summaryrefslogtreecommitdiffstats
path: root/source/nsswitch/wbinfo.c
Commit message (Collapse)AuthorAgeFilesLines
* Compilers do find bugs :-)Andrew Bartlett2002-07-211-2/+1
| | | | | | | This was a mixup between the enum type NSS_STATUS and a BOOL (extra test for equality). Andrew Bartlett
* Try to fix up warnings - particularly on the IRIX 64 bit compiler (which had aAndrew Bartlett2002-07-201-2/+2
| | | | | | | | distinction between uchar and char). Lots of const etc. Andrew Bartlett
* Usage fixes from APPLIANCE_HEAD.Tim Potter2002-07-111-1/+2
|
* The last element of the definitions of enums can't have a trailingTim Potter2002-06-021-1/+1
| | | | comma. Only initialisers can have this in ANSI C.
* merge from 2.2Gerald Carter2002-05-291-1/+1
|
* debug classizedSimo Sorce2002-05-211-0/+3
|
* A small change to print out the error message only if we could not check theRichard Sharpe2002-05-191-4/+5
| | | | secrets ...
* As per rsharpe's request, require only a Masters in Astrophysics toAndrew Bartlett2002-05-181-14/+10
| | | | | | correctly configure winbind. (Next job: Fill in the 'error_msg' field with somthing useful)
* Don't store domain with username in secrets.tdbTim Potter2002-05-131-1/+1
|
* Merge of --set-auth-user updates from 2.2Tim Potter2002-05-131-3/+4
|
* Spelling.Tim Potter2002-04-041-1/+1
|
* Call poptFreeContext() as appropriate.Tim Potter2002-04-041-23/+30
| | | | Clean up exit path code.
* merge winbindd WINS changes from 2.2Herb Lewis2002-03-291-0/+68
|
* Cache call to winbind separator.Tim Potter2002-03-201-46/+56
| | | | | | Some random reformatting and cleanup. Display output of wbinfo -s using actual winbind separator.
* Move wbinfo over to d_printf(). Patch by Hasch@t-online.de (Juergen Hasch)Andrew Bartlett2002-03-011-55/+55
| | | | Andrew Bartlett
* Winbind cleanup.Andrew Bartlett2002-02-151-5/+13
| | | | | | | | | | | | | | | | | | This patch fixes the segfaults I introduced in the previous conneciton caching patch. It cleans up the connection cache a *lot* - in particular it adds significant robustness to the operation. If a the DC goes down, we no longer fail the next operation - the code checks if the connection died during one of its own operations on the socket, and restarts the conneciton as required. There is still a memory leak in here somewhere - but this code also cleans up a number of these. Also added is the abilty to sepecify the domain of the 'get around restrict anonymous' user that winbind uses. Andrew Bartlett
* A few small winbind updates:Andrew Bartlett2002-02-111-1/+0
| | | | | | | | | | | | | | | Add a connection cache to the netlogon pipe. This makes a *massive* difference to the time-per-auth. Also fix up *some* of the memory leaks in other connection caches. Add some debugging messages for the is_connected() code. I'm thinking we should get a client implementation of SMBecho and call it here - as it would allow us to always know the DC is around before we start. Down the debug level for some of the pam_winbind code - I'll probably down it further when I'm finished debugging. Andrew Bartlett
* 0x is the traditional prefix for displaying hex numbers.Tim Potter2002-02-061-2/+2
|
* Drastic impromvents to pam_winbind.Andrew Bartlett2002-02-051-0/+6
| | | | | | | | | | | | | | | | | This adds code to do generic PAM -> NTSTATUS and NTSTATUS -> PAM error conversions, and uses them to make the error handling in pam_winbind sane. In particular, pam_winbind now uses PAM error codes, not silly '-1, -2 ...' stuff, and logs the NTSTATUS error that winbind now sends over the pipe. Added code to wbinfo to display these - makes a big difference in debugging winbindd. The main change here is the code to allow pam_winbind password changing to correctly stack - This code ripped from pam_unix, and the copyright attached. (Same as for all pam modules, including pam_winbind) Andrew Bartlett
* added 'wbinfo --sequence' to show sequence numbers of all domainsAndrew Tridgell2002-01-311-0/+34
|
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Change the winbind interface to use seperate 'domain' and 'username' feilds forAndrew Bartlett2002-01-261-3/+25
| | | | | | | | | the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username.
* This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett2002-01-201-11/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett
* This is the 'winbind default domain' patch from Alexander BokovoyAndrew Bartlett2002-01-181-8/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | <a.bokovoy@sam-solutions.net>. The idea is the domain\username is rather harsh for unix systems - people don't expect to have to FTP, SSH and (in particular) e-mail with a username like that. This 'corrects' that - but is not without its own problems. As you can see from the changes to files like username.c and wb_client.c (smbd's winbind client code) a lot of assumptions are made in a lot of places about lp_winbind_seperator determining a users's status as a domain or local user. The main change I will shortly be making is to investigate and kill off winbind_initgroups() - as far as I know it was a workaround for an old bug in winbind itself (and a bug in RH 5.2) and should no longer be relevent. I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters to determine a user/groups's 'local' status, rather than the presence of the seperator. As such, this functionality is recommended for servers providing unix services, but is currently less than optimal for windows clients. (TODO: remove all references to lp_winbind_seperator() and lp_winbind_use_default_domain() from smbd) Andrew Bartlett
* Some memory leak fixes.Tim Potter2002-01-111-17/+23
|
* Return the winbind separator over the socket, so programs don't have to parseAndrew Bartlett2002-01-101-17/+37
| | | | | | | | | | | | | | | | smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett
* This changes the winbind protcol a bit:Andrew Bartlett2002-01-101-6/+56
| | | | | | | | | | | | | | It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett
* - added initial support for trusted domains in winbindd_adsAndrew Tridgell2001-12-191-1/+5
| | | | | | - gss error code patch from a.bokovoy@sam-solutions.net - better sid dumping in ads_dump - fixed help in wbinfo
* Oops, the -a option disappeared.Tim Potter2001-12-111-0/+1
|
* fix for IRIX compilersHerb Lewis2001-12-111-2/+2
|
* Converted wbinfo to use popt instead of getopt - popt is very nice!Tim Potter2001-12-111-28/+100
| | | | | | | | | | | | | | | Added a --set-auth-user function to set a username and password that can be used by winbindd when making connections to domain controllers. This is necessary when restrictions have been placed on anonymous connections either through the RestrictAnonymous registry setting, or the win2k Local Security Policy -> Security Settings -> Local Policies -> Security Options -> Additional restrictions for anonymous connections. (phew) Two new keys are set in secrets.tdb: SECRETS/AUTH_USER and SECRETS/AUTH_PASSWORD which hold the username and plaintext password of the user to connect as. To reset these values, run wbinfo --set-auth-user ""
* Correct message on wbinfo fail to open config file.Jeremy Allison2001-12-041-1/+2
| | | | Jeremy.
* Removed TimeInit() call from every client program (except for one placeTim Potter2001-11-231-2/+0
| | | | | in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean.
* Store some path names in global variables initialized to configureMartin Pool2001-11-191-1/+1
| | | | default, rather than in preprocessor macros.
* Fix winbind client code so that winbind calls are not made if theJeremy Allison2001-11-131-0/+21
| | | | | | | requested name does not have a winbind separator character. This makes the intent explicit. Tim, contact me if this is not what you indended. Jeremy.
* fixed a bunch of compilation errors on Solaris, mostly people getting ↵Andrew Tridgell2001-09-051-32/+33
| | | | NSS_STATUS and WINBINDD error codes mixed up
* Added another authentication interface to winbindd. The Challenge ResponseTim Potter2001-08-221-15/+116
| | | | | | Authentication Protocol (CRAP) takes a tuple of (username, random challenge, encrypted lm password, encrypted nt password) where the passwords are encrypted with the random challenge ala ntlmssp.
* the nss and pam modules in winbind don't have strchr_m() yet, so useAndrew Tridgell2001-07-181-1/+1
| | | | strchr() for the moment
* strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell2001-07-041-1/+1
| | | | can't redefine them. damn.
* The big character set handling changeover!Andrew Tridgell2001-07-041-2/+0
| | | | | | | This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation.
* More compile fixups for winbind portability.Tim Potter2001-06-041-1/+1
|
* Compile fix for solaris.Tim Potter2001-06-041-7/+5
| | | | Fixed some compiler warnings.
* merge some of the nsswitch code from tng to headAndrew Tridgell2001-04-251-4/+5
| | | | | the libnss_winbind.so from head now works with the winbindd from tng
* Fixed merging mess.Tim Potter2000-10-131-1/+22
|
* Renamed WINBINDD_INITGROUPS constant to WINBINDD_GETGROUPS.Tim Potter2000-10-111-1/+1
|
* Modified initgroups to provide a get groups a user is a member ofTim Potter2000-10-111-1/+34
| | | | | | functionality. This is much faster than inverting the group database. Added client side command for this to wbinfo.
* Merge of wbinfo program from TNG.Tim Potter2000-07-051-0/+408
generated by cgit (git 2.34.1) at 2025-09-26 02:47:14 +0000