1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-04 00:59:13 +03:00
Commit Graph

184 Commits

Author SHA1 Message Date
32a965e09c 2nd phase of head branch sync with SAMBA_2_0 - this delets all the files that were in the head branch but weren't in SAMBA_2_0
(This used to be commit d7b2087865)
1999-12-13 13:35:20 +00:00
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
4f8a24522c final part of "first" phase converting over to msrpc daemon architecture.
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage.  this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there.  for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.

this first implementation has minor problems with not reinstantiating
the same services as the caller.  the "homes" service is a good example.
(This used to be commit caa5052522)
1999-12-12 20:03:42 +00:00
86ac6fa938 fixing joining to domain plus something weird going down with nt logins...
(This used to be commit cef258f1c9)
1999-12-01 19:25:51 +00:00
cc8df5ce49 attempting to get nt5 wksta to join domain.
1) had to fix samr "create user" and "set user info" (level 23).

2) had to fix netlogon enum trust domains

3) registry key needed \\ in it not \.
(This used to be commit 70b2c1ecbb)
1999-11-16 21:14:53 +00:00
4952c11dad Whoops ! Being over-paranoid is not good.
J.F.
(This used to be commit 706acb17cf)
1999-09-24 07:28:46 +00:00
31160de2b8 use gecos field to fill the full_name
don't overwrite backend values with defaults values.

	J.F.
(This used to be commit a204a9adb8)
1999-09-23 15:59:20 +00:00
1e3490dda9 Fixed an annoying bug in the LDAP code. Attributes not present in the
LDAP database were being initialised using unix_to_nt_time on -1, rather
than -1 as an NTTIME (which is very different).

Problems solved (hopefully):
* "Access Denied" when accessing an NT share in a Samba controlled domain.
* "Your password has expired" sometimes when logging in.
(This used to be commit 740d8388cb)
1999-09-22 04:32:19 +00:00
ddf33698b5 - initialising mach_passwd_file locks to zero (prev. uninit.)
- cleanup

- #defined report to sprintf as it's #defined to another function in
  other uses of cmd_lsarpc.c
(This used to be commit 8fb2ff247a)
1999-09-12 22:40:27 +00:00
6a5a4e8186 BDC support.
(This used to be commit 2331aa32ab)
1999-07-21 00:32:09 +00:00
1f33d5a8aa code from bertl to allow remap of default built-in names to anything.
parameter is "builtin rid file".
Copyright 1999 Bertl <bp@vpnet.at>
(This used to be commit 80d3677843)
1999-07-14 19:21:44 +00:00
0ad513f42c renamed getfilepwent() and endfilepwent() to getfileent() and endfileent()
as they are generic "file line-by-line" reading routines.  lines with
"#" at the front are ignored (as comments).  this code started out as
the password file reading code.
(This used to be commit ef6df590fd)
1999-07-13 19:54:40 +00:00
4820c47801 NULL pwdb_xxx_map_names() parameter can be passed here (which is a bug
anyway!)
(This used to be commit 91d5bda9ad)
1999-07-11 19:15:53 +00:00
019d80f597 issues with pwdb_sam_map_names() and pwdb_smb_map_names() returning NULL.
found by Bertl <bs@vpnet.at>
(This used to be commit 389c17a225)
1999-07-08 18:44:50 +00:00
264459d25a added debug reporting to pwdb_sam_map_names() and pwdb_smb_map_names()
(This used to be commit baab308152)
1999-07-07 18:44:58 +00:00
73891ca8e4 improving authentication code (tidyup).
(This used to be commit ab1a6aa42d)
1999-06-29 18:47:06 +00:00
731c7f2ecf Moved code that changes the pw_passwd entry (i.e shadow password and
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.

Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
(This used to be commit 36d7cb4ccc)
1999-06-13 04:14:24 +00:00
150645f955 Jani Jaakkola's "getpwuid() / getpwnam()" hash-cache-hack
(This used to be commit 899fc053c5)
1999-05-06 18:05:45 +00:00
068e77c861 "User Manager" - create user + change password now work.
next problem: user group adding not supported so an "access denied"
message is reported instead of "ok" when a new user is created.
(This used to be commit f5f61bd477)
1999-03-25 21:32:04 +00:00
3b07eff9ea fixed issues with "Welcome to SAMBA Domain" for when admin user/pass is
used to add workstation to domain.  unix account db not modified: only
SAM password db is used.
(This used to be commit 129a9a4d4b)
1999-03-25 20:56:28 +00:00
43a460075a SAM database "set user info".
----------------------------

- removed DOM_RID4

- removed SAMR_UNKNOWN_32

- added SAMR_SET_USERINFO (opcode 0x32)

- added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user)

- fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

- added mod_sam21pwd_entry()

- preparing to call mod_sam21pwd_entry()

- added "user session key" to user_struct.dc.  this is md4(nt#) and is
  needed to decode user's clear-text passwords in SAMR_SET_USERINFO.

- split code out in chgpasswd.c to decode 516 byte password buffers.
(This used to be commit 2e58ed7424)
1999-03-25 13:54:31 +00:00
3fa7f643f2 #if defined(HAVE_MYSQL_H) || defined(WITH_MYSQLSAM)
should instead have &&.
(This used to be commit 1143fd4297)
1999-03-23 14:14:12 +00:00
6e88171bac new "domtrust" test command. r&d into inter-domain trust accounts.
(This used to be commit 65b0abe8b7)
1999-03-12 05:47:06 +00:00
6a4239c8b0 static password space needed.
(This used to be commit 5b1d078900)
1999-03-10 17:32:41 +00:00
a3c6e96a22 mods to allow inter-domain trust accounts to be added to SAM database
using smbpasswd command.
(This used to be commit 62d499f832)
1999-03-09 01:21:57 +00:00
269f11bfa9 pass_check.c could receive encrypted password: printing it out as a %s
results in garbage.  with no password length argument doing dump_data(
100, password, strlen(password)) is the next best alternative.
(This used to be commit 073c8652c1)
1999-03-08 18:43:50 +00:00
3e99124f21 spelling mistake, #ifdef'd out for non-developers (oops!)
(This used to be commit 167b0b20e3)
1999-03-05 22:37:02 +00:00
caa34b37e4 Benjamin Kuit's mods.
(This used to be commit eb63fbdb68)
1999-03-05 22:03:04 +00:00
00d86ccb1c Benjamin Kuit's latest mysql mods. issue with "make proto" needs to be
resolved.
(This used to be commit d59a2e669a)
1999-03-03 20:48:48 +00:00
236cea4efa Benjamin Kuit's MYSQL SAM Database implementation.
Copyright (C) Benjamin Kuit <bj@mcs.uts.edu.au> 1999.
(This used to be commit fdf61e1dab)
1999-03-01 16:31:14 +00:00
3b12477f34 pwdb_smb_to_sam was not returning NULL for nt name so that
pwdb_sam_map_names() was using a "blank" static string instead of
a NULL pointer for nt names.  NULL means over-ride, so the nt name
got left as "blank".

this causes nt clients to terminate with extreme prejudice.
(This used to be commit ddd3501982)
1999-02-09 16:01:28 +00:00
6d698d51b3 iteration of sam passwd entries was an order n-cubed algorithm due
to resolution of unix name to nt name being unnecessarily _inside_
another loop.
(This used to be commit d455c9d2c9)
1999-02-08 00:24:57 +00:00
960c760be0 Fixed a domain functionality problem where NT clients would start
endlessly repeating a network SAMLOGON (hoping it to change, hmmm...).

( Guess what I found in pwdb_init_sam...

  unix_to_nt_time(&user->logon_time, (time_t)-1);
  unix_to_nt_time(&user->logoff_time, (time_t)-1);
  unix_to_nt_time(&user->kickoff_time, (time_t)-1);
  ... )
(This used to be commit e9c79c85e6)
1999-02-01 02:37:45 +00:00
c35bf45785 Finally committing my LDAP changes.
* Added new APIs for modifying groups.
* RIDs are allocated similarly to NT, starting from 1000 and incrementing by 1
  for each new user/group.
* RIDs are now consistently in hex

* Fixed bugs reported by Allan Bjorklund <allan@umich.edu>:
   - ldap_close_connection is exported by OpenLDAP - changed to ldap_disconnect
   - Missing ldap_connect() in getusergroups functions
   - ldap_next_entry was being called too early while retrieving a sam_struct
   - LDAP globals should be extern in sampassldap.c

* Fixed bugs reported by Martin Hofbauer <mh@bacher.at>
   - Newly added workstation trust accounts had attributes DU rather than W.
   - User dn's were forced to start with "uid=XX" rather than using the existing
     dn.
(This used to be commit 91c77f5432)
1999-01-15 05:00:26 +00:00
b86b8a3ea8 Fixed the "You password will expire in 0 days. Would you like to
change it now?" message when you login to a Samba Controlled domain.

The fix is a hard coded 42 days from right now until you need to
change you pasword again time (see passdb/sampassdb.c:pwdb_smb_to_sam())

Also fixed getsmbfilepwent() so that it will read in the last password
change time correctly.

* Related to this lib/util_pwdb.c:StrnCaseCmp() returns 0 if the
strings match.  Chouldn't this be the pther way?  Oh well.  I
didn't change the return code as it was used in several
other cases (see lib/util_pwdb.c:pwdb_get_last_set_time())
(This used to be commit 175e598dcc)
1999-01-13 00:48:25 +00:00
d4385df3e8 trying to track down issues in get_home_dir().
(This used to be commit 2cce78aa00)
1998-12-14 20:21:39 +00:00
41daca8ceb %U substitution should be unix user not nt user
(This used to be commit f4b8a28306)
1998-12-11 19:27:19 +00:00
3cca46f27e ldap_getpw() also needs to be (void)
(This used to be commit f36cf3b6a7)
1998-12-08 00:33:05 +00:00
0125141f86 compilation warnings due to missing (void) in ldap_close_connection.
(This used to be commit f11eb41658)
1998-12-08 00:30:23 +00:00
4323fd4072 added ldap files by Matthew Chapman.
(This used to be commit 2bc031e8fa)
1998-12-07 22:52:49 +00:00
656a7565e9 Matthew Chapman spotted that smbpasschange was assuming the existence
of a private/smbpasswd file, this will not be the case for other
database APIs.  removed startsmbdb and endsmbpwdb calls because
add_smbpwd_entry() and mod_smbpwd_entry() don't need them.
(This used to be commit 8b36c7c08f)
1998-12-07 22:52:13 +00:00
699bae847f matthew chapman's ldap code, to date. plus docs!
(This used to be commit 2c438c86cb)
1998-12-07 21:37:17 +00:00
c6ad04b8fb attempting to fix "domain user map" up, but it's a bit complicated.
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.

might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...


issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.

noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419)
1998-11-30 22:42:13 +00:00
279923efd3 passdb.c now calls getpwnam() which returns results in a static buffer.
a call _outside_ of this was _also_ calling getpwnam.   the calls to
getsmbpwnam() were therefore overwriting the static buffer.
(This used to be commit c5ba5fa6fe)
1998-11-30 20:42:49 +00:00
31044dd8e6 - adding builtin[alias]db.
- lib/sids.c:

	generate_sam_sid() modified to take a domain name: it now
	generates "DOMAIN_NAME.SID".  reasons:

	1) if you run multiple samba servers on the same machine
	under different netbios names as members of a domain,
	they won't all use the same SID, which is a _big_ mistake
	but it would happen _by default_.

	2) we have (had) a problem with sid_to_string() and string_to_sid()
	which cause SIDs to be incorrectly read.  one of the major
	reasons for *NOT* making this change was so as not to disrupt
	existing users.  but as they will be anyway by this bug,
	we might as well go ahead.

- passdb/smbpass.c:

	wanted to change the meaning of the name in the smbpasswd
	file to an "nt" name not a "unix" name.  this is probably
	not a good idea: reverted this.

- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48)
1998-11-30 15:08:58 +00:00
53373894ac "retired" two modules to preserve their cvs history.
added their replacements, added sam password database API modules
(This used to be commit b1d1c1337c)
1998-11-29 20:06:52 +00:00
30038de462 weekend work. user / group database API.
- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7)
1998-11-29 20:03:33 +00:00
b20fc00464 we have a problem: resolution of "Primary Group RID" which we assumed
would only be a domain group rid.  it can also be a local group rid,
which causes us problems in attempting to turn a unix gid into the
correct rid (domain group or local group).

sooo.... the fix is _in_ there, we just can't use it because it causes
link / knock-on problems in nmbd.
(This used to be commit e4ee653870)
1998-11-26 00:48:31 +00:00
9a0cb06b24 fixing group database issues
(This used to be commit 591c63e3e1)
1998-11-25 23:11:25 +00:00
59d4087160 LsaLookupNames client call (first used as lookupnames command in rpcclient).
(This used to be commit 68342a29a8)
1998-11-25 19:57:04 +00:00