Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
(This used to be commit bb9c59e892cc9d3047bde89a15cc341e2bd21bc5)
|
|
Guenther
(This used to be commit ae3fa60c4546c7420722d8f422c22bbfd623ff5b)
|
|
Guenther
(This used to be commit 543dfdc1cf6baf60bffc23c6aebc542fd58d2d2e)
|
|
(This used to be commit 541e088656773d2b3b56a5a8bdc8dea6c9edec86)
|
|
(This used to be commit 79103000b13c95325534db749a0da638a3eb1807)
|
|
(This used to be commit 5314f06dcdf14ce5e038a03a3e4dfded227bd00c)
|
|
Guenther
(This used to be commit 15b72d44cbde0b8a375d8ed3d045c40ae97ec05a)
|
|
farm failures when winbindd connects as guest.
This one took a *lot* of tracking down :-).
Jeremy.
(This used to be commit dca827791276906436452c650062164eb819dfe0)
|
|
The call was looking up a uid and not gid in the cache.
(This used to be commit 25293ba1507f8f8fa7e33c302200184e980bb123)
|
|
Fix segv when talking to parent DC (joined to child domain).
The root cause was
(a) storing the parent domain in the cli_state struct caused
the NTLMSSP pipe bind to fail which made us fallover to
the schannel code path
(b) the dcinfo pointer in cm_get_schannel_dcinfo() was returning
NULL even though the function indicated success.
(This used to be commit 5ce4a2ae6697970ea37d0078a506615b4b7a9a9c)
|
|
reconnect code to cope with rebooting a DC. This
replaces the code I asked Volker to revert.
The logic is pretty simple. It adds a new parameter,
"winbind reconnect delay", set to 30 seconds by
default, which determines how long to wait between
connection attempts.
To avoid overwhelming the box with DC-probe
forked children, the code now keeps track of
the DC probe child per winbindd_domain struct
and only starts a new one if the existing one
has died.
I also added a little logic to make sure the
dc probe child always sends a message whatever
the reason for exit so we will always reschedule
another connect attempt.
Also added documentation.
Jeremy.
(This used to be commit 8027197635b988b3dcf9d3d00126a024e768fa62)
|
|
Guenther
(This used to be commit e8619121d16d086f1ab186051d0ecdc83c02e5b5)
|
|
Guenther
(This used to be commit ae35a5110ea03d8ff27f320cdc685e5623715a2a)
|
|
Guenther
(This used to be commit dbfa7ba14c9f1a4d7a1e7205dd0b3ea2fc2e6131)
|
|
Guenther
(This used to be commit b5bb7844952a87b123551b478b60bfe232afc308)
|
|
was asking for a winbindd name to SID lookup of
"Unix Group\name" where "name" was also a valid username,
the winbindd passdb lookup of that name was losing the
domain string info before calling lookup name (ie. lookup_name()
was being called with just the string "name", not the
full string "Unix Group\name").
The passdb backend of winbindd has to cope with
not only names from it's own global SAM domain,
but it does lookups for BUILTIN and "Unix User"
and "Unix Group" also, so making it guess by
losing the domain string is "A Bad Idea" (tm) :-).
Note that as winbind globally calls winbind_off()
at startup, it's safe for winbind to call sys_getgrnam()
to do the "Unix Group" lookup from inside lookup_name().
Jeremy.
(This used to be commit 5293af6c3cbfdde340e6add47b914b6ee6fd7b6f)
|
|
Jeremy, please check & push if it's ok.
(This used to be commit f06070c188d6d2efed3205bbc9c3c290718397b1)
|
|
should never include the user SID.
The comment for the function in winbindd/winbindd_ads.c says
/* Lookup groups a user is a member of. */
The following patch makes the wbinfo calls return the correct data
before and after a login.
wbinfo --user-domgroups and --user-sids
(This used to be commit 7849938906a9c859805cbaeca66fae9d3c515aad)
|
|
This reverts commit 9920473cc165e75ee9aa5cbb9e568eb5fb67e9e6.
(This used to be commit 34a32db9060e7b60455774f923f61b7367ee3fcf)
|
|
(This used to be commit 32b8db27652a66a2ade547a6d27f34d0816f7296)
|
|
(This used to be commit f91a3e0f7b7737c1d0667cd961ea950e2b93e592)
|
|
(This used to be commit 126f4ac8e85458ee4693b89a184b99420f1b6bee)
|
|
fetch mapping.
Michael
(This used to be commit cb4c74c9c206e5a445ca636fa6562ce721ea5839)
|
|
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't delete frep the local db if deleting from the perm db failed.
3. fix wrong interpretation of return value of the local delete
Michael
(This used to be commit 147573d7f6faab0ad90258b6a28c4b9575ccb6ea)
|
|
1. use the return value that idmap_tdb2_open_perm_db() gives us
2. don't write to the local db if writing to the perm db failed.
3. fix wrong interpretation of return value of the local store
Michael
(This used to be commit be8c6b4f2f40014313899b5cbc1da9d390d94fee)
|
|
This is a band-aid for the rather convoluted offline/online mess in winbind
right now. Winbind re-uses the offline functionality that is targeted at domain
client installations on laptops to not overload disfunctional DCs. It uses the
winbind cache timeout as the retry timeout after a DC reboot.
I am using a parametric options because when this mess is cleaned up, that
parameter needs to go away again.
I'd recommend to use something like
winbind:online check timeout = 30
in typical LAN environments. This means a reconnect is attempted every 30
seconds.
Volker
(This used to be commit 9920473cc165e75ee9aa5cbb9e568eb5fb67e9e6)
|
|
(cherry picked from commit 666bf8456ac44cbbbd5524af2bf4fd89e18ddf62)
(This used to be commit 8819c51809cabe6ad0843f3838de53e785a10b47)
|
|
(This used to be commit 257b0401ee675b6b7eddf2b46a0f8115940e6640)
|
|
(This used to be commit 2c27de44269198e22c323191dd4762d1aab81b22)
|
|
(This used to be commit adecc6d91338e7e34afd0672aada5d0e47247a33)
|
|
(This used to be commit 8b9d12714679745b98755e6805e71b75828ce227)
|
|
This was overwritten by "idmap uid/gid" anyway. These are now the range
parameters for the alloc backend.
(This used to be commit d563a7b80dc3e759069db2cd54d596a1b8c55191)
|
|
(This used to be commit 30a180f2fce8cf6a3e5548f6bba453272ba70b33)
|
|
(This used to be commit 1bd98521dc3f16ad77ccccd3979288c58e03ebe8)
|
|
(This used to be commit f955407042e6d2384acccc399d72ff65ba0e721c)
|
|
(This used to be commit a86a6835e2737fdbdf1f36bcd594d4b01a60acb9)
|
|
(This used to be commit 6e885aeabba2265a06b726f567cb14dde12c8ccb)
|
|
in winbind
When a w2k3 DC is rebooted the 139/445 ports come up before the
udp/389 cldap port. During this brief period, winbind manages to
connect to 139/445 but not to udp 389. It then enters a tight loop
where it leaks one fd each time. In a couple of seconds it runs out of
file descriptors, and leaves winbind crippled after the DC does
finally come up
(This used to be commit 57187cafbcc053e75bb54750494df9feabe3a738)
|
|
Guenther
(This used to be commit 0c1efc6c89b1a51a94d10971bf0fc515416709b3)
|
|
(cherry picked from commit 3282f7289b7b33beeaa1ca649651cca6537a69af)
(This used to be commit fc8641443951dc852dc9cf1e73626df452b815f7)
|
|
When SIGCHLD handling is delayed for some reason, sending a request to a child
can fail early because the child has died already. In this case
async_main_request_sent() directly called the continuation function without
properly removing the malfunctioning child process and the requests in the
queue. The next request would then crash in the DLIST_ADD_END() in
async_request() because the request pending for the child had been
talloc_free()'ed and yet still was referenced in the list.
This one is *old*...
Volker
(cherry picked from commit 8691709626b0d461de91b8fc9d10c730d1f183dd)
(This used to be commit c70e2b6476d2d99c79624e15a4a3cfcdc850fc7c)
|
|
(This used to be commit 865ea6fcbc089a03e453709fa54ff2a39c0c168e)
|
|
(This used to be commit 9e49d390f79c6afc8b0efd9664e60602aebaa4f2)
|
|
This fixes various build warnings on our platform. I'm sure I haven't
caught them all, but it's a start.
(This used to be commit 6b73f259cb67d9dda9127907d706f9244a871fa3)
|
|
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 78e9c937ff2d2e1b70cfed4121e17feb6efafda1)
|
|
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit a13f0599551609394904b99e4014d580ec65c506)
|
|
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 9abc9dc4dc13bd3e42f98eff64eacf24b51f5779)
|
|
In reloading the smb.conf, if a "log file" is specified in smb.conf,
winbind children will overwrite the logfile name to be the same as the
parent.
Jeremy.
(This used to be commit 62d319cc1a2ef891866b2ddbd22f3ed0944356af)
|
|
We must not return an error here just because we are offline.
We must instead fix the mappings to the best of our knowledge
(ie mark as mapped, expired ones, and as unmapped, unknown ones)
(This used to be commit 4436272dd4d6cdd223b1dc3d217a97cbe3bc887b)
|
|
(This used to be commit 657a2f20dd4d422d45d7e054f463641cdff16816)
|