Age | Commit message (Collapse) | Author | Files | Lines |
|
SamrGetGroupsForUser
that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs.
The printing that there are no groups the user is a member of might be overkill
in that it might upset existing scripts that don't expect that output.
(This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
|
|
Implement 'net afs impersonate', generate a token for a specified user. You
obviously need to be root for this operation.
Volker
(This used to be commit 5818b092e6e50d38238b0520329eb8912125c90a)
|
|
given no command line args
(This used to be commit aff2fb7a65a9fc40220d971fba8ba3cf1eeeee9f)
|
|
Guenther
(This used to be commit 3d391ef149639750db376b05528a27422f8a3321)
|
|
group-mappings.
Guenther
(This used to be commit 2556e6570ec8074bb67827f95eb365800c5c9827)
|
|
add domain trusts
(This used to be commit 5ec1faa2ad33772fb48c3863e67d2ce4be726bb2)
|
|
(This used to be commit 142461204718d489bbeff451878a52208b9891bc)
|
|
(This used to be commit 17bc42b4c2e21004adaeac78db6231a384fda16c)
|
|
Guenther
(This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
|
|
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.
Guenther
(This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5)
|
|
(This used to be commit 033105376ef4ed7d31ef7cab2442719ed57d29b9)
|
|
Added text explaining units in pdbedit time fields.
Jeremy.
(This used to be commit 3d09c15d8f06ad06fae362291a6c986f7b6107e6)
|
|
Duration: Forever".
Guenther
(This used to be commit aecacf4d9cc5e2aa69b358292b9d591ade696500)
|
|
Note that Samba3 does not yet support it server-side.
Guenther
(This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
|
|
To get all entries use a 0 acb_mask.
Guenther
(This used to be commit bc729f8fd877236a503cc9df64138b2be2e1a91d)
|
|
* define some const SE_PRIV structure for use when
you need a SE_PRIV* to a privilege
* fix an annoying compiler warngin in smbfilter.c
* translate SIDs to names in 'net rpc rights list accounts'
* fix a seg fault in cli_lsa_enum_account_rights caused by
me forgetting the precedence of * vs. []
(This used to be commit d25fc84bc2b14da9fcc0f3c8d7baeca83f0ea708)
|
|
(This used to be commit f1d59c3a2693fe36b9abe9c1da4b703c5543f938)
|
|
This allows the ldap-backend to search much more effeciently. Machines
will be searched in the ldap_machine_suffix and users in the
ldap_users_suffix. (Note that we already use the ldap_group_suffix in
ldapsam_setsamgrent for quite some time).
Using the specific ldap-bases becomes notably important in large
domains: On my testmachine "net rpc trustdom list" has to search through
40k accounts just to list 3 interdomain-trust-accounts, similiar effects
show up the non-user query_dispinfo-calls, etc.
Also renamed all_machines to only_machines in load_sampwd_entries()
since that reflects better what is really meant.
Guenther
(This used to be commit 6394257cc721ca739bda0e320375f04506913533)
|
|
(This used to be commit 002ece931917e2952ed795939384764d14f93ce9)
|
|
one small todo item is to add a 'accounts' sub option
to 'net rpc list' so enumerate all privileged SIDs
and their associated rights.
(This used to be commit bf4385c79a0ce2e4983ffa11d39367dbf1d4dcfd)
|
|
(This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
|
|
Also fix return of NT_STATUS_NO_MORE_ENTRIES should be
ERROR_NO_MORE_ITEMS reported by "Marcin Porwit" <mporwit@centeris.com>.
Jeremy.
(This used to be commit 511cdec60d431d767fb02f68ca5ddd4ddb59e64a)
|
|
supported pipe. Netlogon is still special, as we open that twice, one to do
the auth2, the other one with schannel.
The client interface is completely unchanged for those who only use a single
pie. cli->pipe_idx is used as the index for everything except the "real"
client rpc calls, which have been explicitly converted in my last commit. Next
step is to get winbind to just use a single smb connection for multiple pipes.
Volker
(This used to be commit dc294c52e0216424236057ca6cd35e1ebf51d0da)
|
|
up printcap reloads
(This used to be commit 1cad5250932b963c2eb9b775221b13db386d601b)
|
|
no passwords after vampire. Set password last set field to now.
(This used to be commit 60c3a638e4e63d009728c2ce7a6264c3c120a9e5)
|
|
Guenther
(This used to be commit b209f97f246cd65719f1000c7de368babec26d47)
|
|
Guenther
(This used to be commit 98f3e3353df988e819bc41d145b13c76e1b86b55)
|
|
Guenther
(This used to be commit 0930ad662770278cbe9fd4e3deaa523957b96697)
|
|
Guenther
(This used to be commit 4eec06b461c295f90c2ec01a0eef1e173eab22b3)
|
|
Jeremy
(This used to be commit efc1b688cf9b1a17f1a6bf46d481280ed8bd0c46)
|
|
Based on samba4-idl. The decoding of account-lockout-string is somewhat
experimental though.
Guenther
(This used to be commit 721bf50d7446b8ce18bc1d45e17d4214d5a43d26)
|
|
"verbose".
Guenther
(This used to be commit 0760d07b4c6f15489bea2f0fb4f1b0084bd62301)
|
|
(This used to be commit 0c3bb181e8f4d10d446f9211904d53f42ddcbaeb)
|
|
that had
ended up as a gid in winbindd_idmap.tdb) from winbindd_idmap.tdb. Stopping
winbind was not an option on that machine....
net idmap delete <idmap-file> <SID>
Thanks,
Volker
(This used to be commit 27c16733c13bb1c91d356f1c9f5c1f069e24cca2)
|
|
winbind systems, looking up hundreds of users can turn out to be a bit too
expensive if you just want to find out which smbd handles a particular IP
address.
Volker
P.S: Who is "OH"? ;-)
(This used to be commit d878563ef0c9aa21a12cc5a88dcb17ef8c4bcf5a)
|
|
Jeremy.
(This used to be commit 61479f56be60a3c2ae0f7b931335cb1da77540c2)
|
|
(This used to be commit 9b322f232c450e9525d5aa3b8267881b94ba4052)
|
|
from Lars Mueller <lmuelle@suse.de>), just for completeness.
Note that though we have logon_count implemented in all pdb-backends but
never (for good reason!) update the counter.
Guenther
(This used to be commit a03aa0956813998dbbc3c68f6bc5214fd720cdb2)
|
|
Guenther
(This used to be commit eb64eb9d572e12b28a67779746b8ddc191497c09)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Jeremy.
(This used to be commit 8e979772a640bb4f00f4d72b6a9c837b8ef14333)
|
|
with smbcacls and using with the -S or -M switch. Fixes #404 and #2076.
Guenther
(This used to be commit 13d32519e3806d7c080a0ac3c5ba196868ed2581)
|
|
(This used to be commit 5c9fd4d8963130829684469be172e859b3799e27)
|
|
Jeremy.
(This used to be commit 1fd1a98782c3ca7171428b62336936aef4c6685b)
|
|
Volker
(This used to be commit 78ab68367d437cd5f84d46ac96fcaf9ebb3305b8)
|
|
Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back
to WINREG.
(This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
|
|
First check to see if we can open secrets.tdb.
(This used to be commit 81e3c78d056c0a7499b8f27dcd37a13e725053ee)
|
|
the -u <username> functionality
(This used to be commit 7dd12ed8a5ebbfa791f014b35debcf55d80e6d87)
|
|
(This used to be commit 23422aeec04dfb72a0ad5b0a67622cec69ca502d)
|
|
implementation does
not exactly match what you would expect.
XP workstations during login actually do this, so we should better become a
bit more correct. The LDAP query issued is not really fully optimal, but it is
a lot faster and more correct than what was there before. The change in
passdb.h makes it possible that queryuseraliases is done with a single ldap
query.
Volker
(This used to be commit 2508d4ed1e16c268fc9f3676b0c6a122e070f93d)
|