| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
| |
I spent quite a while trying to work out how to make this call
via ldap and failed. I then found that MS servers seem use rpc
for sid_to_name, and it works even when in native mode, I ended
up just implementing it via rpc
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
'net' untility.
This should make it easier to port rpcclient code across to net.
It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse
it kills off the early destruction of the clear-text password.
Andrew Bartlett
|
| |
|
|
| |
Andrew Bartlett
|
| |
|
|
| |
least basic operations work
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This time, all the existing functionality has been moved into
'net rap', ready for new commands in the 'net ads' and 'net rpc' categories.
In particular, we hope to have the abilty to autoselect the appropriate
backend to use based on smb.conf or other paramaters.
This will allow 'net user' to work no matter what the remote server.
The new 'net rpc' command will soon gain a 'net rpc join' and a
'net rpc user' based on the existing samba code.
Also in this commit, the connection establishment code has been almost entirly
reworked, and now has some minor sense of sainity to it.
In particular, we can now connect to hosts *other* than localhost!
We also have the ability to state on a per-command basis whether the 'localhost'
is a sane default value. (A net join, for example, would not be sane against
localhost).
Unfortunetly we have had to make the basic paramaters global variables, but
the 'cli' is not opened and closed on a per-command basis.
Andrew Bartlett
|
| |
|
|
| |
command.
|
| |
|
|
| |
fixed winbindd_rpc.o typo
|
| | |
|
| |
|
|
|
| |
added a nsstest test program that directly tests all the nss
interfaces using dlopen()
|
| |
|
|
| |
rats.
|
| |
|
|
|
|
| |
also created winbindd_rpc.c which contains the functions that
have been converted to the new structure. There will soon be
a winbindd_ads.c for the ldap backend
|
| |
|
|
|
| |
print_asc(): Don't try to print a trailing NULL character
print_key(), print_rec(): Display key in ASCII
|
| | |
|
| |
|
|
| |
this fixes the smbpasswd segvs
|
| |
|
|
|
|
|
| |
and some comments to the samr server code, to explain what we should
return here.
J.F.
|
| |
|
|
|
|
| |
and added comments and some debugs.
J.F.
|
| |
|
|
|
|
|
| |
and cleanup and comments in passdb/passdb.c
J.F.
|
| |
|
|
|
|
|
|
|
| |
descriptor.
added to samr_lookup_name the choice to select the either the builtin
(s-1-5-32) domain or our current domain (s-1-5-21-x-y-z)
J.F.
|
| |
|
|
| |
J.F.
|
| |
|
|
| |
J.F.
|
| |
|
|
|
|
|
|
| |
that GROUPNAME_MAP has never been used.
I'll delete the smbd/groupname.c file too
J.F.
|
| |
|
|
| |
J.F.
|
| |
|
|
|
|
| |
This just splits off the dispinfo call behind a methods structure.
I'll split off a few more functions soon, then we will be ready for
LDAP replacement methods
|
| |
|
|
| |
happy
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sharemode db in the following way.
Originally, on startup and shutdown, smbd would scan the share mode
db to ensure it was correct. This lead to scalability issues as
scans lock the db for quite a long time. Andrew had the brainstorm
that we only care about the record we're about to read.
This new code (small change really, but quite significant) causes
get_share_modes() to do a process_exists() call against each pid
in each record, and to delete any that don't and re-write the
entry if any dead records were detected.
This allowed me to remove the startup/shutdown scans of the
db (they can be added into smbstatus if anyone really cares to
have them back). This will please the vfs author who was worried
about the time taken on open() calls, and will lead to much
greater robustness and scalability in the share mode db.
We need much testing of this, and also netbench tests to
ensure the extra process_exists() calls don't hurt performance
(they shouldn't it's a very simple system call).
Jeremy.
|
| | |
|
| |
|
|
| |
definitions.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).
Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.
Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.
J.F.
|
| |
|
|
| |
perhaps we should just fail ads_init() in this case?
|
| | |
|
| | |
|
| |
|
|
|
| |
behaviour no matter if kerberos was found automatically, found in the
/usr/kerberos path or was specified.
|
| |
|
|
|
|
|
|
|
| |
This allows us to use automagically obtained values in future, and the value
from krb5.conf now.
Also fix mem leaks etc.
Andrew Bartlett
|
