summaryrefslogtreecommitdiffstats
path: root/source3/passdb
Commit message (Collapse)AuthorAgeFilesLines
...
* | Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett2003-01-035-13/+13
| | | | | | | | | | | | | | warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
* | Finish adding strings to all talloc_init() calls.Jeremy Allison2002-12-231-2/+1
| | | | | | | | | | Jeremy. (This used to be commit aa8439a49ec4b9f433745fefa1e769e45398f4df)
* | Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2002-12-202-2/+2
| | | | | | | | | | | | named. Ensure we can query them. Jeremy. (This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
* | Merge some more FUNCTION_MACRO stuff.Tim Potter2002-12-201-5/+5
| | | | | | | | (This used to be commit adb34ee5b183d17ec0c26ec2cf4f591822c59900)
* | merge of get_dc_name()-like code from APP_HEAD; better support password ↵Gerald Carter2002-12-131-0/+30
| | | | | | | | | | | | server = DC1 * (This used to be commit f49de4c5176bf635ac080e082fda412066b466c8)
* | Merge tridge's fixes to pdb_ldap (don't look for number of results in aAndrew Bartlett2002-11-261-17/+34
| | | | | | | | | | | | | | failed query) and my fixes to those fixes to use better NT_STATUS codes. Andrew Bartlett (This used to be commit 6040171cabe3ca215149708a6244e24bc9c2c4fa)
* | Remove #ifdef's for NISPLUS_SAM - there are no function name collisions anymoreJelmer Vernooij2002-11-141-4/+0
| | | | | | | | (This used to be commit 32c93921b01b5d28a2f5837026aad2445a0ece03)
* | Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison2002-11-125-25/+19
| | | | | | | | | | | | | | dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
* | Improve DEBUG output somewhat moreJelmer Vernooij2002-11-111-2/+5
| | | | | | | | (This used to be commit 2cc36ce0ee8383aa8a20a8dc5a3218693dc46817)
* | Add more debug infoJelmer Vernooij2002-11-111-2/+2
| | | | | | | | (This used to be commit 065ed9783236cf1e8254655a9a1d4de937b35018)
* | Print the number of returned rows, not the number of fieldsJelmer Vernooij2002-11-101-2/+2
| | | | | | | | (This used to be commit cf74ddc2fcb1e7286441edb432d8906bb722a3d4)
* | Back out some of my sync changesJelmer Vernooij2002-11-091-7/+7
| | | | | | | | (This used to be commit b1ad91101d10d1fa635cfbb1684f8b598280cee0)
* | Sync with HEADJelmer Vernooij2002-11-091-7/+7
| | | | | | | | (This used to be commit 1a25dc776ddc36de9a214e023becff1ceb10290c)
* | Merge from HEAD:Andrew Bartlett2002-11-083-36/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - change auth_sam to use the initialisation flags to determine if the password attributes are set - add const to secrets.c, cliconnect.c - passdb: fix spelling in pdb_ldap, add group mapping back to smbpasswd - SAMR: add debugs to show what fails for group enum. Andrew Bartlett (This used to be commit 4e74d00b3634abf52aa24bfaa6dbe88202aa57a1)
* | This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵cvs2svn Import User2002-11-072-0/+1599
|\| | | | | | | used to be commit aafa32d6809e1bc60a8186140f2f3cf2bf6bff16)
| * Fix small typoJelmer Vernooij2002-11-071-1/+1
| | | | | | | | (This used to be commit 3c39bd9db09c59f149d77e371ed078cd7ec2d1b4)
| * when doing a 'net rpc vampire' a pdb_init_sam_pw() is used to create aAndrew Tridgell2002-11-071-0/+3
| | | | | | | | | | | | | | | | | | | | | | sam account object, then pdb_update_sam_account() can be used to update an account. This code path could lead to the methods element of the account being used when uninitialised (leading to a segv) Easiest fix is to always make that that when creating a sam_account object we initialise the methods to null, so that the passdb code knows that it needs to be filled in. (This used to be commit fb79fa5a31c2fa8ebdcddbc49b1d9c1aa3059691)
| * Merge of scalable printing code fix... Needs testing.Jeremy Allison2002-11-071-6/+9
| | | | | | | | | | | | | | | | Also tidied up some of Richard's code (I don't think he uses the compiler flags -g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual like I do :-) :-). Jeremy. (This used to be commit 10024ed06e9d91f24fdc78d59eef2f76bf395438)
| * Add group management support (patch from metze)Jelmer Vernooij2002-11-062-0/+67
| | | | | | | | (This used to be commit 090a2015eb9aa4ec68d80e972ae192d19afd536e)
| * Adapt to latest pdb API changes - only thing left is group supportJelmer Vernooij2002-11-062-21/+17
| | | | | | | | (This used to be commit 99a2e7fde1fd4e589035c273f40419ef322e097d)
| * pdb_get_unknown? -> pdb_get_unknown_?Jelmer Vernooij2002-11-061-3/+3
| | | | | | | | (This used to be commit c13ed6c866fed43e5f83e083c377a1cd7d505061)
| * Move pdb_xml to source/Jelmer Vernooij2002-11-051-0/+561
| | | | | | | | (This used to be commit b68106a79e4536fa82d75dd330d07dba51bfeaf4)
| * Move pdb_mysql to source/passdbJelmer Vernooij2002-11-051-0/+975
| | | | | | | | (This used to be commit 1d742e14ad18070aee654071d159b8b7410d6f86)
| * Allow 'normal' accounts in the non-unix-account range for smbpasswd - I hopeAndrew Bartlett2002-11-041-19/+20
| | | | | | | | | | | | this will fix some of the problems on the build farm @ Compaq (where they have a *lot* of accounts...). (This used to be commit 2c97b7e6480c2731739ccc52af97bc62a6228cfe)
| * Fix debugAndrew Bartlett2002-11-041-1/+1
| | | | | | | | (This used to be commit 5b5b8de70e46a15e9fb9b47c7af6cb0133f41217)
| * Extra little fix to vl's patch. Make sure the passdb and testparm messagesAndrew Bartlett2002-11-031-3/+5
| | | | | | | | | | | | | | | | say exactly the same thing - in particular that we can algorithmic rid base == 1000, and use the BASE_RID macro to avoid the use of magic numbers. Andrew Bartlett (This used to be commit b70f2a8047ac549841bc103932b38951e9814186)
| * Force algorithmic rid base to sane values and talk about it.Volker Lendecke2002-11-031-4/+25
| | | | | | | | | | Volker (This used to be commit ce5b2d991b42bbf6865ff75194f8ee4b46694841)
| * Clean up this a little - add comments describing a bit of what is going onAndrew Bartlett2002-11-021-5/+6
| | | | | | | | | | here. (This used to be commit 88455313f6551a75eff4df2f0ba91430948c1c78)
| * Add a 'ldap trust ids' option that lets pdb_ldap check for posixAccountAndrew Bartlett2002-11-021-33/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | attributes rather than calling getpwnam() on the user. This should help fix some of metze's performance issues - particularly on enumerations. There is a consequential change to the operation of 'non unix account's in LDAP - they are no longer restricted to being 'within' the NUA range, but will always be added to that range. Finally, there is the doco for this and the previous LDAP SSL changes. (This used to be commit 18abaeffda300074a507561d8372d5bfddc8fe50)
| * Return the result code, not false (0 == success) on error...Andrew Bartlett2002-11-021-1/+1
| | | | | | | | (This used to be commit f91c363bc05d1c82ad8a99a5c0d59b46cf820aac)
| * Fixes for pdb_ldap:Andrew Bartlett2002-11-021-111/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Default is now for start-tls, on the ldap (not ldaps) port - We check for 'I am currently root' in the right place now, and don't accidentily use a cached connection. - We don't loop on failure to be root, or some other errors. - A bit cleaner error reporting for add/modify. - Both the OpenLDAP and manual URI parsing tested. Andrew Bartlett (This used to be commit cfa1e459d727764feddcfdd8c9c0404282e2d0e8)
| * One more step towards to better PDC.Andrew Bartlett2002-10-261-208/+330
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch, from "Stefan (metze) Metzmacher" <metze@metzemix.de> implements an LDAP connection cache. This removes the quite silly situation where every single passdb operation involved a new LDAP connection. The hope is that this will give us a decent performance boost in some usrmgr related activities, and in the sid->name/sid->uid code. The remaining things I think are 'todo' for pdb_ldap (in the near term) are: - intergrate volker's next_rid patch for NUA accounts, - add a 'trust ldap ids' option (remove Get_Pwnam() hit on enumerations). - put the group mapping actually into ldap - Schema fixes and do utf8 conversion - server failover (try a second server for the rebind on fail) - ensure we block between an 'add' and the ldap master replicating to our local slave (mezte found this issue, kills domain joins) Andrew Bartlett (This used to be commit 3418da16456511490beb0d1045fff24576b48273)
| * Fix memory leak (patch by Steve Langasek)Jelmer Vernooij2002-10-251-0/+14
| | | | | | | | (This used to be commit 06362586cb754bd6bc89b50b966737958286ca2e)
| * Only run free_private_data when it's specified (reported by Steve Langasek ↵Jelmer Vernooij2002-10-251-1/+2
| | | | | | | | | | | | aka vorlon) (This used to be commit 9efa98b4a65a38df922ce3b83f5fde631cb70844)
| * pdb_unix.c did not really expect group RIDs dictated by a PDC and lookingVolker Lendecke2002-10-211-2/+4
| | | | | | | | | | | | | | like user RIDs. Volker (This used to be commit 872c7d40454545108ec9e7eee12894af77b4adc3)
| * This moves the group mapping API into the passdb backend.Volker Lendecke2002-10-217-11/+453
| | | | | | | | | | | | | | | | | | | | | | | | | | Currently this calls back to mapping.c, but we have the framework to get the information into LDAP and the passdb.tdb (should we? I think so..). This has received moderate testing with net rpc vampire and usrmgr. I found the add_groupmem segfault in add_aliasmem as well, but that will be another checkin. Volker (This used to be commit f30095852fea19421ac8e25dfe9c5cd4b2206f84)
| * Start to merge the new ACL mapping code from Andreas Gruenbacher ↵Jeremy Allison2002-10-181-10/+38
| | | | | | | | | | | | | | <agruen@suse.de>. Jeremy. (This used to be commit f6103f866a5e698ab55fdab1444a14e3d8da16bb)
| * Revert changesVolker Lendecke2002-10-171-1/+1
| | | | | | | | (This used to be commit 975fd17f8af0f03f43995deb3fdd9bd5995a1c92)
| * Revert changesVolker Lendecke2002-10-171-24/+22
| | | | | | | | (This used to be commit 84b62f6d96a77ccbc1b4475ab0780a4e4c9d4875)
| * No functional change. I'm trying to understand pdb_ldap.c andVolker Lendecke2002-10-161-22/+24
| | | | | | | | | | | | | | found an unecessary parameter to ldapsam_search_one_user. Volker (This used to be commit a085670c7e3a0ca82df749592fd5c6a86def1d53)
| * Create group mappings on the fly.Volker Lendecke2002-10-161-1/+1
| | | | | | | | | | Volker (This used to be commit e2fc1de34aaf875a7003f9d15d5f8ecf159130fb)
| * Nice *big* patch from metze.Andrew Bartlett2002-10-127-370/+465
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The actual design change is relitivly small however: It all goes back to jerry's 'BOOL store', added to many of the elements in a SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into ldap. This was a great win for admins, and this patch follows in the same way. This patch extends the concept - we don't store values back into LDAP unless they have been changed. So if we read a value, but don't update it, or we read a value, find it's not there and use a default, we will not update ldap with that value. This reduced clutter in our LDAP DB, and makes it easier to change defaults later on. Metze's particular problem was that when we 'write back' an unchanged value, we would clear any muliple values in that feild. Now he can still have his mulitivalued 'uid' feild, without Samba changing it for *every* other operation. This also applies to many other attributes, and helps to eliminate a nasty race condition. (Time between get and set) This patch is big, and needs more testing, but metze has tested usrmgr, and I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly flawed ;-). The same system will be introduced into the SAM code shortly, but this fixes bugs that people were coming across in production uses of Samba 3.0/HEAD, hence it's inclusion here. Andrew Bartlett (This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
| * We already set LDAPv3 at connect time, no need to set it again.Andrew Bartlett2002-10-121-8/+0
| | | | | | | | (This used to be commit c8e32d485bf205b6965579f94063effd86777f3f)
| * Add a timeout to tdb_lock_bystring(). Ensure we never have more thanJeremy Allison2002-10-041-49/+11
| | | | | | | | | | | | MAX_PRINT_JOBS in a queue. Jeremy. (This used to be commit bb58a08af459b4abae9d53ab98c15f40638ce52b)
| * Add const.Andrew Bartlett2002-09-281-1/+1
| | | | | | | | (This used to be commit f7dd66e88dba947a167d9a14c96810854dfc5c9d)
| * Minor updates:Andrew Bartlett2002-09-271-4/+4
| | | | | | | | | | | | | | | | | | | | | | Add const to some more functions, and reintroduce 'net rpc join oldstyle' as *only* trying an old-style join. This means that we can rely on it not prompting for a password on the build farm. Andrew Bartlett (This used to be commit 31bdbeef0ea6f30247cd3b30cfea57b34102abe6)
| * Readd the 2.2 --with-ldapsam paramaters so as to allow a smooth upgrade path toAndrew Bartlett2002-09-271-4/+19
| | | | | | | | | | | | | | | | | | a 3.0 based PDC. Change defaults to use SSL, so that this also matches. Andrew Bartlett (This used to be commit 36c2a3820faa1d90cd331881720be0e61ab93460)
| * Patch from "Stefan (metze) Metzmacher" <metze@metzemix.de> to do a *much*Andrew Bartlett2002-09-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | better job of working with usrmgr. Previously we were blanking out entires, and all sort of mischif. The new patch (which I've now had a chance to test/modify) also takes care not to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to store \\server\user back) and to correctly notice 'not set' compared to 'null string' etc. Andrew Bartlett (This used to be commit ab878b6cc4132594fc33f78aeebf0d8b7266c150)
| * move all the passdb internal interface to NTSTATUSSimo Sorce2002-09-266-256/+307
| | | | | | | | | | | | | | | | | | | | only the interface has been fully moved to NTSTATUS not all the plugins make full use of it, but have been all converted. My testings passed completely, however a bit of more testing is welcome Simo. (This used to be commit 102a26e06591928a03b49cd312a65811ed46314f)
| * Make it clear what this if statement applies to, and what it doesn'tAndrew Bartlett2002-09-251-0/+1
| | | | | | | | (This used to be commit 6b78e554c3dd3c98bff7dbd1d3715a9b7e405b8d)
generated by cgit (git 2.34.1) at 2025-10-02 09:28:26 +0000