1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Commit Graph

18 Commits

Author SHA1 Message Date
Michael Adam
2f2b57a648 passdb: change ABI version to 0.25.0 due to removed symbol.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 01:55:09 +01:00
Garming Sam
93689174ff passdb: Change ABI version to 0.24.2
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-11-30 03:49:25 +01:00
Stefan Metzmacher
8e90b93ddc s3:passdb: add optional get_trusteddom_creds() hooks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-12-18 04:22:05 +01:00
Garming Sam
3b76b705f0 pdb: Increase version number to fix ABI
In the process, we can also rename pdb to avoid conflicts with libpdb.

We don't depend directly on pdb to avoid duplicate symbols.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10355
Change-Id: I4df6ba2f4ce35d3718dc4198b527cca46a139efe
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-12-03 04:21:09 +01:00
Stefan Metzmacher
270f7b3441 s3:passdb: add pdb_get_trust_credentials()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
2014-09-27 19:42:37 +02:00
Andrew Bartlett
b359b0c160 passdb: Allow a passdb module to do idmap for everything
This patch seems odd, but the pdb_samba_dsdb module has exactly this
semantics.  That is, the pdb_samba_dsdb is responsible for all IDMAP
values, due to backing on to the idmap.ldb allocator.  This option is
added so we can continue to support the mappings written into that
database even when switching winbindd implementations - the source4/
winbind code would only ask the idmap_ldb code, no matter what the
SID.

Almost all of the behaviour for this is already in winbindd, but we
need this extra flag function so as to avoid (currently intentional)
errors at startup due to not having a per-domain allocation
configured in the smb.conf.

Andrew Bartlett

Change-Id: I6b0d7a1463fe28dfd36715af0285911ecc07585c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-06-16 00:26:26 +02:00
Andreas Schneider
241e98d8ee s3-lib: Add winbind_lookup_usersids().
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-02-05 11:41:25 +13:00
Christian Ambach
2d2d13ee61 s3:passdb add a gid argument to pdb_create_builtin_alias
make it possible to skip the allocation of a new gid from winbind
by specifying the gid to be used

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:24 +02:00
Christian Ambach
df41835eea s3:passdb expose pdb_create_builtin function
this one first tries to map the principal before
allocating a new gid

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:23 +02:00
Christian Ambach
0ad38d777f s3:passdb add pdb_*_is_responsible_for* functions
allows PDB modules to specify for which special domains they
are responsible when it comes to SID->xid conversion

By default, passdb modules will be responsible for local BUILTIN,
local SAM and Unix Users/Groups

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2013-06-21 10:44:19 +02:00
Alexander Bokovoy
5952755755 PASSDB: add support to set and enumerate UPN suffixes associated with our forest
Samba PDC may manage a forest containing DNS domains in addition to the primary one.
Information about them is advertised via netr_DsRGetForestTrustInformation when
trusted_domain_name is NULL, according to MS-NRPC and MS-LSAD, and
via netr_GetForestTrustInformation.

This changeset only expands PASSDB API; how suffixes are maintained is left
to specific PDB modules. Set function is added so that suffixes could be
managed through 'net' and other Samba utilities, if possible.

One possible implementation is available for ipasam module in FreeIPA:
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cc56723151c9ebf58d891e85617319d861af14a4

Reviewed-by: Andreas Schneider <asn@samba.org>
2013-04-09 20:29:18 +02:00
Michael Adam
61e8b80c85 s3:passdb: fix building pdb_ldap as shared module
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec  3 19:12:29 CET 2012 on sn-devel-104
2012-12-03 19:12:29 +01:00
Michael Adam
671f534e5e s3:passdb: add sid_check_object_is_for_passdb()
Variant of sid_check_is_for_passdb() that only checks for objects
in the various domains, not for the domain sids themselves.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:30 +01:00
Michael Adam
845a142107 build the new sid_check_is_for_passdb() function into passdb
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:29 +01:00
Alexander Bokovoy
86a4ca2864 s3: make smbldaphelper subsystem an internal library
Break pdb_ldap -> smbldaphelper -> pdb -> pdb_ldap loop by
making smbldaphelp intentionally underlinked internal library.

It means that libsmbldaphelp is not usable unless its user is
also linked to libpdb (that is the case for both its users,
idmap_ldap and pdb_ldap, already) but gives us a break of
the circular dependency in case pdb_ldap statically linked
into pdb (default).

This should solve case when idmap_ldap and pdb_ldap are dynamically
loaded modules

Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 14 01:02:21 CEST 2012 on sn-devel-104
2012-09-14 01:02:21 +02:00
Alexander Bokovoy
d55980ccad s3-pdb: filter out more symbols only used in ldapsam internals 2012-09-12 08:49:32 +02:00
Alexander Bokovoy
d709748070 s3-passdb: update abi_match and ignore more statically linked functions
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Mon Sep 10 16:14:50 CEST 2012 on sn-devel-104
2012-09-10 16:14:50 +02:00
Alexander Bokovoy
a43774a257 s3-waf: avoid exporting init symbols from statically linked modules
WAF builds with and without AD DC affect list of statically linked
modules that are added into libpdb. This makes impossible to have
ABI for libpdb that does not depend on configured features.

By making init functions from statically linked modules to have local
scope in shared libraries, we avoid unwarranted ABI changes.

Additionally, pdb_samba_dsdb imports IDMAP subsystem of source4/ as
it is not a shared library. Making its symbols private as well.

Finally, in order to have the filtering of symbols work, libpdb
has to be public library.
2012-09-07 12:31:42 +02:00