summaryrefslogtreecommitdiffstats
path: root/source/libads/ldap.c
Commit message (Collapse)AuthorAgeFilesLines
* fix case where no realm or workgroup means to use our ownGerald Carter2003-07-251-2/+19
|
* connect to the right realm or domain for trusted AD domainsGerald Carter2003-07-231-8/+4
|
* Call the synchronous version of the ldap delete function otherwise we end upTim Potter2003-07-071-1/+1
| | | | treating the returned message id as an error code.
* Removed strupper/strlower macros that automatically map to ↵Jeremy Allison2003-07-031-5/+5
| | | | | | | strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy.
* Fix bug in doxygen comments for ads search functions.Tim Potter2003-07-031-4/+4
|
* * fix typos in a few debug statementsGerald Carter2003-06-251-3/+9
| | | | | * check negative connection cache before ads_try_connect() in ads_find_dc()
* large change:Gerald Carter2003-06-251-118/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | *) consolidates the dc location routines again (dns and netbios) get_dc_list() or get_sorted_dc_list() is the authoritative means of locating DC's again. (also inludes a flag to get_dc_list() to define if this should be a DNS only lookup or not) (however, if you set "name resolve order = hosts wins" you could still get DNS queries for domain name IFF ldap_domain2hostlist() fails. The answer? Fix your DNS setup) *) enabled DOMAIN<0x1c> lookups to be funneled through resolve_hosts resulting in a call to ldap_domain2hostlist() if lp_security() == SEC_ADS *) enables name cache for winbind ADS backend *) enable the negative connection cache for winbind ADS backend *) removes some old dead code *) consolidates some duplicate code *) moves the internal_name_resolve() to use an IP/port pair to deal with SRV RR dns replies. The namecache code also supports the IP:port syntax now as well. *) removes 'ads server' and moves the functionality back into 'password server' (which can support "hostname:port" syntax now but works fine with defaults depending on the value of lp_security())
* * s/get_dc_name/rpc_dc_name/g (revert a previous change)Gerald Carter2003-06-231-0/+3
| | | | | | | | | | | | | | | | * move back to qsort() for sorting IP address in get_dc_list() * remove dc_name_cache in cm_get_dc_name() since it slowed things down more than it helped. I've made a note of where to add in the negative connection cache in the ads code. Will come back to that. * fix rpcclient to use PRINTER_ALL_ACCESS for set printer (instead of MAX_ALLOWED) * only enumerate domain local groups in our domain * simplify ldap search for seqnum in winbindd's rpc backend
* we need to call ads_first_entry() before using a ldap result,Andrew Tridgell2003-06-161-5/+12
| | | | otherwise we can segv or return garbage
* Rename some uuid functions so as not to conflict with systemTim Potter2003-06-131-1/+1
| | | | versions. Fixes bug #154.
* Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett2003-04-211-3/+5
| | | | | | | | | | | This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett
* Change variable name to get this working on gcc 3.2 (Merge from HEAD)Jelmer Vernooij2003-04-151-33/+33
|
* merge from HEAD - dump tokenGroups as sids.Andrew Bartlett2003-03-171-0/+1
|
* Make sure these values are never uninitialsised.Andrew Bartlett2003-02-241-2/+2
|
* Merge from HEAD client-side authentication changes:Andrew Bartlett2003-02-241-18/+33
| | | | | | | | | | - new kerberos code, allowing the account to change it's own password without special SD settings required - NTLMSSP client code, now seperated from cliconnect.c - NTLMv2 client code - SMB signing fixes Andrew Bartlett
* Fix segv in net ads join...an extra & was the culpritJim McDonough2003-02-191-1/+1
|
* Merge minor library fixes from HEAD to 3.0.Andrew Bartlett2003-02-191-13/+36
| | | | | | | | | | | | | | - setenv() replacement - mimir's ASN1/SPNEGO typo fixes - (size_t)-1 fixes for push_* returns - function argument signed/unsigned correction - ASN1 error handling (ensure we don't use initiailsed data) - extra net ads join error checking - allow 'set security discriptor' to fail - escape ldap strings in libads. - getgrouplist() correctness fixes (include primary gid) Andrew Bartlett
* Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison2003-02-141-5/+11
| | | | | Needed to move to disk based i/o later. Jeremy.
* Merging from HEAD - add a note about a better method for finding netbios ↵Jeremy Allison2003-02-121-0/+7
| | | | | | | name of workgroup (not implemented yet) Jeremy.
* Mem alloc checks.Jeremy Allison2003-02-041-11/+28
| | | | Jeremy.
* Merge LDAP filter parinoia from HEAD, a few other pdb_ldap updates and someAndrew Bartlett2003-02-011-7/+21
| | | | | | misc libads fixes. Andrew Bartlett
* sanity checks from Ken CrossGerald Carter2003-01-211-1/+5
|
* Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett2003-01-031-2/+2
| | | | | | warnings. (Adds a lot of const). Andrew Bartlett
* Catching up with old patches. Add define for VERITAS quota support.Jeremy Allison2002-12-301-0/+2
| | | | | Check return in ldap. Jeremy.
* Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2002-12-201-7/+7
| | | | | named. Ensure we can query them. Jeremy.
* More printer publishing code.Jim McDonough2002-12-131-0/+26
| | | | | | | | - Add published attribute to info2, needed for win clients to work properly - Return proper info on getprinter 7 This means you can now look at the sharing tab of a printer and get correct info about whether it is published or not, and change it.
* [merge from APP_HEAD]Gerald Carter2002-11-231-1/+2
| | | | | | | | | | | | | 90% fix for CR 1076. The password server parameter will no take things like password server = DC1 * which means to contact DC1 first and the go to auto lookup if it fails. jerry
* Updates from HEAD:Andrew Bartlett2002-11-151-1/+1
| | | | | | | | | | - const for PACKS() in lanman.c - change auth to 'account before password' - add help to net rpc {vampire,samsync} - configure updates for sun workshop cc - become_root() around pdb_ calls in auth_util for guest login. Andrew Bartlett
* Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison2002-11-121-18/+20
| | | | | | dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy.
* Merge of get_dc_list() api change from HEAD.Tim Potter2002-11-061-12/+7
|
* Merge from HEAD:Jim McDonough2002-10-291-5/+33
| | | | | | GUID formatting on ads dump Allow rc4-hmac when available .NET likes both forms of servicePrincipalName in machine account record
* syncing up with HEAD. Seems to be a lot of differences creeping inGerald Carter2002-10-011-64/+138
| | | | | (i ignored the new SAMBA stuff, but the rest of this looks like it should have been merged already).
* sync'ing up for 3.0alpha20 releaseGerald Carter2002-09-251-22/+72
|
* sync 3.0 branch with headJelmer Vernooij2002-08-171-68/+321
|
* updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell2002-07-151-302/+377
|
* A few more updates:Jim McDonough2002-04-101-132/+348
| | | | | | - Add doxygen comments - remove server sort control (ms implementation was not reliable) - rename ads_do_search_all2() to ads_do_search_all_fn()
* Several updates to get server side sorting going:Jim McDonough2002-04-051-26/+78
| | | | | | | | | | | | | | | - Added sort control to ads_do_paged_search. It allows a char * to be passed as the sort key. If NULL, no sort is done. - fixed a bug in the processing of controls (loop wasn't incremented properly) - Added ads_do_search_all2, which funs a function that is passed in against each entry. No ldapmessage structures are returned. Allows results to be processed as the come in on each page. I'd like ads_do_search_all2 to replace ads_do_search_all, but there's some work to be done in winbindd_ads.c first. Also, perhaps now we can do async ldap searches? Allow us to process a page while the server retrieves the next one?
* Try harder next time to not duplicate function...take ads_err2string backJim McDonough2002-04-041-15/+0
| | | | out since it's already in ads_errstr() in ads_status.c
* Add ads_err2string() function for generating error strings from an ADS_STATUS.Jim McDonough2002-04-041-0/+15
| | | | I've got the cases besides gssapi...anyone know how to get those?
* Added ads_process_results(), which takes a function that is called for eachJim McDonough2002-03-291-20/+73
| | | | | | | | entry returned from a search, and applies it to the results. Re-structured ads_dump to use this, plus changed the ber_free in ads_dump from (b,1) to (b,0), in accordance with openldap manpages. Also allows proper free of result using ldap_msgfree afterwards, so you can do something with the results after an ads_dump.
* Whoops, left the paged control not critical in the paged search...kind ofJim McDonough2002-03-271-1/+1
| | | | defeats the purpose.
* Add server control to prevent referrals in paged searches. This keepsJim McDonough2002-03-271-6/+18
| | | | | | the scope limited to the domain at hand, and also keeps the openldap libs happy, since they don't currently chase referrals and return server controls properly at the same time.
* added a ads_do_search_all() call, which is a more convenient interfaceAndrew Tridgell2002-03-191-0/+42
| | | | | to paged searches. This makes updating winbindd to used paged searches trivial.
* fixed paged controls on my box. The problem seems to be incorrectAndrew Tridgell2002-03-191-4/+21
| | | | | referrals parsing in the openldap libs. By disabling referrals we get valid controls back and the cookies work.
* This adds the Paged Result Control to ads searching. The new function, ↵Jim McDonough2002-03-141-0/+79
| | | | ads_do_paged_search, is the same as ads_do_search, but it also contains a count of records returned in this page, and a cookie for resuming, to be passed back. The cookie must start off NULL, and when it returns as NULL, the search is done.
* detect SIZELIMIT_EXCEEDED in ldap queries and truncateAndrew Tridgell2002-03-131-0/+4
| | | | | | the problem is, how the heck do we properly handle these? Jerry? It seems that the Win2000 ADS server only returns a max of 1000 records!
* put in the ADS DNS hack, but commented outAndrew Tridgell2002-03-111-0/+11
|
* yipee! Finally put in the patch from Alexey KotovichAndrew Tridgell2002-03-101-8/+121
| | | | | | | | <a.kotovich@sam-solutions.net> that adds the security decsriptor code for ADS workstation accounts thanks for your patience Cat, and thanks to Andrew Bartlett for extensive reviews and suggestions about this code.
* fix for IRIX compile errorHerb Lewis2002-03-041-3/+4
|
* Fix LDAP modification operation. Cut and paste error: was LDAP_MOD_ADD, ↵Jim McDonough2002-02-131-1/+1
| | | | should be LDAP_MOD_REPLACE. Caught by Alexey Kotovich.
generated by cgit (git 2.34.1) at 2024-10-03 23:27:35 +0000