| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Further reformat get_trust_pw to conform to coding rules.
Michael
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
Send access to the trusted domain passwords through the pdb backend.
I did not yet find the time to implement the next step: trusted
domain passwords support in pdb_ldap. But at I wanted to have the
infrastructure available at least.
Michael
|
| |\
| |
| |
| |
| |
| |
| |
| |
| | |
* Move aclocal.m4 and replace with m4 directory
* Merge VL's require-membership-of changes to winbindd_pam.c
and associated changes to token_util.c
* Fix warnings from tdb_pack/unpack in printing.c
* merge ndr fixes and wkssvc service
* formating merges to decrease the diff between branches
|
| | |
| |
| |
| | |
Unix name after discussion with Simo.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
we have to take care to preserve the "special" values
for Windows of 0x80000000 and 0x7FFFFFFF when casting
between time_t and uint32. Add conversion functions
(and use them).
Jeremy.
|
| | |
| |
| |
| |
| |
| | |
messages.c. Refactor to use become_root() instead and
make it local to messages.c
Jeremy.
|
| | |
| |
| |
| |
| |
| | |
and fix all compiler warnings in the users
metze
|
| | |
| |
| |
| |
| | |
command. Jerry, Simo, please check.
Jeremy.
|
| | |
| |
| |
| | |
'pdbedit -L -w'
|
| | |
| |
| |
| | |
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
so that
in the next step we can store them in LDAP to be replicated across DCs.
Thanks to Michael Adam <ma@sernet.de>
Volker
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
|
| | |
| |
| |
| |
| |
| | |
Destructors now take a pointer to the "real" destroyed object as an argument.
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
the this should be necessary. If there is still a bug,
I believe that setting thr group RID from the passdb is
masking it. Not fixing it. It is very likely that
the change was necessary before but is no longer
with the recent changes. But I'm not taking the chance
of merging it to 3.0.23c. :-)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The would have been primaryly used when adding a user to
an smbpasswd file, but could have been introduce to other
backends by using pdbedit -i -e.
The symptom was
[2006/08/09 13:07:43, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(6276)
init_sam_user_info_21A: User nobody has Primary Group SID S-1-22-2-99,
which conflicts with the domain sid S-1-5-21-1825997848-4107600307-1754506280.
Failing operation.
|
| | |
| |
| |
| | |
when using smbpasswd
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove some unused code: pdb_find_alias is not used anymore, and nobody I
think has ever used the pdb_nop operations for group mapping. smbpasswd and
tdb use the default ones and ldap has its own.
Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right
now really makes use of it, but it feels wrong to throw away information so
early.
Volker
|
| | |
| |
| |
| |
| |
| |
| | |
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
|
| | |
| |
| |
| |
| |
| | |
BIG THANKS to Tom Bork for reporting that Bug!
Volker
|
| | |
| |
| |
| | |
Volker
|
| | |
| |
| |
| |
| |
| |
| |
| | |
we have to take care to preserve the "special" values
for Windows of 0x80000000 and 0x7FFFFFFF when casting
between time_t and uint32. Add conversion functions
(and use them).
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
change TDB_DATA from char * to unsigned char *
and fix all compiler warnings in the users
metze
|
| | |
| |
| |
| |
| | |
command. Jerry, Simo, please check.
Jeremy.
|
| | |
| |
| |
| | |
'pdbedit -L -w'
|
| | |
| |
| |
| | |
Volker
|
| | | |
|
| | |
| |
| |
| | |
policy_handle' over from SAMBA_3_0.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The would have been primaryly used when adding a user to
an smbpasswd file, but could have been introduce to other
backends by using pdbedit -i -e.
The symptom was
[2006/08/09 13:07:43, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(6276)
init_sam_user_info_21A: User nobody has Primary Group SID S-1-22-2-99,
which conflicts with the domain sid S-1-5-21-1825997848-4107600307-1754506280.
Failing operation.
|
| | |
| |
| |
| | |
when using smbpasswd
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This pulls is what I considered safe fixes from SAMBA_3_0.
This boiled down to either Klocwork fixes or obvious compiler
warning fixes. I did not include any changes to fnuction
signatures not the version change to the passdb API.
Also pulled in the 3 nmbd fixes requested by Jeremy
and the wildcard delete fix.
This code will sit for a few days in the cooker and then
become 3.0.23 if nothing blows up. I don't care how many
more compile warning fixes people throw into SAMBA_3_0.
|
| | | |
|
| | |
| |
| |
| |
| | |
Bring release tree up to current 3.0 tree
(svn merge -r15845:16103 $SVNURL/branches/SAMBA_3_0)
|
| |/ |
|
| |
|
|
|
|
| |
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
|
| | |
|
| |
|
|
|
|
|
|
| |
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
|
| |
|
|
|
|
|
|
|
|
| |
* ignore the primary group SID attribute from struct samu*
* generate the primary group SID strictlky from the Unix
primary group when dealing with passdb users
* Fix memory leak in original patch caused by failing to free a
talloc *
* add wrapper around samu_set_unix() to prevent exposing the create
BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix()
|
| |
|
|
|
|
|
|
|
| |
* Add a 'struct passwd *' to the struct samu for later reference
(I know this may be controversial but its easily reverted which is
is why I'm checking this is as a seaparate patch before I get
too deep).
* Remove unix_homedir from struct samu {} and update the pdb wrapper
functions associated with it.
|
| | |
|
| |
|
|
| |
was the only place it was called from.
|
| |
|
|
| |
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix()
|
