| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Set the values like Windows Server 2003 R2.
|
| |
|
|
|
|
| |
DC object
Found after some comparisons against Windows Server 2003 R2.
|
| |
|
|
|
|
|
| |
the display specifiers
The object version showed up in the Windows 2003 Server R2 AD.
The "systemFlags" attribute has been set to the right value.
|
| |
|
|
| |
parameters
|
| |
|
|
|
|
|
|
|
| |
consumed_ucs is the number of bytes
of the UCS2 path consumed not counting any
terminating null. We need to convert
back to unix charset and count again
to get the number of bytes consumed from
the incoming path.
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that the sanity checks for mount.cifs default to matching the
behavior of /bin/mount, then there is virtually no need for umount.cifs.
The only exception is when someone enables the loose setuid behavior in
mount.cifs.
If an unprivileged user mounts a share that isn't in /etc/fstab, then
/bin/mount won't allow that user to unmount it. In that situation,
umount.cifs will be necessary to allow unmounting the share.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Steve French <smfrench@us.ibm.com>
|
| |
|
|
| |
Search for groups without group suffix, group suffix is only used for new entries.
|
| |
|
|
|
|
|
| |
Found while testing Xerox WorkCentre 133 PCL driver, now also tested with
torture test.
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
| |
This reworks the notes file to be less stream-of-consciousness and more
task for porting, with a very particular focus on a potential port of
Samba4 to use MIT Kerberos.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
|
| |
It seems quite reasonable to allow modules to re-initialise the set of
cached DNs on the ldb context.
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This job is not complete (the partition module remains a unfinished
task), but now we do use the private ldb headers much less.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail
list user principal name) in an AS-REQ. Evidence from the wild
(Win2k8 reportadely) indicates that this is instead valid for all
types of requests.
While this is now handled in heimdal/kdc/misc.c, a flag is now defined
in Heimdal's hdb so that we can take over this handling in future (once we start
using a system Heimdal, and if we find out there is more to be done
here).
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The function LDB_lookup_principal() has been eliminated, and it's
contents spread back to it's callers. Removing the abstraction makes
the code clearer.
Also ensure we never pass unescaped user input to a LDB search
function.
Andrew Bartlett
|
| | |
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
| |
So liblua is treated the same way as libtalloc and libtdb.
Michael
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
| |
passdb.
pdb_{get,set}_comment were already existing in the API but were never used.
Guenther
|
| |
|
|
| |
metze
|
| |
|
|
|
|
| |
By fixing the use of struct stat_ex.
Michael
|
| |
|
|
|
|
|
| |
This fixes the build with quotas / configure time detection
of sys_quota interface.
Michael
|
| |
|
|
|
|
| |
(when called from places with "#define NO_CONFIG_H" set, such as configure)
Michael
|
| |
|
|
|
|
|
|
| |
socket
Otherwise we would not notice a broken connection.
metze
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I some cases the pointer value of tevent_context is the same again,
if we do something like:
ev1 = tevent_context_init();
...
fde = tevent_add_fd(ev1, fd, TEVENT_FD_READ...);
...
talloc_free(ev1);
...
ev2 = tevent_context_init();
if (ev1 == ev2) {
/* this can happen! */
}
if (tevent_fd_get_flags(fde) == 0) {
/* this is always true */
}
But the "talloc_free(ev1)" will set fde->event_ctx to NULL
and tevent_fd_get_flags() will always return 0.
metze
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This test talks to a DC as a joined workstation member - in the same way
winbindd does, in particular the calls used in this test's query pattern
will all request for SEC_FLAG_MAXIMUM_ALLOWED access_mask
(which pretty much all of samba's client code does as well).
In fact this test verifies that winbind can correctly talk to a samba dc using
samr dcerpc calls.
Guenther
|
| |
|
|
|
|
|
| |
Unlike torture_suite_add_machine_bdc_rpc_iface_tcase() which joins as a BDC
(ACB_SRVTRUST) this joins as a member workstation (ACB_WSTRUST).
Guenther
|
| |
|
|
|
|
|
| |
/bin/mount strips off the ro/rw options after setting the MS_RDONLY
flag appropriately. Make mount.cifs do the same thing.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
| |
|
|
|
|
|
|
|
| |
By adding a new common setup_logging_stdout() API, we no longer need to abuse the ABI compatability between the different setup_logging() calls in Samba3 and Samba4's DEBUG() subsystems.
The revert of 49a6d757b4d944cd22c91b2838beb83f04fbe1e9 works with this
to fix bug 6211.
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
The problem is that the enum was previously a 'rachet', that is, it
would only reset to a level higher than it was previouly set to.
Changing the order broke file-based logging for our production sites.
This reverts commit 49a6d757b4d944cd22c91b2838beb83f04fbe1e9.
|
| |
|
|
| |
Specifies the impersonation level according to the reporter commit in bug #6283
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Enhance the simple ldap map to support also the "systemFlags" attribute in the
correct way.
|
| |
|
|
|
| |
When copying an attribute list, ensure the list itself is not NULL before
attempting to access elements of the list.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
On calls where both NT_STATUS and WERROR results are returned and consulted
we have to make sure to form function results considering both.
This errors have been found through a run against SAMBA 4.
|
| |
|
|
|
| |
Prevents a crash of the SAMBA 4 daemon on the torture SPOOLSS test due to not
initialised structures.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The search function retries once, the modifying call that hits a dead smbd
returns an error. The next try will reconnect. This was simple to implement and
provides a good compromise against Samba4 idling our connection. Most of the
modifying calls are quickly after a search (like OpenUser) anyway.
|
| | |
|
| | |
|
| | |
|
