1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

204 Commits

Author SHA1 Message Date
Günther Deschner
4122dabbf9 net: abort when lp_realm is not set in net_ads_leave().
Guenther
(This used to be commit 53735edcbb)
2008-04-14 22:58:38 +02:00
Günther Deschner
113b94faf1 net: exit early in net_ads_join() if the domain is not set.
Guenther
(This used to be commit 8331fbe735)
2008-04-14 16:16:25 +02:00
Günther Deschner
bc65d96782 net: use WERROR for check_ads_config().
Guenther
(This used to be commit 9176057986)
2008-04-14 16:13:52 +02:00
Günther Deschner
fffb304fec net: the success of secrets_init is checked by libnetjoin now.
Guenther
(This used to be commit 0a6a5d0824)
2008-04-14 15:47:30 +02:00
Volker Lendecke
7af3ebdac0 Fix Coverity ID 480
(This used to be commit 45677e8694)
2008-03-23 18:28:23 +01:00
Günther Deschner
5259a7a808 Enable libnetjoin debugging for now but avoid printing passwords.
The gen_ndr needs proper fixing still.

Guenther
(This used to be commit 966d7244d7)
2008-03-07 18:31:13 +01:00
Günther Deschner
f7b4485fbe Move talloc_init to the right place in "net ads join".
Guenther
(This used to be commit 8cd07c1fa8)
2008-03-04 11:04:36 +01:00
Günther Deschner
27310f0768 Remove original copy of now redundant join code.
Jerry, I checked this very carefully that nothing got lost. The only thing I need to
re-add still is the normalized DN handling for account precreation in "net ads join".

Guenther
(This used to be commit a5c6347644)
2008-02-28 19:54:35 +01:00
Günther Deschner
642f46dcf9 Some fixes for net ads join (uninitialized vars).
Guenther
(This used to be commit 735235e32b)
2008-02-28 14:29:44 +01:00
Günther Deschner
e5775b4fae Use libnet_Join() for "net ads join".
Guenther
(This used to be commit 9a7a2777e4)
2008-02-28 14:19:36 +01:00
Günther Deschner
4d55efe4ab Nicen error output in net_ads_leave.
Guenther
(This used to be commit b0d1db95e5)
2008-02-28 14:11:21 +01:00
Günther Deschner
bbe6d400e7 Re-arrange dns update block during "net ads join" a little.
Guenther
(This used to be commit 5d30e9f9fe)
2008-02-28 13:04:30 +01:00
Günther Deschner
42e301570b Use libnet_Unjoin() for "net ads leave".
Guenther
(This used to be commit 11a19e88e2)
2008-02-28 12:09:06 +01:00
Günther Deschner
c3ef76593b Some cosmetics for net_derive_salting_principal().
Guenther
(This used to be commit 6f8e83b430)
2008-02-28 11:38:00 +01:00
Günther Deschner
965774fa8f Fix some more callers of PAC_DATA.
Guenther
(This used to be commit ea609d1b0e)
2008-02-17 02:12:00 +01:00
Günther Deschner
c920764b19 Apply const to rpccli_lsa_query_info_policy() and rpccli_lsa_query_info_policy2().
Guenther
(This used to be commit 7a3fe68bef)
2008-01-15 16:40:22 +01:00
Volker Lendecke
2b14428330 Fix some warnings -- Jeremy, please check
(This used to be commit b66ac8567c)
2008-01-15 11:01:18 +01:00
Günther Deschner
83b1751615 Remove unused string.
Guenther
(This used to be commit 88d6683872)
2008-01-10 13:02:10 +01:00
Günther Deschner
62c91987d9 Use ads_get_upn() in net_derive_salting_principal().
Guenther
(This used to be commit a3b348b113)
2008-01-08 14:07:18 +01:00
Jeremy Allison
7faee02d0d Remove the char[1024] strings from dynconfig. Replace
them with malloc'ing accessor functions. Should save a
lot of static space :-).
Jeremy.
(This used to be commit 52dc5eaef2)
2007-12-10 11:30:37 -08:00
Jeremy Allison
de7fd585b1 The usual !pstring...
Jeremy.
(This used to be commit b676262a78)
2007-12-04 16:56:18 -08:00
Günther Deschner
4b9f336a62 Move param helper routines to one place.
Guenther
(This used to be commit 6bf2c8038c)
2007-11-30 22:25:01 +01:00
Volker Lendecke
1011b32678 Remove some statics
(This used to be commit 1fab16ffb8)
2007-11-27 14:18:47 +01:00
Jeremy Allison
f88b7a076b This is a large patch (sorry). Migrate from struct in_addr
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c312)
2007-10-24 14:16:54 -07:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
2007-10-18 17:40:25 -07:00
Michael Adam
34af42e87e r25201: Fight those red bars...
(This used to be commit cc4599fdc1)
2007-10-10 12:30:51 -05:00
Michael Adam
75f82d454f r25200: Fix a debug message.
(This used to be commit f1f4758e2c)
2007-10-10 12:30:51 -05:00
Michael Adam
4dc265d6a0 r25198: Change net_rpc_join_ok() to return NTSTATUS for better
error propagation.

Michael
(This used to be commit 5a16da2185)
2007-10-10 12:30:50 -05:00
Rafal Szczesniak
00737da4f4 r24853: Rename function as Jerry asked.
s/net_use_upn_machine_account/net_use_krb_machine_account/

rafal
(This used to be commit 86af9fedad)
2007-10-10 12:30:28 -05:00
Rafal Szczesniak
48853f0bad r24789: Add implementation of machine-authenticated connection to netlogon
pipe used when connecting to win2k and newer domain controllers. The
server may be configured to deny anonymous netlogon connections which
would stop domain join verification step. Still, winnt domains require
such smb sessions not to be authenticated using machine credentials.
Creds employed in smb session cannot have a username in upn form, so
provide the separate function to use machine account.

rafal
(This used to be commit 30d99d8ac3)
2007-10-10 12:30:21 -05:00
Günther Deschner
201f0e1ce4 r24432: Expand kerberos_return_pac() so that it can be used in winbindd.
Guenther
(This used to be commit e70bf0ecc3)
2007-10-10 12:29:46 -05:00
Volker Lendecke
a81c8b2a28 r24107: Fix bug 4849. Thanks to Matthijs Kooijman <matthijs@stdin.nl>
(This used to be commit 6e6eea64a5)
2007-10-10 12:29:07 -05:00
Günther Deschner
2349acdd43 r23973: For debugging, add (undocumented) net ads kerberos commands (kinit, renew,
pac).

Guenther
(This used to be commit 4cada7c148)
2007-10-10 12:28:51 -05:00
Günther Deschner
7d3e5834ec r23968: Harmonize net's password prompts.
Guenther
(This used to be commit 7e2fb14d6e)
2007-10-10 12:28:50 -05:00
Stefan Metzmacher
809c9d4d31 r23888: move elements belonging to the current ldap connection to a
substructure.

metze
(This used to be commit 00909194a6)
2007-10-10 12:28:38 -05:00
Günther Deschner
c252b04abf r23834: Allow to pass an ADS_STRUCT pointer down to the dump function callback in
libads.

Guenther
(This used to be commit 311bbbafa6)
2007-10-10 12:28:32 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc)
2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b)
2007-10-10 12:28:20 -05:00
Günther Deschner
a2618aa8d5 r23648: Allow to list a custom krb5 keytab file with:
net ads keytab list /path/to/krb5.keytab

Guenther
(This used to be commit a2befee3f2)
2007-10-10 12:23:41 -05:00
Volker Lendecke
e95942ed84 r22954: More messaging_register
(This used to be commit 9b8df24107)
2007-10-10 12:22:11 -05:00
Volker Lendecke
e6383f4762 r22736: Start to merge the low-hanging fruit from the now 7000-line cluster patch.
This changes "struct process_id" to "struct server_id", keeping both is
just too much hassle. No functional change (I hope ;-))

Volker
(This used to be commit 0ad4b1226c)
2007-10-10 12:21:52 -05:00
Gerald Carter
cfc4946ebf r22729: add help text for osver and osname options to 'net ads join' (patch from Dnailo A.)
(This used to be commit 3f588e0b65)
2007-10-10 12:21:51 -05:00
Gerald Carter
3eca3af1bc r22728: Patch from Danilo Almeida <dalmeida@centeris.com>:
When asked to create a machine account in an OU as part
of "net ads join" and the account already exists in another
OU, simply move the machine object to the requested OU.
(This used to be commit 3004cc6e59)
2007-10-10 12:21:51 -05:00
Günther Deschner
1ee9650a1d r22479: Add "net ads keytab list".
Guenther
(This used to be commit 9ec76c5427)
2007-10-10 12:19:37 -05:00
Gerald Carter
2af42eaaa3 r21888: Add the osname and osver options to 'net ads join' as discussed
on the samba-technical ml.

I'll add a 'net ads set attribute=value' utility later
rather than the original 'net ads setmachineupn' patch that
was also posted to the tech ml.
(This used to be commit 5035778ae4)
2007-10-10 12:18:45 -05:00
Jeremy Allison
8e00e9d7a6 r21609: Fix memory leaks in error code paths (and one in winbindd_group.c).
Patch from Zack Kirsch <zack.kirsch@isilon.com>.
Jeremy.
(This used to be commit df07a662e3)
2007-10-10 12:18:16 -05:00
Jeremy Allison
fae01b4899 r21608: Fix a couple of memleaks in error code paths before
Coverity finds them :-)
Jeremy.
(This used to be commit cbe725f1b0)
2007-10-10 12:18:16 -05:00
Simo Sorce
e9e6af5951 r21606: Implement escaping function for ldap RDN values
Fix escaping of DN components and filters around the code
Add some notes to commandline help messages about how to pass DNs

revert jra's "concistency" commit to nsswitch/winbindd_ads.c, as it was
incorrect.
The 2 functions use DNs in different ways.

- lookup_usergroups_member() uses the DN in a search filter,
and must use the filter escaping function to escape it
Escaping filters that include escaped DNs ("\," becomes "\5c,") is the
correct way to do it (tested against W2k3).

- lookup_usergroups_memberof() instead uses the DN ultimately as a base dn.
Both functions do NOT need any DN escaping function as DNs can't be reliably
escaped when in a string form, intead each single RDN value must be escaped
separately.

DNs coming from other ldap calls (like ads_get_dn()), do not need escaping as
they come already escaped on the wire and passed as is by the ldap libraries

DN filtering has been tested.
For example now it is possible to do something like:
'net ads add user joe#5' as now the '#' character is correctly escaped when
building the DN, previously such a call failed with Invalid DN Syntax.

Simo.
(This used to be commit 5b4838f62a)
2007-10-10 12:18:16 -05:00
Volker Lendecke
caf8c6a76b r21064: The core of this patch is
void message_register(int msg_type,
                      void (*fn)(int msg_type, struct process_id pid,
-                                void *buf, size_t len))
+                                void *buf, size_t len,
+                                void *private_data),
+                     void *private_data)
 {
        struct dispatch_fns *dfn;

So this adds a (so far unused) private pointer that is passed from
message_register to the message handler. A prerequisite to implement a tiny
samba4-API compatible wrapper around our messaging system. That itself is
necessary for the Samba4 notify system.

Yes, I know, I could import the whole Samba4 messaging system, but I want to
do it step by step and I think getting notify in is more important in this
step.

Volker
(This used to be commit c8ae60ed65)
2007-10-10 12:17:32 -05:00
Gerald Carter
fe830f22c9 r20903: Replace the hardcoded "smb.conf" string with the dyn_CONFIGFILE
(This used to be commit ff8f27108d)
2007-10-10 12:17:18 -05:00