| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| | |
supported.
Is there a better way to check for the 0x1c010002 status code?
Guenther
|
| | |
| |
| |
| |
| |
| | |
I'm disabling it for now until we have en effective
means of dealing with the ticket request flags for users
and computers.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
environment.
Guenther
|
| | |
| |
| |
| |
| |
| | |
offline logons work again with NT4 and older Samba3 DCs.
Guenther
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| |
| |
| | |
policies when requested.
No panic, the flags is uint32 so we are not running out of WBFLAG bits.
Guenther
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| |
| | |
failed with a clear error indication. This prevents the bad logon count
beeing increased on the DC.
Guenther
|
| | |
| |
| |
| |
| | |
but make the intent clearer.
Jeremy.
|
| | |
| |
| |
| | |
client sends a NULL RPC_BUFFER*
|
| | | |
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| | |
and want to just shutdown and exit.
Guenther
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| | |
printing purposes.
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| |
| | |
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
|
| | |
| |
| |
| |
| |
| |
| | |
Jeremy.
-----------------------------
fixed an hmac-md5 error for keys longer than 64 (using deallocated
stack variable)
|
| | |
| |
| |
| | |
* Fix sprintf() args when createing the group search filter.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
groups in the ${MACHINESID} and S_1-5-32 domains correctly,
I had to add a substr search on sambaSID.
* add substr matching rule to OpenLDAP schema
(we need to update the other schema as will since this
is a pretty important change). Sites will need to
- install the new schema
- add 'indea sambaSID sub' to slapd.conf
- run slapindex
* remove uses of SID_NAME_WKN_GRP in pdb_ldap.c
|
| | |
| |
| |
| |
| | |
in the switch statement which matched the schannel type
against the account type.
|
| | | |
|
| | |
| |
| |
| | |
* Fix inverted logic check for machine accounts in get_md4pw()
|
| | |
| |
| |
| |
| |
| | |
we now check wheter the sec_channel_type matches the trust account type.
Guenther
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Automatically creates the BUILTIN\Users group similar to
how BUILTIN\Administrators is done. This code does need to
be cleaned up considerably. I'll continue to work on this.
* The important fix is for getusergroups() when dealing with a
local user and nested groups. Now I can run the following
successfully:
$ su - jerry -c groups
users BUILTIN\users
|
| | |
| |
| |
| |
| | |
implicit function contract explicit.
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| | |
marshall a buffer based on an unknown size. Zero out the sec_desc
buffer to prevent this. This is still not getting proper results for
a registry security descriptor (everything gets ACCESS DENIED), but
at least we aren't blowing out memory now...
|
| | |
| |
| |
| |
| | |
should be done correctly. Fix coverity #37.
Jeremy.
|
| | |
| |
| |
| |
| | |
(variable definition was missing).
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| | |
sink by ensuring all uses of rpcstr_push are consistent
with a size_t dest size arg.
Jeremy.
|
| | | |
|
| | |
| |
| |
| | |
Guenther
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
was here
was clearly buggy as Coverity showed with bug id #36.
According to samba4 idl the sec_desc_buf is [in,out,ref], so we _have_ to ship
it in the request.
Volker
|
| | |
| |
| |
| |
| | |
the correct malloc-macros.
Jeremy.
|
| | |
| |
| |
| |
| |
| | |
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
line, and those below, will be ignored--
M source/smbd/posix_acls.c
|
| | |
| |
| |
| |
| |
| | |
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
|
| | |
| |
| |
| |
| | |
the size of the data table. Clean up the struct a little.
Jeremy.
|
