IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Also update the other commands to his correct example of [<method>], since
it is optional.
Thanks, Steve.
(This used to be commit 307d942ccdff01e471e7fe3fa66d5cc21cecf64d)
- change auth_sam to use the initialisation flags to determine if
the password attributes are set
- add const to secrets.c, cliconnect.c
- passdb: fix spelling in pdb_ldap, add group mapping back to smbpasswd
- SAMR: add debugs to show what fails for group enum.
Andrew Bartlett
(This used to be commit 4e74d00b3634abf52aa24bfaa6dbe88202aa57a1)
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
(i ignored the new SAMBA stuff, but the rest of this looks like it should
have been merged already).
(This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
- Fix segfaults in the 'net ads' commands when no password is provided
- Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the
old options, but the actual code is available on all ldap systems.
- Fix shadow passwords (as per work with vl)
- Fix sending plaintext passwords to unicode servers (again vl)
- Add a bit of const to secrets.c functions
- Fix some spelling and grammer by vance.
- Document the -r option in smbgroupedit.
There are more changes in HEAD, I'm only merging the changes I've been involved
with.
Andrew Bartlett
(This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
getsid, then join as a BDC, and then watch net rpc vampire suck out
the good stuff out of a PDC :-). It's not perfect, but it does quite a
bit for me. Watch out for more.
Volker
(This used to be commit f0d7ac9feb5844c93789344285b1d66f480209ba)
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.
Volker
(This used to be commit b959419ed38e66a12b63cad3e5fbfa849f952acc)
Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>
It includes a conversion of make_user_info*() to NTSTATUS and some minor
changes to other files.
It also picks up on a nasty segfault that can occour in some security=domain
cases.
Andrew Bartlett
(This used to be commit d1e1fc3e4bf72717b3593685f0ea5750d676952a)
to extend the ADS_STATUS system to include NTSTATUS, and to provide a better
general infrustructure for his sam_ads work.
I've also added some extra failure mode DEBUG()s to parts of the code.
NOTE: The ADS_ERR_OK() macro is rather sensitive to braketing issues - without
the final set of brakets, the test is essentially inverted - causing some
intersting 'error = success' messages...
Andrew Bartlett
(This used to be commit 5b9a7ab901bc311f3ad08462a8a68d133c34a8b4)
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch.
pass also the negociation flags all the way.
all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient.
in the future we will be able to call auth_2 or auth_3 as we want.
J.F.
(This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
we now do this:
- look for suported SASL mechanisms on the LDAP server
- choose GSS-SPNEGO if possible
- within GSS-SPNEGO choose KRB5 if we can do a kinit
- otherwise use NTLMSSP
This change also means that we no longer rely on having a gssapi
library to do ADS.
todo:
- add TLS/SSL support over LDAP
- change to using LDAP/SSL for password change in ADS
(This used to be commit b04e91f660d3b26d23044075d4a7e707eb41462d)
might be ugly, etc - please don't blame me for anything but instead try to fix
the code :-). Compiling of the new sam system can be enabled with the
configure option --with-sam
Removing passdb/passgrp.c as it's unused
fix typo in utils/testparm.c
(This used to be commit 4b7de5ee236c043e6169f137992baf09a95c6f2c)
