summaryrefslogtreecommitdiffstats
path: root/source/passdb
Commit message (Collapse)AuthorAgeFilesLines
* Fix crash bug in pdb_init_ldapsam().Günther Deschner2008-03-041-2/+2
| | | | | | | Karolin, this needs to be in 3-2-stable. Guenther (cherry picked from commit 0d73bde6de4391e7aec862424762473441fa0905)
* Fix some warningsVolker Lendecke2008-02-251-1/+4
| | | | warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result
* Change ldap search filter. This function is also used to search machine ↵Karolin Seeger2008-02-191-2/+2
| | | | | | accounts which may be located in a different ou. This is an extension to e71a48bb80cee85afcccacbce2884c0d600f4d72. Karolin
* Use netr_SamInfo3 in remaining places.Günther Deschner2008-02-172-2/+2
| | | | Guenther
* nsswitch: convert winbind_env_set(), winbind_on() and winbind_off() into macrosStefan Metzmacher2008-02-131-2/+2
| | | | metze
* Add get_logon_hours_from_pdb() (inspired by samba4).Günther Deschner2008-02-121-0/+23
| | | | Guenther
* Change ldap search filter. This function is also used to search machine ↵Karolin Seeger2008-02-111-1/+1
| | | | | | accounts which may be organized in a different ou. Karolin
* More paranoid checks for secrets_init() success.Günther Deschner2008-02-091-13/+35
| | | | Guenther
* Fix typo.Karolin Seeger2008-02-081-1/+1
| | | | Karolin
* Don't return true on talloc fail.Jeremy Allison2008-02-051-0/+12
| | | | Jeremy.
* Fix valgrind errorsVolker Lendecke2008-02-041-1/+17
| | | | | | | We need to keep the names around on the search. Probably a tdb_move would do it here as well, but RPC is not the fastest thing on earth anyway... Thanks to Günther for pointing that out to me!
* Remove a staticVolker Lendecke2008-02-041-4/+1
| | | | | I very much doubt that this is called enough to justify a global. If this turns out to be a hot code path, we might reconsider :-)
* Fix lookup_sids to detect unix_groups and unix_users domain sids.Michael Adam2008-01-251-0/+10
| | | | | | | This fixes panics in wbcLookupRids when 1-2-22 was passed as a domain sid. Michael
* Add a debug message: show the sid lookup_sid() was called for.Michael Adam2008-01-251-0/+2
| | | | Michael
* Add a debug message to lookup_rids() printing the domain SID.Michael Adam2008-01-251-0/+3
| | | | | | | This is to ease debugging. I sporadically get panics that are apparently due to NULL domain sid passed to lookup_rids somewhere. Michael
* Fix CID 469. new_acct can't be NULL here.Jeremy Allison2008-01-121-2/+1
| | | | Jeremy.
* Fix memleak in ldapsam_rename_sam_account() found by IBM checker.Michael Adam2008-01-091-1/+1
| | | | | | The check for out of memory was the wrong way round. Michael
* Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam2008-01-091-7/+11
| | | | Michael
* Add secrets_shutdown().Günther Deschner2008-01-071-0/+13
| | | | Guenther
* Fix for bug #5163 from Laurent Pinchart <pinchart@skynet.be>Jeremy Allison2008-01-021-0/+4
| | | | | Failure to change password in ldap is mapped to NT_STATUS_UNSUCCESSFUL unconditionally. Jeremy.
* Make pdb_tdb honour a private dir overridden in smb.conf.Michael Adam2007-12-291-1/+1
| | | | | | | | | | | | One lp_private_dir() has to be used instead of get_dyn_PRIVATE_DIR() to determine the location of the passdb.tdb. I noticed this when running make test as a "normal user" from a build, where I had done "make install" as root before, and so the passdb.tdb could not be accessed during the startup phase "CREATE TEST ENVIRONMENT IN ./st ..." in selftest.sh. Michael
* passdb.tdb is located in the private directoryVolker Lendecke2007-12-291-1/+2
| | | | | | | | | | | | Jerry, as part of d6cdbfd87 the default location of passdb.tdb has changed from the private directory to the state directory. I think because passdb.tdb holds the password hashes, it is reasonable to keep this next to the smbpasswd file. Please review and potentially push. Thanks, Volker
* Convert csamuser to memcacheVolker Lendecke2007-12-281-27/+26
|
* Remove the sampwent interfaceVolker Lendecke2007-12-264-446/+1
|
* smbpasswd_search_usersVolker Lendecke2007-12-261-0/+114
|
* Add tdbsam_search_usersVolker Lendecke2007-12-261-0/+134
|
* Convert the [gu]id_sid cache to memcacheVolker Lendecke2007-12-231-134/+62
|
* Remove Get_Pwnam and its associated static variableVolker Lendecke2007-12-191-1/+2
| | | | All callers are replaced by Get_Pwnam_alloc
* Add and use some keystr functions using talloc_tos() in secrets api.Günther Deschner2007-12-191-44/+123
| | | | Guenther
* Prevent another segfault.Michael Adam2007-12-181-1/+3
| | | | Michael
* Remove direct caller of secrets_fetch_trusted_domain_password().Michael Adam2007-12-171-1/+1
| | | | | | | This is a regession introduced by f7efc0eca9426e63b751c07a90265a12bb39cf95. This calls pdb_get_trusteddom_pw() instead, again. Michael
* Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames.Michael Adam2007-12-171-13/+32
| | | | | | | | This patch is still incomplete in that winbindd does not walk the the trusted domains to lookup unqualified names here. Apart from that this fix should be pretty much complete. Michael
* s/sid_to_string/sid_to_fstring/Volker Lendecke2007-12-152-9/+9
| | | | least surprise for callers
* Replace sid_string_static with sid_to_stringVolker Lendecke2007-12-152-6/+11
| | | | | This adds 28 fstrings on the stack, but I think an fstring on the stack is still far better than a static one.
* Use sid_string_talloc where we have a tmp talloc ctxVolker Lendecke2007-12-151-3/+4
|
* Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke2007-12-159-84/+80
|
* Use sid_string_talloc where we have a tmp talloc ctxVolker Lendecke2007-12-151-14/+16
|
* Revert "Fix for bug #4801: Correctly implement lsa lookup levels for ↵Stefan Metzmacher2007-12-141-32/+13
| | | | | | | | | | | lookupnames." As it breaks all tests which try to join a new machine account. So more testing is needed... metze This reverts commit dd320c0924ce393a89b1cab020fd5cffc5b80380.
* Pass NULL instead of unneeded &sid: pdb_get_trusteddom_pw() checks.Michael Adam2007-12-131-2/+1
| | | | Michael
* Rename get_trust_pw() to get_trust_pw_hash().Michael Adam2007-12-131-2/+2
| | | | Michael
* Export logic of get_trust_pw() to new function get_trust_pw_clear().Michael Adam2007-12-131-16/+58
| | | | | | | | | get_trust_pw() just now computes the md4 hash of the result of get_trust_pw_clear() if that was successful. As a last resort, in the non-trusted-domain-situation, get_trust_pw() now tries to directly obtain the hashed version of the password out of secrets.tdb. Michael
* Refactor the lagacy part of secrets_fetch_trust_account_password() outMichael Adam2007-12-131-13/+31
| | | | | | | | into a new function secrets_fetch_trust_account_password_legacy() that does only try to obtain the hashed version of the machine password directly from secrets.tdb. Michael
* Let get_trust_pw() determine the machine_account_name to use.Michael Adam2007-12-131-2/+14
| | | | | | | | | | | | | | | | | Up to now each caller used its own logic. This eliminates code paths where there was a special treatment of the following situation: the domain given is not our workgroup (i.e. our own domain) and we are not a DC (i.e. it is not a typical trusted domain situation). In situation the given domain name was previously used as the machine account name, resulting in an account name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me. get_trust_pw would not have obtained a password in this situation anyways. I hope I have not missed an important point here! Michael
* Remove two unneeded functions.Michael Adam2007-12-131-23/+0
| | | | | | | | | secrets_store_trust_account_password() and trust_password_delete() are the write access functions to the SECRETS/$MACHINE.ACC/domain keys in secrets.tdb, the md4 hashed machine passwords. These are not used any more: Current code always writes the clear text password. Michael
* Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames.Michael Adam2007-12-131-13/+32
| | | | | | | | | This is a first patch aimed at fixing bug #4801. It is still incomplete in that winbindd does not walk the the trusted domains to lookup unqualified names here. Apart from that this fix should be pretty much complete. Michael
* Fix logic and prevent segfaults in secrets trustdom tdb pack code.Michael Adam2007-12-121-14/+14
| | | | | | | | New size calculation logic in tdb_trusted_dom_pass_pack() and tdb_sid_pack() used accumulated sizes as successive offsets to buffer pointer. Michael
* Fix secrets_store_trusted_domain_password() after pstring removal.Michael Adam2007-12-121-1/+1
| | | | | | Jeremy, this small "&" sign has given me a headache... :-) Michael
* Remove the char[1024] strings from dynconfig. ReplaceJeremy Allison2007-12-101-1/+1
| | | | | | them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy.
* Remove next_token - all uses must now be next_token_talloc.Jeremy Allison2007-12-071-2/+2
| | | | | No more temptations to use static length strings. Jeremy.
* Change tdb_unpack "P" to return a malloc'ed string ratherJeremy Allison2007-12-031-1/+6
| | | | | | than expect a pstring space to put data into. Fix the (few) callers. Jeremy.
generated by cgit (git 2.34.1) at 2025-09-26 18:19:41 +0000