| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
per-share. I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.
Almost all the user's of this paramater used it as a global anyway...
While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.
This already removes an absolute truckload of extra attempted password lookups
on the guest account.
Andrew Bartlett
|
| |
|
|
| |
grumble, mumble, ...
|
| |
|
|
| |
so that tdbtool can be compiled without having to make clean.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the way we process guest logons - we now treat them as normal
logons, but set the 'guest' flag. In particular this is needed becouse Win2k
will do an NTLMSSP login with username "", therefore missing our previous guest
connection code - this is getting a pain to do as a special case all over the
shop.
Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the
anonymous or authenticated case, can you take a look at this?
Also some cleanups in the check_password() code that should make some of the
debugs clearer.
Various other minor cleanups:
- change the session code to just take a vuser, rather than having to do a
vuid lookup on vuser.vuid
- Change some of the global_client_caps linking
- Better debug in authorise_login(): show the vuid.
Andrew Bartlett
|
| | |
|
| |
|
|
| |
not ascii.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The problem is that we don't use the bitmap field, and so have to guess what
feilds to change. NT4 sets the RID to NULL in its reply, (as a no-change
value) and we were attempting to set that as a RID.
jfm: Can you get me the info on that bitmap, so I can construct a proper fix
to all this?
Thanks!
|
| | |
|
| |
|
|
| |
Jeremy
|
| | |
|
| |
|
|
| |
domain_client_validate()
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
GetPrinterDataEx() and SetPrinterDataEx(). Not sure what the command
number is for the latter is - I haven't seen it on the wire yet.
|
| |
|
|
| |
2.2 to HEAD?
|
| | |
|
| | |
|
| |
|
|
| |
names of the other functions in this file.
|
| | |
|
| |
|
|
|
|
|
| |
pam authentication. This allows us to link in less other crap.
Authenticating with a challenge/response doesn't seem to work though - we
always get back NT_STATUS_WRONG_PASSWORD.
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
to detect this in configure.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- old mangle code has gone, the new one based on tdb seem resonably ok
probably the valid.dat table need to be updated to treat wild chars as
invalid ones (work ok without it)
- a LOT of new string manipulation function for unicode, they are somewhat
tested but a review would not be bad
- some new function I will need for the new unix_convert function I'm writing,
this will be renamed filename_convert and use only unicode strings.
- charconv, I attached a comment, if someone wnat to look if I'm right or
just was hacking to late in the night to make a sane one :)
of course any bug is my responsibility an will be pleased to see patches if
you find any. :-)
Simo.
|
| |
|
|
|
|
| |
Andrew, this fixes domain logons in head. Please look at the change,
as I think you may have misunderstood the max_str_len field (which is
badly named)
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
groups obtained via a domain logon are respected in the attached NT_USER_TOKEN.
This functionality is only available in HEAD, becosue of the way authenticaion
has been abstracted.
Both vuid logins and authenticated pipes need to use the same code for this in
future.
Can sombody with the correct facilties check this please?\
Thanks,
Andrew Bartlett
|
| |
|
|
| |
- Now perfectly valid.
|
| |
|
|
|
|
| |
- Basic functionality intact
- Now adds machine accounts without a uid. (using the machine uid range to
avoid conflict with real uid based accounts)
|
| |
|
|
|
|
|
| |
REMOVED BZERO CALLS YET AGAIN !!! Why do these keep creeping back in....
They are *NOT* POSIX. I'm also thinking of removing strncpy as I'm sure
it's not being used correctly....
Jeremy.
|
| |
|
|
|
| |
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
browse non-guest shares).
|
| | |
|
| |
|
|
| |
perfectly vailid behaviour for guest logins.
|
| |
|
|
|
|
|
|
| |
back into order, becouse its the inverse tests that are 'failing' - they get
error 0 back and think that we just let sombody in without a password and the
like.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Zero out some of the plaintext passwords for paranoia
Fix up some of the other passdb backends with the change to *uid_t rather than
uid_t.
Make some of the code in srv_netlog_nt.c clearer, is passing an array around,
so pass its lenght in is definition, not as a seperate paramater.
Use sizeof() rather than magic numbers, it makes things easier to read.
Cope with a PAM authenticated user who is not in /etc/passwd - currently by
saying NO_SUCH_USER, but this can change in future.
Andrew Bartlett
|
| | |
|
