IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 17 18:33:15 UTC 2025 on atb-devel-224
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15806
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Fri Feb 14 16:18:19 UTC 2025 on atb-devel-224
I have captures showing that claims compression depends on the payload
itself and how well it compresses, instead of the pure length of the
payload.
E.g. a single string claim with a value of 68 'a'
characters has an unpressed size of 336
and compressed size is 335.
While a single string with random string s1
has an unpressed size of 504 and it's still
uncompressed on the wire.
A different random string s2 also has an unpressed
size of 504, but it is compressed into a size of 502.
So it really depends if the compression makes it actually
smaller than the uncompressed version.
This makes the tests more reliable against Windows DCs
with existing claims defined.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
createtrustrelax has 16 characters, but only 15 are allowed
and they are typically uppercase.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
These are now redundant as all samba-tool sub-commands handle
-V/--version automatically.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Because it might as well. Like this:
Version Options:
-V, --version Display version number (4.22.2)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
This means in
bin/samba-tool spn -h -V
the -V takes precedence over the -h, as with the 'net' tool.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Before `samba-tool -V` would give you the version,
but `samba-tool spn -V` would complain.
An ad-hoc selection of sub-commands already supported --version,
depending on whether VersionOptions was manually added to the
takes_options dict. The .run() methods of these subcommands all take a
'versionopts' keyword argument, but never use it. If it was set (i.e.,
argv contained "--version"), the process never gets to .run(), so the
value of versionopts.version is always None in run(). After this
commit we can remove VersionOptions/versionopts from sub-commands.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15770
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
A larger cache costs more per transaction, but makes a large number
of operations within a transaction faster. We expect to be dealing
with the latter case here, regardless of the batch_mode parameter
and the database size. 200000 is chosen because it is also used in
join and schemaupgrade, and should be sufficient in most cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15795
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Feb 4 22:47:35 UTC 2025 on atb-devel-224
Increasing this value greatly improve the performances of schema
upgrade for large domains (>200k entries).
The value 200000 is chosen because it is already used in join.py, and
should be sufficient for known domains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15795
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Removes all supplemental groups from a user, what is commonly
wanted when a user is disabled.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jule Anger <janger@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Thu Jan 23 19:51:05 UTC 2025 on atb-devel-224
Otherwise the removal of groupmembers by SID fails silently, because the
DN does not match the the DN in group member list.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
It's there for network_samlogon and interactive_samlogon,
but not in ticket_samlogon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15783
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We may use ServerAuthenticateKerberos in future and that needed to
use kerberos.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
It also add some additional checks to make sure netlogon with AES was
used.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
EXPORT_KEYTAB_FILE=/dev/shm/export.keytab
EXPORT_KEYTAB_APPEND=0 or 1
EXPORT_EXISTING_CREDS_TO_KEYTAB=0 or 1
EXPORT_GIVEN_CREDS_TO_KEYTAB=0 or 1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
This also exposes credentials for the machine account for netlogon
testing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
