samba.git/source3/auth/wscript_build, branch master Unnamed repository; edit this file 'description' to name the repository. build: get rid of vars=locals() in source3/auth/wscript_build 2013-09-24T21:00:31+00:00 Michael Adam obnox@samba.org 2013-09-24T03:07:08+00:00 7e974dbd92d5ccec5286e0abd1c11f6834eeab02 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> 
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
build: get rid of source-variables in source3/auth/wscript_build 2013-09-24T21:00:21+00:00 Michael Adam obnox@samba.org 2013-09-24T03:06:22+00:00 c6e16183e1d969af9edf1c3eccb8502805c627b0 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> 
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
BUG #9295: Build standard auth modules as internal modules. 2012-10-18T09:33:17+00:00 Andreas Schneider asn@samba.org 2012-10-17T14:30:57+00:00 7786919428527f8e3b75806f5058ddd2a6ad4fab Signed-off-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
s3-auth: Remove auth_netlogond 2012-06-16T08:13:20+00:00 Andrew Bartlett abartlet@samba.org 2012-06-03T00:56:46+00:00 4edd8b891a90a89a84fbfa3636cc568d247b04b2 auth_netlogond was an important module in the development of the combined Samba 4.0, and was the first module to link smbd with the AD authentication store, showing that it was possible for NTLM authentication to be offloaded to the AD server components. We now have auth_samba4, which provides the full GENSEC stack to smbd, which also matches exactly the group membership and privileges assignment and which is supported and tested as part of the official Samba 4.0 release configuration. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Jun 16 10:13:20 CEST 2012 on sn-devel-104 
auth_netlogond was an important module in the development of the
combined Samba 4.0, and was the first module to link smbd with the AD
authentication store, showing that it was possible for NTLM
authentication to be offloaded to the AD server components.

We now have auth_samba4, which provides the full GENSEC stack to smbd,
which also matches exactly the group membership and privileges
assignment and which is supported and tested as part of the official
Samba 4.0 release configuration.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 16 10:13:20 CEST 2012 on sn-devel-104
Introduce system MIT krb5 build with --with-system-mitkrb5 option. 2012-05-23T14:51:50+00:00 Alexander Bokovoy ab@samba.org 2012-05-21T09:45:12+00:00 2ddf89a2bc3c00b71dec230f071416e594f89113 System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests. 
System MIT krb5 build also enabled by specifying --without-ad-dc

When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.

Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
  * Samba 4 client libraries and their Python bindings
  * Samba 3 server (smbd, nmbd, winbindd from source3/)
  * Samba 3 client libraries

In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
s3:auth: remove unused auth_server.c 2012-05-15T06:18:29+00:00 Stefan Metzmacher metze@samba.org 2012-05-12T10:01:03+00:00 413e1be7739003696fd903dd80d1ead5275fe74c metze 
metze
s3-auth: Remove security=share (depricated since 3.6). 2012-03-04T22:33:05+00:00 Andrew Bartlett abartlet@samba.org 2012-02-03T07:03:10+00:00 d7bb961859a3501aec4d28842bfffb6190d19a73 This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______ 
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.

The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok.  This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server

At the same time, this closes the door on one of the most arcane areas
of Samba authentication.

Naturally, full user-name/password authentication remain available in
security=user and above.

This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.

Andrew Bartlett

                       --------------
                      /              \
                     /      REST      \
                    /        IN        \
                   /       PEACE        \
                  /                      \
                  |      SEC_SHARE       |
                  |    security=share    |
                  |                      |
                  |                      |
                  |       5 March        |
                  |                      |
                  |        2012          |
                 *|     *  *  *          | *
        _________)/\\_//(\/(/\)/\//\/\///|_)_______
s3-pdb: Break SECRETS3 dependency on PDB. 2012-01-27T17:11:10+00:00 Simo Sorce idra@samba.org 2012-01-26T20:27:54+00:00 e6c39a292c7aa17792f09222d17733ecc9207849 This is causing circular depdnendcies that bring libpdb in all code and this is BAD. This change 'protects' the sid and guid of the domain by adding a special key that makes them effectively read only. Limit this temporarily to the samba 4 build, once it gets some good testing the samba4 ifdefs can be dropped. fix pdb dependencies Signed-off-by: Andreas Schneider <asn@samba.org> 
This is causing circular depdnendcies that bring libpdb in all code and this is
BAD.

This change 'protects' the sid and guid of the domain by adding a special key
that makes them effectively read only.

Limit this temporarily to the samba 4 build, once it gets some good testing the
samba4 ifdefs can be dropped.

fix pdb dependencies

Signed-off-by: Andreas Schneider <asn@samba.org>
s3-waf: auth_netlogond depends on tldap. 2012-01-12T16:33:10+00:00 Andreas Schneider asn@samba.org 2012-01-12T13:50:40+00:00 103c1cb9bf71af1925feb07386a6920807aceca3 Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Thu Jan 12 17:33:10 CET 2012 on sn-devel-104 
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jan 12 17:33:10 CET 2012 on sn-devel-104
s3-auth split the auth_generic functions into a seperate file 2011-12-22T18:25:11+00:00 Andrew Bartlett abartlet@samba.org 2011-12-16T05:55:36+00:00 5e038432f76718560639c86c613ba7ccd371540c Signed-off-by: Stefan Metzmacher <metze@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>