IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This winbind implementation is undermaintained, out of date and not the
future of even the AD DC, let alone any other purpose.
Removing it will reduce our security and bug exposure on this
off by default subsystem
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 24 22:34:57 CEST 2015 on sn-devel-104
When using winbindd with the ntvfs file server, the responses are faster than
they were in the past. Therefore, set:
posix:sharedelay = 100000
posix:writetimeupdatedelay = 500000
to the values used in Samba3.pm to allow the tests to pass against the NTVFS
file server without the internal winbind.
This allows the internal winbind to be removed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11317
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jun 23 14:37:05 CEST 2015 on sn-devel-104
This allows us to test that winbindd starts up without secrets.tdb, as happens after
a classicupgrade.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 18 00:59:54 CEST 2015 on sn-devel-104
This shows that replication using the RODC username/password actually works
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
local.nss test might print lines starting with 'test allowed:...'
and that confused the subunit parser.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
'syslog' has been deprecated, so use the new 'logging' parameter
instead.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Mar 27 06:38:32 CET 2015 on sn-devel-104
We only need to specify explicit entries for the local realm
in order to provision the server.
Everything else is handled by real dns or faked dns via resolv wrapper.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This is the environment that represents our supported production
setup of an active directory domain controller.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This shows that the previous patch is correct
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This shows that the previous patch is correct
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
open(LDIF, "|$ldbmodify -H $ctx->{privatedir}/sam.ldb");
doesn't generate an error if the command fails...
'testallowed' is a local account here, with a dn of
CN=testallowed,CN=Users,DC=S4MEMBER instead of domain user
CN=testallowed,CN=Users,DC=samba,DC=example,DC=com
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Feb 2 01:10:18 CET 2015 on sn-devel-104
This tests both a UPN in our own realm, and a UPN with a non-realm suffix.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jan 23 08:10:07 CET 2015 on sn-devel-104
The RODC should answer some requests locally, and others it should defer to the main DC.
We can tell which KDC we talk do by the KVNO of the encrypted parts that are returned
to the KDC.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Two things help here: The join is done on the lower case name, so we
can match it in the krb5.conf, and we share the krb5.conf between the
"dc" environment and the "subdom_dc" environment. Between these two
measures, this means we can get tickets using the domain trust.
If we used cwrap for DNS queries and we had our internal DNS set up correctly,
we could avoid this (because that is not case sensitive),
but otherwise we need to get SUB.samba.example.org into the krb5.conf,
and this is harder to do an a generic way.
Andrew Bartlett
Change-Id: If378915112728aaf47aa68ce0b071a7e09d756ad
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
This allows 'samba-tool drs kcc' to be run during the environment setup.
Andrew Bartlett
Change-Id: I5d25470f1530b28be0a9413d13c48442fabb1a84
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
(Including changes to knownfail to match the new winbindd in use in each environment)
Change-Id: I9e08086eba98e95e05a99afef28315e2857aae56
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 4 05:19:54 CEST 2014 on sn-devel-104
(Including changes to knownfail to match the new winbindd in use in each environment)
Change-Id: I9e08086eba98e95e05a99afef28315e2857aae56
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 16 02:53:49 CEST 2014 on sn-devel-104
These modes are useful for testing aspects of the code like the rpc proxy.
Andrew Bartlett
Change-Id: I87b3ac0df299dd176599f824f8815880470c6401
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We now run wbinfo_simple additionally against plugin_s4_dc and dc
This also extends many of the tests to run against more environments,
hence the additional knownfail entries.
For winbind.wbclient, the fl2003dc environment has been selected not
to run with password history so as to allow the winindd.wbinfo test to
complete (once switched to running winbindd).
Andrew Bartlett
Change-Id: I475fd9937e515796b5e47c042a8bfa85f76441ca
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Change-Id: I5a9218294580670048636645315a9cf217618e58
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This avoids a conflict with the Samba3.pm defined member environment, and so spurious
failures in make test for the member environment dependent on test ordering.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 22 23:33:41 CEST 2014 on sn-devel-104
This ensures these authentication modules continue to operate correctly, and that the results are consistent.
Andrew Bartlett
Change-Id: I7f63cd93e55c6f73ceeafb14f1dc265291791803
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 16 12:50:44 CEST 2014 on sn-devel-104
