Age | Commit message (Collapse) | Author | Files | Lines |
|
needed a flags fields as you get 0x0000 0010 and 0x0000 001f unknown
values for different purposes, no-one's going to tell us what they
are and i don't CARE!
(This used to be commit aabb4b3bc5119ef317b5697ae6fcf5d36c2d474e)
|
|
- samr_enum_dom_users, the first 4 bytes is some sort of garbage,
nt5-beta2 clears them out to zeros whereas nt4 does not.
fixed bug where we were assuming that the first 4 bytes of a
response _had_ to be non-zero.
- cli_lsarpc.c: forgot to append the rid on the lsa_lookup_names()
client call.
- added in "addaliasmem" and "addgroupmem" commands. the addaliasmem
command actually turned out to be a "delaliasmem" :-) :-)
- parse_lsa.c: moved assert array check to after the size of useable
array space is set...
(This used to be commit 165b15a8cacc4bc7cf8cc0b9aaabb6b92cef7fdb)
|
|
- renamed do_lsa_xxx to lsa_xxx
- added "enumgroups [-m]" command, enumerates groups, shows members.
- added cmd_sam_add_groupmem(), need to call these in rpcclient.c
- added cmd_sam_add_aliasmem(), need to call these in rpcclient.c
- modified "enumaliases [-m]" command
- improved "enumgroups" and "enumaliases" to display names not just RIDS/SIDs.
- renamed "samr_unknown_12" to "samr_lookup_rids".
- added the following client-side functions:
get_samr_query_groupmem()
get_samr_query_aliasmem()
get_samr_query_groupinfo()
samr_enum_dom_groups()
samr_enum_dom_aliases()
samr_add_aliasmem()
samr_add_groupmem()
- improved display output (display.c)
(This used to be commit eacc5e581af2b4de24186b9be3238b352c54effe)
|
|
(This used to be commit 4771d5451b49375cc2fd4246d7d746b0d03cd5ba)
|
|
renamed do_samr_xxxx to samr_xxxx.
(This used to be commit 1e5d81c154740349a2cda4c1892b33a21c0683a8)
|
|
DB API
(This used to be commit ef58e48bc9af338ed6c734205d4faf82371284ac)
|
|
nmbd and smbd. nmbd is now client: smbd is solely responsible for
creating sam_name.SID
(This used to be commit 50fa4822df679b4d54b5a868179594ec087e811f)
|
|
(This used to be commit 81be1e60764d380adf47737552659854d94ca626)
|
|
(This used to be commit 13a656b0e5c73e157b222765fb57a1bdafc67b80)
|
|
jean-francois' going to get annoyed, again.
andrew's going to threaten to take cvs access away, again.
missed compilation of this file when updating sam_unknown_12 call.
(This used to be commit 74f826af36a7af4e91f9325d11ef8432d343c3bd)
|
|
(This used to be commit e39c0c76ae52bbd4539f8f254e78566a5511efc1)
|
|
query.
domain groups now work, hurrah! only thing is that the description is
one character long, don't know why (which is wierd in itself).
(This used to be commit 78a86c64960a7823b0db8b7bebfffabb4a5ba864)
|
|
(This used to be commit 9bce7340d60a49594f67cc3c6cc6119b33a5358a)
|
|
(This used to be commit a74b6dcc76794c1fe350d6906f156fdf5189e18b)
|
|
(This used to be commit 9266137fcb87b6e4b2cc45a55341ebaa69c594b7)
|
|
(This used to be commit 779a7aa30d4b8a3c8ca1d817a3fd9886c0437def)
|
|
being able to use next_token() outside of string_to_sid calls.
use strchr instead
(This used to be commit 1c478ca1723558cc5dde693b4abacb56bd98cd43)
|
|
complaint about confusion because both the HEAD and SAMBA_2_0 reported
the same version info.
(This used to be commit 195b860b46b78a6a2dd83909477dbc2e9af8f845)
|
|
rid is needed not the name (see DOMAIN_GRP_MEMBER) decided to go home.
(This used to be commit 9337049dfc98becfa74522d418dae64a97c7a304)
|
|
need to check, when looking up group members, that a group member is
a unix user [being mapped to an nt user] FIRST then if that fails
check that a group member is a unix group [being mapped to an nt group].
why? because you can have group names in a unix /etc/group file with
the same name as users.
this _might_ be a problem...
(This used to be commit 585d47644d3d709ccdfd5135c5f77166b609eb3b)
|
|
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
|
|
(This used to be commit f7f2516df46dde1671235f788f7689c93d9395ae)
|
|
(This used to be commit bfb75e58ced1082d3bb7d6b3f3367d50a0ca26ea)
|
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
modified map_nt_and_unix_names() to never refuse a mapping (returns void
now not BOOL).
(This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
|
|
restriction and "domain user map" seems to work.
amazing.
(This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
|
|
stupid compile errors with file_rename() call just created.
(This used to be commit f5cedb8c9618b83b63b5e2db867d238eebc7e13c)
|
|
added code that moves MACHINE.SID to DOMAIN_NAME.SID if it exists.
(This used to be commit 51c1c31768a92d9c57ee6c09b78419bcbc544f03)
|
|
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.
might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...
issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.
noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
|
|
a call _outside_ of this was _also_ calling getpwnam. the calls to
getsmbpwnam() were therefore overwriting the static buffer.
(This used to be commit c5ba5fa6feab2884a23b8bcb5dcb349ee1a7c139)
|
|
(This used to be commit 4b5bd4e18cee72aeb76909cf85b1f932393fcfc8)
|
|
My bad... Earlier one was the patch from the CIFS conference that
didn't work, this fixes...
(This used to be commit 12739f0456e9f707a361bce2fa01b0baaae182d9)
|
|
(This used to be commit 3257b72c6e2722a6de6b40b4c16e934c02a7c508)
|
|
(This used to be commit 603c5f6df8c525f30d00da912d408b98378ea538)
|
|
(This used to be commit 58c0f0a77c396a6021596c84d4a30b1c9a4b1419)
|
|
a connection succeeds...).
(This used to be commit c0efc35b27d50c40bc04bfd9fb1d61ea5d32bde5)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
(This used to be commit 776abe3fe52748b9d2939ff77f8a39155894b952)
|
|
(This used to be commit e717b898405fdcd0bb7787394961589aa62cacc3)
|
|
added their replacements, added sam password database API modules
(This used to be commit b1d1c1337c69c6f6bf25ab932a1a6a757e3ea2ae)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
SCO 3.2 (including it also requires lots of streams stuff, making it a
total mess).
If this causes problems on some other platform then please add a
comment stating what platform and why the include is needed so we can
work out how to test for it properly.
(This used to be commit 21d779bf7def71d5d9c899eabbb6a110860bd8e2)
|
|
processing.
(This used to be commit 702263bba555a1d7c7999d40e5789b7e920dbce4)
|
|
Fix by Andrej Borsenkow <borsenkow.msk@sni.de>
(This used to be commit 5c0e31982e8eb1c93bc77925e59be65798f2dbad)
|
|
docs and do configuration at the same time.
(This used to be commit 386a3bfd337f4b248f6c88b9c98b9d6471cc9b25)
|
|
(This used to be commit d3fa0dd7a80a8d20e2d9db0b5ca24988059280fb)
|
|
(This used to be commit ed4d1062b2655d59f6904344e708aa53af235ad5)
|
|
Fix by Matt Chapman <m.chapman@student.unsw.edu.au>
(This used to be commit c44b418d6fd16a257af21f6b5b29b1cdf26015b7)
|
|
would only be a domain group rid. it can also be a local group rid,
which causes us problems in attempting to turn a unix gid into the
correct rid (domain group or local group).
sooo.... the fix is _in_ there, we just can't use it because it causes
link / knock-on problems in nmbd.
(This used to be commit e4ee6538709c33000774eb1676608f2dd67d5a30)
|
|
now need search capability on S-1-5-20, which will need argh, a
"group database API" on S-1-5-20, and the ability to add BUILTIN\Admins
etc to "local group map" argh.
(This used to be commit a24f6eb00ba7486479cbcf7fadf5456521c56179)
|