IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The challenge here is that we are asked not to add the domain groups
again, but we need to search inside them for any aliases that we need
to add. So, we can't short-circuit the operation just because we found
the domain group.
Andrew Bartlett
This allows us to control what groups should be added in what use
cases, and in particular to more carefully control the introduction of
the 'authenticated' group.
In particular, in the 'service_named_pipe' protocol, we do not have
control over the addition of the authenticated users group, so we key
of 'is this user the anonymous SID'.
This also takes more care to allocate the right length ptoken->sids
Andrew Bartlett
This creates a new interface to the auth subsystem, to allow an
auth_context to be created from the ldb, and then tokenGroups to be
calculated in the same way that the auth subsystem would.
Andrew Bartlett
We also compare against SamLogon to try and validate the whole thing.
Note that we must represent NULL as "" when comparing between the PAC
and SamLogon, due to different marshalling of the structures.
Andrew Bartlett
The group list in the PAC does not include 'enterprise DCs' and
BUILTIN groups, so we should generate it on each server, not in the
list we pass around in the PAC or SamLogon reply.
Andrew Bartlett
I would love for notify.idl to be shared between Samba4 and Samba3
some day, and this seems to be the point at which the structure is
initialised.
Andrew Bartlett
We perhaps need a more general API here, but for now extend the
credentials API to return the password last changed time that the
s3compat layer will need.
Andrew Bartlett
This allows for the rare case where the caller knows the target
principal. The check for lp_client_use_spnego_principal() is moved to
the spengo code to make this work.
Andrew Bartlett
By making the winbindd_request and winbindd_response structures
pointers, we can more easily integrate with the winbindd from
source3/winbindd
Andrew Bartlett
multiple event contexts
It is NEVER valid to free an event context that anybody else may have
a reference to, and never normally valid to have two 'live' at once.
We must instead call tevent_re_initialise() to wipe clean an existing
pointer.
Andrew Bartlett
This will fork off exactly one child to handle some task, ensuring
that if it dies or changes global state, that this does not change
everything.
Andrew Bartlett
I would love for notify.idl to be shared between Samba4 and Samba3
some day, and this seems to be the point at which the structure is
initialised.
Andrew Bartlett
