summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2011-11-15s3-winbind: Don't fail on users without a uid.Andreas Schneider1-1/+19
This fixes bug #8608. If you join samba with idmap_ad backend to an AD. When you try to enumerate users with 'getent passwd' and the user doesn't have a uid set, then getent is aborted cause of NT_STATUS_NONE_MAPPED. If we can't map a user we should not stop but continue enumerating users. This normally happens with the default user 'krbtgt' with idmap_ad but could also happen with other backends. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Tue Nov 15 16:52:04 CET 2011 on sn-devel-104
2011-11-15s3-winbind: Make sure the map is clean.Andreas Schneider1-1/+5
2011-11-14s3-modules: remove the last "init_module" traces.Günther Deschner2-4/+0
Guenther
2011-11-03s3:winbindd: s/Undefined/SMB_SIGNING_DEFAULT/Stefan Metzmacher1-1/+1
metze
2011-10-28Fix bug #8548 - winbind_samlogon_retry_loop ignores logon_parameters flags.Jeremy Allison1-2/+2
Fix confirmed by reporter. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 28 23:04:47 CEST 2011 on sn-devel-104
2011-10-28lib/util Rename samba_init_module -> samba_module_initAndrew Bartlett6-6/+6
This is to provide a cleaner namespace in the public samba plugin functions. Andrew Bartlett
2011-10-24idl: Improve MS-PAC IDLSimo Sorce1-7/+7
Change some misleading variable names to reflect the actual function. Add missing field name/types previously marked as unkown. Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
2011-10-21s3:idmap_autorid: add an allocation range to autoridChristian Ambach1-1/+96
this is needed to allocate gids for BUILTIN\Users and BUILTIN\Administrators and for local users/group that admins might want to create autorid will now allocate one range for this purpose and can so give out as many uids and gids as the configured rangesize allows
2011-10-21s3:idmap_autorid: move HWM initialization into a functionChristian Ambach1-17/+27
we will need some more HWM soon, so move out initialization and optimize the logic using the new interface of dbwrap_fetch_uint32
2011-10-21s3:idmap_autorid: use strings as parameter for range allocatorChristian Ambach1-14/+14
this prepares for allocation of non-domain ranges that cannot be expressed by a SID (e.g. an allocation pool)
2011-10-21s3:winbindd/idmap make idmap modules loadable againChristian Ambach6-6/+6
commit 355b5e3a831415d9bef97 changed the module system to expect 'samba_init_module' as fixed initializer function
2011-10-21Revert "s3:idmap/autorid add a small alloc pool to autorid"Christian Ambach1-61/+0
This reverts commit 0aa558718ad7427ee8b02046da73eea1838a5a32. just having 500 uid/gids values is not good enough for users using local users and groups in the order of thousands better solution which will use a complete range for allocated uids/gids will come next.
2011-10-18pdb-interface: Do not use unid_t hereSimo Sorce1-4/+5
This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett1-1/+1
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-12Fix bug #8521 - winbindd cache timeout expiry test was reversedJeremy Allison1-1/+1
Found and fix reported by Micha Lenk <micha@lenk.info>. Thanks !
2011-10-11s3:dbwrap: change dbwrap_store_uint32() to NTSTATUS return typeMichael Adam1-7/+6
for consistency and better error propagation Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue Oct 11 15:51:00 CEST 2011 on sn-devel-104
2011-10-11s3:dbwrap: change dbwrap_store_int32() to NTSTATUS return typeMichael Adam1-6/+12
for consistency and better error propagation
2011-10-11s3:dbwrap: change dbwrap_fetch_uint32() to NTSTATUS return type (instead of ↵Michael Adam3-21/+23
bool) for consistency and better error propagation
2011-10-11s3:dbwrap: convert dbwrap_fetch_int32() to NTSTATUS return codeMichael Adam2-8/+35
Return the int32 value retrieved from the db by reference. Before this, return value "-1" was used as a error indication, but it could also be a valid value from the database.
2011-10-11s3:idmap_tdb2: fix hwm-handling to use uint32 consistentlyMichael Adam1-10/+12
The initialization code user int32, later writes used uint32...
2011-10-11s3:idmap_tdb: fix hwm-handling to use uint32 consistentlyMichael Adam1-8/+10
The initialization code user int32, later writes used uint32...
2011-10-11s3:idmap_autorid: make a debug message more preciseMichael Adam1-1/+1
2011-10-11s3:idmap_autorid: untangle function from check and log status in ↵Michael Adam1-6/+7
idmap_autorid_db_init()
2011-10-11s3:idmap: convert idmap_tdb to use dbwrap wrapper functions.Michael Adam1-22/+34
Avoid direct use of the db_record and db_context structs.
2011-10-11s3:dbwrap: convert dbwrap_fetch(), dbwrap_fetch_bystring() and ↵Michael Adam3-14/+16
dbwrap_fetch_bystring_upper() to NTSTATUS
2011-09-23s3-winbindd: add support for idmap type WBC_ID_TYPE_BOTHAndrew Tridgell1-0/+6
this allows the s3 code to understand and cache responses from the s4 winbindd which may include a single SID mapped to both a uid and a gid Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Sep 23 01:47:54 CEST 2011 on sn-devel-104
2011-09-15s3:libsmb: pass max_protocol to cli_negprot()Stefan Metzmacher1-1/+1
metze
2011-09-15Finish commit 8745c70d by Michael Adam.Jeremy Allison1-5/+5
If you're going to move winbindd_cache.tdb to the state_path, do it *everywhere*. Found by Ira Cooper <ira@wakeful.net>. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Sep 15 00:43:04 CEST 2011 on sn-devel-104
2011-09-14s3:winbindd: let wbint handles return NT_STATUS_CONNECTION_DISCONNECTEDStefan Metzmacher1-2/+2
We should return the same in all places. metze
2011-09-13s3:winbindd_cm: make use of cli_state_security_mode()Stefan Metzmacher1-1/+3
metze
2011-09-08Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out.Jeremy Allison1-15/+66
Based on Volker's original code. (cherry picked from commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960) Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Sep 8 21:29:53 CEST 2011 on sn-devel-104
2011-09-08s3: Fix a debug messageVolker Lendecke1-2/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Sep 8 15:08:43 CEST 2011 on sn-devel-104
2011-09-08s3: Fix a typoVolker Lendecke1-1/+1
2011-09-08s3:libsmb: pass CLI_FULL_CONNECTION_* flags to cli_state_create()Stefan Metzmacher1-3/+4
metze
2011-09-07s3:winbind: put winbindd_cache into the state dir, not the cache dirMichael Adam1-1/+1
Despite the name, in winbind offline logon mode, this is a database that contains valuable information and should not be cleared. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Sep 7 21:17:37 CEST 2011 on sn-devel-104
2011-09-07s3:idmap/autorid add a small alloc pool to autoridChristian Ambach1-0/+52
this is needed to allocate gids for BUILTIN\Users and BUILTIN\Administrators gids are stored at the start of the first domain as RIDs start with values over 500, we have some room there so we do not need to allocate a range Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Wed Sep 7 15:15:09 CEST 2011 on sn-devel-104
2011-09-06s3: Make winbindd_lookup_names staticVolker Lendecke2-14/+14
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Sep 6 20:03:56 CEST 2011 on sn-devel-104
2011-08-31s3-waf: allow undefined symbols in idmap_rid module.Günther Deschner1-0/+1
Guenther
2011-08-31s3-waf: allow unresolved symbols in some idmap and nss_info modules.Günther Deschner1-0/+7
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Aug 31 14:27:31 CEST 2011 on sn-devel-104
2011-08-31s3-waf: add missing tdb dependency to idmap_tdb2 module.Günther Deschner1-1/+1
Guenther
2011-08-31s3-waf: convert nss_info subsystem into a private library.Günther Deschner1-4/+5
Guenther
2011-08-29s3: Fix getent group if trusted domains are not reachableVolker Lendecke1-2/+7
2011-08-29s3-lib: If we create a pipe socket, don't start to listen.Andreas Schneider1-0/+9
The create_pipe_sock() function should only create the socket as the name states and not start to listen on it too. We should start to listen on in the individual places as we need different backlog values. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Mon Aug 29 13:21:43 CEST 2011 on sn-devel-104
2011-08-26s3: Fix a winbind race leading to 100% CPUVolker Lendecke1-2/+3
This fixes a race condition that leads to the winbindd_children list becoming corrupted. It happens when on a busy winbind SIGCHLD is a bit late. Imagine a winbind with multiple requests in the queue for a single child. Child dies, and before the SIGCHLD handler is called we find the socket to be dead. wb_child_request_done is called, receiving an error from wb_simple_trans_recv. It closes the socket. Then immediately the wb_child_request_trigger will do another fork_domain_child before the signal handler is called. This means that we do another fork_domain_child, we have child->sock==-1 at this point. fork_domain_child will do a DLIST_ADD(winbindd_children, child) a second time where the child is already part of that list. This corrupts the list. Then the signal handler kicks in, spinning in for (child = winbindd_children; child != NULL; child = child->next) { forever. Not good. This patch makes sure that both conditions (sock==-1 and not part of the list) for a winbindd_child struct match up. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Aug 26 18:51:24 CEST 2011 on sn-devel-104
2011-08-26s3: Fix two int/enum mixupsVolker Lendecke1-2/+2
2011-08-26s3: Use sys_write in fork_domain_childVolker Lendecke1-1/+1
Counterpart for last checkin. A lot less likely, but not impossible in a child. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Aug 26 13:14:27 CEST 2011 on sn-devel-104
2011-08-26s3: Use sys_read in fork_domain_childVolker Lendecke1-1/+1
I've seen [2011/08/26 01:44:10.872057, 1] winbindd/winbindd_dual.c:1336(fork_domain_child) fork_domain_child: Could not read child status: nread=-1, error=Interrupted system call on a customer box. Not good.
2011-08-25s3-waf: fix some unresolved symbols in idmap ad modules.Günther Deschner1-0/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Aug 25 15:15:57 CEST 2011 on sn-devel-104
2011-08-24s3:winbindd fix a return code checkChristian Ambach1-2/+2
talloc_traverse_dict will return with -1 in case of an error and might return positive values that indicate the count of found entries Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Wed Aug 24 18:09:11 CEST 2011 on sn-devel-104
2011-08-21s3-winbind: We need to use internal rpc connections in winbind.Andreas Schneider1-2/+2
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Simo Sorce <idra@samba.org>