summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* added HAVE_LDAP_H checkAndrew Tridgell2001-11-251-2/+2
|
* check for liblber separatelyAndrew Tridgell2001-11-253-74/+116
|
* #ifdefed DMF fix so not compiled by default. We need to look at this...Jeremy Allison2001-11-251-22/+39
| | | | Jeremy.
* Use "password server" for searching for BDC's also as Tim suggested.Jeremy Allison2001-11-251-6/+8
| | | | Jeremy.
* Add the PDC end of the smbtorture test for creating an NT_STATUS -> DOS errorAndrew Bartlett2001-11-254-0/+72
| | | | | | | | | | | | | | | | map. This little authentication module is #ifdef DEVELOPER, becouse it really is of no use execept as a development tool invoke by setting: auth methods = guest sam name_to_ntstatus in the smb.conf file (the SAM and guest elements are required for the member server to authenticate itself). Andrew Bartlett
* oops, I forgot to include the header fileAndrew Bartlett2001-11-251-0/+2
|
* Add a new torture test to extract a NT->DOS error map from an NT member of aAndrew Bartlett2001-11-255-5/+148
| | | | | | | | | samba domain. The PDC must be running a special authenticaion module that spits out NT errors based on username. Andrew Bartlett
* Unless the error is exactly NT_STATUS_OK, we might not have a server info, soAndrew Bartlett2001-11-251-1/+1
| | | | we need to bail here.
* I think this is a fix for the "out of space" errors with oplocks=no.Jeremy Allison2001-11-251-49/+58
| | | | Jeremy.
* Fix ./configure --enable-developer warnings (shadow of global)Andrew Bartlett2001-11-251-2/+2
|
* better helpAndrew Tridgell2001-11-251-1/+7
|
* use generate_random_str()Andrew Tridgell2001-11-251-47/+4
|
* added "net ads user" and "net ads group" commandsAndrew Tridgell2001-11-252-29/+80
|
* added "net ads status" commandAndrew Tridgell2001-11-252-29/+115
|
* made a "net ads" command, currently with "net ads join" and "net ads leave"Andrew Tridgell2001-11-253-5/+192
|
* stop popt from doing its own intl stuffAndrew Tridgell2001-11-251-16/+0
|
* better auto-selection of realm and ldap serverAndrew Tridgell2001-11-251-3/+4
|
* added "net join" commandAndrew Tridgell2001-11-2419-251/+902
| | | | this completes the first stage of the smbd ADS support
* removed unused functionAndrew Tridgell2001-11-241-18/+0
|
* rewrote net.cAndrew Tridgell2001-11-241-1260/+1071
| | | | | | | | | | The rewrite fixes a number of things: - much better command line parsing - fixed usage of static and const - better finding of hosts - clean internal separation of sub-functions - expandable design
* And add the winbind module I missed in the last run.Andrew Bartlett2001-11-242-0/+222
| | | | | | (large change to modularise the auth subsystem) Andrew Bartlett
* This is another rather major change to the samba authenticaionAndrew Bartlett2001-11-2433-743/+1842
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett
* Kill off that crazy copy_sam_passwd(). You simply can't do that if theAndrew Bartlett2001-11-242-36/+11
| | | | | | | | | | structre contains pointers (well not if you intend of free those pointers at some stage) There is no reason (given the new passdb interface) that you can't modify a SAM_ACCOUNT in any case. Andrew Bartlett
* added lsaenumprivsaccount and lsalookupprivvalue to rpcclientJean-François Micouleau2001-11-245-8/+370
| | | | | | and more to come ... J.F.
* Sorry. I broke the build, missed on open_directory call.Jeremy Allison2001-11-231-2/+2
| | | | Jeremy.
* return NO_MORE_ENTRIES in lsa_enum_trust_dom. UserManager is happier :-)Jean-François Micouleau2001-11-231-1/+1
| | | | J.F.
* Changed how the privileges are stored in the group mapping code. It's nowJean-François Micouleau2001-11-238-95/+266
| | | | | | | | | | | | | | | | | | | | an array of uint32. That's not perfect but that's better. Added more privileges too. Changed the local_lookup_rid/name functions in passdb.c to check if the group is mapped. Makes the LSA rpc calls return correct groups Corrected the return code in the LSA server code enum_sids. Only enumerate well known aliases if they are mapped to real unix groups. Won't confuse user seeing groups not available. Added a short/long view to smbgroupedit. now decoding rpc calls to add/remove privileges to sid. J.F.
* Fixed delete on close bug. Added core dump code to winbindd.Jeremy Allison2001-11-235-83/+184
| | | | Jeremy.
* Set type to NOTUSED if lookup fail.Jeremy Allison2001-11-231-0/+1
| | | | Jeremy.
* Update some of the error mapping, based on on-the-wire observations of an ↵Andrew Bartlett2001-11-231-7/+7
| | | | | | | | | NT4 server. This lets our Win9X clients give sane error messages when you get passwords wrong and the like. Andrew Bartlett
* Finally worked out why a enumerate trusted domains was returning aTim Potter2001-11-233-12/+35
| | | | | | | | | | NT_STATUS_UNABLE_TO_FREE_VM error. This error code was mis-defined as 0x8000001a instead of 0xc000001a. The former is actually a NT_STATUS_NO_MORE_ENTRIES warning which is what we see in the status code. Removed the & 0xffffff from the loop in get_nt_error_msg() as all the error constants now have the correct high bits set.
* Added constants and error message for dos error code 1326 (logon failure).Tim Potter2001-11-233-1/+14
|
* Reference about SIDs from tpot.Martin Pool2001-11-231-7/+13
|
* More better now.Martin Pool2001-11-231-4/+4
|
* Got rid of that stupid parse_domain_user() warning when compilingTim Potter2001-11-231-22/+0
| | | | winbindd.
* Quieten gcc const warning.Martin Pool2001-11-231-17/+21
| | | | doxyfy.
* Finish 1.45 by removing redundant sid->string conversion inMartin Pool2001-11-231-14/+44
| | | | | | | | winbindd_lookup_sid_by_name. Also if the lookup fails then clobber the output parameters rather than leaving them looking potentially valid. Add doxygen.
* I think you were passing the name of the SID, rather than the DOM_SIDMartin Pool2001-11-231-1/+1
| | | | pointer itself. (Whatever that is.... ;-)
* Fixed bug in canned results list for checking the error code of wbinfo.Tim Potter2001-11-231-14/+14
| | | | Made test names more verbose.
* Don't initialise static pointers to NULL.Tim Potter2001-11-231-1/+1
|
* Removed TimeInit() call from every client program (except for one placeTim Potter2001-11-2327-60/+26
| | | | | in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean.
* Fixed check machine account function.Tim Potter2001-11-234-74/+63
|
* Ignore *.po files.Tim Potter2001-11-231-0/+1
|
* Rename $pwd to $test_root to avoid future confusion.Martin Pool2001-11-221-4/+3
|
* added lsa_enum_sids to rpcclientJean-François Micouleau2001-11-226-17/+164
| | | | | | | fixed lsa_enum_rpivs server code. This time it works as W2K. fixed smbgroupedit to compile and work. J.F.
* Removed unused variable.Tim Potter2001-11-221-1/+0
|
* Oops - opening wrong pipe name in cli_lsa_initialise() helper function.Tim Potter2001-11-221-1/+1
|
* fixing enum_privs and get_dispname server code.Jean-François Micouleau2001-11-221-20/+20
| | | | | | That works as expected now. J.F.
* add another command to rpcclient: getdispname. Show the full descriptionJean-François Micouleau2001-11-223-0/+106
| | | | | | of a privilege. J.F.
* add a command to rpcclient: enumprivsJean-François Micouleau2001-11-224-1/+152
| | | | J.F.
generated by cgit (git 2.34.1) at 2025-09-27 09:41:44 +0000