Age | Commit message (Collapse) | Author | Files | Lines |
|
and account lockout flags. This is set when an account is updated
only from smbd or pdbedit. Bug found by "Dunn, Drew A." <Drew.Dunn@jhuapl.edu>.
Jeremy.
(This used to be commit bb3a0fa61f5fb74b8fe421260473c07847baeb2b)
|
|
in smbpasswd. Use -s if you want to script this.
Jeremy.
(This used to be commit a3589a18b6898e2b51570112c5acb2826ef6ba4a)
|
|
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
(This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
|
|
single user from a backend.
(This used to be commit 083740e74e0790f863c065a20e28f553fdc7d5bd)
|
|
my (C) to a header file that was at least 50% mine :-).
Jeremy.
(This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)
|
|
in libadskerberos_keyatb.c
(This used to be commit 837f56ec8bc171497fb84d332002776313c26305)
|
|
Jeremy.
(This used to be commit 464d2e90480c676688a851a141aabddf992e0b0e)
|
|
Can't fix the krb5 memory leaks inside that library :-(.
Jeremy.
(This used to be commit ad440213aaae58fb5bff6e8a6fcf811c5ba83669)
|
|
<dperry@pppl.gov>,
fixed valgrind detected mem corruption in libads/kerberos_keytab.c.
Jeremy.
(This used to be commit 286f4c809cb1532b3f8ae7ddf92349c68cc8ce31)
|
|
DEBUG() about it.
Andrew Bartlett
(This used to be commit 4da976dbd07e70726055cc4251fd1c26f63b3b2c)
|
|
client now falls back to NTLMSSP, and the server allows the client to
start, without first asking for a mech list.
Andrew Bartlett
(This used to be commit feccc3daca7b2e9091b81fbbb93dc7284baedb99)
|
|
jwilk@alumni.cse.ucsc.edu
Andrew Bartlett
(This used to be commit 94c0827ce20d8d1084703f6f5e4ad3b3c33151f8)
|
|
(This used to be commit d8a545368c8111fddcfdd423c4d6fcbab65e96d6)
|
|
Volker
(This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
|
|
account_control
field with indiviual bits what to retrieve. Set this to 0xffff as NT4
usrmgr.exe does to get everything. I'm too lazy (sorry) to get this through to
rpc_parse/ etc.
Volker
(This used to be commit d7239c2611a62873cc9eff296c84e91198a5c552)
|
|
Andrew Bartlett
(This used to be commit 5cdc7f0cd6888740d3de3535cd70c9681fa57600)
|
|
(This used to be commit 72d30ea06612461bdf19916fa40ca459f0c37acc)
|
|
there is SYS_utimes syscall defined at compile time in glibc-kernheaders but
it is available on 2.6 kernels only. Therefore, we can't rely on syscall at
compile time but have to check that behaviour during program execution. An easy
workaround is to have replacement for utimes() implemented within our wrapper and
do not rely on syscall at all. Thus, if REPLACE_UTIME is defined already (by packager),
skip these syscall shortcuts.
(This used to be commit e278e2e6e095b1c01eab307d55edf2cde48dcba2)
|
|
and have smbcontrol print the PID with it
(This used to be commit d3edf71885bfb5d342e62d46542db8ca814f3303)
|
|
delete'.
Volker
(This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
|
|
(This used to be commit bf9f02be5fc1d09c8c08c78c3f2df23b2099ba4f)
|
|
there is now a public patch that uses it, make it always available.
(It was #ifdef DEVELOPER)
Andrew Bartlett
(This used to be commit aa3bc79835c79652199ce5aaf2f3981f8211c9bd)
|
|
(allow the use of base64 encoded strings, LM or NT passwords)
Andrew Bartlett
(This used to be commit 57a5563b421b0684e7bb40d10c2168916c59c89d)
|
|
(This used to be commit 1501d58b8e23d0c9ae51514773d0429886fa9d58)
|
|
server had said something (such as an error).
Andrew Bartlett
(This used to be commit c05016a2f750960c40387c1d6aba9f6841f66a3b)
|
|
This protocol looks rather like SMTP headers/LDAP:
NT-Domain: TESTWG
Username: abartlet
...
Password: foo
Challenge-response passwords are in hexideciaml, while any 'plain'
string can be base64 encoded when like this:
Password:: Zm9vCg==
(the :: indicates it, just like LDAP - I hope)
The protocol is not final, so it is #ifdef DEVELOPER for now (so
nobody starts to rely on it until I'm happy), but we may as well get
this into subversion.
My intention is to use this to power the next version of my
PPP/ntlm_auth plugin, and hopefully entice a FreeRadius plugin out of
the woods.
Andrew Bartlett
(This used to be commit 8efdd957ba8310515242ba2979ff07130a0b1a3a)
|
|
the main ntlm_auth program.
It quite possibly should belong in smbtorture, but relies on the
winbind client for now.
Andrew Bartlett
(This used to be commit 6e1b7a8848062a184ee293cf688135b851f2bd8d)
|
|
this variable to 'user_session_key', where possible. The command line
parameter is currently unchanged).
Andrew Bartlett
(This used to be commit da4177209d1058af8e121c34f9928728f491b22e)
|
|
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
|
|
Andrew Bartlett
(This used to be commit 0693b9e79fabd58491f8aaec11dbbc71fab34f80)
|
|
*ANYTHING* in
unless you have done a make clean; make.
Jeremy.
(This used to be commit 09d82a0bef2dd5759e5430c4faea413b5a64ac11)
|
|
all authentication to members of this particular group.
Also implement an option to allow ntlm_auth to get 'squashed' error codes,
which are safer to communicate to remote network clients.
Andrew Bartlett
(This used to be commit eb1c1b5eb086f49a230142ad2de45dc0e9691df3)
|
|
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
(This used to be commit 724e8d3f33719543146280062435c69a835c491e)
|
|
* updateing WHATSNEW with vl's change
(This used to be commit a7e2730ec4389e0c249886a8bfe1ee14c5abac41)
|
|
and honours the 'netbios name' in the smb.conf.
(This used to be commit 591047c20a06cd94540b3781459c0f1b6f5baa9f)
|
|
For a (very) long time, we have had a bug in Samba were an NTLMv2-only
PDC would fail, because it converted the password into NTLM format for
checking.
This patch performs the direct comparison required for interactive
logons to function in this situation. It also removes the 'auth flags', which
simply where not ever used.
Natrually, this plays with the size of structures, so rebuild, rebuild
rebuild...
Andrew Bartlett
(This used to be commit 9598593bcf2d877b1d08cd6a7323ee0bc160d4ba)
|
|
Winbind tickets expired. We now check the expiration time, and acquire
new tickets. We couln't rely on renewing them, because if we didn't get
a request before they expired, we wouldn't have renewed them. Also, there
is a one-week limit in MS on renewal life, so new tickets would have been
needed after a week anyway. Default is 10 hours, so we should only be
acquiring them that often, unless the configuration on the DC is changed (and
the minimum is 1 hour).
(This used to be commit c2436c433afaab4006554a86307f76b6689d6929)
|
|
net rpc did not inform you if no smbd is running.
I never liked the error message (!) Success! when we established a trust.
Volker
(This used to be commit 4191a434d48065a75f38752c4aa27219f36d602b)
|
|
(This used to be commit cc9765ce97b65bb7a6cd44e847a690d3fbe9d032)
|
|
"allow_bad_conv"
boolean parameter that allows broken iconv conversions to work. Gets rid of the
nasty errno checks in mangle_hash2 and check_path_syntax and allows correct
return code checking.
Jeremy.
(This used to be commit 7b96765c23637613f079d37566d95d5edd511f05)
|
|
(should fix the mb service name problem, can't remember the bugid).
Jeremy.
(This used to be commit 94a272b9a881ec0004c5da2a7242b0a818da5630)
|
|
Bas van Sisseren <bas@dnd.utwente.nl>
(This used to be commit cc164e5afb0f6100bde547674b3de88b7e45f31f)
|
|
(This used to be commit 3e39d157cb94928a036f0497a9e255f6dbad1771)
|
|
Volker
(This used to be commit 8ba5bdc330114efbc86c851b71c58ac91ada7f31)
|
|
srv_samr_nt.c: Correctly report that a user is not member of an alias.
Volker
(This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
|
|
something not a group.
Volker
(This used to be commit 73f26de5c0b6a6b9b78c22016986f3106bce7bfa)
|
|
Volker
(This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
|
|
set of groups.
Volker
(This used to be commit e77fe4a77a6b0b8d92014edb073b36d01a1a5169)
|
|
I was rather annoyed by the net groupmap syntax, I could never get it
right.
net groupmap set "domain admins" domadm
creates a mapping,
net groupmap set "domain admins" -C "Comment" -N "newntname"
should also do what you expect. I'd like to have some feedback on the usability
of this.
net groupmap cleanup
solves a problem I've had two times now: Our SID changed, and a user's primary
group was mapped to a SID that is not ours. net groupmap cleanup removes all
mappings that are not from our domain sid.
Volker
(This used to be commit eb4d4faff8c14e999f414ca5b6e8c25a558859c8)
|
|
MACHINE.SID' file functionality.
Also, before we print out the results of 'net getlocalsid' and 'net
getdomainsid', ensure we have tried to read that file, or have
generated one.
Andrew Bartlett
(This used to be commit 191b43159e7358541be9a3deac8c447885145442)
|