Age | Commit message (Collapse) | Author | Files | Lines |
|
seeing in the ldb winreg backend
(This used to be commit a56a3696cc6a5186f736e503704c288589e5a833)
|
|
Andrew Bartlett
(This used to be commit 66d7a51394b26bf9e8737477af965d08d9efde6d)
|
|
delegate by default.
Andrew Bartlett
(This used to be commit 49d489c81d5b5c86e032ed6edfda4590d1d1f2be)
|
|
credentials. This means we now delegate to windows correctly.
Andrew Bartlett
(This used to be commit d6928a3bf86f1ab89f29eac538ceb701c6669913)
|
|
DCE_STYLE modified version, and add parametric options to control
delegation.
It turns out the only remaining issue is sending delegated credentials
to a windows server, probably due to the bug lha mentions in his blog
(using the wrong key).
If I turn delgation on in smbclient, but off in smbd, I can proxy a
cifs session.
I can't wait till Heimdal 0.8, so I'll see if I can figure out the fix
myself :-)
Andrew Bartlett
(This used to be commit fd5fd03570c13f5644e53ff89ac8eca7c0985740)
|
|
Andrew Bartlett
(This used to be commit 6535959fd7dfddd6bafb77a266ec3a641025f880)
|
|
Andrew Bartlett
(This used to be commit 0a4194118974bdde4e10fd32578a5beeb6e768ce)
|
|
with schemas in ldbedit
(This used to be commit ddbca6e83254275568bff4c2f88cdbc4bfa666a6)
|
|
js arrays are a special type of object where the length property is
automatic, and cannot be modified manually. Our code was manually
setting length, which made it abort when someone passed in a real ejs
array. To fix this we need to create real arrays instead of objects,
and remove the code that manually sets the length
(This used to be commit ebdd1393fde44a0a35446d1a922d29a7c1769ba7)
|
|
work again. The automatic value() is fine for the length, but cannot
be used for the size as the size is not the number of bytes being
sent, but the number of bytes that the server is allowed to use in the
reply
(This used to be commit 46e91f269c83707863a726e716325eade38e1142)
|
|
(This used to be commit b8694c58f528d9da66cd623076282caece39d8a7)
|
|
Andrew Bartlett
(This used to be commit c0ba414a38de7ffa7b2a59c664598e64e911fe7c)
|
|
of the gsskrb5_acquire_cred hack.
Add support for delegated credentials into the auth and credentials
subsystem, and specifically into gensec_gssapi.
Add the CIFS NTVFS handler as a consumer of delegated credentials,
when no user/domain/password is specified.
Andrew Bartlett
(This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
|
|
(This used to be commit c913f466cd27030f8c696ab60b1a4a2eb2ac260c)
|
|
Andrew Bartlett
(This used to be commit c105112902da45ce8ba9f70bf240dd8201f6fd2c)
|
|
via winbindd in Samba4.
Andrew Bartlett
(This used to be commit e63be25d0b6edbb17f0747663b0570145a4d55fb)
|
|
(thanks metze).
Andrew Bartlett
(This used to be commit 848831a1559d6569359bd6fb4993ccbef6ad86d8)
|
|
logon_parameters for the auth subsystem.
Andrew Bartlett
(This used to be commit 767c5ca7bec3737d1261e209cd895d1300354f25)
|
|
prototype.
Andrew Bartlett
(This used to be commit a3abffc75805c8e333f387a96a1dbc352669d359)
|
|
Andrew Bartlett
(This used to be commit 64b9ea642bb7443f804e71bb2a6ccad94522d057)
|
|
special group vs. special group will be done later
metze
(This used to be commit 25a35c697795ff802d735cfd3e6c11ea73d92126)
|
|
metze
(This used to be commit 70166bb2a9085e08915fc0f560e660b7edd0c2b3)
|
|
metze
(This used to be commit a70cf6f87b975861bb7af4080c56f146faf3369d)
|
|
(This used to be commit fed26bc4fdb47b5bd1aaa6374b09252c239bbac4)
|
|
(This used to be commit a043ef33dca19d5ac1cdead60a4faa8b3a950bf4)
|
|
(This used to be commit d5aef4e2f955025266e59227364b5cccccdb9f32)
|
|
metze
(This used to be commit 061e2e67daeb920b2613564814738adc56c58017)
|
|
- we handle incoming release demands for that
metze
(This used to be commit 1db4d8e456895d18a864fa740ec0d8198226cba0)
|
|
(This used to be commit ad0019ad4ebba734ff1db31c53fd8b6ad085ead4)
|
|
metze
(This used to be commit dccaceee182066e15e7a4fd9a5f3f0b2e2beda19)
|
|
- remove useless .release attribute, we have seperate tests for this
now
- add first owned,active vs. replica test, including handling incoming
name queries from the server
metze
(This used to be commit 7843b6c5c84b7543fd30242e0d5c8414b56fd383)
|
|
Andrew Bartlett
(This used to be commit 7e3c22f57be215b483ae15de4f754ed4188b5379)
|
|
regardless the authentication result on a particular user.
Andrew Bartlett
(This used to be commit 2ee7ed000ef099b2e38d540be75cbc8de386839a)
|
|
minimal comments much better (much like volker scans code of less than
80 cols better ;-)
Andrew Bartlett
(This used to be commit 8800e9b5b06701ed1cdf9da0a37291a84eb36f7f)
|
|
logins (changing the winbindd interface).
Clean up the wbsrv_samba3_async_epilogue() handling, as it was mixing
auth and other replies, such that all replies were having the auth
error strings set. We now do a better job of filling in the right
errors in the right places.
Andrew Bartlett
(This used to be commit 8ed975df52bcac9646672f6a39c51481b5c59226)
|
|
server reference.
Andrew Bartlett
(This used to be commit 302219928f47cdc3822c3a7d9444339092d9d33c)
|
|
least don't allow binding to become uninitialised.
Andrew Bartlett
(This used to be commit e754234a17ebc601720caa66a229d9a842dfebda)
|
|
(This used to be commit 647cb90360d1a790c8da34d48c46737762046e1b)
|
|
return the pesky USER_EXISTS 'error' code any more, and it is much
easier to handle this inline.
Andrew Bartlett
(This used to be commit a7eb796cf544db3fe16986d8e233d2defe7a7d1b)
|
|
The warnings were caused by the structure assignements, which we don't
need to do. The actual values are filled in by the NDR layer later.
Andrew Bartlett
(This used to be commit f140117535c3281f0a0a7970ea4127498737d112)
|
|
volker's urging on the use of -O1.
Andrew Bartlett
(This used to be commit 6a7bb391ba62a4f90f57aa76c5dcc0d35fca54a4)
|
|
Andrew Bartlett
(This used to be commit de83b8cd187b28ecb30550c44f9f84e373df692e)
|
|
through all ldap errors except on search. Search errors are only
available via ldb_errstring() until we decide how to fix ldb_search().
(This used to be commit c192bcb79dda44b5b7a3bc257ba92addf769c8d9)
|
|
IDL and testsuites. The server-side of this remains a stub, we should
probably be doing ldb searches for the server reference record.
Andrew Bartlett
(This used to be commit 0141ed309a664e7a9893c95232c2dcb9768f9315)
|
|
authentication for user@realm logins and machine account logins.
This should avoid various protocol downgrade attacks.
Andrew Bartlett
(This used to be commit 76c2d204d0a1ec66d1ef3c935688c7571b051f46)
|
|
metze
(This used to be commit a29a107d95b67248ccd6036084829b080c892e40)
|
|
Andrew Bartlett
(This used to be commit e82fbb58ddaa3d38615d9a2d5e804f614edb2ff3)
|
|
Andrew Bartlett
(This used to be commit da24074860cb7029ef0ff45105170642174f45c1)
|
|
passwords.
Andrew Bartlett
(This used to be commit cb0b3c00572958f5ac8413cc651f627ca1871295)
|
|
(This used to be commit a0b4036ba6ae423bab3ec698d3e404f03bb0f9d5)
|