Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit 3365ad950b1ffdbcff9e6c7fc8525988d1621938)
|
|
metze
(This used to be commit 32cfd7c8df0fb0fe1da8a4d3acabbaa111326352)
|
|
metze
(This used to be commit 880dd3538ef54af100a715acb72cc16b9947b617)
|
|
metze
(This used to be commit ec30a40f042016bc167382b63bd284f656ed7cb1)
|
|
This updates the module to handle both SID allocation and nextRid
updating while importing users. (As imported users already have a
SID, so don't go via the allocation step). We also ensure that SIDs
in the database are unquie at create time.
Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.
Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).
We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks. These checks also need to apply to modification, or those
modifications denied outright.
Also update part of the testsuite to validate this.
Andrew Bartlett
(This used to be commit 7a9c8eee4bea88f5f0bb7c62f701476384b7dc84)
|
|
This should give better behaviour in SWAT.
Fix authentication as Samba, rather than System, users in SWAT.
Andrew Bartlett
(This used to be commit 498d72c4ad4d57d10f43ca58830d6ee8292a55f4)
|
|
Andrew Bartlett
(This used to be commit 4d69eae382a789910d24ecadfb08b8d95a3c04b0)
|
|
Andrew Bartlett
(This used to be commit 4a50bf95b93310f640a4ba28990f054e85215551)
|
|
so that they can be used by the other ldb tools as well
(This used to be commit c12b3c5cb46d428f815c623efacff8edebb6f6e3)
|
|
(This used to be commit 7b9b1ced7d36a1adf8d86b3b434c9e5d4bdfab87)
|
|
NOTIFICATION LDAP Controls
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/ldap_server_notification_oid.asp
this doesn't work yet, but it shows that we need to extend ldb to correctly
handle async requests...
metze
(This used to be commit 1fe67189490c9faf499b68a28071a6294a53db0e)
|
|
- also w2k doesn't work correct with max_attrs = 0, so we should use
a high number, with this I'm getting the same results from w2k and w2k3
metze
(This used to be commit ce9f086c3c1a65bf1b4c843ec44e8817d9361182)
|
|
metze
(This used to be commit 31d2bf3ca15842ff3f7a74aa35e3753fadba6177)
|
|
patch) before the power went out :-)
Andrew Bartlett
(This used to be commit 352d6493bbb9591aebb32a0c22124b61da959666)
|
|
Still investigating how it works.
Simo.
(This used to be commit bebd403523e581606505e05e7cb621efbc22fa36)
|
|
This patch pulls the AD site name generation and site join code from
libnet/libnet_join.c and puts it into a new file, libnet/libnet_site.c.
This way, a common means for site name, configuration dn and server dn
generation exists so it doesn't need to be rewritten in new code (such
as the future libnet_leave for example).
I've made a couple of changes, but nothing dramatic. Nice work Brad!
Andrew Bartlett
(This used to be commit 45f67b3f6d506cc8cb9922184a8c0c9b59a8f702)
|
|
shell interpreting the expanded make variables.
(This used to be commit ae7541a377eb9bd4a5b8b2bd779811e354f80d4a)
|
|
(This used to be commit e9ec3a379c45ea210a810b1cb5d65b966b7319cc)
|
|
metze
(This used to be commit 8fc2b68aa8d1a6bb3a828b3a1ab5f2a4f354f6f7)
|
|
fix bug #3411
metze
(This used to be commit 2cb587c779b5f70e4818fa57fcb2b8ee4a2a276b)
|
|
metze
(This used to be commit 157fd2734dfb9b3ac6f6c5ad60bbbd7a50998453)
|
|
domain migration
(This used to be commit c7951d17b1c4f53dd710d6a0fcf87ce678be3ff1)
|
|
There still a few things to work out
Andrew Bartlett
(This used to be commit 701558b5fe917555416eb0d100ef756f8ef7cf65)
|
|
DNS is now done as a seperate step, to assist in migrations.
Andrew Bartlett
(This used to be commit 916607d1d08b6a41c375766a69fd609989e35bed)
|
|
than a hardcoded SID.
Fix the samldb module to return the what *was* the nextrid, rather
than the new nextrid (that is for next time).
Andrew Bartlett
(This used to be commit ffe9042e15cebbc7ff1bac90ec39835753d6caa7)
|
|
(This used to be commit 982576d2489c9ac3f7d854f598a64a8c4d91a485)
|
|
want to see what it does ?
do aq make test and try:
./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*'
have fun.
simo.
(This used to be commit 900f4fd3435aacc3351f30afb77d3488d2cb4804)
|
|
(so I may learn about the protocol, while watching the debug output)
metze
(This used to be commit 40d7033a1472e5f6b7760984b7d2b6b7db2db860)
|
|
http://ubiqx.org/cifs/Browsing.html
metze
(This used to be commit 811683e5561a70c8f97f325a8a786d4aac17a564)
|
|
metze
(This used to be commit 8208a4abf0cacb9ee3496611f121c095b5d1bcca)
|
|
Login failed: Login Failed: Logon failure - please try again
In SWAT currently...
Andrew Bartlett
(This used to be commit 51eded818093320e7d6b9e95ad11fa21a81c3f93)
|
|
Andrew Bartlett
(This used to be commit 5c5a2974c94ae6b929ada7aaa2cd12a15b7468b8)
|
|
Andrew Bartlett
(This used to be commit def31956181833db4c8e5079b745ca60fdf35136)
|
|
code.
Previously, we had to know (or guess) the host and domain guid at the
provision stage. Now we query the database post-provision, to extract
the values and fill in the zone file.
This allows us to generate a correct zone file in the Windows migration case.
In an effort to make SWAT easier to use, I have removed and renamed
some of the provision options.
I have also fixed a nasty issue in my js code. I had implictly
declared a global variable of the name 'join', with disasterious
results for any subsequent user of the string utility function:
esp exception - ASSERT at lib/appweb/ejs/ejsParser.c:2064, 0
Backtrace:
[ 0] substitute_var:20 -> list[i] = join("", list2)
[ 1] setup_file:9 -> data = substitute_var(data, subobj)
Andrew Bartlett
(This used to be commit a38ceefd11f8b748f30383ef36a4752f178bfca1)
|
|
(This used to be commit 01e98966ca955e86ec46f8bce3892899e2717df9)
|
|
appear in DNS, so need to match.
Andrew Bartlett
(This used to be commit d092b0493d7c61112ef132c8fb259c15f189c5f6)
|
|
(This used to be commit dd386bdc6ca6fe0b25705d5a375d29e6940b437f)
|
|
length of the (possibly null) pointer.
In reality this should come to us either 16 or 0 bytes in length, but
this is the safest test.
This is bug 3401 in Samba3, thanks to Yau Lam Yiu <yiuext at cs.ust.hk>
Andrew Bartlett
(This used to be commit f3aa702944ed7086d93bf05075f910e7e4617d9c)
|
|
password'.
Andrew Bartlett
(This used to be commit e13cb0ab175069eb670c8b2f57379ababacfcce3)
|
|
some more work on timeouts
(This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)
|
|
metze
(This used to be commit e70ca698cea901a66f7201c16bb3ba1faa7e7289)
|
|
metze
(This used to be commit 1768a698a461bfb8aeaa8f28efaab4ad300823a2)
|
|
it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter
metze
(This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
|
|
as '-' make problems with popt
metze
(This used to be commit d300d56fb724642887c9b43058ef858298846288)
|
|
metze
(This used to be commit b206c5e87c791ac8f2ecf5b7ef6b2622ad735f54)
|
|
metze
(This used to be commit c52436108d1628feb50c9bf720ae30c4dc469b34)
|
|
not yet enforced except for the initial connection timeout
(This used to be commit fa1ae9a44b0321b8e458bcb7fd1dcc9475b9bad3)
|
|
the remote sever, and to query it for domain information.
Provide and use this information in the SamSync/Vampire callbacks, to allow a
parallel connection to LDAP, if we are talking to AD. This allows us
to get at some important attributes not exposed in the old protocol.
With this, we are able to do a all-GUI vampire of a AD domain from
SWAT, including getting all the SIDs, servicePrincipalNames and the
like correct.
Andrew Bartlett
(This used to be commit 918358cee0b4a1b2c9bc9e68d9d53428a634281e)
|
|
Andrew Bartlett
(This used to be commit c2eca05074ee7af6e3ddffc25dac5a939bdd7e9a)
|
|
- fix compilation of auth/kerberos/krb5_init_context.c on AIX
metze
(This used to be commit 0e1ad08a8515056f4ed0923889bef04d85b84964)
|