sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code
18,413 Commits 60 Branches 1,146 Tags
Commit Graph

253 Commits

Author SHA1 Message Date
Gerald Carter
939c3cb5d7 r10656: BIG merge from trunk. Features not copied over 
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
 2007-10-10 11:04:48 -05:00
Jeremy Allison
9506b8e145 r7882: Looks like a large patch - but what it actually does is make Samba 
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
 2007-10-10 10:58:00 -05:00
Volker Lendecke
5b4720598b r7730: Some merges 2007-10-10 10:57:20 -05:00
Volker Lendecke
6af57d4bae r6774: Fix 2 memleaks 2007-10-10 10:56:54 -05:00
Gerald Carter
e84d070275 r5951: gotta love that SGI compiler :-) (thanks Jason) 2007-10-10 10:56:10 -05:00
Volker Lendecke
a7df3b5f06 r5421: Fix a memleak 2007-10-10 10:55:40 -05:00
Günther Deschner
fdf9bdbbac r5349: After talking with Jerry, reverted the addition of account policies to 
passdb in 3_0 (they are still in trunk).

Guenther
 2007-10-10 10:55:38 -05:00
Gerald Carter
a882a349df r5337: BUG 1439: make sure to initialize pointer to prevent invalide free()'s on exit 2007-10-10 10:55:38 -05:00
Günther Deschner
168ddf31d1 r5058: Due to the fragileness how windows reacts on unmapped sids sometimes, 
don't leave administator-sid unmapped. Simply return "Administrator"

Guenther
 2007-10-10 10:55:13 -05:00
Günther Deschner
4cbe37ecd5 r4988: After speaking with Jerry, remove old lp_admin_users to 
administrator-sid mapping completely.

Guenther
 2007-10-10 10:55:10 -05:00
Günther Deschner
d319c0e189 r4964: Fix our lsa lookupsid $OURDOMAINSID-500. 
Give the admin-user (rid 500) a chance to be found in passdb, not
returning the (possibly obscure) first entry of "admin users" before
that.

Guenther
 2007-10-10 10:55:09 -05:00
Günther Deschner
75af83dfcd r4925: Migrate Account Policies to passdb (esp. replicating ldapsam). 
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.

Guenther
 2007-10-10 10:55:08 -05:00
Gerald Carter
504ea4ac68 r4860: fix silly limitation in ldapsam and tdbsam. Expand variables in the profile path, logon home and logon script values 2007-10-10 10:54:00 -05:00
Jeremy Allison
620f2e608f r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation 
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
 2007-10-10 10:53:32 -05:00
Günther Deschner
bb191c1098 r3875: Allow to look up at least or own sid in _lsa_lookup_sids. 
This fixes Bugzilla #1076 and Exchange 5.5 SP4 can then be finally
installed on NT4 in a samba-controlled domain.

Guenther
 2007-10-10 10:53:22 -05:00
Volker Lendecke
3298f6105e r3563: During a typical logon a modern workstation makes a lot of anonymous session 
setups on its way to open a pipe. This gets rid of many round-trips to the
LDAP server during logon by setting up the server_info_guest once and not
asking the LDAP server and nss every time. Make sure that the ldap connection
is reopened in the child. (I did not look at the sql backends.)

Volker
 2007-10-10 10:53:09 -05:00
Volker Lendecke
67d8bc4853 r1906: Revert lukeh's change for primary uid/gid change. This creates a recursion 
loop between uid_to_sid -> getsampwnam -> uid_to_sid. It needs further
inspection.

Volker
 2007-10-10 10:52:23 -05:00
Jeremy Allison
dae084d713 r1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly use 
uid_to_sid() and gid_to_sid() in pdb_set_sam_sids().
Jeremy.
 2007-10-10 10:52:22 -05:00
Jeremy Allison
f44b4ba381 r1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" as 
that's what it actually does, and "fallback_" is just
confusing.
Jeremy.
 2007-10-10 10:52:22 -05:00
Jeremy Allison
dac72638fb r1810: Patch from Richard Renard <rrenard@idealx.com> to store 
logon hours attributes in an LDAP database.
Jeremy.
 2007-10-10 10:52:21 -05:00
Jeremy Allison
82e4036aaa r1661: Changed the password history format so that each history entry 
consists of a 16 byte salt, followed by the 16 byte MD5 hash of
the concatination of the salt plus the NThash of the historical
password. Allows these to be exposed in LDAP without security issues.
Jeremy.
 2007-10-10 10:52:17 -05:00
Jeremy Allison
14bd2a9ffc r1539: If a account was locked out by an admin (and has a bad password count of zero) 
leave it locked out until an admin unlocks it (but log a message).
Jeremy.
 2007-10-10 10:52:14 -05:00
Jeremy Allison
8ee6060977 r1412: Fix password history list in tdbsam. Fix some memory leaks. Add 
my (C) to a header file that was at least 50% mine :-).
Jeremy.
 2007-10-10 10:52:10 -05:00
Jeremy Allison
ac846420d0 r1392: Added password history code to tdbsam backend. Not yet tested (ie. may 
core dump) but compiles and links correctly. I will run the full set of
tests on the ldap sam and the tdb sam for password history tomorrow.
Jeremy.
 2007-10-10 10:52:09 -05:00
Volker Lendecke
5070c1b68f r989: Calling sid_to_gid from within winbind makes no sense, as this calls 
winbind_sid_to_gid. For the consistency check, local_sid_to_gid must set the
name_type it found.

Volker
 2007-10-10 10:51:52 -05:00
Jeremy Allison
d97b9146a1 r801: Fix from "Jianliang Lu" <j.lu@tiesse.com> to return correct group 
types.
Jeremy.
 2007-10-10 10:51:46 -05:00
Richard Sharpe
5d7ee320cc r505: Break out algorithmic_gid_to_sid so that those of us who need it can use it. 2007-10-10 10:51:26 -05:00
Richard Sharpe
b1825184d3 r501: Fix a small cut-n-pasteo ... 2007-10-10 10:51:26 -05:00
Volker Lendecke
f35e353454 r316: Fix split_domain_name. This defaulted to get_myname() instead of 
get_global_sam_name().

Error case: Adding a domain user to a XP local group did a lsalookupname on
the user without domain prefix, and this then failed.

Jerry: This is a must-fix before 3.0.3.

Volker
 2007-10-10 10:51:18 -05:00
Volker Lendecke
aa220cffa7 Apply some const -
Jim McDonough
84fe24e64e handle both 0 and -1 as disabling reset count and lockout duration -
Jim McDonough
9a79f9fbcb Clean up bad pw count and autolock flag update fn()s -
Jim McDonough
600fcd534b Add bad pw count and autolock flag update fn()s -
Jim McDonough
557f598c63 Add functions to get/set bad password time -
Jim McDonough
730c07cac2 Move tdbsam versioning/upgrade code into 3.0 -
Jim McDonough
1976843345 More sync between passdb on 3.0 and HEAD. 
Replace unknown_3 with fields_present.  Also causes rpc_samr structure field changes.
 -
Jim McDonough
7b40f6c464 Start of merging HEAD changes. Right now, just move one fn() to eliminate 
the prototype at the beginning, and change some comments so diffs to HEAD
aren't filled with useless info.
 -
Volker Lendecke
6c78a096a5 And another build fix. 
Volker
 -
Volker Lendecke
38c9b775ce Fix the build & get rid of a compiler warning. 
Volker
 -
Andrew Bartlett
01be89eb43 Add static, and assert that we will never overflow the static fstring 
in pdb_encode_acct_ctrl()  (All current callers are fine)

Andrew Bartlett
 -
Rafal Szczesniak
5d7f81eea2 Typo fix. 
rafal
 -
Andrew Bartlett
f9e59f8bc0 JHT came up with a nasty (broken) torture case in preparing examples for 
his book.

This prompted me to look at the code that reads the unix group list.  This
code did a lot of name -> uid -> name -> sid translations, which caused
problems.  Instead, we now do just name->sid

I also cleaned up some interfaces, and client tools.

Andrew Bartlett
 -
Alexander Bokovoy
ac7a60abf2 Fix uninitialized variable in passdb code. Reported by Andy Polyakov <appro@fy.chalmers.se> -
Gerald Carter
9359a6ea80 more group lookup access fixes on the neverending bug 281 -
Gerald Carter
68283407e0 more access fixes for group enumeration in LDAP; bug 281 -
Gerald Carter
a7685a0697 * make sure we only enumerate group mapping entries 
(not /etc/group) even when doing local aliases

* remove "hide local users" parameter; we have this
  behavior built into 3.0
 -
Andrew Bartlett
dfd6bef580 Match Samba 2.2, and make ACB_NORMAL the default ACB value. 
(Samba 2.2 did this in the LDAP code, but it fits better as a generic thing)

Andrew Bartlett
 -
Jeremy Allison
8996c51770 Typo in error message. 
Jeremy.
 -
Jeremy Allison
cd7bd8c2da The "unknown_5" 32 bit field in the user structs is actually 2 16-bit 
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
 -
Jeremy Allison
82f98b066d Oops. Proper fix for #470. 
Jeremy.
 -