summaryrefslogtreecommitdiffstats
path: root/source3/passdb
Commit message (Collapse)AuthorAgeFilesLines
...
| * Replaced reference to global_myworkgroup by calls to lp_workgroup().Volker Lendecke2002-08-211-6/+5
| | | | | | | | | | | | | | | | pdbedit failed to initialize global_myworkgroup, wo we could end up having a SID for SECRETS/SID/ in secrets.tdb. Volker (This used to be commit 8c96ab4bc05e55e119c1b44779fe14d3ab6c5f35)
| * Add changes suggested by abartlet:Jelmer Vernooij2002-08-211-1124/+1205
| | | | | | | | | | | | | | - don't use lp_passwd_file() to retrieve NIS domain name, but use location instead - some cleanups (This used to be commit 16f4568f35c753ec0ab0a0dda2b264668f5ac5ab)
| * Use the 'init' flag to determine if the UID is set, rather than testing theAndrew Bartlett2002-08-211-2/+5
| | | | | | | | | | | | | | uid for -1. Andrew Bartlett (This used to be commit 2fc12864ae78ea08d8cb4e3b1c7e341ca4a854e6)
| * pdb_nisplus converted to the new passdb system API'sJelmer Vernooij2002-08-202-559/+586
| | | | | | | | (This used to be commit 72e9a5cd340d6a912e274dc0d6f2a22a922d4b03)
| * Quick hack to get around the inadequacy of pdb_smbpasswd. This should make theAndrew Bartlett2002-08-171-1/+1
| | | | | | | | | | | | | | build farm happy again, and allow the 'guest account' to be added to smbpasswd. Andrew Bartlett (This used to be commit 5e5cd2874527dd9a213c4bfcf98a425c39f3f2e2)
| * Rework the 'guest account get's RID 501' code again...Andrew Bartlett2002-08-172-46/+57
| | | | | | | | | | | | | | | | | | | | | | This moves it right into the passdb subsystem, where we can do this in just one (or 2) places. Due to the fact that this code can be in a tight loop, I've had to make 'guest account' a 'const' paramater, where % macros cannot be used. In any case, if the 'guest account' varies, we are in for some nasty cases in the other code, so it's useful anyway. Andrew Bartlett (This used to be commit 8718e5e7b2651edad15f52a4262dc745df7ad70f)
| * Make the 'guest account' always have a RID of DOMAIN_USER_RID_GUEST.Andrew Bartlett2002-08-161-6/+20
| | | | | | | | | | Andrew Bartlett (This used to be commit 4725d7d04936335cbd85bd6ac5096c50fed93671)
| * Update secrets_fetch_domain_guid to generate and store it if it doesn't exist.Jim McDonough2002-08-121-2/+11
| | | | | | | | | | Only does it for PDCs. (This used to be commit 3543f92c39a80c8b6eb7ca3188b87f0f15896f33)
| * Add const to a pile of const to *DOM_SID paramaters.Andrew Bartlett2002-08-075-7/+7
| | | | | | | | | | Andrew Bartlett (This used to be commit fd0ebf976eb6e5fc25bc75ff471c69c3f3761e32)
| * Try to bind with LDAPv3 if possible.Andrew Bartlett2002-08-061-7/+19
| | | | | | | | | | Andrew Bartlett (This used to be commit 0e420878f26bdd19b5defb78a5fe4c31662ec941)
| * I must have missed this when I was adding 'const' to these earlier...Andrew Bartlett2002-08-051-1/+1
| | | | | | | | | | Andrew Bartlett (This used to be commit ce6c8a647ca56dcbb60ff898d77c2df297c1fe79)
| * Try to make this easier to debug - display the username that failed.Andrew Bartlett2002-08-051-1/+1
| | | | | | | | | | Andrew Bartlett (This used to be commit 8405bccd4e7a5315e58890ffa5d481031636f88a)
| * Don't accidenity mess with the wrong domain's sids.Andrew Bartlett2002-07-311-2/+2
| | | | | | | | (This used to be commit 0e2207c9c1ce573098f764e85a65c17cc1f1d284)
| * fixed multi-line strings for portabilityAndrew Tridgell2002-07-311-2/+2
| | | | | | | | (This used to be commit 9f9e0cbd2c9920b730286f8bf560dc3415c29aa6)
| * Add LSA RPC 0x2E, lsa_query_info2. Only level implemented is 0x0c, whichJim McDonough2002-07-301-0/+32
| | | | | | | | | | | | is netbios and dns domain info. Also add code to set/fetch the domain GUID from secrets.tdb (although set is not yet called by anyone). (This used to be commit 31d7168530ccce2c5e9e7f96464b47f4d9771a25)
| * Update a pile of Samba's SID lookup code to ensure:Andrew Bartlett2002-07-301-40/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - That we never call winbind recursivly - That we never use an 'algorithmic' RID when we have a fixed uid or gid mapping in either the passdb or the group mapping db. Also, remove restrictions that say 'this domain only'. If we have a mapping configured, allow it to be returned. If we later decide certian mappings are invalid, then we sould put that in the code that actually does the map. Allow 'sid->name' transtations on the fixed 'well known' groups for NT, even if they are not represented by Unix groups yet. Andrew Bartlett (This used to be commit d5bafb224337e393420c2ce9c0a787405314713c)
| * These are not critical errors, they should not be a level 0.Andrew Bartlett2002-07-301-3/+3
| | | | | | | | | | Andrew Bartlett (This used to be commit 082c0324cde38fadd70934a10849c7d40a34e3b1)
| * found nasty bug in intl/lang_tdb.c tdb structure was not tested to not be ↵Simo Sorce2002-07-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | null before close this one fixes swat not working with browsers that set more then one language. along the way implemented language priority in web/neg_lang.c with bubble sort also changet str_list_make to be able to use a different separator string Simo. (This used to be commit 69765e4faa8aaae74c97afc917891fc72d80703d)
| * Update the rebind code in pdb_ldap.Andrew Bartlett2002-07-271-34/+114
| | | | | | | | | | | | | | | | | | | | | | I've still not tested this, but I didn't test the last lot and I'm pretty sure I stuffed it up - but at least this rebind procedure matches the function prototype. It should also be fine on OpenLDAP 2.1 if I'm lucky. Andrew Bartlett (This used to be commit 064f269508d05cc833cf7bfd5613e4fe389f32dc)
| * fix parameters for ldap_set_rebind_proc() from OpenLDAP 2.1Gerald Carter2002-07-261-2/+7
| | | | | | | | (This used to be commit a6725d4ce95ca8807ccefe4ce033b45d0635da6d)
| * (another patch from mimir)Andrew Bartlett2002-07-261-2/+17
| | | | | | | | | | | | | | | | | | Add some debugging info to the secrets code. We might review what debug level that should be at, but it's fine for now. Andrew Bartlett (This used to be commit 2b6a318d686ac0b08a30844bf2960703b06d5c90)
| * Mimir has been busy with patches again, and sent in the followingAndrew Bartlett2002-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | patches: Andrew Bartlett From his e-mail: Below I attach the following patches as a result of my work on trusted domains support: 1) srv_samr_nt.c.diff This fixes a bug which caused to return null string as the first entry of enumerated accounts list (no matter what entry, it was always null string and rid) and possibly spoiled further names, depeding on their length. I found that while testing my 'net rpc trustdom list' against nt servers and samba server. 2) libsmb.diff Now, fallback to anonymous connection works correctly. 3) smbpasswd.c.diff Just a little fix which actually allows one to create a trusting domain account using smbpasswd 4) typos.diff As the name suggests, it's just a few typos fix :) (This used to be commit 888d595fab4f6b28318b743f47378cb7ca35d479)
| * Clarify this comment.Andrew Bartlett2002-07-261-0/+3
| | | | | | | | (This used to be commit d2b4e669aeada9c3498c3a9e49360270def5ad99)
| * Actually check the return value of the account_policy_get() call.Andrew Bartlett2002-07-241-5/+4
| | | | | | | | | | Andrew Bartlett (This used to be commit a7b0a2334cd8e7234c5bcb284e4c6de7a8e45f98)
| * Name get and set dir drive functions consistently.Tim Potter2002-07-214-10/+11
| | | | | | | | (This used to be commit 290a304d2c1b70d20129236e20a0ff664179023e)
| * More cleanups, and add a comment/hint not to clean somthing up in future :-)Andrew Bartlett2002-07-211-0/+3
| | | | | | | | | | Andrew Bartlett (This used to be commit 21b0e8f560849be77bde463cf006ea0de54211e9)
| * More fixes towards warnings on the IRIX compilerAndrew Bartlett2002-07-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | (and yes, some of these are real bugs) In particular, the samr code was doing an &foo of various types, to a function that assumed uint32. If time_t isn't 32 bits long, that broke. They are assignment compatible however, so use that and an intermediate variable. Andrew Bartlett (This used to be commit 30d0998c8c1a1d4de38ef0fbc83c2b763e05a3e6)
| * addedd new (t)alloc_sub_* functionsSimo Sorce2002-07-143-13/+13
| | | | | | | | | | | | they will get a const string and return a (t)alloced epanded one. also modified passdb/* stuff to use this one. (This used to be commit d378ac1e2efb0efc9a0f983d69cf678ca6255fd5)
* | Jeremy the janitor again... keeping 3.0 in sync with tridge's changes thisJeremy Allison2002-11-071-0/+3
| | | | | | | | | | | | time. Jeremy. (This used to be commit 3803324d3d49f81ef0a82c4a9fedae70d32cb409)
* | Merge vl's 'algorithmic rid base' patch, and my changes to pdb_smbpasswd's NUAAndrew Bartlett2002-11-052-24/+48
| | | | | | | | | | | | | | support from HEAD -> 3.0 Andrew Bartlett (This used to be commit 89d8ebd520e2a441e6d5b6b8adb6c483b0131adc)
* | Merge of my 'ldap trust ids' patch from HEAD.Andrew Bartlett2002-11-021-36/+96
| | | | | | | | | | | | | | | | | | | | This hopefully provides a peformance boost by not hitting getpwnam() for every entry in an enumeration, instead reteriving entries directly (if available). idra has reviewed this patch. Andrew Bartlett (This used to be commit 8abe71c4d7a796001c5765f4dd88c2e6f5637802)
* | Merge passdb from HEAD -> 3.0Andrew Bartlett2002-11-029-667/+1319
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The work here includes: - metze' set/changed patch, which avoids making changes to ldap on unmodified attributes. - volker's group mapping in passdb patch - volker's samsync stuff - volkers SAMR changes. - mezte's connection caching patch - my recent changes (fix magic root check, ldap ssl) Andrew Bartlett (This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
* | Try to catch up on the code I've put into HEAD that should be in 3.0:Andrew Bartlett2002-10-261-7/+0
| | | | | | | | | | | | | | | | | | | | - vorlan's hosts allow with DNS names patch - use x_fileno() in debug.c, not the struct directly. - check for server timeout on password change (was reporting success) - better error/status loggin in both the pam_winbind client and winbindd_pam server code. - (pdb_ldap) don't set the ldap version twice - we do it on every bind anyway. (This used to be commit 9fa1863d8e7788eda83911ca2610754486b33069)
* | Fix memory leak (patch by Steve Langasek)Jelmer Vernooij2002-10-251-0/+14
| | | | | | | | (This used to be commit 299a9060e27d341658a7badbbb21401fbcc8f083)
* | Only run free_private_data when specified (reported by Steve Langasek aka ↵Jelmer Vernooij2002-10-251-1/+2
| | | | | | | | | | | | vorlon) (This used to be commit ecd3acbfcf912a775718e320c7cb66f60436c546)
* | Start to merge the new ACL mapping code from Andreas Gruenbacher ↵Jeremy Allison2002-10-181-10/+38
| | | | | | | | | | | | | | <agruen@suse.de>. Jeremy. (This used to be commit 597c4610090d711fd30c1ffacc97212cf399a264)
* | Add a timeout to tdb_lock_bystring(). Ensure we never have more thanJeremy Allison2002-10-041-49/+11
| | | | | | | | | | | | MAX_PRINT_JOBS in a queue. Jeremy. (This used to be commit 9fe3c0b90d4bff2217e3cb5a34b4683ca314c06e)
* | Updates from Samba HEAD:Andrew Bartlett2002-10-012-9/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fix segfaults in the 'net ads' commands when no password is provided - Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the old options, but the actual code is available on all ldap systems. - Fix shadow passwords (as per work with vl) - Fix sending plaintext passwords to unicode servers (again vl) - Add a bit of const to secrets.c functions - Fix some spelling and grammer by vance. - Document the -r option in smbgroupedit. There are more changes in HEAD, I'm only merging the changes I've been involved with. Andrew Bartlett (This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
* | sync with HEADGerald Carter2002-09-266-206/+228
| | | | | | | | (This used to be commit ee9cbf58071adb627a49a94c6340aaba330486b5)
* | remove files not in HEADGerald Carter2002-09-261-219/+0
| | | | | | | | (This used to be commit 9d9f7bbf87bf9a0e003e6da482615fe040d00852)
* | syncing up with HEAD again....Gerald Carter2002-09-262-51/+81
| | | | | | | | (This used to be commit e026b84815ad1a5fa981c24fff197fefa73b4928)
* | sync'ing up for 3.0alpha20 releaseGerald Carter2002-09-259-1352/+1653
| | | | | | | | (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
* | sync 3.0 branch with headJelmer Vernooij2002-08-1710-139/+336
| | | | | | | | (This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
* | updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell2002-07-1511-858/+1226
| | | | | | | | (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
* | This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2002-07-143-0/+506
|\| | | | | | | used to be commit b8d39651fb90ef170055735412417239a63afc5d)
| * Fix up a botched prevoius commit.Andrew Bartlett2002-07-141-11/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The idea here is to allow invalid LM passwords in otherwise valid accounts. This happens when we create an account without a password, for example. Previously we would stop at the LM password, and not read things like the account flags correctly. Now we process the record, and just set the password to NULL. (Note, 'no password for access' is decided only on the basis of the Account Control bits, not on the 'NULL' value of the password feild.). Andrew Bartlett (This used to be commit c590e0c970b5babf370924cef51530e5e215eaf2)
| * Make smbpasswd behave like all the other backends, where a NULL or invalidAndrew Bartlett2002-07-131-7/+4
| | | | | | | | | | | | | | | | LM password isn't anything special. All the users check the ACB nowadays, and this allows us to correctly return flags set via usermgr. Andrew Bartlett (This used to be commit 89eb765d398de7654ba6bac7c51df727830c2591)
| * If we get a SID from group mapping, no need to check it's prefix.Andrew Bartlett2002-07-101-6/+6
| | | | | | | | | | | | | | Just set it directly. Andrew Bartlett (This used to be commit 202202bc475f3b8500423b1a9ccf0adc80a4dc49)
| * Fix debug comment.Andrew Bartlett2002-07-051-1/+1
| | | | | | | | (This used to be commit f32980c807adf8287436be0d5a223b9b1ce399b8)
| * Break up the passdb objects (to allow RPC clients to link without brining inAndrew Bartlett2002-07-033-191/+104
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | *.o) and implment new enum_dom_users code in the SAMR RPC subsystem. Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the eventual hope that we might one day support muliple domains off a single passdb. To extract the RID, we use sid_peek_check_rid(), and supply an 'expected' domain SID. The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to srv_samr_util.c, to ease linking in passdb users. Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in pdb_compat.c Andrew Bartlett (This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
generated by cgit (git 2.34.1) at 2025-10-03 05:05:53 +0000