Age | Commit message (Collapse) | Author | Files | Lines |
|
toolset.
In 3.0.23 all those commands have been limited to the DC of our primary
domain. Also distinguish calls that may go to remote DCs (search, info,
lookup, etc.) from those that should only go to our primary domain
(join, leave, etc.).
Guenther
(This used to be commit d573e64781667993478a289580fa65c34e847f64)
|
|
deleted).
Jeremy.
(This used to be commit 58e5e270d2957cdf07c29757a83b53f73372d62a)
|
|
(This used to be commit 1d928f783a78b3e957b675f12f1ad56e84c2fcfb)
|
|
(This used to be commit 8c6088f2bd0a5e3a854a31fe428d841d61055a30)
|
|
(This used to be commit 03e9924f5c82537ca72c03e3b0f70ea002e76934)
|
|
login.
Found that because I want to play around with setsharesecurity, for this I
need the "whoami" call figuring out the SID of the currently connected user.
Not activating this test yet until the build farm has picked up the new samba4
revision.
Volker
(This used to be commit 5cfe482841b77208b68376f9e2b8a4a62271f7c9)
|
|
(This used to be commit 2e7afa9e19b117d7a8ce1238c1b9b80ececec729)
|
|
(This used to be commit c0d9114706345c6bc1fa392bbf9ee81b146cba85)
|
|
Jeremy.
(This used to be commit a8df1863bf2817a82a55c816ba1f685828c5b6ec)
|
|
requests. Maybe the Linux kernel OOM killer will
be kinder to smbd now :-). Back to tdbtorture
tests on cifsfs.
Jeremy.
(This used to be commit 1201383e7ab2413795a395491af0a4d3877b1c8b)
|
|
Fix a small one first.... (easy to valgrind).
Jeremy
(This used to be commit 43d24fbd41ed745a5b21514b526e655663c509ee)
|
|
pstrings.
Volker
(This used to be commit c5e393d5eda4e13a844171d9ff319d1f1bac3d84)
|
|
not a dozen
or so. Next step will be to eliminate the explicit snum reference.
Volker
(This used to be commit 6e98f8d6c6cc126b0d27ac574c128be96e50abf3)
|
|
> r16959 | vlendec | 2006-07-11 23:10:44 +0200 (Di, 11 Jul 2006) | 1 line
>
> get_share_security does not need snum, activate RPC-SAMBA3-SRVSVC
Volker
(This used to be commit c89471e15766fcdbfa4f40701e12c19f95c2d8ef)
|
|
(tdbtool still fails).
Jeremy.
(This used to be commit 50dbb66d73c8c25755e675876dd55000ca8bfd12)
|
|
branches simultaneously.....
Jeremy.
(This used to be commit 13e7fe540acf575c3b4503050a25cbe4d30b8835)
|
|
(This used to be commit 6eb77442a570b4ef3bb71dd5a1b7ea81ad18f09c)
|
|
(This used to be commit 19d02690002a35cb6e0204db236d2b768e48c6d8)
|
|
(This used to be commit 07c67fbfc0790169ee748c0e62da14c89d3add23)
|
|
Patch from Dietrich Streifert <dietrich.streifert@visionet.de>
(This used to be commit 8d6218825827a54ca69e462c00a3dc9e25ef3ddf)
|
|
If no winbind is around, the best we can do to get the user's token correct is
to ask unix via create_token_from_username. More investigation is needed if
this also fixes the +groupname for unmapped groups problems more cleanly.
Volker
(This used to be commit f6e3ee147ffde572532fb44b619dda01388d4a31)
|
|
Volker
(This used to be commit 7a629118ee6f468505172147724f7f532f0f4a4f)
|
|
See the comment in the patch for the reason.
Volker
(This used to be commit 5e07ab750af3744e1ee5bfc813d5c6532aff4ecb)
|
|
Andrew Bartlett
(This used to be commit ed51b6293b7577cb2d9e661a8491606abf349406)
|
|
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
|
|
check this is your new code.
Jeremy.
(This used to be commit 144067783d1c56b574911532f074bdaa7cea9c6e)
|
|
We shouldn't allow this on the same smbd, but the cifsfs
client negotiates POSIX locks then sends Windows ones.
Doh ! Can't fix shipped client code....
Jeremy.
(This used to be commit 2f8cabe98d3776cb0bdf6b4ef1490fe0119e260a)
|
|
to be more robust in the precense of more broken /etc/hosts files when determining our fwdn
(This used to be commit 6413df8348829659807c0c30e6eaef511815e0ed)
|
|
used.
Jeremy.
(This used to be commit 738b99078c6e0ececa6c0268258510a4e97f84e7)
|
|
look at the return code.
Jeremy.
(This used to be commit f11933b3ac91c6fbacd6b410f4d2c0d400df23ee)
|
|
obey blocking/non-blocking request for POSIX locks.
Jeremy.
(This used to be commit f62c01316ef3ce0351f8b34229307a75d8f9f156)
|
|
Hopefully will fix the build farm. Still a few errors
in RAW-LOCK to look at though...
Jeremy.
(This used to be commit edd72d37de570fdad09f7ee983b5b22a1613e558)
|
|
cifsfs client code.
Jeremy.
(This used to be commit 53094435d89088124041d57078c21a12e761e2bf)
|
|
in POSIX mode (clitar needs fixing too). Add test
posix lock/unlock commands.
Jeremy.
(This used to be commit 596497ccc250896025253be1d67711d6d7f059f0)
|
|
fact that check_path_syntax() will convert '\\' characters to '/'.
When POSIX pathnames have been selected this doesn't happen, so we
must look for the unaltered separator of '\\' instead of the modified '/'.
Stevef please check this with the CIFSFS MS-DFS code !
Jeremy
(This used to be commit 883bb398e58f54ee79160487b49b79a4774ef939)
|
|
to be selected.
Jeremy.
(This used to be commit 2d8d4bd77bac6f5e7865657e12affd8b94aa85c3)
|
|
(This used to be commit 083ef11cc9be8f1299f233bde194173e092e2c3c)
|
|
when fetching the DES salting principal
(This used to be commit baf554c7934cbd591635196453c19d402358e073)
|
|
(This used to be commit bf701f51294dacd0d4077b5304772c40119460eb)
|
|
Reuse can_create() to prevent renameing a group to
an existing user or group.
(This used to be commit ce7091fda1eb3c7ea0900f455cec48c3b95a17f6)
|
|
(This used to be commit 7d619f127ee70fdd486ffaab4546a53d76a2288c)
|
|
Major points of interest:
* Figure the DES salt based on the domain functional level
and UPN (if present and applicable)
* Only deal with the DES-CBC-MD5, DES-CBC-CRC, and RC4-HMAC
keys
* Remove all the case permutations in the keytab entry
generation (to be partially re-added only if necessary).
* Generate keytab entries based on the existing SPN values
in AD
The resulting keytab looks like:
ktutil: list -e
slot KVNO Principal
---- ---- ---------------------------------------------------------------------
1 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
2 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
3 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
4 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
5 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
6 6 host/suse10@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
7 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32)
8 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5)
9 6 suse10$@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5)
The list entries are the two basic SPN values (host/NetBIOSName & host/dNSHostName)
and the sAMAccountName value. The UPN will be added as well if the machine has
one. This fixes 'kinit -k'.
Tested keytab using mod_auth_krb and MIT's telnet. ads_verify_ticket()
continues to work with RC4-HMAC and DES keys.
(This used to be commit 6261dd3c67d10db6cfa2e77a8d304d3dce4050a4)
|
|
being used.
Jeremy.
(This used to be commit 441c289fd21d00398fb7c4c7c0338b03129a7545)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
Thanks to Bjoern Jacke for the report and test-case.
Guenther
(This used to be commit f2ebc0e3de396f44f49dabbfe42cb3ad1c1a7ec1)
|
|
Guenther
(This used to be commit df10448e2c6166d1c129c2d9a9a74c5b4a42555f)
|
|
Guenther
(This used to be commit 4121ccfc3e39001d5b7b8288e3bc27d919f79167)
|
|
(This used to be commit 84913caebdb461fed2c94fadfa0039b32a83cb6d)
|
|
this is
what svn is for.
The idea is that we fall back to a pure unix user with S-1-22 SIDs in the
token in case anything weird is going on with the 'force user'.
Volker
(This used to be commit 9ec5ccfe851ac8a1f88b88c8c8461a5cf75b4c57)
|
|
sid_check_is_in_our_domain cases.
Volker
(This used to be commit dc403cec88d91fdeb09cbd04321d88bbdc0f490c)
|