summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* testprogs: test kpasswd via "net ads password".Günther Deschner2014-09-011-0/+15
| | | | | | | | Guenther Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* testprogs: use texpect in passwords test file instead of rkpty.Günther Deschner2014-09-011-8/+8
| | | | | | | | Guenther Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* lib/texpect: add texpect binary based on heimdals rkpty.Günther Deschner2014-09-014-0/+452
| | | | | | | | Guenther Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* s3-kpasswd: send a netbios krb5 address to avoid invalid net address errors fromGünther Deschner2014-09-011-0/+14
| | | | | | | | | heimdal. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* Remove custom password change code in libadsSimo Sorce2014-09-012-556/+59
| | | | | | | | | Use standard libkrb5 calls instead. Signed-off-by: Simo Sorce <idra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* Remove duplicate definitionsSimo Sorce2014-09-011-9/+0
| | | | | | | | | Thee are already defined both in Heimdal and MIT public headers Signed-off-by: Simo Sorce <idra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* testprogs: allow to run passwords test with MIT and Heimdal kinit.Günther Deschner2014-09-011-2/+14
| | | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* testprogs: Use the system binaries for KRB5 if we don't build in-tree heimdal.Andreas Schneider2014-09-018-11/+57
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
* selftest: Use the dns domain in the hosts file.Andreas Schneider2014-09-011-2/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-netlogond: Give a better error if we do not have a flatname attributeAndrew Bartlett2014-09-011-0/+2
| | | | | | | | | Change-Id: I3bc283b6fab4326131084d1abb89cb486af7b35a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Sep 1 02:58:46 CEST 2014 on sn-devel-104
* join.py: Ensure to fill in samAccountName so we get the domain$ accountAndrew Bartlett2014-09-011-1/+2
| | | | | | | | | | Otherwise, we get a random samAccountName Andrew Bartlett Change-Id: I87ea532fe22c1b2d2effd52859da3b357f692b5a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_client: Do not give NT_STATUS_NO_MEMORY when the source string was NULLAndrew Bartlett2014-09-011-5/+6
| | | | | | | Change-Id: I25a4dcc2239267ee7c219e965693027ca2981983 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* set_dc_type_and_flags_trustinfo: Use init_dc_connection and ↵Andrew Bartlett2014-09-011-18/+26
| | | | | | | | | | | | | wb_open_internal_pipe This means we call this code, and mark trusted domains as active directory, when we are an AD DC. Otherwise, in the previous case we would not have domain->active_directory set, and would fail on connection_ok() due to not having a full connection to our internal DC Change-Id: I7ccee569d69d6c5466334540db8920e57aafa991 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: improve debugging in DsCrackNameOneFilterAndrew Bartlett2014-09-011-1/+3
| | | | | | | | Change-Id: I64d8e1eb94d833dc8ebf18fecdf32a83470a087e Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org> 1
* winbindd: Add debugging to assist in locating errors creating NETLOGON pipesAndrew Bartlett2014-09-011-0/+12
| | | | | | | Change-Id: If15483c37ed43267c6474ce8b5e9d96254745bca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* passdb: Use sam_get_results_trust() and implement ↵Andrew Bartlett2014-09-011-1/+124
| | | | | | | | | | | | | pdb_samba_dsdb_get_trusteddom_pw We now return the plaintext passwords for trusted domains so winbindd can use them. Change-Id: Ifcd59b0be815d25b73bdbc41db7477895461c7b6 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* auth: Split out fetching trusted domain into sam_get_results_trust()Andrew Bartlett2014-09-012-37/+89
| | | | | | | | | | This new helper function will also be used by pdb_samba_dsdb. Change-Id: I008af94a0822012c211cfcc6108a8b1285f4d7c7 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* provision: Only create hard links for ForestDnsZones if it exists on this DCAndrew Bartlett2014-09-011-4/+8
| | | | | | | | | | We might be a subdomain, and not host this partition. Andrew Bartlett Change-Id: I9aa32c5692cd9fd0a6bced8bea37cd8593b31906 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* selftest: Improve connection between primary domain and subdomain for krb5Andrew Bartlett2014-09-011-1/+9
| | | | | | | | | | | | | | | | | | | Two things help here: The join is done on the lower case name, so we can match it in the krb5.conf, and we share the krb5.conf between the "dc" environment and the "subdom_dc" environment. Between these two measures, this means we can get tickets using the domain trust. If we used cwrap for DNS queries and we had our internal DNS set up correctly, we could avoid this (because that is not case sensitive), but otherwise we need to get SUB.samba.example.org into the krb5.conf, and this is harder to do an a generic way. Andrew Bartlett Change-Id: If378915112728aaf47aa68ce0b071a7e09d756ad Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* dsdb: Make log message more clearAndrew Bartlett2014-09-011-2/+6
| | | | | | | Change-Id: Ibf3c55748e755d2f6dae57293bfde11cdf7ba3ae Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* selftest: Set admin password on subdom_dc environmentAndrew Bartlett2014-09-011-0/+1
| | | | | | | Change-Id: Ib9edae20004ea6f5a500efcfcd7bbd9fc8015c25 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* winbindd: Do not segfault if the trusted domain has no SIDAndrew Bartlett2014-09-011-1/+9
| | | | | | | | | | | Currently we abort, as skipping the domain would make the loop much more complex for a situation not yet seen in the real world. Andrew Bartlett Change-Id: Ie1e269eb25047d662d8fd0f771ee20de1d48706b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* join.py: Ensure we set the SID of the parent domain on the trust recordAndrew Bartlett2014-09-011-1/+2
| | | | | | | Change-Id: Ifaf3f2d1240d983a48ee1874fdc9c266354f6754 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* python: Use the security.dom_sid type for ctx.domsid in join.py and provisionAndrew Bartlett2014-09-015-9/+11
| | | | | | | Change-Id: I1266f77184d68aae6a39a73bac8a432fdd707b2e Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* dsdb: Permit creation of partitions of type INSTANCE_TYPE_UNINSTANTAndrew Bartlett2014-09-011-4/+15
| | | | | | | | | | | This is only allowed when we are creating the objects from a DsAddEntry call, not over LDAP. Change-Id: Ieec6b07556d58741ec04fede8bf9940811f12a62 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* provision: Use names.domainsid and names.domainguidAndrew Bartlett2014-09-013-46/+55
| | | | | | | | | | | | | This is better than passing around parameters to functions all over the provision stack and makes it easier to pass in a seperate forest SID when we start to support subdomains. Change-Id: I3787f4f3433ca04628f888135c7c0c8195379542 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4-gensec: Fix spelling in debug messageAndrew Bartlett2014-09-011-1/+1
| | | | | | | Change-Id: Ia0218c4b1f714d1b829ab0ce5851a4d02a1bf5df Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* provision: Only calculate ForestDNSZone GUID if we need itAndrew Bartlett2014-09-011-5/+4
| | | | | | | Change-Id: Ie33812627ce7ececda681c2d784b1ca97b1b73c4 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* join.py: Reinstate full_nc_list and make creation of NTDS-DSA object commonAndrew Bartlett2014-09-012-32/+36
| | | | | | | | | | | | The new function join_ntdsdsa_obj() returns the object, to be added over LDAP or DsAddEntry(). Andrew Bartlett Change-Id: I41ac256fb3d4edffc617af4ae580acd941b4de83 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* selftest: Pass DC_REALM to the subdom_dc environmentAndrew Bartlett2014-09-011-0/+2
| | | | | | | | | | | | This allows 'samba-tool drs kcc' to be run during the environment setup. Andrew Bartlett Change-Id: I5d25470f1530b28be0a9413d13c48442fabb1a84 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* dsdb: Change acl module to look for instanceType flag rather than list of NCsAndrew Bartlett2014-09-012-15/+87
| | | | | | | | | | This avoids any DNs being a free pass beyond the ACL code, instead it is based on the CN=Partitions ACL. Andrew Bartlett Change-Id: Ib2f4abe0165e47fa4a71925d126c2eeec68df119 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Various updates to the pidl README file.Jelmer Vernooij2014-08-311-8/+9
| | | | | | | | | | | Remove samba3/samba4-specific comments, add comments about backends and files. Change-Id: Id2253ce85eab7a684b2c50d25f6f2604dc146a8e Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Sun Aug 31 23:47:49 CEST 2014 on sn-devel-104
* Remove trailing whitespace.Jelmer Vernooij2014-08-311-13/+13
| | | | | | Change-Id: I1e0948da34bac278edc62cd63dedd08112426e7a Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* samba.netcmd.domain: desactivating -> deactivating.Jelmer Vernooij2014-08-311-1/+1
| | | | | | Change-Id: I463823589049e81bcd4032f3e7bc6b5f2fb0d28d Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* samba.netcmd.domain: Fix incorrect variable names, causing NameErrors.Jelmer Vernooij2014-08-311-4/+4
| | | | | | Change-Id: I1c78f07f942a8b03ac88de98b18ac636b7124e22 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* samba.netcmd.domain: Remove unused import.Jelmer Vernooij2014-08-311-1/+0
| | | | | | Change-Id: I33f3ba55540be01fd15bfc3d75ebb73cbf5ead9e Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* samba.netcmd.domain: Just catch ImportError, not any parsing errors in ↵Jelmer Vernooij2014-08-311-2/+3
| | | | | | | | cmd_domain_export_keytab. Change-Id: If5710565c74e87fe218a83f31cddcf64605e522e Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* Look for system setproctitle before trying -lbsd.Jelmer Vernooij2014-08-311-2/+2
| | | | | | Change-Id: I390c186d7c1400287c6a18909a5d6587f2052243 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* replace: remove tabs.Jelmer Vernooij2014-08-311-4/+4
| | | | | | Change-Id: Ie87f3c8a60f6292b7d2302425c946f5befaf5fcc Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* replace: remove unused and duplicate imports.Jelmer Vernooij2014-08-311-2/+2
| | | | | | Change-Id: I6cfd2cf80efe19fa31bcd6b3881a1eb01f05d1b4 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* Remove mention of compatibility with Python 2.4.Jelmer Vernooij2014-08-311-3/+0
| | | | | | Change-Id: I1f900e550f4fbed9d7b3ffdbf30aa5b54e799331 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* find_unused_macros: Remove obsolete script that finds unused macros.Jelmer Vernooij2014-08-311-38/+0
| | | | | | | | There are various static checkers that can do this nowadays, with better accuracy. Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* source4: Remove script to find unused makefile variables.Jelmer Vernooij2014-08-311-55/+0
| | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3-winbindd: Document parameters in ads_cached_connection_reuseChristof Schmitt2014-08-301-0/+13
| | | | | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 06:10:36 CEST 2014 on sn-devel-104
* s3-winbindd: Use more descriptive parameter names in ↵Christof Schmitt2014-08-301-8/+8
| | | | | | | ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-winbindd: Use correct realm for trusted domains in idmap childChristof Schmitt2014-08-301-2/+9
| | | | | | | | | | | | When authenticating users in a trusted domain, the idmap_ad module always connects to a local DC instead of one in the trusted domain. Fix this by passing the correct realm to connect to. Also Comment parameters passed to ads_cached_connection_connect Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* torture: Also run raw.read against the aio shareChristof Schmitt2014-08-301-0/+4
| | | | | | | | | | This tests the changes in the aio code path. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Aug 30 02:51:46 CEST 2014 on sn-devel-104
* torture: Use torture_assert macro for value check in raw.readChristof Schmitt2014-08-301-6/+3
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* torture: Use torture_assert macro for status check in raw.readChristof Schmitt2014-08-301-6/+3
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* torture: Use torture_fail macro in check_buffer for read requestsChristof Schmitt2014-08-301-5/+7
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 09:23:06 +0000