| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Thanks to Karolin Seeger <ks@sernet.de>.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
this patch
is moving functions around to fix some linker dependencies for the registry.
Michael, I've renamed your auth_utils2.c to token_utils.c.
Thanks!
Volker
|
| |
|
|
|
|
|
|
|
|
| |
as used.
This means that smbpasswd -c user (which in htpasswd creates a new file)
and smbpasswd -c /not/my/smb.conf should give errors an admin will
think to chase down.
Andrew Bartlett
|
| |
|
|
|
|
| |
and fix all compiler warnings in the users
metze
|
| |
|
|
|
|
| |
call as smb_krb5_locate_kdc to prevent incorrect linking
and crashes on Solaris.
Jeremy.
|
| |
|
|
|
|
|
|
| |
which matches what samba4 has.
also fix all the callers to prevent compiler warnings
metze
|
| |
|
|
| |
metze
|
| | |
|
| |
|
|
|
|
|
|
| |
on the samba-technical ml.
I'll add a 'net ads set attribute=value' utility later
rather than the original 'net ads setmachineupn' patch that
was also posted to the tech ml.
|
| |
|
|
| |
Volker
|
| |
|
|
|
|
|
|
|
| |
Not used
yet, the next step will be a secrets_fetch_machine_account() function that
also pulls the account name to be used in the appropriate places.
Volker
|
| |
|
|
|
|
|
|
| |
winbind
who did not run the idle events to drop ldap connections.
Volker
|
| |
|
|
|
| |
level. Fix calculation of argc after options are stripped. I couldn't
find a popt function that returned this.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
process deep dfs links (ie. links that go to non root
parts of a share). Make the directory handling conanonical
in POSIX and Windows pathname processing.
dfs should not be fully working in client tools. Please
bug me if not.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
for utimes - change the call to ntimes. This preserves
nsec timestamps we get from stat (if the system supports
it) and only maps back down to usec or sec resolution
on time set. Looks bigger than it is as I had to move
lots of internal code from using time_t and struct utimebuf
to struct timespec.
Jeremy.
|
| |
|
|
|
|
|
|
| |
The background behind this patch is that we're using ntlm_auth with
Wine. Windows allows us to pass in a NULL domain and a username of the
form of "user@domain" and this is converted into an NTLMSSP_AUTH packet
with a NULL domain name and a username of the same form.
Jeremy.
|
| |
|
|
|
| |
Patch from Zack Kirsch <zack.kirsch@isilon.com>.
Jeremy.
|
| |
|
|
|
| |
Coverity finds them :-)
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix escaping of DN components and filters around the code
Add some notes to commandline help messages about how to pass DNs
revert jra's "concistency" commit to nsswitch/winbindd_ads.c, as it was
incorrect.
The 2 functions use DNs in different ways.
- lookup_usergroups_member() uses the DN in a search filter,
and must use the filter escaping function to escape it
Escaping filters that include escaped DNs ("\," becomes "\5c,") is the
correct way to do it (tested against W2k3).
- lookup_usergroups_memberof() instead uses the DN ultimately as a base dn.
Both functions do NOT need any DN escaping function as DNs can't be reliably
escaped when in a string form, intead each single RDN value must be escaped
separately.
DNs coming from other ldap calls (like ads_get_dn()), do not need escaping as
they come already escaped on the wire and passed as is by the ldap libraries
DN filtering has been tested.
For example now it is possible to do something like:
'net ads add user joe#5' as now the '#' character is correctly escaped when
building the DN, previously such a call failed with Invalid DN Syntax.
Simo.
|
| |
|
|
|
|
|
|
| |
called with the -v option).
Patch from William Jojo <jojowil@hvcc.edu>.
Guenther
|
| | |
|
| |
|
|
|
| |
identical in 3.0.25 and 3.0.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".
Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).
Guenther
|
| |
|
|
|
|
|
|
|
|
|
| |
crashed. So
it needs the specific error message.
Make messages.c return NTSTATUS and specificially NT_STATUS_INVALID_HANDLE if
sending to a non-existent process.
Volker
|
| |
|
|
|
|
|
|
| |
default if "" is set. And fix the calculation for too man shares.
Thanks to Karolin Seeger <ks@sernet.de>
Volker
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
void message_register(int msg_type,
void (*fn)(int msg_type, struct process_id pid,
- void *buf, size_t len))
+ void *buf, size_t len,
+ void *private_data),
+ void *private_data)
{
struct dispatch_fns *dfn;
So this adds a (so far unused) private pointer that is passed from
message_register to the message handler. A prerequisite to implement a tiny
samba4-API compatible wrapper around our messaging system. That itself is
necessary for the Samba4 notify system.
Yes, I know, I could import the whole Samba4 messaging system, but I want to
do it step by step and I think getting notify in is more important in this
step.
Volker
|
| |
|
|
| |
ntlm_auth
|
| |
|
|
|
|
| |
<ying.li2@hp.com>
Jeremy.
|
| | |
|
| |
|
|
|
|
|
| |
the stored client sitename with the sitename from each sucessfull CLDAP
connection.
Guenther
|
| |
|
|
|
|
|
|
|
| |
site support in a network where many DC's are down.
I heard via Volker there is still a bug w.r.t the
wrong site being chosen with trusted domains but
we'll have to layer that fix on top of this.
Gd - complain if this doesn't work for you.
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
Instead,
add [ref] pointers where necessary (top-level [ref] pointers,
by spec, don't appear on the wire).
This brings us closer to the DCE/RPC standard again.
|
| |
|
|
|
|
|
|
|
|
| |
so that
in the next step we can store them in LDAP to be replicated across DCs.
Thanks to Michael Adam <ma@sernet.de>
Volker
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
| |
"never" as
key words for -1 as policy values for net sam policy.
Volker
|
| | |
|
| |
|
|
| |
libSystem on Mac OS X.
|
| |
|
|
| |
clean up a bunch of no previous prototype warnings
|
| |
|
|
|
|
|
|
|
| |
* Fix DNS updates for multi-homed hosts
* Child domains often don't have an NS record in
DNS so we have to fall back to looking up the the NS
records for the forest root.
* Fix compile warning caused by mismatched 'struct in_addr'
and 'in_addr_t' parameters called to DoDNSUpdate()
|
| |
|
|
|
|
| |
Wnidows 2000 DNS which expects the TKEY payload to
be in the answer section and not in the additional
set of records (like Windows 2003 and the RFC).
|
| | |
|
| |
|
|
| |
and properly use backslashes in "net ads join computername="
|
| |
|
|
| |
Simo.
|
| | |
|
| | |
|
