summaryrefslogtreecommitdiffstats
path: root/source
Commit message (Collapse)AuthorAgeFilesLines
...
| * r22710: Support one-way trusts. Gerald Carter2007-05-068-20/+290
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rely on the fact that name2sid will work for any name in a trusted domain will work against our primary domain (even in the absense of an incoming trust path) * Only logons will reliably work and the idmap backend is responsible for being able to manage id's without contacting the trusted domain * "getent passwd" and "getent group" for trusted users and groups will work but we cannot get the group membership of a user in any fashion without the user first logging on (via NTLM or krb5) and the netsamlogon_cache being updated.
| * r22709: we can only use tschannel when commectcing to our primary (might ↵Gerald Carter2007-05-061-1/+8
| | | | | | | | need some fixing here for a Samba DC)
| * r22708: disable saving the trusted domain list as we want to the parent ↵Gerald Carter2007-05-061-0/+6
| | | | | | | | daemon to manage the complete trusted domain cache
| * r22707: missed merge from local tree: pass the correct state to the domain ↵Gerald Carter2007-05-061-1/+1
| | | | | | | | when calling the async lookupsid() routine
| * r22706: missed one reference to domain->native_mode in the previous commitGerald Carter2007-05-061-1/+1
| |
| * r22705: Implement new set_dc_type_and_flags() called based on theGerald Carter2007-05-063-9/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | information return from our DC in the DsEnumerateDomainTrusts() call. If the fails, we callback ot the older connect-to-the-remote-domain method. Note that this means we can only reliably expect the native_mode flag to be set for our own domain as this information in not available outside our primary domain from the trusted information. This is ok as we only really need the flag when trying to determine to enumerate domain local groups via RPC. Use the AD flag rather than the native_mode flag when using ldap to obtain the seq_num for a domain.
| * r22704: Implement three step method for enumerating domain trusts.Gerald Carter2007-05-066-27/+339
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (a) Query our primary domain for trusts (b) Query all tree roots in our forest (c) Query all forest roots in trusted forests. This will give us a complete trust topology including domains via transitive Krb5 trusts. We also store the trust type, flags, and attributes so we can determine one-way trusted domains (outgoing only trust path). Patch for one-way trusts coming in a later check-in. "wbinfo -m" now lists all domains in the domain_list() as held by the main winbindd process.
| * r22703: Convert winbindd_getgrgid() and winbindd_getgetpwnam()Gerald Carter2007-05-061-113/+113
| | | | | | | | | | to use the same code path after we resolve the name/gid to a SID. Use the async lookupname/lookupsid interface.
| * r22702: Convert both lookup name and lookup sid to follow theGerald Carter2007-05-062-31/+105
| | | | | | | | | | | | | | | | | | | | same heuristic. First try our DC and then try a DC in the root of our forest. Use a temporary state since winbindd_lookupXXX_async() is called from various winbindd API entry points. Note this will break the compile. That will be fixed in the next commit.
| * r22701: Fix the krb5_nt_status error table and add the "no DCs found" mappingGerald Carter2007-05-061-2/+4
| |
| * r22700: Add a simple wcache TRUSTDOM api for maintaing a completeGerald Carter2007-05-062-1/+478
| | | | | | | | | | | | | | | | list of trusted domains without requiring each winbindd process to aquire this on its own. This is needed for various idmap plugins and for dealing with different trust topoligies. list_trusted_domain() patches coming next.
| * r22695: Dummy checkin (reformatting) to make the AIX hosts retry.Volker Lendecke2007-05-061-6/+6
| |
| * r22693: Always compile before checkin.... I've now installed dmapi on my ↵Volker Lendecke2007-05-061-1/+2
| | | | | | | | laptop :-)
| * r22692: Fix compilation of explicit --without-winbind.Volker Lendecke2007-05-051-4/+4
| | | | | | | | | | | | Thanks to Tom Bork for reporting this! Volker
| * r22691: Fix a 64-bit warning and a const const discard warningVolker Lendecke2007-05-052-5/+5
| |
| * r22688: Change lock_data in struct byte_range_lock from void * to struct ↵Volker Lendecke2007-05-052-25/+16
| | | | | | | | lock_struct *
| * r22677: One line fix to make net idmap restore work againSimo Sorce2007-05-041-0/+1
| | | | | | | | Jerry, please add this for 3.0.25 final
| * r22676: Fix zero alloc with create_rpc_blob().Jeremy Allison2007-05-041-13/+21
| | | | | | | | Jeremy.
| * r22675: Simo's patch for 0 size allocation. Still needJeremy Allison2007-05-045-19/+29
| | | | | | | | | | to examine parse_misc.c fix. Jeremy.
| * r22673: Fix for Jerry's reversion. We still need to check sizeJeremy Allison2007-05-041-4/+16
| | | | | | | | | | before talloc. Jeremy.
| * r22666: Expand kerberos_kinit_password_ext() to return NTSTATUS codes and makeGünther Deschner2007-05-043-7/+35
| | | | | | | | | | | | winbindd's kerberized pam_auth use that. Guenther
| * r22664: When we have krb5_get_init_creds_opt_get_error() then try to get the ↵Günther Deschner2007-05-044-0/+167
| | | | | | | | | | | | | | | | NTSTATUS codes directly out of the krb5_error edata. Guenther
| * r22663: Restructure kerberos_kinit_password_ext() error path.Günther Deschner2007-05-041-53/+33
| | | | | | | | Guenther
| * r22659: merge from SAMBA_4_0:Stefan Metzmacher2007-05-042-1/+14
| | | | | | | | | | | | | | | | - add AC_GNU_SOURCE macro for systems which don't have it (sles8) - fix compiler warning on some systems metze
| * r22655: Call correct free-macros in netsamlogon_cache_get() error paths. ↵Günther Deschner2007-05-031-4/+3
| | | | | | | | | | | | | | | | Forgot those in the previous commit. Guenther
| * r22654: And this is now Samba 3.0.27pre1-SVNGerald Carter2007-05-031-1/+1
| |
| * r22648: Fix comment to match the code.James Peach2007-05-031-1/+1
| |
| * r22647: Avoid leaking a full info3 structure on each winbindd cached login ↵Günther Deschner2007-05-033-9/+11
| | | | | | | | | | | | | | | | by making netsamlogon_cache_get() return a talloc'ed structure. Guenther
| * r22646: segfault fix in idmap_ldap.c from 3_0_25Simo Sorce2007-05-031-2/+8
| |
| * r22644: Fix memleak.Günther Deschner2007-05-031-1/+3
| | | | | | | | Guenther
| * r22643: Don't clear cached U/SID and UG/SID entries when we want to logon ↵Günther Deschner2007-05-031-1/+8
| | | | | | | | | | | | offline. Guenther
| * r22641: Install tdbdump and tdbbackup.Jelmer Vernooij2007-05-022-3/+3
| |
| * r22636: Fix logic bug. Günther Deschner2007-05-021-6/+6
| | | | | | | | | | | | | | | | | | We certainly don't want to crash winbind on each sucessfull centry_uint{8,16,32,64} read. Jeremy, please check :-) Guenther
| * r22633: Fix typo in debug message.James Peach2007-05-011-1/+1
| |
| * r22631: Remove the possibility of sid_check_is_domain andJames Peach2007-05-011-2/+1
| | | | | | | | sid_check_is_in_our_domain getting out of sync.
| * r22630: Revert svn r22576 (parse change to enum_aliasmem(). Original code ↵Gerald Carter2007-05-011-17/+4
| | | | | | | | was correct
| * r22615: fix prototypeMichael Adam2007-04-301-1/+1
| |
| * r22614: Only enable GNU-isms in the Makefile if we can be sure that the GNUJames Peach2007-04-301-2/+8
| | | | | | | | make we found is what will be run when the user invokes "make".
| * r22613: Fix an uninitialized variable warningVolker Lendecke2007-04-301-1/+1
| |
| * r22611: Fix from Jens Nissen <jens.nissen@gmx.net>. Fix badJeremy Allison2007-04-302-3/+1
| | | | | | | | | | | | | | | | | | | | | | memory leak I introduced into acl code, also remove redundent extra check for global_sid_System : global_sid_System == S-1-5-18 which is already included in the check for a domain of global_sid_NT_Authority == S-1-5 Jeremy.
| * r22593: Finish doing the same for raw TALLOC.Jeremy Allison2007-04-301-109/+172
| | | | | | | | Jeremy.
| * r22592: Fix TALLOC_SIZE to be consistent.Jeremy Allison2007-04-301-7/+11
| | | | | | | | Jeremy.
| * r22590: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison2007-04-309-40/+87
| | | | | | | | | | That should be it.... Jeremy.
| * r22589: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison2007-04-3024-285/+522
| | | | | | | | Jeremy.
| * r22588: Make all uses of TALLOC_MEMDUP consistent.Jeremy Allison2007-04-308-27/+83
| | | | | | | | Jeremy.
| * r22587: Ensure TALLOC_ZERO_ARRAY is consistent.Jeremy Allison2007-04-303-30/+72
| | | | | | | | Jeremy.
| * r22586: Add a modified version of Simo's patch.Jeremy Allison2007-04-301-13/+28
| | | | | | | | Jeremy.
| * r22585: Get us into a consistent state with TALLOC_ZERO_ARRAY also.Jeremy Allison2007-04-304-69/+125
| | | | | | | | Jeremy.
| * r22584: Don't hardcode specific Python version.Jelmer Vernooij2007-04-292-2/+2
| | | | | | | | Patch by the Samba packaging team for Debian.
| * r22583: Support non-Linux GNU systems (such as Debians' GNU with FreeBSD ↵Jelmer Vernooij2007-04-291-5/+17
| | | | | | | | | | | | | | | | kernel and Hurd systems). Patch by the Samba packaging team for Debian.
generated by cgit (git 2.34.1) at 2025-09-28 14:52:23 +0000