summaryrefslogtreecommitdiffstats
path: root/source3/passdb
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: shortcut uid_to_sid when "ldapsam:trusted = yes"Michael Adam2009-11-191-0/+75
| | | | | | | | | | | | | | The normal uid_to_sid behaviour is to call sys_getpwuid() to get the name for the given uid and then call the getsampwnam passdb method for the resulting name. In the ldapsam:trusted case we can reduce the uid_to_sid operation to one simple search for the uidNumber attribute and only get the sambaSID attribute from the correspoinding LDAP object. This reduces the number of ldap roundtrips for this operation. Michael
* s3:passdb: remove the uid_to_rid method - we only need uid_to_sidMichael Adam2009-11-143-39/+1
| | | | Michael
* s3:pdb_default_uid_to_sid: fix some debug statements.Michael Adam2009-11-141-3/+3
| | | | Michael
* s3:smbd: also fill the memcache with sid<->id mappings in ldapsam_sid_to_id()Michael Adam2009-11-131-0/+2
| | | | | | not only the persistent idmap cache. Michael
* s3:smbd: make idmap cache persistent for "ldapsam:trusted".Michael Adam2009-11-131-0/+4
| | | | | | | | | | This stores the mappings found in the idmap cache (which lives inside gencache). This cache is already read in sid_to_Xid() and Xid_to_sid() for ldapsam:trusted, this fills the opposite direction, massively reducing the number of ldap roundtrips across smbd restarts. Michael
* Fix large paged searchVolker Lendecke2009-11-131-0/+1
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* s3: Remove debug_ctx()Volker Lendecke2009-11-031-28/+28
| | | | | | | | smbd just crashed on me: In a debug message I called a routine preparing a string that itself used debug_ctx. The outer routine also used it after the inner routine had returned. It was still referencing the talloc context that the outer debug_ctx() had given us, which the inner DEBUG had already freed.
* s3:ldap: don't search when no values where foundBjörn Jacke2009-11-021-1/+1
|
* ѕ3:ldap: search for account policies in objectclass sambaDomain, not *Björn Jacke2009-10-311-1/+6
|
* s3-secrets: use autogenerated code for TRUSTED_DOM_PASS struct parsing from ↵Günther Deschner2009-10-291-220/+36
| | | | | | a tdb. Guenther
* s3-passdb: move open_schannel_session_store() to passdb/secrets_schannel.c.Günther Deschner2009-10-282-63/+63
| | | | Guenther
* s3-passdb: add secrets_delete_generic().Günther Deschner2009-10-281-0/+16
| | | | Guenther
* s3-pdb_ldap: fix crash bug in ldapsam_set_trusteddom_pw().Günther Deschner2009-10-201-2/+2
| | | | | | Thanks Volker for the hint. Guenther
* s3-lsa: Allow to lookup 'NT AUTHORITY\Anonymous Logon' as well.Günther Deschner2009-10-201-0/+1
| | | | | | This is to finally pass RPC-LSA-LOOKUPNAMES test. Guenther
* s3-lsa: allow to lookup BUILTIN\ in lsa_LookupNames.Günther Deschner2009-10-201-0/+8
| | | | | | Found by RPC-LSA-LOOKUPNAMES torture test. Guenther
* Fix valgrind memory leak in bug #6814 - Fixes for problems reported by valgrindJeremy Allison2009-10-151-0/+1
| | | | Jeremy.
* s3: Fix some nonempty blank linesVolker Lendecke2009-10-131-5/+5
|
* s3: use enum netr_SchannelType all over the place.Günther Deschner2009-10-132-7/+10
| | | | Guenther
* s3:secrets_schannel: revert to using version 1Stefan Metzmacher2009-09-211-3/+9
| | | | | | | | | | | | | It doesn't really matter if the entries have invalid context in it. Older versions of samba refuse to open the file if the version doesn't match. If we can't parse individual records, we'll fail schannel binds, but the clients are supposed to reestablish the netlogon secure channel by doing ServerReqChallenge/ServerAuthenticate* again. This will just overwrite the old record. metze
* s3-pdb_ldap: Fix bug #4296: Clean up group membership while deleting a user.Günther Deschner2009-09-021-0/+46
| | | | | | Note that this only is tried with editposix=yes. Guenther
* s3-schannel: remove remaining code that was using "struct dcinfo".Günther Deschner2009-08-271-167/+0
| | | | Guenther
* s3-schannel: upgrade old format schannel_store.tdb.Günther Deschner2009-08-271-4/+9
| | | | Guenther
* s3-schannel: add simple wrappers to fetch and store schannel auth info.Günther Deschner2009-08-272-0/+69
| | | | Guenther
* s3-schannel: make open_schannel_session_store() public.Günther Deschner2009-08-271-1/+1
| | | | Guenther
* s3-pdb_ldap: Make ldapsam_alias_memberships behave like the tdbsam equivalent.Günther Deschner2009-08-031-0/+7
| | | | | | | This lets samr_GetAliasMembership return with NT_STATUS_OK when called with 0 sids (just what w2k3 does). Guenther
* Rename LOOKUP_NAME_EXPLICIT to LOOKUP_NAME_NO_NSSVolker Lendecke2009-07-311-4/+8
| | | | | It took me a bit to understand what this flag does. I hope this is a bit clearer, at least it is to me.
* s3:passdb: use transaction_wrapped write in tdbsam_new_rid()Michael Adam2009-07-291-1/+2
| | | | | | Now all tdb writes in passdb use transactions. Michael
* s3:secrets: use transaction wrapped store in get rand seed.Michael Adam2009-07-291-2/+2
| | | | | | Now secrets.tdb is only writen with transactions. Michael
* s3:dbwrap: change dbwrap_change_uint32_atomic() to return NTSTATUS not uint32_t.Michael Adam2009-07-291-3/+5
| | | | Michael
* Fix Coverity CIDs 887, 888. Don't pass NULL's to functionsJeremy Allison2009-07-171-4/+3
| | | | | that deref them. Jeremy.
* s3-passdb: fix wbc build warning.Günther Deschner2009-07-141-2/+2
| | | | Guenther
* Fix bug 5886Volker Lendecke2009-07-141-8/+26
| | | | | | | | | Ok, that's a very long-standing one. I finally got around to install a recent OpenLDAP and test the different variants of setting a NULL password etc. Thanks all for your patience! Volker
* s3-account_policy: add pdb_policy_type enum.Günther Deschner2009-07-145-42/+46
| | | | Guenther
* s3-pdb_ads: set correct pdb field with the value from 'accountExpires' ↵Günther Deschner2009-07-131-1/+1
| | | | | | attribute. Guenther
* libds: merge the UF<->ACB flag mapping functions.Günther Deschner2009-07-131-3/+3
| | | | Guenther
* Return 0 domains from enum_trusteddomsVolker Lendecke2009-07-101-1/+3
|
* Quieten events and tldap debug messagesVolker Lendecke2009-07-101-1/+1
|
* Make escape_ldap_string take a talloc contextVolker Lendecke2009-07-091-23/+22
|
* pdb_ads: For cached samu entries, priv is NULLVolker Lendecke2009-07-041-75/+81
| | | | | We have to recreate the priv entry on demand. This needs fixing in passdb... :-)
* Add pdb_ads_get_domain_infoVolker Lendecke2009-07-041-0/+53
|
* pdb_ads: Use tldap_fetch_rootdse in pdb_ads_connectVolker Lendecke2009-07-041-13/+12
|
* pdb_ads: Fetch the domain GUIDVolker Lendecke2009-07-041-1/+7
|
* Add pdb_get_domain_infoVolker Lendecke2009-07-042-0/+20
|
* Make pdb_ads return an additional flagVolker Lendecke2009-07-041-1/+1
|
* Fix bug #6431 - local groups from 3.0 setups no longer found.Volker Lendecke2009-06-301-8/+8
| | | | Search for groups without group suffix, group suffix is only used for new entries.
* s3-pdb_tdb: give 'unknown_str' the proper name 'comment' and set comment in ↵Günther Deschner2009-06-291-10/+15
| | | | | | | | passdb. pdb_{get,set}_comment were already existing in the API but were never used. Guenther
* s3:pdb_ads: we need to make the fd for tldap/tsocket non-blockingStefan Metzmacher2009-06-291-0/+2
| | | | metze
* Turn the pdb_rid_algorithm into a capabilities call that returns flagsVolker Lendecke2009-06-286-19/+19
|
* Make pdb_ads survive a restart of Samba4Volker Lendecke2009-06-281-106/+225
| | | | | | | The search function retries once, the modifying call that hits a dead smbd returns an error. The next try will reconnect. This was simple to implement and provides a good compromise against Samba4 idling our connection. Most of the modifying calls are quickly after a search (like OpenUser) anyway.
* s3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache().Michael Adam2009-06-261-1/+1
| | | | | | With the previous code, the cache can never have been hit at all. Michael
generated by cgit (git 2.34.1) at 2025-09-28 23:03:06 +0000