Volker Lendecke
08e4e7fef7
s3: Fix Coverity ID 513: UNINIT
2011-03-27 22:22:10 +02:00
Volker Lendecke
f762886687
s3: Fix Coverity ID 2328: FORWARD_NULL
...
Make startsmbfilepwent robust against an invalid open type
2011-03-27 11:25:34 +02:00
Günther Deschner
ba510fae23
s3-ldapsam: fix ldapsam_create_user() with existing posix accounts.
...
We were not taking into account the existing posix attributes and thus failed
while trying to add a 2nd uid attribute.
Found by Sumit.
Guenther
2011-03-24 23:08:22 +01:00
Andrew Tridgell
15e84a9a09
charcnv: removed the allow_badcharcnv and allow_bad_conv options to convert_string*()
...
we shouldn't accept bad multi-byte strings, it just hides problems
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
2011-03-24 01:47:26 +01:00
Jeremy Allison
3d6a92a37b
Fix compiler warning in debug message.
2011-03-17 10:35:10 -07:00
Volker Lendecke
4668ac8b16
s3: Fix Coverity ID 1034, CHECKED_RETURN
...
In all other places we check the result of secrets_init.
2011-03-16 21:14:58 +01:00
Volker Lendecke
9bc14afe96
s3: Fix a cut&paste error in pdb_ads_connect
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Mar 16 08:22:28 CET 2011 on sn-devel-104
2011-03-16 08:22:28 +01:00
Volker Lendecke
420be02a60
s3: Read uidNumber/gidNumber in pdb_ads_sid_to_id
...
Question: How shall we allocate those? Something like the rid allocator?
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Mar 15 09:59:55 CET 2011 on sn-devel-104
2011-03-15 09:59:55 +01:00
Volker Lendecke
16b007c223
Quite some callers of sid_split_rid do not care about the rid
2011-03-10 18:48:34 +01:00
Volker Lendecke
f6f8ec8d8b
s3: Move EXOP definitions to smbldap.h
...
This attempts to fix the build on Solaris
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Mar 6 10:45:16 CET 2011 on sn-devel-104
2011-03-06 10:45:16 +01:00
Volker Lendecke
ae28029f67
s3: Remove an obsolete comment
2011-03-03 22:08:49 +01:00
Günther Deschner
93db9489fd
s3-libds: use already existing ../libds/common/flag_mapping.h header.
...
Guenther
2011-03-02 22:17:17 +01:00
Jelmer Vernooij
59a077d8f5
Fix some types
...
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
2011-02-28 23:30:06 +01:00
Jeremy Allison
f7b4209f99
Fix one more warning introduced by changing the size of UNIX_USER_TOKEN->ngroups from size_t to uint32_t.
...
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Feb 28 22:43:50 CET 2011 on sn-devel-104
2011-02-28 22:43:50 +01:00
Gregor Beck
6710561c27
s3: add functions to remove entries from idmap memcache
2011-02-28 12:58:43 +01:00
Gregor Beck
01e7611050
s3: add functions to flush the idmap memcache
2011-02-28 12:58:37 +01:00
Volker Lendecke
cfffd0f3a0
s3: Fix pdb_ads_enum_group_memberships args
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Feb 26 11:37:10 CET 2011 on sn-devel-104
2011-02-26 11:37:10 +01:00
Volker Lendecke
56f02e8520
s3: Fix filtering in pdb_ads_search_users
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Feb 22 20:59:07 CET 2011 on sn-devel-104
2011-02-22 20:59:07 +01:00
Volker Lendecke
ecb65332ea
s3: Fix some nonempty blank lines
2011-02-22 19:18:57 +01:00
Stefan Metzmacher
d7fa349052
s3:auth: change num_groups to from size_t to uint32_t
...
This will help with the change from UNIX_USER_TOKEN to security_unix_token
metze
2011-02-22 16:20:11 +11:00
Günther Deschner
dcf23f022f
s3-pdb_ipa: remove uninitialized (and unused) status code.
...
Guenther
2011-02-21 18:03:20 +01:00
Volker Lendecke
367b35b1ff
s3: Fix pdb_ads_enum_aliasmem for empty aliases
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 20 21:40:40 CET 2011 on sn-devel-104
2011-02-20 21:40:40 +01:00
Volker Lendecke
ff6c175ae6
s3: Support SetGroupInfo in pdb_ads
2011-02-20 20:50:14 +01:00
Volker Lendecke
95126034b0
s3: Fix a debug message
2011-02-20 20:50:14 +01:00
Volker Lendecke
4c45078d8f
s3: Fix pdb_ads_enum_group_members for empty groups
2011-02-20 20:50:14 +01:00
Volker Lendecke
288b396411
s3: Fix error returns in pdb_ads_mod_groupmem
2011-02-20 20:50:13 +01:00
Volker Lendecke
ac19b39577
s3: Fix return code of pdb_ads_getsamupriv if the user does not exist
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 20 11:12:01 CET 2011 on sn-devel-104
2011-02-20 11:12:01 +01:00
Volker Lendecke
5f953b1ef8
s3: Add ACB_NORMAL to workstations, match RPC-SAMR
2011-02-20 10:23:29 +01:00
Volker Lendecke
351b672426
s3: Make QueryDispInfo and QueryInfo match for guest
2011-02-20 10:23:29 +01:00
Volker Lendecke
9971061a9d
s3: Pass logonHours through pdb_ads
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Feb 19 12:22:08 CET 2011 on sn-devel-104
2011-02-19 12:22:08 +01:00
Volker Lendecke
943aac2e36
s3: Add "len" to pdb_set_hours
2011-02-19 11:32:49 +01:00
Volker Lendecke
6f3008e627
s3: Let pdb_ads write accountExpires
2011-02-19 11:32:49 +01:00
Volker Lendecke
478d74fe14
s3: Fix pdb_ads_pull_time
2011-02-19 11:32:49 +01:00
Andrew Tridgell
c8b2b10976
s3-waf: use SAMBA3_*() build rules in source3/build
...
this brings the s3 waf build much closer to the proposed s3build top
level build, using the same bld.SAMBA3_*() rules
There are a few renames of subsystems in here, with a 3 suffix where
it would create a conflict.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-18 16:46:41 +11:00
Günther Deschner
67dfc87291
s3-lsa: only proceed in _lsa_EnumTrustedDomainsEx when backend has trusted domain support.
...
Guenther
2011-02-17 16:02:20 +01:00
Sumit Bose
bfa7964da8
s3-ipasam: Add aliases for trusted domain user
...
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb 16 12:58:13 CET 2011 on sn-devel-104
2011-02-16 12:58:13 +01:00
Sumit Bose
d638f4a3b8
s3-lsa: Implement lsaRSetForestTrustInformation
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:44:06 +01:00
Sumit Bose
cc3b67fa1f
s3-ipasam: add IPA specific attributes
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:44:06 +01:00
Sumit Bose
8fa440c820
s3-ipasam: add pdb_ipasam_capabilities() and pdb_ipasam_get_domain_info()
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:44:05 +01:00
Sumit Bose
72de982289
s3-ipasam: add ipasam_get_trusted_domain_by_sid()
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:44:04 +01:00
Sumit Bose
b4bc1f8f5c
s3-ipasam: add wrapper for ipasam_enum_trusteddoms()
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:44:04 +01:00
Sumit Bose
4e60954071
s3-ipasam: implement enum_trusted_domains
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:45 +01:00
Sumit Bose
8ddbb48869
s3-ipasam: implement {get,set,del}_trusted_domain
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:45 +01:00
Sumit Bose
c96fd895b9
s3-passdb: make priv2ld() public
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:45 +01:00
Sumit Bose
b4dd65d3f9
s3-passdb: add {get,set,del,enum}_trusted_domain calls
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:44 +01:00
Sumit Bose
2e78022066
s3-ipasam: Disable old trustdom_pw calls
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:44 +01:00
Sumit Bose
4fa210d76a
s3-passdb: Add minimal stub for IPA passdb backend
...
Signed-off-by: Günther Deschner <gd@samba.org>
2011-02-16 11:34:31 +01:00
Volker Lendecke
ab85362cff
s3: Support "codePage" in pdb_ads
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Feb 15 22:00:27 CET 2011 on sn-devel-104
2011-02-15 22:00:27 +01:00
Volker Lendecke
ead7ffa1a7
s3: Add "code_page" to struct samu
2011-02-15 21:12:22 +01:00
Volker Lendecke
8bbf0ad2a0
s3: Support "country_code" in pdb_ads
2011-02-15 21:12:22 +01:00
Volker Lendecke
d9d0fef862
s3: Add "country_code" to struct samu
2011-02-15 21:12:22 +01:00
Volker Lendecke
7a2cbdafa8
s3: Add userWorkstations and userParameters to pdb_ads
2011-02-15 21:12:22 +01:00
Günther Deschner
a32f0ff2f0
s3-waf: TLDAP is only needed by pdb_ads (and smbtorture).
...
Guenther
2011-02-15 12:09:22 +01:00
Volker Lendecke
5d63c503f7
s3: Add "comment" and "description" to pdb_ads
...
This is pending a change to samldb_description_check, we might have to modify
the description with a TLDAP_MOD_REPLACE operation.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 13 17:56:58 CET 2011 on sn-devel-104
2011-02-13 17:56:58 +01:00
Volker Lendecke
60df3c0679
s3: Make "net sam list [users|workstations]" list only the right things
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 13 12:59:14 CET 2011 on sn-devel-104
2011-02-13 12:59:14 +01:00
Volker Lendecke
f49ad6d073
s3: Remove an unneeded proto
2011-02-13 12:11:53 +01:00
Volker Lendecke
9331bc378d
s3: Fix some nonempty blank lines
2011-02-13 12:11:53 +01:00
Volker Lendecke
fe551d6815
s3: Convert tldap_entry_values args to "array, count"
2011-02-13 12:11:53 +01:00
Volker Lendecke
84abb428f6
s3: Add an explicit counter to tldap_add_mod_[blobs|str]
2011-02-13 12:11:53 +01:00
Volker Lendecke
158c1e315b
s3: Convert tldap_make_mod_fmt args to "array, count"
2011-02-13 12:11:52 +01:00
Volker Lendecke
6b492a1741
s3: Convert tldap_add_mod_blobs args to "array, count"
2011-02-13 12:11:52 +01:00
Volker Lendecke
30e72e0d0a
s3: Align the args of pdb_ads_update_sam_account to tldap_modify
2011-02-13 12:11:52 +01:00
Volker Lendecke
d38ab83bab
s3: Make "smbpasswd <user>" work with pdb_ads
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Feb 12 15:17:39 CET 2011 on sn-devel-104
2011-02-12 15:17:39 +01:00
Günther Deschner
8015514c5b
s3-waf: use bld.env.HAVE_LDAP in some more places, hopefully fixes the builds w/o ldap.
...
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Feb 11 13:08:38 CET 2011 on sn-devel-104
2011-02-11 13:08:38 +01:00
Volker Lendecke
efa460e291
s3: Align the args in tldap_modify
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Feb 10 23:20:05 CET 2011 on sn-devel-104
2011-02-10 23:20:05 +01:00
Volker Lendecke
b524e58f9a
s3: Align tldap_add and tldap_add_send
2011-02-10 22:34:01 +01:00
Volker Lendecke
0539ca51ab
s3: Add primary group in pdb_ads_enum_group_memberships
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 6 18:41:08 CET 2011 on sn-devel-104
2011-02-06 18:41:08 +01:00
Volker Lendecke
d515c6cd5c
s3: Fix auth_netlogond to cope with netlogon_creds_CredentialState
...
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 6 17:30:48 CET 2011 on sn-devel-104
2011-02-06 17:30:48 +01:00
Volker Lendecke
47d07df37f
s3: Fix a potential memleak in secrets_fetch_trusted_domain_password
2011-02-06 16:44:56 +01:00
Volker Lendecke
8c367162f0
s3: In pdb_ads, cope with artificial samu structs
2011-02-06 16:44:56 +01:00
Volker Lendecke
08f2a8562f
s3: Use strlcpy in pdb_ads_connect
2011-02-06 16:44:56 +01:00
Andreas Schneider
ad65605643
s3-auth: Fixed account lockout check.
2011-01-17 16:50:50 +01:00
Bjoern Baumbach
6acbcd1b0c
Make sure that user exists after running add user script before adding sam account.
...
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec 7 17:37:52 CET 2010 on sn-devel-104
2010-12-07 17:37:52 +01:00
Günther Deschner
133a2ffd00
s3-waf: avoid module name uppercasing.
...
This finally allows mixed case module names like the classic build
(./configure --shared_modules=charset_CP850)
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Dec 1 18:39:14 CET 2010 on sn-devel-104
2010-12-01 18:39:14 +01:00
Jeremy Allison
e1cfca1e2e
Make getpwnam_alloc() static to lib/username.c, and ensure all username lookups go
...
through Get_Pwnam_alloc(), which is the correct wrapper function. We were using
it *some* of the time anyway, so this just makes us properly consistent.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
2010-10-20 16:02:12 +00:00
Günther Deschner
10f95a4f1a
s3-waf: fix pdb modules build.
...
Guenther
2010-10-18 15:57:03 +02:00
Andrew Bartlett
f768b32e37
libcli/security Provide a common, top level libcli/security/security.h
...
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12 05:54:10 +00:00
Volker Lendecke
41b54a8931
s3: Remove talloc_autofree_context from pdb_interface
...
None of the pdb backends have special destructors that need to be run at
program exit.
2010-10-03 10:45:56 +02:00
Günther Deschner
b894847ca0
s3-waf: rework CLDAP and LIBCLI_LDAP subsystems.
...
Guenther
2010-09-27 00:39:38 +02:00
Günther Deschner
d7d33317c7
s3-waf: move pdb subsystem to pdb/wscript_build.
...
Guenther
2010-09-27 00:39:37 +02:00
Volker Lendecke
d4bfb5c488
s3: Remove talloc_autofree_context() from guest_user_info()
...
pwd is freed a few lines down
2010-09-26 17:36:40 +02:00
Volker Lendecke
2b601d72d5
s3: Remove talloc_autofree_context() from lookup_unix_user_name()
...
pwd is freed in this routine immediately
2010-09-26 03:29:28 +02:00
Volker Lendecke
9b2d3142c1
s3: Remove talloc_autofree_context() from pdb_init_ads()
2010-09-26 03:29:28 +02:00
Andrew Bartlett
d7bc452a89
s3: Replace sid_binstring and sid_guidstring with PIDL-based alternatives
...
This reduces the manual marshalling of these structures by removing
the duplication here.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20 16:15:03 -07:00
Günther Deschner
4dbd743e46
s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.
...
Guenther
2010-09-20 14:04:37 -07:00
Andrew Bartlett
4bf783d4d6
s3-auth Change type of num_sids to uint32_t
...
size_t is overkill here, and in struct security_token in the num_sids
is uint32_t.
This includes a change to the prototype of add_sid_to_array()
and add_sid_to_array_unique(), which has had a number of
consequnetial changes as I try to sort out all the callers using
a pointer to the number of sids.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11 18:46:05 +10:00
Andreas Schneider
c5cfad142c
s3-passdb: Try to unlock the account if it is locked out.
...
Signed-off-by: Simo Sorce <idra@samba.org>
2010-08-30 10:43:41 -04:00
Andreas Schneider
2ab0b63bd8
s3-passdb: Added a pdb_try_account_unlock function.
...
The function checks if the account has been autolocked. If we have a
lockout_duration and a bad password time it checks if we can unlock the
account.
Signed-off-by: Simo Sorce <idra@samba.org>
2010-08-30 10:43:34 -04:00
Günther Deschner
7a05ca2c9c
s3-build: use dbwrap.h only where needed.
...
Guenther
2010-08-26 00:25:55 +02:00
Günther Deschner
2b41f421fd
s3-idmap: only include idmap headers where needed.
...
Guenther
2010-08-26 00:20:29 +02:00
Günther Deschner
7ff7eb0b52
s3-build: only include nsswitch header where needed.
...
Guenther
2010-08-26 00:20:28 +02:00
Günther Deschner
aba1bf4b5e
s3-build: only include memcache.h where needed.
...
Guenther
2010-08-26 00:20:28 +02:00
Michael Adam
c45eca5751
s3:pdb_ldap: move some code in ldapsam_create_dom_group()
...
to make the flow more similar to ldapsam_create_user().
This prepares for calling winbind_sid_to_gid() instead of
winbind_allocate_gid(): we need the group_sid for this...
Michael
2010-08-14 02:10:30 +02:00
Günther Deschner
ae36783c7b
s3-passdb: include samr.h where needed.
...
Guenther
2010-08-06 15:43:37 +02:00
Günther Deschner
c136b84f0d
s3-secrets: only include secrets.h when needed.
...
Guenther
2010-08-05 10:12:25 +02:00
Volker Lendecke
c186f92437
s3: [ug]id_to_unix_... can not fail
...
Remove some silly failure checks
2010-07-11 17:33:34 +02:00
Björn Jacke
a679319192
s3:pdb_ldap: change LDAP password before samba password hashes
...
this way we can catch up with password change refuses from ldap password policy
overlays and abort the password change early.
Thanks to Andy Hanton <andyhanton@gmail.com> for the initial patch.
2010-07-06 18:50:01 +02:00
Volker Lendecke
a56c688366
s3: Fix another aspect of bug 7262 and make paged results work again
2010-07-06 17:36:18 +02:00
Volker Lendecke
3278554b3e
s3: Make talloc_attrs() static
2010-07-05 12:37:13 +02:00
Günther Deschner
dff7be8ccb
s3-libads: only include libds flags where needed.
...
Guenther
2010-07-01 23:20:40 +02:00
Andreas Schneider
ac5600fc7e
s3-passdb: Make sure dn is initialized and don't free it.
...
dn is just a pointer to a memory which hasn't been duplicated.
Found by clang-analyzer.
2010-06-28 12:56:13 +02:00
Andreas Schneider
6d89116afe
s3-passdb: Make sure we don't call free on a garbage pointer.
...
Found by clang-analyzer.
2010-06-28 12:56:13 +02:00
Andreas Schneider
a81b97ff34
s3-passdb: Make sure that we don't assign garbage.
2010-06-28 10:18:12 +02:00
Volker Lendecke
f66cc82709
s3: Fix EnumDomainAliases when no aliases are in LDAP
...
We used to return NT_STATUS_ACCESS_DENIED, now we just return 0 entries, just
like W2k8 does.
usrmgr.exe was pretty unhappy with the NT_STATUS_ACCESS_DENIED
2010-06-10 15:28:26 +02:00
Michael Adam
ba809ecb8a
s3:pdb_ldap: fix bug 7505 - init_sam_from_ldap stores group in sid2uid cache
2010-06-10 12:02:05 +02:00
Karolin Seeger
8ca88e2f81
s3-passdb: Fix typo in comment.
...
Karolin
2010-06-10 10:34:58 +02:00
Volker Lendecke
1fd15dcb7c
s3: Fix bug 7253
...
acct_ctrl is 32 bit in LOGIN_CACHE, but "w" as a format specifier for
tdb_unpack only writes 16 bits. Okay on x86, not okay on Solaris.
Thanks to Vladimir.Marek@Sun.COM !
Volker
2010-06-09 10:27:17 +02:00
Simo Sorce
0a7ff14617
s3:passdb Export function to calculate the proper primary group sid
...
Don't keep it buried in passdb, this function need to be available
for use in places where we do not want to construct an artificial
samu struct just to play tricks.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07 22:53:08 +10:00
Matthieu Patou
57ab910b6f
s3: Allow previous password to be stored and use it to check tickets
...
This patch is to fix bug 7099. It stores the current password in the
previous password key when the password is changed. It also check the
user ticket against previous password.
Signed-off-by: Günther Deschner <gd@samba.org>
2010-06-02 14:32:23 +02:00
Günther Deschner
f9f8007361
s3-build: only use ndr_security.h where needed.
...
Guenther
2010-05-31 11:32:37 +02:00
Simo Sorce
d85d85b851
s3:passdb Fix memory leak
...
We were allocating this passwd structure on sampass, but never freeing
it nor assigning it to unix_pw where it could be reused.
2010-05-29 10:54:08 -04:00
Andrew Bartlett
cba7f8b827
s3:dom_sid Global replace of DOM_SID with struct dom_sid
...
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21 10:39:59 +02:00
Andrew Bartlett
a92b653af9
s3:passdb Remove use of uint8 uint16 and uint32 in favour of C99 types
...
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21 10:24:55 +02:00
Günther Deschner
f6f3bb1813
s3-passdb: move get_logon_hours_from_pdb() into samr server.
...
Guenther
2010-05-18 21:43:05 +02:00
Andrew Bartlett
7a8e34fe86
s3:split secrets.c to put machine account secrets in a new file
...
This helps the s3compat effort by allowing these functions to be
replaced by functions that query the cli_credentials and secrets.ldb
APIs.
Also, this changes a couple of DOM_SID to struct dom_sid along the
way.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18 21:39:42 +02:00
Jelmer Vernooij
b8268cf7b0
s3: Remove use of iconv_convenience.
2010-05-18 11:45:31 +02:00
Günther Deschner
d7d313851a
s3-tldap: only include tldap when actually needed.
...
Guenther
2010-05-18 00:44:27 +02:00
Günther Deschner
ca73e03eb7
security: merge builtin rid tables.
...
Guenther
2010-05-18 00:44:26 +02:00
Günther Deschner
3b529d50be
s3-rpc_misc: clean out include/rpc_misc.h.
...
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.
Guenther
2010-05-18 00:44:26 +02:00
Günther Deschner
b83ab96b16
s3-passdb: moving account_pol.c into passdb.
...
Guenther
2010-05-08 01:45:27 +02:00
Günther Deschner
f5ac746091
s3-pdb_ldap: fix memleak.
...
Guenther
2010-04-29 12:05:42 +02:00
Volker Lendecke
5197d76faa
s3: Make a debug msg more readable
2010-04-28 10:55:50 +02:00
Stefan Metzmacher
9fbbaa560a
s3:passdb: avoid sid_to_gid() if the sid is "domain users"
...
If the call fails we would use the "domain users" sid anyway.
metze
2010-03-25 21:25:27 +01:00
Volker Lendecke
ea8e0d5d54
Fix some nonempty blank lines
2010-03-25 10:24:45 +01:00
Karolin Seeger
fad0629e78
s3-builtin: Add missing builtin groups.
...
Karolin
2010-03-23 15:24:52 +01:00
Karolin Seeger
ef83c970ca
s3-builtin: Add some builtin groups.
...
Karolin
2010-03-23 11:39:05 +01:00
Volker Lendecke
2b4ce9a73f
s3: Make login_cache_write take a pointer
2010-03-16 22:35:41 +01:00
Volker Lendecke
276b1aa189
s3: Make login_cache_read take a pointer, avoid a malloc
2010-03-16 22:35:41 +01:00
Volker Lendecke
13a278c1b9
s3: Remove a typedef
2010-03-16 22:35:41 +01:00
Volker Lendecke
02d7cdc671
s3: Fix some nonempty blank lines
2010-03-16 22:35:41 +01:00
Karolin Seeger
7fdbbddf42
s3-passdb: Fix typo in debug message.
...
Karolin
2010-03-10 12:08:27 +01:00
Simo Sorce
3b12c38ac0
s3:schannel streamline interface
...
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
2010-02-23 12:46:50 -05:00
Andreas Schneider
b9cf55cfea
s3-passdb: Remove obsolete signal type cast.
2010-02-23 12:23:42 +01:00
Volker Lendecke
2ea2d2a81e
s3: Fix bug 5198 -- parse chfn(1)-change gecos field
2010-02-13 17:23:43 +01:00
Björn Jacke
9b75650f1a
s3: change ldap filter to what really was intended
2010-02-10 13:48:11 +01:00
Stefan Metzmacher
4dc2be2264
s3:passdb: only use gid_to_sid() result if the result is a group of our local sam
...
Otherwise retry with pdb_gid_to_sid().
metze
2010-02-09 12:57:01 +01:00
Stefan Metzmacher
6753fb1cf6
s3:pdb_ldap: don't search for the users primary group, if we already know it
...
metze
2010-02-08 11:23:25 +01:00
Stefan Metzmacher
49ace81e19
s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches.
...
ldapsam_alias_memberships() does the same LDAP search twice, triggered
via add_aliases() from create_local_nt_token().
This happens when no domain aliases are used.
metze
2010-02-08 11:23:24 +01:00
Stefan Metzmacher
25038fa85f
s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted support
...
And also store the gid_to_sid mappings in the idmap_cache.
metze
2010-02-08 11:23:24 +01:00
Stefan Metzmacher
e10d086956
s3:passdb: speed up pdb_get_group_sid()
...
Use the cached version gid_to_sid() instead
of pdb_gid_to_sid().
And also avoid the expensive lookup_sid() call
for wellkown domain groups.
metze
2010-02-08 11:23:23 +01:00
Volker Lendecke
b99046fed1
s3: Make pdb_copy_sam_account also copy the group sid
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-08 11:23:23 +01:00
Stefan Metzmacher
779821df8e
s3: shortcut gid_to_sid when "ldapsam:trusted = yes"
...
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
metze
2010-02-08 11:23:17 +01:00
Volker Lendecke
abbd0f9195
s3: Make use of ZERO_STRUCTP
2010-02-05 21:11:17 +01:00
Volker Lendecke
3ea602a7c3
s3: Remove a pointless if-statement
2010-02-05 21:11:17 +01:00
Volker Lendecke
dcc850e3b3
s3: Make guest_user_info() static
2010-02-05 21:11:17 +01:00
Volker Lendecke
004e3e400d
s3: Hide some uses of pdb_get_init_flags (which I would love to remove...)
2010-02-05 21:11:17 +01:00
Volker Lendecke
1cd7223b8e
s3: Fix some nonempty blank lines
2010-02-05 21:11:17 +01:00
Stefan Metzmacher
0c93aa3cd5
s3:passdb: fix a type Domain Users has RID -513
...
metze
2010-02-04 15:19:50 +01:00
Jeremy Allison
69fd8461b8
Second part of fix for bug #7072 - Accounts can't be unlocked from ldap.
...
Missed read of entry_timestamp (was entry->entry_timestamp).
Jeremy.
2010-01-27 16:52:40 -08:00
Jeremy Allison
627fb85092
Fix bug #7072 - Accounts can't be unlocked from ldap.
...
Fix suggested by Andy Hanton <andyhanton@gmail.com>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.
We have to fix this properly before 2037 :-).
Jeremy.
2010-01-27 16:42:06 -08:00