Age | Commit message (Collapse) | Author | Files | Lines |
|
This is to allow painless upgrades from 2.2, and so people don't get a shock
when they follow old docs.
If ldap has been detected on the system, ldapsam is always available, just not
the default.
Andrew Bartlett
(This used to be commit 0a6a0c88d0972fcea4aead7115929f96c0d23cbc)
|
|
a 3.0 based PDC.
Change defaults to use SSL, so that this also matches.
Andrew Bartlett
(This used to be commit 36c2a3820faa1d90cd331881720be0e61ab93460)
|
|
a non existent entry. Stop a malloc(0) being called in the first case.
Jeremy.
(This used to be commit ece9507ec3d363fccf56b000ad9758780a9b3fb4)
|
|
branch.
(This used to be commit 0962a2f74f89b684a5f333126fed2b6a7fc0b454)
|
|
(This used to be commit a6ec9af7e38b1b937eba7003f130d662d5bde035)
|
|
(This used to be commit ba8b6c8e31ad5f15a0cfa9d28d9b8692c3473a42)
|
|
(This used to be commit 1430473d3fdcc8e711fe483b84dfeefa6bd54905)
|
|
(This used to be commit cae3705b9a03e36137439e24667dcf2e5e9643fc)
|
|
a rid.
Volker
(This used to be commit 11ec785f3f43b277ae3f28b38865f4de972495bc)
|
|
control bits right on the SAMR pipe.
Andrew Bartlett
(This used to be commit e87948c777b59592b130da081ef5d25600455d29)
|
|
(This used to be commit 67d600ed8ed1cdd25503fdb2299bdfa93befee1f)
|
|
better job of working with usrmgr. Previously we were blanking out entires,
and all sort of mischif.
The new patch (which I've now had a chance to test/modify) also takes care not
to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to store
\\server\user back) and to correctly notice 'not set' compared to 'null string'
etc.
Andrew Bartlett
(This used to be commit ab878b6cc4132594fc33f78aeebf0d8b7266c150)
|
|
only the interface has been fully moved to NTSTATUS
not all the plugins make full use of it, but have been all converted.
My testings passed completely, however a bit of more testing is welcome
Simo.
(This used to be commit 102a26e06591928a03b49cd312a65811ed46314f)
|
|
(This used to be commit ee3b497962a28c7c58e866b8536b1d2ae6f9b23a)
|
|
(This used to be commit 81156d6556dab2ea23dea69da6940a0482d79d9b)
|
|
- show_domain
- context
(This used to be commit e969b1897269ebd27650c2192cd19ebda47e042e)
|
|
ago....)
(This used to be commit 1b55965f12dc2ede46ca2dbc82acbf56b7e33e2e)
|
|
(This used to be commit 6b78e554c3dd3c98bff7dbd1d3715a9b7e405b8d)
|
|
(This used to be commit 70d9b71ceaeba95712fa61e601376ff5cc8e7714)
|
|
default) from working.
Andrew Bartlett
(This used to be commit 25950dbb3272949a235bed936c7d7b1d23f15fac)
|
|
for all sorts of AD things in lp_realm(). We need to get some non-Win2k
NTLMSSP and chase this up a bit, but this will do for now.
(Hmm, this might affect NTLMv2 as well)
Andrew Bartlett
(This used to be commit 0e6babc306f60e88fc28705a8d4ad112bafe92cb)
|
|
flag to what we expect. This handles the 'upgrade' from unixsam beter (where
all $ terminated accounts are machines).
Andrew Bartlett
(This used to be commit a198940ea6f7b7f3cba38c5a9f695e0731204583)
|
|
bug reported by metze
(This used to be commit 4aea951102a6e82612560e6a59931fde433ee6ea)
|
|
pdb_ldap and adds a 'ldap passwd sync' option.
The idea with this option is to do allow an ldap backend to do all the fancy
password hashing etc - and to tell smbd no to try and double-up. Using 'ldap
passwd sync = only' will do this, but is not recommended unless such a backend
is in place...
Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd
sync = yes' and having both PAM and pam_ldap correctly configured for 'magic
root' behaviour, but only using ldap connection, and one set of credentials.
This also gets us closer to allowing ldap to say 'password too short' etc,
which might assist in maintaining a consistant password policy.
Andrew Bartlett
(This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
|
|
(This used to be commit 779aea57450db83fa7870e8a35db55d475682519)
|
|
(This used to be commit f0c095875758ef44ed2d25d3ed9d77e5e163b75f)
|
|
add command-line option to samtest to specify alternate config file - use /dev/null
to don't load any config file..
add 'conf' command to load specified config file
(This used to be commit 237883d1e68e99a3ea3df9b6e182c70cb31b2523)
|
|
(This used to be commit d5303d5c080212486329f7e5a65f732e11efbb37)
|
|
that just don't apply any more - now that we always keep username and domain
seperate. Also, the policy it was trying to permit is now implemented by the
auth code.
Andrew Bartlett
(This used to be commit 760c0740cad948665db4a1d462fbbd99332713ef)
|
|
See mx-ldap.sf.net for his current progress.
(This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)
|
|
if we ever want to get rid of the magic macros.
(This used to be commit 13f33e466ed31d35221157d6b3a1a05507157b66)
|
|
didn't seem to work properly.
Andrew Bartlett
(This used to be commit c0925b6352ff6135da03edff44e0bbd72c949a20)
|
|
else we can't add to OpenLDAP 2.1
(This used to be commit d9a91a41441c156223760cb356fa997ea7bdbc1a)
|
|
NT_TOKEN and the unix credentials - as we incresingly use the NT stuff we want
to make it easy to check they don't get out of wack.
Andrew Bartlett
(This used to be commit a3882a19254811ace2f9545580c14ce3bd588095)
|
|
back to NTLMSSP. We need to get the password out of the user, and this
eventually does.
Andrew Bartlett
(This used to be commit bb518a3bae3bf91a589021fcc5b1e715247c5ded)
|
|
(This used to be commit 7ce782c20c6b9e515a2fa831315ae14c66d322ee)
|
|
Jeremy.
(This used to be commit cfd1bf250b417f3ba3ad21ff681ab282311bb7eb)
|
|
(This used to be commit 930c6710fe076b52ad21addf5fcda834f85e15a9)
|
|
to make this rebust w.r.t. stored devicemodes.
Jeremy.
(This used to be commit f93a008f09acda2ddaff9857f2fe0c86948539d1)
|
|
Jeremy.
(This used to be commit 38c67632ade40413c0cc2b91e04105e4065a18b7)
|
|
(This used to be commit d312e1c2b44905af87c4d550975eee78dbf2edee)
|
|
Fix bug in enum_domains
Add samtest commands:
- lookup_sid
- lookup_name
- enum_domains
- lookup_domain
(This used to be commit 0c01219850e5d9b77b3b2c0b4b87aa3c82e3292b)
|
|
and domainname
- Allocate sam_methods, set domain_sid, domain_name and backend_name in make_sam_methods_backend_entry instead of in the backend
- Remove sam_context and domain_sid pointers from the sam_init_function - we don't need those arguments anymore since they're
available in sam_methods as well
(This used to be commit 50d2527eed0eb26c16f2f7e28badbf08d771380e)
|
|
getsid, then join as a BDC, and then watch net rpc vampire suck out
the good stuff out of a PDC :-). It's not perfect, but it does quite a
bit for me. Watch out for more.
Volker
(This used to be commit f0d7ac9feb5844c93789344285b1d66f480209ba)
|
|
(This used to be commit 0ad19825df318030b1772404570cd993fe49e40a)
|
|
to a native NT member server. If the logoff time in the samlogon reply
is set to something else but infinity, the tree connect to the member
server comes back with 'bad uid'. In my traces, NT PDC sends
0x7fff.. always. Weird, but true.
I would really like others to double-check this. If you have questions
regarding the setup, feel free to ask!
Thanks!
Volker
(This used to be commit 066b163bde9419d32fe8ffe00c1841107357c138)
|
|
(This used to be commit b53547bf663ed1714326f9b0e74215e012e728af)
|
|
(This used to be commit 08c3e2b824cd2c93ca548fa18ea16a18f5b197e5)
|
|
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.
Volker
(This used to be commit b959419ed38e66a12b63cad3e5fbfa849f952acc)
|
|
(This used to be commit 42774a7753eb8be1ec04bcb5dda089910a1b6d0b)
|