Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit da59bab769dac3702dbddd6ad718f918befee6db)
|
|
Volker
(This used to be commit 6287141f10e6c774990b4fdf65bfd2a55afca35a)
|
|
right in the middle of the code.
I just love catching jra on stuff like this, after all the crap
I've done. :-)
(This used to be commit 217791cab21b79fdbe2ddb96079fb9abb8545dd7)
|
|
(This used to be commit 00c998c5030560d096d7f3c0f9d89ce18e2d006b)
|
|
(This used to be commit 29bc83080f47b2f945686e706f2cfef221ac3795)
|
|
Added hardlink_internals() code - UNIX extensions now use this too.
Jeremy.
(This used to be commit 3f2b9f10dec58d3e3ae463e3804d96052fb27a4d)
|
|
much closer emulation of Win2k3 error return codes.
Jeremy.
(This used to be commit 883f89a0184e37bff4f5877a25d31b994996ab08)
|
|
(This used to be commit 95e7cfdb19bab4a5aac59e10afb3b1416e6079c5)
|
|
array. need to update passdb for this.
(This used to be commit 1d3079bf4c661939e291cca5e96157b5fa492340)
|
|
files for SWAT
(This used to be commit 42d8455a02fa89d37864d32c49d598ba9cdc1552)
|
|
(This used to be commit c1b1a1961f19e2fba680d48e41d0b29cdfd6d39c)
|
|
(This used to be commit 90640a523e9898157a361f3fbf5923b1ef2a6651)
|
|
very efficient though, it only does one group at a time. Needs improving, but
the structures are not particularly easy to set up, so check in the basically
working part for others to review.
I'm close to saying that I would like to remove aliases from general group
mapping. These can not be reflected correctly in /etc/group, winbind could do
a better job here.
And having aliases only on machines with nss_winbind at least for me is not a
too severe limitation.
Comments?
Volker
(This used to be commit 6cad5bcc280c2964473346cc467423a44cc6a5c2)
|
|
The problem was that the current_printif struct was set during
print_backend_init() based on the 'printcap name'. So you could
not use cups and then override the setting for a specific printer
by setting 'printing = bsd' (a common setup for pdf generation
print services.
There is a subtle change in behavior in that the print
interface functions are selecting on the basis of lp_printing()
and not lp_printcap_name(), but the new behavior seems more
intuitive IMHO.
(This used to be commit e721255e8f7d719dbcc2cad94c9b11f6124676e6)
|
|
that pdb_default_get_privilege_set returns NOT_IMPLEMENTED and not a privilege
set that does not grant anything. I don't really understand privileges yet, so
work around that by not failing if pdb_get_privilege_set fails.
Volker
(This used to be commit b790753f443092a65eeef7b146a18d4c5ffcb323)
|
|
(This used to be commit fa6500fe773ae1f0aa70f370600b6f7aa7f65f3d)
|
|
Do:
wbinfo -C alias
net groupmap set alias alias -L
net rpc group addmem alias DOMAIN\\group -S localhost -Uroot%secret
getent group alias
And hopefully the members of domain\\group show up :-)
Still have to get them to show up in 'getent group'.
Volker
(This used to be commit 18e48190838907a29347d471e81945257f540aa7)
|
|
(This used to be commit fae17e0f9d228bab9992287507babd6a8fd53f97)
|
|
(This used to be commit eb8a8c290f893b6ffa3d16e282829230be56b212)
|
|
This patch add privilege support for samba
Currently it is implemented only for tdbsam backend but estending it to
other sam backends is straightforward.
I must make a big thank to JFM for his teachings on the matter and the
functions at the base of this work.
At thye moment only samr_create_user honours SeAddUsersPrivilege and
SeMachineAccountPrivilege to permit any user to add machines and/or users to
the server.
The command "net priv" has been provided to manipulate the privileges
database.
There are still many things to do (like support in "net rpc vampire") but
the working core is here.
Feel free to comment/extend on this work.
Of course I will deny that any bug may affect this code :-)
Simo.
This patch adds also my patch about add share command enhancements.
(This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
|
|
With only your fix in for example smb.conf was expected in /smb.conf...
Thanks,
Volker
(This used to be commit eb18cb83d13d664896468d200d9dc353da13c561)
|
|
Volker
(This used to be commit f95a5d81479b467c837b727831c2224832c8205c)
|
|
su - WINDOWS\\vl
now includes the locally defined aliases I'm member of.
Next will be getent group.
Volker
(This used to be commit 52dae45684317ac8ac529017607bb5787dda7c50)
|
|
turn on fhs compliant paths. Spotted by Timur Bakeyev.
(This used to be commit e0382635a5490e1a6b6388dc98e6ce318e197808)
|
|
merge to 3_0, as the pdb interfaces has changed a bit between the two.
This has not been tested too severly (which means it's completely broken ;-),
but I want it in for review. Feel free to revert it :-)
TODO:
make 'net groupmap' a bit more friendly for alias members.
Put that stuff into pdb_ldap.
Getting the information over to winbind. One plan without linking pdb into
winbind would be to fill group_mapping.tdb with the membership information and
have that as a cache (or use gencache.tdb?). smbd on a PDC or stand-alone
could trigger that itself, the problem is a BDC using LDAP. This needs to do
it on a regular basis. The BDC smbd needs to be informed about SAM changes
somehow...
Volker
(This used to be commit 30ef8fe1e85c0ca229b54f3f1595c4330f7191d1)
|
|
srv_samr_nt.c: Correctly report that a user is not member of an alias.
Volker
(This used to be commit 26d99204b7cbfa8e259f2a8438eadc9ff6be0709)
|
|
Volker
(This used to be commit 73117f5e41aa923b07d200a18c84b8082d8b71a6)
|
|
something not a group.
Volker
(This used to be commit 9cfc97df456199c22e199831d28597132cf001a8)
|
|
Volker
(This used to be commit 6785dc84ce4d9c2d5ebe3113c7f506947b09a7f8)
|
|
set of groups.
Volker
(This used to be commit 710969acaa9ce4467ec09c2fadb03e49fbc207be)
|
|
fail if file exists and target is a directory. gentest.
Jeremy.
(This used to be commit 4b1262322995c8794cd73d84712f82d8c91abdc6)
|
|
Jeremy.
(This used to be commit 2a457e2e28cd1f78778cb41fbb381883ced99592)
|
|
rafal
(This used to be commit ed26b550b5f24741db6be38542f341be18741e62)
|
|
new functionality and testing interface for new pdb functions.
Also, quite a bit of objects is being added to pdbedit in order to make
it able to find domain sid automatically (if not given explicitly).
If such amount of "wisdom" is not required to be in pdbedit, I'll move
it to 'net' which will have this new functionality, anyway.
rafal
(This used to be commit cfb1b7bda905c8391bf065ecb99bb28806dfe96a)
|
|
rafal
(This used to be commit 39bc55e4d407adb31030a57185f7431434b43a51)
|
|
(This used to be commit 892b16404033bbaf72a5a04f558cb41ef544739e)
|
|
(This used to be commit b9ae67a3a232875361d3056eef3b654e6b92c244)
|
|
I was rather annoyed by the net groupmap syntax, I could never get it
right.
net groupmap set "domain admins" domadm
creates a mapping,
net groupmap set "domain admins" -C "Comment" -N "newntname"
should also do what you expect.
net groupmap cleanup
solves a problem I've had two times now: Our SID changed, and a user's primary
group was mapped to a SID that is not ours. net groupmap cleanup removes all
mappings that are not from our domain sid.
Volker
(This used to be commit 69879ceffa587ccf2bf59e1c716424e1d20a7f68)
|
|
(This used to be commit a3a15be5a2ae419992af004425592cca6796edcd)
|
|
Volker
(This used to be commit f1b66461ebce4e89eb65620a09c079ae9697537b)
|
|
Even if it's our own lock context, we need to wait here as
there may be an unlock on the way.
So I removed a "&& !my_lock_ctx" from the following
if statement.
if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) {
Jeremy.
(This used to be commit 17c88758ae82b20bc7260d5d927325f3f73ba33c)
|
|
Fix bug in previous global_sam_sid() commit. I broke the 'read from
MACHINE.SID' file functionality.
Also, before we print out the results of 'net getlocalsid' and 'net
getdomainsid', ensure we have tried to read that file, or have
generated one.
Andrew Bartlett
(This used to be commit af1b6447b8292a83851361570219ee6d889e0898)
|
|
different share modes. It also has a commented out test to see if we can
actually open a renamed file, and it turns out that we can, it seems. I am
not sure at this stage how long that is the case for, though.
(This used to be commit 89d810d234f53c9731ded85848bd9c17d45d5125)
|
|
I *hate* global variables...
OK, what was happening here was that we would invalidate global_sam_sid
when we set the sid into secrets.tdb, to force a re-read.
The problem was, we would do *two* writes into the TDB, and the second one
(in the PDC/BDC case) would be of a NULL pointer. This caused smbd startups
to fail, on a blank TDB.
By using a local variable in the pdb_generate_sam_sid() code, we avoid this
particular trap.
I've also added better debugging for the case where this all matters, which
is particularly for LDAP, where it finds out a domain SID from the sambaDomain
object.
Andrew Bartlett
(This used to be commit f3ecdea56d9ea6d562ace84f0e653a641eb96f6e)
|
|
Jeremy.
(This used to be commit e46aaffe97919afb1c92f56376f9578825012b92)
|
|
minutes, not seconds. Works from usrmgr.
(This used to be commit d02dd0e5f5fae3256b1922c2963e18c8fa36a3e6)
|
|
(This used to be commit 08a7c9697d49719e4cfb32a06720873c98585f67)
|
|
Jeremy.
(This used to be commit 755b66303d04b73a855fa8db5fe3ae920a901bf3)
|
|
at what W2K3 accepts here it's COMPLETELY BROKEN ! :-).
Jeremy.
(This used to be commit 9aa37cb84090260b33d32ad123ddc4d211e3913b)
|
|
Jeremy.
(This used to be commit fc9811693933327a15b7dbe4893219c7ef44d1e8)
|