summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2010-12-19s3: Use the right uid winbindd_raw_kerberos_login()Volker Lendecke1-1/+1
2010-12-19wb_reqtrans is not used in libwbclientVolker Lendecke2-2/+2
2010-12-19libwbclient: Put the wb_reqtrans definitions into wb_reqtrans.hVolker Lendecke2-2/+2
2010-12-19s3: wcache_invalidate_samlogon only needs the SIDVolker Lendecke3-12/+15
2010-12-19s3: netsamlogon_clear_cached_user only needs the SIDVolker Lendecke1-1/+1
2010-12-19s3: Fix some typosVolker Lendecke1-1/+1
2010-12-10s3-winbind Improve memory handling in NTLMv2-backend plaintext authenticationAndrew Bartlett1-17/+6
Andrew Bartlett
2010-12-10s3-winbind Don't send the LM password to the server, everAndrew Bartlett1-11/+1
This is for the case where we have the plaintext password locally, and can construct the challenge-response values here. We should never ever use the LM password in domain authentication. The last domain controller to only have LM passwords stored was NT 3.5. Andrew Bartlett
2010-12-06s3: Fix bug 7844: Race in winbindVolker Lendecke1-4/+8
If a child dies, the parent process right away closes the socket. This is wrong, with tevent we still have events pending. This works fine for epoll but does not for at least the FreeBSD select variant. Tevent sticks a closed socket into the select masks. This then returns an error EBADF. When this happens, the parent winbind dies instead of forking a new child. This moves the socket close from the SIGCHLD cleanup function to the socket receiver. I could not reproduce the parent death anymore and it did not create an obvious fd leak. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Dec 6 23:21:02 CET 2010 on sn-devel-104
2010-12-06s3: Fix bug 7842: WINBIND_LOOKUPRIDS does not return the proper domain nameVolker Lendecke2-1/+4
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Dec 6 21:18:07 CET 2010 on sn-devel-104
2010-12-06s3: Fix bug 7841: WINBINDD_LOOKUPRIDS asks the wrong domainVolker Lendecke1-1/+1
2010-12-06s3: Fix bug 7843: Expand the local SAMs aliasesJeremy Allison1-2/+2
2010-12-01s3-waf: avoid module name uppercasing.Günther Deschner1-32/+32
This finally allows mixed case module names like the classic build (./configure --shared_modules=charset_CP850) Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Dec 1 18:39:14 CET 2010 on sn-devel-104
2010-11-30s3-waf: convert IDMAP_AD into a subsystem.Günther Deschner1-4/+12
Guenther
2010-11-30s3-waf: convert IDMAP_HASH into a subsystem.Günther Deschner1-2/+8
Guenther
2010-11-30s3-waf: convert IDMAP_ADEX into a subsystem.Günther Deschner1-2/+8
Guenther
2010-11-30s3: Fix bug 7832Volker Lendecke1-0/+2
Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Nov 30 14:39:34 CET 2010 on sn-devel-104
2010-11-27s3: Return the correct result from winbindd_dual_auth_passdbVolker Lendecke1-2/+3
2010-11-26s3: Fix filling in the pam_auth_crap domain nameVolker Lendecke1-15/+6
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Nov 26 14:43:20 CET 2010 on sn-devel-104
2010-11-24s3:winbind correct a copy&paste errorChristian Ambach1-3/+3
negative results of sid->gid lookups should be stored with idmap_cache_set_sid2gid instead of idmap_cache_set_sid2uid This seems to be a copy&paste error when similar logic from the sid2uid path was copied here in 84b88f4b. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Nov 24 16:53:01 CET 2010 on sn-devel-104
2010-11-22s3: Use sid_check_is..Volker Lendecke1-2/+2
2010-11-19s3: Remove some unused codeVolker Lendecke2-44/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Nov 19 11:21:00 CET 2010 on sn-devel-104
2010-11-18s3: Call sid_check_is_domain instead of dom_sid_equalVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Nov 18 15:32:32 UTC 2010 on sn-devel-104
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_auth_dataVolker Lendecke1-13/+14
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Nov 17 12:02:34 UTC 2010 on sn-devel-104
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_info3_as_txtVolker Lendecke1-28/+29
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_afs_tokenVolker Lendecke1-8/+6
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_info3_as_ndrVolker Lendecke1-4/+5
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_unix_usernameVolker Lendecke1-6/+6
2010-11-17s3: Remove a reference to "winbindd_cli_state" from append_auth_dataVolker Lendecke1-11/+11
2010-11-17"bool ? true : false" is a bit pointlessVolker Lendecke1-2/+1
2010-11-17s3: Move parse_sidlist to the only calling fileVolker Lendecke3-44/+42
2010-11-17s3: Remove some unused codeVolker Lendecke2-23/+0
2010-11-14Fix the unexpected.tdb database problem. Change nmbd to store theJeremy Allison1-1/+6
transaction id of packets it was requested to send via a client, and only store replies that match these ids. On the client side change clients to always attempt to ask nmbd first for name_query and node_status calls, and then fall back to doing socket calls if we can't talk to nmbd (either nmbd is not running, or we're not root and cannot open the messaging tdb's). Fix readers of unexpected.tdb to delete packets they've successfully read. This should fix a long standing problem of unexpected.tdb growing out of control in noisy NetBIOS envioronments with lots of bradcasts, yet still allow unprivileged client apps to work mostly as well as they already did (nmblookup for example) in an environment when nmbd isn't running. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
2010-11-14Move error reporting of messaging context creation fail intoJeremy Allison2-1/+10
the daemons themselves. Allows client utilities to silently fail to create a messaging context due to access denied on the messaging tdb (which I need for the following patch). Jeremy.
2010-11-08Second part of fix for bug #7777 - When requesting lookups for BUILTIN sids, ↵Jeremy Allison1-1/+3
winbindd allocates new uids/gids in error. Ensure we return after calling passdb for SID lookups for which we are authoritative. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Nov 8 22:24:34 UTC 2010 on sn-devel-104
2010-11-08First part of fix for bug #7777 - When requesting lookups for BUILTIN sids, ↵Jeremy Allison1-0/+10
winbindd allocates new uids/gids in error. Ensure idmap_init_passdb_domain() correctly initialized the default domain first. Jeremy.
2010-11-08s3-waf: add idmap_autorid to the build.Günther Deschner1-0/+9
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Nov 8 14:17:27 UTC 2010 on sn-devel-104
2010-11-08s3: Fix an uninitialized variableVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Nov 8 13:22:06 UTC 2010 on sn-devel-104
2010-11-08s3:idmap: add a new ID mapping module autoridChristian Ambach1-0/+471
This is an initial implementation of the idmap_autorid module. It works similar to the idmap_rid module but requires less configuration. It will automatically pick ranges for each domain, so you do not have to bother any more about adding an idmap configuration for all of the domains in the forest. This is very easy to use and to configure and much more deterministic and faster than idmap_tdb, the typical choice of Samba users up to now.
2010-11-08s3:winbind add wcache_tdc_fetch_domainbysidChristian Ambach2-0/+53
add a function to lookup a domain in the winbind cache by domain SID
2010-11-08s3: Put some parentheses around conditionalsVolker Lendecke1-2/+2
2010-11-08s3: Consistently use stdbool types in new codeVolker Lendecke1-11/+11
2010-11-08s3:winbind add timeouts to winbind cacheChristian Ambach1-14/+57
This adds a timeout value to cache entries and the NDR records in the winbind cache. The previous approach of just comparing the sequence number has some issues, e.g. when retrying a wbinfo -n operation for a user in a not yet trusted domain was always failing even after the trusted domain was added. The new approach compares sequence number and timeout value to determine if a cache entry is still valid or not. I increased the cache version number so an old cache will be wiped automatically after upgrade.
2010-11-05s3: Remove some duplicate prototypesVolker Lendecke1-16/+0
2010-11-03s3: Fix a getgrent crash with many groupsVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Nov 3 12:58:49 UTC 2010 on sn-devel-104
2010-11-02s3: Fix a typo in a DEBUG msgVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Nov 2 13:13:39 UTC 2010 on sn-devel-104
2010-11-02s3-debug Impove setup_logging() to specify logging to stderrAndrew Bartlett1-1/+5
This change improves the setup_logging() API so that callers which wish to set up logging to stderr can simply ask for it, rather than directly modify the dbf global variable. Andrew Bartlett
2010-11-01s3:winbindd: fix query_user for users with NULL full name.Michael Adam1-1/+3
Not sure whether query_user ever sends a NULL full name. Query Display Info does, and it does not harm to add the check here, too. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Mon Nov 1 13:03:33 UTC 2010 on sn-devel-104
2010-11-01s3:winbindd: fix query_user_list for users with NULL full_nameMichael Adam1-1/+3
2010-10-20s3: Use any_nt_status_not_ok in winbindVolker Lendecke19-95/+19