15 years agor17814: Add .bzrignore file
Jelmer Vernooij [Thu, 24 Aug 2006 22:08:02 +0000 (22:08 +0000)]
r17814: Add .bzrignore file
(This used to be commit 5018bb91e704407a97515cdf74cccb6d7c30f027)

15 years agor17813: Remove another instance of manually setting the group SID.
Gerald Carter [Thu, 24 Aug 2006 22:05:53 +0000 (22:05 +0000)]
r17813: Remove another instance of manually setting the group SID.
The would have been primaryly used when adding a user to
an smbpasswd file, but could have been introduce to other
backends by using pdbedit -i -e.

The symptom was

[2006/08/09 13:07:43, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(6276)
  init_sam_user_info_21A: User nobody has Primary Group SID S-1-22-2-99,
  which conflicts with the domain sid S-1-5-21-1825997848-4107600307-1754506280.
  Failing operation.
(This used to be commit 0a3aa8b43ace8c635423c2df10827e81d145b58f)

15 years agor17812: Fix bad unsigned comparisons with TIME_T_MIN/TIME_T_MAX.
Jeremy Allison [Thu, 24 Aug 2006 21:37:10 +0000 (21:37 +0000)]
r17812: Fix bad unsigned comparisons with TIME_T_MIN/TIME_T_MAX.
(This used to be commit bd1fbdfb824883060b02be969a10f999d387973f)

15 years agor17810: Use datarootdir variable generated by newer autoconf versions. (fixes warning)
Jelmer Vernooij [Thu, 24 Aug 2006 20:52:43 +0000 (20:52 +0000)]
r17810: Use datarootdir variable generated by newer autoconf versions. (fixes warning)
(This used to be commit 836f04134f95d8452cee58a72438b4387103ce11)

15 years agor17809: Add in 64-bit integer time calculations (taken from
Jeremy Allison [Thu, 24 Aug 2006 20:51:57 +0000 (20:51 +0000)]
r17809: Add in 64-bit integer time calculations (taken from
Samba4) for machines that have 64-bit integers. Leave
the (double) code for machines that don't. Needs
testing.... :-).
(This used to be commit 9e65c175b0794bea3082785b5da6f5b281887ce7)

15 years agor17807: Fix a file descriptor leak pointed out by John Malmberg. Thanks!
Volker Lendecke [Thu, 24 Aug 2006 20:42:31 +0000 (20:42 +0000)]
r17807: Fix a file descriptor leak pointed out by John Malmberg. Thanks!

(This used to be commit fac007ccbec75f5ee9ff2769d8add4d27e62167d)

15 years agor17806: Make NTTIME a UINT64_S rather than a separate structure consisting of
Jelmer Vernooij [Thu, 24 Aug 2006 20:27:42 +0000 (20:27 +0000)]
r17806: Make NTTIME a UINT64_S rather than a separate structure consisting of
two uint32s.
(This used to be commit 3556a9c26cf7728e2435bb28e69958751e883ab9)

15 years agor17805: Sorry Jerry, I could not stand the warnings... :-)
Volker Lendecke [Thu, 24 Aug 2006 20:17:59 +0000 (20:17 +0000)]
r17805: Sorry Jerry, I could not stand the warnings... :-)
(This used to be commit f5fcafd77e8a749659ef90296402c5130f45419b)

15 years agor17804: Fix a enum/int mixup found by the IRIX compiler.
Volker Lendecke [Thu, 24 Aug 2006 19:56:20 +0000 (19:56 +0000)]
r17804: Fix a enum/int mixup found by the IRIX compiler.

(This used to be commit 3a1cf623765cd8b6615ad317d25cebc379c762a2)

15 years agor17803: finally get the new libaddns code to build on Solaris 9
Gerald Carter [Thu, 24 Aug 2006 18:48:44 +0000 (18:48 +0000)]
r17803: finally get the new libaddns code to build on Solaris 9
(This used to be commit 6a4f4ce016dc47ff4b433208266c4616be7e2770)

15 years agor17802: trying to fix more build farm hosts
Gerald Carter [Thu, 24 Aug 2006 18:09:05 +0000 (18:09 +0000)]
r17802: trying to fix more build farm hosts
(This used to be commit d16fea385aba11b6dad141298694320c803bf3eb)

15 years agor17801: bad merge ? No sure how the second half of the LIBNDR_OBJ value got cut...
Gerald Carter [Thu, 24 Aug 2006 16:56:36 +0000 (16:56 +0000)]
r17801: bad merge ?  No sure how the second half of the LIBNDR_OBJ value got cut...
(This used to be commit 3662f86f41b83a5c944294ca02b6e216ee87f88c)

15 years agor17800: Start using struct timespec internally for file times
Jeremy Allison [Thu, 24 Aug 2006 16:44:00 +0000 (16:44 +0000)]
r17800: Start using struct timespec internally for file times
on the wire. This allows us to go to nsec resolution
for systems that support it. It should also now be
easy to add a correct "create time" (birth time)
for systems that support it (*BSD). I'll be watching
the build farm closely after this one for breakage :-).
(This used to be commit 425280a1d23f97ef0b0be77462386d619f47b21d)

15 years agor17799: Start fixing the building carnage. Only include calls to
Gerald Carter [Thu, 24 Aug 2006 16:33:50 +0000 (16:33 +0000)]
r17799: Start fixing the building carnage.  Only include calls to
uuid lib fucntions when WITH_DNS_UPDATES is defined.
(This used to be commit 3c547202856378cb1b6895b8c5dd0c9e43c66a1f)

15 years agor17798: Beginnings of a standalone libaddns library released under
Gerald Carter [Thu, 24 Aug 2006 15:43:32 +0000 (15:43 +0000)]
r17798: Beginnings of a standalone libaddns library released under
the LGPL.   Original code by Krishna Ganugapati <>.
Additional work by me.

It's still got some warts, but non-secure updates do
currently work.  There are at least four things left to
really clean up.

1. Change the memory management to use talloc() rather than
   malloc() and cleanup the leaks.
2. Fix the error code reporting (see initial changes to
3. Fix the secure updates
4. Define a public interface in addns.h
5. Move the code in libads/dns.c into the libaddns/ directory
   (and under the LGPL).

A few notes:

* Enable the new code by compiling with --with-dnsupdate
* Also adds the command 'net ads dns register'
* Requires -luuid (included in the e2fsprogs-devel package).
* Has only been tested on Linux platforms so there may be portability
(This used to be commit 36f04674aeefd93c5a0408b8967dcd48b86fdbc1)

15 years agor17797: Just say "ok" when trying to rename a local group to its same name.
Gerald Carter [Thu, 24 Aug 2006 12:49:18 +0000 (12:49 +0000)]
r17797: Just say "ok" when trying to rename a local group to its same name.
(This used to be commit e6e54125003373f83e6900668ceb9981e8620776)

15 years agor17795: Finally track down the "ads_connect: Interrupted system call"
Gerald Carter [Thu, 24 Aug 2006 12:13:57 +0000 (12:13 +0000)]
r17795: Finally track down the "ads_connect: Interrupted system call"
error.  Fix our DNS SRV lookup code to deal with multi-homed hosts.
We were noly remembering one IP address per host from the Additional
records section in the SRV response which could have been an unreachable
(This used to be commit 899179d2b9fba13cc6f4dab6efc3c22e44e062bc)

15 years agor17767: Argggg. Broke the build. Need to fix callers of put_long_date()
Jeremy Allison [Thu, 24 Aug 2006 01:34:33 +0000 (01:34 +0000)]
r17767: Argggg. Broke the build. Need to fix callers of put_long_date()
and interpret_long_date() first. Reverting...
(This used to be commit 5d9c308e7b780c956f9810c9f345d1ef32d0f528)

15 years agor17766: Getting ready to properly expose 100ns times on
Jeremy Allison [Thu, 24 Aug 2006 01:31:00 +0000 (01:31 +0000)]
r17766: Getting ready to properly expose 100ns times on
the wire. Move the internals of nt_time functions
to use struct timespecs.
(This used to be commit 4ece92f7ef070c86ee7c6f523a207cfaccf84478)

15 years agor17761: Handle times consistently across all client utils.
Jeremy Allison [Wed, 23 Aug 2006 22:33:50 +0000 (22:33 +0000)]
r17761: Handle times consistently across all client utils.
Fixes bugs reported in libsmbclient.
(This used to be commit 42a417fb75313b093948602c3be8e2f386048b5f)

15 years agor17760: The DNS SRV lookup already sorts by priority and weight so don't
Gerald Carter [Wed, 23 Aug 2006 21:04:47 +0000 (21:04 +0000)]
r17760: The DNS SRV lookup already sorts by priority and weight so don't
use the generic IP list sort in get_sorted_dc_list().
(This used to be commit 03a767539d5b09ebd6564c0c9157de2a6e0e6b89)

15 years agor17736: Apply the Unix group patch when creating the token for a
Gerald Carter [Wed, 23 Aug 2006 02:45:45 +0000 (02:45 +0000)]
r17736: Apply the Unix group patch when creating the token for a
username map.
(This used to be commit 0298a3466bc6c5e322db7dac386e4e5eef0e2702)

15 years agor17723: * BUG 3969: Fix unsigned time comparison with expiration policy from AD DC
Gerald Carter [Tue, 22 Aug 2006 22:53:08 +0000 (22:53 +0000)]
r17723: * BUG 3969: Fix unsigned time comparison with expiration policy from AD DC
* Merge patches from SLES10 to make sure we talk to the correct
  winbindd process when performing pam_auth (and pull the password policy info).
(This used to be commit 43bd8c00abb38eb23a1497a255d194fb1bbffffb)

15 years agor17710: Thanks to Thomas Bork for testing and continued feedback on this.
Gerald Carter [Tue, 22 Aug 2006 16:01:24 +0000 (16:01 +0000)]
r17710: Thanks to Thomas Bork for testing and continued feedback on this.

Comments from the patch:

/* Add the "Unix Group" SID for each gid to catch mapped groups
   and their Unix equivalent.  This is to solve the backwards
   compatibility problem of 'valid users = +ntadmin' where
   ntadmin has been paired with "Domain Admins" in the group
   mapping table.  Otherwise smb.conf would need to be changed
   to 'valid user = "Domain Admins"'.  --jerry */
(This used to be commit 3848199287c5829aef66d0dee38a79056fe1ff5c)

15 years agor17709: Fix cut-n-paste error with the name of gid_to_unix_group_sid().
Gerald Carter [Tue, 22 Aug 2006 15:18:13 +0000 (15:18 +0000)]
r17709: Fix cut-n-paste error with the name of gid_to_unix_group_sid().
(This used to be commit dda0b8bce6b7e0146badd8aeb52b5cce6289de21)

15 years agor17677: There is no need for a 2nd krb5_to_nt_status function, is there?
Günther Deschner [Tue, 22 Aug 2006 00:36:31 +0000 (00:36 +0000)]
r17677: There is no need for a 2nd krb5_to_nt_status function, is there?

Michael Adam/Volker, please check.

(This used to be commit d0feb85781f69325ee70aff98370cfac037c4cc2)

15 years agor17676: Fix printing bug found by kukks. Don't copy a return
Jeremy Allison [Mon, 21 Aug 2006 23:30:39 +0000 (23:30 +0000)]
r17676: Fix printing bug found by kukks. Don't copy a return
value into an auto on the stack that gets removed when
we return from the frame :-).
(This used to be commit 85bf8a16116e5eb9d4400e809531737d45890abb)

15 years agor17673: volker's patch for re-adding Getpwnam() lookups to smbpasswd backend (I hate...
Gerald Carter [Mon, 21 Aug 2006 21:53:02 +0000 (21:53 +0000)]
r17673: volker's patch for re-adding Getpwnam() lookups to smbpasswd backend (I hate username level)
(This used to be commit 0939b6e20c6aef7a203c92fb0afa207c9fa779dd)

15 years agor17672: remove duplicate description on NT_STATUS_INVALID_PARAMETER (from Michael...
Gerald Carter [Mon, 21 Aug 2006 21:25:17 +0000 (21:25 +0000)]
r17672: remove duplicate description on NT_STATUS_INVALID_PARAMETER (from Michael Adam <>)
(This used to be commit 7b51e27d026f2511edcde054f0d2deb9932d2fe8)

15 years agor17669: Remove RID algorithm support from unmapped users and groups
Gerald Carter [Mon, 21 Aug 2006 20:04:01 +0000 (20:04 +0000)]
r17669: Remove RID algorithm support from unmapped users and groups
when using smbpasswd
(This used to be commit dde552336c732ddd6076a6a32575a37cb51aa94c)

15 years agor17668: Fix the miscalculations in pushing announces. Fixes
Jeremy Allison [Mon, 21 Aug 2006 20:03:32 +0000 (20:03 +0000)]
r17668: Fix the miscalculations in pushing announces. Fixes
problems Kukks reported.
(This used to be commit 426d722029b245e239f0ee39b6be249c59e1918c)

15 years agor17667: Merge snprintf fixes from tridge (Samba4).
Jeremy Allison [Mon, 21 Aug 2006 17:58:41 +0000 (17:58 +0000)]
r17667: Merge snprintf fixes from tridge (Samba4).

several replacement snprintf() fixes.

1) when running the testsuite, actually test against the system
   sprintf(), not against ourselves (doh!)

2) fix the buffer termination to terminate buf2 as well

3) fix handling of %llu, and add a simple test

This fixes a bug with password expiry on solaris
(This used to be commit 64fd96666f391101c41b7a564fd20ab2e93e3923)

15 years agor17630: Looks like getpeerid() is a system function on
Jeremy Allison [Sun, 20 Aug 2006 20:05:49 +0000 (20:05 +0000)]
r17630: Looks like getpeerid() is a system function on
FreeBSD. Change to sys_getpeerid(). Thanks to
vl for pointing this out.
(This used to be commit dd0069cfcabb25dc7dc0d336696a5f2580abb5a1)

15 years agor17626: Some C++ Warnings
Volker Lendecke [Sun, 20 Aug 2006 17:55:06 +0000 (17:55 +0000)]
r17626: Some C++ Warnings
(This used to be commit 09e7c010f03ac3c621f7a7fad44685d278c1481a)

15 years agor17625: Fix the build
Volker Lendecke [Sun, 20 Aug 2006 17:46:20 +0000 (17:46 +0000)]
r17625: Fix the build
(This used to be commit 76ef8af881843685a5b14c9017cba32f6867bd28)

15 years agor17623: Revert accidential commit
Volker Lendecke [Sun, 20 Aug 2006 17:30:27 +0000 (17:30 +0000)]
r17623: Revert accidential commit
(This used to be commit 8dcc4e7dd6dd879f341b58fc04cb1308c0463862)

15 years agor17622: Add a framework for a printing backend designed to support the build farm. If
Volker Lendecke [Sun, 20 Aug 2006 17:29:00 +0000 (17:29 +0000)]
r17622: Add a framework for a printing backend designed to support the build farm. If
we want to walk more printing code in the build farm I think doing that with a
customized printing backend is much easier than with a set of shell scripts.

Jerry, comments?

(This used to be commit 949cd6b992364d2bc60fd59051b6ac1c4cc4288c)

15 years agor17620: Fix two C++ Warnings and a memleak
Volker Lendecke [Sun, 20 Aug 2006 17:08:37 +0000 (17:08 +0000)]
r17620: Fix two C++ Warnings and a memleak
(This used to be commit d7246284e0117f7a97b3cbb80ff45b532559bf63)

15 years agor17618: Not using a cache version number (yet). We really should...
Jeremy Allison [Sun, 20 Aug 2006 03:56:27 +0000 (03:56 +0000)]
r17618: Not using a cache version number (yet). We really should...
(This used to be commit b711587f6e33bc5781b15da7bc49b31db4653073)

15 years agor17617: Take Andrew Bartletts excellent advice and don't store
Jeremy Allison [Sun, 20 Aug 2006 03:53:42 +0000 (03:53 +0000)]
r17617: Take Andrew Bartletts excellent advice and don't store
the nt hash directly in the winbindd cache, store a
salted version (MD5 of salt + nt_hash). This is what
we do in the LDAP password history code. We store
this salted cache entry under the same name as an old
entry (CRED/<sid>) but detect it on read by checking
if there are 17 bytes of data after the first stored
hash (1 byte len, 16 bytes hash). GD PLEASE CHECK.
(This used to be commit 89d0163a97edaa46049406ea3e2152bee4e0d1b2)

15 years agor17616: Add the lm and nt hashes to the cached credentials
Jeremy Allison [Sun, 20 Aug 2006 01:25:26 +0000 (01:25 +0000)]
r17616: Add the lm and nt hashes to the cached credentials
stored - only store the password if we're going to
be doing a krb5 refresh. GD please review this change !
Now to add code to reference count the cached creds
(to allow multiple pam_logon/pam_logoffs to keep the
creds around), ensure that the cred cache is called
on all successful pam_logons (if we have winbindd cache
pam credentials = true, set this by default) and finally
ensure the creds cache is changed on successful password
change. GD - you *really* need to review this :-).
(This used to be commit 017e7e14958d29246a1b221e33755bb91e96b08f)

15 years agor17612: Modify NTLMSSP session code so that it doesn't store
Jeremy Allison [Sat, 19 Aug 2006 20:42:04 +0000 (20:42 +0000)]
r17612: Modify NTLMSSP session code so that it doesn't store
a copy of the plaintext password, only the NT and LM
hashes (all it needs). Fix smbencrypt to expose hash
verions of plaintext function. Andrew Bartlett, you
might want to look at this for gensec.
This should make it easier for winbindd to store
cached credentials without having to store plaintext
passwords in an NTLM-only environment (non krb5).
(This used to be commit 629faa530f0422755823644f1c23bea74830912f)

15 years agor17610: Added the ability for firefox to drive the winbindd
Jeremy Allison [Sat, 19 Aug 2006 01:04:54 +0000 (01:04 +0000)]
r17610: Added the ability for firefox to drive the winbindd
ntlm_auth module to allow it to use winbindd cached
credentials.The credentials are currently only stored
in a krb5 MIT environment - we need to add an option to
winbindd to allow passwords to be stored even in an NTLM-only
Patch from Robert O'Callahan, modified with some fixes
by me.
(This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3)

15 years agor17607: Adapt the Samba4 directory structure for tdb. Makes it easier to diff.
Volker Lendecke [Fri, 18 Aug 2006 16:25:09 +0000 (16:25 +0000)]
r17607: Adapt the Samba4 directory structure for tdb. Makes it easier to diff.

Let's see what it breaks. For me it works :-)

(This used to be commit 337be14b432e5dfd80c7418b2db4fe0087259b77)

15 years agor17606: Introduce krb5_to_ntstatus.
Volker Lendecke [Fri, 18 Aug 2006 15:10:46 +0000 (15:10 +0000)]
r17606: Introduce krb5_to_ntstatus.

Thanks to Michael Adam <>

(This used to be commit 6e641c90b8f52a822a83701cdf305c60416d7f0c)

15 years agor17605: Some C++ warnings
Volker Lendecke [Fri, 18 Aug 2006 14:05:25 +0000 (14:05 +0000)]
r17605: Some C++ warnings
(This used to be commit 05268d7a731861b10ce8556fd32a004808383923)

15 years agor17604: Fix a bug caught by g++.
Volker Lendecke [Fri, 18 Aug 2006 13:37:36 +0000 (13:37 +0000)]
r17604: Fix a bug caught by g++.

Jeremy, please check this!

(This used to be commit 8117a7b3bf3f273dd018c42864b3136dec47ec79)

15 years agor17603: Make net_ads_join_ok return NTSTATUS.
Volker Lendecke [Fri, 18 Aug 2006 12:45:51 +0000 (12:45 +0000)]
r17603: Make net_ads_join_ok return NTSTATUS.

Thanks to Michael Adam <>

hop, hop, hop... ;-)

(This used to be commit 47facab798bdc6e20b2620972f1b8f2338fac239)

15 years agor17602: Make check_ads_config return NTSTATUS, set some error codes in net_ads_join.
Volker Lendecke [Fri, 18 Aug 2006 12:39:21 +0000 (12:39 +0000)]
r17602: Make check_ads_config return NTSTATUS, set some error codes in net_ads_join.

Thanks to Michael Adam <>

(This used to be commit 27cca861507afa9caf694ef89e543c86de01c2cd)

15 years agor17595: Fix from Ben Winslow <> to allow
Jeremy Allison [Thu, 17 Aug 2006 19:49:54 +0000 (19:49 +0000)]
r17595: Fix from Ben Winslow <> to allow
client smb signing to be correctly turned off.
(This used to be commit 61f052b0a67b8a05b5d925bf8bbad73369ac03bd)

15 years agor17592: Remove some unused functions pointed out by John E. Malmberg, make
Volker Lendecke [Thu, 17 Aug 2006 15:04:53 +0000 (15:04 +0000)]
r17592: Remove some unused functions pointed out by John E. Malmberg, make
do_file_lock static to pdb_smbpasswd.c, the only user of it.

(This used to be commit 543f77a45f0a75ede48b0f2c674a0abdd386fed5)

15 years agor17591: machine_account is unused, and ctx must be freed. Thanks Michael
Volker Lendecke [Thu, 17 Aug 2006 14:38:59 +0000 (14:38 +0000)]
r17591: machine_account is unused, and ctx must be freed. Thanks Michael
(This used to be commit a347f8a9c480cf09abac9144e04ab2b13457e3b0)

15 years agor17590: Some C++ Warnings
Volker Lendecke [Thu, 17 Aug 2006 14:28:03 +0000 (14:28 +0000)]
r17590: Some C++ Warnings
(This used to be commit b7ec240880af0072ef20b2c0d688ef3cc386d484)

15 years agor17589: Check in the really uncontroversial patch from Michael
Volker Lendecke [Thu, 17 Aug 2006 13:46:02 +0000 (13:46 +0000)]
r17589: Check in the really uncontroversial patch from Michael
(This used to be commit de76217cfb9d20431189e838999a634e4de067a9)

15 years agor17585: Don't let ads_status throw away the error information.
Volker Lendecke [Thu, 17 Aug 2006 12:44:59 +0000 (12:44 +0000)]
r17585: Don't let ads_status throw away the error information.

Thanks to Michael Adam <>.

(This used to be commit ea3a4142a0f2140d8743a50518ae94df2d84d972)

15 years agor17584: Some C++ Warnings
Volker Lendecke [Thu, 17 Aug 2006 11:54:23 +0000 (11:54 +0000)]
r17584: Some C++ Warnings
(This used to be commit f6194cf4b263454bbdf180a7d014ffc3498df497)

15 years agor17583: Change internal cli_session_setup functions to NTSTATUS.
Volker Lendecke [Thu, 17 Aug 2006 10:01:48 +0000 (10:01 +0000)]
r17583: Change internal cli_session_setup functions to NTSTATUS.

(This used to be commit 990da03f0940371d20f89c145b7ebdbe8e9bf4c4)

15 years agor17573: Fix typo
Volker Lendecke [Wed, 16 Aug 2006 17:43:13 +0000 (17:43 +0000)]
r17573: Fix typo
(This used to be commit fd6e3f133b267a9506699d1c2934a153dd732df2)

15 years agor17572: Fix the build
Volker Lendecke [Wed, 16 Aug 2006 17:33:47 +0000 (17:33 +0000)]
r17572: Fix the build
(This used to be commit acf237b3cd1b546c2744447d977d36a8e3ed4d10)

15 years agor17571: Change the return code of cli_session_setup from BOOL to NTSTATUS
Volker Lendecke [Wed, 16 Aug 2006 17:14:16 +0000 (17:14 +0000)]
r17571: Change the return code of cli_session_setup from BOOL to NTSTATUS

(This used to be commit 94817a8ef53589011bc4ead4e17807a101acf5c9)

15 years agor17569: Make 'max smbd processes' more robust. Counting on the child to decrement a
Volker Lendecke [Wed, 16 Aug 2006 10:36:19 +0000 (10:36 +0000)]
r17569: Make 'max smbd processes' more robust. Counting on the child to decrement a
tdb entry is not the most reliable way to count children correctly.

This increments the number of children after a fork and decrements it upon
SIGCLD. I'm keeping a list of children just for consistency checks, so that we
at least get a debug level 0 message if something goes wrong.

(This used to be commit eb45de167d24d07a218307ec5a48c0029ec097c6)

15 years agor17568: Reformatting -- more than 100 cols is too much :-)
Volker Lendecke [Wed, 16 Aug 2006 09:10:54 +0000 (09:10 +0000)]
r17568: Reformatting -- more than 100 cols is too much :-)
(This used to be commit 2a66abca02b5e95b66ab336f0d0e3977676d4540)

15 years agor17557: Change net_join_domain to return NTSTATUS instead of int.
Volker Lendecke [Tue, 15 Aug 2006 14:27:20 +0000 (14:27 +0000)]
r17557: Change net_join_domain to return NTSTATUS instead of int.

Thanks to Michael Adam <>.

(This used to be commit c4e10afadb39ff562287ab2294df0a1f83b28908)

15 years agor17556: Remove duplicate entries. Thanks to Michael Adam <>
Volker Lendecke [Tue, 15 Aug 2006 14:18:15 +0000 (14:18 +0000)]
r17556: Remove duplicate entries. Thanks to Michael Adam <>

(This used to be commit ea83001d3ed0b5da67cf367c17fdef662bc01681)

15 years agor17555: Cleanup
Volker Lendecke [Tue, 15 Aug 2006 14:09:12 +0000 (14:09 +0000)]
r17555: Cleanup
(This used to be commit 4199b5d2262e1e154f75f609fef20ed8e8c21cf2)

15 years agor17554: Cleanup
Volker Lendecke [Tue, 15 Aug 2006 14:07:15 +0000 (14:07 +0000)]
r17554: Cleanup
(This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9)

15 years agor17552: Attempt to fix tdb transactions on IRIX
Volker Lendecke [Tue, 15 Aug 2006 12:28:23 +0000 (12:28 +0000)]
r17552: Attempt to fix tdb transactions on IRIX
(This used to be commit 4a7b06860cd2907eb0e0deb466a613529121b8b7)

15 years agor17551: Move some DEBUG to d_printf in interactive functions and return
Volker Lendecke [Tue, 15 Aug 2006 09:53:16 +0000 (09:53 +0000)]
r17551: Move some DEBUG to d_printf in interactive functions and return
NO_LOGON_SERVERS if no domain controller was found.

Thanks to Michael Adam <>.

(This used to be commit d44599de3a61707a32851f37ddfb2425949622f8)

15 years agor17550: Fix a few bugs in the tdb_multikey code. Thanks to tridge for pointing them
Volker Lendecke [Tue, 15 Aug 2006 08:05:52 +0000 (08:05 +0000)]
r17550: Fix a few bugs in the tdb_multikey code. Thanks to tridge for pointing them

(This used to be commit 6bf5e7080a51c416d1d1466b1ca84c8f23a6bf2c)

15 years agor17541: When returning a trans2 request, if the "max data
Jeremy Allison [Mon, 14 Aug 2006 16:53:14 +0000 (16:53 +0000)]
r17541: When returning a trans2 request, if the "max data
bytes returned" is less than the amount we want
to send, return what we can and set STATUS_BUFFER_OVERFLOW
(doserror ERRDOS,ERRbufferoverflow). Required by
OS/2 to handle EA's that are too large. It's hard
to test this in Samba4 smbtorture as the max data
bytes returned is hard coded at 0xffff (as it is
in the Samba3 client libraries also). I used a
custom version of Samba4 smbtorture to test this
out. Might add a "max data bytes" param to make
this testable in the build farm. Confirmed by
"Guenter Kukkukk (sambaos2)" <>
and Andreas Taegener <>
that this fixes the issue.
(This used to be commit ff2f1202b76991a404dae8df17c36f8135c8dc51)

15 years agor17536: Add a debug message citing the reason why an LDAP connection failed, inspired
Volker Lendecke [Mon, 14 Aug 2006 12:54:37 +0000 (12:54 +0000)]
r17536: Add a debug message citing the reason why an LDAP connection failed, inspired
by Christian M Ambach <>.

(This used to be commit cf7c83d462dc766fa6f48728d0a4e8d534cc2bd4)

15 years agor17535: Reformatting, this had many tabs instead of ^$
Volker Lendecke [Mon, 14 Aug 2006 12:42:46 +0000 (12:42 +0000)]
r17535: Reformatting, this had many tabs instead of ^$
(This used to be commit 0f483cf66c203d8590998b83cbeeb236ba06ab63)

15 years agor17509: same for old woody packaging stuff
Simo Sorce [Sat, 12 Aug 2006 20:23:58 +0000 (20:23 +0000)]
r17509: same for old woody packaging stuff
(This used to be commit 4fc773080a43cc73906c99a38406706b23e84c3f)

15 years agor17508: I didn;t realize we had this in our packages, remove it
Simo Sorce [Sat, 12 Aug 2006 20:22:55 +0000 (20:22 +0000)]
r17508: I didn;t realize we had this in our packages, remove it
(This used to be commit 47a462359562eea5d99e1c3965569615c3451397)

15 years agor17496: net groupmap add could add uninitialized sid_name_type
Jeremy Allison [Fri, 11 Aug 2006 18:09:59 +0000 (18:09 +0000)]
r17496: net groupmap add could add uninitialized sid_name_type
entries to the group mapping db. Ensure this can't happen.
(This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511)

15 years agor17487: Allocate some OID space for Samba4, so we don't trip on each other.
Andrew Bartlett [Fri, 11 Aug 2006 06:44:31 +0000 (06:44 +0000)]
r17487: Allocate some OID space for Samba4, so we don't trip on each other.

Andrew Bartlett
(This used to be commit 199a33ac80977782869b24ce86dcd51cb16d3851)

15 years agor17477: Add talloc_asprintf_len and make use of it.
Volker Lendecke [Thu, 10 Aug 2006 11:33:42 +0000 (11:33 +0000)]
r17477: Add talloc_asprintf_len and make use of it.

(This used to be commit c0ff2afe0683095401fa7b7654aa3b2fe950f7b3)

15 years agor17470: This is the group mapping rewrite announced a few days ago. I'm afraid it's
Volker Lendecke [Wed, 9 Aug 2006 20:25:13 +0000 (20:25 +0000)]
r17470: This is the group mapping rewrite announced a few days ago. I'm afraid it's
more than 1000 lines of patch, but doing it in smaller pieces is hardly

Anybody interested please look over this. The patch is not really interesting,
just look at the new groupdb/mapping.c file.

Jerry, one entry for the 3.0.24 release notes: smbd will refuse to start if we
have overlapping mappings in group_mapping.tdb. With the old db a unix gid can
be mapped to two different SIDs. This will be refused with the new code.

(This used to be commit f0f0e893ca41d35b58b35929de78dcb911b3c7dc)

15 years agor17469: remove unused variable
Simo Sorce [Wed, 9 Aug 2006 15:36:57 +0000 (15:36 +0000)]
r17469: remove unused variable
(This used to be commit c7d115a7d08ecebe2ba70b3f0efae39a1fd8e42a)

15 years agor17468: To minimize the diff later on, pre-commit some changes independently: Change
Volker Lendecke [Wed, 9 Aug 2006 15:25:26 +0000 (15:25 +0000)]
r17468: To minimize the diff later on, pre-commit some changes independently: Change
internal mapping.c functions to return NTSTATUS instead of BOOL.

(This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a)

15 years agor17465: Get rid of add_initial_entry. In the two places it was called in it seemed a
Volker Lendecke [Tue, 8 Aug 2006 20:50:35 +0000 (20:50 +0000)]
r17465: Get rid of add_initial_entry. In the two places it was called in it seemed a
bit pointless to me.

(This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa)

15 years agor17464: Ensure we use a hash16 data type, not a string,
Jeremy Allison [Tue, 8 Aug 2006 20:35:17 +0000 (20:35 +0000)]
r17464: Ensure we use a hash16 data type, not a string,
for storing offline hashes.
(This used to be commit c8e6f7e41c9db436b34dd127d77940d7b43bf13b)

15 years agor17463: A bit of cleanup work:
Volker Lendecke [Tue, 8 Aug 2006 19:29:34 +0000 (19:29 +0000)]
r17463: A bit of cleanup work:

Remove some unused code: pdb_find_alias is not used anymore, and nobody I
think has ever used the pdb_nop operations for group mapping. smbpasswd and
tdb use the default ones and ldap has its own.

Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right
now really makes use of it, but it feels wrong to throw away information so

(This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc)

15 years agor17462: Fix a cut&paste bug that caused us to return a null SID on some error conditions
Simo Sorce [Tue, 8 Aug 2006 18:38:33 +0000 (18:38 +0000)]
r17462: Fix a cut&paste bug that caused us to return a null SID on some error conditions
(This used to be commit 954593bd41ff2475df5d37eae18be08ffa3002eb)

15 years agor17461: Ensure we never save a NULL SID mapping. || should be &&.
Jeremy Allison [Tue, 8 Aug 2006 17:34:51 +0000 (17:34 +0000)]
r17461: Ensure we never save a NULL SID mapping. || should be &&.
Found by Whitfield school.
(This used to be commit f8584a475853bd8937fb0cf1b304c98f96fbd872)

15 years agor17460: First step at fixing the build breakage with the groupmapping test. On Linux,
Volker Lendecke [Tue, 8 Aug 2006 16:08:22 +0000 (16:08 +0000)]
r17460: First step at fixing the build breakage with the groupmapping test. On Linux,
F_RDLCK is defined to 0, for example NetBSD has it at 1.

Still does not work fully though. Still investigating.

This might also be interesting to Samba4.

(This used to be commit a1c3774e01710ae0edc89e05f7781d2928ea9319)

15 years agor17459: As by Jerry's word commit this without his review.
Simo Sorce [Tue, 8 Aug 2006 15:33:09 +0000 (15:33 +0000)]
r17459: As by Jerry's word commit this without his review.

This patch add some missing async functions to
solve UID/GID -> SID requests not just out of the cache,
but down the remote idmap if necessary.

This patch solves the problem of servers not showing users/groups names
for allocated UID/GIDs when joined to a group of servers that share a
prepopulated idmap backend.

Also correctly resolve UID/GIDs to SIDs when looking ACLs from the
windows security tab on teh same situation.

(This used to be commit b8578bfab6a04fcd65a2e65f507067459e326077)

15 years agor17457: Add a test to do some operations on group mapping.
Volker Lendecke [Tue, 8 Aug 2006 13:54:43 +0000 (13:54 +0000)]
r17457: Add a test to do some operations on group mapping.

(This used to be commit 68db058fdf508d5b4d38731ece21f5d92feca00c)

15 years agor17454: Adding dfs_EnumEx for rpcclient (Samba4 IDL to follow).
Günther Deschner [Tue, 8 Aug 2006 11:45:57 +0000 (11:45 +0000)]
r17454: Adding dfs_EnumEx for rpcclient (Samba4 IDL to follow).

(This used to be commit 8c1198c1592e7c07904b448ed7a54b9b23c941df)

15 years agor17453: Fix msdfs RPC management (this broke with the autogenerated dfs rpcs).
Günther Deschner [Tue, 8 Aug 2006 11:00:16 +0000 (11:00 +0000)]
r17453: Fix msdfs RPC management (this broke with the autogenerated dfs rpcs).

* Remove "unknown" from dfs_Enum (samba4 dfs IDL updates to follow).

* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).

(This used to be commit f9bef1f08f7d2a4c95c28329ac73e8646f033998)

15 years agor17452: Some C++ warnings
Volker Lendecke [Tue, 8 Aug 2006 09:56:38 +0000 (09:56 +0000)]
r17452: Some C++ warnings
(This used to be commit e4b8c79a9d6f7323953121887af4f482d04a9228)

15 years agor17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as an
Volker Lendecke [Tue, 8 Aug 2006 08:26:40 +0000 (08:26 +0000)]
r17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as an

(This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f)

15 years agor17446: Fix some C++ warnings and two memleaks found by Coverity, IDs 304 and 305.
Volker Lendecke [Mon, 7 Aug 2006 20:15:31 +0000 (20:15 +0000)]
r17446: Fix some C++ warnings and two memleaks found by Coverity, IDs 304 and 305.

(This used to be commit 4f6605a4880f54f2c7d1f3c7554408d893bc623c)

15 years agor17445: fix bad PAM file on 64 bit boxes
Gerald Carter [Mon, 7 Aug 2006 18:55:42 +0000 (18:55 +0000)]
r17445: fix bad PAM file on 64 bit boxes
(This used to be commit d44a3228f08b8855e8f3a5a045b4366af24b82f8)

15 years agor17444: put pam and nss libs in samba-common on RHEL for compatibility with system...
Gerald Carter [Mon, 7 Aug 2006 18:25:28 +0000 (18:25 +0000)]
r17444: put pam and nss libs in samba-common on RHEL for compatibility with system provides rpms
(This used to be commit cad3d27e05a8c6e325795ce145b9f2840911f4bb)

15 years agor17439: Fix logic error in checking TALLOC return. Spotted by Volker.
Jeremy Allison [Mon, 7 Aug 2006 15:41:43 +0000 (15:41 +0000)]
r17439: Fix logic error in checking TALLOC return. Spotted by Volker.
(This used to be commit 06aea05c52ee770a2dd6465e9e2fcd0ccd8c811d)

15 years agor17431: Fix bug #4003, reported by
Jeremy Allison [Sat, 5 Aug 2006 20:05:37 +0000 (20:05 +0000)]
r17431: Fix bug #4003, reported by
NTcancel doesn't send a reply, so in this case the signing
sequence number is only incremented by 1, not 2.
(This used to be commit 85841a01987e653a085af00c7c437145686a332b)

15 years agor17425: Add the multi-key wrapper. If it's necessary to add general blobs as keys,
Volker Lendecke [Sat, 5 Aug 2006 17:49:35 +0000 (17:49 +0000)]
r17425: Add the multi-key wrapper. If it's necessary to add general blobs as keys,
this can trivially be added later.

(This used to be commit 6915adb9780052952e4a1d9e1c3e6cac06f48463)

15 years agor17408: Let us use netgroups even without a NIS domain but just using files
Simo Sorce [Fri, 4 Aug 2006 22:18:02 +0000 (22:18 +0000)]
r17408: Let us use netgroups even without a NIS domain but just using files
(This used to be commit c065341d3ffc9125514f563c63d416cf7c40375f)

15 years agor17407: Don't do strchr_m twice when once will do.
Jeremy Allison [Fri, 4 Aug 2006 21:15:52 +0000 (21:15 +0000)]
r17407: Don't do strchr_m twice when once will do.
(This used to be commit b5f0b1b6447ac3c77558b32d97ce96d357ce15c0)