IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
use the credential chain and only works over netlogon, but it would
allow multiple outstanding auth requests for a single workstation
account.
(This used to be commit 123290d094)
Still missing lchown (will add this for 3.0.26).
Don't merge for 3.0.25a - possibly 3.0.25b (if it
exists).
Jeremy.
(This used to be commit f546750176)
talloc context for use with the actual rpc query and response.
So the the parent context does not get flooded by the posslibly
large amount of response data (when looking up a lot of sids).
Note: It not possible, to simply use the names and domains arrays
as talloc contexts for the talloc_strdup calls, because from
rpccli_lsa_lookup_sids_all, this is called with names + offset
and domains + offset where names and domains are talloced
arraye for the complete response.
(This used to be commit 8e60900c5c)
dn_lookup loop by a rpccli_lsa_lookupsids_all (see r23070)
call. This replaces one ldap search per member sid by one
rpc call per 1000 sids. This greatly speeds up groupmem
lookups for groups with lots of users.
Since the loop in lookup_groupmem was the only use of dn_lookup,
the function is removed.
Michael
(This used to be commit 88dac65ab1)
looked up at one time. This limit is at 20480 for w2k3.
Our rpccli_lsa_lookup_sids function ignores this limit, so when
we give the server too long a list of SIDs, then we will get
nothing back. Since typically rpccli_lsa_lookup_sids is given
one SID (or a small number of SIDS), this did not do harm
up to now. But since I want to use lsa_lookup_sids in a subsequent
modification to winbindd_ads.c:lookup_groupmem to get rid of
a vast number of dn_lookup calls to the server, I had to make
sure we do it correctly.
I have added a function rpccli_lsa_lookup_sids_all function
that has the same prototype but internally splits the list
of SIDs up into hunks of a (conservative, hard coded) 1000
SIDs each for a first go.
If this approach is agreed upon, the new function could replace
the original rpccli_lsa_lookup_sids function.
Michael
(This used to be commit 66ff0bc6c3)
doing this because for the clustering the marshalling is needed in more
than one place, so I wanted a decent routine to marshall a message_rec
struct which was not there before.
Tridge, this seems about the same speed as it used to be before, the
librpc/ndr overhead in my tests was under the noise.
Volker
(This used to be commit eaefd00563)
check for IS_DC. Otherwise we will for example fail to lookup a
sid of S-1-22-1-780 because it has no valid struct winbindd_domain*
in the list. Thanks to Simo for the catch.
(This used to be commit f53aa56998)
to be able to handle SIDs in the S-1-22-{1,2} domain in order
for winbindd_sid_to_uid(), et. al. to succeed. For 3.0.25a,
we will short circuit in the sid_to_uid() family of functions
so that smbd is ok.
For 3.0.26, we need to allow winbindd to handle all types of SIDs.
(This used to be commit d70cec3196)
winbindd main function.
I have tested and somewhat extended the code, and it seems
to do a good job. I have possibly not caught all error
conditions though.
Michael
(This used to be commit 8c517f9aac)
message_send_pid is used anymore. Two users of duplicates_allowed: winbind and
the printer notify system.
I don't thing this really changes semantics: duplicates_allowed is hell racy
anyway, we can't guarantee that we don't send the same message in sequence
twice, and I think the only thing we can harm with the print notify is
performance.
For winbind I talked to Günther, and he did not seem too worried.
Volker
(This used to be commit 75b3ae6a76)
the timeouts on the individual message send calls with an overall timeout on
all the calls.
The timeout in message_send_pid_with_timeout() did not make much sense IMO
anyway, because the tdb_fetch() for the messages_pending_for_pid was blocking
in a readlock anyway, we "just" did the timeout for the write lock.
This new code goes through the full wait for the write lock once and then
breaks out of sending the notifies instead of running into the timeout per
target.
Jerry, please check this!
Thanks,
Volker
(This used to be commit 697099f06e)
lock we know nothing about that we retry the lock every
10 seconds instead of waiting for the standard select
timeout. This is how we used to (and are supposed to)
work.
Jeremy.
(This used to be commit fa18fc25a5)
we have to take care to preserve the "special" values
for Windows of 0x80000000 and 0x7FFFFFFF when casting
between time_t and uint32. Add conversion functions
(and use them).
Jeremy.
(This used to be commit 4e1a0b2549)
since any SID/uid/gid translation calls will reset the struct when
popping the security ctx. This should fix the standalone server
configuration issues reported by David Rankin (thanks for the logs).
(This used to be commit 63cb25bad1)
would flood at log level 2. We know when we're using the legacy
mapping code anyways since it will log an informative msg.
(This used to be commit 51aac0fcb4)
smb4k uses 'net rap server domain' to list servers in domain.
Previously we just ignored all arguments in net_rap_server() but now we don't
as 'net rap server name' has added an explicit check on arguments.
Allow 'net rap server domain' to aid smb4k. Any other arguments will cause help message.
(This used to be commit 8f78b6ce3a)
