IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Instead of trying to do this in the winbindd_cache
entries, add a timed even handler to probe every
5 mins when disconnected.
Fix events to run all pending events, rather than
only one.
Jeremy.
(This used to be commit 7bfbe1b4fb9a91c6678035f220bbf0b4f5afdcac)
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
environment.
Patch from Robert O'Callahan, modified with some fixes
by me.
Jeremy.
(This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3)
This patch add some missing async functions to
solve UID/GID -> SID requests not just out of the cache,
but down the remote idmap if necessary.
This patch solves the problem of servers not showing users/groups names
for allocated UID/GIDs when joined to a group of servers that share a
prepopulated idmap backend.
Also correctly resolve UID/GIDs to SIDs when looking ACLs from the
windows security tab on teh same situation.
Simo.
(This used to be commit b8578bfab6a04fcd65a2e65f507067459e326077)
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
has the linear posix locking issue which causes
CLEAR_IF_FIRST to cause performance problems.
As we know we're in a daemon architecture with
long-lived parent we can avoid this in the Samba
case. Add a comment explaining this.
Jeremy.
(This used to be commit 3cd5c3df0d1b98dfa90663973ab13b5d3dbf737e)
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes'
* Add a SID domain to the group mapping enumeration passdb call
to fix the checks for local and builtin groups. The SID can be
NULL if you want the old semantics for internal maintenance.
I only updated the tdb group mapping code.
* remove any group mapping from the tdb that have a
gid of -1 for better consistency with pdb_ldap.c.
The fixes the problem with calling add_group_map() in
the tdb code for unmapped groups which might have had
a record present.
* Ensure that we distinguish between groups in the
BUILTIN and local machine domains via getgrnam()
Other wise BUILTIN\Administrators & SERVER\Administrators
would resolve to the same gid.
* Doesn't strip the global_sam_name() from groups in the
local machine's domain (this is required to work with
'winbind default domain' code)
Still todo.
* Fix fallback Administrators membership for root and domain Admins
if nested groups = no or winbindd is not running
* issues with "su - user -c 'groups'" command
* There are a few outstanding issues with BUILTIN\Users that
Windows apparently tends to assume. I worked around this
presently with a manual group mapping but I do not think
this is a good solution. So I'll probably add some similar
as I did for Administrators.
(This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
in question is still initializing overwrites domain->dcname. Only overwrite if
the parent actually has sent a dcname and thus really knows it. Second,
ntlm_auth needs the error code, not just the fact it failed.
Jerry, the 3_0 part might qualify as a "recommended patch".
Thanks,
Volker
(This used to be commit d79b179b7f9d2efa4f8ee47bfe386e90d8b58322)
It was already gone in trunk anyways.
working on fixing BUG 3000 which does work now but we are flying
without a cache.
(This used to be commit 4936d6d8b28edc59a3d17defcdf255ea6e0ba4e0)
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
parent winbind not to return winbindd_result. This is to hopefully fix all the
problems where a result has been scheduled for write twice.
The problematic ones have been the functions that might have been delayed as
well as under other circumstances immediately gets answered from the cache.
Now a request needs to be explicitly replied to with a request_error() or
request_ok().
Volker
(This used to be commit 7365c9accf98ec1dd78a59dd7f62462bbb8528d4)
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
compilation, but that allows Samba3 to take advantage of pre-compiled
headers in gcc if available.
(This used to be commit b3e024ce1da7c7e24fcacd8a2964dd2e4562ba39)
initialisation code in winbindd_init_common() after the fork when
running in dual daemon mode.
The only tricky bit is we have to run a tdb_reopen_all() somewhere in
the child to avoid tdb corruption.
Fixed bug #60.
(This used to be commit 25e55aca0fe315c2ccf4e34a94107b2321313714)
Fix winbindd dual mode in the same was as in APP_HEAD. "Ken Cross" <kcross@nssolutions.com>
noticed the problem.
Jeremy.
(This used to be commit 8bbcb833317245d7f5b8695e4a5c676f67003937)
a getgr*() function that lists groups without numerating all the
group members. Instead of definiing a new nss method (which might
cause problems) I added an environment variable WINBIND_GETGRLST
that tells winbind not to fill in the group members in a gergrent()
request. This can speed up group listing by a factor of 20 or more
(on my test system with 50000 groups it reduces the time from an hour
to 2 minutes)
(This used to be commit e3f73256d31ab9914daae49f41e984a534996870)
