summaryrefslogtreecommitdiffstats
path: root/source
Commit message (Collapse)AuthorAgeFilesLines
...
* | r22714: Prevent DNS lookup storms when the DNS servers are unreachable.Gerald Carter2007-05-061-9/+40
| | | | | | | | | | | | | | | | Helps when transitioning from offline to online mode. Note that this is a quick hack and a better solution would be to start the DNS server's state between processes (similar to the namecache entries).
* | r22713: Offline logon fixes for idmap manager:Gerald Carter2007-05-063-66/+81
| | | | | | | | | | | | | | | | | | | | | | (a) Ignore the negative cache when the domain is offline (b) don't delete expired entries from the cache as these can be used when offline (same model as thw wcache entries) (c) Delay idmap backend initialization when offline as the backend routines will not be called until we go online anyways. This prevents idmap_init() from failing when a backend's init() function fails becuase of lack of network connectivity
* | r22712: Inform the user when logging in via pam_winbindGerald Carter2007-05-064-0/+38
| | | | | | | | and the krb5 tkt cache could not be created due to clock skew.
* | r22711: Fix a compile warnign in query_user(). Ensure that user_ridGerald Carter2007-05-062-3/+2
| | | | | | | | is initialized.
* | r22710: Support one-way trusts. Gerald Carter2007-05-068-20/+290
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rely on the fact that name2sid will work for any name in a trusted domain will work against our primary domain (even in the absense of an incoming trust path) * Only logons will reliably work and the idmap backend is responsible for being able to manage id's without contacting the trusted domain * "getent passwd" and "getent group" for trusted users and groups will work but we cannot get the group membership of a user in any fashion without the user first logging on (via NTLM or krb5) and the netsamlogon_cache being updated.
* | r22709: we can only use tschannel when commectcing to our primary (might ↵Gerald Carter2007-05-061-1/+8
| | | | | | | | need some fixing here for a Samba DC)
* | r22708: disable saving the trusted domain list as we want to the parent ↵Gerald Carter2007-05-061-0/+6
| | | | | | | | daemon to manage the complete trusted domain cache
* | r22707: missed merge from local tree: pass the correct state to the domain ↵Gerald Carter2007-05-061-1/+1
| | | | | | | | when calling the async lookupsid() routine
* | r22706: missed one reference to domain->native_mode in the previous commitGerald Carter2007-05-061-1/+1
| |
* | r22705: Implement new set_dc_type_and_flags() called based on theGerald Carter2007-05-063-9/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | information return from our DC in the DsEnumerateDomainTrusts() call. If the fails, we callback ot the older connect-to-the-remote-domain method. Note that this means we can only reliably expect the native_mode flag to be set for our own domain as this information in not available outside our primary domain from the trusted information. This is ok as we only really need the flag when trying to determine to enumerate domain local groups via RPC. Use the AD flag rather than the native_mode flag when using ldap to obtain the seq_num for a domain.
* | r22704: Implement three step method for enumerating domain trusts.Gerald Carter2007-05-066-27/+339
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (a) Query our primary domain for trusts (b) Query all tree roots in our forest (c) Query all forest roots in trusted forests. This will give us a complete trust topology including domains via transitive Krb5 trusts. We also store the trust type, flags, and attributes so we can determine one-way trusted domains (outgoing only trust path). Patch for one-way trusts coming in a later check-in. "wbinfo -m" now lists all domains in the domain_list() as held by the main winbindd process.
* | r22703: Convert winbindd_getgrgid() and winbindd_getgetpwnam()Gerald Carter2007-05-061-113/+113
| | | | | | | | | | to use the same code path after we resolve the name/gid to a SID. Use the async lookupname/lookupsid interface.
* | r22702: Convert both lookup name and lookup sid to follow theGerald Carter2007-05-062-31/+105
| | | | | | | | | | | | | | | | | | | | same heuristic. First try our DC and then try a DC in the root of our forest. Use a temporary state since winbindd_lookupXXX_async() is called from various winbindd API entry points. Note this will break the compile. That will be fixed in the next commit.
* | r22701: Fix the krb5_nt_status error table and add the "no DCs found" mappingGerald Carter2007-05-061-2/+4
| |
* | r22700: Add a simple wcache TRUSTDOM api for maintaing a completeGerald Carter2007-05-062-1/+478
| | | | | | | | | | | | | | | | list of trusted domains without requiring each winbindd process to aquire this on its own. This is needed for various idmap plugins and for dealing with different trust topoligies. list_trusted_domain() patches coming next.
* | r22693: Always compile before checkin.... I've now installed dmapi on my ↵Volker Lendecke2007-05-061-1/+2
| | | | | | | | laptop :-)
* | r22692: Fix compilation of explicit --without-winbind.Volker Lendecke2007-05-051-4/+4
| | | | | | | | | | | | Thanks to Tom Bork for reporting this! Volker
* | r22691: Fix a 64-bit warning and a const const discard warningVolker Lendecke2007-05-052-5/+5
| |
* | r22688: Change lock_data in struct byte_range_lock from void * to struct ↵Volker Lendecke2007-05-052-25/+16
| | | | | | | | lock_struct *
* | r22677: One line fix to make net idmap restore work againSimo Sorce2007-05-041-0/+1
| | | | | | | | Jerry, please add this for 3.0.25 final
* | r22676: Fix zero alloc with create_rpc_blob().Jeremy Allison2007-05-041-13/+21
| | | | | | | | Jeremy.
* | r22675: Simo's patch for 0 size allocation. Still needJeremy Allison2007-05-045-19/+29
| | | | | | | | | | to examine parse_misc.c fix. Jeremy.
* | r22673: Fix for Jerry's reversion. We still need to check sizeJeremy Allison2007-05-041-4/+16
| | | | | | | | | | before talloc. Jeremy.
* | r22656: merge to 3_0_26 as well.Günther Deschner2007-05-031-4/+3
| | | | | | | | Guenther
* | r22653: This is Samba 3.0.26pre1-SVNGerald Carter2007-05-031-3/+3
| |
* | r22652: re-add Jeremy objectID changesGerald Carter2007-05-033-14/+113
| |
* | r22649: revert the objectID changes (for now) and leave these for 3.0.26Gerald Carter2007-05-033-113/+14
| |
* | r22647: Avoid leaking a full info3 structure on each winbindd cached login ↵Günther Deschner2007-05-033-9/+11
| | | | | | | | | | | | | | | | by making netsamlogon_cache_get() return a talloc'ed structure. Guenther
* | r22645: Fix bug in idmap_ldap's get_credentials() code.Simo Sorce2007-05-031-2/+8
| | | | | | | | | | | | | | | | We were dereferencing null for the alloc backend. Jerry, thits need to be in 3.0.25 final. Simo.
* | r22644: Fix memleak.Günther Deschner2007-05-031-1/+3
| | | | | | | | Guenther
* | r22643: Don't clear cached U/SID and UG/SID entries when we want to logon ↵Günther Deschner2007-05-031-1/+8
| | | | | | | | | | | | offline. Guenther
* | r22630: Revert svn r22576 (parse change to enum_aliasmem(). Original code ↵Gerald Carter2007-05-011-17/+4
| | | | | | | | was correct
* | r22613: Fix an uninitialized variable warningVolker Lendecke2007-04-301-1/+1
| |
* | r22611: Fix from Jens Nissen <jens.nissen@gmx.net>. Fix badJeremy Allison2007-04-302-3/+1
| | | | | | | | | | | | | | | | | | | | | | memory leak I introduced into acl code, also remove redundent extra check for global_sid_System : global_sid_System == S-1-5-18 which is already included in the check for a domain of global_sid_NT_Authority == S-1-5 Jeremy.
* | r22593: Finish doing the same for raw TALLOC.Jeremy Allison2007-04-302-109/+182
| | | | | | | | Jeremy.
* | r22592: Fix TALLOC_SIZE to be consistent.Jeremy Allison2007-04-301-7/+11
| | | | | | | | Jeremy.
* | r22590: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison2007-04-309-40/+87
| | | | | | | | | | That should be it.... Jeremy.
* | r22589: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison2007-04-3026-323/+576
| | | | | | | | Jeremy.
* | r22588: Make all uses of TALLOC_MEMDUP consistent.Jeremy Allison2007-04-308-27/+83
| | | | | | | | Jeremy.
* | r22587: Ensure TALLOC_ZERO_ARRAY is consistent.Jeremy Allison2007-04-303-30/+72
| | | | | | | | Jeremy.
* | r22586: Add a modified version of Simo's patch.Jeremy Allison2007-04-301-13/+28
| | | | | | | | Jeremy.
* | r22585: Get us into a consistent state with TALLOC_ZERO_ARRAY also.Jeremy Allison2007-04-304-69/+125
| | | | | | | | Jeremy.
* | r22577: Change all of parse/*.c to use standard form. Fix someJeremy Allison2007-04-294-76/+127
| | | | | | | | | | marshalling bugs. Jeremy.
* | r22576: Fix marshalling bug in aliasmem.Jeremy Allison2007-04-291-4/+17
| | | | | | | | Jeremy.
* | r22574: Fix reply when we have no dfs shares.Jeremy Allison2007-04-291-21/+31
| | | | | | | | Jeremy.
* | r22573: Fix old bug mixing free() and talloc_free()Jeremy Allison2007-04-291-1/+1
| | | | | | | | | | | | | | when the add_sid_to_array_XX code was moved from malloc to talloc. Found running valgrind and rpcclient. Needs merging for 3.0.25 final. Jeremy.
* | r22564: Move the _strict -> _zeronull functions into lib/util.cJeremy Allison2007-04-296-122/+125
| | | | | | | | | | and out of talloc at tridge's request. Jeremy.
* | r22562: Qucik fix for session memory leak (vl's tallocJeremy Allison2007-04-281-1/+5
| | | | | | | | | | | | fix is probably better in the long run). Jerry - your call whether this makes 3.0.25 or not. Jeremy.
* | r22555: Ensure our paranoid malloc functions return NULL onJeremy Allison2007-04-281-0/+12
| | | | | | | | | | size == 0 so we have a known behavior. Jeremy.
* | r22554: Fix an assumption that TALLOC_ARRAY(.., 0) != NULL.Volker Lendecke2007-04-281-2/+7
| | | | | | | | Volker
generated by cgit (git 2.34.1) at 2025-10-02 17:25:02 +0000