IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This cases upgraded domains to have a too-long password expiry, which in extreme
cases can cause the KDC to misfunction.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun May 6 14:49:39 CEST 2012 on sn-devel-104
While this setting is not the default in Samba3, any domain that is
in a suitable condition to upgrade to Samba4 should already be in the
layout that ldapsam:trusted uses. It can be turned off by setting
ldapsam:trusted=false in the smb.conf.
Many upgrades to Samba4 happen on a different host to the old Samba3 domain
and this avoids the need to configure nss_ldap only for the duration of
the upgrade.
Andrew Bartlett
This fixes an issue where some group types were not upgraded, as we
did not upgrade alias memberships.
It also uses enum_group_memberships() to try and find the memberships
from the other direction, by asking which groups a user is a member
of. As Samba3 (and NT4) does not implement nested groups, this should
be safe.
Andrew Bartlett
This gives more information on why a group membership lookup failed.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Apr 24 04:34:44 CEST 2012 on sn-devel-104
Uninitialized gid value is set to -1 and return as such from python
passdb api.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Nov 18 06:18:33 CET 2011 on sn-devel-104
The things pointed at are not typically in a directory called lib,
so avoid confusing our administrators.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Oct 19 15:43:04 CEST 2011 on sn-devel-104
This previously caused all accounts to be locked out.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Sep 7 13:44:44 CEST 2011 on sn-devel-104
Real world databass have the wrong account flags (U and W at the same time) and have the wrong
group type in group mapping databases. Cope with these.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Sep 5 04:58:09 CEST 2011 on sn-devel-104
The eadb flag tells us to avoid using system extended attributes, typcially if we
are not running as root (ie, in a test environment).
The ProvisioningError class allows us to return failures to the upgrade_from_s3 script
which can then be detected correctly by the selftest framework.
Andrew Bartlett
Some incorrect LDAP backends have entries with this group type, but
due to the pdb_ldap code, we cannot read the group members, and we
already skip them in add_group_from_mapping_entry().
Andrew Bartlett
upgrade_from_s3 script now requires samba3 configuration file and target
directory for samba4 database. In addition, it either uses --libdir option
or --testparm option to correctly guess the paths for samba3 databases
(private dir and state directory).
Usage: upgrade_from_s3 [options] <configuration_file> <targetdir>
Input arguments are:
<configuration_file> - path to existing smb.conf
<targetdir> - directory in which samba4 database will be created
In addition, specify either samba3 database directory (with --libdir) or
samba3 testparm utility (with --testparm).
Before using passdb interface, initialize s3 loadparm context using
correct path settings for private dir and state directory.
Export account policy from s3 to s4.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
In the upgrade process, set the administrator password from the
existing root or administrator account.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Need to copy the password from s3 for administrator/root to s4.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Added users/groups import from s3 using python wrapper for passdb.
Fix idmap entries for users/groups when migrating from s3 idmap.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This will allow an upgraded DC to keep its SID, while being upgraded
to AD. We also watch for the highest RID in the existing DB to set
next_rid for other additional users.
Andrew Bartlett