| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
New objectclass named sambaSamAccount which uses attribute
prefaced with the phrase 'samba' to prevent future name clashes.
Change in functionality of the 'ldap filter' parameter. This always
defaults to "(uid=%u)" now and is and'd with the approriate objectclass
depending on whether you are using ldapsam_compat or ldapsam
conversion script for migrating from sambaAccount to
sambaSamAccount will come next.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
|
| |
|
|
|
|
|
| |
1. Allows to change quota settings for shared mount points from Win2K and WinXP from Explorer properties tab
2. Disabled by default and when requested, will be probed and enabled only on Linux where it works
3. Was tested for approx. two weeks now on Linux by two independent QA teams, have not found any bugs so far
Documentation to follow
|
| |
|
|
|
|
|
|
|
| |
1. Finally work with cascaded modules with private data storage per module
2. Convert VFS API to macro calls to simplify cascading
3. Add quota support to VFS layer (prepare to NT quota support)
Patch by Stefan (metze) Metzemacher, with review of Jelmer and me
Tested in past few weeks. Documentation to new VFS API for third-party developers to follow
|
| | |
|
| |
|
|
|
|
|
| |
fixed I would like to see this tested a bit more. Default the schannel
stuff to auto which means 'offer, but do not enforce'.
Volker
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes 'non unix account range' (same as idra's change in HEAD),
and uses the winbind uid range instead.
More importanly, this patch changes the LDAP schema to use 'ntSid' instead
of 'rid' as the primary attribute. This makes it in common with the group
mapping code, and should allow it to be used closely with a future idmap_ldap.
Existing installations can use the existing functionality by using the
ldapsam_compat backend, and users who compile with --with-ldapsam will get
this by default.
More importantly, this patch adds a 'sambaDomain' object to our schema -
which contains 2 'next rid' attributes, the domain name and the domain sid.
Yes, there are *2* next rid attributes. The problem is that we don't 'own'
the entire RID space - we can only allocate RIDs that could be 'algorithmic'
RIDs. Therefore, we use the fact that UIDs in 'winbind uid' range will be
mapped by IDMAP, not the algorithm.
Andrew Bartlett
|
| |
|
|
| |
parameters. Does not break binary compatibility with older modules.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
a pstrcpy/fstrcpy or at most a safe_strcpy().
These have the advantage of being compiler-verifiable.
Get these out of the way, along with a rewrite of 'get_short_archi' in the
spoolss client and server. (This pushes around const string pointers, rather
than copied strings).
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
This includes the 'SIDs Rule' patch, mimir's trusted domains cacheing code,
the winbind_idmap abstraction (not idmap proper, but the stuff that held up
the winbind LDAP backend in HEAD).
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
| |
global_myname(), always either the name the client called us, or if they
didn't call us anything useful, our IP address.
Jerry, can you check this?
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
| |
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.
This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.
Andrew Bartlett
|
| |
|
|
| |
well now)
|
| | |
|
| |
|
|
|
| |
- init_modules()
- smb_probe_module()
|
| |
|
|
| |
Volker
|
| |
|
|
|
|
|
|
|
| |
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing against platforms
different from NT4SP6.
Volker
|
| |
|
|
|
|
|
|
| |
No more XP requiresignorseal anymore!
Thanks again to Luke :-)
Volker
|
| |
|
|
|
|
|
|
|
|
|
| |
* Remove 'ldap del only sam attr' after asking Lars Mueller from SuSE first.
It is replaced by 'ldap delete dn'
* Fix a typo in docs.
* Document 'set primary group script'.
Volker
|
| |
|
|
|
|
|
|
|
| |
This adds 'ldap delete dn' as the recommended parameter
for the 'ldap del only sam attr' functionality. So
we are compatiple to the current SuSE patches as well
as to TNG... ;-)
Volker
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small clenaup patches:
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
- connection.c - use safe_strcpy()
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
| |
- pdb_guest (including change defaults)
- 'default' passdb actions (instead of 'not implemented' stubs in each module)
- net_rpc_samsync no longer assumes pdb_unix
Andrew Bartlett
|
| |
|
|
| |
Volker
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
| |
Yes I will add the docs....
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
- new kerberos code, allowing the account to change it's own password
without special SD settings required
- NTLMSSP client code, now seperated from cliconnect.c
- NTLMv2 client code
- SMB signing fixes
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
| |
and probably SWAT too..
Andrew Bartlett
|
| |
|
|
|
|
| |
warnings. (Adds a lot of const).
Andrew Bartlett
|
| |
|
|
|
| |
another share, and when clients connect to the first share, they will be
redirected to the proxied share.
|
| |
|
|
|
| |
named. Ensure we can query them.
Jeremy.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
|
| |
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This hopefully provides a peformance boost by not hitting getpwnam() for every
entry in an enumeration, instead reteriving entries directly (if available).
idra has reviewed this patch.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This is not 100% the same as what SuSE shipped in their Samba, there is
a crash bug fix, a race condition fix, and a few logic changes I'd like to
discuss with Andreas. Added Andreas to (C) notices for posix_acls.c
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
* postscript
* printer driver
* printer driver location
* printer driver file
also removed the get_a_printer_driver_9x_compatible() function
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
MAX_PRINT_JOBS in a queue.
Jeremy.
|
