IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
SOCKET_WRAPPER, they don't compile with --enable-developer. As such
the winbind tests fail.
We need to ensure that on production systems we never have
SOCKET_WRAPPER set, or this could be a security issue.
Andrew Bartlett
(This used to be commit eccc2d11da)
backend abstraction for brlock pointless, but I have left it in place
for now. It would be useful for other clustering systems that can't
map to dbwrap, and would also be useful if we wanted to keep the
remote function call capabilities in ctdb instead of the less
efficient fetch_locked() call in dbwrap
(This used to be commit 912c014b7c)
seen in particular on opi.
This looked like a Heimdal problem, but I think it was simply that we
didn't do a talloc_reference() to keep tabs on the memory we were
using, and in between obtaining the pointer and using it, it was
assigned to unrelated memory.
Andrew Bartlett
(This used to be commit a650ad8b37)
complete. This is needed because messaging setup with ctdb involve
events, and we don't want a SMB packet to be processed on this stream
until after the stream structure is fully setup
(This used to be commit 8e378051e5)
from MMC Active Directory Users and Computers).
Windows sets a 14 UCS2 char buffer as the password in this case.
We need to allow random buffers to be accepted as complex passwords,
even if they don't have ASCII upper or lower case characters. (If
half the bytes are > 127, then it's likely a random buffer).
Also make the test match the documented windows behaviour of '3 of the
4 classes: upper, lower, digit, special'.
Andrew Bartlett
(This used to be commit 5ef26a2ba3)
Computers).
We now generate a security descriptor for each object, when it is
created. This seems to keep MMC happy. The next step is to honour
it.
Andrew Bartlett
(This used to be commit 72f4ae8246)
Modify the samba3sam test to be less fussy, and not use the
objectclass module (which requires proper schema stuff now).
Andrew Bartlett
(This used to be commit 53c248c264)
ldb_subclass list.
Next step will be to have this module also set the objectCategory and
default ntSecurityDescriptor
Andrew Bartlett
(This used to be commit 0f7135a468)
payload to the control, we still need to inialise *value, as otherwise
we read uninitialised data later.
Andrew Bartlett
(This used to be commit f6566480b7)
some issues in the NBT server (this was a false positive, but easily
worked around) and DRSUAPI server.
We should take care not to use the ldb_context as a talloc pool, and
to always ensure that any results from ldb_search() are moved off that
pool with talloc_steal or talloc_free().
To work around the issue in provision, for which I can find no fault
(other than a lot of work being done in provision), I've moved the
detector trigger to 400 additional blocks.
This fixes Bug #4810 by <mwallnoefer@yahoo.de>
Andrew Bartlett
(This used to be commit 42bcf85620)
we catch messages pushed out by modules during startup.
This also sets an explict mapping between ldb and Samba debug levels.
Andrew Bartlett
(This used to be commit 50913a401d)
return full SIDs for the user SID and primary group sid.
This should help kai with his getpwnam work in winbind.
Andrew Bartlett
(This used to be commit 078671d501)
We need to set the access_mask and the domain name, or else libnet
will try to do this itself.
This seems to fix the issues Kai was having.
Andrew Bartlett
(This used to be commit 44c193272b)
SAMR. This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.
As noted in bug #4829.
Andrew Bartlett
(This used to be commit 3bfa6dbf7d)
on this error code, but allow both for now).
Also prove that bug #4829 needs a different solution: we can't fix
this by changing the template. I think this fix needs to be in the
SAMR server.
Andrew Bartlett
(This used to be commit c3554e3ee7)
RPC-SAMLOGON test.
This showed that, as noted by bug #4823, we didn't test for invalid
workstations. In fact, the code had been ported across, but because
untested code is broken code, it never worked...
Andrew Bartlett
(This used to be commit 5e07417ada)
include the attribute allowedChildClassesEffective for MMC to allow
the creation of containers.
This may need further refinement, but it seems to work for now.
Andrew Bartlett
(This used to be commit d053b8e218)
Any SAMR client (usrmgr.exe in this case) that attempted to set a
property to a zero length string found instead the the old value was
kept.
In fixing this, rework the macros to be cleaner (add the
always-present .string) to every macro, and remove the use of the
samdb_modify() and samdb_replace() wrappers where possible.
Andrew Bartlett
(This used to be commit b05fe69304)
Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by mwallnoefer@yahoo.de.
Andrew Bartlett
(This used to be commit 7f7e4fe298)
- The icons in usermgr were incorrect, because the acct_flags were
not filled in (due to missing attribute in ldb query)
- The Full name was missing, and the description used as the full
name (due to missing attributes in ldb query and incorrect IDL)
To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.
This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...
Getting this right is important, because Samba3's RPC winbind methods
uses these queries.
Andrew Bartlett
(This used to be commit 9475d94a61)
We now setup a libnet_ctx for each domain. We should then be able to
replace/merge some more of the winbind code with libnet calls,
referencing domain->libnet_ctx.
Andrew Bartlett
(This used to be commit bad2dc14d7)
cannot vampire, provision or upgrade a Samba4 server via SWAT.
(The previous commit was an accident, and not complete).
This should get Samba4 closer to being 'secure' for an alpha release.
Andrew Bartlett
(This used to be commit 3b6695de36)
is that when we all ldb_msg_add_empty(), we might realloc() the
msg->elements array. We need to ensure the source pointer (when
copying an element from the same msg) is still valid, or the data
copied.
Andrew Bartlett
(This used to be commit 0fbea30577)
