| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
The realm can be NULL when this function is called by "libnet_Join_primary_domain".
This seems to be a valid value since "libnet_JoinDomain" is allowed to return an
empty realm if we are not in a ADS domain.
|
| |
|
|
|
| |
Much simpler to use the permissive control instead of manually munging
the SPN list.
|
| |
|
|
| |
It is not an error if entries already exist.
|
| |
|
|
| |
This will be used in the drsuapi server
|
| |
|
|
| |
One empty line is enough for code part divisions.
|
| | |
|
| |
|
|
| |
The last change broke net vampire against w2k8r2
|
| | |
|
| |
|
|
|
| |
If a "logfile" was already set, free the content up before setting a new
location. This can happen on a loadparm reload.
|
| |
|
|
|
| |
Otherwise the "logfile" pointer tracks all changes of "pszParmValue" which
content is only temporal. This was the cause of bug #6212.
|
| | |
|
| |
|
|
|
| |
I wonder why nobody noticed this since for sure this "tombstone" functionality
was broken till now.
|
| |
|
|
|
|
| |
"binary_smbd_main" function
Just to be consistent - no functional change
|
| | |
|
| |
|
|
|
|
|
|
| |
We need to free the lp_ctx after we free the event context, otherwise
the teardown code in the notify backend dies when it tries to use the
iconv_convenience ptr
Fixes bug 7053
|
| |
|
|
|
|
| |
Cope with a wider range of auth padding in dcerpc bind_ack and
alter_context packets. We now use a helper function that calculates
the right auth padding.
|
| | |
|
| |
|
|
| |
Like TYPESAFE_QSORT() but for the ldb_qsort() function
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
In samba_kdc_trust_message2entry() on error, hdb_free_entry()
may end up trying to access uninitialized memory or double
free the hdb_entry.
|
| |
|
|
|
|
|
| |
"nt_response" structures
In some cases those structures are not initialised and the whole authentication
system crashes with a SIGSEGV. Bug discovered by Matthieu Patou in bug #6755.
|
| |
|
|
|
|
|
|
|
|
| |
Previously the "no_pass" and "no_pass2" variables weren't handled correctly.
Since at the initialisation of the "CredentialsOptions" we don't have any
password at all. Only afterwards we could get one through "set_password".
If a password is specified, use it. If no password is specified, consider the
use fo an input mask on STDOUT. But if the loadparm context contains one prefer
it over the input.
|
| |
|
|
| |
metze
|
| |
|
|
|
|
| |
This fixes the build with automatic dependecies.
metze
|
| | |
|
| |
|
|
| |
Looking at the winbind interface, we should only be using the bulk conversion calls.
|
| |
|
|
|
|
|
|
|
|
|
| |
It's not fully clear what this ":dn" part means for us. What we know is that
older AD implementations (Windows Server 2000, 2003) need it to have extended
matches working in the expected way.
To be able to interoperate with s3's winbind and other tools I and gd decided
to transform this into a warning until we know what to do.
This should fix bug #6511.
|
| |
|
|
|
| |
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
|
| |
|
|
|
| |
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
|
| |
|
|
| |
we need the DS_DOMAIN_* levels imported
|
| |
|
|
| |
This allows it to work against our local ldb
|
| |
|
|
|
|
| |
We need to eventually get rid of ldb_msg_find_attr_as_string() (or add
a mem_ctx to it), but meanwhile we have too many places that break if
we don't add a nul to the end of ldb msg strings from python.
|
| |
|
|
|
|
|
| |
We should use the system/*.h headers for system includes. We also try
to avoid C++ comments.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
of sysvol files (GPO objects and netlogon folders).
This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
from_sddl function.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| |
|
|
|
|
|
| |
This allow to be able to run net acl set xxx yyy on DC, but also on domain
member.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| |
|
|
|
|
| |
running as a non root user
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| |
|
|
|
| |
If the dns update file doesn't need updating we need to delete the tmp
file
|
| |
|
|
|
|
|
|
| |
This task watches for changes in the list of DCs, and creates a bind9
formatted file that grants update permission to all DCs, plus to the
administration, and machines update for their own names.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| | |
|
| |
|
|
|
|
| |
The named.conf.update file will be filled in at runtime by Samba to
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
|
