Age | Commit message (Collapse) | Author | Files | Lines |
|
opened by an admin user, then used on a pipe handle created
by an anonymous user..... but they're working on security.... riiight !
Jeremy.
(This used to be commit e96e6a60b82b71714120ce7636fa8402007d4b03)
|
|
Jeremy.
(This used to be commit cb89bcc935a39d9ca1ceb07a4ca85f0bda7f65fe)
|
|
a non existent entry. Stop a malloc(0) being called in the first case.
Jeremy.
(This used to be commit 7b841247bda028ce654fb760b932f08ec61c494c)
|
|
(This used to be commit 237875363fe2efd92154e3f362323281a9e0f5da)
|
|
I released the snapshot directly out of HEAD!!!!!
(This used to be commit c70c8e81c85a7a9e32a79287642826e44ec0f1a1)
|
|
(This used to be commit a953c449b4319b03e734ece70322c52c987e3532)
|
|
(This used to be commit ee9cbf58071adb627a49a94c6340aaba330486b5)
|
|
(This used to be commit 9d9f7bbf87bf9a0e003e6da482615fe040d00852)
|
|
(This used to be commit e026b84815ad1a5fa981c24fff197fefa73b4928)
|
|
(This used to be commit da44b196a977b6edf7cdf27e344295ed15d198f7)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
used to be commit 9a5541595f78f2cbba16030552c6e780f6fddcf6)
|
|
(This used to be commit 70d9b71ceaeba95712fa61e601376ff5cc8e7714)
|
|
default) from working.
Andrew Bartlett
(This used to be commit 25950dbb3272949a235bed936c7d7b1d23f15fac)
|
|
for all sorts of AD things in lp_realm(). We need to get some non-Win2k
NTLMSSP and chase this up a bit, but this will do for now.
(Hmm, this might affect NTLMv2 as well)
Andrew Bartlett
(This used to be commit 0e6babc306f60e88fc28705a8d4ad112bafe92cb)
|
|
flag to what we expect. This handles the 'upgrade' from unixsam beter (where
all $ terminated accounts are machines).
Andrew Bartlett
(This used to be commit a198940ea6f7b7f3cba38c5a9f695e0731204583)
|
|
bug reported by metze
(This used to be commit 4aea951102a6e82612560e6a59931fde433ee6ea)
|
|
pdb_ldap and adds a 'ldap passwd sync' option.
The idea with this option is to do allow an ldap backend to do all the fancy
password hashing etc - and to tell smbd no to try and double-up. Using 'ldap
passwd sync = only' will do this, but is not recommended unless such a backend
is in place...
Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd
sync = yes' and having both PAM and pam_ldap correctly configured for 'magic
root' behaviour, but only using ldap connection, and one set of credentials.
This also gets us closer to allowing ldap to say 'password too short' etc,
which might assist in maintaining a consistant password policy.
Andrew Bartlett
(This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
|
|
(This used to be commit 779aea57450db83fa7870e8a35db55d475682519)
|
|
(This used to be commit f0c095875758ef44ed2d25d3ed9d77e5e163b75f)
|
|
add command-line option to samtest to specify alternate config file - use /dev/null
to don't load any config file..
add 'conf' command to load specified config file
(This used to be commit 237883d1e68e99a3ea3df9b6e182c70cb31b2523)
|
|
(This used to be commit d5303d5c080212486329f7e5a65f732e11efbb37)
|
|
that just don't apply any more - now that we always keep username and domain
seperate. Also, the policy it was trying to permit is now implemented by the
auth code.
Andrew Bartlett
(This used to be commit 760c0740cad948665db4a1d462fbbd99332713ef)
|
|
See mx-ldap.sf.net for his current progress.
(This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
|
|
if we ever want to get rid of the magic macros.
(This used to be commit 13f33e466ed31d35221157d6b3a1a05507157b66)
|
|
didn't seem to work properly.
Andrew Bartlett
(This used to be commit c0925b6352ff6135da03edff44e0bbd72c949a20)
|
|
else we can't add to OpenLDAP 2.1
(This used to be commit d9a91a41441c156223760cb356fa997ea7bdbc1a)
|
|
NT_TOKEN and the unix credentials - as we incresingly use the NT stuff we want
to make it easy to check they don't get out of wack.
Andrew Bartlett
(This used to be commit a3882a19254811ace2f9545580c14ce3bd588095)
|
|
back to NTLMSSP. We need to get the password out of the user, and this
eventually does.
Andrew Bartlett
(This used to be commit bb518a3bae3bf91a589021fcc5b1e715247c5ded)
|
|
(This used to be commit 7ce782c20c6b9e515a2fa831315ae14c66d322ee)
|
|
Jeremy.
(This used to be commit cfd1bf250b417f3ba3ad21ff681ab282311bb7eb)
|
|
(This used to be commit 930c6710fe076b52ad21addf5fcda834f85e15a9)
|
|
to make this rebust w.r.t. stored devicemodes.
Jeremy.
(This used to be commit f93a008f09acda2ddaff9857f2fe0c86948539d1)
|
|
Jeremy.
(This used to be commit 38c67632ade40413c0cc2b91e04105e4065a18b7)
|
|
(This used to be commit d312e1c2b44905af87c4d550975eee78dbf2edee)
|
|
Fix bug in enum_domains
Add samtest commands:
- lookup_sid
- lookup_name
- enum_domains
- lookup_domain
(This used to be commit 0c01219850e5d9b77b3b2c0b4b87aa3c82e3292b)
|
|
and domainname
- Allocate sam_methods, set domain_sid, domain_name and backend_name in make_sam_methods_backend_entry instead of in the backend
- Remove sam_context and domain_sid pointers from the sam_init_function - we don't need those arguments anymore since they're
available in sam_methods as well
(This used to be commit 50d2527eed0eb26c16f2f7e28badbf08d771380e)
|
|
getsid, then join as a BDC, and then watch net rpc vampire suck out
the good stuff out of a PDC :-). It's not perfect, but it does quite a
bit for me. Watch out for more.
Volker
(This used to be commit f0d7ac9feb5844c93789344285b1d66f480209ba)
|
|
(This used to be commit 0ad19825df318030b1772404570cd993fe49e40a)
|
|
to a native NT member server. If the logoff time in the samlogon reply
is set to something else but infinity, the tree connect to the member
server comes back with 'bad uid'. In my traces, NT PDC sends
0x7fff.. always. Weird, but true.
I would really like others to double-check this. If you have questions
regarding the setup, feel free to ask!
Thanks!
Volker
(This used to be commit 066b163bde9419d32fe8ffe00c1841107357c138)
|
|
(This used to be commit b53547bf663ed1714326f9b0e74215e012e728af)
|
|
(This used to be commit 08c3e2b824cd2c93ca548fa18ea16a18f5b197e5)
|
|
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.
Volker
(This used to be commit b959419ed38e66a12b63cad3e5fbfa849f952acc)
|
|
(This used to be commit 42774a7753eb8be1ec04bcb5dda089910a1b6d0b)
|
|
Volker
(This used to be commit a1bade0748fa46c6cb00e99d7022b21057679889)
|
|
Volker
(This used to be commit f6ed429838cc0140c0d033875012c7a999891549)
|
|
* merge in AIX fixes from SAMBA_2_2
(This used to be commit 50752f84f24b36332ec4f1ade92dc5a095ac077b)
|
|
(This used to be commit 40aea3fe94b68ce284e2f21e57f086212936c049)
|
|
Volker
(This used to be commit 8c41b5cd1b8b0c2639def9552bd20b8aca39785c)
|
|
in via deltas, we need a way to set a user's primary group.
Volker
(This used to be commit 9f7a16acf1b1f3b100b85339aad8268254512e68)
|