Age | Commit message (Collapse) | Author | Files | Lines |
|
Remove the account_policy_migrated() thingy, and make cache_account_policy_set
use gencache. Account policies are now handled like groups and users are with
respect to "passdb backend".
Volker
(This used to be commit fa8b2e2a585ab0c00a5fbde7aa790043261caf2e)
|
|
Remove unused gencache_set_only
Use CONST_DISCARD instead of SMB_STRDUP
Volker
(This used to be commit 651e7e44e2e56eab81c5fe708f33e6d3918a39f9)
|
|
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
|
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
routines.
Guenther
(This used to be commit 0ef504a0a6dc8f5db1dbc7f2410aa981e11fd56c)
|
|
in AD.
Guenther
(This used to be commit 1bb29acb3bf40afdb5bc196ab7dbc642e2fdd680)
|
|
by Cybionet <cybionet@videotron.ca>.
Jeremy.
(This used to be commit fb755e83ee98fb830fb2340f175e8ca8d89c84d5)
|
|
(This used to be commit 86f4ca84f2df2aa8977eb24828e3aa840dda7201)
|
|
(This used to be commit 089b51e28cc5e3674e4edf5464c7a15673c5ec0f)
|
|
Compiled it on systems with and without LDAP, I hope it does not break the
build farm too badly. If it does, I'll fix it tomorrow.
Volker
(This used to be commit b2ff9680ebe0979fbeef7f2dabc2e3f27c959d11)
|
|
specified.
Jeremy.
(This used to be commit 5d9bb91ab7bb080b56b25849e646143ab3ad8252)
|
|
the username by forcing it to be specified. Still
split out domain \ user for the ones that do use
it.
Jeremy.
(This used to be commit c097e107391cd97dd829c19b672b6a7adece504f)
|
|
domain and user args. if only given a parameter of the
form --username DOMAIN\user. When called by firefox
or other user apps they may not know what the domain
is (and they don't care). They just want to pass the
contents of $USERNAME without having to parse it
or guess a domain.
Jeremy.
(This used to be commit 5f51417916ed8bfc0dd08f44e669cb044fc83d01)
|
|
Jeremy.
(This used to be commit b8cedcac933fef9370bd42d1ff7c35c5c27103d1)
|
|
support when looking up DC's. On every CLDAP
call store the returned client sitename (if
present, delete store if not) in gencache with
infinate timeout. On AD DNS DC lookup, try looking
for sitename DC's first, only try generic if
sitename DNS lookup failed.
I still haven't figured out yet how to ensure
we fetch the sitename with a CLDAP query before
doing the generic DC list lookup. This code is
difficult to understand. I'll do some experiments
and backtraces tomorrow to try and work out where
to force a CLDAP site query first.
Jeremy.
(This used to be commit ab3f0c5b1e9c5fd192c5514cbe9451b938f9cd5d)
|
|
Destructors now take a pointer to the "real" destroyed object as an argument.
Volker
(This used to be commit 70edd716ef0ccb218fe18d1233bd30abe46b62bf)
|
|
Jeremy.
(This used to be commit 37c636eb480e3736b143653231d73620152eb470)
|
|
call ntlmssp_end on a null pointer ! (Doh !).
Jeremy.
(This used to be commit 7b53932b5190c78b2b483f36af95174fe38ed45e)
|
|
get_sorted_dc_list
return NTSTATUS.
If we want to differentiate different name resolution problems we might want
to introduce yet another error class for Samba-internal errors. Things like no
route to host to the WINS server, a DNS server explicitly said host not found
etc might be worth passing up.
Because we can not stash everything into the existing NT_STATUS codes, what
about a Samba-specific error class like NT_STATUS_DOS and NT_STATUS_LDAP?
Volker
(This used to be commit 60a166f0347170dff38554bed46193ce1226c8c1)
|
|
(This used to be commit cdcea36095a50a92ec1311979b8b2c572b971eaf)
|
|
the LGPL. Original code by Krishna Ganugapati <krishnag@centeris.com>.
Additional work by me.
It's still got some warts, but non-secure updates do
currently work. There are at least four things left to
really clean up.
1. Change the memory management to use talloc() rather than
malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
dnserr.h)
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
(and under the LGPL).
A few notes:
* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
issues.
(This used to be commit 36f04674aeefd93c5a0408b8967dcd48b86fdbc1)
|
|
when using smbpasswd
(This used to be commit dde552336c732ddd6076a6a32575a37cb51aa94c)
|
|
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
environment.
Patch from Robert O'Callahan, modified with some fixes
by me.
Jeremy.
(This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3)
|
|
Thanks to Michael Adam <ma@sernet.de>
hop, hop, hop... ;-)
Volker
(This used to be commit 47facab798bdc6e20b2620972f1b8f2338fac239)
|
|
net_ads_join.
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 27cca861507afa9caf694ef89e543c86de01c2cd)
|
|
(This used to be commit a347f8a9c480cf09abac9144e04ab2b13457e3b0)
|
|
Thanks to Michael Adam <ma@sernet.de>.
Volker
(This used to be commit ea3a4142a0f2140d8743a50518ae94df2d84d972)
|
|
(This used to be commit f6194cf4b263454bbdf180a7d014ffc3498df497)
|
|
Thanks to Michael Adam <ma@sernet.de>.
Volker
(This used to be commit c4e10afadb39ff562287ab2294df0a1f83b28908)
|
|
(This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9)
|
|
NO_LOGON_SERVERS if no domain controller was found.
Thanks to Michael Adam <ma@sernet.de>.
Volker
(This used to be commit d44599de3a61707a32851f37ddfb2425949622f8)
|
|
entries to the group mapping db. Ensure this can't happen.
Jeremy.
(This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511)
|
|
independently: Change
internal mapping.c functions to return NTSTATUS instead of BOOL.
Volker
(This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a)
|
|
seemed a
bit pointless to me.
Volker
(This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa)
|
|
Remove some unused code: pdb_find_alias is not used anymore, and nobody I
think has ever used the pdb_nop operations for group mapping. smbpasswd and
tdb use the default ones and ldap has its own.
Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right
now really makes use of it, but it feels wrong to throw away information so
early.
Volker
(This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc)
|
|
argument.
Volker
(This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f)
|
|
and 305.
Volker
(This used to be commit 4f6605a4880f54f2c7d1f3c7554408d893bc623c)
|
|
some memory leaks on error paths in net_ads_join()
(This used to be commit 24de2d83ff1d27400a89985126edee588bc415f3)
|
|
Volker
(This used to be commit 795d06f427061536c6e3a3eb5b5d60a27f5ec70d)
|
|
fetch the
sambaProfilePath.
Volker
(This used to be commit 61e7ed593b944fa14330729e585d1f790af93a7b)
|
|
Volker
(This used to be commit 49ad0d4d0eea85ef133e1a5c055305e06de109de)
|
|
Volker
(This used to be commit e947f4bd91fcfa0dd27d12e8188ada381da541ff)
|
|
(This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c)
|
|
attribute
name attr:: instead of attr:
German domains tend to have umlauts in group names.
More to come tomorrow.
Volker
(This used to be commit 94cdd5d64cfaa5228209eebbb76244da0bf4b518)
|
|
easily,
as this puts me into svn blame in places I'm not sure I want my name to show
up....
Volker
(This used to be commit d00e73c49b5227db61d41a017eb9b71d9e7e2620)
|
|
(This used to be commit c152d20e9073eb741047cc4b5f8e8086e2bc9ddd)
|
|
and createcomputer options
(This used to be commit 87be77bf35635fc925e1be36073571f8c6ec3e81)
|
|
A patch to make ntlm_auth recognize three new commands in
ntlmssp-client-1 and squid-2.5-ntlmssp:
The commands are the following:
Command: SF <hex number>
Reply: OK
Description: Takes feature request flags similar to samba4's
gensec_want_feature() call. So far, only NTLMSSP_FEATURE_SESSION_KEY,
NTLMSSP_FEATURE_SIGN and NTLMSSP_FEATURE_SEAL are implemented, using the same
values as the corresponding GENSEC_FEATURE_* flags in samba4.
Command: GF
Reply: GF <hex number>
Description: Returns the negotiated flags.
Command: GK
Reply: GK <base64 encoded session key>
Description: Returns the negotiated session key.
(These commands assist a wine project to use ntlm_auth for signing and
sealing of bulk data).
Andrew Bartlett
(This used to be commit bd3e06a0e4435f1c48fa3b7862333efe273119ee)
|
|
share_mode_forall().
Volker
(This used to be commit f97f6cedffdc4d10afcac90a163b93a801acf514)
|
|
* createupn=[host_upn@realm]
* createcomputer=<ou path top to bottom> (this was previously
the only arg)
(This used to be commit 75054e984e5ca7249b1327630db9d09da974a54e)
|