summaryrefslogtreecommitdiffstats
path: root/source3/libads
Commit message (Collapse)AuthorAgeFilesLines
...
* added an auth flag that indicates if we should be allowed to fallbackAndrew Tridgell2003-06-101-1/+4
| | | | | | | to NTLMSSP for SASL if krb5 fails. This is important as otherwise the admin may think that a join has succeeeded when kerberos is actually broken. (This used to be commit 23a6ea385c4aea208adf36f039244bee14f56a33)
* No matter how special this session key is, it's not worth a level 0.Andrew Bartlett2003-06-061-2/+4
| | | | | | | Hide it behind a level 10, with #ifdef DEBUG_PASSWORD instead. Andrew Bartlett (This used to be commit 9d4e327850fb00083241f3e68f866590c44e1823)
* More on bug 137: rename more of krb5_xxx functions to not start with krb5_Jim McDonough2003-05-301-1/+1
| | | | (This used to be commit 10f1da3f4a9680a039a2aa26301b97e31c06c38d)
* More on bug 137: rename remainder of krb5_xxx functions to not start with krb5_Jim McDonough2003-05-301-11/+11
| | | | (This used to be commit 4169de6d8fb1b13de3892ec787886cc1543736a1)
* Fix bug #137: krb5_set_password is already defined in MIT 1.3 libs, soJim McDonough2003-05-301-5/+6
| | | | | we wouldn't build. (This used to be commit 0e9836c4e9e71494b10d71a5f3d5f7da2888c5ef)
* Patch from Luke Howard <lukeh@PADL.COM> to recognise local groups.Jeremy Allison2003-05-151-0/+2
| | | | | Jeremy. (This used to be commit d7a23afe14b0d3ad8ecb7d994768705a32055d9a)
* Patch from Ken Cross to allow an ADS domain join with a username of the formAndrew Bartlett2003-05-041-1/+1
| | | | | | | user@realm, where realm might not be the realm we are joining. Andrew Bartlett (This used to be commit 00e08efb5cd21bf42be9125d3188efbf9d13b8b7)
* Revert patch - we need to try the NTLMSSP code below...Andrew Bartlett2003-04-241-9/+4
| | | | | Andrew Bartlett (This used to be commit 317158972ec944742ba47b213999def9abbf7452)
* Use the kerberos error from ads_kinit_password() in the return value fromAndrew Bartlett2003-04-241-4/+9
| | | | | | | our SASL code - help in printing a useful error message. Andrew Bartlett (This used to be commit 984321bfab79a1ff20b504e115e94bd6270f0196)
* Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett2003-04-213-7/+11
| | | | | | | | | | | | This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
* Add const, static and fix a double free() (merge from HEAD).Andrew Bartlett2003-04-211-6/+5
| | | | (This used to be commit 9ba88c7314168b87b72a7e9dc3c7588dcce86893)
* Move PAC decoding over from HEAD.Jim McDonough2003-04-161-0/+6
| | | | (This used to be commit b0fd4e5555dd93c584cd86eaac080663b9e4031f)
* Change variable name to get this working on gcc 3.2 (Merge from HEAD)Jelmer Vernooij2003-04-152-38/+38
| | | | (This used to be commit d49113caef6057905f0f5233ea3085ca5722e742)
* This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2003-04-131-0/+614
|\ | | | | | | used to be commit 381649916ecbaddefbb6ee0e6137b7cc73eb54b1)
| * Complete what I've seen (and then some)t of the PAC.Jim McDonough2003-04-091-5/+124
| | | | | | | | | | | | | | | | | | | | I haven't seen the rid+attr arrays for group membership, nor sids or the same kind of arrays for resource domains, so I don't know how that will work. Also, the PAC info type 10 is now decoded, but I don't know what it's for. It has an NTTIME, a 16-bit name length, and a username. According to M$, it's not needed, because they didn't doc it... (This used to be commit 28ab8504cf6c181866106e5cc626a5896283d0a9)
| * Decode the PAC! This patch just decodes it and then frees it, so it's justJim McDonough2003-04-072-0/+501
| | | | | | | | | | for doc purposes right now (you can see it in the debug logs). (This used to be commit 046c2087a11b9ce7a02aece34ffb129ce0d66b08)
| * - Support building all auth modules as .so'sJelmer Vernooij2003-03-252-38/+38
| | | | | | | | | | - Change 2 variable names to avoid conflicts (patch by Stephan Kulow <coolo@kde.org>) (This used to be commit 71b05cd14ae6df8340730e7bad1c783dc278c5d3)
| * Changes to help the kerberos change password code work on systems thatAndrew Bartlett2003-03-161-37/+29
| | | | | | | | | | | | | | | | | | | | have some of the labels 'duplicated' (ie, the defines double-up). Also, to an ads_connect() to try and find our KDC. (So we don't segfualt *every* time) Andrew Bartlett (This used to be commit 56dce7ddad118051c93c62507234efca3920bc9b)
| * - Fix a double-free (I can't say I understand the code, but it matches the ↵Andrew Bartlett2003-03-121-6/+5
| | | | | | | | | | | | | | | | | | | | | | other cases and keeps valgrind quiet). - Add static Andrew Bartlett (This used to be commit e9da9c500b96a828d744e7a1c64427fc01153310)
| * More const fixes.Jeremy Allison2003-03-051-2/+2
| | | | | | | | | | Jeremy. (This used to be commit 7b945e10a6c636c0b0aabc841803bf44405cb2ae)
| * tokenGroups are SIDs, so dump them as such.Andrew Bartlett2003-02-251-0/+1
| | | | | | | | (This used to be commit 43f07e9de70ad9993265e28a54239caba0121ab6)
| * Patch from Luke Howard to add mutual kerberos authentication, and SMB sessionAndrew Bartlett2003-02-241-6/+26
| | | | | | | | | | | | | | keys for kerberos authentication. Andrew Bartlett (This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
| * Always initialiseAndrew Bartlett2003-02-241-2/+2
| | | | | | | | (This used to be commit ff2b5b2f85f2d9dade67077cea1b68719cf65352)
| * Fix a DEBUG() formatting, add some more debug to our SID pulling code andAndrew Bartlett2003-02-221-18/+33
| | | | | | | | | | | | | | | | | | | | inline the call to prs_copy_all_data_out() so that we can know we are not overrunning our buffer. Also check more return values. Andrew Bartlett (This used to be commit e3b73d5d658584428c81c9ef3ccf024687a56e2f)
| * libads/krb5_setpw.cJim McDonough2003-02-191-1/+2
| | | | | | | | (This used to be commit 4c52d7bd933f61bdba3d4159a204fe16db3d4f0f)
| * Fix segv in net ads join...an extra & was the culpritJim McDonough2003-02-191-1/+1
| | | | | | | | (This used to be commit 9874b233d55a0b1aea7eb033848f4b63a531833b)
| * Check return values of various join-related functions, and ensure we alwaysAndrew Bartlett2003-02-191-9/+16
| | | | | | | | | | | | | | compare push_* returns with (size_t)-1, not < 0. Andrew Bartlett (This used to be commit 63f5e92536c6bcac54b796d6e91b755e7d328f66)
| * Try to get heimdal working with HEAD.Jim McDonough2003-02-191-20/+7
| | | | | | | | | | | | | | | | | | | | | | | | - Provide generic functions for - get valid encryption types - free encryption types - Add encryption type parm to generic function create_kerberos_key_from_string() - Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c I think this should work for both MIT and heimdal, in HEAD. If all goes smooth, I'll move it over to 3.0 soon... (This used to be commit 45e409fc8da9f26cf888e13d004392660d7c55d4)
| * Fix of two warnings.Rafal Szczesniak2003-02-181-5/+3
| | | | | | | | | | | | | | | | | | pull_ucs2_talloc function takes char** pointer, not (here explicitly casted) void** one. Rafal (This used to be commit e77c44efd95d42a8194f5c3d36c043f8e84dfd1d)
| * Antti Andreimann <Antti.Andreimann@mail.ee> has done some changes to enableAndrew Bartlett2003-02-154-132/+337
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | users w/o full administrative access on computer accounts to join a computer into AD domain. The patch and detailed changelog is available at: http://www.itcollege.ee/~aandreim/samba This is a list of changes in general: 1. When creating machine account do not fail if SD cannot be changed. setting SD is not mandatory and join will work perfectly without it. 2. Implement KPASSWD CHANGEPW protocol for changing trust password so machine account does not need to have reset password right for itself. 3. Command line utilities no longer interfere with user's existing kerberos ticket cache. 4. Command line utilities can do kerberos authentication even if username is specified (-U). Initial TGT will be requested in this case. I've modified the patch to share the kinit code, rather than copying it, and updated it to current CVS. The other change included in the original patch (local realms) has been left out for now. Andrew Bartlett (This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
| * Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison2003-02-141-5/+11
| | | | | | | | | | | | Needed to move to disk based i/o later. Jeremy. (This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
| * add a note about a better method for finding netbios name of workgroupAndrew Tridgell2003-02-121-0/+7
| | | | | | | | | | (not implemented yet) (This used to be commit 8a8cca78adebba640c6ce971d8888515bf0ea4be)
| * Mem alloc failure checks.Jeremy Allison2003-02-043-23/+59
| | | | | | | | | | Jeremy. (This used to be commit 4e33e3f37fd548b9b1ed3c84f673a853b0dc4818)
| * Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm toAndrew Bartlett2003-02-013-10/+39
| | | | | | | | | | | | | | | | | | blame for the realloc() stuff. Plus a couple of minor updates to libads. Andrew Bartlett (This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
| * More fixes getting us closer to full Heimdal compile....Jeremy Allison2003-01-211-11/+7
| | | | | | | | | | Jeremy. (This used to be commit 193cc4f4fc876c66e97ea6b82bae431d0247c1fa)
| * sanity checks from Ken CrossGerald Carter2003-01-212-3/+7
| | | | | | | | (This used to be commit ec26877f0b4fbe2c651a6069d22b9ac0637aa2d1)
| * * removed unused variable from rpcclient codeGerald Carter2003-01-151-5/+5
| | | | | | | | | | | | * added container option to net command (patch from SuSE) * Makefile patch for examples/VFS from SuSE (This used to be commit 4a6d8280ea27ca7a6998219aacc4b15b1227a659)
| * Patch from Nik Conwell <nik@bu.edu>. Don't reference free()ed data when tryingAndrew Bartlett2003-01-111-1/+3
| | | | | | | | | | | | | | to figure out if we have got our ticket yet. Andrew Bartlett (This used to be commit a66ced2cf69145c0a5be5ed91ac306db50c313d1)
| * BIG patch...Andrew Bartlett2003-01-023-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
| * Catching up with old patches. Add define for VERITAS quota support.Jeremy Allison2002-12-301-0/+2
| | | | | | | | | | | | Check return in ldap. Jeremy. (This used to be commit e789edbb287319f52f49f2999917a610565144d9)
| * Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2002-12-202-9/+9
| | | | | | | | | | | | named. Ensure we can query them. Jeremy. (This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
| * More printer publishing code.Jim McDonough2002-12-131-0/+26
| | | | | | | | | | | | | | | | | | - Add published attribute to info2, needed for win clients to work properly - Return proper info on getprinter 7 This means you can now look at the sharing tab of a printer and get correct info about whether it is published or not, and change it. (This used to be commit adda04379ee46f105436262663652f3f576fa3cf)
| * More printer data to publishJim McDonough2002-12-051-0/+1
| | | | | | | | (This used to be commit 82f3a786bf01878629fe4c05b028ae8d58eb4394)
| * Stop using hardcoded key/value strings, be more forgiving of ↵Jim McDonough2002-12-031-70/+74
| | | | | | | | | | | | dsspooler/dsdriver info existence. (This used to be commit ca8735532cb656a09c1586326cdce33984fe38b4)
| * [merge from APP_HEAD]Gerald Carter2002-11-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 90% fix for CR 1076. The password server parameter will no take things like password server = DC1 * which means to contact DC1 first and the go to auto lookup if it fails. jerry (This used to be commit c31a17889e3e4daf7c1e807038efc2c0fba78be3)
| * Don't pass a function to ADS_ERR_OK().Jim McDonough2002-11-181-6/+13
| | | | | | | | (This used to be commit a148e4c290820a48c8b51e0e0459b2171b32c258)
| * Next step of printer publishing.Jim McDonough2002-11-181-106/+242
| | | | | | | | | | | | | | | | | | net ads printer publish <printername> [servername] Will retreive the DsSpooler and DsDriver info by rpc for a remote server then publish it. Next comes doing it within smbd (This used to be commit 64951938cc5666a757683cbe9bee3a2c20a05323)
| * Include the hostname we are trying to match with $@, to allow easier debugging.Andrew Bartlett2002-11-151-1/+1
| | | | | | | | (This used to be commit f5d8afc626b8f7792aa7dd7fa7082f55725b539c)
| * Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison2002-11-124-27/+26
| | | | | | | | | | | | | | dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
| * make sure that if kerberos fails we can fall back on NTLMSSP for SASLAndrew Tridgell2002-11-101-2/+5
| | | | | | | | (This used to be commit 69dba08c40c9739137b4f01d38be5228edc6dd6e)
generated by cgit (git 2.34.1) at 2025-09-28 19:51:06 +0000