summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2002-09-28Second stab at Volker's 'make shadow passwords work' patch.Andrew Bartlett1-4/+4
Basicly, the password and the salt must be taken from the same place in both passwd and shadow based systems. Taking salt from one, and password from the other just doesn't work. So pull them from passwd, then overwrite them if need be. When modifying this file, watch the #ifdef hell - as vl found out, some variables are globals - but only with #ifndef WITH_PAM, and the code jumps all over the place with the password cracker. Getting double-reviews of any change to this file highly advised, it is one of our most system-specifc areas of code. (So now I get to take the blame for this one... :-) Andrew Bartlett (This used to be commit f39f167900db3f06ec3c52c3ddf61e8bf3d57f56)
2002-09-28Add the beginings of sam_ads to the tree.Andrew Bartlett11-32/+1161
This module, primarilly the work of "Stefan (metze) Metzmacher" <metze@metzemix.de>, uses the Active Directory schema to store the user/group/other information. I've been testing it against a real AD server, and it is intended to work with OpenLDAP as well. I've moved a few functions around in our other libads code, which has made it easier to tap into that existing code. Also, I've made some changes to the SAM interface, I hope there are not too many objections... To ensure we don't get silly bugs in the skel module, it is now in the default compile. This way you should not forget to update it :-) Andrew Bartlett (This used to be commit 24fb0cde2f0b657df1c99474cd694438c94a566e)
2002-09-28Thanks to abartlet I looked at that function a bit closer. What didVolker Lendecke1-5/+0
the first cli_push_string do? I suspect that it's a leftover from times when the password length was needed at some point. Volker (This used to be commit df906c156aea46524dedc28ee54f4e87711c7160)
2002-09-28Add const.Andrew Bartlett2-2/+2
(This used to be commit f7dd66e88dba947a167d9a14c96810854dfc5c9d)
2002-09-28Commit a fix to smbclient so that it will connect to EMCs and NetApp's machines.Richard Sharpe1-3/+18
(This used to be commit 1e4ac9615d26bfbf90e3a45f088564f448f689ce)
2002-09-28This needs to be #ifdef HAVE_LDAP.Andrew Bartlett1-0/+3
(This used to be commit 2b54a2fc2c85ea139e2acdbbc2f14b969c0c6315)
2002-09-28Add const.Andrew Bartlett1-4/+4
(This used to be commit 0f5d18626bebaa0621ee703ea2cc8bf47e14ea3e)
2002-09-27Back our volker's patch as was breaking the build.Andrew Bartlett1-7/+2
Volker, I would like to understand what you are trying to do here... I'll trust that it's broken (this code is certainly not well tested) but I do want to keep a close eye on the fixes... Andrew Bartlett (This used to be commit 4b72f84cf9bc3f7583318d5dff97257f9dc5b87f)
2002-09-27It turns out that Windows allows delete printer on a handleJeremy Allison1-0/+14
opened by an admin user, then used on a pipe handle created by an anonymous user..... but they're working on security.... riiight ! Jeremy. (This used to be commit 322d8b4c83439261cfd2ff79b557bddb1e784660)
2002-09-27Check for security on delete printer was reversed...Jeremy Allison1-5/+5
Jeremy. (This used to be commit 0d27cc909b4489b54e57481bd8a9494fb077dc3d)
2002-09-27HEAD and APP-HEAD spoolss parsing was out of sync. This MUST NOT HAPPEN !Jeremy Allison1-20/+17
Jeremy. (This used to be commit e42b76337b9a01fee84bc95d6899a724b2fdab29)
2002-09-27Touching somebody else's code again... Sorry, Richard.Volker Lendecke1-2/+9
smbclient would announce that it can send UNICODE, but would send the plain text password in ASCII. This confused Samba HEAD somewhat. This change has been tested against Samba HEAD of today and Samba 2.2.1a. I do not have any other servers that do plain text passwords. Anybody? Volker (This used to be commit c7de62d839634a85295d1a0ef5a48270ef30aa93)
2002-09-27Sorry to touch such an internal function. But I was quite surprised thatVolker Lendecke1-2/+7
'security = user', 'encrypt passwords = no' did not work anymore. This is on quite a standard SuSE 7.3, ./configure.developer --with-tdbsam. I can provide a config.log / config.h on demand. Please re-check for consequences, I don't really oversee that file. Thanks, Volker (This used to be commit ba754b57ddb78dadedcb7b5877cbee5bab08181e)
2002-09-27Move a number of ADS related functions out into utility libs, so that thingsAndrew Bartlett7-218/+345
like metze's sam_ads can also use them. Also add error checking etc to a few more functions. Andrew Bartlett (This used to be commit c864edf4fbf8a6c37888a14b861d7c12cf503d4f)
2002-09-27An example of a group creation command that can handle failuresVolker Lendecke1-0/+27
of groupadd. Volker (This used to be commit 3f78923a6feefffae6203d27a765b2a8cf3c5c24)
2002-09-27Vance picked up a pile of typos etc at the CIFS confernce, and finally got themAndrew Bartlett4-15/+15
off his laptop :-) Andrew Bartlett (This used to be commit df8f0338fae01e5edc176708c2b798c67c2e8c36)
2002-09-27Minor updates:Andrew Bartlett3-10/+24
Add const to some more functions, and reintroduce 'net rpc join oldstyle' as *only* trying an old-style join. This means that we can rely on it not prompting for a password on the build farm. Andrew Bartlett (This used to be commit 31bdbeef0ea6f30247cd3b30cfea57b34102abe6)
2002-09-27Some small cleanups to the libads code (mainly error checking), and give aAndrew Bartlett3-7/+30
sane prototype for the push_utf8_allocate code. Andrew Bartlett (This used to be commit ce00a3238ed8a82639c4d0ee3e960f7000b1a7b0)
2002-09-27I missed committing this - all updates to configure.in adding --with-fooAndrew Bartlett1-1/+1
options need a matching entry in acconfig.h to actually do anything... Andrew Bartlett (This used to be commit 4636809153987f03b14a27dba175cb1511c2d460)
2002-09-27Fix typoAndrew Bartlett1-1/+1
(This used to be commit 42c7ecd3d5dc5eb8ff690635946a403a82ebb270)
2002-09-27When compiled --with-ldapsam, make ldapsam the default passdb backend.Andrew Bartlett1-1/+3
This is to allow painless upgrades from 2.2, and so people don't get a shock when they follow old docs. If ldap has been detected on the system, ldapsam is always available, just not the default. Andrew Bartlett (This used to be commit 0a6a0c88d0972fcea4aead7115929f96c0d23cbc)
2002-09-27Readd the 2.2 --with-ldapsam paramaters so as to allow a smooth upgrade path toAndrew Bartlett5-835/+912
a 3.0 based PDC. Change defaults to use SSL, so that this also matches. Andrew Bartlett (This used to be commit 36c2a3820faa1d90cd331881720be0e61ab93460)
2002-09-26Make explicit the difference between a tdb key with no data attached, andJeremy Allison1-2/+11
a non existent entry. Stop a malloc(0) being called in the first case. Jeremy. (This used to be commit ece9507ec3d363fccf56b000ad9758780a9b3fb4)
2002-09-26tagging version as post3.0-HEAD to differentiate from the SAMBA_3_0Gerald Carter1-1/+1
branch. (This used to be commit 0962a2f74f89b684a5f333126fed2b6a7fc0b454)
2002-09-26add -r to usage outputGerald Carter1-0/+1
(This used to be commit a6ec9af7e38b1b937eba7003f130d662d5bde035)
2002-09-26preparing for release of 3.0alpha20Samba Release Account1-1/+1
(This used to be commit ba8b6c8e31ad5f15a0cfa9d28d9b8692c3473a42)
2002-09-26Fix segfault in sam_context_enum_domains - reported by KaiJelmer Vernooij1-0/+1
(This used to be commit 1430473d3fdcc8e711fe483b84dfeefa6bd54905)
2002-09-26Don't define PASS_MUST_CHANGE_AT_NEXT_LOGON twice..Jelmer Vernooij1-3/+0
(This used to be commit cae3705b9a03e36137439e24667dcf2e5e9643fc)
2002-09-26Add -r parameter to smbgroupedit. With -r you can manually chooseVolker Lendecke1-21/+26
a rid. Volker (This used to be commit 11ec785f3f43b277ae3f28b38865f4de972495bc)
2002-09-26Patch from "Kai Krueger" <kai@kruegernetz.de> to get some more of our accessAndrew Bartlett2-47/+58
control bits right on the SAMR pipe. Andrew Bartlett (This used to be commit e87948c777b59592b130da081ef5d25600455d29)
2002-09-26forgot include file, sorrySimo Sorce1-14/+14
(This used to be commit 67d600ed8ed1cdd25503fdb2299bdfa93befee1f)
2002-09-26Patch from "Stefan (metze) Metzmacher" <metze@metzemix.de> to do a *much*Andrew Bartlett6-85/+419
better job of working with usrmgr. Previously we were blanking out entires, and all sort of mischif. The new patch (which I've now had a chance to test/modify) also takes care not to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to store \\server\user back) and to correctly notice 'not set' compared to 'null string' etc. Andrew Bartlett (This used to be commit ab878b6cc4132594fc33f78aeebf0d8b7266c150)
2002-09-26move all the passdb internal interface to NTSTATUSSimo Sorce7-269/+320
only the interface has been fully moved to NTSTATUS not all the plugins make full use of it, but have been all converted. My testings passed completely, however a bit of more testing is welcome Simo. (This used to be commit 102a26e06591928a03b49cd312a65811ed46314f)
2002-09-25notify user when no {domains,accounts} were foundJelmer Vernooij1-0/+10
(This used to be commit ee3b497962a28c7c58e866b8536b1d2ae6f9b23a)
2002-09-25Add samtest command 'enum_accounts' + few typo fixes in sam/interface.cJelmer Vernooij2-4/+30
(This used to be commit 81156d6556dab2ea23dea69da6940a0482d79d9b)
2002-09-25add samtest commands:Jelmer Vernooij1-1/+134
- show_domain - context (This used to be commit e969b1897269ebd27650c2192cd19ebda47e042e)
2002-09-25fix getpass replacement check (i thought I fixed this a few daysGerald Carter1-0/+2
ago....) (This used to be commit 1b55965f12dc2ede46ca2dbc82acbf56b7e33e2e)
2002-09-25Make it clear what this if statement applies to, and what it doesn'tAndrew Bartlett1-0/+1
(This used to be commit 6b78e554c3dd3c98bff7dbd1d3715a9b7e405b8d)
2002-09-25remove extern for AllowDebugChange since we don't use itJelmer Vernooij1-1/+0
(This used to be commit 70d9b71ceaeba95712fa61e601376ff5cc8e7714)
2002-09-25Fix the circular dependency that was preventing 'domain master = auto' (theAndrew Bartlett1-1/+1
default) from working. Andrew Bartlett (This used to be commit 25950dbb3272949a235bed936c7d7b1d23f15fac)
2002-09-25Metze claims that without this his win2k server gets horribly confused lookingAndrew Bartlett1-2/+2
for all sorts of AD things in lp_realm(). We need to get some non-Win2k NTLMSSP and chase this up a bit, but this will do for now. (Hmm, this might affect NTLMv2 as well) Andrew Bartlett (This used to be commit 0e6babc306f60e88fc28705a8d4ad112bafe92cb)
2002-09-25Whenever we deal with adding machine/trusted domain accounts, always reset theAndrew Bartlett1-20/+23
flag to what we expect. This handles the 'upgrade' from unixsam beter (where all $ terminated accounts are machines). Andrew Bartlett (This used to be commit a198940ea6f7b7f3cba38c5a9f695e0731204583)
2002-09-25Don't crash when a backend doesn't have a setsampwent function available - ↵Jelmer Vernooij1-2/+2
bug reported by metze (This used to be commit 4aea951102a6e82612560e6a59931fde433ee6ea)
2002-09-25This patch from "Stefan (metze) Metzmacher" <metze@metzemix.de> cleans upAndrew Bartlett5-128/+231
pdb_ldap and adds a 'ldap passwd sync' option. The idea with this option is to do allow an ldap backend to do all the fancy password hashing etc - and to tell smbd no to try and double-up. Using 'ldap passwd sync = only' will do this, but is not recommended unless such a backend is in place... Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd sync = yes' and having both PAM and pam_ldap correctly configured for 'magic root' behaviour, but only using ldap connection, and one set of credentials. This also gets us closer to allowing ldap to say 'password too short' etc, which might assist in maintaining a consistant password policy. Andrew Bartlett (This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
2002-09-25Fix debuglevel command-line argumentJelmer Vernooij1-1/+0
(This used to be commit 779aea57450db83fa7870e8a35db55d475682519)
2002-09-25Compile samtest with LIBADS_OBJ and PASSDB_OBJ...Jelmer Vernooij1-1/+1
(This used to be commit f0c095875758ef44ed2d25d3ed9d77e5e163b75f)
2002-09-25samtest should load smb.conf by defaultJelmer Vernooij1-1/+26
add command-line option to samtest to specify alternate config file - use /dev/null to don't load any config file.. add 'conf' command to load specified config file (This used to be commit 237883d1e68e99a3ea3df9b6e182c70cb31b2523)
2002-09-25At least try to get this function picked up by the autoprototyperAndrew Bartlett1-2/+2
(This used to be commit d5303d5c080212486329f7e5a65f732e11efbb37)
2002-09-25Kill of Get_Pwnam_Modify and smb_getpwnam(). The latter assumes some thingsAndrew Bartlett2-59/+2
that just don't apply any more - now that we always keep username and domain seperate. Also, the policy it was trying to permit is now implemented by the auth code. Andrew Bartlett (This used to be commit 760c0740cad948665db4a1d462fbbd99332713ef)
2002-09-25Another patch from metze, towards his work on sam_ads.Andrew Bartlett4-11/+108
See mx-ldap.sf.net for his current progress. (This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)