IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
for all sorts of AD things in lp_realm(). We need to get some non-Win2k
NTLMSSP and chase this up a bit, but this will do for now.
(Hmm, this might affect NTLMv2 as well)
Andrew Bartlett
pdb_ldap and adds a 'ldap passwd sync' option.
The idea with this option is to do allow an ldap backend to do all the fancy
password hashing etc - and to tell smbd no to try and double-up. Using 'ldap
passwd sync = only' will do this, but is not recommended unless such a backend
is in place...
Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd
sync = yes' and having both PAM and pam_ldap correctly configured for 'magic
root' behaviour, but only using ldap connection, and one set of credentials.
This also gets us closer to allowing ldap to say 'password too short' etc,
which might assist in maintaining a consistant password policy.
Andrew Bartlett
add command-line option to samtest to specify alternate config file - use /dev/null
to don't load any config file..
add 'conf' command to load specified config file
that just don't apply any more - now that we always keep username and domain
seperate. Also, the policy it was trying to permit is now implemented by the
auth code.
Andrew Bartlett
- Allocate sam_methods, set domain_sid, domain_name and backend_name in make_sam_methods_backend_entry instead of in the backend
- Remove sam_context and domain_sid pointers from the sam_init_function - we don't need those arguments anymore since they're
available in sam_methods as well
getsid, then join as a BDC, and then watch net rpc vampire suck out
the good stuff out of a PDC :-). It's not perfect, but it does quite a
bit for me. Watch out for more.
Volker
to a native NT member server. If the logoff time in the samlogon reply
is set to something else but infinity, the tree connect to the member
server comes back with 'bad uid'. In my traces, NT PDC sends
0x7fff.. always. Weird, but true.
I would really like others to double-check this. If you have questions
regarding the setup, feel free to ask!
Thanks!
Volker
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.
Volker
exist and add them if necessary from check_correct_backend_entries into
sam_context_check_default_backends. The reason for this is that we don't
always want to have BUILTIN and lp_workgroup() in a sam_context, for example
when doing sam2sam. check_correct_backend_entries has been renamed to
'check_duplicate_backend_entries' since that's what it currently does.
The sam_context_check_default_backends() function is only called
by sam_get_static_context(BOOL reload) currently currently.
