IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Some of the ads methods just point to the rpc methods.
This makes winbindd_ads use the reconnect methods instead of
calling the rpc methods directly in order to prevent
negative cache entries for e.g. name_to_sid, when the dc
has closed the connection without sending a reset.
Michael
The ads lookup_groupmem() function calls lda_lookupsids to resolve sids
to names. This is tried only once. So in case the connection was broken,
e.g. closed by the server (without a reset packet), there will be an empty
GM/ cache entry for the requested group which will prevent proper working
of access checks among other checks for the expiry period.
This patch works around this problem by retrying once if the lsa_lookupsids
call fails, re-establishing the dc-connection, as we already do in many other
places (e.g. the winbindd retry methods for the rpc layer).
Michael
Restructures parts of open code so that fsp must be allocated before calling
open_file_ntcreate(_internal). Also fix up file ref-counting inside files.c.
Jeremy.
When freeing the talloc ctx at the end of the routine,
it must be a talloc ctx created inside. talloc_tos() needs
to be valid after the function finishes, since callers
(may) have data attached to it.
Michael
Signed-off-by: Günther Deschner <gd@samba.org>
The idmap_tdb backend already provides an interface to remove existing id
mappings. This commit plumbs that ability up through, winbindd, libwbclient,
and wbinfo.
Added new winbindd command:
WINBINDD_REMOVE_MAPPING
Added new libwbclient interfaces:
wbcRemoveUidMapping() and wbcRemoveGidMapping()
Added new wbinfo options:
--remove-uid-mapping
--remove-gid-mapping
Increased libwbclient version to 0.2
Increased winbind interface version to 20
The two new parameters are:
--set-uid-mapping
--set-gid-mapping
These allow wbinfo to create new, or override existing id mappings in the
idmap backend. These expose the exisiting ability of libwbclient
and winbindd to do this, up through a command line utility.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
With
case sensitive = yes
preserve case = no
short preserve case = no
default case = upper
a "dir FOO.txt" would not find "FOO.TXT" because FOO.txt ends up unconverted in
the mask for mask_match.
Jeremy, please check!
Volker
