IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
This script is useful for migrating OpenLDAP schema files to FDS/RHDS
lidf schema files.
License kindly updated to GPLv3+ at our request.
Simo.
(This used to be commit ab7770b34b)
have the current and possibly the previous trust password
stored as clear text passwords. (Previous use of NTPassword
was a mistake - this is a hash value.)
Michael
(This used to be commit 0beae52ff4)
incremented too far in some circumstances. In these cases, only the first
of multiple concatenated strings would be seen.
- Working on bug 4649 pertaining to delete an ACL, this fixes the reported
crash. It appears to have been an incomplete switchover from malloc to
talloc, as the memory was still being freed with SAFE_FREE.
Deleting ACLs still doesn't work. Although a valid request is sent to the
server and a SUCCESS response is returned, the method that's used in
libsmbclient for deleting ACLs seems to be incorrect. In looking at the
samba4 torture tests, it appears that we should be turning on the INHERIT
flag if we want to delete the ACL. (I could use some assistance on the
proper flags to send, from anyone familiar with this stuff.)
- Apply patch from SATOH Fumiyasu to fix bug 4750. smbc_telldir_ctx() was not
returning a value useful to smbc_lseekdir_ctx().
Derrell
(This used to be commit 2ac502e29b)
This script allows for adding lists of users (or other objects)
to lists of groups (or aliases). Useful for creating large test
scenarios.
Michael
(This used to be commit b3e5082e10)
This is done via rpc client. The main purpose is to
be able to fill a domain controller with a large number
of users / groups easily. A the object names are
built as <prefix><num> where number ranges from a given
start number counting up until a given number of objects
has been created.
In a next step, I will submit scripts to add (many) users to
a group and to add a user to (many) groups.
Michael
(This used to be commit 8b81fbb7d9)
This is a slightly modified version to set warn_pwd_expire to the
default value if 0, no, or a broken value is set.
This version also has one if statement less in get_config_item_int().
Thanks a lot to Andreas 'GlaDiaC' Schneider for this feature!
(This used to be commit d26914c978)
return to correctly return NT_STATUS_INVALID_OWNER if it
should be disallowed. Matches better what W2K3R3 does.
NFSv4 ACL module owners, please examine these changes.
Jeremy.
(This used to be commit fc6899a550)
attempts to set attributes to fail.
- I also noticed that missing attributes were setting an invalid return string
by getxattr(), e.g. if there was not group, the return string had "GROUP:;"
instead of excluding the GROUP attribute entirely as it should. The big
problem with the way it was, is that the string could not then be passed to
setxattr() and parsed.
(This used to be commit 7213b5ebec)
for utimes - change the call to ntimes. This preserves
nsec timestamps we get from stat (if the system supports
it) and only maps back down to usec or sec resolution
on time set. Looks bigger than it is as I had to move
lots of internal code from using time_t and struct utimebuf
to struct timespec.
Jeremy.
(This used to be commit 8f3d530c5a)
* chase referrals
* use paged search control
when using the LDAP change notify control for monitoring changes.
Guenther
(This used to be commit d6849a83c0)
NetApp filers expect paths in Open AndX Request to have a leading slash.
Windows clients send the leading slash, so we should too.
(This used to be commit fc5b6e4bd8)
Jeremy: requires your eyes...
If the remote connection timed out while cli_list() was retrieving its list of
files, the error was not returned to the user, e.g. via smbc_opendir(), so the
user didn't have a way to know to set the timeout longer and try again. This
problem would occur when a very large directory is being read with a too-small
timeout on the cli.
Jeremy, although there were a couple of areas that needed to be handled, I
needed to make one change that you should bless, in libsmb/clientgen.c. It
was setting
cli->smb_rw_error = smb_read_error;
but smb_read_error is zero, so this had no effect. I'm now doing
cli->smb_rw_error = READ_TIMEOUT;
instead, and according to the OP, these (cumulative) changes (in a slightly
different form) solve the problem.
Please confirm this smb_rw_error change will have no other adverse effects
that you can see.
Derrell
(This used to be commit fa664b24b8)
This completes the work Jeremy began last week, disambiguating the meaning of
c_time. (In POSIX terminology, c_time means "status Change time", not "create
time".) All uses of c_time, a_time and m_time have now been replaced with
change_time, access_time, and write_time, and when creation time is intended,
create_time is used.
Additionally, the capability of setting and retrieving the create time have
been added to the smbc_setxattr() and smbc_getxattr() functions. An example
of setting all four times can be seen with the program
examples/libsmbclient/testacl
with the following command line similar to:
testacl -f -S "system.*:CREATE_TIME:1000000000,ACCESS_TIME:1000000060,WRITE_TIME:1000000120,CHANGE_TIME:1000000180" 'smb://server/share/testfile.txt'
The -f option turns on the new mode which uses full time names in the
attribute specification (e.g. ACCESS_TIME vs A_TIME).
(This used to be commit 8e119b64f1)
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30)
Although I've never met a computer or compiler that produced pointers to
functions which are a different size than pointers to data, I suppose they
probably exist. Assigning a pointer to a function is technically illegal in C
anyway.
Change casts of the option_value based on the option_name to use of variable
argument lists.
For binary compatibility, I've maintained but deprecated the old behavior of
debug_stderr (which expected to be passed a NULL or non-NULL pointer) and
added a new option debug_to_stderr which properly expects a boolean (int)
parameter.
Derrell
(This used to be commit c1b4c51053)
into 3.0. Also merge the new POSIX lock code - this
is not enabled unless -DDEVELOPER is defined.
This doesn't yet map onto underlying system POSIX
locks. Updates vfs to allow lock queries.
Jeremy.
(This used to be commit 08e52ead03)
Implement enhancement request 3505. Two additional features are added here.
There is now a method of saving an opaque user data handle in the smbc_
context, and there is now a way to request that the context be passed to the
authentication function. See examples/libsmbclient/testbrowse.c for an example
of using these features.
(This used to be commit 203b4911c1)
groups in the ${MACHINESID} and S_1-5-32 domains correctly,
I had to add a substr search on sambaSID.
* add substr matching rule to OpenLDAP schema
(we need to update the other schema as will since this
is a pretty important change). Sites will need to
- install the new schema
- add 'indea sambaSID sub' to slapd.conf
- run slapindex
* remove uses of SID_NAME_WKN_GRP in pdb_ldap.c
(This used to be commit 2c0a46d731)
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24)
use that, but includes.h fails in environments where there's no system popt
around. As the modules don't need that anyway, porting the check whether to
use the system one or our own seems a bit overkill.
Thanks to Michael Adam <ma@SerNet.DE>.
Volker
(This used to be commit 04cbde5956)
Although RTLD_NEXT was not working properly a number of years ago, it seems to be now. Replace dlopen(/lib/libc...) with direct use of RTLD_NEXT
(This used to be commit 2b48665006)
schema.
Maybe "Base64 encoded user parameter string" is not much clearer then
"munged dial" - anyone got a better description ?
Guenther
(This used to be commit 02ccde5f47)
1. Fix a crash bug which should have reared its ugly head ages ago, but for
some reason, remained dormant until recently. The bug pertained to
libsmbclient doing a structure assignment of a cli after having opened a
pipe. The pipe open code makes a copy of the cli pointer that was passed
to it. If the cli is later copied (and that cli pointer that was saved
is no longer valid), the pipe code will cause a crash during shutdown or
when the copied cli is closed.
2. The 'type' field in enumerated shares was not being set correctly with
the new RPC-based mechanism for enumerating shares.
(This used to be commit 62a02b8f2a)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
(by allowing to store more then 1 password history entry in LDAP...)
Thanks to Bernhard Borgmann @ Novell for showing me how to debug
eDirecory.
Guenther
(This used to be commit a6e8de5c3c)
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145)
the function that was being used to set attributes is a core protocol
function (SMBsetatr = 0x09), it does not appear to work on win98. As a
temporary measure, when file times are to be set, this version opens the
file and uses SMBsetattrE = 0x22 instead. (The other advantage of this
function over the original one is that it supports setting access time as
well as modification time.)
The next step, the proper solution if it can be made to work, is to write
functions that use TRANS2_SET_PATH_INFO instead.
(This used to be commit bab0bf7f4f)
1. using smbc_getxattr() et al, one may now request all access control
entities in the ACL without getting all other NT attributes.
2. added the ability to exclude specified attributes from the result set
provided by smbc_getxattr() et al, when requesting all attributes,
all NT attributes, or all DOS attributes.
3. eliminated all compiler warnings, including when --enable-developer
compiler flags are in use. removed -Wcast-qual flag from list, as that
is specifically to force warnings in the case of casting away qualifiers.
Note: In the process of eliminating compiler warnings, a few nasties were
discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces
are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED
kerberos interfaces are being used. Someone who knows kerberos
should look at these and determine if there is an alternate method
of accomplishing the task.
(This used to be commit 994694f7f2)
Sharpe.
Users my run this script after they have vampired a windows domain
controller to verify their system has no double sids, double uids, etc.
Guenther
(This used to be commit 31bd709a41)
Added to samba3 due to some header and machine-account dependencies,
although it's possibly of more interest to samba4 developers.
adssearch.pl is a kind of ldapsearch + dump-filters for various
ADS-attributes. It can also register asynchronous change notifications.
./adssearch.pl -h w2k3host -D administrator@MY.REALM.NET -x -w mypass -n
and *any* change in your entire DIT will show up immediately (after a
second change of an object even as object diff). It's very interesting
to see the interaction of GPOs, the various steps of account
modification with dsa.msc, etc.
Gracefully ignore some parts of adssearch.pl that are rather immature...
Guenther
(This used to be commit fd947b5ee0)
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.
Guenther
(This used to be commit 75af83dfcd)
the latest version in the actual release tarballs.
Have spoken to the idealx developers about this.
Updated README to reflect the changte for people using svn.
Removed ldapsync.pl since it is no longer needed when using
the smbldap-tools (only keep things you support).
(This used to be commit f745e5119f)
trivial fix for autoconf and autoheader versions with a
letter in the version string. This happens in our current beta named
distribution tree.
trivial patch to fix the build with the upcoming libtool
version. It will be mandatory to use --mode while using libtool.
(This used to be commit 80d591f8cc)
