summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2011-02-10s3: give ../librpc/ndr/util.c its own header.Günther Deschner1-0/+1
Guenther
2011-02-09s3: Fix some nonempty blank lines and some typosVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Feb 9 00:01:45 CET 2011 on sn-devel-104
2011-02-08pam: share pam errors in a common location.Günther Deschner1-0/+1
Guenther
2011-02-04s3-winbindd: let winbind try to use samlogon validation level 6. (bug #7945)Günther Deschner3-2/+59
The benefit of this that it makes us more robust to secure channel resets triggered from tools outside the winbind process. Long term we need to have a shared tdb secure channel store though as well. Guenther Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Feb 4 18:11:04 CET 2011 on sn-devel-104
2011-02-04s3:winbindd: fix segfaults on addrchange errors and make DEBUG() statements ↵Stefan Metzmacher1-3/+6
more usefull metze
2011-02-03Fix value overflow (one too many 'f's ).Jeremy Allison1-1/+1
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Feb 3 03:35:32 CET 2011 on sn-devel-104
2011-02-02s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_rpc.c.Günther Deschner1-7/+12
Guenther
2011-02-02s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_samr.c.Günther Deschner1-13/+25
Guenther
2011-02-02s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbind_cm.cGünther Deschner1-29/+35
Guenther
2011-02-02s3: Fix a typoVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Feb 2 18:10:45 CET 2011 on sn-devel-104
2011-02-02s3:winbindd: catch lookup_names/sids schannel errors over ncacn_ip_tcp (bug ↵Stefan Metzmacher1-0/+28
#7944) If winbindd connects to a domain controller it doesn't establish the lsa connection over ncacn_ip_tcp direct. This happens only on demand. If someone does a 'net rpc testjoin' and then a wbinfo -n DOMAIN\\administrator, we'll get DCERPC faults with ACCESS_DENIED/SEC_PKG_ERROR, because winbindd's in memory copy of the schannel session key is invalidated. This problem can also happen on other calls, but the lookup_names/sids calls on thet lsa ncacn_ip_tcp connection are the most important ones. The long term fix is to store the schannel client state in a tdb, but for now it's enough to catch the error and invalidate the all connections to the dc and reestablish the schannel session key. The fix for bug 7568 (commit be396411a4e1f3a174f8a44b6c062d834135e70a) made this worse, as it assumes winbindd's in memory session key is always the current one. metze
2011-02-02s3: Remove superfluous ;Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 15:44:21 CET 2011 on sn-devel-104
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_msrpc.c.Günther Deschner1-24/+59
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 14:14:43 CET 2011 on sn-devel-104
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_pam.c.Günther Deschner1-13/+37
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_rpc.c.Günther Deschner1-58/+134
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_samr.c.Günther Deschner1-43/+92
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in invalidate_cm_connection.Günther Deschner1-3/+6
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in cm_connect_sam.Günther Deschner1-13/+35
Guenther
2011-02-02s3-winbind: use status variable name in cm_connect_sam.Günther Deschner1-33/+33
Guenther
2011-02-01s3: Send a dropped_ip message if we lose an IPVolker Lendecke1-0/+85
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Feb 1 15:59:17 CET 2011 on sn-devel-104
2011-01-31Revert "s3:events: Call all ready fd event handlers on each iteration of the ↵Stefan Metzmacher1-3/+3
main loop" This reverts commit 455fccf86b6544cd17a2571c63a88f8aebff3f74. I'll add a more generic fix for this problem. metze
2011-01-28s3: inline get_uid_from_stateVolker Lendecke1-6/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Jan 28 23:38:16 CET 2011 on sn-devel-104
2011-01-28s3: Lift winbindd_cli_state from fillup_password_policyVolker Lendecke1-4/+6
2011-01-28s3: Do not use state->mem_ctx in fillup_password_policyVolker Lendecke1-4/+8
2011-01-28s3: Lift winbindd_cli_state from winbindd_dual_pam_auth_samlogonVolker Lendecke1-21/+27
2011-01-28s3: Lift winbindd_cli_state from winbindd_raw_kerberos_loginVolker Lendecke1-18/+26
2011-01-26s3-winbind: share a common winbind_samlogon_retry_loop().Günther Deschner1-168/+147
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 26 12:41:14 CET 2011 on sn-devel-104
2011-01-26Revert "s3: These assignments are overwritten immediately"Günther Deschner1-0/+4
This reverts commit 18962ea3852d0d0fc7371e99813bebd54fae0a19.
2011-01-26Revert "s3-winbind: fix winbindd_dual_pam_auth_samlogon() for NT4 domains."Günther Deschner1-1/+0
This reverts commit cea36aeacf8778493463f31e6afc3f58384639e2.
2011-01-24s3-winbind: fix winbindd_dual_pam_auth_samlogon() for NT4 domains.Günther Deschner1-0/+1
After failing the netr_LogonSamLogonEx, we failed to retry with netr_LogonSamLogon. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 24 12:35:42 CET 2011 on sn-devel-104
2011-01-21s3-rpc_client: Rename get_query_dispinfo_params.Andreas Schneider1-3/+3
2011-01-21s3:winbind: Fork multiple children per domainVolker Lendecke22-28/+92
This makes us scale better with many simultaneous winbind requests, some of which might be slow. This implementation breaks offline logons, as the cached credentials are maintained in a child (this needs fixing). So, if the offline logons are active, only allow one DC connection. Probably the offline logon and the scalable file server cases are separate enough so that this patch is useful even with the restriction.
2011-01-21s3:winbind: Protect against invalid winbindd_cache entries in lookupridsVolker Lendecke1-1/+2
2011-01-19s3: Add wbinfo --dc-infoVolker Lendecke4-0/+148
wbinfo --dc-info prints the current DC name and IP address. This helps diagnosing problems that might happen when a later wbinfo --ping-dc fails. This patch started out by using the SAF and NBT cache entires, but those are relatively short-lived. So I decided to invent a new gencache entry with a very long timeout. We need to go via the gencache because when for some reason a winbind child process is stuck, we can't query it for the current DC it's connected to. This must eventually go away again when we have a fully async winbind. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jan 19 08:40:28 CET 2011 on sn-devel-104
2011-01-19s3-winbind: no need to include ../librpc/gen_ndr/cli_lsa.h inGünther Deschner1-1/+0
winbindd/winbindd_msrpc.c. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 19 00:37:46 CET 2011 on sn-devel-104
2011-01-13s3-winbind: prefer dcerpc_netr_X functions.Günther Deschner4-28/+61
Guenther Signed-off-by: Andreas Schneider <asn@samba.org>
2011-01-11s3:winbindd: use ndr_wbint_c.h instead of cli_wbint.hStefan Metzmacher30-30/+30
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jan 11 15:40:22 CET 2011 on sn-devel-104
2011-01-11s3:winbindd: use ndr_dssetup_c.h instead of cli_dssetup.hStefan Metzmacher1-1/+1
metze
2011-01-07s3: Remove some unused codeVolker Lendecke1-44/+0
2011-01-07s3: Use the new nbt_getdc in winbindd_cmVolker Lendecke1-23/+9
2011-01-07s3: Make name_query use /tmp/.nmbd/unexpectedVolker Lendecke1-10/+3
2011-01-07s3: Make node_status_query use /tmp/.nmbd/unexpectedVolker Lendecke1-7/+1
2011-01-04s3:winbindd: use dcerpc_dssetup_DsRoleGetPrimaryDomainInformation()Stefan Metzmacher1-1/+4
metze
2011-01-03s3:winbindd/idmap_ad.c: update my CMichael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Mon Jan 3 09:19:07 CET 2011 on sn-devel-104
2011-01-03s3:winbindd/idmap_util.c: add my CMichael Adam1-0/+1
2011-01-03s3:winbindd/idmap.c: add my CMichael Adam1-0/+1
2011-01-02s3:idmap_ldap: remove special handling of alloc secret (not used any more).Michael Adam1-11/+8
2011-01-02s3:idmap_ldap: remove unused idmap_ldap_alloc_context.Michael Adam1-7/+0
2011-01-02s3:idmap_ldap: remove alloc context member from ldap_idmap_contextMichael Adam1-1/+0
2011-01-02s3:idmap_ldap: remove use of alloc context from idmap_ldap_allocate_id().Michael Adam1-16/+10