1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

252 Commits

Author SHA1 Message Date
Jeremy Allison
19ca97a70f r7882: Looks like a large patch - but what it actually does is make Samba
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145)
2007-10-10 10:58:00 -05:00
Volker Lendecke
e6ef7ba7a4 r7730: Some merges
(This used to be commit 5b4720598b)
2007-10-10 10:57:20 -05:00
Volker Lendecke
4853a5d509 r6774: Fix 2 memleaks
(This used to be commit 6af57d4bae)
2007-10-10 10:56:54 -05:00
Gerald Carter
dbd5c968d7 r5951: gotta love that SGI compiler :-) (thanks Jason)
(This used to be commit e84d070275)
2007-10-10 10:56:10 -05:00
Volker Lendecke
bc10e4067a r5421: Fix a memleak
(This used to be commit a7df3b5f06)
2007-10-10 10:55:40 -05:00
Günther Deschner
6c84ecb556 r5349: After talking with Jerry, reverted the addition of account policies to
passdb in 3_0 (they are still in trunk).

Guenther
(This used to be commit fdf9bdbbac)
2007-10-10 10:55:38 -05:00
Gerald Carter
25edc545fc r5337: BUG 1439: make sure to initialize pointer to prevent invalide free()'s on exit
(This used to be commit a882a349df)
2007-10-10 10:55:38 -05:00
Günther Deschner
26dcc2aa74 r5058: Due to the fragileness how windows reacts on unmapped sids sometimes,
don't leave administator-sid unmapped. Simply return "Administrator"

Guenther
(This used to be commit 168ddf31d1)
2007-10-10 10:55:13 -05:00
Günther Deschner
de87569cfb r4988: After speaking with Jerry, remove old lp_admin_users to
administrator-sid mapping completely.

Guenther
(This used to be commit 4cbe37ecd5)
2007-10-10 10:55:10 -05:00
Günther Deschner
0b3889e346 r4964: Fix our lsa lookupsid $OURDOMAINSID-500.
Give the admin-user (rid 500) a chance to be found in passdb, not
returning the (possibly obscure) first entry of "admin users" before
that.

Guenther
(This used to be commit d319c0e189)
2007-10-10 10:55:09 -05:00
Günther Deschner
b4afdc08d5 r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.

Guenther
(This used to be commit 75af83dfcd)
2007-10-10 10:55:08 -05:00
Gerald Carter
811df6699c r4860: fix silly limitation in ldapsam and tdbsam. Expand variables in the profile path, logon home and logon script values
(This used to be commit 504ea4ac68)
2007-10-10 10:54:00 -05:00
Jeremy Allison
acf9d61421 r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f)
2007-10-10 10:53:32 -05:00
Günther Deschner
7c93bdcdf8 r3875: Allow to look up at least or own sid in _lsa_lookup_sids.
This fixes Bugzilla #1076 and Exchange 5.5 SP4 can then be finally
installed on NT4 in a samba-controlled domain.

Guenther
(This used to be commit bb191c1098)
2007-10-10 10:53:22 -05:00
Volker Lendecke
55fe875a44 r3563: During a typical logon a modern workstation makes a lot of anonymous session
setups on its way to open a pipe. This gets rid of many round-trips to the
LDAP server during logon by setting up the server_info_guest once and not
asking the LDAP server and nss every time. Make sure that the ldap connection
is reopened in the child. (I did not look at the sql backends.)

Volker
(This used to be commit 3298f6105e)
2007-10-10 10:53:09 -05:00
Volker Lendecke
9723edd84f r1906: Revert lukeh's change for primary uid/gid change. This creates a recursion
loop between uid_to_sid -> getsampwnam -> uid_to_sid. It needs further
inspection.

Volker
(This used to be commit 67d8bc4853)
2007-10-10 10:52:23 -05:00
Jeremy Allison
5cd11b7127 r1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly use
uid_to_sid() and gid_to_sid() in pdb_set_sam_sids().
Jeremy.
(This used to be commit dae084d713)
2007-10-10 10:52:22 -05:00
Jeremy Allison
c9e0625f57 r1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" as
that's what it actually does, and "fallback_" is just
confusing.
Jeremy.
(This used to be commit f44b4ba381)
2007-10-10 10:52:22 -05:00
Jeremy Allison
bdab948fcf r1810: Patch from Richard Renard <rrenard@idealx.com> to store
logon hours attributes in an LDAP database.
Jeremy.
(This used to be commit dac72638fb)
2007-10-10 10:52:21 -05:00
Jeremy Allison
2723be1239 r1661: Changed the password history format so that each history entry
consists of a 16 byte salt, followed by the 16 byte MD5 hash of
the concatination of the salt plus the NThash of the historical
password. Allows these to be exposed in LDAP without security issues.
Jeremy.
(This used to be commit 82e4036aaa)
2007-10-10 10:52:17 -05:00
Jeremy Allison
1fca1fd8d7 r1539: If a account was locked out by an admin (and has a bad password count of zero)
leave it locked out until an admin unlocks it (but log a message).
Jeremy.
(This used to be commit 14bd2a9ffc)
2007-10-10 10:52:14 -05:00
Jeremy Allison
d4ac326d46 r1412: Fix password history list in tdbsam. Fix some memory leaks. Add
my (C) to a header file that was at least 50% mine :-).
Jeremy.
(This used to be commit 8ee6060977)
2007-10-10 10:52:10 -05:00
Jeremy Allison
10f0c34a2a r1392: Added password history code to tdbsam backend. Not yet tested (ie. may
core dump) but compiles and links correctly. I will run the full set of
tests on the ldap sam and the tdb sam for password history tomorrow.
Jeremy.
(This used to be commit ac846420d0)
2007-10-10 10:52:09 -05:00
Volker Lendecke
4e1b26db34 r989: Calling sid_to_gid from within winbind makes no sense, as this calls
winbind_sid_to_gid. For the consistency check, local_sid_to_gid must set the
name_type it found.

Volker
(This used to be commit 5070c1b68f)
2007-10-10 10:51:52 -05:00
Jeremy Allison
52ddd54083 r801: Fix from "Jianliang Lu" <j.lu@tiesse.com> to return correct group
types.
Jeremy.
(This used to be commit d97b9146a1)
2007-10-10 10:51:46 -05:00
Richard Sharpe
7cb9ca16f6 r505: Break out algorithmic_gid_to_sid so that those of us who need it can use it.
(This used to be commit 5d7ee320cc)
2007-10-10 10:51:26 -05:00
Richard Sharpe
fc62b9fcc1 r501: Fix a small cut-n-pasteo ...
(This used to be commit b1825184d3)
2007-10-10 10:51:26 -05:00
Volker Lendecke
0d6acfe19a r316: Fix split_domain_name. This defaulted to get_myname() instead of
get_global_sam_name().

Error case: Adding a domain user to a XP local group did a lsalookupname on
the user without domain prefix, and this then failed.

Jerry: This is a must-fix before 3.0.3.

Volker
(This used to be commit f35e353454)
2007-10-10 10:51:18 -05:00
Volker Lendecke
95bd9b5ab0 Apply some const
(This used to be commit aa220cffa7)
2004-03-31 15:21:48 +00:00
Jim McDonough
9264194340 handle both 0 and -1 as disabling reset count and lockout duration
(This used to be commit 84fe24e64e)
2004-02-20 16:00:25 +00:00
Jim McDonough
222d9a3ce2 Clean up bad pw count and autolock flag update fn()s
(This used to be commit 9a79f9fbcb)
2004-02-19 21:37:24 +00:00
Jim McDonough
e507a83617 Add bad pw count and autolock flag update fn()s
(This used to be commit 600fcd534b)
2004-02-19 18:35:43 +00:00
Jim McDonough
39a154ae92 Add functions to get/set bad password time
(This used to be commit 557f598c63)
2004-02-19 15:59:35 +00:00
Jim McDonough
d21f23e01f Move tdbsam versioning/upgrade code into 3.0
(This used to be commit 730c07cac2)
2004-02-13 14:48:20 +00:00
Jim McDonough
1fa1e931a3 More sync between passdb on 3.0 and HEAD.
Replace unknown_3 with fields_present.  Also causes rpc_samr structure field changes.
(This used to be commit 1976843345)
2004-02-12 16:16:53 +00:00
Jim McDonough
34232f9ec0 Start of merging HEAD changes. Right now, just move one fn() to eliminate
the prototype at the beginning, and change some comments so diffs to HEAD
aren't filled with useless info.
(This used to be commit 7b40f6c464)
2004-02-12 15:20:40 +00:00
Volker Lendecke
24f2e0cc3e And another build fix.
Volker
(This used to be commit 6c78a096a5)
2004-02-09 15:21:42 +00:00
Volker Lendecke
42f763e6f0 Fix the build & get rid of a compiler warning.
Volker
(This used to be commit 38c9b775ce)
2004-02-09 14:43:18 +00:00
Andrew Bartlett
b401888b6b Add static, and assert that we will never overflow the static fstring
in pdb_encode_acct_ctrl()  (All current callers are fine)

Andrew Bartlett
(This used to be commit 01be89eb43)
2004-02-08 11:02:11 +00:00
Rafal Szczesniak
9919ab60ea Typo fix.
rafal
(This used to be commit 5d7f81eea2)
2004-01-07 22:44:28 +00:00
Andrew Bartlett
b4593e92ff JHT came up with a nasty (broken) torture case in preparing examples for
his book.

This prompted me to look at the code that reads the unix group list.  This
code did a lot of name -> uid -> name -> sid translations, which caused
problems.  Instead, we now do just name->sid

I also cleaned up some interfaces, and client tools.

Andrew Bartlett
(This used to be commit f9e59f8bc0)
2004-01-02 05:32:07 +00:00
Alexander Bokovoy
05fcb69270 Fix uninitialized variable in passdb code. Reported by Andy Polyakov <appro@fy.chalmers.se>
(This used to be commit ac7a60abf2)
2003-12-11 10:24:43 +00:00
Gerald Carter
87fddf6a98 more group lookup access fixes on the neverending bug 281
(This used to be commit 9359a6ea80)
2003-12-10 16:40:17 +00:00
Gerald Carter
c39f5fea4a more access fixes for group enumeration in LDAP; bug 281
(This used to be commit 68283407e0)
2003-11-24 17:31:38 +00:00
Gerald Carter
4097f5ec8d * make sure we only enumerate group mapping entries
(not /etc/group) even when doing local aliases

* remove "hide local users" parameter; we have this
  behavior built into 3.0
(This used to be commit a7685a0697)
2003-11-17 16:06:10 +00:00
Andrew Bartlett
6f83e9c0cd Match Samba 2.2, and make ACB_NORMAL the default ACB value.
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing)

Andrew Bartlett
(This used to be commit dfd6bef580)
2003-10-10 12:57:44 +00:00
Jeremy Allison
0f0fbbbaa4 Typo in error message.
Jeremy.
(This used to be commit 8996c51770)
2003-10-03 22:09:33 +00:00
Jeremy Allison
3a48e4b287 The "unknown_5" 32 bit field in the user structs is actually 2 16-bit
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
(This used to be commit cd7bd8c2da)
2003-09-18 23:53:48 +00:00
Jeremy Allison
d4df20e96f Oops. Proper fix for #470.
Jeremy.
(This used to be commit 82f98b066d)
2003-09-18 21:19:41 +00:00
Jeremy Allison
9f50a90db1 Fix for #470 - unable to display SIDs in ACLs.
Jeremy.
(This used to be commit 56df89eff3)
2003-09-18 01:17:22 +00:00