| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
| |
If you do not have one more expect than issue when talking to the passwd
program you will not send the last issue.
|
| |
|
|
|
|
| |
tridge, martin, if you think it's wrong , you can revert it.
J.F.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
winbindd/ADS can now do initgroups()
|
| | |
|
| | |
|
| |
|
|
|
| |
as it was, and add tdb_open_ex() which takes a log callback. I guess
this makes more sense since it's a public interface.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- tdb_open api changed so that you now pass an error handling
callback when opening the file, so that errors detected during
opening have somewhere to go. (All calls from the body of Samba to
this function go through a wrapper in tdbutil, which has been
updated.)
- Clean up logic for deciding how to open tdb. Emit log messages if
something goes wrong (e.g. bad magic.)
- tdbtool now logs errors to stderr.
|
| |
|
|
| |
:)
|
| | |
|
| | |
|
| |
|
|
| |
fixed a winbindd crash when the group membership can't be looked up
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
However this looks like the best spot to init the account policy db...
(fix segfaults on all local smbpasswd ops)
Andrew Bartlett
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This kills off the offending code in smbpasswd -j -Uab%c
In the process we have changed from unsing compelatly random passwords
to random, 15 char ascii strings. While this does produce a decrese in
entropy, it is still vastly greater than we need, considering the application.
In the meantime this allows us to actually *type* the machine account
password duruign debugging.
This code also adds a 'check' step to the join, confirming that the
stored password does indeed do somthing of value :-)
Andrew Bartlett
|
| |
|
|
|
|
| |
PDC, as well as changes for correctness as per tridge.
Andrew Bartlett
|
| |
|
|
| |
(as per tridge's instructions)
|
| | |
|
| | |
|
| |
|
|
|
| |
a group name.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
| |
database, but no underlying system call sets errno.
The particular case I had was a mangled .tdb, but there are others.
For this one, set EIO. It's a shame Unix messages aren't more
detailed -- "bad data format" would be better.
|
| |
|
|
|
| |
winbindd. Getting ready for efficiency fix in group lookups.
Jeremy.
|
| | |
|
| |
|
|
| |
session setup
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
You can change them with either usermanager->policies->account
or from a command prompt on NT/W2K: net accounts /domain
we can add a rpc accounts to the net command. As the net_rpc.c is still
empty, I did not start. How should I add command to it ? Should I take the
rpcclient/cmd_xxx functions and call them from there ?
alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more
for jeremy ;-)
J.F.
|
| | |
|
| |
|
|
|
|
|
| |
I spent quite a while trying to work out how to make this call
via ldap and failed. I then found that MS servers seem use rpc
for sid_to_name, and it works even when in native mode, I ended
up just implementing it via rpc
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
'net' untility.
This should make it easier to port rpcclient code across to net.
It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse
it kills off the early destruction of the clear-text password.
Andrew Bartlett
|
| |
|
|
| |
Andrew Bartlett
|
| |
|
|
| |
least basic operations work
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This time, all the existing functionality has been moved into
'net rap', ready for new commands in the 'net ads' and 'net rpc' categories.
In particular, we hope to have the abilty to autoselect the appropriate
backend to use based on smb.conf or other paramaters.
This will allow 'net user' to work no matter what the remote server.
The new 'net rpc' command will soon gain a 'net rpc join' and a
'net rpc user' based on the existing samba code.
Also in this commit, the connection establishment code has been almost entirly
reworked, and now has some minor sense of sainity to it.
In particular, we can now connect to hosts *other* than localhost!
We also have the ability to state on a per-command basis whether the 'localhost'
is a sane default value. (A net join, for example, would not be sane against
localhost).
Unfortunetly we have had to make the basic paramaters global variables, but
the 'cli' is not opened and closed on a per-command basis.
Andrew Bartlett
|
| |
|
|
| |
command.
|
| |
|
|
| |
fixed winbindd_rpc.o typo
|
| | |
|
| |
|
|
|
| |
added a nsstest test program that directly tests all the nss
interfaces using dlopen()
|
