summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* r4994: Patch from abartlet:Günther Deschner2005-01-251-13/+26
| | | | | | | | When migrating account policies to ldapsam, handle the fact that an admin might have changed the default location of the sambaDomain-object after installation. Guenther
* r4989: Display failed LDAP-server-uri.Günther Deschner2005-01-251-1/+2
| | | | Guenther
* r4988: After speaking with Jerry, remove old lp_admin_users toGünther Deschner2005-01-251-14/+0
| | | | | | administrator-sid mapping completely. Guenther
* r4976: Try to scare people off from trying to write authentication modulesAndrew Bartlett2005-01-251-0/+4
| | | | | | that only acheive as much as 'security=server' does. Andrew Bartlett
* r4972: Fix a warning and some debugging-outputs.Günther Deschner2005-01-255-8/+8
| | | | Guenther
* r4970: Fix for bug 2092, allowing fallback after kerberos and allowJeremy Allison2005-01-244-4/+23
| | | | | gnome vfs to prevent auto-anonymous logon. Jeremy.
* r4967: Not being in any domain local groups is obviously valid...Volker Lendecke2005-01-241-1/+1
| | | | Volker
* r4966: don't enumerate the drivers for the same architecture string more ↵Gerald Carter2005-01-241-0/+12
| | | | than once
* r4965: comment out some unused attributes and oc'sGerald Carter2005-01-241-10/+11
|
* r4964: Fix our lsa lookupsid $OURDOMAINSID-500.Günther Deschner2005-01-241-14/+15
| | | | | | | | Give the admin-user (rid 500) a chance to be found in passdb, not returning the (possibly obscure) first entry of "admin users" before that. Guenther
* r4963: It is actually a very bad idea to use KRB5_CONFIG in theGünther Deschner2005-01-241-7/+7
| | | | | | | | | | | | configure-checks (At least Heimdal uses KRB5_CONFIG for locating it's configuration-file (usually /etc/krb5.conf)). Renaming it to KRB5CONFIG prevents configure-checks that use heimdal-libs from segfaulting while the lib reads the krb5-config binary as a configuration file... Vendors that used the KRB5_CONFIG-variable to let configure find a custom krb5-config binary have to use KRB5CONFIG now. Guenther
* r4946: Our notion the other_sids in the info3 SamLogon struct wasVolker Lendecke2005-01-232-14/+34
| | | | | | | | | | | | | | ...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker
* r4933: List not only the first 10 trusts with rpcclient -c enumtrust.Volker Lendecke2005-01-221-16/+22
| | | | Volker
* r4932: Forgot to increase version with the account-policy-commit.Günther Deschner2005-01-221-1/+1
| | | | Guenther
* r4931: Add get_user_info_7 in SAMR. This just gives out the username. (InGünther Deschner2005-01-221-0/+42
| | | | | | | preparation of adding the ability of renaming users via setuserinfo level 7). Guenther
* r4926: Use LDAP_SCOPE_ONELEVEL instead of OpenLDAP's LDAP_SCOPE_ONE-scope.Günther Deschner2005-01-221-2/+2
| | | | Guenther
* r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).Günther Deschner2005-01-2215-171/+855
| | | | | | | | Does automated migration from account_policy.tdb v1 and v2 and offers a pdbedit-Migration interface. Jerry, please feel free to revert that if you have other plans. Guenther
* r4921: Typo.Jeremy Allison2005-01-221-2/+2
|
* r4917: Merge some of Derrell.Lipman@UnwiredUniverse.com obvious fixes.Jeremy Allison2005-01-224-7/+17
| | | | | Added text explaining units in pdbedit time fields. Jeremy.
* r4913: fixing 'perl requires' filters for RPM packaging on RedHat/FedoraGerald Carter2005-01-212-2/+5
|
* r4907: remove unreached codeGerald Carter2005-01-211-1/+0
|
* r4905: patch from abartlet to remove storing the auth-user credentials from ↵Gerald Carter2005-01-211-4/+0
| | | | the cli* in cm_prepare_connection(). using credentials from a domain other thanour primary domain will cause the schannel setup to fail
* r4902: please note that cupsDoRequest() deletes the request* so don't call ↵Gerald Carter2005-01-211-32/+2
| | | | ippDelete(request) *ever*
* r4882: Fix for #2255. Debug should have been 10 not 0.Jeremy Allison2005-01-211-1/+1
| | | | Jeremy.
* r4881: Varient of Lar's patch for #2270. Jerry promises to test :-).Jeremy Allison2005-01-211-258/+274
| | | | Jeremy.
* r4879: Fix rewinddir -> rewind_dir. Noticed by James Peach.Jeremy Allison2005-01-201-2/+2
| | | | Jeremy
* r4877: When vampiring account policy AP_LOCK_ACCOUNT_DURATION honour "LockoutGünther Deschner2005-01-201-1/+4
| | | | | | Duration: Forever". Guenther
* r4875: Fix for bugid #221, inspired by Mrinal Kalakrishnan <mail@mrinal.net>.Jeremy Allison2005-01-201-13/+69
| | | | | | NT sometimes send garbage bytes in NT security descriptor linearizations when sending well-known sids. Cope with these. Jeremy.
* r4874: add DOmain Admins (Full Control) to the default printer sd if we are a DCGerald Carter2005-01-201-5/+24
|
* r4873: example delete printer script for use with cupsGerald Carter2005-01-201-0/+27
|
* r4871: BUG 603: patch by Daniel Beschorner <db@unit-netz.de>. Correct ↵Gerald Carter2005-01-201-1/+4
| | | | access mask check for _samr_lookup_domain() to work with Windows RAS server
* r4870: Make multi-domain-mode in idmap_rid accessible from outside (can beGünther Deschner2005-01-201-8/+20
| | | | | | | | | | compiled with -DIDMAP_RID_SUPPORT_TRUSTED_DOMAINS) as requested by Lars Mueller <lmuelle-at-suse.de>. Allow to map ID's for a local SAM and add some more debugging-information. Guenther
* r4869: Display sam_user_info_7 in rpcclient.Günther Deschner2005-01-201-1/+22
| | | | Guenther
* r4868: Add "net rpc user RENAME"-command.Günther Deschner2005-01-204-2/+190
| | | | | | Note that Samba3 does not yet support it server-side. Guenther
* r4867: Removing smbldap-tools from the svn tree. I'll include Gerald Carter2005-01-2035-6897/+5
| | | | | | | | | | the latest version in the actual release tarballs. Have spoken to the idealx developers about this. Updated README to reflect the changte for people using svn. Removed ldapsync.pl since it is no longer needed when using the smbldap-tools (only keep things you support).
* r4866: Add createdomgroup to rpcclient (needed to generate huge amounts ofGünther Deschner2005-01-201-0/+52
| | | | | | groups when 'net rpc group add' is just to slow). Guenther
* r4864: Remove unused var.Jeremy Allison2005-01-201-2/+2
| | | | Jeremy.
* r4860: fix silly limitation in ldapsam and tdbsam. Expand variables in the ↵Gerald Carter2005-01-192-16/+27
| | | | profile path, logon home and logon script values
* r4856: after testing a simple add printer script, i realized that you still ↵Gerald Carter2005-01-192-21/+21
| | | | have to be root to send the message to all smbds that the config file has been updated
* r4855: add some smb.conf script for add/delete/change share and addprinter hooksGerald Carter2005-01-196-0/+1030
|
* r4852: merge simo changes to srv_srvsvc_nt.c from trunkGerald Carter2005-01-191-30/+13
| | | | | | | that allows the add/change share command to create the directory passed in as an arguement and not require that it pre-exist. Also finish testing of SeDiskOperatorPrivilege via srvmgr.exe
* r4851: Preleminary fix for ldapsam_enum_group_memberships whenGünther Deschner2005-01-191-3/+3
| | | | | | | | | | ldapsam:trusted=True. Don't bail out when ldap-search returns pure posixgroups (w.o. samba group-mapping). This way those unix-memberships do not appear in user and nt user token. Volker, could you please look over that one? Guenther
* r4850: Fix remaining pdb_setsampwent-calls. Günther Deschner2005-01-191-3/+2
| | | | | | To get all entries use a 0 acb_mask. Guenther
* r4849: * finish SeAddUsers support in srv_samr_nt.cGerald Carter2005-01-196-159/+346
| | | | | | | | | * define some const SE_PRIV structure for use when you need a SE_PRIV* to a privilege * fix an annoying compiler warngin in smbfilter.c * translate SIDs to names in 'net rpc rights list accounts' * fix a seg fault in cli_lsa_enum_account_rights caused by me forgetting the precedence of * vs. []
* r4848: fix build; gd please check and make sure this is okGerald Carter2005-01-191-1/+2
|
* r4847: Hand over a acb_mask to pdb_setsampwent in load_sampwd_entries(). Günther Deschner2005-01-1911-33/+54
| | | | | | | | | | | | | | | | | This allows the ldap-backend to search much more effeciently. Machines will be searched in the ldap_machine_suffix and users in the ldap_users_suffix. (Note that we already use the ldap_group_suffix in ldapsam_setsamgrent for quite some time). Using the specific ldap-bases becomes notably important in large domains: On my testmachine "net rpc trustdom list" has to search through 40k accounts just to list 3 interdomain-trust-accounts, similiar effects show up the non-user query_dispinfo-calls, etc. Also renamed all_machines to only_machines in load_sampwd_entries() since that reflects better what is really meant. Guenther
* r4846: do not keep outdated files here.Simo Sorce2005-01-191-2504/+0
| | | | the updated file is in the Release branch and in the official tarballs
* r4845: Correct my name.Simo Sorce2005-01-191-2/+2
| | | | | | | Jerry this file seem old and not updated. We should either update it or remove it imho. Simo.
* r4840: * Add more generic root-dse inspection function to check for givenGünther Deschner2005-01-193-58/+103
| | | | | | | | | controls or extensions. * Check and remember if ldapsam's LDAP Server support paged results (in preparation of adding async paged-results to set|get|end-sampwent in ldapsam). Guenther
* r4839: Allow to set acb_mask in rpcclient's enumdomusers (for debugging).Günther Deschner2005-01-191-2/+5
| | | | Guenther
generated by cgit (git 2.34.1) at 2025-09-28 00:48:53 +0000