'm still not convinced what was wrong with the previous code, at least
it didn't cause a gush of warnings...
In any case, we now don't need to spegetti code gotos etc.
This should really be redone with popt.
Andrew Bartlett
(This used to be commit d9330f10447f199a5a73803579ce3b1253f4d02c)
|
|
cleanup some of the code in net_rpc_join re const warnings and
fstrings.
Passdb:
Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually. I'm told this is us going full circle,
but I can't really see a better way.
Finally these things actually seem to work properly...
Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()
Add code to set the plaintext password in the passdb, where it can
decide how to store/set it. For use with a future 'ldap password
change' option, or somthing like that...
Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code. Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd)
Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.
Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)
Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply: This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.
Policy Question: Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not? Currently it isn't.
Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
|
|
and there is no real reason for it to depend on more than the abilty
to compile the code.
(This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
|
|
(This used to be commit c986a19cde0dfa96b512eb24d873203981e68c48)
|
|
(This used to be commit 91f569a691be893e1a02c659a8f0753970fadbae)
|
|
review especially the methods for finding kdc and ldap server when they're
not specified. This is a first attempt...
(This used to be commit 5edccb51b94a80bbb3ecd59602393887286c8074)
|
|
(This used to be commit c2a6b0b1269b2e2abcf675538869dfba3cab8894)
|
|
(This used to be commit b41cefb4c0670b06564ac79fa10aff8d60069f10)
|
|
of non-existant passdb cases.
(This used to be commit e56de32f5ce5cb301137497451b0ccd633f09f54)
|
|
(This used to be commit 95cc3fa4d3e566f540090ed499e80d86eb55e895)
|
|
Also update some of the help info.
(This used to be commit fde62de7a1735b2ef2d9593b38ffa5c7ea2e0d67)
|
|
not been implemented...is it worth the effort?
(This used to be commit 45ac4f4c29d0d8d1b0b1535b2ab500e38ac5b978)
|
|
(This used to be commit 9de5e0dc73f57e8c8b878da803452b86e6ce8fca)
|
|
things; compiles and shouldnt break, but needs testing
(This used to be commit 19b9b50d9039afe614284aaf379f9f1078e2e307)
|
|
(This used to be commit c64a57a6106bfd766679ac89837881ed9592409b)
|
|
(This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a)
|
|
duplicate entries in secrets.tdb and false SID generated.
took me *hours* to understand.
J.F.
(This used to be commit bfc3a25b776a5a66e1bd0e2c60c101cea87ef4d5)
|
|
Doco for pdbedit and (ugly, but the best we could come up with) fix
for compiling pdbedit on some non-gcc compilers.
Andrew Bartlett
(This used to be commit 80adf1dbb56cf8bdbfbcc2c8c7b670c0a23c97f8)
|