| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the AD DC to be picked up correctly and gives the correct DNS name.
To ensure no confusion, we also always init it with the full DNS name.
It also means that, aside from the BUILTIN domain the initialized
flag is set only in one place, which will help when we add more details
to the domain structure in the future.
This in turn allows kerberos authentication against winbindd on the AD DC.
Andrew Bartlett
Change-Id: Idc829cfe5f2e867c87107b49275b17f294821dcd
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
rpc servers
This means that in the AD DC, we use the AD DC servers, while in the classic DC or file server we continue
to use the built-in SAMR and LSA servers.
Andrew Bartlett
Change-Id: I63b1443f5665016f7fcbed35907ec29d4424ab18
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
|
|
| |
Change-Id: I7d2646078f6e7ba596b92da7d37c285d10ad38c0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously only members of these domains were handled.
But we also need to handle the domain itself.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10463
Change-Id: I44f85267eda243d586fffd24a799e153de0ff982
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
|
| |
|
|
|
|
|
|
|
| |
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
|
| |
|
|
|
|
| |
This does not check whether the given sid is the domain sid,
but whether it is the sid of the local sam, which is different
for a domain member server.
|
| |
|
|
| |
rpc_query_user unconditionally dereferences user_info if successfull
|
| | |
|
| |
|
|
|
| |
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
|
|
|
|
| |
This reverts commit 207a84d725b905c2b119d2ef0f4f4d4eb391140d.
This is the wrong fix for the problem, see bug #8215.
metze
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes looking up the correct unix user instead of allocation a new
uid and creating it.
Fix bug #8215 (winbind unix username lookup doesn't work correctly).
(cherry picked from commit 531edfdd1924bfb2ef486820f7f5787098bd953a)
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Jun 15 09:56:01 CEST 2011 on sn-devel-104
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
| |
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Mar 29 02:23:02 CEST 2011 on sn-devel-104
|
| |
|
|
|
| |
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Mar 28 12:06:19 CEST 2011 on sn-devel-104
|
| | |
|
| |
|
|
|
|
| |
We could never have assigned the real value in line 481.
Andreas, please check!
|
| |
|
|
|
| |
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Mar 10 19:33:47 CET 2011 on sn-devel-104
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
| |
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Feb 9 00:01:45 CET 2011 on sn-devel-104
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
| |
|
|
| |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Otherwise a lot of information that is usually generated in the ndr_push remains
in an uninitialized state.
Guenther
|
| |
|
|
|
| |
It is a very bad idea to use a static context within the open function.
Use the memory hierarchy to keep track of a client connection.
|
| |
|
|
|
|
| |
well.
Guenther
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
