summaryrefslogtreecommitdiffstats
path: root/examples/LDAP
Commit message (Collapse)AuthorAgeFilesLines
...
* r1960: sambaPasswordHistory had a duplicate OIDSimo Sorce2007-10-101-1/+1
| | | | | bump up the attribute number to 52 to avoid conflicts (This used to be commit 9368f0c1d2cb9942293cf2429474a1a100339572)
* r1809: Patch from Richard Renard <rrenard@idealx.com> to storeJeremy Allison2007-10-101-1/+6
| | | | | | logon hours attributes in an LDAP database. Jeremy. (This used to be commit ac0fdf9503b34a70eaae5e7cf0764dbaec0263ee)
* r1663: fixing syntax error in OID for sambaUnixIdPool, sambaSidEntry, & ↵Gerald Carter2007-10-101-3/+3
| | | | | | sambaIdmapEntry (This used to be commit 6e4c58b26d19f56162de961ae8338071aeeedde7)
* r1390: Improve description of attribute.Jeremy Allison2007-10-101-1/+1
| | | | | Jeremy. (This used to be commit ff7236a5f20d16069b31383105604a694236ec65)
* r1388: Adding password history code for ldap backend, based on a patch fromJeremy Allison2007-10-101-1/+6
| | | | | | | | | | "Jianliang Lu" <j.lu@tiesse.com>. Multi-string attribute changed to linearised pstring due to ordering issues. A few other changes to fix race conditions. I will add the tdb backend code next. This code compiles but has not yet been tested with password history policy set to greater than zero. Targeted for 3.0.6. Jeremy. (This used to be commit dd54b2a3c45e202e504ad69d170eb798da4e6fc9)
* r223: According to Thomas Mueller, thomas.mueller@christ-wasser.de, the two ↵Volker Lendecke2007-10-101-2/+1
| | | | | | | | | | | | lines removed (modifiersName and modifyTimestamp) lead to warnings upon startup of the netscape directory server. I can't check this, but it sounds logical. Thanks, Volker (This used to be commit 770b85c32fdd7addd7becf6a42cace91f411b363)
* r119: missed a file in volker patchGerald Carter2007-10-101-1/+6
| | | | (This used to be commit bccee79653a6f5c368bf8d39fccc65fd0e5b7417)
* Add bad password count/time attributesJim McDonough2004-02-221-1/+12
| | | | (This used to be commit 184bef8413b17a0e42d1c5bce3d08ae1533818ca)
* Fix whitespace to reduce diff from HEADJim McDonough2004-02-141-1/+1
| | | | (This used to be commit eba512ee1c723392ce553a6b04a7de6c57dd7b1d)
* sync IBM Directory Server schema with openldap schema...add munged dialJim McDonough2004-02-142-1/+2
| | | | (This used to be commit 3b1d922ab4fdf3d2d5d8b56b7c5d2882b91000b9)
* fix case in objectclass name (not that it really matters); patch from Darren ↵Gerald Carter2004-01-065-11/+11
| | | | | | Chew <darrenc@vicscouts.asn.au> (This used to be commit 86e0015b06eb9590a6a3e64cb4fe5a88a9f156c2)
* Small fix from Jérôme Tournier <jerome.tournier@IDEALX.com>Jeremy Allison2003-12-161-2/+2
| | | | | Jeremy. (This used to be commit 6ce7932520c0e5417e3b8a214a97244d10bdf4ad)
* removing RCS tagsGerald Carter2003-12-0514-27/+0
| | | | (This used to be commit 9a7774306dfa29f0b343343844a2c08650d5ba1a)
* * removing extra fileGerald Carter2003-12-053-94/+12
| | | | | * updating version in Makefile (This used to be commit 3249e69274c00922c6d8710019c19d8c8add8255)
* updating top 0.8.2-1 of the smbldap toolsGerald Carter2003-12-0422-813/+1354
| | | | (This used to be commit b798f30f0a83ba00ebbe1b82983ca6690642ad02)
* sync OID with HEADGerald Carter2003-12-041-1/+1
| | | | (This used to be commit d463abb035a19dce84902039623275cd72e16edc)
* support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter2003-12-041-1/+6
| | | | (This used to be commit 1c3c16abc94d197e69e3350de1e5cc1e99be4322)
* added note about stripping comments from LDIF; bug 642Gerald Carter2003-11-051-0/+6
| | | | (This used to be commit 3f67b2bbfdbedc76d7265fc5333d5f71577d9c7b)
* update smbldap-tool sscripts from Jérôme TournierGerald Carter2003-09-2316-663/+694
| | | | (This used to be commit c1546a5311a4e9ad2d6566e71e11c6d5f8f120a9)
* fix from Brad Langhorst to correctly check if the primaryGroupID has been setGerald Carter2003-09-201-1/+1
| | | | (This used to be commit 5c45b799d1b87fed8afa4665e075f2c8ccb6da84)
* updates to SunOne DS schema from André FiebachGerald Carter2003-09-201-2/+22
| | | | (This used to be commit bd9b90a391e3346ff22888bbc589e65ccdddd482)
* insert missing sh-bangGerald Carter2003-09-191-0/+1
| | | | (This used to be commit 64fa24dbabd8d211d276e19745561a11b7465158)
* Updated 3.0 schema files for IBM Directory Server 5.1Jim McDonough2003-09-112-0/+61
| | | | | Keeps with IBM convention of separate attributetype and objectclass definitions. (This used to be commit 5dcf974c22b4bd54193dff876020bacd5b1691b2)
* syncing filesGerald Carter2003-09-098-16/+0
| | | | (This used to be commit 88725350d248fe017b77c7609544888ba40b7995)
* samba 3.0 schema filr netscape DS 5.x from Darren ChewGerald Carter2003-09-081-74/+35
| | | | (This used to be commit 3f97a5ce47bbdd3010dd8e234a7aa5838b524b46)
* updated schema for 3.0 for eDirectory 8.7 and Netscape DS 4.xGerald Carter2003-09-052-251/+259
| | | | (This used to be commit c9c7150a627abe93a5d3c866605f2300a3cc5ec9)
* updating README file after I removed some scriptsGerald Carter2003-08-291-42/+19
| | | | (This used to be commit 90133558073deb96a0e5baf26e44cf1af1acd538)
* remove rcs tagGerald Carter2003-08-281-2/+0
| | | | (This used to be commit 7105f4bcabb29126999b5494f6d60d6f766ab5cc)
* removing outdated scripts and adding comments about 'ldap password syc'Gerald Carter2003-08-284-335/+5
| | | | (This used to be commit 29885eae591bdbb899d18ac2e7ae355751cd4be6)
* add --help to scriptGerald Carter2003-08-271-1/+8
| | | | (This used to be commit 5b20494aff3da9414ac0100220de96750c3f06a3)
* sync with changes from Jerome Tournier @ IDEALX; should now work with ↵Gerald Carter2003-08-2613-511/+682
| | | | | | sambaSamAccount schema (This used to be commit 5f41cd76b793305e1e9e4da76d58daa2d8438c63)
* include enhancements from Buchan Milne to generate LDIF modify output in ↵Gerald Carter2003-08-261-11/+114
| | | | | | addition to add (This used to be commit 49457669f32ed1d8122633e2d0abdebaf05790da)
* adding old NDS schema so I can update itGerald Carter2003-08-201-0/+201
| | | | (This used to be commit 25753e2a336a72dc2275a0046003c3a659a0f880)
* checlking in initial version of 2.2 scripts so I can start updating themGerald Carter2003-08-2035-0/+6143
| | | | (This used to be commit 766a5070d58ada7a871a7fab45b5f7e203264952)
* fix comments about schema dependenciesGerald Carter2003-08-201-3/+4
| | | | (This used to be commit f72f51d39ff3e6d22dbda8b9c115ca10e93e7022)
* This patch cleans up some of our ldap code, for better behaviour:Andrew Bartlett2003-07-041-4/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now always read the Domain SID out of LDAP. If the local secrets.tdb is ever different to LDAP, it is overwritten out of LDAP. We also store the 'algorithmic rid base' into LDAP, and assert if it changes. (This ensures cross-host synchronisation, and allows for possible integration with idmap). If we fail to read/add the domain entry, we just fallback to the old behaviour. We always use an existing DN when adding IDMAP entries to LDAP, unless no suitable entry is available. This means that a user's posixAccount will have a SID added to it, or a user's sambaSamAccount will have a UID added. Where we cannot us an existing DN, we use 'sambaSid=S-x-y-z,....' as the DN. The code now allows modifications to the ID mapping in many cases. Likewise, we now check more carefully when adding new user entires to LDAP, to not duplicate SIDs (for users, at this stage), and to add the sambaSamAccount onto the idmap entry for that user, if it is already established (ensuring we do not duplicate sambaSid entries in the directory). The allocated UID code has been expanded to take into account the space between '1000 - algorithmic rid base'. This much better fits into what an NT4 does - allocating in the bottom part of the RID range. On the code cleanup side of things, we now share as much code as possible between idmap_ldap and pdb_ldap. We also no longer use the race-prone 'enumerate all users' method for finding the next RID to allocate. Instead, we just start at the bottom of the range, and increment again if the user already exists. The first time this is run, it may well take a long time, but next time will just be able to use the next Rid. Thanks to metze and AB for double-checking parts of this. Andrew Bartlett (This used to be commit 9c595c8c2327b92a86901d84c3f2c284dabd597e)
* applying fix for group map conversion (patch from Kristyan Osborne)Gerald Carter2003-07-011-1/+1
| | | | (This used to be commit 6237fae9b8407ee04226b984a932150799191d29)
* This patch is Vorlon's fault!John Terpstra2003-06-151-22/+34
| | | | (This used to be commit 56d2049561e5d5c22ac9d76cb013643083d9644e)
* fix typo in descriptionGerald Carter2003-06-131-1/+1
| | | | (This used to be commit be82b3d9dfef938030731e1021076df4dcfdb443)
* check that an attribute is defined and not just non-zeroGerald Carter2003-06-121-1/+1
| | | | (This used to be commit 8c18174a899e9578e0e82d17c7602e84b342644c)
* working draft of the idmap_ldap code.Gerald Carter2003-06-051-0/+10
| | | | | | | | | Includes sambaUnixIdPool objectclass Still needs cleaning up wrt to name space. More changes to come, but at least we now have a a working distributed winbindd solution. (This used to be commit 824175854421f7c27d31ad673a8790dd018ae350)
* moving the sambaAccount objectclass to 'historical' to prevent confusion on ↵Gerald Carter2003-05-221-150/+142
| | | | | | which one should be used for new servers. I'll add a note about uncommenting the older items for ldapsam_compat in the release notes (This used to be commit 469c5ad1acfb452617b10653e06ce3b34ec9e146)
* fix group mapping in LDAP under new schemaGerald Carter2003-05-141-1/+1
| | | | (This used to be commit 0714dda7cc4a1df73e1b9d11daae80a1f46583de)
* s/primaryGroupSID/sambaPrimaryGroupSID/Gerald Carter2003-05-141-1/+1
| | | | (This used to be commit 925c60f5e2f5301da90fc26dddc1bad610eea0d0)
* perl script to convert from sambaAccount to sambaSamAccount; requires ↵Gerald Carter2003-05-141-0/+105
| | | | | | Net::LDAP::LDIF (This used to be commit 9cde1aa32aed55a3d7cb28881c6acd9800b02065)
* *****LDAP schema changes*****Gerald Carter2003-05-141-25/+134
| | | | | | | | | | | | | New objectclass named sambaSamAccount which uses attribute prefaced with the phrase 'samba' to prevent future name clashes. Change in functionality of the 'ldap filter' parameter. This always defaults to "(uid=%u)" now and is and'd with the approriate objectclass depending on whether you are using ldapsam_compat or ldapsam conversion script for migrating from sambaAccount to sambaSamAccount will come next. (This used to be commit 998586e65271daa919e47e1206c0007454cbca66)
* As discussed on samba-technical - move to 'primaryGroupSid' insted ofAndrew Bartlett2003-05-111-1/+11
| | | | | | | | | | | primaryGroupID (rid). This is consistant with the move from 'rid' to ntSid for the primary user identifier. Also cope with legacy installations where primaryGroupID might have been stored as 0. Andrew Bartlett (This used to be commit 0e432817cb927b41af7b49fb0b5081ffdb46f85e)
* syncing README to go along with scriptsGerald Carter2003-05-091-24/+7
| | | | (This used to be commit 94780f0947f7ad7d5bc83e61681148637b59d7ab)
* syncing import/export smbpasswd file scripts from 2.2Gerald Carter2003-05-094-231/+114
| | | | (This used to be commit ee1374cabf38c3d99e66a45316e232d1c2cfbe6a)
* A new pdb_ldap!Andrew Bartlett2003-04-281-5/+34
| | | | | | | | | | | | | | | | | | | | | | | This patch removes 'non unix account range' (same as idra's change in HEAD), and uses the winbind uid range instead. More importanly, this patch changes the LDAP schema to use 'ntSid' instead of 'rid' as the primary attribute. This makes it in common with the group mapping code, and should allow it to be used closely with a future idmap_ldap. Existing installations can use the existing functionality by using the ldapsam_compat backend, and users who compile with --with-ldapsam will get this by default. More importantly, this patch adds a 'sambaDomain' object to our schema - which contains 2 'next rid' attributes, the domain name and the domain sid. Yes, there are *2* next rid attributes. The problem is that we don't 'own' the entire RID space - we can only allocate RIDs that could be 'algorithmic' RIDs. Therefore, we use the fact that UIDs in 'winbind uid' range will be mapped by IDMAP, not the algorithm. Andrew Bartlett (This used to be commit 3e07406ade81e136f67439d4f8fd7fe1dbb6db14)
generated by cgit (git 2.34.1) at 2024-06-07 10:00:06 +0000