| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
'SAMBA_2_2_RELEASE'.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| |
| |
| | |
<belanger@yahoo.com>.
Jeremy.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
belanger@pobox.com
Jeremy.
|
| |
| |
| |
| |
| | |
System sid. This avoids comparing with ACEs that we don't yet support in the
ADS Domain security descriptor.
|
| |
| |
| |
| | |
Volker
|
| |
| |
| |
| |
| |
| | |
group mapping not as local, but as WKN_GRP.
Volker
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In order to reduce complexity, this patch removes the upper layer of the SAM
API. Also, we remove the function pointers on the sam context - there really
is no point making these replaceable - that's for the modules.
Move a number of functions in include/interface.c around to allow for use of
'static' and to keep the external API in one chunk, at the bottem. All these
functions were renamed to remove the context_sam -> sam
Consequential changes in the samtest module, and back out metze's change for
ACB filtering, becouse I think it belongs in the SAM backeds. (But I will take
debate on this one).
Changes to the lib/util_sid.c code to create a 'system' token, and make it a
SAM_ASSERT() enforced requirement to have a token on those calls that specify
it. samtest now uses this.
We should have a samtest call to set your own token.
We also need to extend our se_access code to cover the things that Win2k is
returning in it's access tokens. Currently our system token doesn't pass, due
to unexpected flags. (When running sam_ads against Win2k)
Andrew Bartlett
|
| |
| |
| |
| |
| |
| | |
small fix for the previous merge.
Andrew Bartlett
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
installed one.
|
| |
| |
| |
| | |
want to include the globally installed libsmbclient.h - found by jht
|
| |
| |
| |
| |
| |
| | |
history.
Volker
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(New accounts are created on thier internal talloc context, not a supplied one
and not the one beloning to the SAM)
Also actaully add the sam_skel to the tree.
I need to work out with Jelmer an appropriate way to ensure we still have an
example external build, and if this should move back out again.
Andrew Bartlett
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Basicly, the password and the salt must be taken from the same place in both
passwd and shadow based systems. Taking salt from one, and password from the
other just doesn't work.
So pull them from passwd, then overwrite them if need be.
When modifying this file, watch the #ifdef hell - as vl found out, some
variables are globals - but only with #ifndef WITH_PAM, and the code jumps all
over the place with the password cracker.
Getting double-reviews of any change to this file highly advised, it is one of
our most system-specifc areas of code.
(So now I get to take the blame for this one... :-)
Andrew Bartlett
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This module, primarilly the work of "Stefan (metze) Metzmacher"
<metze@metzemix.de>, uses the Active Directory schema to store the
user/group/other information. I've been testing it against a real AD server,
and it is intended to work with OpenLDAP as well.
I've moved a few functions around in our other libads code, which has made it
easier to tap into that existing code.
Also, I've made some changes to the SAM interface, I hope there are not too
many objections... To ensure we don't get silly bugs in the skel module, it
is now in the default compile. This way you should not forget to update it :-)
Andrew Bartlett
|
| |
| |
| |
| |
| |
| |
| | |
the first cli_push_string do? I suspect that it's a leftover from times
when the password length was needed at some point.
Volker
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Volker, I would like to understand what you are trying to do here...
I'll trust that it's broken (this code is certainly not well tested) but I do
want to keep a close eye on the fixes...
Andrew Bartlett
|
| |
| |
| |
| |
| |
| | |
opened by an admin user, then used on a pipe handle created
by an anonymous user..... but they're working on security.... riiight !
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| | |
Jeremy.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
smbclient would announce that it can send UNICODE, but would send the
plain text password in ASCII. This confused Samba HEAD somewhat. This
change has been tested against Samba HEAD of today and Samba 2.2.1a. I
do not have any other servers that do plain text passwords. Anybody?
Volker
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
'security = user', 'encrypt passwords = no' did not work anymore.
This is on quite a standard SuSE 7.3, ./configure.developer --with-tdbsam.
I can provide a config.log / config.h on demand.
Please re-check for consequences, I don't really oversee that file.
Thanks,
Volker
|
| |
| |
| |
| |
| |
| |
| |
| | |
like metze's sam_ads can also use them.
Also add error checking etc to a few more functions.
Andrew Bartlett
|
| |
| |
| |
| |
| |
| | |
of groupadd.
Volker
|