Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 27f3fbac724847f2d0926d2231808871508a7dd9)
|
|
(This used to be commit 2ddfed298d7f0b6e690275725a39c3ef107077ae)
|
|
Unfortunately users get created with the ACB mask set to disabled and
must change password. The set_user_info2 call required to fix this
doesn't quite work yet...
(This used to be commit 55a341a367a7d1b18ae7ef04678479eb74b68ea3)
|
|
are 'SET' when adding the account.
I really don't like passing flags down to inner routines and
complicated if/else conditions, but this time he might be right. ;-)
Volker
(This used to be commit 80d2578108da14f60133df3a308b867beb27e920)
|
|
(This used to be commit 18d52ce914715d188966be95f9e4466666a04f74)
|
|
(This used to be commit 6fbee12a8170e0bce4e94806105786b38160ada5)
|
|
(This used to be commit 691c63ad6b522ae7984017ebadffb5c7c13f6992)
|
|
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
|
|
(This used to be commit 83c7f1e1661da14ee46d4ca7a698728fb1beb23b)
|
|
(This used to be commit a1576694a6f23e1c70d7d81ac4feedd4f29c5400)
|
|
from passdb
(This used to be commit 78e135cdb17dcf70d8a1259897fd44ecd7a4b3c6)
|
|
* pdbedit -i -e sets all SAM_ACCOUNT elements
to CHANGED to satisfy the new pdb_ldap.c handling
* pdbedit -g transfers group mappings. I made this
separate from the user database, as current installations
have to live with a split backend.
So, if you are running 3_0 alphas with LDAP as a backend
and upgrade to the next 3_0 alpha, you should call
pdbedit -i tdbsam -e ldapsam -g
to transfer your group mapping database to LDAP.
You certainly have to have all your groups as posixGroup
objects in LDAP and adapt the LDAP schema before this
call.
Volker
(This used to be commit 6d3faeaef6c77e389d39b6d4660ffea13e7f25f2)
|
|
directly anymore, but instead through the passdb
interface. So we can make them static.
Volker
(This used to be commit a91af4bea8e761a812f5c70fdc7c7cd15366b412)
|
|
for the 'ldap del only sam attr' functionality. So
we are compatiple to the current SuSE patches as well
as to TNG... ;-)
Volker
(This used to be commit 353309e2a3bc27e918bd0a6cf22833d57895fbc8)
|
|
> Hi Volker,
>
> if 'displayName' is not available we should fallback to 'cn' for map->nt_name
> 'cn' is used as unix group name by nss_ldap.
>
> and if nt_name is not available we should fail (so does this patch)
Volker
(This used to be commit 3a7d1e72e208b9609da4ff65d9fff9179799ecac)
|
|
- Decode all the database names, even if we don't decode their contents
- Update the 'set' code to match rpc_server/srv_samr_nt.c in only recording
the difference between the old and new.
Andrew Bartlett
(This used to be commit 6509397f91a4c218552a48a96df06e595b630898)
|
|
(This used to be commit 818bc35da7b66aa8c4156406b7ab3304d4c94a72)
|
|
(This used to be commit b46581ef153296a0a04f773115cb2ddad4d44686)
|
|
(This used to be commit 5f12b246b03aef93165059f632012b6fc4706c70)
|
|
(This used to be commit eeeeb37fc6de60928f7efdeb05bb2c6516f24441)
|
|
(This used to be commit e7ed8bfc24d94b0b6e70a03eaae927fe1daa7d56)
|
|
(This used to be commit 633b3eb7812dc0a58785536a1e7d28329d488b43)
|
|
(This used to be commit 99de90adc98b8d5354c769dcd25cc1f34d3769e9)
|
|
(This used to be commit b18d02891be1ea3728239eee15a4aed3c3be2fea)
|
|
(This used to be commit 10c2fe08b6fdc2a9985a154b93555197bf5815fa)
|
|
(This used to be commit 8f285878b30bad7388f69075538c628a7e18ac8a)
|
|
(This used to be commit e56ab71f1237a71c6ad4f321ce1db4e9397efd73)
|
|
(This used to be commit 5a88d78f67fd7853d6f7d5042807afa56091d52c)
|
|
- Add some const
(This used to be commit e149e70717f38e082ce35d55f9b4d84ba8419af7)
|
|
Andrew Bartlett
(This used to be commit fb680f610ceb9a0f350c99456cf7ab1a507543fe)
|
|
(This used to be commit 2e1e5719f188a933e6b691fbd48037a0d29497e4)
|
|
(This used to be commit 9c3b8533fc6d2a68e013668d0927d479f4ab58dd)
|
|
(This used to be commit 0efa773bac4b9fe2f79265413c32fecce55cc369)
|
|
(This used to be commit 6df38e250af1a8e7213ad66342c71c52ce118a12)
|
|
This repairs domain join with fully existing wks-account which I broke
with my last patch...
Volker
(This used to be commit 582a34efbe3c1570b852c93318ff6002954ddf6a)
|
|
(This used to be commit b757a4374832d76500a889e4785622320881018d)
|
|
anymore, but instead look at what is currently stored in the
database. Then we explicitly delete the existing attribute and add the
new value if it is not NULL or "". This way we can handle appearing
and disappearing attributes quite nicely.
This currently breaks pdbedit -o, as this does not set the CHANGED
flag on the SAM_ACCOUNT.
Jelmer suggested that we set all the fields on CHANGED in
context_add_sam_account. This sounds not too unreasonable.
Volker
(This used to be commit f7149cf500d2b10ee72163c018a39fdd192d7632)
|
|
(This used to be commit 3cddfe211da812a533611eecba5d5da55fd3cf2d)
|
|
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
Andrew Bartlett
(This used to be commit a7eba37aadeb0b04cb1bd89deddb58be8aba825c)
|
|
to the integer for SIVAL().
(This used to be commit e8b4b136669e7e415557956d698c66c254b28ec1)
|
|
pity becouse otherwise you need to link a program with it to get the
fstring/pstring bugs.
Andrew Bartlett
(This used to be commit b1b4370955d50fd4997c7171a99fe03f97190aca)
|
|
when setting the password.
Andrew Bartlett
(This used to be commit 552198b9e149c41f8cb2f976421ef030eac6fba6)
|
|
(This used to be commit 1002b0bbff295548b74580dbb0dc0c76474af23b)
|
|
Andrew Bartlett
(This used to be commit 05a63bd17e4c35979b3864b0969b2bfd945335d9)
|
|
where we assume the buffer is zero, when it might not be (ie due to, previous
packets).
Andrew Bartlett
(This used to be commit 191b0ab4d7c35c83d2bb2052b2e37d01fbf37b45)
|
|
issues.
Also pick up these link failures at compile time (rather than runtime).
Andrew Bartlett
(This used to be commit 23c7342bc40daffbcd70ef04727cae2c2b2c366b)
|
|
Jeremy.
(This used to be commit 301f17df51961b645b63d1520fc9c2e5627c1a0a)
|
|
complete now.
(This used to be commit 72bb5615f3eef1c5b27716dfcabe4c8288729458)
|
|
a bit better.
This just sets the minimum possible attributes - if we are 'upgrading' an
LDAP based user account, the attributes will be there anyway. This matches
NT pretty well to.
This also fixes some use of unitialised values in the desired_access checking.
(found by valgrind).
Andrew Bartlett
(This used to be commit 929213ff2a5829ba8435ba1be0de317bca1e0da0)
|
|
(This used to be commit 228110e83fce91c811c82f6f836d313b6b79ff87)
|