IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
DCE_STYLE modified version, and add parametric options to control
delegation.
It turns out the only remaining issue is sending delegated credentials
to a windows server, probably due to the bug lha mentions in his blog
(using the wrong key).
If I turn delgation on in smbclient, but off in smbd, I can proxy a
cifs session.
I can't wait till Heimdal 0.8, so I'll see if I can figure out the fix
myself :-)
Andrew Bartlett
(This used to be commit fd5fd03570)
mappings right for the attributeTypes field of the aggregate schema
now to add the display specifiers and I won't need the proxy module
any more
(This used to be commit 69264362bd)
except the attributeTypes fields of the Aggregrate record. Proxying
just that field and the display specifiers gives us a working mmc
client
hopefully i'll work out what it doesn't like about the attributeTypes
field soon
(This used to be commit 3af867a3f4)
js arrays are a special type of object where the length property is
automatic, and cannot be modified manually. Our code was manually
setting length, which made it abort when someone passed in a real ejs
array. To fix this we need to create real arrays instead of objects,
and remove the code that manually sets the length
(This used to be commit ebdd1393fd)
work again. The automatic value() is fine for the length, but cannot
be used for the size as the size is not the number of bytes being
sent, but the number of bytes that the server is allowed to use in the
reply
(This used to be commit 46e91f269c)
of the gsskrb5_acquire_cred hack.
Add support for delegated credentials into the auth and credentials
subsystem, and specifically into gensec_gssapi.
Add the CIFS NTVFS handler as a consumer of delegated credentials,
when no user/domain/password is specified.
Andrew Bartlett
(This used to be commit 55b89899ad)
ldap server. It's still not quite right, and I'm chasing down a few
errors that mmc throws up, but its a lot closer than it was. I had to
change the approach quite substantially over the last couple of days,
but this approach now seems to be working out.
(This used to be commit 38ea11510c)
- remove useless .release attribute, we have seperate tests for this
now
- add first owned,active vs. replica test, including handling incoming
name queries from the server
metze
(This used to be commit 7843b6c5c8)
logins (changing the winbindd interface).
Clean up the wbsrv_samba3_async_epilogue() handling, as it was mixing
auth and other replies, such that all replies were having the auth
error strings set. We now do a better job of filling in the right
errors in the right places.
Andrew Bartlett
(This used to be commit 8ed975df52)
The warnings were caused by the structure assignements, which we don't
need to do. The actual values are filled in by the NDR layer later.
Andrew Bartlett
(This used to be commit f140117535)
through all ldap errors except on search. Search errors are only
available via ldb_errstring() until we decide how to fix ldb_search().
(This used to be commit c192bcb79d)
IDL and testsuites. The server-side of this remains a stub, we should
probably be doing ldb searches for the server reference record.
Andrew Bartlett
(This used to be commit 0141ed309a)
authentication for user@realm logins and machine account logins.
This should avoid various protocol downgrade attacks.
Andrew Bartlett
(This used to be commit 76c2d204d0)