samba.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	fixed a possible segv when dealing with a blank password	Andrew Tridgell	2002-10-23	1	-2/+6
\| \| \| \|	(This used to be commit d5d0d0de50482ed16c594b1cc4cc113e2526a915)
*	Move a number of ADS related functions out into utility libs, so that things	Andrew Bartlett	2002-09-27	1	-1/+8
\| \| \| \| \| \| \| \| \|	like metze's sam_ads can also use them. Also add error checking etc to a few more functions. Andrew Bartlett (This used to be commit c864edf4fbf8a6c37888a14b861d7c12cf503d4f)
*	Add clock skew handling to our kerberos code. This allows us to cope with	Andrew Tridgell	2002-09-17	1	-2/+6
\| \| \| \| \|	the DC being out of sync with the local machine. (This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
*	This fixes a number of ADS problems, particularly with netbiosless	Andrew Tridgell	2002-08-05	1	-10/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
*	Break up samba's object dependencies, and its prototype includes.	Andrew Bartlett	2002-06-25	1	-123/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Now smbclient, net, and swat use their own proto files - now the global proto.h The change to libads/kerberos.c was to break up the dependency on secrets.c - we want to be able to write an ADS client that doesn't need local secrets. I have other breakups in the works - I will remove the dependency of rpc_parse on passdb (and therefore secrets.c) shortly. (NOTE: This patch does not break up includes.h, or other such forbidden actions). Andrew Bartlett (This used to be commit edb41dad2df0ae3db364dbc3896cc75956262edf)
*	by using a prompter function we can avoid the bug in the MIT kerberos	Andrew Tridgell	2002-04-15	1	-7/+25
\| \| \| \| \|	libraries with handling blank passwords. (This used to be commit 59d755ffb57c322a104ff8f52819956cafff1bac)
*	Removed version number from file header.	Tim Potter	2002-01-30	1	-2/+1
\| \| \| \| \|	Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
*	net ads password and net ads chostpass commands from Remus Koos	Andrew Tridgell	2001-12-20	1	-8/+5
\| \| \| \|	(This used to be commit 412e79c448bf02e3097b5c14a36fe0172d8d2895)
*	better error handling	Andrew Tridgell	2001-12-13	1	-2/+7
\| \| \| \|	(This used to be commit ed6279481bfcb21212e9c22009969c19ea4f1646)
*	allow overriding the local time in kerberos_kinit_password()	Andrew Tridgell	2001-12-11	1	-2/+8
\| \| \| \|	(This used to be commit cb9dbcef7cba9eb42f7b30b81c35142dc945d84f)
*	moved ccache location change into winbindd code	Andrew Tridgell	2001-12-10	1	-8/+0
\| \| \| \|	(This used to be commit be254eb13c4bf316823ed43db3ef9407f45ca23b)
*	fixed used of string after free	Andrew Tridgell	2001-12-09	1	-1/+1
\| \| \| \|	(This used to be commit f7ead035ebe55e94cdd5807b173bd4612866b06f)
*	added internal sasl/gssapi code. This means we are no longer dependent on ↵	Andrew Tridgell	2001-12-08	1	-7/+17
\| \| \| \| \| \|	cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm (This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
*	put the winbindd krb5 credentials cache in the lock directory	Andrew Tridgell	2001-12-06	1	-0/+4
\| \| \| \| \|	this prevents it clobbering the users cache (This used to be commit 3de552f365373de85298dbe911143e036805f9ea)
*	added a propoer kerberos_kinit_password call	Andrew Tridgell	2001-12-06	1	-11/+65
\| \| \| \| \| \| \|	contribution from remus@snapserver.com thanks! (This used to be commit 3ace8f1fcc27492d26f5ad0c3cdfc63235ca0609)
*	added a REALLY gross hack into kerberos_kinit_password so that	Andrew Tridgell	2001-12-05	1	-0/+21
\| \| \| \| \| \| \|	winbindd can do a kinit this will be removed once we have code that gets a tgt and puts it in a place where cyrus-sasl can see it (This used to be commit 7d94f1b7365215a020d3678d03d820a7d086174f)
*	Make better use of the ads_init() function to get the kerberos relam etc.	Andrew Bartlett	2001-11-29	1	-2/+3
\| \| \| \| \| \| \| \| \| \|	This allows us to use automagically obtained values in future, and the value from krb5.conf now. Also fix mem leaks etc. Andrew Bartlett (This used to be commit 8f9ce717819235d98a1463f20ac659cb4b4ebbd2)
*	added "net join" command	Andrew Tridgell	2001-11-24	1	-0/+149
	this completes the first stage of the smbd ADS support (This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)