IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
from win2k AND still use SPNEGO (provided you don't build with kerberos...I
still have to fix that, as we are not properly falling back).
(This used to be commit 1f9b3d46c7c99e84b2983220f79613b7420c5ced)
check for POSIX errors in the blocking lock code as we may have never made
a POSIX call (could have denied lock before POSIX checked).
Jeremy.
(This used to be commit 8403253f277299f566f2931fdec53b6e4ece376e)
which lsaqueryinfo to do based in infoclass. Currently 12 is the only one
that causes a queryinfo2.
(This used to be commit f4ec2d52a7b093da701d68906cce6de197f182be)
additional parm compared to samr connect, but I've only seen 0x00000002
in that field...
(This used to be commit ed2370b91f7f6a36efdf6b65340a5b29a26e7e7a)
Jerry, what's the latest on rebuilding doco from source? I've no idea
whether this actually compiles or not.
(This used to be commit 6a4202a105d36f7d368e6a1d524314ea348be2a9)
future.
This moves us from fstrcpy() and global variables to 'get' and 'set' functions.
In particular, the 'set' function sainity-checks the input, in the same way as
we always have.
Andrew Bartlett
(This used to be commit e57a896f06b16fe7e336e1ae63a0c9e4cc75fd36)
Back out last night's patch to to reduce -l dependencies until we can ensure
that *all* configurations/platforms work...
Andrew Bartlett
(This used to be commit 35eefe7a19b2b684d3ca05a665e9c13e9d17acc3)
dependencies. This benifits packagers (like debian) becouse then our client
code won't have references to 'server only' libraries.
(In particular, it removes the client dependency on CUPS, which was raised in
a debian bug report).
Andrew Bartlett
(This used to be commit d5f2e33b34fe0e67153894b6bf582b7eaca40e7f)
This also makes it a easier to see which paramaters are 'in', and which are
'out'.
Andrew Bartlett
(This used to be commit 122cf648d7f364c68ecb7a576a42e94a954e9e56)
existing connect (which I've been told is really connect2), with one
extra dword. We've only seen 0x00000002 there...
(This used to be commit 266344634944dff30f56453f9d86c490e7ac7a55)
upper cased already.
However, if you created your registry tdb in the very early versions of jerry's
patch, you could find that usrmgr doesn't function. Simply delete the
registry.tdb, it will be recreated on startup.
Andrew Bartlett
(This used to be commit 17136a88c326bf338f948a67c92bb048c5a148af)
unfortuately we don't seem to be able to auto-test the ADS join due to
a rather nasty property of the GSSAPI library.
(This used to be commit 87c34a974a91e940bd26078a68dd84f4341d6913)
setups.
- split up the ads structure into logical pieces. This makes it much
easier to keep things like the authentication realm and the server
realm separate (they can be different).
- allow ads callers to specify that no sasl bind should be performed
(used by "net ads info" for example)
- fix an error with handing ADS_ERROR_SYSTEM() when errno is 0
- completely rewrote the code for finding the LDAP server. Now try DNS
methods first, and try all DNS servers returned from the SRV DNS
query, sorted by closeness to our interfaces (using the same sort code
as we use in replies from WINS servers). This allows us to cope with
ADS DCs that are down, and ensures we don't pick one that is on the
other side of the country unless absolutely necessary.
- recognise dnsRecords as binary when displaying them
- cope with the realm not being configured in smb.conf (work it out
from the LDAP server)
- look at the trustDirection when looking up trusted domains and don't
include trusts that trust our domains but we don't trust
theirs.
- use LDAP to query the alternate (netbios) name for a realm, and make
sure that both and long and short forms of the name are accepted by
winbindd. Use the short form by default for listing users/groups.
- rescan the list of trusted domains every 5 minutes in case new trust
relationships are added while winbindd is running
- include transient trust relationships (ie. C trusts B, B trusts A,
so C trusts A) in winbindd.
- don't do a gratuituous node status lookup when finding an ADS DC (we
don't need it and it could fail)
- remove unused sid_to_distinguished_name function
- make sure we find the allternate name of our primary domain when
operating with a netbiosless ADS DC (using LDAP to do the lookup)
- fixed the rpc trusted domain enumeration to support up to approx
2000 trusted domains (the old limit was 3)
- use the IP for the remote_machine (%m) macro when the client doesn't
supply us with a name via a netbios session request (eg. port 445)
- if the client uses SPNEGO then use the machine name from the SPNEGO
auth packet for remote_machine (%m) macro
- add new 'net ads workgroup' command to find the netbios workgroup
name for a realm
(This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
