Age | Commit message (Collapse) | Author | Files | Lines |
|
This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced
by generated PIDL output.
Andrew Bartlett
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 29 05:33:03 CEST 2011 on sn-devel-104
|
|
This allows us to honour the AUTH_SESSION_INFO_UNIX_TOKEN flag.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This will allow the source3 auth code to call this without needing to
double-parse the SIDs
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Relicts from commit 323c7445713d17989452b99bbb541248bb2388eb
Reviewed-by: Jelmer
|
|
Reviewed-by: Tridge
|
|
This changes auth_methods_from_lp to no longer use the parametric
options, and to cope with ROLE_DOMAIN_BDC and ROLE_DOMAIN_PDC. This
will assist in calling the source4 auth subsystem with a source3
derived lp_ctx.
Andrew Bartlett
|
|
|
|
this code never did anything due to a typo, and was untested. We
should not be inluding a password cracker in Samba anyway.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu May 5 07:00:14 CEST 2011 on sn-devel-104
|
|
This avoid symbol and structure conflicts between Samba3 and Samba4,
and chooses a less generic name.
Andrew Bartlett
|
|
|
|
Guenther
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this prevents conflicts with the s3 auth modules. The auth modules in
samba3 may appear in production smb.conf files, so it is preferable to
rename the s4 modules for minimal disruption.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc. This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.
The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.
Andrew Barltett
|
|
Guenther
|
|
This makes everything reference a server_info->sids list, which is now
a struct dom_sid *, not a struct dom_sid **. This is in keeping with
the other sid lists in the security_token etc.
In the process, I also tidy up the talloc tree (move more structures
under their logical parents) and check for some possible overflows in
situations with a pathological number of sids.
Andrew Bartlett
|
|
This allows us to init an auth context that isn't going to do any NTLM
authentication, but is used by other subsystems.
Andrew Bartlett
|
|
This will allow for some more tokenGroups tests in future.
Andrew Bartlett
|
|
This should obviously point to the wrapper not the call itself.
Found out by Tru64 host build warning.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Jan 15 18:05:59 CET 2011 on sn-devel-104
|
|
This will be a building block for a tokenGroups test, which can
compare against a remote server (in particular the rootDSE) against
what we would calculate the tokenGroups to be.
(this meant moving some parts out of the auth_sam code into the
containing library)
Andrew Bartlett
|
|
This reverts a previous move to have this based around the auth
subsystem, which just spread auth deps all over unrelated code.
Andrew Bartlett
|
|
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
|
|
|
|
We need to be able to set the logon parameters in the same way as in the
ntlm server so we can handle openldap simple authentication call correctly.
Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org>
Autobuild-Date: Fri Nov 5 06:32:43 UTC 2010 on sn-devel-104
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
|
|
the waf build now generates the prototype declarations for us
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
Only link to nss_wrapper when it is enabled.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
|
|
Only link to uid_wrapper when it is enabled.
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
This includes dom_sid.h and security_token.h and will be moved
to the top level shortly.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
when we are an RODC we need to be able to allow multiple auth backends
to process a single auth request. First the sam backend will try to
authenticate, using locally stored passwords. If this backend can't
find local passwords then it will try the winbind backend and
authenticate via a writeable DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when an RODC tries to authenticate against an account and the account
has no password information it needs to send a message to the drepl
server to tell it to try and replicate the secret information from
a writeable DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
metze
|
|
This uses the winbind protocol directly, which needs to be avoided!
metze
|
|
We should only look at err if WBC_ERR_AUTH_ERROR is returned.
metze
|