| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
packet which means I can extract the service and realm, so we should
now work with realms other than the local realm.
it also means we now check the list of OIDs given by the server just
in case it says that it doesn't support kerberos. In that case we
should fall back to NTLMSSP but that isn't written yet.
|
| |
|
|
| |
fix some alloc leaks spotted by andreas moroder.
|
| | |
|
| |
|
|
| |
of gettext for internationalisation support. There is more to do
|
| |
|
|
| |
written MIT kerberos5 header files :(
|
| |
|
|
|
|
|
|
|
|
| |
activate you need to:
- install krb5 libraries
- run configure
- build smbclient
- run kinit to get a TGT
- run smbclient with the -k option to choose kerberos auth
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
what was I thinking with those 4 character tabs?)
We now pass our winbindd test suite again!
Still to do:
- talloc_ctx on a per winbindd request basis not per connection
- clean up old crap we don't use any more
- test against multiple BDCs (I know this isn't going to work - group/user
handles have to be made against the same DC the domain and basic handles
are.
- implement network and dc failure recovery
|
| |
|
|
|
| |
again :-) :-).
Jeremy.
|
| | |
|
| | |
|
| |
|
|
| |
fix some return codes missed in previous commit.
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
| |
functions correctly deal with the SID_NAME_TYPE. One fix for connection user
lookup in LSA.
Jeremy.
|
| | |
|
| |
|
|
|
|
| |
in scripts.
Thanks to Claudio Cicali aka FleXer for the initial patch
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- implemented some of the sam related connection manager routines
- fill in group id and gecos fields for getpwnam/getpwuid routines
- convert querydispinfo to cm
- getent passwd now works
Now for the group related routines...
|
| |
|
|
|
|
| |
added ucs2_to_dos83 function.
the code should be ok now.
further test with japanese and other languages is needed at this point.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
an authenticaion object that happens to also be used by winbind. We need to
fix this up at some stage.
In the end it will probably be best if winbind does the login over its own
internally managed connections, not a new one per authenticiaon. Then this
would no longer be an issue, as it could call cli_nt_login_network() directly.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
| |
I've wrapped up all the decisions about managing, making and closing
connections into a connection manager in nsswitch/winbindd_cm.c.
It's rather incomplete at the moment - only querying basic user info works
at the moment (i.e finger -m DOMAIN/user) and everything else is broken.
Jeremy, please take a look and I'll start moving across the rest of
winbindd to this new system.
|
| | |
|
| |
|
|
| |
connections within winbindd.
|
| | |
|
| |
|
|
|
| |
remove unused structure for tdb data.
fixes.
|
| |
|
|
| |
knowing what you are doing!
|
| |
|
|
|
|
| |
change these timestamp settings without good reason.
Remove CLEAR_IF_FIRST flag is tdb is read-only.
Jeremy.
|
| | |
|
| |
|
|
| |
do, but at least you can connect now.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for unicode strings. The new method relies on 3 files that are mmap'd
at startup to provide the mapping tables. The upcase.dat and
lowcase.dat tables should be the same on all systems. The valid.dat
table says what characters are valid in 8.3 names, and differs between
systems. I'm committing the japanese valid.dat here, in future we need
some way of automatically installing and choosing a appropriate table.
This commit also adds my mini tdb based gettext replacement in
intl/lang_tdb.c. I have not enabled this yet and have not removed the
old gettext code as the new code is still being looked at by Monyo.
Right now the code assumes that the upcase.dat, lowcase.dat and
valid.dat files are installed in the Samba lib directory. That is not
a good choice, but I'll leave them there until we work out the new
install directory structure for Samba 3.0.
simo - please look at the isvalid_w() function and think about using
it in your new mangling code. That should be the final step to
correctly passing the chargen test code from monyo.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The problem is we were trying to use mask_match as a generic
wildcard matcher for UNIX strings (like the password prompts).
We can't do that - we need a unix_wild_match (re-added into lib/util.c)
as the ms_fnmatch semantics for empty strings are completely wrong.
This caused partial reads to be accepted as correct passwd change
responses when they were not....
Also added paranioa test to stop passwd change being done as root
with no %u in the passwd program string.
Jeremy.
|
| |
|
|
|
| |
interestingly, this shows that w2kp-jp and w2kp have the *same* case
equivalence table, but it is not the same as the Samba one.
|
| |
|
|
|
|
| |
other access. Problem was max time was being set to 0xffffffff, instead of
0x7fffffff.
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
equivalence table for a server. This was inspired by the chargen win32
code from monyo.
This takes a *long* time to run against a Samba server due to the case
insensitive comparisons in the filesystem. That makes it a N^2
operation, and N is 64k. It is linear on NT.
|
| | |
|
| | |
|
| | |
|
| | |
|
