summaryrefslogtreecommitdiffstats
path: root/source3/param
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2003-07-07 05:11:10 +0000
committerGerald Carter <jerry@samba.org>2003-07-07 05:11:10 +0000
commit0b18acb841f6a372b3aa285d4734875e5e35fe3b (patch)
treeadd4afee2b70d87bfd96b7702d9d6a2476ac7e74 /source3/param
parentb5cd4a8643169b276a3af8a9272d212d76a54dd3 (diff)
downloadsamba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.tar.gz
samba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.tar.xz
samba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.zip
and so it begins....
* remove idmap_XX_to_XX calls from smbd. Move back to the the winbind_XXX and local_XXX calls used in 2.2 * all uid/gid allocation must involve winbindd now * move flags field around in winbindd_request struct * add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id() to prevent automatic allocation for unknown SIDs * add 'winbind trusted domains only' parameter to force a domain member server to use matching users names from /etc/passwd for its domain (needed for domain member of a Samba domain) * rename 'idmap only' to 'enable rid algorithm' for better clarity (defaults to "yes") code has been tested on * domain member of native mode 2k domain * ads domain member of native mode 2k domain * domain member of NT4 domain * domain member of Samba domain * Samba PDC running winbindd with trusts Logons tested using 2k clients and smbclient as domain users and trusted users. Tested both 'winbind trusted domains only = [yes|no]' This will be a long week of changes. The next item on the list is winbindd_passdb.c & machine trust accounts not in /etc/passwd (done via winbindd_passdb) (This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8)
Diffstat (limited to 'source3/param')
-rw-r--r--source3/param/loadparm.c15
1 files changed, 9 insertions, 6 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 1736254a4c..3ce4979489 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -163,8 +163,7 @@ typedef struct
char *szSourceEnv;
char *szIdmapUID;
char *szIdmapGID;
- BOOL *bIdmapOnly;
- char *szNonUnixAccountRange;
+ BOOL bEnableRidAlgorithm;
int AlgorithmicRidBase;
char *szTemplateHomedir;
char *szTemplateShell;
@@ -172,6 +171,7 @@ typedef struct
BOOL bWinbindEnumUsers;
BOOL bWinbindEnumGroups;
BOOL bWinbindUseDefaultDomain;
+ BOOL bWinbindTrustedDomainsOnly;
char *szWinbindBackend;
char *szIdmapBackend;
char *szAddShareCommand;
@@ -1117,7 +1117,7 @@ static struct parm_struct parm_table[] = {
{"Winbind options", P_SEP, P_SEPARATOR},
- {"idmap only", P_BOOL, P_GLOBAL, &Globals.bIdmapOnly, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"enable rid algorithm", P_BOOL, P_GLOBAL, &Globals.bEnableRidAlgorithm, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_DEPRECATED},
{"idmap backend", P_STRING, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER | FLAG_DEPRECATED },
@@ -1130,6 +1130,7 @@ static struct parm_struct parm_table[] = {
{"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"winbind trusted domains only", P_BOOL, P_GLOBAL, &Globals.bWinbindTrustedDomainsOnly, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -1467,12 +1468,13 @@ static void init_globals(void)
string_set(&Globals.szWinbindSeparator, "\\");
string_set(&Globals.szAclCompat, "");
- Globals.winbind_cache_time = 600; /* 5 minutes */
+ Globals.winbind_cache_time = 300; /* 5 minutes */
Globals.bWinbindEnumUsers = True;
Globals.bWinbindEnumGroups = True;
Globals.bWinbindUseDefaultDomain = False;
+ Globals.bWinbindTrustedDomainsOnly = False;
- Globals.bIdmapOnly = False;
+ Globals.bEnableRidAlgorithm = True;
Globals.name_cache_timeout = 660; /* In seconds */
@@ -1637,9 +1639,10 @@ FN_GLOBAL_STRING(lp_acl_compatibility, &Globals.szAclCompat)
FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers)
FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups)
FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain)
+FN_GLOBAL_BOOL(lp_winbind_trusted_domains_only, &Globals.bWinbindTrustedDomainsOnly)
FN_GLOBAL_STRING(lp_idmap_backend, &Globals.szIdmapBackend)
-FN_GLOBAL_BOOL(lp_idmap_only, &Globals.bIdmapOnly)
+FN_GLOBAL_BOOL(lp_enable_rid_algorithm, &Globals.bEnableRidAlgorithm)
#ifdef WITH_LDAP_SAMCONFIG
FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)