IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
entry in /etc/passwd.
There are still differences in the local_password_change function. I'm
not sure which was the latest so I didn't change any thing else. Someone
needs to take a look and sync these up.
<a.bokovoy@sam-solutions.net>.
This patch is designed to remove the 'special cases' required for this support.
In particular this now kills off winbind_initgroups, as it appears no longer to
be required.
Andrew Bartlett
- Rework the name -> sid lookup function to always try local lookup first (for
local domain names) before trying winbind. This seems to eliminate my winbind
feedback loop problems. (I don't use winbind for nsswitch, where there are
almost certainly further issues).
Andrew Bartlett
winbind default domains, particulary now I understand whats going on a lot
better. This ensures that the RPC client code does as little 'magic' as
possible - this is up to the application/user. (Where - for to name->sid code
- it was all along). This leaves the change that allows the sid->name code to
return domains and usernames in seperate paramaters.
Andrew Bartlett
this might need a bit more work - or at least documentation.
This is certainly a worthwile little hack, as it avoids the need to invert the
group database. I don't think we should allow unqualified domains here - as
that allows us to distinguish between (at least some) usernames and these
'special' groups.
in become_root()/unbecome_root().
Also only allocate the memory the client reqests - and don't allow the client
to trigger an SMB_ASSERT if they ask for 'more'.
Up the maximum number of sids allowed, and note that this is an arbiary guess,
and can be raised without consequence.
Andrew Bartlett
the sid->uid and uid->sid conversions.
Remove some duplicate arguments from these funcitons, and update the
request/response structures for this and the 'winbind domain name' feature.
As such 'winbindd_lookup_name' now takes both a domain and username.
correctly) be no longer needed. This is in aid of the 'winbind default domain'
code - which works much better when smbd always goes via the standard unix
interfaces.
Andrew Bartlett
info3. These are RIDs, and it only makes sense to combine them with the domain
SID returned with them. This is important for trusted domains, where that sid
might be other than the one we currently reterive from the secrets.tdb.
Also remove the become_root()/unbecome_root() wrapper from around both
remaining TDB users: Both are now initialised at smbd startup.
Andrew Bartlett
The previous code attempted to call winbind to find out the domain sid. This
couldn't work for a number of reasons - not the least of which was that both
the client and server ends would reject any name (in this case domain name)
without a \ in it (or lp_winbind_seperator()).
I think this is what was intended to occour. If there is still some need to
contact winbind for this information, I suggest a new call be created for this
- as it the server-side code doesn't allow for this information to be extracted
easily in any case.
Finally, it gets in the way of the default domain code a bit - hence why I was
actually looking at it...
Andrew Bartlett
calls from rpc_parse/parse_net.c - instead these values are passed as a
paramater.
Unfortunetly some there is still some samr work to be done before this is
actually useful.
Andrew Bartlett
Changed the way the wins record are handled in memory. Now they are living
much longer with the different states: active, released and tombstone.
Also added a version ID, some wins flags and the wins owner ip address to
the namrec->data struct, and a function to process messages sent by the
wins replication daemon.
the initiate_wins_processing() function is not correct, I'll fix it later.
J.F.
This matches the lookup failure case in 2.2, and seems to make more sense than
giving the printer to 'world'. (Avoiding this lookup makes some of my other
changes - including winbind default domains - a little easier).
In any case, tpot has promised to look at this and test it when he gets back to
work. :-)
Andrew Bartlett
Modules now name themselves, which should allow for sane behaviour when we get
an 'extern' passdb module (which in turn loads a .so).
Fix up tdbsam for non-unix-accounts. Not sure if this fixes idra's bug, but
its a start...
Andrew Bartlett
