14 years agor1948: Some fixes for path changes
Simo Sorce [Fri, 20 Aug 2004 09:21:58 +0000 (09:21 +0000)]
r1948: Some fixes for path changes
(This used to be commit 6cf02ec9e788b624cc4ddc67efe45ffbf4f0c443)

14 years agor1946: update debian stable package tree
Simo Sorce [Fri, 20 Aug 2004 08:38:44 +0000 (08:38 +0000)]
r1946: update debian stable package tree
(This used to be commit 7a96ed015ea79512b12195a9086f96d9634303b4)

14 years agor1942: Add missing semicolon.
John Terpstra [Fri, 20 Aug 2004 04:21:49 +0000 (04:21 +0000)]
r1942: Add missing semicolon.
(This used to be commit a0b80033c997d50562f66686e79a58fc9603217d)

14 years agor1939: Ensure with my new change we set extended security in flags2 in
Jeremy Allison [Thu, 19 Aug 2004 22:47:05 +0000 (22:47 +0000)]
r1939: Ensure with my new change we set extended security in flags2 in
the negprot reply.
(This used to be commit 8b80b46b8b76ead72c17dc65f2de4c0cc0b263c7)

14 years agor1936: Fix bug noticed by Steve - ensure extended security bit is on only
Jeremy Allison [Thu, 19 Aug 2004 20:03:41 +0000 (20:03 +0000)]
r1936: Fix bug noticed by Steve - ensure extended security bit is on only
if we negotiated extended security. Do not merge for 3.0.6. Works
with W2K but needs further testing.
(This used to be commit 284689aa18d2711a9041598cdf490359466f7f77)

14 years agor1931: fix broken documentation links
Gerald Carter [Thu, 19 Aug 2004 19:56:17 +0000 (19:56 +0000)]
r1931: fix broken documentation links
(This used to be commit 47dffbb857057ba7591e9a597596414e364c7a00)

14 years agor1924: missed adding a few files
Gerald Carter [Thu, 19 Aug 2004 14:25:28 +0000 (14:25 +0000)]
r1924: missed adding a few files
(This used to be commit fc6bab3efdfc0d506d2487bc9cc948e03b8e6cf0)

14 years agor1921: Mandrake packaging fixes
Gerald Carter [Thu, 19 Aug 2004 14:19:25 +0000 (14:19 +0000)]
r1921: Mandrake packaging fixes
(This used to be commit e83eed8d6b32f7ddb25215ed08c10a7fb59665b8)

14 years agor1908: Bugzilla #1541. Fix recursive ls in smbclient. Fix by Josef Zlomek.
Tim Potter [Thu, 19 Aug 2004 09:59:08 +0000 (09:59 +0000)]
r1908: Bugzilla #1541.  Fix recursive ls in smbclient.  Fix by Josef Zlomek.
(This used to be commit e59af43f6b8f824447bd20efc08dd81f2774e99c)

14 years agor1906: Revert lukeh's change for primary uid/gid change. This creates a recursion
Volker Lendecke [Thu, 19 Aug 2004 08:11:11 +0000 (08:11 +0000)]
r1906: Revert lukeh's change for primary uid/gid change. This creates a recursion
loop between uid_to_sid -> getsampwnam -> uid_to_sid. It needs further

(This used to be commit 67d8bc48531dd1a7d9b5db93f7d71f920a27e8fb)

14 years agor1890: Cut down on debug messages from is_in_path. paulg
Paul Green [Wed, 18 Aug 2004 17:55:50 +0000 (17:55 +0000)]
r1890: Cut down on debug messages from is_in_path.  paulg
(This used to be commit 8b1c2126af3f29a3708b6823616ecec43ce63b95)

14 years agor1888: Bring the same level of "required_membership"-functionality that
Günther Deschner [Wed, 18 Aug 2004 16:25:41 +0000 (16:25 +0000)]
r1888: Bring the same level of "required_membership"-functionality that
ntlm_auth uses, to pam_winbindd as well.

This allows to make successfull authentication via PAM dependent on
SID-membership. At the moment, both ntlm_auth and accept
user/group-names or sid-strings - as discussed, recursive membership
(e.g. local aliases) will be added later.

(This used to be commit 7494569655f8d112a0c883a2748a1012bb64ad3a)

14 years agor1887: Fix deadlock loop in winbind's required_membership_sid-verification.
Günther Deschner [Wed, 18 Aug 2004 16:15:21 +0000 (16:15 +0000)]
r1887: Fix deadlock loop in winbind's required_membership_sid-verification.

(This used to be commit a0a6d7d72f2a24c422db255acf6c439a9b0921df)

14 years agor1885: tighten the cache consistency with the ntprinters.tdb entry an the in memory...
Gerald Carter [Wed, 18 Aug 2004 13:55:58 +0000 (13:55 +0000)]
r1885: tighten the cache consistency with the ntprinters.tdb entry an the in memory cache associated with open printer handles; also make sure that register_messages_flags() doesn't overwrite the originally registers flags
(This used to be commit 540daf71d8ad189af5dd6d45aa1ce2b3d67da752)

14 years agor1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly use
Jeremy Allison [Tue, 17 Aug 2004 20:11:52 +0000 (20:11 +0000)]
r1871: Patch from Luke Howard <lukeh@PADL.COM> to correctly use
uid_to_sid() and gid_to_sid() in pdb_set_sam_sids().
(This used to be commit dae084d7134ae3f532861210907cd252d0001c9b)

14 years agor1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" as
Jeremy Allison [Tue, 17 Aug 2004 19:59:22 +0000 (19:59 +0000)]
r1869: Rename "fallback_XXXX" mapping to "algorithmic_XXX" as
that's what it actually does, and "fallback_" is just
(This used to be commit f44b4ba38147e353716c02c899bd45beaf71e6ad)

14 years agor1866: Fix for bug #1602 reported by <>.
Jeremy Allison [Tue, 17 Aug 2004 18:59:13 +0000 (18:59 +0000)]
r1866: Fix for bug #1602 reported by <>.
Access to a share with
wide links = No
follow symlinks = No
Was failing with access denied.
(This used to be commit c137accb25c928551ce666e8c7cfbbcaa60ad771)

14 years agor1863: Fix build of exp stuff on Solaris (#1474)
Jelmer Vernooij [Tue, 17 Aug 2004 16:59:08 +0000 (16:59 +0000)]
r1863: Fix build of exp stuff on Solaris (#1474)
(This used to be commit d5c757d89b76bfe5cbd23e4a241971aaa32e4949)

14 years agor1853: Improved NT->AFS ACL mapping.
Volker Lendecke [Tue, 17 Aug 2004 10:48:31 +0000 (10:48 +0000)]
r1853: Improved NT->AFS ACL mapping.

Jerry, this is a really localized patch that I've been using at a customer
site for quite a while, I'd like to get that into 3.0.6.


(This used to be commit e7d7dc94eb452467725fea7f1ebc941bdb07573d)

14 years agor1841: Fix for #1606, can't launch dos exe's.
Jeremy Allison [Mon, 16 Aug 2004 21:27:26 +0000 (21:27 +0000)]
r1841: Fix for #1606, can't launch dos exe's.
2 related problems - 1). DOS uses chained commands - when we
are replying with sendfile we neglect to send the chained header. 2). Win9x and
DOS TCP stacks blow up when getting data back from a Linux sendfile - "The
engines canna take the strain cap'n". Don't use sendfile for anything less than NT1.
(This used to be commit 3cd88f48afa589a189bb728d2d2660d058203d4d)

14 years agor1834: prevent infinite recusion in reopen_logs() when expanding the smb.conf variable %I
Gerald Carter [Mon, 16 Aug 2004 15:30:17 +0000 (15:30 +0000)]
r1834: prevent infinite recusion in reopen_logs() when expanding the smb.conf variable %I
(This used to be commit 08037bd4427a99150c1cc65770681ec3f92f4ad5)

14 years agor1833: patch from James Peach to get swat to look for index.html by default when...
Gerald Carter [Mon, 16 Aug 2004 15:25:57 +0000 (15:25 +0000)]
r1833: patch from James Peach to get swat to look for index.html by default when given a trailing directory/
(This used to be commit 980740da784ce00ad1b388872297b82d4d368044)

14 years agor1812: Fix from Richard Renard <> to be able to reset
Jeremy Allison [Fri, 13 Aug 2004 19:56:19 +0000 (19:56 +0000)]
r1812: Fix from Richard Renard <> to be able to reset
a users logon hours restrictions.
(This used to be commit 887aa22dc90dd8653a6c9eedf91ce76830d93de6)

14 years agor1810: Patch from Richard Renard <> to store
Jeremy Allison [Fri, 13 Aug 2004 18:02:58 +0000 (18:02 +0000)]
r1810: Patch from Richard Renard <> to store
logon hours attributes in an LDAP database.
(This used to be commit dac72638fb3a05e805136698e0ad0612620ac8af)

14 years agor1809: Patch from Richard Renard <> to store
Jeremy Allison [Fri, 13 Aug 2004 17:58:27 +0000 (17:58 +0000)]
r1809: Patch from Richard Renard <> to store
logon hours attributes in an LDAP database.
(This used to be commit ac0fdf9503b34a70eaae5e7cf0764dbaec0263ee)

14 years agor1789: compiler warnings from SuSE
Gerald Carter [Thu, 12 Aug 2004 20:27:09 +0000 (20:27 +0000)]
r1789: compiler warnings from SuSE
(This used to be commit 7e44193be103fad273796218c8f5e5f9a1657c3c)

14 years agor1780: Remove the UTC comment as it isn't.
Jeremy Allison [Thu, 12 Aug 2004 18:21:42 +0000 (18:21 +0000)]
r1780: Remove the UTC comment as it isn't.
(This used to be commit f454821ff5545a34704b149514da9064f73ca3ad)

14 years agor1778: Fix based on code from Richard Renard <> to
Jeremy Allison [Thu, 12 Aug 2004 18:20:02 +0000 (18:20 +0000)]
r1778: Fix based on code from Richard Renard <> to
enforce logon hours. ldap fixes to follow.
(This used to be commit 9ce273ed662bd34987eaeedeeeb7cb1c99cd50a4)

14 years agor1750: This patch allows net ads lookup to rely on command line arguments if contacti...
Jim McDonough [Thu, 12 Aug 2004 03:28:57 +0000 (03:28 +0000)]
r1750: This patch allows net ads lookup to rely on command line arguments if contacting an ADS server fails.  This allows net ads lookup to work with clapd (very useful for testing).

(This used to be commit edb4e940b45cbb06a93004b15fc45a7a45a42498)

14 years agor1733: Fix hashed password history for LDAP backends.
Jeremy Allison [Wed, 11 Aug 2004 18:39:29 +0000 (18:39 +0000)]
r1733: Fix hashed password history for LDAP backends.
(This used to be commit a1bb6fbbe4d1618b5e02a3e7ee456247364bac66)

14 years agor1721: Get rid of compiler-warning.
Günther Deschner [Wed, 11 Aug 2004 09:34:30 +0000 (09:34 +0000)]
r1721: Get rid of compiler-warning.

(This used to be commit 153c813464eb54a06bf01146a0eb3d2c908f76bc)

14 years agor1720: Show correct help for net groupmap commands.
Günther Deschner [Wed, 11 Aug 2004 09:32:32 +0000 (09:32 +0000)]
r1720: Show correct help for net groupmap commands.

(This used to be commit 3677c6a8f67628d5bea0764f84e624730d57b423)

14 years agor1716: Get rid of a compiler warning. "pipe" is a symbol that is defined as a system
Volker Lendecke [Wed, 11 Aug 2004 01:30:23 +0000 (01:30 +0000)]
r1716: Get rid of a compiler warning. "pipe" is a symbol that is defined as a system
call, and gcc -Wall complains about a shadowed definition.

(This used to be commit 9a2fd67037769b5cbb10edd024f6d98c610bf875)

14 years agor1698: fix build.
Günther Deschner [Tue, 10 Aug 2004 16:42:58 +0000 (16:42 +0000)]
r1698: fix build.

(This used to be commit 925e28d0cbd9667bceb0762ef1e429735250c209)

14 years agor1692: first commit :)
Günther Deschner [Tue, 10 Aug 2004 14:27:17 +0000 (14:27 +0000)]
r1692: first commit :)

* add IA64 to the architecture table of printer-drivers

* add new "net"-subcommands:

  net rpc printer migrate {drivers|printers|forms|security|settings|all}
  net rpc share migrate {shares|files|all} [share]

  this is the first part of the migration suite. this will will (once
  feature-complete) allow to do 1:1 server-cloning in the best possible way by
  making heavy use of samba's rpc_client-functions. all migration-steps
  are implemented as rpc/smb-client-calls; net communicates via rpc/smb
  with two servers at the same time (a remote, source server and a
  destination server that currently defaults to the local smbd). this
  allows e. g. printer-driver migration including driverfiles, recursive
  mirroring of file-shares including file-acls, etc. almost any migration
  step can be called with a migrate-subcommand to provide more flexibility
  during a migration process (at the cost of quite some redundancy :) ).

  "net rpc printer migrate settings" is still in a bad condition (many
  open questions that hopefully can be adressed soon).

  "net rpc share migrate security" as an isolated call to just migrate
  share-ACLs will be added later.

  Before playing with it, make sure to use a test-server. Migration is a
  serious business and this tool-set can perfectly overwrite your
  existing file/print-shares.

* along with the migration functions had to make I the following

        - implement setprinter level 3 client-side

        - implement net_add_share level 502 client-side

        - allow security descriptor to be set in setprinterdata level 2

(This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)

14 years agor1684: Patch for bug #1578 based on fix from Alexander E. Patrakov,
Jeremy Allison [Tue, 10 Aug 2004 02:05:38 +0000 (02:05 +0000)]
r1684: Patch for bug #1578 based on fix from Alexander E. Patrakov,
<>. Main change, hardcode replacement char
to '_' as I really don't want a new parameter.
(This used to be commit db3dde026b84aa28c2d7a32249488f203e362497)

14 years agor1681: Ensure we return the same ACL revision on the wire that W2K3 does.
Jeremy Allison [Tue, 10 Aug 2004 01:22:23 +0000 (01:22 +0000)]
r1681: Ensure we return the same ACL revision on the wire that W2K3 does.
(This used to be commit 31505acf033c7d76592bb5b4ef80b29a00658c49)

14 years agor1668: fixing bug in spec file when installing libsmbclient
Gerald Carter [Sat, 7 Aug 2004 15:25:42 +0000 (15:25 +0000)]
r1668: fixing bug in spec file when installing libsmbclient
(This used to be commit 6778db61106be3992ded66b3aa81c98179a6169c)

14 years agor1665: Patch from James Peach @ SGI to stop using sendfile if it isn't
Jeremy Allison [Fri, 6 Aug 2004 17:49:00 +0000 (17:49 +0000)]
r1665: Patch from James Peach @ SGI to stop using sendfile if it isn't
supported by the underlying OS.
(This used to be commit 1b0c70cf97aa45093fe5ef866a351b47ef1a5879)

14 years agor1663: fixing syntax error in OID for sambaUnixIdPool, sambaSidEntry, & sambaIdmapEntry
Gerald Carter [Fri, 6 Aug 2004 05:35:46 +0000 (05:35 +0000)]
r1663: fixing syntax error in OID for sambaUnixIdPool, sambaSidEntry, & sambaIdmapEntry
(This used to be commit 6e4c58b26d19f56162de961ae8338071aeeedde7)

14 years agor1661: Changed the password history format so that each history entry
Jeremy Allison [Thu, 5 Aug 2004 19:57:41 +0000 (19:57 +0000)]
r1661: Changed the password history format so that each history entry
consists of a 16 byte salt, followed by the 16 byte MD5 hash of
the concatination of the salt plus the NThash of the historical
password. Allows these to be exposed in LDAP without security issues.
(This used to be commit 82e4036aaa2d283534a5bd8149857320fcf0d0dc)

14 years agor1658: Expand aliases for getusersids as well.
Volker Lendecke [Thu, 5 Aug 2004 07:57:37 +0000 (07:57 +0000)]
r1658: Expand aliases for getusersids as well.

(This used to be commit d5060c30e38b46b322615f0e0b465fbf73ed5245)

14 years agor1656: Patch from James Peach:
Vance Lankhaar [Thu, 5 Aug 2004 01:27:28 +0000 (01:27 +0000)]
r1656: Patch from James Peach:

> This patch is (probably) needed for all systems that don't have a
> C99/UNIX98 compliant vsnprintf by default. The builtin sm_*printf
> were no being called, causing things like talloc_init to fail, with
> predictable results.

The should fix 6 (solaris/hpux/irix) builds on the build farm.

(This used to be commit 1a33999cf073ee18f846678357832ec7866bb467)

14 years agor1638: Dont always uppercase "afs username map"
Volker Lendecke [Tue, 3 Aug 2004 13:41:28 +0000 (13:41 +0000)]
r1638: Dont always uppercase "afs username map"
(This used to be commit e9263a5204c42e8f3f1079cd535ce6fc091f3d6a)

14 years agor1616: Fix user unmount of shares mount with suid mount.cifs
Steve French [Sun, 1 Aug 2004 01:14:08 +0000 (01:14 +0000)]
r1616: Fix user unmount of shares mount with suid mount.cifs
(This used to be commit 2bd28007159a3ce4a1b8737218e7b75bc2286682)

14 years agor1613: Patch from Tom Shaw <> to use
Jeremy Allison [Sat, 31 Jul 2004 01:50:35 +0000 (01:50 +0000)]
r1613: Patch from Tom Shaw <> to use
winbindd_fill_pwent consistently.
(This used to be commit 8d355b9b9ddd6edf15c70977f5a719b549a56378)

14 years agor1612: Fix bug #1571 found by Guenter Kukkukk <>
Andrew Bartlett [Fri, 30 Jul 2004 11:14:47 +0000 (11:14 +0000)]
r1612: Fix bug #1571 found by Guenter Kukkukk <>

(Botched LANMAN2 session setup code)

Andrew Bartlett
(This used to be commit 3baa4ef6c58eb13bec1a8ddb1561a504f4a16107)

14 years agor1610: Patch from Richard Renard <>. Ensure we
Jeremy Allison [Fri, 30 Jul 2004 02:19:10 +0000 (02:19 +0000)]
r1610: Patch from Richard Renard <>. Ensure we
save the password as it is being changed into the password
history list.
(This used to be commit 4fd619d7e16b5f759e6dc8360ad192457b3c90b9)

14 years agor1608: Fix from Nick THOMPSON <> to protect smbd
Jeremy Allison [Fri, 30 Jul 2004 00:19:41 +0000 (00:19 +0000)]
r1608: Fix from Nick THOMPSON <> to protect smbd
against broken filesystems which return zero blocksize.
(This used to be commit 23d157a0bea16366f0361ab68193b479ed844291)

14 years agor1599: Use -Bsymbolic when creating shared libraries to avoid conflicts with
Tim Potter [Wed, 28 Jul 2004 16:13:43 +0000 (16:13 +0000)]
r1599: Use -Bsymbolic when creating shared libraries to avoid conflicts with
identical symbols in the global namespace when loading
Bugzilla #1360.
(This used to be commit 2063b8d9bcf0b2ad9f09d71b5c74ad3db070c6a3)

14 years agor1590: Small fixes from Günther Deschner
Volker Lendecke [Mon, 26 Jul 2004 10:08:03 +0000 (10:08 +0000)]
r1590: Small fixes from Günther Deschner
(This used to be commit 2d68fdf06b3b027227ab77372b001b13fd2b494d)

14 years agor1588: This is one of the more pathetic patches I ever checked in. Many hours of
Volker Lendecke [Mon, 26 Jul 2004 07:41:16 +0000 (07:41 +0000)]
r1588: This is one of the more pathetic patches I ever checked in. Many hours of
coding have passed, but I could not find a way to get the OpenLDAP libraries
to reliably time out on any of the queries we make, *and* get correct error
returns. No, async calls and ldap_result does NOT work, or I was simply too
stupid to correctly interpret the OpenLDAP manpage and source.

We can not allow to hang indefinitely in an ldap query, especially not for
winbindd. "ldap timeout" now specifies the overall timeout for the complete
operation, that's why I increased that to 15 seconds.

(This used to be commit 269f0750872e5f8757e0a9667e007a0410319fcd)

14 years agor1583: Patch by Fabien Chevalier <>
Andrew Bartlett [Sun, 25 Jul 2004 13:14:00 +0000 (13:14 +0000)]
r1583: Patch by Fabien Chevalier <>

We may not have any interfaces up at all, so initialise the return variable.

Fixes Debian bug #252591

Andrew Bartlett
(This used to be commit 35aabae9d9bf66ef2c8eb4e07a850c606d8236d2)

14 years agor1582: On failure, print the length of the right variable.
Andrew Bartlett [Sun, 25 Jul 2004 13:11:39 +0000 (13:11 +0000)]
r1582: On failure, print the length of the right variable.

Andrew Bartlett
(This used to be commit 5bd6abb54e12aee2031d48bc5b240bb4f127bf5a)

14 years agor1581: 'NULL' NTLMSSP is both a pain to get right, and compleatly and utterly
Andrew Bartlett [Sat, 24 Jul 2004 23:57:07 +0000 (23:57 +0000)]
r1581: 'NULL' NTLMSSP is both a pain to get right, and compleatly and utterly
pointless.  With a well-known session key, we may as well put the
password change directly on the wire, with it's own 'crypted with old
password' as the protection.

This should fix some 'long password change' issues, against Samba in

Andrew Bartlett
(This used to be commit 554a9132872187077a9c00abb18b9d809c59b7f1)

14 years agor1572: setting version to 3.0.7pre1; I will pull back changes into 3.0.6rc2 manually
Gerald Carter [Thu, 22 Jul 2004 13:43:36 +0000 (13:43 +0000)]
r1572: setting version to 3.0.7pre1; I will pull back changes into 3.0.6rc2 manually
(This used to be commit 11c6ca1c3c9d3b400f4cebcbf232899bcf4b613f)

14 years agor1570: merging changes from 3.0.5
Gerald Carter [Thu, 22 Jul 2004 13:39:43 +0000 (13:39 +0000)]
r1570: merging changes from 3.0.5
(This used to be commit 430cf63b9148441bce42bfb15a8045de5da108f4)

14 years agor1562: Make winbind for -S (sid->uid) and -Y (sid->gid) check whether the sid
Volker Lendecke [Thu, 22 Jul 2004 13:08:13 +0000 (13:08 +0000)]
r1562: Make winbind for -S (sid->uid) and -Y (sid->gid) check whether the sid
requested actually is of type asked for. I've come across more than one
installation where a group sid had ended up as a uid in idmap and vice
versa. This just closes one possible for this misconfiguration, people
are actually using wbinfo.

(This used to be commit acfbd34025c2fde3d6a3e582c120c2b9de8ed39b)

14 years agor1561: iconv detection fix from James Peach <>
Gerald Carter [Wed, 21 Jul 2004 19:23:48 +0000 (19:23 +0000)]
r1561: iconv detection fix from James Peach <>
(This used to be commit 62bd60e4458f6e9bdaab7b5c81b040a0b3310f30)

14 years agor1560: Not that anybody uses this stuff (yet...), but at least get it correct :-)
Volker Lendecke [Wed, 21 Jul 2004 12:22:58 +0000 (12:22 +0000)]
r1560: Not that anybody uses this stuff (yet...), but at least get it correct :-)

When sending a mailslot datagram, get the packet length correction correct.

(This used to be commit 530e7f09aea22f5782af0c6b333e15e01660b34a)

14 years agor1557: Add sigchld handling to winbindd. Next step is to have the child restarted if
Richard Sharpe [Wed, 21 Jul 2004 04:24:30 +0000 (04:24 +0000)]
r1557: Add sigchld handling to winbindd. Next step is to have the child restarted if
need be. We should also make sure the main line know we no longer have a child.
(This used to be commit e3dc7934b50c8578d70fc01688a07bd369a7cf30)

14 years agor1553: Good patch from Guenther Deschner <> to display share ACL
Jeremy Allison [Wed, 21 Jul 2004 01:32:09 +0000 (01:32 +0000)]
r1553: Good patch from Guenther Deschner <> to display share ACL
entries from rpcclient.
(This used to be commit bd64f0c08143545a8613688402f769a713227557)

14 years agor1539: If a account was locked out by an admin (and has a bad password count of zero)
Jeremy Allison [Sat, 17 Jul 2004 01:37:04 +0000 (01:37 +0000)]
r1539: If a account was locked out by an admin (and has a bad password count of zero)
leave it locked out until an admin unlocks it (but log a message).
(This used to be commit 14bd2a9ffc30d55d9737b4819797db8c38b46c66)

14 years agor1537: Fix to stop printing accounts from resetting the bas password
Jeremy Allison [Sat, 17 Jul 2004 01:06:52 +0000 (01:06 +0000)]
r1537: Fix to stop printing accounts from resetting the bas password
and account lockout flags. This is set when an account is updated
only from smbd or pdbedit. Bug found by "Dunn, Drew A." <>.
(This used to be commit bb3a0fa61f5fb74b8fe421260473c07847baeb2b)

14 years agor1532: Remove unused structure element
Volker Lendecke [Fri, 16 Jul 2004 11:21:37 +0000 (11:21 +0000)]
r1532: Remove unused structure element
(This used to be commit 128951cfe43e364970ec5760230a6450f54ae86d)

14 years agor1531: smbd/tdbutil.c isn't used anymore. Bug 1443 is suspected to be a tdb
Volker Lendecke [Fri, 16 Jul 2004 10:02:20 +0000 (10:02 +0000)]
r1531: smbd/tdbutil.c isn't used anymore. Bug 1443 is suspected to be a tdb
corruption problem, and smbd_log_tdb happily destoyed the evidence ....

(This used to be commit 359b9dcffeb66146c5405f8022d5d4e4a833aa51)

14 years agor1506: Fix inspired by patches from Michael Collin Nielsen <> ...
Jeremy Allison [Thu, 15 Jul 2004 00:58:35 +0000 (00:58 +0000)]
r1506: Fix inspired by patches from Michael Collin Nielsen <> - ensure
home directory service number is correctly reused.
(This used to be commit 9d6347be8580d092cda0357b5d1a81fc6876ac1f)

14 years agor1504: Remove insane use of "user password" on the COMMAND LINE !
Jeremy Allison [Thu, 15 Jul 2004 00:03:14 +0000 (00:03 +0000)]
r1504: Remove insane use of "user password" on the COMMAND LINE !
in smbpasswd. Use -s if you want to script this.
(This used to be commit a3589a18b6898e2b51570112c5acb2826ef6ba4a)

14 years agor1501: One more check for option != 0.
Jeremy Allison [Wed, 14 Jul 2004 18:29:12 +0000 (18:29 +0000)]
r1501: One more check for option != 0.
(This used to be commit a6d0452a2d71201309a5abbe3ebc161ae75b17b8)

14 years agor1500: BUG 1516: manually declare ldap_open_with_timeout() to workaround compiler...
Gerald Carter [Wed, 14 Jul 2004 13:32:30 +0000 (13:32 +0000)]
r1500: BUG 1516: manually declare ldap_open_with_timeout() to workaround compiler errors on IRIX
(This used to be commit b47971174da9ef882e7941e53033e23c679db9a2)

14 years agor1492: Rework our random number generation system.
Andrew Bartlett [Wed, 14 Jul 2004 04:36:01 +0000 (04:36 +0000)]
r1492: Rework our random number generation system.

On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().

For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation.  This removes the 'need_reseed'
parameter from generate_random_buffer().

Andrew Bartlett
(This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)

14 years agor1487: Remove unused parameter for the client-side signing functions.
Andrew Bartlett [Wed, 14 Jul 2004 01:20:50 +0000 (01:20 +0000)]
r1487: Remove unused parameter for the client-side signing functions.

Andrew Bartlett
(This used to be commit 6d594d5bb119b6bc3f4c7699752666ac24d04745)

14 years agor1484: BUG 1520: work around bug in xp sp2 rc2 where the client sends a fnpcn() reque...
Gerald Carter [Tue, 13 Jul 2004 19:20:37 +0000 (19:20 +0000)]
r1484: BUG 1520: work around bug in xp sp2 rc2 where the client sends a fnpcn() request without previously sending a ffpcn().  Return what win2k sp4 does
(This used to be commit 3f73d19807cbcbae8e5cfd96fd5c9b4de8c388a3)

14 years agor1478: Useful patch from Tom Alsberg <>, to export a single...
Simo Sorce [Tue, 13 Jul 2004 12:39:38 +0000 (12:39 +0000)]
r1478: Useful patch from Tom Alsberg <>, to export a single user from a backend.
(This used to be commit 083740e74e0790f863c065a20e28f553fdc7d5bd)

14 years agor1472: Make mknod work again for the CIFS client. Still needs some
Jeremy Allison [Mon, 12 Jul 2004 22:44:02 +0000 (22:44 +0000)]
r1472: Make mknod work again for the CIFS client. Still needs some
client changes. With this, storing home directories on a Samba
share that require unix domain socket entries should work.
(This used to be commit da943b5b72090e23c1cf67c3449b8e33344643f8)

14 years agor1468: Dump the parametrical options only once at the end of the service.
Simo Sorce [Mon, 12 Jul 2004 15:30:23 +0000 (15:30 +0000)]
r1468: Dump the parametrical options only once at the end of the service.
Fixes Testparm producing huge output and swat creating monster smb.conf files.
(This used to be commit 9c41adb98b8eef344203d80ef38cf96a27853c7f)

14 years agor1444: Another attempt to fulfil the 100% promise. There might be two dots at the
Volker Lendecke [Sun, 11 Jul 2004 11:33:25 +0000 (11:33 +0000)]
r1444: Another attempt to fulfil the 100% promise. There might be two dots at the

(This used to be commit 65518960e54f98e750c7e044004ce72a7503760b)

14 years agor1430: Although prepared for only one remote backend, make the 'idmap backend'
Volker Lendecke [Sat, 10 Jul 2004 17:00:53 +0000 (17:00 +0000)]
r1430: Although prepared for only one remote backend, make the 'idmap backend'
parameter a list instead of a string. This makes

idmap backend = ldap:"ldap://localhost/ ldap://fallback/"


(This used to be commit ea718347937ec0e5640b29e0e9edf6eda2b45e34)

14 years agor1428: Remove *completly bogus* memset. (No doubt my bug, too...).
Andrew Bartlett [Sat, 10 Jul 2004 03:26:43 +0000 (03:26 +0000)]
r1428: Remove *completly bogus* memset.  (No doubt my bug, too...).

This memset could well have clobbered bits of the stack, because
session_key changed from

char session_key[16];


DATA_BLOB session_key

Andrew Bartlett
(This used to be commit 54248a405c9459f93f4200ebb0dc71748ae2fc83)

14 years agor1425: Fix memleak in interactive mode. Reformat..
Jeremy Allison [Fri, 9 Jul 2004 20:49:43 +0000 (20:49 +0000)]
r1425: Fix memleak in interactive mode. Reformat..
(This used to be commit 5d720e52d749489726c2c671c6cac2d706f750c8)

14 years agor1415: One more memory leak, found by valgrind..
Jeremy Allison [Fri, 9 Jul 2004 00:59:06 +0000 (00:59 +0000)]
r1415: One more memory leak, found by valgrind..
(This used to be commit 8cfaf575e5161e8307b0a53bd44e84c633e85aed)

14 years agor1414: Memory leak fixes found by valgrind whilst checking the password history code.
Jeremy Allison [Fri, 9 Jul 2004 00:13:55 +0000 (00:13 +0000)]
r1414: Memory leak fixes found by valgrind whilst checking the password history code.
Error code paths were not freeing up some memory.
(This used to be commit 7c4666e56c2c281e023c6483459cb9e8d4787d36)

14 years agor1412: Fix password history list in tdbsam. Fix some memory leaks. Add
Jeremy Allison [Thu, 8 Jul 2004 21:01:30 +0000 (21:01 +0000)]
r1412: Fix password history list in tdbsam. Fix some memory leaks. Add
my (C) to a header file that was at least 50% mine :-).
(This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)

14 years agor1410: fix another bug caused by the docs target directories change
Gerald Carter [Thu, 8 Jul 2004 19:44:41 +0000 (19:44 +0000)]
r1410: fix another bug caused by the docs target directories change
(This used to be commit e13d15994d93b0b17ea4f547cc6e279c3509a7d0)

14 years agor1407: revert change that broke the build on systems w/o krb5 files
Gerald Carter [Thu, 8 Jul 2004 18:14:07 +0000 (18:14 +0000)]
r1407: revert change that broke the build on systems w/o krb5 files
(This used to be commit 89a11b5d7c0939c9344115ef509cbb0567d7524a)

14 years agor1399: applying heimdal krb5 fixes from Guenther and fixing compile warnings in libad...
Gerald Carter [Thu, 8 Jul 2004 15:36:23 +0000 (15:36 +0000)]
r1399: applying heimdal krb5 fixes from Guenther and fixing compile warnings in libadskerberos_keyatb.c
(This used to be commit 837f56ec8bc171497fb84d332002776313c26305)

14 years agor1396: Give the build farm a chance to be clean before 3.0.5. We don't accept
Volker Lendecke [Thu, 8 Jul 2004 12:42:01 +0000 (12:42 +0000)]
r1396: Give the build farm a chance to be clean before 3.0.5. We don't accept
filenames ending in a dot.

(This used to be commit f17cb54a6f97b2ce0084d27ec219b4c3fe05c1fa)

14 years agor1394: Const fix.
Jeremy Allison [Thu, 8 Jul 2004 06:44:54 +0000 (06:44 +0000)]
r1394: Const fix.
(This used to be commit 9ac4945012e0bd54519b8c81d4c36e88cea28fce)

14 years agor1392: Added password history code to tdbsam backend. Not yet tested (ie. may
Jeremy Allison [Thu, 8 Jul 2004 06:39:22 +0000 (06:39 +0000)]
r1392: Added password history code to tdbsam backend. Not yet tested (ie. may
core dump) but compiles and links correctly. I will run the full set of
tests on the ldap sam and the tdb sam for password history tomorrow.
(This used to be commit ac846420d0ef2c60d2dc71319b24401c73699249)

14 years agor1390: Improve description of attribute.
Jeremy Allison [Wed, 7 Jul 2004 22:59:15 +0000 (22:59 +0000)]
r1390: Improve description of attribute.
(This used to be commit ff7236a5f20d16069b31383105604a694236ec65)

14 years agor1388: Adding password history code for ldap backend, based on a patch from
Jeremy Allison [Wed, 7 Jul 2004 22:46:51 +0000 (22:46 +0000)]
r1388: Adding password history code for ldap backend, based on a patch from
"Jianliang Lu" <>. Multi-string attribute changed to
linearised pstring due to ordering issues. A few other changes to
fix race conditions. I will add the tdb backend code next. This code
compiles but has not yet been tested with password history policy
set to greater than zero. Targeted for 3.0.6.
(This used to be commit dd54b2a3c45e202e504ad69d170eb798da4e6fc9)

14 years agor1386: We can't use sendfile for Win9x. It causes oplock failures (who knew....).
Jeremy Allison [Wed, 7 Jul 2004 21:52:23 +0000 (21:52 +0000)]
r1386: We can't use sendfile for Win9x. It causes oplock failures (who knew....).
(This used to be commit f423a631974b9126888aff2e476882abf1f3afad)

14 years agor1384: ensure we remove the tdb entry for a job in the spooling state
Gerald Carter [Wed, 7 Jul 2004 21:43:44 +0000 (21:43 +0000)]
r1384: ensure we remove the tdb entry for a job in the spooling state
(This used to be commit bc8cf6c852617b266f6dabed84bbd912a188f3a3)

14 years agor1381: fixing behavior found by; we must use the userPrincipalName value...
Gerald Carter [Wed, 7 Jul 2004 18:15:24 +0000 (18:15 +0000)]
r1381: fixing behavior found by; we must use the userPrincipalName value (host/hostname@REALM) and not the servicePrincipalName (host/fqdn@REALM) in the SASL binds
(This used to be commit 959da6e176da9f6a687265e50489b7db3d6712c0)

14 years agor1380: adding debug message when encouting an ASU specific bug in an rpc_bind reply
Gerald Carter [Wed, 7 Jul 2004 18:14:16 +0000 (18:14 +0000)]
r1380: adding debug message when encouting an ASU specific bug in an rpc_bind reply
(This used to be commit c6e73ff091b4d87111b33735400fdd10d4c8671c)

14 years agor1378: Better debugging so I don't get confused what principal we mean.
Jeremy Allison [Wed, 7 Jul 2004 18:12:09 +0000 (18:12 +0000)]
r1378: Better debugging so I don't get confused what principal we mean.
(This used to be commit de80e8b1698d34637cf9c105a8fe02f435d83b02)

14 years agor1375: When setting writable=yes in smb.conf and only allow read access in the
Volker Lendecke [Wed, 7 Jul 2004 13:13:15 +0000 (13:13 +0000)]
r1375: When setting writable=yes in smb.conf and only allow read access in the
security descriptor, allow read access. The code failed in this case.

Jeremy, could you please cross-check this? The way I understood your code it
could only work if smb.conf and secdesc said the same. This made the use of
srvmgr a bit difficult.... What was your intention on how to use the

The current code might check the secdesc twice, but I don't see any decent way
around it that does not completely clutter the code.

(This used to be commit 7c673bd910e1fcbbf07198f38ceddd81e9064c11)

14 years agor1373: Fix from Guenther Deschner <> to ensure last error return is not...
Jeremy Allison [Tue, 6 Jul 2004 23:42:58 +0000 (23:42 +0000)]
r1373: Fix from Guenther Deschner <> to ensure last error return is not invalid.
(This used to be commit 4bdf914cba2a63d186138d1341a7260ad79da1f5)

14 years agor1370: BUG 1297 - prevent map_username() from being called twice during logon
Gerald Carter [Tue, 6 Jul 2004 21:43:12 +0000 (21:43 +0000)]
r1370: BUG 1297 - prevent map_username() from being called twice during logon
(This used to be commit e1364ff774b62f46c0f50864695da49972352126)

14 years agor1368: fix configure check so that if you set --enable-cups[=yes] and don't have...
Gerald Carter [Tue, 6 Jul 2004 19:24:34 +0000 (19:24 +0000)]
r1368: fix configure check so that if you set --enable-cups[=yes] and don't have the devel files, the configure script will exit with an error
(This used to be commit e2c7651e1625f7967f992ba76645a4340ea2d0dd)