| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
| |
tokenGroup attribute.
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
| |
ALLOWED OBJECT
ACEs).
Guenther
|
| |
|
|
|
|
|
|
| |
search with
the SD_FLAGS control.
Guenther
|
| |
|
|
|
|
|
|
| |
preparation of
adding GPO security filtering for libgpo).
Guenther
|
| |
|
|
|
|
|
|
| |
the silent
argument when parsing pam configuration file options.
Guenther
|
| |
|
|
| |
sam unmapunixgroup"
|
| |
|
|
|
|
| |
return values of some alias-releated pdb functions from BOOL to NTSTATUS
Thanks :-)
|
| | |
|
| |
|
|
| |
specified
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This adds vfs_posixacl to the list of static modules and
makes use of HAVE_ACL_GET_PERM_NP.
This is just a quick fix. FreeBSD acl support is still
hardcoded in configure.in, but actually this could be
detected in a unified test for freebsd, linux, *,
as suggested in the bugreport. This has still to be
checked and elaborated.
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
different
database backends in place dynamically.
The main abstractions are db_context and db_record, it should be mainly
self-describing, see include/dbwrap.h. You open the db just as you would open
a tdb, this time with db_open(). If you want to fetch a record, just do the
db->fetch() call, if you want to do operations on it, you need to get it with
fetch_locked().
I added dbwrap_file.c (not heavily tested lately) as an example for what can
be done with that abstraction, uses a file per key. So if anybody is willing
to shape that up, we might have a chance on reiserfs again.... :-)
This abstraction works fine for brlock.tdb, locking.tdb, connections.tdb and
sessionid.tdb. It should work fine for the others as well, I just did not yet
get around to convert them.
If nobody loudly screams NO, then I will import the code that uses this soon.
Volker
|
| |
|
|
|
|
| |
readahead()
missing declaration problem.
|
| |
|
|
|
|
|
|
|
|
| |
least one
OS) but is available for linking. Instead of running configure tests with
-Werror-implicit-function-declaration in developer mode (which may lead to
different library functions being used in developer mode than when not in
developer mode), add tests for whether readahead is declared. If not,
provide a replacement declaration in lib/replace.
|
| |
|
|
|
|
|
| |
Fixes the strange behavior we were seeing about idmap_ldap creating
a new connection for each query.
Jerry we need this in for 3.0.25
|
| | |
|
| |
|
|
|
|
|
|
| |
r22412 | obnox | 2007-04-20 14:23:36 +0200 (Fr, 20 Apr 2007) | 5 lines
Add a "deletelocalgroup" subcommand to net sam.
Thanks to Karolin Seeger <ks@sernet.de>.
|
| |
|
|
|
| |
in sendfilereadbraw.
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
connections_traverse
and connections_forall. This centralizes all the routines that did individual
tdb_open("connections.tdb") and direct tdb_traverse.
Volker
|
| |
|
|
| |
metze
|
| |
|
|
|
|
| |
pstring. Give it one, although I hate putting it in :-)
Thanks to Tom Bork! :-)
|
| |
|
|
|
|
|
|
| |
the terminating NULL if we've already processed the null
in iconv. Jerry, once I get confirmation from Thomas Bork
this needs to be in 3.0.25 final. Tests fine with valgrind
here.
Jeremy.
|
| |
|
|
| |
server_id' instead of a 'uint32 pid'
|
| | |
|
| |
|
|
|
| |
merging to 3_0_26 once Michael's net conf changes have been merged. It
depends on token_utils.c.
|
| |
|
|
| |
the domain.
|
| | |
|
| |
|
|
|
|
| |
lib/util_tdb.c exactly match the definitions. (There were
some [u]int_32_t instead of [u]int32, which made a gcc 2.95
on an old AIX without system [u]int32[_t] types complain...)
|
| |
|
|
|
|
|
|
| |
Günther, please check this!
Thanks,
Volker
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
| |
patch.
This changes "struct process_id" to "struct server_id", keeping both is
just too much hassle. No functional change (I hope ;-))
Volker
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vista. Vista provides a plethora of kludges to simulate older versions of
Windows. The kludges are in the form of shortcuts (or more likely symbolic
links, but I don't know enough about Vista to determine that definitively)
and in most cases, attempts to access them get back an "access denied"
error. On one particular folder, however, "<share>/Users/All Users", it
returns an unknown (to ethereal and the Samba3 code) NT status code:
0x8000002d. Although this code does not have a high byte of 0xc0 indicating
that it is an error, it appears to be an alternate form of "access denied".
Without this patch, libsmbclient times out on an attempt to enumerate that
folder rather than returning an error to the caller. This patch corrects
that problem.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
configure.in determines if -Werror-implicit-function-declaration is
available, and if so it enables that flag if --enable-developer is
specified. Since the configure tests themselves did not use that flag, it
was possible for a configure test to succeed, followed by a failed
compilation due to a facility being available but not having a proper
declaration in a header file. (This bit me with readahead().) This patch
ensures that if implicit function declarations will kill the build, the
feature being tested is deselected so the build will succeed.
The autoconf manual suggests using return instead of exit in configure
tests because the declaration for exit is often missing. We require this
now, since we error if prototypes are missing. See section 5.5.1 of
http://www.gnu.org/software/autoconf/manual/autoconf.html. This patch makes
these changes, because in fact, an external declaration for exit is missing
here (and likely elsewhere).
I've verified that the features selected (here) with the original
configure.in and the new one are the same except for, in my case,
readahead. I've also confirmed that the generated Makefile is identical.
These changes are not being applied to the 3.0.26 branch because it does not
exhibit the initial problem this patch is supposed to solve since it doesn't
attempt to use -Werror-implicit-function-declaration.
|
| |
|
|
|
|
|
| |
names"
and the username has been munged. Make sure to munge it back before
performing the change_password() request.
|
| |
|
|
| |
from Dnailo A.)
|
| |
|
|
|
|
| |
When asked to create a machine account in an OU as part
of "net ads join" and the account already exists in another
OU, simply move the machine object to the requested OU.
|
| | |
|
| |
|
|
|
| |
take care not to expire the name2sid cache entry just because
that child does not know that the primary domain is offline.
|
| |
|
|
|
|
|
| |
* Log the NTSTATUS when saving name/sid cache entry
* Allow the backend loolkup_usergroups() call in winbindd_{rpc,ads}.c
to inform the wcache manager that the group list should not be cached
(needed for one-way trusts).
|
| |
|
|
|
| |
previous call was unsuccessful. needed for offline
logons.
|
| |
|
|
|
| |
Assume that "NO_DOMAIN_CONTROLLERS_FOUND" means that the domain
is offline.
|
| |
|
|
|
|
|
| |
settings from one trusted domain with no incoming trust path.
Guenther, I think this is ok as we only need the pw policy
to give feedback on upcoming expiration times.
|
| |
|
|
| |
for use by the require-membership-of pam_winbind option.
|
| | |
|
| |
|
|
|
|
|
| |
to the idmap child.
Also remove the check for the global offline state in child_msg_offline()
as this means we cannot mark domains offline due to network outages.
|
| |
|
|
|
|
|
|
| |
Helps when transitioning from offline to online mode.
Note that this is a quick hack and a better solution
would be to start the DNS server's state between processes
(similar to the namecache entries).
|
| |
|
|
|
|
|
|
|
|
|
| |
(a) Ignore the negative cache when the domain is offline
(b) don't delete expired entries from the cache as these
can be used when offline (same model as thw wcache entries)
(c) Delay idmap backend initialization when offline
as the backend routines will not be called until we go
online anyways. This prevents idmap_init() from failing
when a backend's init() function fails becuase of lack of
network connectivity
|
| |
|
|
| |
and the krb5 tkt cache could not be created due to clock skew.
|
