summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r5180: Call the "add machine script" to create all kinds of trust accountsGünther Deschner1-1/+1
(this restores old behaviour). Fixes #2291. Guenther (This used to be commit 5ca0d1b87cd20f538a13321eb11ef97d00bf5133)
2007-10-10r5179: Add -P (password-menu-only) option to swat. Admins can allow usersDeryck Hodge1-1/+4
to use swat to change their password without allowing them to see the "View" and "Status" buttons. deryck (This used to be commit c9cacd553f8e7aa2db011cb7b22dd791b7460ea0)
2007-10-10r5176: Warn the user that print command is ignored when using cups librariesSimo Sorce1-0/+7
(This used to be commit 142461204718d489bbeff451878a52208b9891bc)
2007-10-10r5174: ensure that we consistently use the current_user_info.smb_name vs. ↵Gerald Carter2-24/+19
smb_name when parsing smb.conf and reloading config files (This used to be commit be537eaebe84b2ccae089e5982263df8a96e7a5b)
2007-10-10r5166: From James Peach - remove minor C99-isms.Jeremy Allison1-6/+12
Jeremy. (This used to be commit 54ac409d4fd3b6e8e2bd338dabed446a92507811)
2007-10-10r5165: BUG 2295: always use get_local_machine_name() rather than digging in ↵Gerald Carter4-18/+15
the gloval variable 'local_machine' (This used to be commit 6a6e4af46a5c0a693a3dd9d558a4d1c1e5d72d95)
2007-10-10r5163: Fix bugzilla 2062:Jim McDonough1-1/+6
turn off broadcast for all 390 NICs. (This used to be commit d159a5013e96a1188599a3fa0bff108fa6f6679b)
2007-10-10r5162: BUG 2264: remove shutdown and abortshurn commands from rpcclient ↵Gerald Carter1-31/+14
since they are stable in 'net rpc' (to avoid fixing portability bugs) (This used to be commit 0a1f9703a1fe5dec80d76db6736c43e19fea9c3f)
2007-10-10r5160: First cut at refactoring of directory code to handle non-wildcardJeremy Allison5-80/+191
directory match more efficiently. Passes RAW-SEARCH under valgrind but needs more testing (which I'll do later today :-). Jeremy. (This used to be commit 0b04dd9d0c6d1fe02d1b5e43f203577bf5466f33)
2007-10-10r5159: BUG 2262: add support to detect *freebsd6* (same as *freebsd5* currently)Gerald Carter1-2/+2
(This used to be commit d6c7de240885be00149fd00b47f229a59f150b3e)
2007-10-10r5158: BUG 2263: patch from Timur Bakeyev <timur@com.bat.ru> to guard ↵Gerald Carter1-4/+10
base64_encode_data_blob() against empty blobs (This used to be commit 17239d609f63ae5bd6826e580876c27e8c92d6fa)
2007-10-10r5157: BUG 2266: conditionally include rpc/nettype.h to work around missing ↵Gerald Carter2-1/+3
header onf FreeBSD4 (This used to be commit 314da604735696da4cf350f35d84592356e31861)
2007-10-10r5154: Tidy up interface a little.Jeremy Allison3-6/+9
Jeremy. (This used to be commit a38eeb765f4c744ca7bf0aca86bb448240ad295d)
2007-10-10r5152: Restructure the directory handling code, stop using void * pointersJeremy Allison6-259/+201
that just allow the wrong pointer to be assigned :-) and make the interface more consistent. Fix the FreeBSD directory problem. Last thing to do is to add the "singleton" directory concept from James Peach's code. Jeremy. (This used to be commit cfa8150fd9932470cb8f3b5e14c0156dda67125d)
2007-10-10r5150: consolidate the samr_make.*obj_sd() functions to share codeGerald Carter2-196/+41
(This used to be commit 5bd03d59263ab619390062c1d023ad1ba54dce6a)
2007-10-10r5140: (a) fix problem with enumerating domain trusts in security = ads; (b) ↵Gerald Carter2-3/+5
fix a segfault in rpcclient's dsenumdomtrusts (This used to be commit 558525abf14432bd5527e5578ce18d128627dabb)
2007-10-10r5127: Fix Bug 2289 -- thanks to jason@ncac.gwu.eduVolker Lendecke1-2/+1
(This used to be commit 8c35c3bf2ed65d2b93feb0f419e1c7785fba7764)
2007-10-10r5125: Fix bug 2113 -- thanks to jason@ncac.gwu.eduVolker Lendecke1-13/+0
(This used to be commit 0c205bcc864c8dc01124a5d654792de0cbf79a63)
2007-10-10r5100: We should only care about case-sensitivity when *reading* an incomingJeremy Allison2-4/+4
filename, not returning one. Makes us pass one more Samba4 RAW-SEARCH test. Jeremy. (This used to be commit 228d1e1649a0b4952eb5603cb5e1851cdc8f0c72)
2007-10-10r5098: Next round build-fixingVolker Lendecke1-1/+1
(This used to be commit 175ec3ed518704920c7c55b050ec1cc00da7f560)
2007-10-10r5096: Attempt to fix the buildVolker Lendecke1-1/+1
(This used to be commit 5f34139b68460f6fb1046e2b97f16dbeff3fb136)
2007-10-10r5082: Don't blindly copy question rr_type and class, set correctly as requiredJeremy Allison1-10/+7
by rfc1002. Jeremy. (This used to be commit 422fb43dda13e0840245ae272b7621640b8ad220)
2007-10-10r5077: Use correct type for rr record on negative name query reply.Jeremy Allison1-0/+3
Jeremy. (This used to be commit 86c5548d272c0804c0188ae744ae1bb17eb817f6)
2007-10-10r5076: Ensure that WINS negative name query responses and WACK packetsJeremy Allison1-1/+10
use the correct RR type of 0xA instead of reflecting back what the query RR type was (0x20). See rfc1002 sections 4.2.14 and 4.2.16. Jeremy. (This used to be commit ab8c9240044f1ef3d5c6ac4850c8ec615c2e32fd)
2007-10-10r5069: Ensure we return the correct errors for old-style search requests.Jeremy Allison1-6/+9
Jeremy. (This used to be commit ef73dfe0d6c3b7f71109e32115d528ecdbe562ea)
2007-10-10r5066: A couple of small fixes from James Peach @ SGI.Jeremy Allison2-2/+7
Jeremy. (This used to be commit 9d131e94195df79e07c8fad20e12ba1b67441a81)
2007-10-10r5063: Shamelessly steal the Samba4 logic (and some code :-) for directoryJeremy Allison5-221/+251
evaluation. This stops us from reading the entire directory into memory at one go, and allows partial reads. It also keeps almost the same interface to the OpenDir/ReadDir etc. code (sorry James :-). Next I will optimise the findfirst with exact match code. This speeds up our interactive response for large directories, but not when a missing (ie. negative) findfirst is done. Jeremy (This used to be commit 0af1d2f6f24f238cb05e10d7d53dcd5b5e0f5f5d)
2007-10-10r5058: Due to the fragileness how windows reacts on unmapped sids sometimes,Günther Deschner1-0/+6
don't leave administator-sid unmapped. Simply return "Administrator" Guenther (This used to be commit 168ddf31d1af49d52d17dd09c9653d3deafb9442)
2007-10-10r5056: * correct STANDARD_RIGHTS_WRITE_ACCESS bitmask defineGerald Carter5-13/+26
* make sure to apply the rights_mask and not just the saved bits from the mask in access_check_samr_object() * allow root to grant/revoke privileges (in addition to Domain Admins) as suggested by Volker. Tested machine joins from XP, 2K, and NT4 with and without pre-existing machine trust accounts. Also tested basic file operations using cmd.exe and explorer.exe after changing the STANDARD_RIGHTS_WRITE_ACCESS bitmask. (This used to be commit c0e7f7ff60a4110809b8f500fdc68a1bf963da36)
2007-10-10r5046: mark 'winbind enable local accounts' and testprns as depcrecatedGerald Carter2-1/+4
(This used to be commit 17bc42b4c2e21004adaeac78db6231a384fda16c)
2007-10-10r5029: after talking to Rob, ensure that we set the NETIOSNAME.domainnameGerald Carter1-1/+10
as the longname in the published printer information since this is what we will have used when we joined the domain. More testing on this tomorrow. (This used to be commit d64fd1116d5fe29807be29c73809317f88fdb033)
2007-10-10r5028: * check acb_info mask in _samr_create_user instead of the last characterGerald Carter1-36/+21
of the user name * fix some access_mask checks in _samr_set_userinfo2 (getting join from XP without being a member of domain admins working) (This used to be commit 04030534ffd35f8ebc997d9403fd87309403dcbf)
2007-10-10r5020: bumping the 3.0 tree to 3.0.12pre1 since there will not be a full ↵Gerald Carter1-2/+2
sync for the 3.0.11rc1 release (This used to be commit c0e292e491c684b8ce19096e55338a27161c0a49)
2007-10-10r5015: (based on abartlet's original patch to restrict password changes)Gerald Carter4-342/+486
* added SE_PRIV checks to access_check_samr_object() in order to deal with the run-time security descriptor and their interaction with user rights * Reordered original patch in _samr_set_userinfo[2] to still allow root/administrative password changes for users and machines. (This used to be commit f9f9e6039bd9443d54445e41c3783a2be18925fb)
2007-10-10r5014: Split out the request to send an async level II oplock break into aJeremy Allison2-18/+59
new function to make it clear when it's called. Remove async parameter that had been overloaded into request_oplock_break. Inspired by work from Nadav Danieli <nadavd@exanet.com>. Jeremy. (This used to be commit 05697fb50236dfc28e81f8b3900eac17cace57c1)
2007-10-10r5012: fix segfault caused by using a ipp_t * after calling cupsDoRequest()Gerald Carter1-0/+2
(This used to be commit 0ac3c4c5a231c314213dbce29e25911ddb04de2d)
2007-10-10r5002: Ensure we can't remove a level II oplock without having theJeremy Allison1-17/+19
shared memory area locked. This need to be in 3.0.11. Pointed out by Nadav Danieli <nadavd@exanet.com>. Jeremy. (This used to be commit 47ed16aefbdcb6257101c6b78c93eeb7cf048185)
2007-10-10r4996: sync up copytights with trunkGerald Carter1-0/+1
(This used to be commit 8946efe102f7a8a9b5a8059a80666b782159e7b8)
2007-10-10r4995: fail set_privileges() if 'enable privileges = no' to prevent confused ↵Gerald Carter1-0/+3
admins who never read what I write :-) (This used to be commit 1d7a636e0e7f8a0bc3d3ae04b40f79db7f08d619)
2007-10-10r4994: Patch from abartlet:Günther Deschner1-13/+26
When migrating account policies to ldapsam, handle the fact that an admin might have changed the default location of the sambaDomain-object after installation. Guenther (This used to be commit 78c3c7127444b8f9959f4d6ce9e540271869d70f)
2007-10-10r4989: Display failed LDAP-server-uri.Günther Deschner1-1/+2
Guenther (This used to be commit d433c7b476005064b9cfd339bbd8a25b40de59c1)
2007-10-10r4988: After speaking with Jerry, remove old lp_admin_users toGünther Deschner1-14/+0
administrator-sid mapping completely. Guenther (This used to be commit 4cbe37ecd544b01c57c7fce5b3be28669f4ba6c3)
2007-10-10r4976: Try to scare people off from trying to write authentication modulesAndrew Bartlett1-0/+4
that only acheive as much as 'security=server' does. Andrew Bartlett (This used to be commit fb694f2b1a809d221f48f9b9b0e54e9512325bae)
2007-10-10r4972: Fix a warning and some debugging-outputs.Günther Deschner5-8/+8
Guenther (This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
2007-10-10r4970: Fix for bug 2092, allowing fallback after kerberos and allowJeremy Allison4-4/+23
gnome vfs to prevent auto-anonymous logon. Jeremy. (This used to be commit 843e85bcd978d025964c4d45d9a3886c7cf7f63c)
2007-10-10r4967: Not being in any domain local groups is obviously valid...Volker Lendecke1-1/+1
Volker (This used to be commit 78975ab9a996ac61be37410f18ddedb9df58d04b)
2007-10-10r4966: don't enumerate the drivers for the same architecture string more ↵Gerald Carter1-0/+12
than once (This used to be commit c488ce9934aaf640c3f63cbdabc3110b8cf70fae)
2007-10-10r4964: Fix our lsa lookupsid $OURDOMAINSID-500.Günther Deschner1-14/+15
Give the admin-user (rid 500) a chance to be found in passdb, not returning the (possibly obscure) first entry of "admin users" before that. Guenther (This used to be commit d319c0e189bc67a4552dafaff80113603b551eb3)
2007-10-10r4963: It is actually a very bad idea to use KRB5_CONFIG in theGünther Deschner1-7/+7
configure-checks (At least Heimdal uses KRB5_CONFIG for locating it's configuration-file (usually /etc/krb5.conf)). Renaming it to KRB5CONFIG prevents configure-checks that use heimdal-libs from segfaulting while the lib reads the krb5-config binary as a configuration file... Vendors that used the KRB5_CONFIG-variable to let configure find a custom krb5-config binary have to use KRB5CONFIG now. Guenther (This used to be commit 95edb3c67f330afd8dbb8268f3f8ecaf1732c238)
2007-10-10r4946: Our notion the other_sids in the info3 SamLogon struct wasVolker Lendecke2-14/+34
...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker (This used to be commit a0a6388830d9457de3e42686c64bddeba42954f8)