Age | Commit message (Collapse) | Author | Files | Lines |
|
- the default max protocol is still NT1
metze
(This used to be commit d1bae931b327dda28e648efc473e0462cf036f7c)
|
|
- Collect the generic utility functions into a lib/util/ (a la GLib is
for the GNOME folks)
- Remove even more files from include/
(This used to be commit ba62880f5b05c2a505dc7f54676b231197a7e707)
|
|
in Samba4. This allows us to start winbindd by default, including in
'make test'.
This is via a new 'winbindd socket directory' parameter for utilities
linked against loadparm, as well as a --with-winbindd-socket-dir
option to configure (setting the default and the value for simple
clients).
I hope to add basic winbindd tests, to ensure continued correct
operation, but at least now I don't have to manually change my 'server
services' line.
The other problem with the hard-coded /tmp/.winbind is that RedHat has
moved this in Fedora (to /var/run I think). For this reason, this
functionality should probably be ported to Samba3 as well.
The default for Samba4 is PREFIX/var/run/winbind_pipe.
I have also re-added the paranoia checks from Samba3 for correct
permissions on the socket directory.
Andrew Bartlett
(This used to be commit 8866aa06ffc3896094c878e9c07b40c03826d9a7)
|
|
From here we can add tests to Samba for kerberos, forcing it on and
off. In the process, I also remove the dependency of credentials on
GENSEC.
This also picks up on the idea of bringing 'set_boolean' into general
code from jpeach's cifsdd patch.
Andrew Bartlett
(This used to be commit 1ac7976ea6e3ad6184c911de5df624c44e7c5228)
|
|
(This used to be commit c3bc39bd713e2a2b0a270d22e38fe39959a6a7c9)
|
|
script ...'
metze
(This used to be commit d28c8ce66db61cff193ac06e8e5d7d6aa5059e9e)
|
|
--service-name=bar in testparm.
Andrew Bartlett
(This used to be commit be067e9a04a4dca02a9472ae7385dc0bf26735ea)
|
|
This changes -s from meaning 'suppress prompt' to 'services file'.
Andrew Bartlett
(This used to be commit 0f78bd743b8bc415e47006a683c53bfdff1bc1e1)
|
|
Andrew Bartlett
(This used to be commit 3c49dd9219b12f5ed229ba108a02b85a18146df8)
|
|
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
|
|
metze
(This used to be commit d430fc278b8782f625cfafbff2a4efb936fdea36)
|
|
metze
(This used to be commit 48842cd9abcff744851ad1481309fb901be3a73b)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
metze
(This used to be commit 5054890b6871f1e25938ae76a2d660ce168877e8)
|
|
metze
(This used to be commit 0ed07057d37ec6684a01ba699073b4ba6d671697)
|
|
now $privatedir/wins_config.ldb contains the wins partners
and $lockdir/wins.ldb contains the name records
metze
(This used to be commit baa4a7a9d4f16adf476846850a63dfbfd51b10b3)
|
|
Add the kpasswd server to our KDC, implementing the 'original' and
Microsoft versions of the protocol.
This works with the Heimdal kpasswd client, but not with MIT, I think
due to ordering issues. It may not be worth the pain to have this
code go via GENSEC, as it is very, very tied to krb5.
This gets us one step closer to joins from Apple, Samba3 and other
similar implementations.
Andrew Bartlett
(This used to be commit ab5dbbe10a162286aa6694c7e08de43b48e34cdb)
|
|
because
--user-sids required the extension to trusted domains.
Implement "winbind sealed pipes" parameter for debugging purposes.
Volker
(This used to be commit 3821a17bdb68b2f1389b5a150502c057d28569d2)
|
|
metze
(This used to be commit d49a1d2b15c7d17a5d6928a971fbe87d13686c2d)
|
|
(This used to be commit d2f80c0457f7404b2cac9df59a400130e9ad025f)
|
|
use pstring is next_token() now.
(This used to be commit a5b88bcd420eb7ae42283293541519e142be36e3)
|
|
works now
(This used to be commit 22f18a84242e5e68a2d57b6d7ff77c089ee7434a)
|
|
(This used to be commit 0963ab9c148772b961f17ec779213b0eb861e1dd)
|
|
the list:
This patch removes the 'domain logon' and 'domain master' controls from
Samba4, in favour of a 'server role =' that users can actually
understand.
We can expand the list of roles as needed, and nobody has to figure out
what a 'domain master' actually means.
Andrew Bartlett
(This used to be commit 31e755c2ced64dbd2681d5f6ef021a87dbeda689)
|
|
Samba to use the target principal name supplied in the mechTokenMIC of
an SPNEGO negTokenInit.
This isn't a great idea for security reasons, but is how Samba3 behaves,
and allows kerberos to function more often in some environments. It is
only available for CIFS session setups, due to the ordering of the
exchange.
Andrew Bartlett
(This used to be commit f6a645644127ae695a9f7288e0a469f2eb7f3066)
|
|
Fix a couple of bugs
Move samba3sam backend to lib/ldb/
Remove some more unused parameters
(This used to be commit 7f864d446d6af7cfd9fb8dbc496a29b36ec57ce9)
|
|
(This used to be commit 4a51a31571d12078e3c2c78641c0c844fc26925d)
|
|
Add userdata argument to function pointers for pm_process()
(This used to be commit 84b2fb34675fa557173621433838c5a7ec0f1283)
|
|
presented by regedt32. I think this hive is dynamically generated
from SAM information.
(This used to be commit feb341969e59540bc22e78df0d44b4d42c336d31)
|
|
retrieval of the smb.conf parameter categories. This will make writing
a smb.conf editor easier.
(This used to be commit 8db549b1506b5260c9eb16f40bbdae6a7c006fa2)
|
|
- get rid of redundeny dyn_CONFIGFILE argument to lp_load()
- fixed provisioning to work with completely pristine install,
creating an initial smb.conf is none is present
- added lp.set() and lp.reload() to loadparm ejs object interface
(This used to be commit c2691ef7126ddcee5f95970b78759b40a049d0a7)
|
|
required by ISO C99.
(This used to be commit 56fd21c806e816cf4c3d23881f26474f858b45e2)
|
|
template files
(This used to be commit c842144cbf642b10df21c979d3c4b9fe94384b96)
|
|
searches a js library
path set in "js include" in smb.conf.
This will allow us to start building up a library of common js code,
while avoiding the problem of hard-coding include paths in scripts
(This used to be commit ff60529ba2515df29a20b4a417327a3565ec8ee9)
|
|
have kerberos.
Andrew Bartlett
(This used to be commit 3d82b1417b9f2e31089cb8ee7e4f98bd226f2e75)
|
|
- make not finding smb.conf a level 1 message, not level 0. Most of our
tools handle no smb.conf, and those that don't should check for the
specific parameters they need, or use the defaults
(This used to be commit 8c17b61f8e0f6eefa6a1f853abc06d023627bbbb)
|
|
sam database = sam.ldb
and it will know to put it in the private dir, but if you use
sam database = ldap://server
it knows to use it as-is
(This used to be commit c5bccbc366db144d3e1cb7b21f0e3284d841dd06)
|
|
(This used to be commit ce6257b316bc66a3fc554487099976a853d25ddd)
|
|
Session Setup code.
Add a mem_ctx argument to a few of the NTLMv2 support functions, and
add smb.conf options to control client NTLMv2 behaviour.
Andrew Bartlett
(This used to be commit 3f35cdb218a3dae08a05e77452ca9f73716ceb28)
|
|
(This used to be commit 023fc567badba38b87895ea73515b2ce0b703a8c)
|
|
- this is an abstraction layer for print services,
like out NTVFS subsystem for file services
- all protocol specific details are still in rpc_server/spoolss/
- like the stupid in and out Buffer handling
- checking of the r->in.server_name
- ...
- this subsystem can have multiple implementation
selected by the "ntptr providor" global-section parameter
- I currently added a "simple_ldb" backend,
that stores Printers, Forms, Ports, Monitors, ...
in the spoolss.db, and does no real printing
this backend is basicly for testing, how the spoolss protocol
works
- the interface is just a prototype and will be changed a bit
the next days or weeks, till the simple_ldb backend can
handle all calls that are used by normal w2k3/xp clients
- I'll also make the api async, as the ntvfs api
this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
that opens a connection back to the client, easier to implement,
as we should not block the whole smbd for that
- the idea is to later implement a "unix" backend
that works like the current samba3 code
- and maybe some embedded print server vendors can write there own
backend that can directly talk to a printer without having cups or something like this
- the default settings are (it currently makes no sense to change them :-):
ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db
metze
(This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)
|
|
to globals only (no shares).
Andrew Bartlett
(This used to be commit 9e6112eee37927cd4deaa078ea09813e07c7c386)
|
|
This always loads all the services, as we now don't have an easy way
to split out smbd.
Andrew Bartlett
(This used to be commit 990e061939c76b559c4f5914c5fc6ca1b13e19dd)
|
|
included Heimdal) to Samba4.
Andrew Bartlett
(This used to be commit 51ba3ea60c265b837821b6c3e031dfe229c10d6a)
|
|
- by default enable tls if the certfile is set in smb.conf and gnutls library
was compiled in
(This used to be commit bbafdeae3a68c0ff1170b0a4ecc568664ec1a925)
|
|
web tls keyfile
web tls certfile
web tls cafile
web tls crlfile
(This used to be commit abfa3e9179557cf1853f490a479a0003ce4e11f7)
|
|
be accessed externally
- moved esp_lpGet() to web_server/calls.c
- attempt to fixup ejs build with includes.h again
(This used to be commit 592a81c347981420154ddf3b8d4252d3bb08bc86)
|
|
in esp scripts
lpGet takes 4 forms
v = lpGet("type:parm"); gets a parametric variable
v = lpGet("share", "type:parm"); gets a parametric variable on a share
v = lpGet("parm"); gets a global variable
v = lpGet("share", "parm"); gets a share variable
in all cases a ejs object of the appropriate type for the variable is returned.
This commit also adds the function typeof() which returns the type of an object
(This used to be commit 5537a0d38d4805cbc2dad0d6f76db15173b1fd60)
|
|
(This used to be commit 31543e1eae03d22343ea8c970494af36eb07b41f)
|
|
This includes an embedded server side scripting system called 'esp'
(see http://www.appwebserver.org/products/esp/esp.html) and javascript
based scripting language called 'esj' (see
http://www.appwebserver.org/products/ejs/ejs.html)
The justification for including this scripting language is that it
should make it much easier to write a high quality web interface for
Samba4. The scripting language can call into any Samba4 library code
(so for example it will be able to make ldb and loadparm calls), plus
it provides easy support for forms, cookies, sessions etc.
There is still quite a bit more work to do on the web server, but
there is enough here now for people to look at and comment. I will be
committing some sample web pages that test esp functionality shortly.
(This used to be commit 26f0ba92c0c565ac9e4cb5a079d795d4262497dd)
|