| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
|
| | |
| |
| |
| | |
for satisfying the autoprototyper and abartlet
|
| | |
| |
| |
| | |
style
|
| | |
| |
| |
| |
| |
| | |
the new accessor functions.
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
future.
This moves us from fstrcpy() and global variables to 'get' and 'set' functions.
In particular, the 'set' function sainity-checks the input, in the same way as
we always have.
Andrew Bartlett
|
| | |
| |
| |
| | |
Added some consts to pdb_test to follow pdb_methods struct more strictly
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Back out last night's patch to to reduce -l dependencies until we can ensure
that *all* configurations/platforms work...
Andrew Bartlett
|
| | | |
|
| | |
| |
| |
| | |
need all of them. Hopefully this will fix a few builds.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dependencies. This benifits packagers (like debian) becouse then our client
code won't have references to 'server only' libraries.
(In particular, it removes the client dependency on CUPS, which was raised in
a debian bug report).
Andrew Bartlett
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
This also makes it a easier to see which paramaters are 'in', and which are
'out'.
Andrew Bartlett
|
| | |
| |
| |
| | |
Andrew Bartlett
|
| | |
| |
| |
| | |
THis should fix the build.
|
| | |
| |
| |
| | |
if you have an ADS DC.
|
| | |
| |
| |
| |
| | |
existing connect (which I've been told is really connect2), with one
extra dword. We've only seen 0x00000002 there...
|
| | |
| |
| |
| | |
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
upper cased already.
However, if you created your registry tdb in the very early versions of jerry's
patch, you could find that usrmgr doesn't function. Simply delete the
registry.tdb, it will be recreated on startup.
Andrew Bartlett
|
| | | |
|
| | |
| |
| |
| | |
we get a response from WINS for a PDC, if the PDC isn't responding.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
unfortuately we don't seem to be able to auto-test the ADS join due to
a rather nasty property of the GSSAPI library.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Andrew Bartlett
|
| | |
| |
| |
| | |
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
setups.
- split up the ads structure into logical pieces. This makes it much
easier to keep things like the authentication realm and the server
realm separate (they can be different).
- allow ads callers to specify that no sasl bind should be performed
(used by "net ads info" for example)
- fix an error with handing ADS_ERROR_SYSTEM() when errno is 0
- completely rewrote the code for finding the LDAP server. Now try DNS
methods first, and try all DNS servers returned from the SRV DNS
query, sorted by closeness to our interfaces (using the same sort code
as we use in replies from WINS servers). This allows us to cope with
ADS DCs that are down, and ensures we don't pick one that is on the
other side of the country unless absolutely necessary.
- recognise dnsRecords as binary when displaying them
- cope with the realm not being configured in smb.conf (work it out
from the LDAP server)
- look at the trustDirection when looking up trusted domains and don't
include trusts that trust our domains but we don't trust
theirs.
- use LDAP to query the alternate (netbios) name for a realm, and make
sure that both and long and short forms of the name are accepted by
winbindd. Use the short form by default for listing users/groups.
- rescan the list of trusted domains every 5 minutes in case new trust
relationships are added while winbindd is running
- include transient trust relationships (ie. C trusts B, B trusts A,
so C trusts A) in winbindd.
- don't do a gratuituous node status lookup when finding an ADS DC (we
don't need it and it could fail)
- remove unused sid_to_distinguished_name function
- make sure we find the allternate name of our primary domain when
operating with a netbiosless ADS DC (using LDAP to do the lookup)
- fixed the rpc trusted domain enumeration to support up to approx
2000 trusted domains (the old limit was 3)
- use the IP for the remote_machine (%m) macro when the client doesn't
supply us with a name via a netbios session request (eg. port 445)
- if the client uses SPNEGO then use the machine name from the SPNEGO
auth packet for remote_machine (%m) macro
- add new 'net ads workgroup' command to find the netbios workgroup
name for a realm
|
| | |
| |
| |
| |
| |
| |
| |
| | |
from itself).
they where alo not clean after use!
Simo.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
to check for uppercased strings when we store them not uppercased.
jerry, this fix is needed to make usrmgr.exe work again.
meanwhile we found out that NT_STATUS code may not be appropriate there.
In particular it seem that an NT PDC will send back 02 as error
(ERRbadfile) not 0xc000000f (NT_STATUS_NO_SUCH_FILE NT)
I think further investigation is need to understand which are aprropriate
return codes here.
|
| | |
| |
| |
| |
| |
| | |
from some of the callers.
Andrew Bartlett
|
| | |
| |
| |
| |
| | |
name status query to 14 bytes, so we could not join a DC who had a
netbios name of 15 bytes in length.
|
| | |
| |
| |
| |
| | |
can someone regenerate and commit the other formats?
thanks
|
| | |
| |
| |
| |
| |
| |
| | |
parm_struct.ptr
this one also fixes log level not shown in swat
fix swat help system
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
dictionary into a separate function.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
*somthing* in the directory. (Stops cvs update -P eating it).
This is the combined effort of many from #samba-technical, kai, metze,
ctrlsoft, idra and abartlet in particular. It will no doubt change :-)
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Authenticaions will now attempt to use winbind, and only fall back to
'ntdomain' (the old security=domain) code if that fails (for any reason,
including wrong password).
I'll fix up the authenticaion code to better handle the different types of
failures in the near future.
Andrew Bartlett
|
