Jeremy Allison [Fri, 11 Feb 2005 02:14:49 +0000 (02:14 +0000)]
r5324: In order to process DELETE_ACCESS correctly and return access denied
to a WXPSP2 client we must do permission checking in userspace first
(this is a race condition but what can you do...). Needed for bugid #2227.
Jeremy.
(This used to be commit
da23577f162b6bdca7d631fca256a9b3b04043e4)
Richard Sharpe [Thu, 10 Feb 2005 18:27:23 +0000 (18:27 +0000)]
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser
that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs.
The printing that there are no groups the user is a member of might be overkill
in that it might upset existing scripts that don't expect that output.
(This used to be commit
d3482e118f99002c0460291d41708fdf7708c41f)
Volker Lendecke [Thu, 10 Feb 2005 17:38:49 +0000 (17:38 +0000)]
r5316: Get 'net afskey' into a subcommand of its own, 'net afs key'.
Implement 'net afs impersonate', generate a token for a specified user. You
obviously need to be root for this operation.
Volker
(This used to be commit
5818b092e6e50d38238b0520329eb8912125c90a)
Volker Lendecke [Thu, 10 Feb 2005 13:36:18 +0000 (13:36 +0000)]
r5314: Some const, and an uninitialized variable fix.
Volker
(This used to be commit
b48a46162d7971be3d44d403a2d62247ef2321f7)
Gerald Carter [Thu, 10 Feb 2005 03:34:25 +0000 (03:34 +0000)]
r5295: fix compile issue with MIT 1.4 due to broken gssapi.h
(This used to be commit
f88f5e12187ed87934ae2cafbf9e9599d4fd7f6c)
Jeremy Allison [Wed, 9 Feb 2005 23:46:14 +0000 (23:46 +0000)]
r5290: Fix for bug #2323 - plaintext problem with WinXP.
Jeremy.
(This used to be commit
3e10c36cb50462d1f220029e8fa64c3b6e554e6c)
Herb Lewis [Wed, 9 Feb 2005 21:23:33 +0000 (21:23 +0000)]
r5287: fix build problem when HAVE_POSIX_ACL not defined
(This used to be commit
2bd0253c11977122b195dc2f685d5367869973fd)
Tim Potter [Tue, 8 Feb 2005 23:17:44 +0000 (23:17 +0000)]
r5283: Merge -r5279 and-r5280 from trunk.
(This used to be commit
74d872287b5cf5b13512091827a9d065f1fef122)
Gerald Carter [Tue, 8 Feb 2005 19:27:18 +0000 (19:27 +0000)]
r5278: BUG 2327: fix compile bug in idmap_rid.c
(This used to be commit
dd55ef25d1b24401a743d0367544e535cd17815c)
Gerald Carter [Mon, 7 Feb 2005 22:42:43 +0000 (22:42 +0000)]
r5272: BUG 2132, 2134: patch from Jason Mader <jason@ncac.gwu.edu> to remove unused variables
(This used to be commit
82c4e2f37f1f4c581cd7c792808c9a81ef80db94)
Gerald Carter [Mon, 7 Feb 2005 22:30:56 +0000 (22:30 +0000)]
r5271: patch from S Murthy Kambhampaty <smk_va@yahoo.com> to add idmap_rid.so to the Fedora and RedHat packaging
(This used to be commit
ba0c711a4386833da7cdf15bfd0f90177eb41bad)
Gerald Carter [Mon, 7 Feb 2005 22:21:49 +0000 (22:21 +0000)]
r5270: fixing some bashism's in autogen.sh
(This used to be commit
c8b79cd78cff6f5f784d16e6c3168c9ac2c1cf1a)
Gerald Carter [Mon, 7 Feb 2005 22:20:03 +0000 (22:20 +0000)]
r5269: BUG 858: fix order of popt args evalution so we don't crash when given no command line args
(This used to be commit
aff2fb7a65a9fc40220d971fba8ba3cf1eeeee9f)
Jeremy Allison [Mon, 7 Feb 2005 22:06:49 +0000 (22:06 +0000)]
r5268: Fix bug #2310, only do 16-bit normalization on small dfree
request.
Jeremy.
(This used to be commit
96dfec739a7ab6ac082d530ca2b771f9d6acabc6)
Gerald Carter [Mon, 7 Feb 2005 19:39:15 +0000 (19:39 +0000)]
r5265: ensure that the Fedora RPMS build with cups support
(This used to be commit
c3f760bea97abd80aab27c125042584b4c243c7c)
Günther Deschner [Mon, 7 Feb 2005 18:20:06 +0000 (18:20 +0000)]
r5264: Log with loglevel 0 when account-administration scripts fail.
Guenther
(This used to be commit
3d391ef149639750db376b05528a27422f8a3321)
Gerald Carter [Mon, 7 Feb 2005 15:35:42 +0000 (15:35 +0000)]
r5263: bug 2249: patch from Manuel Baena <mbaena@lcc.uma.es> to print error message in fullpath()
(This used to be commit
0f66db48b09adc5b78a10e5023604c333684cbb3)
Günther Deschner [Mon, 7 Feb 2005 14:14:44 +0000 (14:14 +0000)]
r5262: Fix server_role in the samr_query_dom_info calls. When we are a BDC we
should not say we are a PDC.
Guenther
(This used to be commit
6cdf3b97de2c28ac92f972621b0ce04c1c80cea5)
Simo Sorce [Mon, 7 Feb 2005 08:43:18 +0000 (08:43 +0000)]
r5257: Upadate patches and control files
Sync up with 3.0.11
(This used to be commit
ed61c84581b364e9d822871944c45a26c2f0e932)
Tim Potter [Sun, 6 Feb 2005 01:12:15 +0000 (01:12 +0000)]
r5246: We can't use a pointer to struct lsa_info until is has been
initialised. Fix for bugzilla #2315. Can the privileges dude(s)
please verify this?
(This used to be commit
bc4f884104c04f7c9ab7d370586115a9328ce9b1)
Steve French [Fri, 4 Feb 2005 23:30:27 +0000 (23:30 +0000)]
r5236: Ignore users mount parm (since unneeded by cifs kernel code). Suggested by Dirk Jagdmann.
(This used to be commit
076485169e44a95981a12606c639b973c4e79d4e)
Günther Deschner [Fri, 4 Feb 2005 23:01:52 +0000 (23:01 +0000)]
r5235: Fix compile warning.
(This used to be commit
00b5990617b341b1fe7863552acb02e30cd022e5)
Günther Deschner [Fri, 4 Feb 2005 22:27:14 +0000 (22:27 +0000)]
r5234: Do not use the "Local Unix Group"-default description for all kinds of
group-mappings.
Guenther
(This used to be commit
2556e6570ec8074bb67827f95eb365800c5c9827)
Gerald Carter [Fri, 4 Feb 2005 17:46:30 +0000 (17:46 +0000)]
r5233: fixing some typos
(This used to be commit
b58b1ada29a0cac55e5bc91b3ad4cc39808c2e3b)
Volker Lendecke [Fri, 4 Feb 2005 14:38:12 +0000 (14:38 +0000)]
r5228: Fix typo, mention officially supported samba3/SLES8 packages on ftp.sernet.de.
Volker
(This used to be commit
563ec791c660cbcc6ca0e8d7a9b1f87fc78a1c1c)
Gerald Carter [Fri, 4 Feb 2005 14:03:57 +0000 (14:03 +0000)]
r5227: removed SuSE spec file @ Lars' request and updated read to point to package download areas
(This used to be commit
51211daa4d8dec96c0ba740f702b486e241e8621)
Stefan Metzmacher [Fri, 4 Feb 2005 07:01:33 +0000 (07:01 +0000)]
r5225: fix mem leak and debug message
metze
(This used to be commit
c0ee5922cdd4e57007e3a8f16cae71550fb38f2e)
Gerald Carter [Fri, 4 Feb 2005 00:25:33 +0000 (00:25 +0000)]
r5207: patches from Jay Fenlason @ RedHat (scooped from their Fedora packages)
(This used to be commit
9019a8436162d3606f6b8584701b0832cf5a7439)
Gerald Carter [Thu, 3 Feb 2005 16:23:49 +0000 (16:23 +0000)]
r5205: more fixups for BUG 2291
(This used to be commit
62e7cc7c3b2fe5187c99e0a1491843579ab997e7)
Gerald Carter [Thu, 3 Feb 2005 15:14:54 +0000 (15:14 +0000)]
r5203: additional changes for BUG 2291 to restrict who can join a BDC and add domain trusts
(This used to be commit
5ec1faa2ad33772fb48c3863e67d2ce4be726bb2)
Gerald Carter [Thu, 3 Feb 2005 04:40:52 +0000 (04:40 +0000)]
r5192: missed one packaging fix for BUG 2299
(This used to be commit
c3edeba62dcb6db09e47cc82ef98cc1a1843b591)
Gerald Carter [Thu, 3 Feb 2005 04:38:48 +0000 (04:38 +0000)]
r5191: BUG 2299: better logrotate configuration from Levente Farkas <lfarkas@lfarkas.org>
(This used to be commit
d9d56348213a735b7c56123bbd4126184ee116fa)
Jeremy Allison [Thu, 3 Feb 2005 02:02:54 +0000 (02:02 +0000)]
r5183: Ensure we correctly set the per-connection "case_sensitive" setting.
Rename dptrs_open to the more correct dirhandles_open.
Remove old #if 1.
Jeremy.
(This used to be commit
c43bae306a18f5716acbe8571f4f414873400cb1)
Günther Deschner [Wed, 2 Feb 2005 20:11:37 +0000 (20:11 +0000)]
r5180: Call the "add machine script" to create all kinds of trust accounts
(this restores old behaviour). Fixes #2291.
Guenther
(This used to be commit
5ca0d1b87cd20f538a13321eb11ef97d00bf5133)
Deryck Hodge [Wed, 2 Feb 2005 18:01:11 +0000 (18:01 +0000)]
r5179: Add -P (password-menu-only) option to swat. Admins can allow users
to use swat to change their password without allowing them to see
the "View" and "Status" buttons.
deryck
(This used to be commit
c9cacd553f8e7aa2db011cb7b22dd791b7460ea0)
Simo Sorce [Wed, 2 Feb 2005 16:22:59 +0000 (16:22 +0000)]
r5176: Warn the user that print command is ignored when using cups libraries
(This used to be commit
142461204718d489bbeff451878a52208b9891bc)
Gerald Carter [Wed, 2 Feb 2005 16:05:55 +0000 (16:05 +0000)]
r5174: ensure that we consistently use the current_user_info.smb_name vs. smb_name when parsing smb.conf and reloading config files
(This used to be commit
be537eaebe84b2ccae089e5982263df8a96e7a5b)
Jeremy Allison [Wed, 2 Feb 2005 01:58:18 +0000 (01:58 +0000)]
r5166: From James Peach - remove minor C99-isms.
Jeremy.
(This used to be commit
54ac409d4fd3b6e8e2bd338dabed446a92507811)
Gerald Carter [Tue, 1 Feb 2005 20:43:14 +0000 (20:43 +0000)]
r5165: BUG 2295: always use get_local_machine_name() rather than digging in the gloval variable 'local_machine'
(This used to be commit
6a6e4af46a5c0a693a3dd9d558a4d1c1e5d72d95)
Jim McDonough [Tue, 1 Feb 2005 19:32:54 +0000 (19:32 +0000)]
r5163: Fix bugzilla 2062:
turn off broadcast for all 390 NICs.
(This used to be commit
d159a5013e96a1188599a3fa0bff108fa6f6679b)
Gerald Carter [Tue, 1 Feb 2005 19:04:13 +0000 (19:04 +0000)]
r5162: BUG 2264: remove shutdown and abortshurn commands from rpcclient since they are stable in 'net rpc' (to avoid fixing portability bugs)
(This used to be commit
0a1f9703a1fe5dec80d76db6736c43e19fea9c3f)
Jeremy Allison [Tue, 1 Feb 2005 18:33:50 +0000 (18:33 +0000)]
r5160: First cut at refactoring of directory code to handle non-wildcard
directory match more efficiently. Passes RAW-SEARCH under valgrind but needs more
testing (which I'll do later today :-).
Jeremy.
(This used to be commit
0b04dd9d0c6d1fe02d1b5e43f203577bf5466f33)
Gerald Carter [Tue, 1 Feb 2005 18:29:14 +0000 (18:29 +0000)]
r5159: BUG 2262: add support to detect *freebsd6* (same as *freebsd5* currently)
(This used to be commit
d6c7de240885be00149fd00b47f229a59f150b3e)
Gerald Carter [Tue, 1 Feb 2005 18:24:39 +0000 (18:24 +0000)]
r5158: BUG 2263: patch from Timur Bakeyev <timur@com.bat.ru> to guard base64_encode_data_blob() against empty blobs
(This used to be commit
17239d609f63ae5bd6826e580876c27e8c92d6fa)
Gerald Carter [Tue, 1 Feb 2005 18:14:15 +0000 (18:14 +0000)]
r5157: BUG 2266: conditionally include rpc/nettype.h to work around missing header onf FreeBSD4
(This used to be commit
314da604735696da4cf350f35d84592356e31861)
Jeremy Allison [Tue, 1 Feb 2005 02:06:00 +0000 (02:06 +0000)]
r5154: Tidy up interface a little.
Jeremy.
(This used to be commit
a38eeb765f4c744ca7bf0aca86bb448240ad295d)
Jeremy Allison [Tue, 1 Feb 2005 00:28:20 +0000 (00:28 +0000)]
r5152: Restructure the directory handling code, stop using void * pointers
that just allow the wrong pointer to be assigned :-) and make the
interface more consistent. Fix the FreeBSD directory problem. Last
thing to do is to add the "singleton" directory concept from James
Peach's code.
Jeremy.
(This used to be commit
cfa8150fd9932470cb8f3b5e14c0156dda67125d)
Gerald Carter [Mon, 31 Jan 2005 22:42:30 +0000 (22:42 +0000)]
r5150: consolidate the samr_make.*obj_sd() functions to share code
(This used to be commit
5bd03d59263ab619390062c1d023ad1ba54dce6a)
Gerald Carter [Mon, 31 Jan 2005 16:32:14 +0000 (16:32 +0000)]
r5140: (a) fix problem with enumerating domain trusts in security = ads; (b) fix a segfault in rpcclient's dsenumdomtrusts
(This used to be commit
558525abf14432bd5527e5578ce18d128627dabb)
Gerald Carter [Mon, 31 Jan 2005 13:26:00 +0000 (13:26 +0000)]
r5132: netscape DS 5.2 schema update from Richard Renard <rrenard@idealx.com>
(This used to be commit
33ac88c6a7bfe4e6d391b841bd4461086af27e4e)
Gerald Carter [Mon, 31 Jan 2005 13:17:49 +0000 (13:17 +0000)]
r5131: BUG 2290: don;t call mkversion.sh since we don't have it in this directory
(This used to be commit
2ddcb643819bcb0f33c14fc22117d98ea2bcc132)
Volker Lendecke [Mon, 31 Jan 2005 09:27:12 +0000 (09:27 +0000)]
r5127: Fix Bug 2289 -- thanks to jason@ncac.gwu.edu
(This used to be commit
8c35c3bf2ed65d2b93feb0f419e1c7785fba7764)
Volker Lendecke [Mon, 31 Jan 2005 08:29:51 +0000 (08:29 +0000)]
r5125: Fix bug 2113 -- thanks to jason@ncac.gwu.edu
(This used to be commit
0c205bcc864c8dc01124a5d654792de0cbf79a63)
Tim Potter [Sun, 30 Jan 2005 22:47:26 +0000 (22:47 +0000)]
r5112: Fix for shared object creation in examples. Bugzilla #2058.
(This used to be commit
8e5db6f08ceb969bd2580558031f3737b32f10b1)
Tim Potter [Sun, 30 Jan 2005 22:45:46 +0000 (22:45 +0000)]
r5111: Fix up changed prototype for setsampwent pdb function.
(This used to be commit
331748202077ce9e0b5dcf3ed9b3ab6f89e9c0e4)
Jeremy Allison [Sun, 30 Jan 2005 00:36:19 +0000 (00:36 +0000)]
r5100: We should only care about case-sensitivity when *reading* an incoming
filename, not returning one. Makes us pass one more Samba4 RAW-SEARCH test.
Jeremy.
(This used to be commit
228d1e1649a0b4952eb5603cb5e1851cdc8f0c72)
Volker Lendecke [Sat, 29 Jan 2005 10:05:46 +0000 (10:05 +0000)]
r5098: Next round build-fixing
(This used to be commit
175ec3ed518704920c7c55b050ec1cc00da7f560)
Volker Lendecke [Sat, 29 Jan 2005 09:38:15 +0000 (09:38 +0000)]
r5096: Attempt to fix the build
(This used to be commit
5f34139b68460f6fb1046e2b97f16dbeff3fb136)
Jeremy Allison [Sat, 29 Jan 2005 02:49:01 +0000 (02:49 +0000)]
r5082: Don't blindly copy question rr_type and class, set correctly as required
by rfc1002.
Jeremy.
(This used to be commit
422fb43dda13e0840245ae272b7621640b8ad220)
Jeremy Allison [Sat, 29 Jan 2005 02:18:01 +0000 (02:18 +0000)]
r5077: Use correct type for rr record on negative name query reply.
Jeremy.
(This used to be commit
86c5548d272c0804c0188ae744ae1bb17eb817f6)
Jeremy Allison [Sat, 29 Jan 2005 02:03:46 +0000 (02:03 +0000)]
r5076: Ensure that WINS negative name query responses and WACK packets
use the correct RR type of 0xA instead of reflecting back what
the query RR type was (0x20). See rfc1002 sections 4.2.14 and
4.2.16.
Jeremy.
(This used to be commit
ab8c9240044f1ef3d5c6ac4850c8ec615c2e32fd)
Jeremy Allison [Fri, 28 Jan 2005 23:17:12 +0000 (23:17 +0000)]
r5069: Ensure we return the correct errors for old-style search requests.
Jeremy.
(This used to be commit
ef73dfe0d6c3b7f71109e32115d528ecdbe562ea)
Jeremy Allison [Fri, 28 Jan 2005 21:55:45 +0000 (21:55 +0000)]
r5066: A couple of small fixes from James Peach @ SGI.
Jeremy.
(This used to be commit
9d131e94195df79e07c8fad20e12ba1b67441a81)
Jeremy Allison [Fri, 28 Jan 2005 21:01:58 +0000 (21:01 +0000)]
r5063: Shamelessly steal the Samba4 logic (and some code :-) for directory
evaluation. This stops us from reading the entire directory into
memory at one go, and allows partial reads. It also keeps almost
the same interface to the OpenDir/ReadDir etc. code (sorry James :-).
Next I will optimise the findfirst with exact match code. This speeds
up our interactive response for large directories, but not when a
missing (ie. negative) findfirst is done.
Jeremy
(This used to be commit
0af1d2f6f24f238cb05e10d7d53dcd5b5e0f5f5d)
Gerald Carter [Fri, 28 Jan 2005 17:36:41 +0000 (17:36 +0000)]
r5060: BUG 2286: fix typoe on sambaConfig oc definition
(This used to be commit
e2ce048654fdb98a50622ac60abae18c6b6ba4d2)
Günther Deschner [Fri, 28 Jan 2005 17:05:55 +0000 (17:05 +0000)]
r5058: Due to the fragileness how windows reacts on unmapped sids sometimes,
don't leave administator-sid unmapped. Simply return "Administrator"
Guenther
(This used to be commit
168ddf31d1af49d52d17dd09c9653d3deafb9442)
Gerald Carter [Fri, 28 Jan 2005 16:55:09 +0000 (16:55 +0000)]
r5056: * correct STANDARD_RIGHTS_WRITE_ACCESS bitmask define
* make sure to apply the rights_mask and not just the saved
bits from the mask in access_check_samr_object()
* allow root to grant/revoke privileges (in addition to Domain
Admins) as suggested by Volker.
Tested machine joins from XP, 2K, and NT4 with and without
pre-existing machine trust accounts. Also tested basic file
operations using cmd.exe and explorer.exe after changing the
STANDARD_RIGHTS_WRITE_ACCESS bitmask.
(This used to be commit
c0e7f7ff60a4110809b8f500fdc68a1bf963da36)
Gerald Carter [Thu, 27 Jan 2005 15:13:16 +0000 (15:13 +0000)]
r5046: mark 'winbind enable local accounts' and testprns as depcrecated
(This used to be commit
17bc42b4c2e21004adaeac78db6231a384fda16c)
Gerald Carter [Thu, 27 Jan 2005 02:56:18 +0000 (02:56 +0000)]
r5029: after talking to Rob, ensure that we set the NETIOSNAME.domainname
as the longname in the published printer information since this
is what we will have used when we joined the domain.
More testing on this tomorrow.
(This used to be commit
d64fd1116d5fe29807be29c73809317f88fdb033)
Gerald Carter [Thu, 27 Jan 2005 02:16:02 +0000 (02:16 +0000)]
r5028: * check acb_info mask in _samr_create_user instead of the last character
of the user name
* fix some access_mask checks in _samr_set_userinfo2 (getting join from
XP without being a member of domain admins working)
(This used to be commit
04030534ffd35f8ebc997d9403fd87309403dcbf)
Gerald Carter [Wed, 26 Jan 2005 20:48:21 +0000 (20:48 +0000)]
r5020: bumping the 3.0 tree to 3.0.12pre1 since there will not be a full sync for the 3.0.11rc1 release
(This used to be commit
c0e292e491c684b8ce19096e55338a27161c0a49)
Gerald Carter [Wed, 26 Jan 2005 20:36:44 +0000 (20:36 +0000)]
r5015: (based on abartlet's original patch to restrict password changes)
* added SE_PRIV checks to access_check_samr_object() in order
to deal with the run-time security descriptor and their
interaction with user rights
* Reordered original patch in _samr_set_userinfo[2] to still
allow root/administrative password changes for users and machines.
(This used to be commit
f9f9e6039bd9443d54445e41c3783a2be18925fb)
Jeremy Allison [Wed, 26 Jan 2005 20:01:21 +0000 (20:01 +0000)]
r5014: Split out the request to send an async level II oplock break into a
new function to make it clear when it's called. Remove async parameter
that had been overloaded into request_oplock_break.
Inspired by work from Nadav Danieli <nadavd@exanet.com>.
Jeremy.
(This used to be commit
05697fb50236dfc28e81f8b3900eac17cace57c1)
Gerald Carter [Wed, 26 Jan 2005 14:46:54 +0000 (14:46 +0000)]
r5012: fix segfault caused by using a ipp_t * after calling cupsDoRequest()
(This used to be commit
0ac3c4c5a231c314213dbce29e25911ddb04de2d)
Jeremy Allison [Wed, 26 Jan 2005 00:13:15 +0000 (00:13 +0000)]
r5002: Ensure we can't remove a level II oplock without having the
shared memory area locked. This need to be in 3.0.11. Pointed
out by Nadav Danieli <nadavd@exanet.com>.
Jeremy.
(This used to be commit
47ed16aefbdcb6257101c6b78c93eeb7cf048185)
Gerald Carter [Tue, 25 Jan 2005 23:34:39 +0000 (23:34 +0000)]
r5000: 5000th post! w00tsvn diffsvn diff :-)
(This used to be commit
41d247d9643eb9cb9705f65f924e61c8dfbe6e00)
Gerald Carter [Tue, 25 Jan 2005 23:33:18 +0000 (23:33 +0000)]
r4996: sync up copytights with trunk
(This used to be commit
8946efe102f7a8a9b5a8059a80666b782159e7b8)
Gerald Carter [Tue, 25 Jan 2005 23:32:19 +0000 (23:32 +0000)]
r4995: fail set_privileges() if 'enable privileges = no' to prevent confused admins who never read what I write :-)
(This used to be commit
1d7a636e0e7f8a0bc3d3ae04b40f79db7f08d619)
Günther Deschner [Tue, 25 Jan 2005 23:30:05 +0000 (23:30 +0000)]
r4994: Patch from abartlet:
When migrating account policies to ldapsam, handle the fact that an
admin might have changed the default location of the sambaDomain-object
after installation.
Guenther
(This used to be commit
78c3c7127444b8f9959f4d6ce9e540271869d70f)
Günther Deschner [Tue, 25 Jan 2005 20:36:24 +0000 (20:36 +0000)]
r4989: Display failed LDAP-server-uri.
Guenther
(This used to be commit
d433c7b476005064b9cfd339bbd8a25b40de59c1)
Günther Deschner [Tue, 25 Jan 2005 19:56:01 +0000 (19:56 +0000)]
r4988: After speaking with Jerry, remove old lp_admin_users to
administrator-sid mapping completely.
Guenther
(This used to be commit
4cbe37ecd544b01c57c7fce5b3be28669f4ba6c3)
Andrew Bartlett [Tue, 25 Jan 2005 02:58:31 +0000 (02:58 +0000)]
r4976: Try to scare people off from trying to write authentication modules
that only acheive as much as 'security=server' does.
Andrew Bartlett
(This used to be commit
fb694f2b1a809d221f48f9b9b0e54e9512325bae)
Günther Deschner [Tue, 25 Jan 2005 01:19:02 +0000 (01:19 +0000)]
r4972: Fix a warning and some debugging-outputs.
Guenther
(This used to be commit
1eabfa050b661168b42892c2d841c7891e59cf5f)
Jeremy Allison [Mon, 24 Jan 2005 20:21:15 +0000 (20:21 +0000)]
r4970: Fix for bug 2092, allowing fallback after kerberos and allow
gnome vfs to prevent auto-anonymous logon.
Jeremy.
(This used to be commit
843e85bcd978d025964c4d45d9a3886c7cf7f63c)
Volker Lendecke [Mon, 24 Jan 2005 19:33:20 +0000 (19:33 +0000)]
r4967: Not being in any domain local groups is obviously valid...
Volker
(This used to be commit
78975ab9a996ac61be37410f18ddedb9df58d04b)
Gerald Carter [Mon, 24 Jan 2005 18:42:33 +0000 (18:42 +0000)]
r4966: don't enumerate the drivers for the same architecture string more than once
(This used to be commit
c488ce9934aaf640c3f63cbdabc3110b8cf70fae)
Gerald Carter [Mon, 24 Jan 2005 17:42:19 +0000 (17:42 +0000)]
r4965: comment out some unused attributes and oc's
(This used to be commit
d95c9c4d74ea2fb7e5aac4a58888ab6fbc571dfb)
Günther Deschner [Mon, 24 Jan 2005 17:29:12 +0000 (17:29 +0000)]
r4964: Fix our lsa lookupsid $OURDOMAINSID-500.
Give the admin-user (rid 500) a chance to be found in passdb, not
returning the (possibly obscure) first entry of "admin users" before
that.
Guenther
(This used to be commit
d319c0e189bc67a4552dafaff80113603b551eb3)
Günther Deschner [Mon, 24 Jan 2005 16:30:46 +0000 (16:30 +0000)]
r4963: It is actually a very bad idea to use KRB5_CONFIG in the
configure-checks (At least Heimdal uses KRB5_CONFIG for locating it's
configuration-file (usually /etc/krb5.conf)). Renaming it to KRB5CONFIG
prevents configure-checks that use heimdal-libs from segfaulting while
the lib reads the krb5-config binary as a configuration file...
Vendors that used the KRB5_CONFIG-variable to let configure find a
custom krb5-config binary have to use KRB5CONFIG now.
Guenther
(This used to be commit
95edb3c67f330afd8dbb8268f3f8ecaf1732c238)
Volker Lendecke [Sun, 23 Jan 2005 14:10:57 +0000 (14:10 +0000)]
r4946: Our notion the other_sids in the info3 SamLogon struct was
...hmmm... completely bogus. This does not affect us as a domain controller,
as we never set other_sids, but I have *no* idea how winbind got away with it.
Please review thoroughly, samba4 idl looks closer to reality here.
Test case: Member of w2k3 domain, authenticate as a user who is member of one
or more domain local groups. Easiest review with 'client schannel = no'.
Thanks,
Volker
(This used to be commit
a0a6388830d9457de3e42686c64bddeba42954f8)
Volker Lendecke [Sat, 22 Jan 2005 17:12:19 +0000 (17:12 +0000)]
r4933: List not only the first 10 trusts with rpcclient -c enumtrust.
Volker
(This used to be commit
9ca6cfcf1e4a905d47429a6dc18e2bd7ad5fe1e3)
Günther Deschner [Sat, 22 Jan 2005 12:02:13 +0000 (12:02 +0000)]
r4932: Forgot to increase version with the account-policy-commit.
Guenther
(This used to be commit
42e380303ddce890f313c221a766dc1e1ee972fb)
Günther Deschner [Sat, 22 Jan 2005 11:26:13 +0000 (11:26 +0000)]
r4931: Add get_user_info_7 in SAMR. This just gives out the username. (In
preparation of adding the ability of renaming users via setuserinfo
level 7).
Guenther
(This used to be commit
6f34ed6c203fa11182640da97581075612d26c0e)
Günther Deschner [Sat, 22 Jan 2005 04:09:21 +0000 (04:09 +0000)]
r4926: Use LDAP_SCOPE_ONELEVEL instead of OpenLDAP's LDAP_SCOPE_ONE-scope.
Guenther
(This used to be commit
eee0bd806b4fd4558f9c48c09f7e85274e2b807f)
Günther Deschner [Sat, 22 Jan 2005 03:37:09 +0000 (03:37 +0000)]
r4925: Migrate Account Policies to passdb (esp. replicating ldapsam).
Does automated migration from account_policy.tdb v1 and v2 and offers a
pdbedit-Migration interface. Jerry, please feel free to revert that if
you have other plans.
Guenther
(This used to be commit
75af83dfcd8ef365b4b1180453060ae5176389f5)
Jeremy Allison [Sat, 22 Jan 2005 01:38:42 +0000 (01:38 +0000)]
Jeremy Allison [Sat, 22 Jan 2005 01:22:39 +0000 (01:22 +0000)]
r4917: Merge some of Derrell.Lipman@UnwiredUniverse.com obvious fixes.
Added text explaining units in pdbedit time fields.
Jeremy.
(This used to be commit
3d09c15d8f06ad06fae362291a6c986f7b6107e6)
Gerald Carter [Fri, 21 Jan 2005 23:06:27 +0000 (23:06 +0000)]
r4913: fixing 'perl requires' filters for RPM packaging on RedHat/Fedora
(This used to be commit
6b38a3923c403562c26642f24477c607a4295878)
Gerald Carter [Fri, 21 Jan 2005 19:09:51 +0000 (19:09 +0000)]
r4907: remove unreached code
(This used to be commit
15fd4a05ec2439f41591ee8a1c30021d9a34371b)
Gerald Carter [Fri, 21 Jan 2005 19:08:17 +0000 (19:08 +0000)]
r4905: patch from abartlet to remove storing the auth-user credentials from the cli* in cm_prepare_connection(). using credentials from a domain other thanour primary domain will cause the schannel setup to fail
(This used to be commit
a13e29b5f2f1e48225b5b5964bc0777948f16622)