Age | Commit message (Collapse) | Author | Files | Lines |
|
downloading stuff.
Volker
(This used to be commit b86ea50fa6dae04adeef750cdbe606a292c1430a)
|
|
we end up with an empty domain field, which a workstation
does not really like in sam_logon..
Volker
(This used to be commit e0cb325b99e09a5a5cba07f0403ed445814bbf53)
|
|
we end up with an empty domain field, which a workstation
does not really like in sam_logon..
Volker
(This used to be commit 5a3f89d3c12c5e4ab89fbe220ca34387c1660511)
|
|
- Make passdb work with absolute paths (passdb backend = /path/to/smbpasswd.so works now). vfs, rpc and charset will follow
(This used to be commit 794d3ed03619a4e41558d9ff65783a1aa1b2be90)
|
|
(This used to be commit 0c12a206bb6610d79deb89868cac9293604b7c08)
|
|
please remember to *test* your changes before committing them. This is
especially the case when you receive patches from outside the team -
before you commit you must make sure that the patch actually works.
(This used to be commit 1d3c7e7fb628a528978f345f83289cc7f2521c35)
|
|
(This used to be commit 6ab41e50fd0a36ebd9969064aa46235dc687dfba)
|
|
(This used to be commit 094eed2c6222fe167ee9f596f4b849a4dea234bf)
|
|
some double options and broke some parameters.
(This used to be commit d5f9b0275c91512e1926504f22aaeec2d104430d)
|
|
(This used to be commit 2ddfed298d7f0b6e690275725a39c3ef107077ae)
|
|
NTLM Authentication:
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
|
|
are 'SET' when adding the account.
I really don't like passing flags down to inner routines and
complicated if/else conditions, but this time he might be right. ;-)
Volker
(This used to be commit 339c14906802db6ddb59f07a0c71dcc3c73cc3d6)
|
|
are 'SET' when adding the account.
I really don't like passing flags down to inner routines and
complicated if/else conditions, but this time he might be right. ;-)
Volker
(This used to be commit 80d2578108da14f60133df3a308b867beb27e920)
|
|
(This used to be commit 691c63ad6b522ae7984017ebadffb5c7c13f6992)
|
|
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
|
|
(This used to be commit a1576694a6f23e1c70d7d81ac4feedd4f29c5400)
|
|
* pdbedit -i -e sets all SAM_ACCOUNT elements
to CHANGED to satisfy the new pdb_ldap.c handling
* pdbedit -g transfers group mappings. I made this
separate from the user database, as current installations
have to live with a split backend.
So, if you are running 3_0 alphas with LDAP as a backend
and upgrade to the next 3_0 alpha, you should call
pdbedit -i tdbsam -e ldapsam -g
to transfer your group mapping database to LDAP.
You certainly have to have all your groups as posixGroup
objects in LDAP and adapt the LDAP schema before this
call.
Volker
(This used to be commit 09a3db0ffcbbe578788d3dd5ee7540d27cc7c09a)
|
|
* pdbedit -i -e sets all SAM_ACCOUNT elements
to CHANGED to satisfy the new pdb_ldap.c handling
* pdbedit -g transfers group mappings. I made this
separate from the user database, as current installations
have to live with a split backend.
So, if you are running 3_0 alphas with LDAP as a backend
and upgrade to the next 3_0 alpha, you should call
pdbedit -i tdbsam -e ldapsam -g
to transfer your group mapping database to LDAP.
You certainly have to have all your groups as posixGroup
objects in LDAP and adapt the LDAP schema before this
call.
Volker
(This used to be commit 6d3faeaef6c77e389d39b6d4660ffea13e7f25f2)
|
|
(Decode all database names, and set only changes, not all info from the samsync
record).
Andrew Bartlett
(This used to be commit c7b8405bdebb9241ec335ccbbef630d90e61a419)
|
|
- Decode all the database names, even if we don't decode their contents
- Update the 'set' code to match rpc_server/srv_samr_nt.c in only recording
the difference between the old and new.
Andrew Bartlett
(This used to be commit 6509397f91a4c218552a48a96df06e595b630898)
|
|
(This used to be commit b46581ef153296a0a04f773115cb2ddad4d44686)
|
|
(This used to be commit 5f12b246b03aef93165059f632012b6fc4706c70)
|
|
(This used to be commit e7ed8bfc24d94b0b6e70a03eaae927fe1daa7d56)
|
|
(This used to be commit 633b3eb7812dc0a58785536a1e7d28329d488b43)
|
|
(This used to be commit 99de90adc98b8d5354c769dcd25cc1f34d3769e9)
|
|
(This used to be commit 8f285878b30bad7388f69075538c628a7e18ac8a)
|
|
- pdb_guest (including change defaults)
- 'default' passdb actions (instead of 'not implemented' stubs in each module)
- net_rpc_samsync no longer assumes pdb_unix
Andrew Bartlett
(This used to be commit 4bec53c8c81019f0f06a93c4df0800bbf7281dd6)
|
|
(This used to be commit 05b1681b03688c0d4e57e8dfb881b111f947e6c6)
|
|
(This used to be commit 3bad73ca870bb43324bdb5dfc6bb02e0fa1fb1e0)
|
|
(This used to be commit 44e9bf88cc2bbb2aa34711354258c3abb319cb9b)
|
|
(This used to be commit 45e5374e89730e7ad497edf9e344fbd1b8992589)
|
|
This patch catches up on the rest of the work - as much string checking
as is possible is done at compile time, and the rest at runtime.
Lots of code converted to pstrcpy() etc, and other code reworked to correctly
call sizeof().
Andrew Bartlett
(This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be)
|
|
(This used to be commit 29d909b184e0044f728091f3215eeb58bbeff437)
|
|
signed/unsigned (mostly i counters)
a little bit of const.
Andrew Bartlett
(This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
|
|
net ads password
Heimdal compile fixes.
Andrew Bartlett
(This used to be commit 3aa4f923e99f453310bb4a8d43ce43757591909d)
|
|
new 'net ads dn'
doxygen fixes
net help fixes.
(This used to be commit de24fcb097ebf0d1aec92e787622cab64d10c553)
|
|
have some of the labels 'duplicated' (ie, the defines double-up).
Also, to an ads_connect() to try and find our KDC. (So we don't segfualt
*every* time)
Andrew Bartlett
(This used to be commit 56dce7ddad118051c93c62507234efca3920bc9b)
|
|
- signed/unsigned
- quieten warning about assignment as truth value
- whitespace
Andrew Bartlett
(This used to be commit a13ce0df4b4a776fa635a1fb804dd00d195f58d0)
|
|
Fix an inconpatible poitner type that caused the IA64 not to build
Andrew Bartlett
(This used to be commit 37436b0aae108fceace3049d3868510e1ba592ac)
|
|
(This used to be commit 9af30c9aae3623c4db1edca39a91973f0279acb4)
|
|
an expected situation.
Andrew Bartlett
(This used to be commit a07fccb7ae169c0b5089e3f7d2c5d6465b2e4686)
|
|
of user@realm for kerberos logins.
Andrew Bartlett
(This used to be commit ce013dc13e9e77b5cb9b2d5a4b76d54f91614e6c)
|
|
(This used to be commit 30ba31e6355b5dfb902e42d2b5edc71630db2923)
|
|
Andrew Bartlett
(This used to be commit 42b5514404bc7e33306c11344c6c934a1f83d295)
|
|
(This used to be commit 14d7d8b22993ca7f1c273a7baaccb09c8fa04ef9)
|
|
- added general options to 'net -h' help
(This used to be commit ee8a7fdab7f5aa6f4a64f2eea90f0d44ae0f388a)
|
|
(This used to be commit 507e5738fb7c50969bee269527be5dc6e450b77f)
|
|
(This used to be commit 87cebe797f06fab4a5d0077fd78b2183ff7333a5)
|
|
- More info is printed
- (grand)child domains handled properly
Thanks to Anthony Liguori (aliguori@us.ibm.com)
(This used to be commit 3dbcb4d93f7c192eb2ccea5941a3843b5de1190e)
|
|
- Add smb_probe_module()
- Add init_modules()
- Call these functions
(This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
|