summaryrefslogtreecommitdiffstats
path: root/source3/passdb
Commit message (Collapse)AuthorAgeFilesLines
...
* This is no functional change. It just makes pdb_ldap.c a bitVolker Lendecke2003-03-271-24/+50
| | | | | | | | easier to understand by moving the logic for init_ldap_from_sam and friends around. Volker (This used to be commit 09a92984baaee94521d0cacf16daaf0291242b42)
* Must have been somewhere else last sunday...Volker Lendecke2003-03-251-3/+4
| | | | | | | Apply metzes patch (hopefully) correctly this time Volker (This used to be commit e52a2d5d49e3c784d5db06bade2c866422258fcc)
* Implement abartlet's suggestion to add attribs to ldap if theyVolker Lendecke2003-03-231-24/+30
| | | | | | | | | | are 'SET' when adding the account. I really don't like passing flags down to inner routines and complicated if/else conditions, but this time he might be right. ;-) Volker (This used to be commit 339c14906802db6ddb59f07a0c71dcc3c73cc3d6)
* Merge from HEAD:Volker Lendecke2003-03-231-2/+2
| | | | | | | | | | This adds 'ldap delete dn' as the recommended parameter for the 'ldap del only sam attr' functionality. So we are compatiple to the current SuSE patches as well as to TNG... ;-) Volker (This used to be commit 53b5704ff21de6fce097d74dd7f235d3ceccec66)
* Metzes change:Volker Lendecke2003-03-231-4/+9
| | | | | | | | | | | | > Hi Volker, > > if 'displayName' is not available we should fallback to 'cn' for map->nt_name > 'cn' is used as unix group name by nss_ldap. > > and if nt_name is not available we should fail (so does this patch) Volker (This used to be commit 7ae9c2500e3ac5f671d41077327156f1f3767fff)
* Never touch complicated if/else/elsif structures :-)Volker Lendecke2003-03-221-23/+27
| | | | | | | | This repairs domain join with fully existing wks-account which I broke with my last patch... Volker (This used to be commit bc59912aa10e5000225110e48ad548f19756bed5)
* This changes the way we do LDAP updates. We don't use LDAP_MOD_MODIFYVolker Lendecke2003-03-221-121/+175
| | | | | | | | | | | | | | | | anymore, but instead look at what is currently stored in the database. Then we explicitly delete the existing attribute and add the new value if it is not NULL or "". This way we can handle appearing and disappearing attributes quite nicely. This currently breaks pdbedit -o, as this does not set the CHANGED flag on the SAM_ACCOUNT. Jelmer suggested that we set all the fields on CHANGED in context_add_sam_account. This sounds not too unreasonable. Volker (This used to be commit a75015c9ce8246670ee7c7d73df585390696fe95)
* Thanks to volker, merge passdb changes from HEAD:Andrew Bartlett2003-03-225-222/+78
| | | | | | | | | | - pdb_guest (including change defaults) - 'default' passdb actions (instead of 'not implemented' stubs in each module) - net_rpc_samsync no longer assumes pdb_unix Andrew Bartlett (This used to be commit 4bec53c8c81019f0f06a93c4df0800bbf7281dd6)
* Merge from HEAD - patch from Jianliang Lu <j.lu@tiesse.com> to set theAndrew Bartlett2003-03-221-0/+11
| | | | | | | 'minimum password age' during a password SET. Andrew Bartlett (This used to be commit dd6516e2e87cbe6bcbc371756d99ebb3b5617c2b)
* Merge from HEADVolker Lendecke2003-03-201-8/+8
| | | | (This used to be commit 62d5a78b024898485f610b5d9db1a6d9a5c68c21)
* void function cannot return a value (besides the function called wasHerb Lewis2003-03-191-1/+1
| | | | | a void) (This used to be commit 55681422e97ede0ff9446925c7678d6254b13878)
* This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2003-03-191-0/+129
|\ | | | | | | used to be commit 6f94672d3da070aae0b17f4dcdc6cd119b68d84c)
| * Put in the new modules system. It's now used by passdb and rpc. I willJelmer Vernooij2003-03-197-75/+42
| | | | | | | | | | put a doc about it in dev-doc later today. (This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
| * Add paramter 'ldap del only sam attr'.Volker Lendecke2003-03-191-59/+97
| | | | | | | | | | | | | | | | This patch is heavily based on a patch by SuSE. Thanks to Guenther Deschner <gd@suse.de> for providing it. Volker (This used to be commit 5eaf9195eefda5ababba85cc0f6d581ff6f0f454)
| * Hey -- there is an error code NT_STATUS_CANNOT_DELETE :-)Volker Lendecke2003-03-191-1/+1
| | | | | | | | (This used to be commit aa9b8382d38346cb3e94ddf2e7caf6d663034579)
| * If we fail, return an error code :-)Volker Lendecke2003-03-191-0/+1
| | | | | | | | | | Volker (This used to be commit a5218499eb3f0a62cd663a06157591fbb0dfcbef)
| * Put group mapping into LDAP.Volker Lendecke2003-03-191-1/+501
| | | | | | | | | | Volker (This used to be commit f0f1518fc450834725902e9cdf33fb8d35f99360)
| * Fix memory leak.Volker Lendecke2003-03-171-0/+2
| | | | | | | | | | Volker (This used to be commit e8975d6e7bdcceb78a83a3446cf1430e1e3f1a72)
| * Fix invalid SAFE_FREE() of talloc()ed memory.Andrew Bartlett2003-03-171-3/+0
| | | | | | | | | | Andrew Bartlett (This used to be commit 21add5f97d0d112094e34a02e6319991a1d2af4d)
| * Fresh meat in trusted domains code:Rafal Szczesniak2003-03-141-30/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - packing/unpacking utility functions for trusted domain password struct; can be used to prepare buffer to store in secrets.tdb or (soon) passdb backend - similiar functions for DOM_SID - respectively modified secrets_(fetch|store) routines - new auth mapping code utilising introduced is_trusted_domain function - added tdb (un)packing of single bytes Rafal (This used to be commit 5281ee7e84421b9be746aed2f1718ceaf2a2fe3d)
| * This patch attemptes to clean up winbindd's mutex locking.Andrew Bartlett2003-03-111-23/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett (This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
| * - Rename 'modules = ' to 'preload modules = 'Jelmer Vernooij2003-02-271-19/+34
| | | | | | | | | | | | | | - Add smb_probe_module() - Add init_modules() - Call these functions (This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
| * Fix comment - the other bits of code don't call this any more.Andrew Bartlett2003-02-221-4/+1
| | | | | | | | (This used to be commit 523d1429b1072c999d376d2b4e13a1c08349990a)
| * Remove 'unixsam' from the default passdb backends.Andrew Bartlett2003-02-227-279/+204
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The intention is to remove the muliple passdb backends, but we need the 'guest' account to always be there. If the admin adds the guest account to (say) LDAP, there will only be one backend required for operation. This helps remove some nasty behaviours with adding accounts to the system for both the RPC 'create user' and the SAMSYNC code. Users 'added' with an 'add user/machine' script won't magicly appear, and machine accounts 'pre-added' to unix, but not the smbpasswd file will not cause mayhem. This commit also implements somthing tridge discussed with me, the concept of 'default' passdb operation pointers - so that each backend does not need it's own stub funcitons wrapping the default tdb privilages/group mapping code. This also removes an implicit 'sid->name' and 'name->sid' mapping from our own local SID space, to winbind usernames. When adding mapping for NIS/LDAP non-sam users in future, we need to be careful. Andrew Bartlett (This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
* | Merge from HEAD.Volker Lendecke2003-03-191-59/+97
| | | | | | | | | | Volker (This used to be commit f42032060812e9bf409042c790e71fefb40ff17a)
* | merge from HEADVolker Lendecke2003-03-191-0/+1
| | | | | | | | (This used to be commit 12110a263b5ac65d6b965ccbe19b7be3025f0373)
* | Put group mapping into LDAP.Volker Lendecke2003-03-191-30/+471
| | | | | | | | | | Volker (This used to be commit da83d97eb50c3c3a67985e22410842100207431f)
* | Merge from HEAD - make winbindd locking sane again:Andrew Bartlett2003-03-171-18/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Original message: This patch attemptes to clean up winbindd's mutex locking. The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett (This used to be commit b5283c00a900393b83f0edb2785c5caf402404eb)
* | Fix memory leak.Volker Lendecke2003-03-171-0/+2
| | | | | | | | | | Volker (This used to be commit 115cd4b27f84343c7f98622717edda6da4866a6b)
* | Merge doxygen, signed/unsigned, const and other small fixes from HEAD to 3.0.Andrew Bartlett2003-02-241-7/+4
| | | | | | | | | | Andrew Bartlett (This used to be commit 9ef0d40c3f8aef52ab321dc065264c42065bc876)
* | This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2003-02-181-0/+341
|\| | | | | | | used to be commit c31455779d7948e866fe1916425c3746134dea01)
| * initial server side privileges implementation, using a tdb. This needs to be ↵Andrew Tridgell2003-02-121-0/+341
| | | | | | | | | | | | hooked into pdb, and we need some access control on changing privileges. That's next (This used to be commit f4f1f84a6bf1d356ccc83f0ecb135bef4a39619e)
| * More ldap parinoia - if we ever get more than one result, bail. The order weAndrew Bartlett2003-02-011-5/+23
| | | | | | | | | | | | | | | | get them in should be indeterminate, so just picking the first one would be bad... Andrew Bartlett (This used to be commit 21da8c3bb39c507eb90865549c3bb3538dcea138)
| * Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm toAndrew Bartlett2003-02-011-3/+19
| | | | | | | | | | | | | | | | | | blame for the realloc() stuff. Plus a couple of minor updates to libads. Andrew Bartlett (This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
| * A couple more signed/unsigned issues.Andrew Bartlett2003-02-011-2/+2
| | | | | | | | (This used to be commit 01d78b828b89f04b70b53ded01a7f4b356979317)
| * Fixed up mutex protection around winbindd logon code. Sync with APP-HEAD.Jeremy Allison2003-01-161-8/+24
| | | | | | | | | | Jeremy. (This used to be commit 3d04872499332ef2d8e7479b924afc8fc1ac29d7)
| * initialize acct_ctrl before using itHerb Lewis2003-01-151-2/+1
| | | | | | | | | | remove ldap_msgfree(result); as result is unitialized at this point (This used to be commit dc8882778694289ca461de57d443992f52ab7524)
| * Fix some debug lines, and add a bit more info to help track down ldapAndrew Bartlett2003-01-141-8/+15
| | | | | | | | | | | | | | connectivity problems. Andrew Bartlett (This used to be commit 68de9a59203ed9778f11b78f233dc437b9dab55d)
| * clearer debug message when the user is already in the ldap dbAndrew Tridgell2003-01-141-1/+2
| | | | | | | | (This used to be commit 31894ba0e5847eb934688598cd8d65bead23c58b)
| * Always initialise this variable - and don't set the 'must change now' if it wasAndrew Bartlett2003-01-131-0/+1
| | | | | | | | | | | | | | | | | | last changed at '0'. We need to actually change this password sometime... Andrew Bartlett (This used to be commit 740bf439d2d1512127c873cf0e57697161d6566b)
| * Fix open problem with changing attributes on an existing file - basedJeremy Allison2003-01-081-1/+0
| | | | | | | | | | | | on work by <steve@griffin.sio2.nl>. Jeremy. (This used to be commit 465d86d95fbdeda423d1f4b06cee46c119a31447)
| * We already have one function to move unistr2 -> multibyte-static, so weAndrew Bartlett2003-01-021-19/+0
| | | | | | | | | | | | | | | | | | | | don't need a second just for pdb. Also, remove magic 'is lp_guest_account' test - the magic RID should be up to the passdb backend to set. Andrew Bartlett (This used to be commit f71c8338d35a2e8c73c3d8006ea6858cb522c715)
| * BIG patch...Andrew Bartlett2003-01-026-16/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
| * Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2002-12-202-2/+2
| | | | | | | | | | | | named. Ensure we can query them. Jeremy. (This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
| * merge of get_dc_name()-like code from APP_HEAD; better support password ↵Gerald Carter2002-12-121-0/+30
| | | | | | | | | | | | server = DC1 * (This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
| * use FILE_MACRO instead of __FILE__Herb Lewis2002-12-031-5/+5
| | | | | | | | | | use FUNCTION_MACRO instead of __FUNCTION_ (This used to be commit 243763d6eb107ab2444d81025232c8fe795baaf1)
| * Move from NT_STATUS_UNSUCCESSFUL to NT_STATUS_NO_SUCH_USER, and other slightlyAndrew Bartlett2002-11-241-16/+21
| | | | | | | | | | more useful error codes. (This used to be commit 5b1185b4e8592e6bc1abe581950571e249c03a78)
| * fixed a number of places where we can try to free a wild pointer orAndrew Tridgell2002-11-201-2/+14
| | | | | | | | | | | | look for the record count after an invalid search. This fixes a segv in ldapsam (This used to be commit d076823c73731a4c83f49a21f13360a38d54406e)
| * Use smb_register_passdb() - plus some small fixesJelmer Vernooij2002-11-153-1603/+0
| | | | | | | | (This used to be commit 2addbaff358993923a58ad3845c63168678c2c21)
| * Add smb_register_passdb()Jelmer Vernooij2002-11-152-86/+59
| | | | | | | | (This used to be commit b5b3b2e6bef431c9c30dc8f2899dc22328801c0e)
generated by cgit (git 2.34.1) at 2025-10-01 13:49:02 +0000