summaryrefslogtreecommitdiff
path: root/source3/winbindd/winbindd_proto.h
AgeCommit message (Collapse)AuthorFilesLines
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett1-1/+0
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-30s3: Add "smbcontrol winbindd ip-dropped <local-ip>"Volker Lendecke1-0/+10
This is supposed to improve the winbind reconnect time after an ip address has been moved away from a box. Any kind of HA scenario will benefit from this, because winbindd does not have to wait for the TCP timeout to kick in when a local IP address has been dropped and DC replies are not received anymore.
2010-09-21s3-winbindd: another attempt to fix the non-ldap build.Günther Deschner1-0/+2
Guenther
2010-09-19s3/winbind: remove unused winbindd_check_cache_sizeBjörn Jacke1-1/+0
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett1-4/+4
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change struct nt_user_token -> struct security_tokenAndrew Bartlett1-2/+2
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change type of num_sids to uint32_tAndrew Bartlett1-2/+2
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-09s3: Remove "mem_ctx" from a few functionsVolker Lendecke1-3/+0
2010-09-09s3: Remove "mem_ctx" from wcache_save_creds()Volker Lendecke1-1/+0
2010-09-09s3: Remove "mem_ctx" from lookup_cached_name()Volker Lendecke1-2/+1
2010-09-09s3: Remove unused arg "user_sid" from winbindd_store_credsVolker Lendecke1-2/+1
All callers have passed in NULL
2010-09-09s3: Remove unused winbindd_update_creds_by_sidVolker Lendecke1-4/+0
2010-09-09s3: Remove unused winbindd_dual_show_sequence()Volker Lendecke1-2/+0
2010-09-08s3: Make winbind_add_failed_connection_entry staticVolker Lendecke1-3/+0
2010-08-16s3:winbindd: remove rpc_pipe_client references from winbind_dual_ndr codeStefan Metzmacher1-3/+3
metze
2010-08-14s3:winbind: remove the method REMOVE_MAPPING from winbind's APIMichael Adam1-7/+0
Michael
2010-08-14s3:winbind: remove the method SET_MAPPING from winbind's APIMichael Adam1-7/+0
Michael
2010-08-14s3:winbind: remove SET_HWM from winbind's API.Michael Adam1-7/+0
2010-08-05s3: avoid global include of ads.h.Günther Deschner1-1/+2
Guenther
2010-07-07s3-winbindd: route samr chgpwd ops for own domain over internal samr pipe as ↵Günther Deschner1-0/+7
well. Guenther
2010-06-10s3:winbindd use common server context functionsSimo Sorce1-3/+0
2010-05-31s3:winbind tidy up connecting the winbind sockets.Andrew Bartlett1-4/+2
By putting this code inline in winbindd_setup_listeners() we remove 2 static variables and simplify the code. By putting the get_winbind_priv_pipe_dir() in the same file, we allow it to be reimplemented in s3compat. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-31Revert "s3:winbindd Split helper functions to allow s3compat to call them"Andrew Bartlett1-1/+0
I'm experimenting with a different entry point This reverts commit f5c0f90da5f5372ca6b7a72daa8d073a2444a068.
2010-05-28s3:winbind Kill amusing but un-used winbindd_kill_all_clientsAndrew Bartlett1-1/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-24/+24
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-13s3:winbindd Provide a winbindd_register_handlers() helper function for s3compatAndrew Bartlett1-0/+1
This function provides a useful entry point for s3compat to set things up in winbindd. Andrew Bartlett
2010-05-13s3:winbindd Split helper functions to allow s3compat to call themAndrew Bartlett1-0/+1
This provides a more useful entry point for s3compat. Andrew Bartlett
2010-05-13s3:Winbindd Move winbindd_event_context to a different fileAndrew Bartlett1-2/+3
This allows this function to be easily replaced in s3compat Andrew Bartlett
2010-04-25s3: async_domain_request is no longer usedVolker Lendecke1-6/+0
2010-04-24s3: sendto_domain() is lo longer usedVolker Lendecke1-2/+0
2010-04-23s3: Convert WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP to the new async APIVolker Lendecke1-1/+9
2010-04-19s3: Move the in-memory ccache to the parentVolker Lendecke1-0/+1
None of this blocks, so there is no reason to keep this in a winbind child process
2010-04-19s3: Convert WINBINDD_PAM_LOGOFF to the new async APIVolker Lendecke1-1/+7
2010-04-19s3: Convert WINBINDD_PAM_CHAUTHTOK to the new async APIVolker Lendecke1-1/+8
2010-04-19s3: Convert WINBINDD_PAM_AUTH_CRAP to the new async APIVolker Lendecke1-1/+8
2010-04-19s3: Convert WINBINDD_PAM_AUTH to the new async APIVolker Lendecke1-1/+7
2010-04-08s3: Remove the separate "child" argument from setup_domain_child()Volker Lendecke1-2/+1
2010-03-31s3: Make check_info3_in_group staticVolker Lendecke1-2/+0
2010-03-31s3-winbind: Make append_auth_data() staticVolker Lendecke1-4/+0
2010-03-10s3: Fix a long-standing problem with recycled PIDsVolker Lendecke1-8/+0
When a samba server process dies hard, it has no chance to clean up its entries in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb. For locking.tdb and brlock.tdb Samba is robust by checking every time we read an entry from the database if the corresponding process still exists. If it does not exist anymore, the entry is deleted. This is not 100% failsafe though: On systems with a limited PID space there is a non-zero chance that between the smbd's death and the fresh access, the PID is recycled by another long-running process. This renders all files that had been locked by the killed smbd potentially unusable until the new process also dies. This patch is supposed to fix the problem the following way: Every process ID in every database is augmented by a random 64-bit number that is stored in a serverid.tdb. Whenever we need to check if a process still exists we know its PID and the 64-bit number. We look up the PID in serverid.tdb and compare the 64-bit number. If it's the same, the process still is a valid smbd holding the lock. If it is different, a new smbd has taken over. I believe this is safe against an smbd that has died hard and the PID has been taken over by a non-samba process. This process would not have registered itself with a fresh 64-bit number in serverid.tdb, so the old one still exists in serverid.tdb. We protect against this case by the parent smbd taking care of deregistering PIDs from serverid.tdb and the fact that serverid.tdb is CLEAR_IF_FIRST. CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not work when all smbds are restarted. For this, "net serverid wipe" has to be run before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up sessionid.tdb and connections.tdb. While there, this also cleans up overloading connections.tdb with all the process entries just for messaging_send_all(). Volker
2010-02-28s3: Remove unused count_all_current_connections()Volker Lendecke1-1/+0
2010-02-09s3: Don't invalidate cache for uninitialized domains.Bo Yang1-0/+1
Signed-off-by: Bo Yang <boyang@samba.org>
2010-01-24s3: Add wbinfo --ccache-saveVolker Lendecke1-0/+3
With this command you can give winbind your password for later use by the automatic ntlm_auth
2010-01-02s3: Make free_domain_list() staticVolker Lendecke1-1/+0
2010-01-02s3: Introduce domain_is_forest_root() helper functionVolker Lendecke1-0/+1
Hopefully this makes the flag tests a bit more understandable
2009-12-26s3: Replace IS_DOMAIN_OFFLINE by a functionVolker Lendecke1-0/+1
2009-12-26s3: winbindd_cli_state->getgrent_state is no longer usedVolker Lendecke1-1/+0
2009-12-23s3: Remove some unused codeVolker Lendecke1-17/+0
2009-12-23s3: Remove unused sendto_child()Volker Lendecke1-2/+0
2009-12-21s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dcVolker Lendecke1-0/+7
This just does a NULL RPC call through an existing NETLOGON connection. If someone knows an operation that "just works" and does not return NOT_SUPPORTED, please tell me :-)