IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
(don't init to NULL context - we got one handed in...)
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 25 14:18:20 CEST 2014 on sn-devel-104
Otherwise, the check is superfluous since high and low values are
initialized to 0.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Check whether the requested backend exists at all, before going
further into the config parsing.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
idmap_init_domain() is called with check_range == false from
idmap_passdb_domain(). In this case, we usually don't have an
idmap range at all, and we don't want to level 1 debug
messages complaining about the fact are irritating at least.
This patch removes the debug in the case of check_range == false.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10737
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This allows us to avoid running idmap_init_default_domain() which
gives an error in the default AD DC config.
Andrew Bartlett
Change-Id: I923bd941951f6a907e6fa1ad167e5218a01040ff
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
It is not an error to be logged at level 1 when a
domain has no explicitly configured idmap backend.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 8 03:16:54 CET 2013 on sn-devel-104
This is more correct than the original one:
It also hands the wellknown and "Unix Users" and "Unix Groups" sids to passdb
for id mapping.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This will return the passdb domain if the given sid is in our sam or builtin
or is the domain sid of those domains. Otherwise it returns the idmap domain
that results from the idmap configuration.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 23 18:19:00 CEST 2012 on sn-devel-104
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
Ensure we return after calling passdb for SID lookups for which we are
authoritative.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov 8 22:24:34 UTC 2010 on sn-devel-104
The old idmap code created a new mapping if asking the backends failed.
Now with the new layering, if passdb (which is used for our own domain
and builtin), then we need to continue and ask the backends, giving
tdb or whatever the default backend is a chance to create a mapping.
The registering of alloc backends is being removed.
The idmap backends are responsible for initializing
their alloc code on their own if necessary.
No list of alloc backends is maintained any more in the top level.
The registering of alloc backends is being removed.
The idmap backends are responsible for initializing
their alloc code on their own if necessary.
No list of alloc backends is maintained any more in the top level.
It seems that it is possible for idmap_init_passdb_domain() to be run
before idmap_init_domain(), so ensure we run the static init functions
in both.
Andrew Bartlett
Signed-off-by: Michael Adam <obnox@samba.org>
Simo is right, we need to ask passdb first. At least this fixes a nasty to find
NT_STATUS_ACCESS_DENIED problem in the build farm for the test run I just did
on host "opi".
Michael, can you re-check if this also fixes the error you found, leading to
the two fixes?
Thanks,
Volker