Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit b2443f6fca5840584926b7481acf1975507c445e)
|
|
as it doesn't do a traversal.
Jeremy.
(This used to be commit 4bf4ee3f14a690592fa2e1b800fc0344522e6b30)
|
|
(This used to be commit d00f461f43558c8ef942df305bcc2c89060b4800)
|
|
(This used to be commit ea76a687fc2614912fd6b0458622495f9920749e)
|
|
extreme condition...
Jeremy.
(This used to be commit 425bb0f40526b4eb17a3033892ca907b1d5293a4)
|
|
'net' command.
This also gets us 'net rpc user add'.
Andrew Bartlett
(This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
|
|
(This used to be commit e1b940c91b748230664544fd9191123247dd1f24)
|
|
(This used to be commit 64bf8f81c49744fc0653db655e457981f3bcbac2)
|
|
If you do not have one more expect than issue when talking to the passwd
program you will not send the last issue.
(This used to be commit 8aafec95cba0e8a002d20c4c0055a01690879f7a)
|
|
tridge, martin, if you think it's wrong , you can revert it.
J.F.
(This used to be commit f057d62aae620b042903dae61a19628cb57aba39)
|
|
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
(This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
|
|
Jeremy.
(This used to be commit 9b7182a9da24b53f3501f6562dc66bed67fb9133)
|
|
Jeremy.
(This used to be commit 837f2b961b1e7dcd6998f36d58d2059290e89e18)
|
|
(This used to be commit 3dbb5dfcfb29671f136d1ed6c865362eaf027446)
|
|
(This used to be commit 58cfea3c2aba5a8309e4084ec8df0cfcb48a4075)
|
|
(This used to be commit 0c22a10d738041b3dc0c92d8ea060a86de769563)
|
|
winbindd/ADS can now do initgroups()
(This used to be commit 43edeaca9f3a42699131939ed0d917111f57b678)
|
|
(This used to be commit bc83d55f4400cdcdfed44622954f11580b6d2f87)
|
|
(This used to be commit fc176f15f27686049453552219b56b9de33ceffa)
|
|
as it was, and add tdb_open_ex() which takes a log callback. I guess
this makes more sense since it's a public interface.
(This used to be commit 391a65395e6cdc0300f81eb1072a3366cacd1203)
|
|
- tdb_open api changed so that you now pass an error handling
callback when opening the file, so that errors detected during
opening have somewhere to go. (All calls from the body of Samba to
this function go through a wrapper in tdbutil, which has been
updated.)
- Clean up logic for deciding how to open tdb. Emit log messages if
something goes wrong (e.g. bad magic.)
- tdbtool now logs errors to stderr.
(This used to be commit 0aa800618eab1043d802c04fb1d125cd07936769)
|
|
:)
(This used to be commit cee58f10974b55ead68362166d12285568feeb23)
|
|
(This used to be commit 689f45d2079d06b09947b2cdd314867df98c938d)
|
|
(This used to be commit e908f304a26b9f1100e301610151a9334bf117b0)
|
|
fixed a winbindd crash when the group membership can't be looked up
(This used to be commit 088f4cc5be4a1a38781e4d019146d53993ed8c6f)
|
|
(This used to be commit 660238adcad8abb3f9a1e67eb81419618db77f3d)
|
|
(This used to be commit ea5d2857217b860da7e53bc6e8ccfe48a2b3620e)
|
|
However this looks like the best spot to init the account policy db...
(fix segfaults on all local smbpasswd ops)
Andrew Bartlett
(This used to be commit 3f3bb62ba63373c3cdf2495f97c7461ed5b373ef)
|
|
Jeremy.
(This used to be commit 5215bcca15f2cfbe438ac62cbaf94afae63ce993)
|
|
This kills off the offending code in smbpasswd -j -Uab%c
In the process we have changed from unsing compelatly random passwords
to random, 15 char ascii strings. While this does produce a decrese in
entropy, it is still vastly greater than we need, considering the application.
In the meantime this allows us to actually *type* the machine account
password duruign debugging.
This code also adds a 'check' step to the join, confirming that the
stored password does indeed do somthing of value :-)
Andrew Bartlett
(This used to be commit c0b7ee6ee547dc7ff798eaf8cb63fbe344073029)
|
|
PDC, as well as changes for correctness as per tridge.
Andrew Bartlett
(This used to be commit 16d302c5cc0da93a58e0ce10843f9c8d8062c689)
|
|
(as per tridge's instructions)
(This used to be commit 0692d792f24f1c82c69532e50a6c4373c9a8b476)
|
|
(This used to be commit 153c4a56b0b5473a1efb208551f36480cdb5d264)
|
|
(This used to be commit e9085129ddf15d499d77c77694c05b028593718c)
|
|
a group name.
Jeremy.
(This used to be commit b926660e73d4c94c30ec5a365027770acdafe25e)
|
|
Jeremy.
(This used to be commit 708c0a8d16ca86439e451def5f8d37f600ff15f1)
|
|
database, but no underlying system call sets errno.
The particular case I had was a mangled .tdb, but there are others.
For this one, set EIO. It's a shame Unix messages aren't more
detailed -- "bad data format" would be better.
(This used to be commit 5630a988be05c21b60aba6304d4aaadce6024817)
|
|
winbindd. Getting ready for efficiency fix in group lookups.
Jeremy.
(This used to be commit 8d41dfd149625e8ac53ab5e90a96e9a2daf9a629)
|
|
(This used to be commit 9f5d7e8a04c36395570247bc5e1b7b3fc5d1a322)
|
|
session setup
(This used to be commit c7665706cd5633ede710afe41413624124038238)
|
|
Jeremy.
(This used to be commit 2a7bd621b400173d61bb0adab3eded0baeb48d0b)
|
|
You can change them with either usermanager->policies->account
or from a command prompt on NT/W2K: net accounts /domain
we can add a rpc accounts to the net command. As the net_rpc.c is still
empty, I did not start. How should I add command to it ? Should I take the
rpcclient/cmd_xxx functions and call them from there ?
alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more
for jeremy ;-)
J.F.
(This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
|
|
(This used to be commit 80010d80f93cfb32c53a1720c7564fb080846f35)
|
|
I spent quite a while trying to work out how to make this call
via ldap and failed. I then found that MS servers seem use rpc
for sid_to_name, and it works even when in native mode, I ended
up just implementing it via rpc
(This used to be commit 789833b44e342c0b5de463ed8f9b5f7474a99f27)
|
|
(This used to be commit 816e40a51af80a7f703c0451304de406deab3dd8)
|
|
(This used to be commit 359ca8f246c46b1700418fe0226458023f808d67)
|
|
(This used to be commit 514bc61daa3f6d11dadac1baed5a5bf61313b1f9)
|
|
(This used to be commit c8339ce5c88a371728a329d0e80266fe41c00fee)
|
|
'net' untility.
This should make it easier to port rpcclient code across to net.
It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse
it kills off the early destruction of the clear-text password.
Andrew Bartlett
(This used to be commit eee925861a3af3aa16efa3b1700a980c9510c14e)
|
|
Andrew Bartlett
(This used to be commit 8dbd9702d829eaefcdab8e3f8a4750befa884234)
|