sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
670668f4c1
samba-mirror/source3/utils
History
Noel Power 0af66455ef s3:libads: 'net ads keytab create' shouldn't write SPN(s) 
Modify default behaviour of 'net ads keytab create'

The change modifies the behaviour of 'net ads keytab create' such
that only the keytab file is modified. The current behaviour doesn't
make sense, existing SPN(s) pulled from the computer AD object have
the format 'serviceclass/host:port/servicename'.
'ads_keytab_create_default' calls ads_keytab_add_entry passing
'serviceclass' for each SPN retrieved from the AD. For each
serviceclass passed in a new pair of SPN(s) is generated as follows
    i) long form 'param/full_qualified_dns'
   ii) short form 'param/netbios_name'

This doesn't make sense as we are creating a new SPN(s) from an existing
one probably replacing the existing host with the 'client' machine.

If the keytab file exists then additionally each kerberos principal in the
keytab file is parsed to strip out the primary, then 'ads_keytab_add_entry'
is called which then tries by default to generate a SPN from any primary
that doesn't end in '$'. By default those SPNs are then added to the AD
computer account for the client running the command.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:15 +01:00
..
dbwrap_tool.c dbwrap: Remove dbwrap_watchers.tdb based code 2016-07-15 20:43:16 +02:00
dbwrap_torture.c lib: load_case_tables() -> smb_init_locale() 2015-03-24 00:00:20 +01:00
debug2html.c
debugparse.c
eventlogadm.c s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
interact.c
interact.h
log2pcaphex.c s3:utils:log2pcaphex: fix O3 error uninitialized variable 2016-05-13 00:16:16 +02:00
mvxattr.c s3/util: mvxattr, a tool to rename extended attributes 2017-02-10 22:24:59 +01:00
net_ads_gpo.c s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
net_ads.c s3:libads: 'net ads keytab create' shouldn't write SPN(s) 2018-03-02 14:07:15 +01:00
net_afs.c waf: fixup build with fake kaserver enabled 2014-06-04 20:09:39 +02:00
net_afs.h
net_cache.c net: Parse namemap_cache in "net cache list" 2017-11-29 16:59:16 +01:00
net_conf_util.c net conf: fix error message 2016-11-23 13:00:21 +01:00
net_conf_util.h
net_conf.c s3:utils: Add FALL_THROUGH statements in net_conf.c 2018-03-01 04:37:42 +01:00
net_dns.c s3:utils/net: Add new option 'unregister' in 'net ads dns' command. 2016-06-27 20:43:26 +02:00
net_dns.h s3:utils/net: Add new option 'unregister' in 'net ads dns' command. 2016-06-27 20:43:26 +02:00
net_dom.c werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/utils/ 2016-09-28 00:04:32 +02:00
net_eventlog.c
net_file.c
net_g_lock.c lib: Make g_lock_locks use TDB_DATA 2018-02-08 14:50:49 +01:00
net_group.c
net_groupmap.c net: groupmap cleanup should not delete BUILTIN mappings 2017-10-02 15:17:00 +02:00
net_help_common.c
net_help_common.h
net_help.c
net_idmap_check.c s3:utils: add debug functions instead of magic format strings in net_idmap_check.c 2014-11-25 07:25:45 +01:00
net_idmap_check.h
net_idmap.c net_idmap: don't leak state_path onto talloc tos 2014-11-03 23:46:04 +01:00
net_join.c
net_lookup.c net: Slightly simplify net_lookup_dsgetdcname() 2018-02-13 16:42:22 +01:00
net_notify.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
net_printing.c s3-net: Cleanup the code of printing migration 2016-05-18 23:00:35 +02:00
net_proto.h s3:utils: add new 'net ads setspn list' subcommand 2018-03-02 14:07:14 +01:00
net_rap.c Convert all uint32/16/8 to _t in a grab-bag of remaining files. 2015-05-14 22:16:56 +02:00
net_registry_check.c s3:utils: Add FALL_THROUGH statements in net_registry_check.c 2018-03-01 04:37:43 +01:00
net_registry_check.h
net_registry_util.c werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source3/utils/ 2016-09-28 00:04:23 +02:00
net_registry_util.h
net_registry.c lib: Make g_lock_do use TDB_DATA 2018-02-08 10:01:50 +01:00
net_rpc_audit.c
net_rpc_conf.c s3:utils: Add FALL_THROUGH statements in net_rpc_conf.c 2018-03-01 04:37:42 +01:00
net_rpc_printer.c s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
net_rpc_registry.c Correct "descriptior" typos. 2017-02-22 08:26:22 +01:00
net_rpc_rights.c net: Don't crash if lsa_LookupPrivDisplayName returns NULL 2017-03-23 07:43:57 +01:00
net_rpc_samsync.c net: Don't depend on libnet_samsync anymore 2017-09-20 22:48:15 +02:00
net_rpc_service.c werror: replace WERR_GENERAL_FAILURE with WERR_GEN_FAILURE in source3/utils/ 2016-09-28 00:04:21 +02:00
net_rpc_sh_acct.c
net_rpc_shell.c
net_rpc_trust.c s3:net_rpc_trust: make use of trust_pw_new_value() 2017-02-21 16:09:22 +01:00
net_rpc.c net: Remove NT4-based rpc vampire ldif 2017-09-20 22:48:15 +02:00
net_sam.c s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
net_serverid.c net: Remove "net serverid list" 2017-12-05 00:56:12 +01:00
net_share.c
net_status.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
net_tdb.c net: Add net tdb command to print information from tdb records 2017-05-08 21:08:23 +02:00
net_time.c utils: Fix 'net time' segfault. 2015-01-19 06:48:05 +01:00
net_user.c
net_usershare.c s3: utils: net. Fix return paths that don't free talloc stackframe. 2017-11-21 05:03:16 +01:00
net_util.c s3:utils: Use cli_cm_force_encryption() instead of cli_force_encryption() 2016-12-19 13:41:15 +01:00
net.c net: make use of secrets_*_password_change() for "net changesecretpw" 2017-06-27 16:57:46 +02:00
net.h net: add option --no-dns-updates for net ads join 2015-09-09 21:34:15 +02:00
netlookup.c
nmblookup.c lib: load_case_tables() -> smb_init_locale() 2015-03-24 00:00:20 +01:00
ntlm_auth_diagnostics.c ntlm_auth3: let contact_winbind_auth_crap() return pauthoritative 2017-03-24 11:57:09 +01:00
ntlm_auth_proto.h ntlm_auth3: let contact_winbind_auth_crap() return pauthoritative 2017-03-24 11:57:09 +01:00
ntlm_auth.c s3:utils: Add FALL_THROUGH statements in ntlm_auth.c 2018-03-01 04:37:43 +01:00
ntlm_auth.h
passwd_proto.h
passwd_util.c s3: smbpasswd - fix crashes on invalid input. 2013-12-16 15:17:58 +01:00
pdbedit.c Add --set-nt-hash option to pdbedit to update user password from nt-hash hexstring. 2015-11-30 03:49:25 +01:00
profiles.c lib: load_case_tables() -> smb_init_locale() 2015-03-24 00:00:20 +01:00
regedit_dialog.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_dialog.h regedit: Fix format-nonliteral warning 2016-08-24 01:33:50 +02:00
regedit_hexedit.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_hexedit.h regedit: handle del and backspace in hexeditor 2014-10-01 14:32:10 +02:00
regedit_list.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_list.h regedit: handle pgup/pgdn/home/end keys on lists 2014-10-01 14:32:10 +02:00
regedit_samba3.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_treeview.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_treeview.h regedit: find previous items 2014-10-01 14:32:09 +02:00
regedit_valuelist.c werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/ 2016-09-28 00:04:19 +02:00
regedit_valuelist.h regedit: search values and repeat search from cursor positions 2014-10-01 14:32:09 +02:00
regedit_wrap.c s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
regedit.c s3:utils: Add FALL_THROUGH statements in regedit.c 2018-03-01 04:37:42 +01:00
regedit.h s3: utils: Convert all uses of uint32/16/8 to _t. 2015-05-07 04:53:39 +02:00
sharesec.c sharesec: Use non-numerical output for sharesec 2015-06-17 10:47:11 +02:00
smbcacls.c smbcacls: no need to fetch the sd when changing ownership 2017-10-07 00:04:54 +02:00
smbcontrol.c winbindd: Remove "DUMP_EVENT_LIST" message 2018-02-26 22:30:14 +01:00
smbcquotas.c s3: client tools: Call popt_free_cmdline_auth_info() on all normal exits. 2017-05-09 09:56:09 +02:00
smbfilter.c source3/utils/smbfilter.c set socket close on exec 2017-12-18 04:38:20 +01:00
smbget.c s3-util: Fix asking for username and password in smbget. 2016-08-26 04:22:27 +02:00
smbpasswd.c s3:utils: Remove pointless if-clause for remote_machine 2017-08-23 13:16:20 +02:00
smbtree.c s3: client tools: Call popt_free_cmdline_auth_info() on all normal exits. 2017-05-09 09:56:09 +02:00
split_tokens.c lib: load_case_tables() -> smb_init_locale() 2015-03-24 00:00:20 +01:00
status_profile_dummy.c s3:smbprofile: Make "status_profile.h" a proper header 2014-11-19 20:51:37 +01:00
status_profile.c s3:utils: Fix buffer size for snprintf and format string 2017-08-09 13:37:47 +02:00
status_profile.h s3:smbprofile: Make "status_profile.h" a proper header 2014-11-19 20:51:37 +01:00
status.c smbd: Pass "file_id" through share_entry_forall 2018-02-13 00:26:43 +01:00
testparm.c s3:utils: Do not report an invalid range for AD DC role 2017-08-23 03:23:55 +02:00
wscript_build gpo: fix the building of gpext to only once 2017-11-20 21:41:14 +01:00