| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the ldap-backend to search much more effeciently. Machines
will be searched in the ldap_machine_suffix and users in the
ldap_users_suffix. (Note that we already use the ldap_group_suffix in
ldapsam_setsamgrent for quite some time).
Using the specific ldap-bases becomes notably important in large
domains: On my testmachine "net rpc trustdom list" has to search through
40k accounts just to list 3 interdomain-trust-accounts, similiar effects
show up the non-user query_dispinfo-calls, etc.
Also renamed all_machines to only_machines in load_sampwd_entries()
since that reflects better what is really meant.
Guenther
|
| | |
|
| |
|
|
|
|
| |
one small todo item is to add a 'accounts' sub option
to 'net rpc list' so enumerate all privileged SIDs
and their associated rights.
|
| | |
|
| |
|
|
|
|
| |
Also fix return of NT_STATUS_NO_MORE_ENTRIES should be
ERROR_NO_MORE_ITEMS reported by "Marcin Porwit" <mporwit@centeris.com>.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
supported pipe. Netlogon is still special, as we open that twice, one to do
the auth2, the other one with schannel.
The client interface is completely unchanged for those who only use a single
pie. cli->pipe_idx is used as the index for everything except the "real"
client rpc calls, which have been explicitly converted in my last commit. Next
step is to get winbind to just use a single smb connection for multiple pipes.
Volker
|
| |
|
|
| |
up printcap reloads
|
| |
|
|
| |
no passwords after vampire. Set password last set field to now.
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Jeremy
|
| |
|
|
|
|
|
| |
Based on samba4-idl. The decoding of account-lockout-string is somewhat
experimental though.
Guenther
|
| |
|
|
|
|
| |
"verbose".
Guenther
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
that had
ended up as a gid in winbindd_idmap.tdb) from winbindd_idmap.tdb. Stopping
winbind was not an option on that machine....
net idmap delete <idmap-file> <SID>
Thanks,
Volker
|
| |
|
|
|
|
|
|
|
|
| |
winbind systems, looking up hundreds of users can turn out to be a bit too
expensive if you just want to find out which smbd handles a particular IP
address.
Volker
P.S: Who is "OH"? ;-)
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
from Lars Mueller <lmuelle@suse.de>), just for completeness.
Note that though we have logon_count implemented in all pdb-backends but
never (for good reason!) update the counter.
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
| |
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
| |
with smbcacls and using with the -S or -M switch. Fixes #404 and #2076.
Guenther
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Volker
|
| |
|
|
|
| |
Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back
to WINREG.
|
| |
|
|
| |
First check to see if we can open secrets.tdb.
|
| |
|
|
| |
the -u <username> functionality
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
implementation does
not exactly match what you would expect.
XP workstations during login actually do this, so we should better become a
bit more correct. The LDAP query issued is not really fully optimal, but it is
a lot faster and more correct than what was there before. The change in
passdb.h makes it possible that queryuseraliases is done with a single ldap
query.
Volker
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
<nalin@redhat.com>
for bug #1717.The rest of the code needed to call this patch has not yet been
checked in (that's my next task). This has not yet been tested - I'll do this
once the rest of the patch is integrated.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
setprinter calls inside the net-tool.
This is usefull to mimic the same queries a windows-client does. At
least win2k returns WERR_IO_PENDING when printer is published via
setprinter, samba returns WERR_OK but this does not hurt.
Guenther
|
| |
|
|
|
|
|
| |
(usersidlist/allowedusers) to scan a file server's share and list all users
who have permission to connect there.
Volker
|
| |
|
|
|
|
| |
Thanks to Bjoern Jacke for his moral support :)
Guenther
|
| |
|
|
|
|
| |
policy-handles. Also remove some unused vars.
Guenther
|
| |
|
|
|
| |
'..' from all #include preprocessor commands. This fixes bugzilla #1880
where OpenVMS gets confused about the '.' characters.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
User-, Group- and Machine-Accounts in Active Directory (this got lost
during the last trunk-merge).
This way we match e.g. default containers moved by redircmp.exe and
redirusr.exe in Windows 2003 and don't blindly default to cn=Users or
cn=Computers.
Further wkguids can be examied via "net ads search wellknownobjects=*".
This should still keep a samba3-client joining a samba4 dc. Fixes
Bugzilla #1343.
Guenther
|
| |
|
|
| |
a patch by Ronan Waide
|
| |
|
|
|
|
|
|
|
|
| |
64bit AMD platform.
(This used to be "Windows AMD64" and "AMD64" in one of the release
candidates of SP2 for Windows XP. AMD64 is obviously still supported but
not documented.)
Guenther
|
| |
|
|
|
|
|
| |
naming of the require_membership_of parameter in pam_winbind and fix
the error code for 'you didn't specify a domain' in ntlm_auth.
Andrew Bartlett
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
|
|
|
| |
of the response packet) was outside of the if() that determined whether
the query was successful or not. As a result, the MAC address would print
out even if there was no MAC address. At least the garbage it printed was
relatively consistent. :)
I moved the MAC printing into the if() block and added an 'else' to print
"No reply..." if the query fails.
Chris -)-----
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
|
| |
the publishing-state for migrated printers as well.
Therefor added client-side-support for setprinter level 7.
Next will be a "net rpc printer publish"-command (just for completeness).
Guenther
|
