summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3: only use netlogon/nbt header when needed.Günther Deschner2-0/+2
Guenther
2010-05-31s3-build: only use ndr_security.h where needed.Günther Deschner2-0/+2
Guenther
2010-05-28s3:winbind Kill amusing but un-used winbindd_kill_all_clientsAndrew Bartlett2-18/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-26s3-samr: move chgpasswd.c out of smbd and into the samr server.Günther Deschner1-0/+1
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett25-204/+204
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-20s3:winbind:idmap_tdb2_set_mapping: untangle assignment from checkMichael Adam1-1/+2
2010-05-18s3-rpc_client: move protos to cli_lsarpc.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-rpc_client: move protos to cli_netlogon.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-rpc_client: move protos to cli_samr.hGünther Deschner2-0/+2
Guenther
2010-05-18s3:winbind use no_srv_register to avoid needing rpc_srv_registerAndrew Bartlett1-10/+0
This pidl attribute avoids the need for this dummy function, which helps s3compat. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij3-4/+4
2010-05-18s3-crypto: only include crypto headers when crypto is done.Günther Deschner1-0/+1
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner4-4/+4
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-05-17s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().Günther Deschner1-2/+4
Guenther
2010-05-17s3-winbind: make the getpeername() checks in cm_prepare_connection IPv6 aware.Günther Deschner1-5/+25
Note that this failure was hard to track, as winbind did only log a super helpful "cm_prepare_connection: Success" debug message. IPv6 gurus, please check Successfully tested in two independent IPv6 networks now. Guenther
2010-05-17s3:winbind:idmap_tdb: don't check ranges when an invalid entry was found.Michael Adam1-0/+1
There is no point in checking the ranges this if the record found had an invalid/unknown type: the mapping is not filled in. If it were initialized to some defaults before, the check just might replace the status NT_STATUS_INTERNAL_DB_ERROR with a NT_STATUS_NONE_MAPPED, which is not as precise.
2010-05-13s3:winbindd Provide a winbindd_register_handlers() helper function for s3compatAndrew Bartlett2-95/+102
This function provides a useful entry point for s3compat to set things up in winbindd. Andrew Bartlett
2010-05-13s3:winbindd Split helper functions to allow s3compat to call themAndrew Bartlett2-22/+30
This provides a more useful entry point for s3compat. Andrew Bartlett
2010-05-13s3:Winbindd Move winbindd_event_context to a different fileAndrew Bartlett3-12/+40
This allows this function to be easily replaced in s3compat Andrew Bartlett
2010-05-13s3:winbindd Rename 'children' to 'winbindd_children' and make staticAndrew Bartlett1-9/+9
2010-05-13s3:winbindd Remove call to namecache_enable().Andrew Bartlett1-4/+0
This call only prints a DEBUG() Andrew Bartlett
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett1-14/+15
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner5-0/+5
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-05-02s3: Unify DEBUG_KRB5_TKT_REGAIN and DEBUG_KRB5_TKT_RENEWALVolker Lendecke1-1/+1
I don't think it makes sense to #ifdef this one case separately. Metze, Bo Yang, please check!
2010-05-02s3: Fix a typoVolker Lendecke1-1/+1
2010-05-02s3: Fix the code order in append_auth_dataVolker Lendecke1-7/+7
This is to comply with the comment "currently, anything from here on potentially overwrites extra_data." Günther, please check!
2010-04-29s3: range-check idmap script outputVolker Lendecke1-0/+13
Not doing so results in the id mapping succeeding once unchecked and later on being refused, because when reading from the tdb we do the checks.
2010-04-29s3: Fix an uninitialized variable in idmap_tdb2_sid_to_id()Volker Lendecke1-0/+1
When we find an invalid record in the database, there's no point in checking the non-existing value against the range limits.
2010-04-29s3: Fix some nonempty blank linesVolker Lendecke1-14/+14
2010-04-25s3: async_domain_request is no longer usedVolker Lendecke2-67/+0
2010-04-25s3: Convert add_trusted_domains() to wb_domain_request_send()Volker Lendecke1-22/+19
2010-04-25s3: Simplify trustdom_stateVolker Lendecke1-10/+5
Don't store information explicitly as boolean flags that can be easily retrieved from the domain when it's actually needed.
2010-04-25s3: Make "struct trustdom_state" its own talloc contextVolker Lendecke1-14/+9
2010-04-24s3: sendto_domain() is lo longer usedVolker Lendecke2-30/+0
2010-04-23s3: Allow pdb password change using WINBINDD_PAM_CHNG_PSWD_AUTH_CRAPVolker Lendecke1-0/+15
2010-04-23s3: init_dc_connection() can't init for internal domainsVolker Lendecke1-0/+4
This fixes a crash in winbindd_dual_pam_chng_pswd_auth_crap when given global_sam_name() in the domain field
2010-04-23s3: replace some data_blob_talloc by data_blob_constVolker Lendecke1-8/+4
2010-04-23s3: Convert WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP to the new async APIVolker Lendecke4-47/+132
2010-04-23s3-winbind: fix setup_domain_child() callers.Günther Deschner1-2/+2
Volker, please check. Guenther
2010-04-23s3: Fix a winbind crash when scanning trustsVolker Lendecke1-0/+6
add_trusted_domain() for a new domain always needs to be followed by a setup_domain_child(). This was not always done, in particular not when walking to the forest root for additional trusts. This is a minimal patch, we need to fix add_trusted_domain().
2010-04-19s3: Move the in-memory ccache to the parentVolker Lendecke7-95/+90
None of this blocks, so there is no reason to keep this in a winbind child process
2010-04-19s3-winbind: Allow changing the password for pdbVolker Lendecke1-0/+47
2010-04-19s3: Convert WINBINDD_PAM_LOGOFF to the new async APIVolker Lendecke4-68/+148
2010-04-19s3: Convert WINBINDD_PAM_CHAUTHTOK to the new async APIVolker Lendecke4-59/+131
2010-04-19s3: Convert WINBINDD_PAM_AUTH_CRAP to the new async APIVolker Lendecke4-73/+132
2010-04-19s3: Convert WINBINDD_PAM_AUTH to the new async APIVolker Lendecke4-66/+134
2010-04-19winbindd: Fill in num_entries where availableVolker Lendecke3-0/+6
The server implementation of WINBINDD_LIST_USERS, WINBINDD_LIST_GROUPS and WINBINDD_LIST_TRUSTDOM knows the number of entries returned. Bump up the version number so that a newer lib does not rely on something an older winbind does not do.
2010-04-19s3: Add some debug to GETSIDALIASESVolker Lendecke1-0/+9
2010-04-18s3: Fix indentation in remove_ccacheVolker Lendecke1-1/+1