summaryrefslogtreecommitdiffstats
path: root/source3/passdb/pdb_interface.c
Commit message (Collapse)AuthorAgeFilesLines
* passdb: Allow a passdb module to do idmap for everythingAndrew Bartlett2014-06-161-0/+14
| | | | | | | | | | | | | | | | | | | | | This patch seems odd, but the pdb_samba_dsdb module has exactly this semantics. That is, the pdb_samba_dsdb is responsible for all IDMAP values, due to backing on to the idmap.ldb allocator. This option is added so we can continue to support the mappings written into that database even when switching winbindd implementations - the source4/ winbind code would only ask the idmap_ldb code, no matter what the SID. Almost all of the behaviour for this is already in winbindd, but we need this extra flag function so as to avoid (currently intentional) errors at startup due to not having a per-domain allocation configured in the smb.conf. Andrew Bartlett Change-Id: I6b0d7a1463fe28dfd36715af0285911ecc07585c Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* s3:passdb: improve a debug message in pdb_default_sid_to_id()Michael Adam2014-05-031-1/+4
| | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:passdb: fix and improve debug message in pdb_default_sid_to_id().Michael Adam2014-05-031-1/+2
| | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3: Always cache idmapping results of pdb backend.Alexander Werth2014-05-031-3/+33
| | | | | | | | | | | And don't cache in the pdb_ldap module on the id_to_sid calls. Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Sat May 3 04:14:05 CEST 2014 on sn-devel-104
* param: rename lp function and variable from "deluser_script" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "delete_user_script" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "adduser_script" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "add_user_script" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from "addmachine_script" to ↵Garming Sam2014-02-071-1/+1
| | | | | | | | "add_machine_script" Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: rename lp function and variable from 'guestaccount' to 'guest_account'Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:passdb make pdb_sid_to_id honor backend responsibilitiesChristian Ambach2013-06-211-0/+7
| | | | | | | | | only ask passdb backend for mapping if it is responsible Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* s3:passdb add pdb_*_is_responsible_for* functionsChristian Ambach2013-06-211-0/+74
| | | | | | | | | | | | | allows PDB modules to specify for which special domains they are responsible when it comes to SID->xid conversion By default, passdb modules will be responsible for local BUILTIN, local SAM and Unix Users/Groups Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Christian Ambach <ambi@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* PASSDB: add support to set and enumerate UPN suffixes associated with our forestAlexander Bokovoy2013-04-091-0/+36
| | | | | | | | | | | | | | | | Samba PDC may manage a forest containing DNS domains in addition to the primary one. Information about them is advertised via netr_DsRGetForestTrustInformation when trusted_domain_name is NULL, according to MS-NRPC and MS-LSAD, and via netr_GetForestTrustInformation. This changeset only expands PASSDB API; how suffixes are maintained is left to specific PDB modules. Set function is added so that suffixes could be managed through 'net' and other Samba utilities, if possible. One possible implementation is available for ipasam module in FreeIPA: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cc56723151c9ebf58d891e85617319d861af14a4 Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:passdb: fix building pdb_ldap as shared moduleMichael Adam2012-12-031-2/+2
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Dec 3 19:12:29 CET 2012 on sn-devel-104
* s3:passdb: factor pdb_sid_to_id_unix_users_and_groups() out of ↵Michael Adam2012-12-031-16/+32
| | | | | | | | | | pdb_default_sid_to_id() The special treatment of the "Unix User" and "Unix Group" pseudo domains can be reused. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:passdb: don't bail out in pdb_default_sid_to_id() if sid is not in our samMichael Adam2012-12-031-5/+0
| | | | | | | | | | This code treats the own sam, builtin, wellknown, and sids from the "Unix User" and "Unix Group" pseudo-domains. This reverts part of commit 02e25b2a43ae02205a3412f862a1482d24b70aa4. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-passdb: Allow reload of the static passdb from pythonAndrew Bartlett2012-08-281-2/+3
| | | | | | This is then used in provision when the passdb backend is forced. Andrew Bartlett
* s3-passdb: Allow pdb_sid_to_id to work on any SIDAndrew Bartlett2012-08-211-0/+5
| | | | | | | | | | This is needed so that pdb_samba4 can map any SID during a provision. At runtime, winbindd will be asked first, but this shortcut direct to the ldb file makes it possible to set the permissions on the sysvol share at provision time. Andrew Bartlett
* Correctly check for errors in strlower_m() returns.Jeremy Allison2012-08-091-2/+6
|
* loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell2012-07-181-5/+3
| | | | | | | | | | They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam2012-07-121-1/+1
| | | | | | | | | This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
* s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam2012-07-121-1/+1
| | | | | | This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
* s3:passdb: remove commented out pdb_lookup_names codeMichael Adam2012-07-121-82/+0
| | | | This code is lying there unused since more than five years now.
* Fix bug 8920, null dereferenceSteve Langasek2012-05-101-1/+3
| | | | | | | | | | | | | | Description: Avoid null dereference in initialize_password_db() When initialize_password_db() is called with reload=True, it's assumed that the free_private_data member of pdb_methods is non-null. This is not necessarily the case, as the tdb backend has no private data and therefore no free function. Check to see if we have private data that needs freed before calling. Author: Steve Langasek <steve.langasek@ubuntu.com> Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221 Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu May 10 11:07:27 CEST 2012 on sn-devel-104
* s3-passdb: Add extra debug on ID mapping failuresAndrew Bartlett2012-05-021-0/+7
| | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed May 2 15:34:13 CEST 2012 on sn-devel-104
* s3-passdb: Change pdb_sid_to_id() to return struct unixidAndrew Bartlett2012-05-021-16/+29
| | | | | | | | | This will make it easier to consistantly pass a struct unixid all the way up and down the idmap stack, and allow ID_TYPE_BOTH to be handled correctly. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
* passdb: Do not panic in initialize_password_dbChristof Schmitt2012-04-301-17/+17
| | | | | | | | | | | | A call to initialize_password_db leads to smb_panic in case the backend returns an error. All callers to initialize_password_db check the return value, so this code path should return the status instead of calling smb_panic. Move the call to smb_panic from pdb_get_methods_reload pdb_get_methods to get it out of the initialize code path. This allows printing the proper error message for 'net getlocalsid' which is much nicer than printing the panic stack trace.
* lib/util: Remove dummy wrapper for getpwuid().Jelmer Vernooij2012-03-241-1/+1
|
* s3-passdb: trying to decouple passdb and secrets a little.Günther Deschner2012-01-181-0/+1
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 18 14:46:18 CET 2012 on sn-devel-104
* s3-passdb: use tevent_context in passdb.Günther Deschner2011-10-281-5/+5
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Oct 28 13:09:47 CEST 2011 on sn-devel-104
* pdb-interface: Do not use unid_t hereSimo Sorce2011-10-181-16/+20
| | | | | | | | This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
* s3-group-mapping: Remove fstrings from GROUP_MAP.Simo Sorce2011-10-121-45/+99
| | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Oct 12 19:28:12 CEST 2011 on sn-devel-104
* s3-passdb: Only delete 1 entry from memcache.Andreas Schneider2011-08-211-1/+4
| | | | | | | | | | If we delete or update one user we shouldn't flush the complete memcache. Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Sun Aug 21 16:39:10 CEST 2011 on sn-devel-104
* s3-passdb: Remove always the user from getpwsid cache.Andreas Schneider2011-08-211-3/+8
| | | | | | | We should do it always, not only in the pdb_default_delete_user() function. Signed-off-by: Simo Sorce <idra@samba.org>
* s3-passdb: Keep caches coherentAndreas Schneider2011-08-211-1/+23
| | | | | | | | | | | When deleting a user send a message to all interested parties so they can purge their caches. Otherwise some processes may positively respond with a cached getpwnam, when the user have actully been removed. Without this some tests that remove and then immediately create users are flakey. Signed-off-by: Simo Sorce <idra@samba.org>
* s3-passdb Use supplied pdb_methods in default passdb search handlersAndrew Bartlett2011-08-151-5/+7
|
* passdb: Call with correct backend methods instead of default methodsAmitay Isaacs2011-08-131-3/+5
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* passdb: Add a function to expose loaded backend list.Amitay Isaacs2011-08-131-0/+6
| | | | This function is used in python wrapper to list available python backends.
* s3-secrets: add lsa_secret passdb api.Günther Deschner2011-07-311-3/+11
| | | | Guenther
* s3-passdb: add dummy calls to control global (replicated) secrets.Günther Deschner2011-07-311-0/+68
| | | | Guenther
* s3-passdb: Implement new pdb trust calls for the default backendSumit Bose2011-06-121-2/+102
| | | | | | | Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Sun Jun 12 06:45:25 CEST 2011 on sn-devel-104
* s3-talloc Change TALLOC_ZERO_ARRAY() to talloc_zero_array()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_ARRAY isn't standard talloc.
* s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
* s3-passdb: add passdb.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-includes: only include system/passwd.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* lib/util/util_pw: share sys_get{pw,gr} group of calls.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3:auth: change num_groups to from size_t to uint32_tStefan Metzmacher2011-02-221-5/+5
| | | | | | This will help with the change from UNIX_USER_TOKEN to security_unix_token metze
* s3-ipasam: add ipasam_get_trusted_domain_by_sid()Sumit Bose2011-02-161-0/+16
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-passdb: add {get,set,del,enum}_trusted_domain callsSumit Bose2011-02-161-0/+65
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-auth: Fixed account lockout check.Andreas Schneider2011-01-171-1/+1
|
* Make sure that user exists after running add user script before adding sam ↵Bjoern Baumbach2010-12-071-0/+5
| | | | | | | account. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue Dec 7 17:37:52 CET 2010 on sn-devel-104
* Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵Jeremy Allison2010-10-201-2/+2
| | | | | | | | | | | | lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-09-21 05:29:56 +0000