sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-07 01:58:28 +03:00
Code
138,857 Commits 62 Branches 1,150 Tags
Commit Graph

12 Commits

Author SHA1 Message Date
Volker Lendecke
56ec6fe5ed lib: Add a few explicit includes 
Required to trim down includes from gen_ndr/*security*

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
 2024-08-27 07:19:32 +00:00
Andrew Bartlett
1dcd8be8f0 kdc: Use a consistent, stable time throughout the Heimdal KDC 
The MIT KDC has a fallback to a consistent time per fetch call, and
both implementations then follow the time in each 'struct
samba_kdc_entry'.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
 2024-06-10 04:27:30 +00:00
Andrew Bartlett
e04eb9bb17 dsdb: Make argument order of dsdb_update_gmsa_{entry_,}keys() consistant with other uses 
Other functions in this file are TALLOC_CTX, struct ldb_context *, not
the other way around.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
 2024-06-10 04:27:30 +00:00
Jo Sutton
d8302e9532 s4:kdc: Merge current and previous gMSA keys during period when both are valid 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-05-22 20:33:36 +00:00
Andrew Bartlett
e25c6a2120 s4-gmsa: Do not attempt password set on remote LDAP connections 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
 2024-04-21 22:10:36 +00:00
Jo Sutton
977f5753fc s4:dsdb: Add dsdb_update_gmsa_keys() 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
245dc1f0f2 s4:dsdb: Move the responsibility for determining whether an account is a gMSA out of gmsa_recalculate_managed_pwd() 
and into its callers.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
99071bbcf4 s4:dsdb: Store found managed password ID as part of gMSA update structure 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
8bcefaaa5c s4:dsdb: Store account DN as part of gMSA update structure 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
6613aeca93 s4:dsdb: Only reuse the current password ID as the previous password ID when appropriate 
This should already be the case given the current logic, but let’s make
it explicit.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
dcc5724ed7 s4:dsdb: Add a note that administrators should not set the clock too far in the future 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-21 22:10:36 +00:00
Jo Sutton
85fbdcd048 s4:dsdb: Add functions for Group Managed Service Accounts implementation 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-16 03:58:31 +00:00