IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 12 14:51:56 UTC 2024 on atb-devel-224
A simple samba-tool shell, can be quite useful to play around with the ldb database and models.
All models get imported and the samdb connection variable made available.
Example usage:
bin/samba-tool shell -H <host> --workgroup <workgroup> --realm <realm>
>>> silos = AuthenticationSilo.query(ldb)
>>> for silo in silos:
... print(silo)
...
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 15 03:51:55 UTC 2023 on atb-devel-224
idmap config <DOMAIN> : backend = nss
idmap config <DOMAIN> : use_upn = yes|no
When translating a Unix ID to a SID the module calls get[pwu|grg]id() but the
name returned by some NSS modules might be a UPN instead of a plain name. If
the new parameter is enabled the returned name will be parsed and correctly
handled.
On the other hand, when translating a SID to a Unix ID the module first
resolves the SID to a domain + name, and then calls get[pw|gr]name() with the
plain name, or the UPN if the new parameter is enabled.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 15 18:52:16 UTC 2023 on atb-devel-224
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 15 05:00:58 UTC 2023 on atb-devel-224
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The args --user-tgt-lifetime-mins, --service-tgt-lifetime-mins and
--computer-tgt-lifetime-mins suffixed with -mins to be consistent
with Windows tooling.
For these, the internal names don't need to change and neither do
the model fields, only the external cli interface has this.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
doesn't make much sense to set all 3 to the same policy, user authentication policy, service authentication policy, computer authentication policy
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 25 23:20:33 UTC 2023 on atb-devel-224
Allows disabling validation of AfpInfo stream data. It seems in data migration
scenarios from other SMB servers to Samba with fruit, somehow such invalid
streams are present on the source SMB server and can't be copied to Samba.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
For --merge-by-timestamp the traces do not need to contain the traceid
header field.
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Jul 20 19:14:05 UTC 2023 on atb-devel-224
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 19 04:29:15 UTC 2023 on atb-devel-224
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This was clearly copied from the tdb2 backend and incompletely edited.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jul 10 23:47:12 UTC 2023 on atb-devel-224
The name of the placeholder is misleading. It certainly isn't per
domain, so we might as well indicate that it is per range.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
The statement just above the example says the example demonstrates the
use of the base_rid parameter. It doesn't, so fix this.
Also fix a typo.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Found by Rob van der Linde <rob@catalyst.net.nz>.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 26 00:52:29 UTC 2023 on atb-devel-224
This has been removed, we have support for an authentication file.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 31 08:25:11 UTC 2023 on atb-devel-224
With these options, certain OUs can be denied or a list of OUs can be
explicitly permitted for idmapping.
Use case: Administration of OUs in AD has been delegated to people not
100% trusted by the unix server team, this can prevent arbitrary unix
IDs to be assigned by these delegated admins.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Document how the `ceph:filesystem` parameter allows one to select
the cephfs file system to use for the share.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Feb 24 05:37:57 UTC 2023 on atb-devel-224
Previously, the manpage hinted that the `ceph:user_id` parameter derived
a default value from the process id. This implies that it referring
to the PID but this is not what libcephfs actually does. Rather, this
param is used to derive the `client.<id>` authorization name ceph uses.
This mistake probably originates in a comment in the libcephfs header.
When I first started using the vfs_ceph module this confused me as I
didn't know what to use to get access to my cluster. Eventually, after
reading both docs and code I found that it does not use the pid but
defaults to a value in the ceph client library (typically "admin").
Therefore, if you are using commands like `ceph fs authorize x
client.foo` or `ceph auth get client.bar` to authorize a client you
would supply smb.conf with `ceph:user_id = foo` or `ceph:user_id = bar`
respectively. These entries then need corresponding entries in your
ceph keyring file.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
For now it only allows the admin to modify
the msDS-SupportedEncryptionTypes values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>