IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.
As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)
Simo.
>Moving towards better i18n support in SWAT. This commit contains a
>bunch of updates to bug 413 from Monyo:
>
>1) pick up proper strings to call msg strings for example to add
> strings in wizard menu in web/swat.c, web/statuspage.c and
> param/loadparm.c.
>
>2) define N_() macro in include/intl.h to pick up some strings
> in param/loadparm.c
>
>3) quote all name and value tag with '"'
> For example in swat.c:720 the "Edit Parameter Values" string is
> displayd only as "Edit" because value tag is not quoted like:
> value=Edit Parameter Values
> These tags should be quoted though it sometimes works well
> without quotation.
>
>4) modify the msg strings not to contain HTML tags or other
> non-message strings. For example
> dprintf(_("test\n")); is modified to dprintf("%s\n", _("test"));
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG
as I found out later :-)
It adds a new parameter: server schannel = yes/auto/no defaulting to
auto.
What does this mean to the user: No requireSignOrSeal registry patch
for XP anymore.
Many thanks for this code to Luke Leighton, Elrond and anybody else I
forgot to mention.
My next thing will be to see if this applies cleanly to 3_0.
Please test and comment!
Volker
includes a --with-idmap=no switch to disable idmap usage if you find
problems.
cosmetic fixes and param aliases to separate winbind from idamp roles.
A temporarily remote idmap winbind compatibility backend.
As I have time I will further change code to not call directly winbind
(partly done but not tested) and a specilized module will be built in place
for the current glue hack.
The patch has been tested locally in my limited time, the patch is simple and
clear and should not reserve problems, if any just disable it.
As usual, comments and fisex are welcome :-)
Simo.
* Remove 'ldap del only sam attr' after asking Lars Mueller from SuSE first.
It is replaced by 'ldap delete dn'
* Fix a typo in docs.
* Document 'set primary group script'. Alexander, could you check the
file in smbdotconf/ please? Thanks.
Volker
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
Andrew Bartlett
The intention is to remove the muliple passdb backends, but we need the
'guest' account to always be there. If the admin adds the guest account to
(say) LDAP, there will only be one backend required for operation.
This helps remove some nasty behaviours with adding accounts to the system
for both the RPC 'create user' and the SAMSYNC code. Users 'added' with
an 'add user/machine' script won't magicly appear, and machine accounts
'pre-added' to unix, but not the smbpasswd file will not cause mayhem.
This commit also implements somthing tridge discussed with me, the concept
of 'default' passdb operation pointers - so that each backend does not
need it's own stub funcitons wrapping the default tdb privilages/group
mapping code.
This also removes an implicit 'sid->name' and 'name->sid' mapping from our
own local SID space, to winbind usernames. When adding mapping for NIS/LDAP
non-sam users in future, we need to be careful.
Andrew Bartlett
This patch adds the architecture for an IDMAP backend system including a new
smb.conf parameter "winbind backend". Right now, the only valid value is "tdb"
but I'm currently working on an LDAP backend.
Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 =
yes') and only when 'client use spengo = no'. (A new option to allow the
client and server ends to chose spnego seperatly).
NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet.
Also some parinoia checks in our input parsing.
Andrew Bartlett
This checking allows us to connect to Microsoft servers the use SMB signing,
within a few restrictions:
- I've not get the NTLMSSP stuff going - it appears to work, but if you break
the sig - say by writing a zero in it - it still passes...
- We don't currently verfiy the server's reply
- It works against one of my test servers, but not the other...
However, it provides an excellent basis to work from. Enable it with 'client
signing' in your smb.conf.
Doc to come (tomorrow) and this is not for 3.0, till we get it complete.
The CIFS Spec is misleading - the session key (for NTLMv1 at least) is the
standard session key, ie MD4(NT#).
Thanks to jra for the early work on this.
Andrew Bartlett
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
as to what it now does in 3.0. Needs more work, but better than documenting
the old functionality :-).
As the security benifits of this are nullified by a setting of 'guest ok' on
any share, we might want to put some documentation there too.
Andrew Bartlett
