Age | Commit message (Collapse) | Author | Files | Lines |
|
Volker
(This used to be commit 9ca6cfcf1e4a905d47429a6dc18e2bd7ad5fe1e3)
|
|
Guenther
(This used to be commit 42e380303ddce890f313c221a766dc1e1ee972fb)
|
|
preparation of adding the ability of renaming users via setuserinfo
level 7).
Guenther
(This used to be commit 6f34ed6c203fa11182640da97581075612d26c0e)
|
|
Guenther
(This used to be commit eee0bd806b4fd4558f9c48c09f7e85274e2b807f)
|
|
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.
Guenther
(This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5)
|
|
(This used to be commit 033105376ef4ed7d31ef7cab2442719ed57d29b9)
|
|
Added text explaining units in pdbedit time fields.
Jeremy.
(This used to be commit 3d09c15d8f06ad06fae362291a6c986f7b6107e6)
|
|
(This used to be commit 15fd4a05ec2439f41591ee8a1c30021d9a34371b)
|
|
the cli* in cm_prepare_connection(). using credentials from a domain other thanour primary domain will cause the schannel setup to fail
(This used to be commit a13e29b5f2f1e48225b5b5964bc0777948f16622)
|
|
ippDelete(request) *ever*
(This used to be commit f65598b3b0dc99900d547eb67473cca5d371614f)
|
|
Jeremy.
(This used to be commit 5557e1409a9a22759ca3bea021d4a662099e683a)
|
|
Jeremy.
(This used to be commit 2afe2a16c92bb2500854b8e288c1d7704ede704a)
|
|
Jeremy
(This used to be commit 79f54d12759f9161dc5837a090391cd0cf6471f5)
|
|
Duration: Forever".
Guenther
(This used to be commit aecacf4d9cc5e2aa69b358292b9d591ade696500)
|
|
NT sometimes send garbage bytes in NT security descriptor linearizations
when sending well-known sids. Cope with these.
Jeremy.
(This used to be commit 51b34bb536fdb18c99da1e151eba03ea634e0449)
|
|
(This used to be commit 8971a8544274a7f3643ae67be744d7dab181973d)
|
|
access mask check for _samr_lookup_domain() to work with Windows RAS server
(This used to be commit 2e7a5608ac6a11f4e9e8bda69abb984fb4f86eb8)
|
|
compiled with -DIDMAP_RID_SUPPORT_TRUSTED_DOMAINS) as requested by Lars
Mueller <lmuelle-at-suse.de>.
Allow to map ID's for a local SAM and add some more
debugging-information.
Guenther
(This used to be commit 4d8e7c9ff00417b2ebae0c5faccfe9c2c9c44f2e)
|
|
Guenther
(This used to be commit 30e808ca07bec66d5ecd81cc8c86bb4a98874bc4)
|
|
Note that Samba3 does not yet support it server-side.
Guenther
(This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
|
|
groups when 'net rpc group add' is just to slow).
Guenther
(This used to be commit 88572efdea1bfd32478b33564a85485222731901)
|
|
Jeremy.
(This used to be commit 9fd5d633e65e00a44ba0136ee91170edcecfae24)
|
|
profile path, logon home and logon script values
(This used to be commit 504ea4ac68f47b71542a88b17cbb6b546e1cb881)
|
|
have to be root to send the message to all smbds that the config file has been updated
(This used to be commit 6409de1a1ef34bb41c3efeebfabdf13be5e08613)
|
|
that allows the add/change share command to create the directory
passed in as an arguement and not require that it pre-exist.
Also finish testing of SeDiskOperatorPrivilege via srvmgr.exe
(This used to be commit 9af83a7d70324846e6a2660c73589ee68340b4aa)
|
|
ldapsam:trusted=True. Don't bail out when ldap-search returns pure
posixgroups (w.o. samba group-mapping).
This way those unix-memberships do not appear in user and nt user token.
Volker, could you please look over that one?
Guenther
(This used to be commit 853a8b7f1c0b00b2e4433d1281f3c9bfcaf980a6)
|
|
To get all entries use a 0 acb_mask.
Guenther
(This used to be commit bc729f8fd877236a503cc9df64138b2be2e1a91d)
|
|
* define some const SE_PRIV structure for use when
you need a SE_PRIV* to a privilege
* fix an annoying compiler warngin in smbfilter.c
* translate SIDs to names in 'net rpc rights list accounts'
* fix a seg fault in cli_lsa_enum_account_rights caused by
me forgetting the precedence of * vs. []
(This used to be commit d25fc84bc2b14da9fcc0f3c8d7baeca83f0ea708)
|
|
(This used to be commit f1d59c3a2693fe36b9abe9c1da4b703c5543f938)
|
|
This allows the ldap-backend to search much more effeciently. Machines
will be searched in the ldap_machine_suffix and users in the
ldap_users_suffix. (Note that we already use the ldap_group_suffix in
ldapsam_setsamgrent for quite some time).
Using the specific ldap-bases becomes notably important in large
domains: On my testmachine "net rpc trustdom list" has to search through
40k accounts just to list 3 interdomain-trust-accounts, similiar effects
show up the non-user query_dispinfo-calls, etc.
Also renamed all_machines to only_machines in load_sampwd_entries()
since that reflects better what is really meant.
Guenther
(This used to be commit 6394257cc721ca739bda0e320375f04506913533)
|
|
controls or extensions.
* Check and remember if ldapsam's LDAP Server support paged results
(in preparation of adding async paged-results to set|get|end-sampwent in
ldapsam).
Guenther
(This used to be commit ced58bd8849cdef78513674dff1b1ec331945aa9)
|
|
Guenther
(This used to be commit 92851def70914af1aa501857c6346ca6ae6fc010)
|
|
correct DOS/NT error code on transact named pipe on closed pipe
handle.
Jeremy.
(This used to be commit 599c281464fa96725c3ee6dd3c5ee03ea81314ea)
|
|
(This used to be commit 002ece931917e2952ed795939384764d14f93ce9)
|
|
----------------
* bracket the add/delete/set printer scripts with checks for se_print_op
* slight change to the add/set printer script semantics. smbd no longer
relies on output from the script (on stdout) to re-read smb.conf
* remove SIGHUP from set/add/delete printin script code and now just
use MSG_SMB_CONF_UPDATED
* bracket the add/delete/set share scripts with checks for se_print_op
(this includes setting share ACLs)
(This used to be commit 8ab8113d2e1bec6a1dbf464882ad724c7c591be4)
|
|
SE_REMOTE_SHUTDOWN privilege
(This used to be commit d11339b7e3b890b8e01744b6b309efaa7ad328e1)
|
|
(This used to be commit a1fb1cb019804446a093d7d0d7b1952cc538f9cc)
|
|
privileges RPC calls
(This used to be commit 3f4f2c80fd157796a7ba56f31f921e8a3ce46bc3)
|
|
one small todo item is to add a 'accounts' sub option
to 'net rpc list' so enumerate all privileged SIDs
and their associated rights.
(This used to be commit bf4385c79a0ce2e4983ffa11d39367dbf1d4dcfd)
|
|
(This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
|
|
(noty enfornced yet though)
* add 'enable privileges (off by default) to control whether or
not any privuleges can be assigned to SIDs
(This used to be commit cf63519169d2f3c56a6acf46b9257f4c11d5ea74)
|
|
* rewrote the tdb layout of privilege records in account_pol.tdb
(allow for 128 bits instead of 32 bit flags)
* migrated to using SE_PRIV structure instead of the PRIVILEGE_SET
structure. The latter is now used for parsing routines mainly.
Still need to incorporate some client support into 'net' so
for setting privileges. And make use of the SeAddUserPrivilege
right.
(This used to be commit 41dc7f7573c6d637e19a01e7ed0e716ac0f1fb15)
|
|
(This used to be commit ed38e6026494a2b58c70cc175c6e210bea454e5c)
|
|
(This used to be commit 760455875f78a29c3fedd7de3671d6ae537c1d1a)
|
|
shows that this info is correctly returned to us in to info3 struct, so
check_info3_in_group does not need to be adapted.
Volker
(This used to be commit a84e778cafcefdc1809474c2123e757c8c9d9b70)
|
|
(This used to be commit a24df21e66aeafb15e22f9ed4df7d9dded3e3b52)
|
|
more than
one pointer...
Volker
(This used to be commit f2f08b64a53f6efd3154ff2656ecacc86872a18c)
|
|
(This used to be commit a8aab6de7516b70cae6c096883874fa152777b13)
|
|
(This used to be commit ccdff4a998405544433aa32938963e4c37962fcc)
|
|
parsing bugs related to that code
(This used to be commit 7bf1312287cc1ec6b97917ba25fc60d6db09f26c)
|