sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-06 08:23:50 +03:00
Code Activity
137,430 Commits 64 Branches 1,177 Tags
faba757175fdd56c6a489f76becde7e5f71694e3
Commit Graph

109 Commits

Author SHA1 Message Date
Rob van der Linde
93f4be1647 netcmd: docs: update documentation for new auth policy command structure 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
2af65446cf netcmd: docs: add section headings for auth policies and silos 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
7fbe515609 netcmd: docs: consistently put <constant> around GROUP and SILO 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
4e1d12835f netcmd: docs: --user-allowed-to-authenticate-from-device-group was missing 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
26feb09fd1 netcmd: docs: --user-allowed-to-authenticate-from-device-silo missing "device" 
Make it consistent with --service-allowed-to-authenticate-from-device-silo by adding =SILO

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
a7edd5b536 netcmd: docs: add documentation for service-account group-msa-membership commands 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Rob van der Linde
03a6740a90 netcmd: docs: add documentation for service-account base command 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-28 01:50:41 +00:00
Jule Anger
055b4cd50f samba-tool: add "samba-tool user list --locked-only" 
Signed-off-by: Jule Anger <janger@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-03-12 09:49:31 +00:00
Andrew Bartlett
8eadc19f35 python/netcmd: Add "samba-tool user get-kerberos-ticket" to get a ticket for a gMSA 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2023-12-21 02:05:38 +00:00
Rob van der Linde
83e36d97c9 netcmd: add shell command 
A simple samba-tool shell, can be quite useful to play around with the ldb database and models.

All models get imported and the samdb connection variable made available.

Example usage:

    bin/samba-tool shell -H <host> --workgroup <workgroup> --realm <realm>

>>> silos = AuthenticationSilo.query(ldb)
>>> for silo in silos:
...     print(silo)
...

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 15 03:51:55 UTC 2023 on atb-devel-224
 2023-12-15 03:51:55 +00:00
Joseph Sutton
5571116ba0 docs-xml: Add missing closing parenthesis 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-11-30 00:02:33 +00:00
Andrew Bartlett
828d534c47 docs-xml: Improve and consolidate "samba-tool domain auth policy create/modify" docs 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-27 03:08:28 +00:00
Rob van der Linde
1e00952c34 netcmd: auth policy: document allowed to authenticate from silo and to by silo attributes 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-11-22 23:35:33 +00:00
Rob van der Linde
b6661e77de netcmd: docs: update docs for silo member grant + revoke 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 15 05:00:58 UTC 2023 on atb-devel-224
 2023-11-15 05:00:58 +00:00
Rob van der Linde
172f55fb0e netcmd: docs: document samba-tool user auth silo and policy commands 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-11-15 04:05:34 +00:00
Rob van der Linde
156887c6d0 netcmd: silo command uses more consistent naming for tgt args 
The args --user-tgt-lifetime-mins, --service-tgt-lifetime-mins and
--computer-tgt-lifetime-mins suffixed with -mins to be consistent
with Windows tooling.

For these, the internal names don't need to change and neither do
the model fields, only the external cli interface has this.

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-10-26 23:32:34 +00:00
Rob van der Linde
15fb8a5f2e netcmd: silo command uses more consistent naming for policy args 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-10-26 23:32:34 +00:00
Rob van der Linde
c22400fd8e netcmd: silo command remove combined --policy which set all 3 
doesn't make much sense to set all 3 to the same policy, user authentication policy, service authentication policy, computer authentication policy

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-10-26 23:32:34 +00:00
Rob van der Linde
6af1a71752 netcmd: auth: manpage documentation for conditional ace fields 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-09-29 02:18:34 +00:00
Joseph Sutton
f6ff6f7cdf docs-xml: Fix spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-09-11 02:42:41 +00:00
Rob van der Linde
bb6fecd9ac netcmd: sites: add sites and subnet list and view commands to manpage 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 19 04:29:15 UTC 2023 on atb-devel-224
 2023-07-19 04:29:15 +00:00
Rob van der Linde
7f7d68573c netcmd: sites: add missing subnet commands to samba-tool manpage 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2023-07-19 03:31:30 +00:00
Rob van der Linde
d7b0468568 netcmd: domain: man page updates for auth silo and policy cli 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-25 23:29:32 +00:00
Joseph Sutton
0743e11d46 samba-tool: Fix typo 
Found by Rob van der Linde <rob@catalyst.net.nz>.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-14 22:57:35 +00:00
Rob van der Linde
619caa1ba4 docs: update manpage for samba-tool 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 31 08:25:11 UTC 2023 on atb-devel-224
 2023-03-31 08:25:11 +00:00
Stefan Metzmacher
d1999c152a CVE-2022-37966 samba-tool: add 'domain trust modify' command 
For now it only allows the admin to modify
the msDS-SupportedEncryptionTypes values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2022-12-13 13:07:30 +00:00
Nikola Radovanovic
6a5d03e2f7 samba-tool: Use authentication file to pass credentials 
In order not to pass credentials in clear-text directly over command line, this is a patch to store username/password/domain in a file and use it during domain join for example.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15031

Signed-off-by: Nikola Radovanovic <radovanovic.extern@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2022-10-04 02:48:37 +00:00
Christian Merten
42b88992bd samba-tool dsacl: Add get and delete subcommand to samba-tool dsacl man section 
Added get and delete subcommands to the man section of samba-tool dsacl.

Signed-off-by: Christian Merten <christian@merten.dev>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2022-09-27 16:46:35 +00:00
Douglas Bagnall
dad0c9a52e docs/man/samba-tool explain --color 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2022-09-19 06:10:36 +00:00
Andreas Schneider
fad6786e74 docs-xml: Update samba-tool manpage for option parser changes 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2021-06-20 23:26:32 +00:00
David Mulder
f1a72fc63d samba-tool: Add a gpo command for removing VGP Host Access Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 18 20:02:50 UTC 2021 on sn-devel-184
 2021-03-18 20:02:50 +00:00
David Mulder
482046c56b samba-tool: Add a gpo command for adding VGP Host Access Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-03-18 18:50:28 +00:00
David Mulder
3f3c2b5b33 samba-tool: Add a gpo command for listing VGP Host Access Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-03-18 18:50:28 +00:00
David Mulder
77f96a3079 samba-tool: Add a gpo command for setting VGP Issue Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar  8 20:57:50 UTC 2021 on sn-devel-184
 2021-03-08 20:57:50 +00:00
David Mulder
0f5af87fbf samba-tool: Add a gpo command for listing VGP Issue Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-03-08 19:45:30 +00:00
David Mulder
5046912ceb samba-tool: Add a gpo command for setting VGP MOTD Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-03-08 19:45:30 +00:00
David Mulder
0fbc5e5414 samba-tool: Add a gpo command for listing VGP MOTD Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-03-08 19:45:30 +00:00
David Mulder
85d2406826 samba-tool: Add a gpo command for removing VGP Startup Scripts Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 24 22:01:08 UTC 2021 on sn-devel-184
 2021-02-24 22:01:08 +00:00
David Mulder
e5efe17246 samba-tool: Add a gpo command for adding VGP Startup Scripts Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-24 20:51:30 +00:00
David Mulder
d22196117c samba-tool: Add a gpo command for listing VGP Startup Scripts Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-24 20:51:30 +00:00
David Mulder
09a8f409e5 samba-tool: Replace gpo command for removing Sudoers Group Policy 
Replace it with the VGP command for removing
sudoers entries from an xml file.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Feb 14 00:53:41 UTC 2021 on sn-devel-184
 2021-02-14 00:53:41 +00:00
David Mulder
30e0ba2ed8 samba-tool: Replace gpo command for adding Sudoers Group Policy 
Replace it with the VGP command for adding
sudoers entries in an xml file.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-13 23:50:36 +00:00
David Mulder
777173923c samba-tool: Replace gpo command for listing Sudoers Group Policy 
Replace it with the VGP command for listing
sudoers entries in an xml file.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-13 23:50:36 +00:00
David Mulder
d052968260 samba-tool: Add a gpo command for setting VGP OpenSSH Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb  9 21:24:14 UTC 2021 on sn-devel-184
 2021-02-09 21:24:14 +00:00
David Mulder
61394e5dd1 samba-tool: Test gpo manage openssh list command 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-09 20:22:36 +00:00
David Mulder
d6f9172c92 samba-tool: Add a gpo command for removing VGP Files Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Feb  8 23:36:57 UTC 2021 on sn-devel-184
 2021-02-08 23:36:57 +00:00
David Mulder
6334307ae7 samba-tool: Add a gpo command for adding VGP Files Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-08 22:33:14 +00:00
David Mulder
a786e30fda samba-tool: Add a gpo command for listing VGP Files Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-02-08 22:33:14 +00:00
David Mulder
709a6d6491 samba-tool: Add a gpo command for removing VGP Symbolic Link Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 27 07:32:03 UTC 2021 on sn-devel-184
 2021-01-27 07:32:03 +00:00
David Mulder
3fc89829a9 samba-tool: Add a gpo command for adding VGP Symbolic Link Group Policy 
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2021-01-27 06:30:31 +00:00