Age | Commit message (Collapse) | Author | Files | Lines |
|
This changes the cache format, which will simply invalidate existing entries,
leaving them dead in the cache.
Andrew Bartlett
(This used to be commit 3fc179362ea849db23490b971a9f64f943e7f7f8)
|
|
Now we deal with SIDs in almost all of winbind (a couple of limited exceptions
remain, but I'm looking into them - they use non-winbind structs ATM).
This has particular benifits in returning out-of-domain SIDs for group
membership (Need to look into this a bit more) as well as general code quality.
This also removes much of the complexity from the idmap interface, which now
only deals with mapping IDs, not with SID->domain translations.
Breifly tested, but needs more. Fixes some valgrind-found bugs from my
previous commit.
Winbind cache chagned to using SID strings in some places, as I could not
follow exactly how to save and restore multiple packed sids properly.
Andrew Bartlett
(This used to be commit 9247cf08c40f016a924d600ac906cfc6a7016777)
|
|
dynamically-created valid table every time the configuration was
reloaded.
(This used to be commit e42b237d980461caf2dd2a8f82c17bf674facb7d)
|
|
>Another hopeful fix for CR#1168. Change the RPC used in querying
>domain users from QueryDispInfo to EnumDomainUsers. Hopefully this
>will fix the random dropouts that keep occuring when listing large
>domains.
>
>My thought is that since QueryDispInfo is only used in the NT user
>manager it may have a bug with large domains. A more commonly used
>RPC may not have such problems.
(This used to be commit 0501b7d0b12fa8063ffe6a9d4ecc3391d0c2f45d)
|
|
(This used to be commit 0308f24ad209a28799b36d041be2dc2be2b2dac8)
|
|
(This used to be commit 018733eedd7897e6811e8461c07e3acf418c0e09)
|
|
(This used to be commit 92abafa62894a125c5a09fc92f5056e4d8b51089)
|
|
(This used to be commit f4492de2d668082df6ae06933d12a3cfe120d403)
|
|
cache the printer_info_2 with the open printer handle.
cache is invalidated on a mod_a_printer() call **on that smbd**.
Yes, this means that the window for admins to step on each other
from different clients just got larger, but since handles a generally
short lived this is probably ok.
(This used to be commit 33c7b7522504fb15989f32add8e9a087c8d9d0fa)
|
|
(This used to be commit 923425e497112c5d1e2e569da6c13dcd02b6a8af)
|
|
function.
Andrew Bartlett
(This used to be commit 212a52b3d2ca39fcea2990f9293754b08e9b68e4)
|
|
in general searches, but only if searching for the DN only.
In my case, it was the tokenGroups attribute that caused me trouble, hence
this patch.
Andrew Bartlett
(This used to be commit 8a0cc4c2beb5d6ad7e44bf47bf0f9ec4a3ffdb96)
|
|
(This used to be commit 43f07e9de70ad9993265e28a54239caba0121ab6)
|
|
domains) would not have the tokenGroups or memberOf attributes filled in.
This would cause a user to have no supplementary group membership.
Detect this by the fact that the primaryGid must be present in the tokenGroups,
and if it isn't (ie, if there is no tokenGroups at all), do a server-side
search on all groups using the 'member' attribute and the user's DN.
Andrew Bartlett
(This used to be commit a074f74e627e1d947a76bcf3a39e3c5df4d4ffe5)
|
|
we were overwriting the user's ccache with the machine password (the -P option).
Andrew Bartlett
(This used to be commit 231d2f84ef36b30be98baf3b56ebf4a5cd8dad11)
|
|
Andrew Bartlett
(This used to be commit 32fd0c49009e38022523cc5c14567dd55de08206)
|
|
(This used to be commit 059ac2d839bf258408490f5ceb786a47cb5acb58)
|
|
Andrew Bartlett
(This used to be commit c26881633d8a7f6d9b9ed9c6a97ce2b45bf2b317)
|
|
(This used to be commit a47dee787413daaf0b550a47bbd78125490c356e)
|
|
keys for kerberos authentication.
Andrew Bartlett
(This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
|
|
(This used to be commit 6d18f64ef518cbb3d522cf1f92dc5cbc2e2cb642)
|
|
(This used to be commit 34fb5f0b1a6281b3aa7782edb3fcb82cc4ec4877)
|
|
Andrew Bartlett
(This used to be commit aa486355e282b891b299d63cc07431f32213b1b8)
|
|
(This used to be commit eb5d1a72dc9dc35997d39f8778ee98163b8cce32)
|
|
(This used to be commit 5002555a9719987ccdc887ffff64ea8d02c9881d)
|
|
(This used to be commit ff2b5b2f85f2d9dade67077cea1b68719cf65352)
|
|
> Exit path cleanup for cli_samr_enum_dom_users()
(This used to be commit 655c1e03519d4fa174a85534c165bdd1ce163ae8)
|
|
(This used to be commit ffaa608be01d72075942ca3aff2325c6364e0556)
|
|
safe_strcpy() isn't particularly safe (this has been noted before) as it does
not take the size of the buffer, but instead the size of the buffer *minus 1*
The locking.c fix was causing segfaults on machines running with
--enable-developer, and was tracked down thanks to the fact that vance's build
farm machine runs with such an option, and smbtorture's DIR1 test hits this
bug very well.
(The --enable-developer code writes to the last byte of the string, to check
for incorrect use of safe_strcpy()).
Andrew Bartlett
(This used to be commit e908fd164d1b11b6f76a6fdffb22e139813cb3c0)
|
|
(This used to be commit f3be08472b8b34d8921ff23c52dd2ba030c96f25)
|
|
(This used to be commit 70fce680c01fa1baa65fb3cbc83dfaf822fdadd7)
|
|
Andrew Bartlett
(This used to be commit 5a472e2a3cffe175ac4341e19c153a931505a2e8)
|
|
Andrew Bartlett
(This used to be commit cfc4cc776899da92a5c9a17f0ea36c7cb65d7a80)
|
|
make x_fwrite() match fwrite() in returning a size_t.
Andrew Bartlett
(This used to be commit 2943c695787b742e9a96b2eefe2d75f681bacf7c)
|
|
(make it possible to build both shared and static) and -lcrypt handling.
(This used to be commit 30510f50077fd157664c127ac0182ce26843d43f)
|
|
(This used to be commit 523d1429b1072c999d376d2b4e13a1c08349990a)
|
|
(This used to be commit d0365f20c242bcfc4f5d8286c6c5654e310a9d45)
|
|
the user a second time now.
Andrew Bartlett
(This used to be commit a1e27a02f52315df0dd05ab8a94ae5a2bf398655)
|
|
The intention is to remove the muliple passdb backends, but we need the
'guest' account to always be there. If the admin adds the guest account to
(say) LDAP, there will only be one backend required for operation.
This helps remove some nasty behaviours with adding accounts to the system
for both the RPC 'create user' and the SAMSYNC code. Users 'added' with
an 'add user/machine' script won't magicly appear, and machine accounts
'pre-added' to unix, but not the smbpasswd file will not cause mayhem.
This commit also implements somthing tridge discussed with me, the concept
of 'default' passdb operation pointers - so that each backend does not
need it's own stub funcitons wrapping the default tdb privilages/group
mapping code.
This also removes an implicit 'sid->name' and 'name->sid' mapping from our
own local SID space, to winbind usernames. When adding mapping for NIS/LDAP
non-sam users in future, we need to be careful.
Andrew Bartlett
(This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
|
|
We check passdb becouse the user might have things like a logon script set,
but we have to check the passdb becouse the user might not be in smbpasswd at
all.
This is in preperation for the removal of unixsam as an assuption.
Andrew Bartlett
(This used to be commit 61e3e2695860c58f9b0e8d1856972318666682c8)
|
|
if the context is the same. See LOCKTEST7 in smbtorture.
Jeremy.
(This used to be commit b362cc241b829f585a96b5d285ed12db50b21e2e)
|
|
<sshivanna@pillardata.com>
Jeremy.
(This used to be commit caf298c3808cbdd683e884b32b7a0538505a3066)
|
|
inline the call to prs_copy_all_data_out() so that we can know we are not
overrunning our buffer.
Also check more return values.
Andrew Bartlett
(This used to be commit e3b73d5d658584428c81c9ef3ccf024687a56e2f)
|
|
(This used to be commit 513fb2ddd85a74de7684a6cb09d57011af69161f)
|
|
* performance optimization in enumprinterdataex() when keyname is empty
* fix a few typos in comments
* reload services after addprinter_command()
dump registry data in ascii when the key is REG_SZ or REG_MULTI_SZ
(This used to be commit fde6ef7cc62c58d512dc8053b214f0a3c59a78ab)
|
|
before calling it. Fixes seg fault in audit VFS module
(This used to be commit 5e115d43812021f9a16111fc7c05d750026cca1e)
|
|
(This used to be commit df3c7c9cbb275e9c35356b4f1cab1a741de6f500)
|
|
section...does this make sense?
(This used to be commit 822083f73e8ba4e096c53ff0f7578f47bc21b7b5)
|
|
must not be freed afterwards.
Jeremy.
(This used to be commit 80bad908c0235a57446c70b9632d3415c9d2fcf5)
|
|
(This used to be commit 3805a9c5d5e98e089e1cd9e794f7204fc354a311)
|