summaryrefslogtreecommitdiffstats
path: root/source3/passdb/passdb.c
Commit message (Collapse)AuthorAgeFilesLines
* s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() firstStefan Metzmacher2014-12-181-21/+44
| | | | | | | | | | | | | NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2() code. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104
* passdb: Use common code in cli_credentials_set_machine_account_db_ctx()Andrew Bartlett2014-10-171-16/+50
| | | | | | | | | | | | | | | | | | This avoids some duplication in setting the machine account passsword for the domain member and DC case. This does not yet remove the duplication, that requires a bigger restructure of the various routines used here to obtain the machine and domain trust secrets. Also no longer used is the timeout/2 code to not set the previous password. It is now always passed to the caller. Andrew Bartlett Change-Id: Idd5bafedf4cbac30b174955d743ec4128a6902ee Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:passdb: add pdb_get_trust_credentials()Stefan Metzmacher2014-09-271-16/+236
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
* param: rename lp function and variable from 'guestaccount' to 'guest_account'Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-lib: Add grpname to talloc_sub_specified().Andreas Schneider2013-11-211-4/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=2191 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam2012-07-121-2/+2
| | | | | | | | | This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
* s3: Use hex_encode_bufVolker Lendecke2012-05-041-4/+1
| | | | | Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 4 20:32:37 CEST 2012 on sn-devel-104
* s3: Use hex_encode_bufVolker Lendecke2012-05-041-3/+1
|
* s3-passdb: Remove unused sampass->pass_must_change_timeAndrew Bartlett2012-04-191-5/+0
| | | | | | | | | | | | There is no need to call pdb_set_pass_must_change_time() because nothing ever consults that value. It is always calculated from the domain policy. Also, this means we no longer store the value in LDAP. The value would only ever be set when migrating from tdbsam or smbpasswd, not on password changes, so would become incorrect over time. Andrew Bartlett
* s3-group-mapping: Remove fstrings from GROUP_MAP.Simo Sorce2011-10-121-6/+14
| | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Oct 12 19:28:12 CEST 2011 on sn-devel-104
* passdb: Call with correct backend methods instead of default methodsAmitay Isaacs2011-08-131-6/+8
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* First part of fix for bug 8310 - toupper_ascii() is broken on big-endian systemsJeremy Allison2011-07-191-4/+4
| | | | | | | | | | Remove int toupper_ascii(int c); int tolower_ascii(int c); int isupper_ascii(int c); int islower_ascii(int c); and replace with their _m equivalents, as they are identical.
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-4/+4
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
* s3: only include tdb headers where needed.Günther Deschner2011-05-061-0/+1
| | | | Guenther
* Simple +1 changes in hardcoded lengths when changing from safe_strcpy to ↵Jeremy Allison2011-05-041-3/+3
| | | | strlcpy.
* s3-passdb: add passdb.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-includes: only include system/passwd.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* lib/util/util_pw: share more code between lib/util/util_pw.c and ↵Günther Deschner2011-03-301-0/+1
| | | | | | source3/lib/username.c Guenther
* s3: Add "len" to pdb_set_hoursVolker Lendecke2011-02-191-4/+4
|
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-0/+1
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s3-secrets: only include secrets.h when needed.Günther Deschner2010-08-051-0/+1
| | | | Guenther
* s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett2010-05-211-2/+2
| | | | | | | | | | This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:passdb Remove use of uint8 uint16 and uint32 in favour of C99 typesAndrew Bartlett2010-05-211-103/+103
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-passdb: move get_logon_hours_from_pdb() into samr server.Günther Deschner2010-05-181-23/+0
| | | | Guenther
* s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner2010-05-181-5/+5
| | | | | | | Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
* s3: Fix bug 5198 -- parse chfn(1)-change gecos fieldVolker Lendecke2010-02-131-1/+34
|
* s3: Make pdb_copy_sam_account also copy the group sidVolker Lendecke2010-02-081-0/+4
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke2010-01-101-2/+1
|
* s3: use enum netr_SchannelType all over the place.Günther Deschner2009-10-131-2/+4
| | | | Guenther
* s3-account_policy: add pdb_policy_type enum.Günther Deschner2009-07-141-8/+8
| | | | Guenther
* s3-pdb_tdb: give 'unknown_str' the proper name 'comment' and set comment in ↵Günther Deschner2009-06-291-10/+15
| | | | | | | | passdb. pdb_{get,set}_comment were already existing in the API but were never used. Guenther
* Turn the pdb_rid_algorithm into a capabilities call that returns flagsVolker Lendecke2009-06-281-1/+1
|
* talloc_tos() aborts if it can not get a stackframeVolker Lendecke2009-06-201-3/+0
|
* s3-passdb: fix uninitialized variable in local_password_change().Günther Deschner2009-05-291-1/+1
| | | | Guenther
* Consolidate user create/delete paths in smbpasswdSimo Sorce2009-05-291-147/+179
| | | | | | | | | | | | This patch changes the way smbpasswd behaves when adding/deleting users. smbpasswd now calls pdb_create_user/pdb_delete_user, this means that if add/delete user scripts are configured then they are used to create or delete unix users as well. If the scripts are not defined the behavioris unchanged. This also allow to use smbpasswd -a/-x with ldapsam:editposix to allow automatic creation/deletion of users. Signed-off-by: Günther Deschner <gd@samba.org>
* Move smb_create_user() in samsyncSimo Sorce2009-05-161-60/+0
| | | | | It is not used anywhere else, so make it also static and remove it from proto.h
* Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett2009-04-141-0/+1
| | | | | | | | | | | This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
* s3-passdb: add smb_create_user().Günther Deschner2009-04-011-0/+59
| | | | Guenther
* s3: Added new parameter "map untrusted to domain"Steven Danneman2009-02-121-0/+18
| | | | | | | When enabled this reverts smbd to the legacy domain remapping behavior when a user provides an untrusted domain This partially reverts d8c54fdd
* s3: Change behavior when seeing an unknown domain.Dan Sledz2009-02-111-19/+0
| | | | | | | After a lot of testing against various Windows servers (W2K, W2K3, W2K8), within an AD domain it seems that unknown domains will only be translated to the local account domain, not the netbios name of the member server's domain. This makes samba act more like Windows.
* Fix nonempty blank linesVolker Lendecke2009-02-011-61/+60
|
* s3:passdb: add SAMU_BUFFER_V4 with no changesStefan Metzmacher2008-12-291-1/+16
| | | | | | | The upgrade is required because of the followin TDBSAM_VERSION upgrade. metze
* s3:passdb: make marshalling struct samu from and to a buffer more genericStefan Metzmacher2008-12-291-13/+654
| | | | | | | This marshalling isn't specific to tdbsam and it's ugly to have the related functions in two different files. metze
* Fix more "warning: ignoring return value of ‘asprintf’, declared withJeremy Allison2008-12-231-23/+62
| | | | | attribute warn_unused_result" Jeremy.
* Make us clean under valgrind --leak-check=full by using ↵Jeremy Allison2008-11-061-1/+1
| | | | | | | | | | talloc_autofree_context() instead of NULL. Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should be deleted when their parent context is deleted, so freeing them at some arbitrary point later will be a double-free. Jeremy.
* Use standard types.Jelmer Vernooij2008-10-221-8/+8
|
* Remove unused function is_trusted_domain_situation().Michael Adam2008-05-261-6/+0
| | | | | | | | This combined check has been replaced by is_dc_trusted_domain_situation() which does not check for lp_allow_trusted_domains(). Michael (This used to be commit 0a24c038b7bc6edef0021eb121a072cc7e8f9165)
* passdb: check for is_dc_trusted_domain_situation() in get_trust_pw_hash().Michael Adam2008-05-261-1/+1
| | | | | | | | Before fetching legacy password hash, check for trusted domain situation, but also fail if trusted domain support is not enabled. Michael (This used to be commit aa1b8287f44f47f23bd4158112d0a132df04426c)
* passdb: add comment explaining logic in get_trust_pw_clear().Michael Adam2008-05-261-2/+16
| | | | | Michael (This used to be commit 5f197c659e9c8a573ba5032c7f90c816df45770c)