summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* r4996: sync up copytights with trunkGerald Carter2007-10-101-0/+1
| | | | (This used to be commit 8946efe102f7a8a9b5a8059a80666b782159e7b8)
* r4995: fail set_privileges() if 'enable privileges = no' to prevent confused ↵Gerald Carter2007-10-101-0/+3
| | | | | | admins who never read what I write :-) (This used to be commit 1d7a636e0e7f8a0bc3d3ae04b40f79db7f08d619)
* r4994: Patch from abartlet:Günther Deschner2007-10-101-13/+26
| | | | | | | | | When migrating account policies to ldapsam, handle the fact that an admin might have changed the default location of the sambaDomain-object after installation. Guenther (This used to be commit 78c3c7127444b8f9959f4d6ce9e540271869d70f)
* r4989: Display failed LDAP-server-uri.Günther Deschner2007-10-101-1/+2
| | | | | Guenther (This used to be commit d433c7b476005064b9cfd339bbd8a25b40de59c1)
* r4988: After speaking with Jerry, remove old lp_admin_users toGünther Deschner2007-10-101-14/+0
| | | | | | | administrator-sid mapping completely. Guenther (This used to be commit 4cbe37ecd544b01c57c7fce5b3be28669f4ba6c3)
* r4976: Try to scare people off from trying to write authentication modulesAndrew Bartlett2007-10-101-0/+4
| | | | | | | that only acheive as much as 'security=server' does. Andrew Bartlett (This used to be commit fb694f2b1a809d221f48f9b9b0e54e9512325bae)
* r4972: Fix a warning and some debugging-outputs.Günther Deschner2007-10-105-8/+8
| | | | | Guenther (This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
* r4970: Fix for bug 2092, allowing fallback after kerberos and allowJeremy Allison2007-10-104-4/+23
| | | | | | gnome vfs to prevent auto-anonymous logon. Jeremy. (This used to be commit 843e85bcd978d025964c4d45d9a3886c7cf7f63c)
* r4967: Not being in any domain local groups is obviously valid...Volker Lendecke2007-10-101-1/+1
| | | | | Volker (This used to be commit 78975ab9a996ac61be37410f18ddedb9df58d04b)
* r4966: don't enumerate the drivers for the same architecture string more ↵Gerald Carter2007-10-101-0/+12
| | | | | | than once (This used to be commit c488ce9934aaf640c3f63cbdabc3110b8cf70fae)
* r4964: Fix our lsa lookupsid $OURDOMAINSID-500.Günther Deschner2007-10-101-14/+15
| | | | | | | | | Give the admin-user (rid 500) a chance to be found in passdb, not returning the (possibly obscure) first entry of "admin users" before that. Guenther (This used to be commit d319c0e189bc67a4552dafaff80113603b551eb3)
* r4963: It is actually a very bad idea to use KRB5_CONFIG in theGünther Deschner2007-10-101-7/+7
| | | | | | | | | | | | | configure-checks (At least Heimdal uses KRB5_CONFIG for locating it's configuration-file (usually /etc/krb5.conf)). Renaming it to KRB5CONFIG prevents configure-checks that use heimdal-libs from segfaulting while the lib reads the krb5-config binary as a configuration file... Vendors that used the KRB5_CONFIG-variable to let configure find a custom krb5-config binary have to use KRB5CONFIG now. Guenther (This used to be commit 95edb3c67f330afd8dbb8268f3f8ecaf1732c238)
* r4946: Our notion the other_sids in the info3 SamLogon struct wasVolker Lendecke2007-10-102-14/+34
| | | | | | | | | | | | | | | ...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker (This used to be commit a0a6388830d9457de3e42686c64bddeba42954f8)
* r4933: List not only the first 10 trusts with rpcclient -c enumtrust.Volker Lendecke2007-10-101-16/+22
| | | | | Volker (This used to be commit 9ca6cfcf1e4a905d47429a6dc18e2bd7ad5fe1e3)
* r4932: Forgot to increase version with the account-policy-commit.Günther Deschner2007-10-101-1/+1
| | | | | Guenther (This used to be commit 42e380303ddce890f313c221a766dc1e1ee972fb)
* r4931: Add get_user_info_7 in SAMR. This just gives out the username. (InGünther Deschner2007-10-101-0/+42
| | | | | | | | preparation of adding the ability of renaming users via setuserinfo level 7). Guenther (This used to be commit 6f34ed6c203fa11182640da97581075612d26c0e)
* r4926: Use LDAP_SCOPE_ONELEVEL instead of OpenLDAP's LDAP_SCOPE_ONE-scope.Günther Deschner2007-10-101-2/+2
| | | | | Guenther (This used to be commit eee0bd806b4fd4558f9c48c09f7e85274e2b807f)
* r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).Günther Deschner2007-10-1014-171/+840
| | | | | | | | | Does automated migration from account_policy.tdb v1 and v2 and offers a pdbedit-Migration interface. Jerry, please feel free to revert that if you have other plans. Guenther (This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5)
* r4921: Typo.Jeremy Allison2007-10-101-2/+2
| | | | (This used to be commit 033105376ef4ed7d31ef7cab2442719ed57d29b9)
* r4917: Merge some of Derrell.Lipman@UnwiredUniverse.com obvious fixes.Jeremy Allison2007-10-104-7/+17
| | | | | | Added text explaining units in pdbedit time fields. Jeremy. (This used to be commit 3d09c15d8f06ad06fae362291a6c986f7b6107e6)
* r4907: remove unreached codeGerald Carter2007-10-101-1/+0
| | | | (This used to be commit 15fd4a05ec2439f41591ee8a1c30021d9a34371b)
* r4905: patch from abartlet to remove storing the auth-user credentials from ↵Gerald Carter2007-10-101-4/+0
| | | | | | the cli* in cm_prepare_connection(). using credentials from a domain other thanour primary domain will cause the schannel setup to fail (This used to be commit a13e29b5f2f1e48225b5b5964bc0777948f16622)
* r4902: please note that cupsDoRequest() deletes the request* so don't call ↵Gerald Carter2007-10-101-32/+2
| | | | | | ippDelete(request) *ever* (This used to be commit f65598b3b0dc99900d547eb67473cca5d371614f)
* r4882: Fix for #2255. Debug should have been 10 not 0.Jeremy Allison2007-10-101-1/+1
| | | | | Jeremy. (This used to be commit 5557e1409a9a22759ca3bea021d4a662099e683a)
* r4881: Varient of Lar's patch for #2270. Jerry promises to test :-).Jeremy Allison2007-10-101-258/+274
| | | | | Jeremy. (This used to be commit 2afe2a16c92bb2500854b8e288c1d7704ede704a)
* r4879: Fix rewinddir -> rewind_dir. Noticed by James Peach.Jeremy Allison2007-10-101-2/+2
| | | | | Jeremy (This used to be commit 79f54d12759f9161dc5837a090391cd0cf6471f5)
* r4877: When vampiring account policy AP_LOCK_ACCOUNT_DURATION honour "LockoutGünther Deschner2007-10-101-1/+4
| | | | | | | Duration: Forever". Guenther (This used to be commit aecacf4d9cc5e2aa69b358292b9d591ade696500)
* r4875: Fix for bugid #221, inspired by Mrinal Kalakrishnan <mail@mrinal.net>.Jeremy Allison2007-10-101-13/+69
| | | | | | | NT sometimes send garbage bytes in NT security descriptor linearizations when sending well-known sids. Cope with these. Jeremy. (This used to be commit 51b34bb536fdb18c99da1e151eba03ea634e0449)
* r4874: add DOmain Admins (Full Control) to the default printer sd if we are a DCGerald Carter2007-10-101-5/+24
| | | | (This used to be commit 8971a8544274a7f3643ae67be744d7dab181973d)
* r4871: BUG 603: patch by Daniel Beschorner <db@unit-netz.de>. Correct ↵Gerald Carter2007-10-101-1/+4
| | | | | | access mask check for _samr_lookup_domain() to work with Windows RAS server (This used to be commit 2e7a5608ac6a11f4e9e8bda69abb984fb4f86eb8)
* r4870: Make multi-domain-mode in idmap_rid accessible from outside (can beGünther Deschner2007-10-101-8/+20
| | | | | | | | | | | compiled with -DIDMAP_RID_SUPPORT_TRUSTED_DOMAINS) as requested by Lars Mueller <lmuelle-at-suse.de>. Allow to map ID's for a local SAM and add some more debugging-information. Guenther (This used to be commit 4d8e7c9ff00417b2ebae0c5faccfe9c2c9c44f2e)
* r4869: Display sam_user_info_7 in rpcclient.Günther Deschner2007-10-101-1/+22
| | | | | Guenther (This used to be commit 30e808ca07bec66d5ecd81cc8c86bb4a98874bc4)
* r4868: Add "net rpc user RENAME"-command.Günther Deschner2007-10-104-2/+190
| | | | | | | Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
* r4866: Add createdomgroup to rpcclient (needed to generate huge amounts ofGünther Deschner2007-10-101-0/+52
| | | | | | | groups when 'net rpc group add' is just to slow). Guenther (This used to be commit 88572efdea1bfd32478b33564a85485222731901)
* r4864: Remove unused var.Jeremy Allison2007-10-101-2/+2
| | | | | Jeremy. (This used to be commit 9fd5d633e65e00a44ba0136ee91170edcecfae24)
* r4860: fix silly limitation in ldapsam and tdbsam. Expand variables in the ↵Gerald Carter2007-10-102-16/+27
| | | | | | profile path, logon home and logon script values (This used to be commit 504ea4ac68f47b71542a88b17cbb6b546e1cb881)
* r4856: after testing a simple add printer script, i realized that you still ↵Gerald Carter2007-10-102-21/+21
| | | | | | have to be root to send the message to all smbds that the config file has been updated (This used to be commit 6409de1a1ef34bb41c3efeebfabdf13be5e08613)
* r4852: merge simo changes to srv_srvsvc_nt.c from trunkGerald Carter2007-10-101-30/+13
| | | | | | | | that allows the add/change share command to create the directory passed in as an arguement and not require that it pre-exist. Also finish testing of SeDiskOperatorPrivilege via srvmgr.exe (This used to be commit 9af83a7d70324846e6a2660c73589ee68340b4aa)
* r4851: Preleminary fix for ldapsam_enum_group_memberships whenGünther Deschner2007-10-101-3/+3
| | | | | | | | | | | ldapsam:trusted=True. Don't bail out when ldap-search returns pure posixgroups (w.o. samba group-mapping). This way those unix-memberships do not appear in user and nt user token. Volker, could you please look over that one? Guenther (This used to be commit 853a8b7f1c0b00b2e4433d1281f3c9bfcaf980a6)
* r4850: Fix remaining pdb_setsampwent-calls.Günther Deschner2007-10-101-3/+2
| | | | | | | To get all entries use a 0 acb_mask. Guenther (This used to be commit bc729f8fd877236a503cc9df64138b2be2e1a91d)
* r4849: * finish SeAddUsers support in srv_samr_nt.cGerald Carter2007-10-106-159/+346
| | | | | | | | | | * define some const SE_PRIV structure for use when you need a SE_PRIV* to a privilege * fix an annoying compiler warngin in smbfilter.c * translate SIDs to names in 'net rpc rights list accounts' * fix a seg fault in cli_lsa_enum_account_rights caused by me forgetting the precedence of * vs. [] (This used to be commit d25fc84bc2b14da9fcc0f3c8d7baeca83f0ea708)
* r4848: fix build; gd please check and make sure this is okGerald Carter2007-10-101-1/+2
| | | | (This used to be commit f1d59c3a2693fe36b9abe9c1da4b703c5543f938)
* r4847: Hand over a acb_mask to pdb_setsampwent in load_sampwd_entries().Günther Deschner2007-10-1011-33/+54
| | | | | | | | | | | | | | | | | | This allows the ldap-backend to search much more effeciently. Machines will be searched in the ldap_machine_suffix and users in the ldap_users_suffix. (Note that we already use the ldap_group_suffix in ldapsam_setsamgrent for quite some time). Using the specific ldap-bases becomes notably important in large domains: On my testmachine "net rpc trustdom list" has to search through 40k accounts just to list 3 interdomain-trust-accounts, similiar effects show up the non-user query_dispinfo-calls, etc. Also renamed all_machines to only_machines in load_sampwd_entries() since that reflects better what is really meant. Guenther (This used to be commit 6394257cc721ca739bda0e320375f04506913533)
* r4840: * Add more generic root-dse inspection function to check for givenGünther Deschner2007-10-103-58/+103
| | | | | | | | | | controls or extensions. * Check and remember if ldapsam's LDAP Server support paged results (in preparation of adding async paged-results to set|get|end-sampwent in ldapsam). Guenther (This used to be commit ced58bd8849cdef78513674dff1b1ec331945aa9)
* r4839: Allow to set acb_mask in rpcclient's enumdomusers (for debugging).Günther Deschner2007-10-101-2/+5
| | | | | Guenther (This used to be commit 92851def70914af1aa501857c6346ca6ae6fc010)
* r4830: Fix for problem noticed by Guy Harris <gharris@apple.com>, returnJeremy Allison2007-10-101-2/+4
| | | | | | | correct DOS/NT error code on transact named pipe on closed pipe handle. Jeremy. (This used to be commit 599c281464fa96725c3ee6dd3c5ee03ea81314ea)
* r4827: add 'net rpc rights list accounts' & update help textGerald Carter2007-10-101-15/+60
| | | | (This used to be commit 002ece931917e2952ed795939384764d14f93ce9)
* r4825: Printing changesGerald Carter2007-10-102-45/+136
| | | | | | | | | | | | | | ---------------- * bracket the add/delete/set printer scripts with checks for se_print_op * slight change to the add/set printer script semantics. smbd no longer relies on output from the script (on stdout) to re-read smb.conf * remove SIGHUP from set/add/delete printin script code and now just use MSG_SMB_CONF_UPDATED * bracket the add/delete/set share scripts with checks for se_print_op (this includes setting share ACLs) (This used to be commit 8ab8113d2e1bec6a1dbf464882ad724c7c591be4)
* r4824: wrap the shutdown and abort_shutdown calls in check for the ↵Gerald Carter2007-10-101-1/+24
| | | | | | SE_REMOTE_SHUTDOWN privilege (This used to be commit d11339b7e3b890b8e01744b6b309efaa7ad328e1)
* r4823: remove -O1 from --with-developerGerald Carter2007-10-101-1/+1
| | | | (This used to be commit a1fb1cb019804446a093d7d0d7b1952cc538f9cc)
generated by cgit (git 2.34.1) at 2025-09-26 03:32:20 +0000