summaryrefslogtreecommitdiff
path: root/source/nsswitch/winbindd_user.c
Commit message (Collapse)AuthorAgeFilesLines
* syncing up to 3.0.0rc1Gerald Carter2003-08-151-13/+25
|
* starting to sync up for beta3Gerald Carter2003-07-161-14/+50
|
* starting to sync for 3.0beta2Gerald Carter2003-07-011-5/+22
|
* *id_to_*id call reshape to return NTSTATUS errorsSimo Sorce2003-05-011-14/+5
| | | | | plus internal fixes 1st stage
* make winbind use idmap as well.Simo Sorce2003-04-271-11/+17
| | | | | | | | | change idmap_init call removed ldap backend for winbind idmap, seem it had problems anyway and it have to be reworked to work with idmap without calling winbind code. simo
* Fix debug message not to use an uninitialized variable.Volker Lendecke2003-03-191-2/+1
| | | | Volker
* Kill RID-only and domain+RID madness from winbind.Andrew Bartlett2003-02-261-27/+29
| | | | | | | | | | | | | | | | | | | Now we deal with SIDs in almost all of winbind (a couple of limited exceptions remain, but I'm looking into them - they use non-winbind structs ATM). This has particular benifits in returning out-of-domain SIDs for group membership (Need to look into this a bit more) as well as general code quality. This also removes much of the complexity from the idmap interface, which now only deals with mapping IDs, not with SID->domain translations. Breifly tested, but needs more. Fixes some valgrind-found bugs from my previous commit. Winbind cache chagned to using SID strings in some places, as I could not follow exactly how to save and restore multiple packed sids properly. Andrew Bartlett
* setup the %U substitution in winbindd for the homedir templateAndrew Tridgell2003-02-121-0/+1
|
* Forward port the change to talloc_init() to make all talloc contextsJeremy Allison2002-12-201-4/+4
| | | | | named. Ensure we can query them. Jeremy.
* After consultation with tpot, remove the 'winbind_domain' environmentAndrew Bartlett2002-11-261-17/+0
| | | | | | | | | | variable hack, the feild on the pipe, and the server-side. It only controlled some enum operations in any case. This is to try and have less 'magic' environment variables. Andrew Bartlett
* Winbind updates!Andrew Bartlett2002-07-311-0/+3
| | | | | | | | | | | | | | | | This updates the 'winbind' authentication module and winbind's 'PAM' (actually netlogon) code to allow smbd to cache connections to the DC. This is particulary relevent when we need mutex locks already - there is no parallelism to be gained anyway. The winbind code authenticates the user, and if successful, passes back the 'info3' struct describing the user. smbd then interprets that in exactly the same way as an 'ntdomain' logon. Also, add parinoia to winbind about null termination. Andrew Bartlett
* more debug classess activatedSimo Sorce2002-06-181-0/+3
|
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Change the winbind interface to use seperate 'domain' and 'username' feilds forAndrew Bartlett2002-01-261-1/+1
| | | | | | | | | the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username.
* This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett2002-01-201-37/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett
* This is the 'winbind default domain' patch from Alexander BokovoyAndrew Bartlett2002-01-181-6/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | <a.bokovoy@sam-solutions.net>. The idea is the domain\username is rather harsh for unix systems - people don't expect to have to FTP, SSH and (in particular) e-mail with a username like that. This 'corrects' that - but is not without its own problems. As you can see from the changes to files like username.c and wb_client.c (smbd's winbind client code) a lot of assumptions are made in a lot of places about lp_winbind_seperator determining a users's status as a domain or local user. The main change I will shortly be making is to investigate and kill off winbind_initgroups() - as far as I know it was a workaround for an old bug in winbind itself (and a bug in RH 5.2) and should no longer be relevent. I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters to determine a user/groups's 'local' status, rather than the presence of the seperator. As such, this functionality is recommended for servers providing unix services, but is currently less than optimal for windows clients. (TODO: remove all references to lp_winbind_seperator() and lp_winbind_use_default_domain() from smbd) Andrew Bartlett
* Always query the PDC for the list of trusted domains rather than interatingTim Potter2002-01-111-15/+17
| | | | | | | | | | | | | | | | | the list received at startup or we get an out of date list. I thought there might be some sequence number that is incremented when a trusted domain is added or removed - perhaps there is but I just haven't found it yet. - Renamed get_domain_info() to init_domain_list() - Made an accessor function to return the list of trusted domains rather than using a global so we don't have to remember to put a magic init function - The getent state can not keep a pointer to a winbind_domain structure as it may be freed if init_domain_list() is called again so we keep the domain name instead
* A big tidyup while thinking about getting trusted domains being re-readTim Potter2002-01-101-23/+34
| | | | | | | | | | | | | | | | | | when they are added or removed on the PDC. - renamed GETPWNAM_FROM_{UID,USER} constants and functions to GETPW{NAM,UID} - renamed GETGRNAM_FROM_{GID,GROUP} constants and functions to GETGR{NAM,GID} - use SIGUSR2 in winbindd for debugging/logging instead of SIGUSR1 in preparation for moving to smbcontrol type messages (not sure whether to ditch this altogether or not) - tidy debugging messages in top level winbind user and group routines - convert talloc_init() to talloc_init_named() - make enumerations of the domain list use the same local variable names
* got rid of start_ndx from query_user_list()Andrew Tridgell2001-12-111-89/+72
|
* added some commentsAndrew Tridgell2001-12-101-2/+1
|
* completely new winbindd cache infrastructureAndrew Tridgell2001-12-091-58/+0
| | | | | | | | | | | | | | | | | | | this one looks like just another winbind backend, and has the following properties: - does -ve and +ve cacheing of all queries - can be disabled with -n switch to winbindd - stores all records packed, so even huge domains are not a problem for a complete cache - handles the server being down - uses sequence numbers for all entries This fixes a lot of problems with winbindd. Serving from cache is now *very* fast.
* finally worked out how to do ldap lookups by binary blobs, so I canAndrew Tridgell2001-12-051-4/+2
| | | | | | | now do searches on SID. This allows me to do a true ldap sid_to_name() function one one function to go!
* Fixed parse_domain_user to be bool.Jeremy Allison2001-12-051-8/+6
| | | | Jeremy.
* added a query_user backendAndrew Tridgell2001-12-041-31/+27
| | | | fixed a winbindd crash when the group membership can't be looked up
* changed query_dispinfo to query_user_listAndrew Tridgell2001-12-031-5/+5
|
* added name_to_sid to the backendAndrew Tridgell2001-12-031-1/+1
|
* The beginnings of alternative backends for winbinddAndrew Tridgell2001-12-011-52/+31
| | | | | | This just splits off the dispinfo call behind a methods structure. I'll split off a few more functions soon, then we will be ready for LDAP replacement methods
* Added negative caching to group lookups.Jeremy Allison2001-11-271-3/+3
| | | | Jeremy.
* Added negative caching to the user pw lookup by name and by uid.Jeremy Allison2001-11-271-56/+77
| | | | Jeremy.
* nsswitch/winbindd_group.c nsswitch/winbindd_user.c: formatting fixups.Jeremy Allison2001-11-271-23/+24
| | | | | smbd/open.c: Fix "delete on close" for directories. Jeremy.
* Added transparent +ve caching for lookupname/lookupsid. -ve caching canJeremy Allison2001-11-211-6/+6
| | | | | | | | be easily added (a one liner) once we know the correct error codes returned by a W2K DC. All other winbindd calls should go through a similar transparent caching layer (and will soon). Jeremy.
* Get list of trusted domains if we haven't fetched them yet.Tim Potter2001-11-151-0/+6
|
* Hey where did those 4 character tabs come from?Tim Potter2001-10-291-4/+4
|
* Don't reference tallocated memory that has already been disposed of. TheTim Potter2001-10-291-3/+22
| | | | cli_samr_query_userinfo function used to do this.
* Fixed some memory leaks introduced by connection handling rewrite, as wellTim Potter2001-10-191-7/+16
| | | | | | as one memory leak that has been there for ages! Changed the way talloc is used in get{pw,gr}nam routines.
* Converted some more functions to create and dispose of a talloc context on aTim Potter2001-10-191-26/+30
| | | | | | | | per-call basis rather than per-connection. Had a bit more of a reformatting fest. Still need to run it through insure and handle downed connections.
* Pass domain structure around in cache code rather than the domain name.Tim Potter2001-10-141-6/+6
|
* Implemented sam group handle stuff. getent group now works.Tim Potter2001-10-091-5/+9
|
* More work on winbindd connection rewrite:Tim Potter2001-10-081-94/+55
| | | | | | | | | - implemented some of the sam related connection manager routines - fill in group id and gecos fields for getpwnam/getpwuid routines - convert querydispinfo to cm - getent passwd now works Now for the group related routines...
* This is the start of a bit of a rewrite of winbindd's connection handling.Tim Potter2001-10-051-18/+18
| | | | | | | | | | | I've wrapped up all the decisions about managing, making and closing connections into a connection manager in nsswitch/winbindd_cm.c. It's rather incomplete at the moment - only querying basic user info works at the moment (i.e finger -m DOMAIN/user) and everything else is broken. Jeremy, please take a look and I'll start moving across the rest of winbindd to this new system.
* move to SAFE_FREE()Simo Sorce2001-09-171-12/+7
|
* fixed a bunch of compilation errors on Solaris, mostly people getting ↵Andrew Tridgell2001-09-051-1/+2
| | | | NSS_STATUS and WINBINDD error codes mixed up
* the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell2001-09-041-5/+7
| | | | the client code still needs some work
* converted another bunch of stuff to NTSTATUSAndrew Tridgell2001-08-271-2/+2
|
* More Realloc fixes.Jeremy Allison2001-08-181-7/+17
| | | | Jeremy.
* this is a big global fix for the ptr = Realloc(ptr, size) bug.Simo Sorce2001-08-121-3/+6
| | | | | | many possible mem leaks, and segfaults fixed. someone should port this fix to 2.2 also.
* Compile fixes for dynamic samr_query_userinfo() stuff.Tim Potter2001-05-141-12/+6
|
* Fixes from nsswitch testsuite. Lots of stuff works much better now. (-:Tim Potter2001-05-091-0/+2
|
* The substitution of %U and %D in the 'template homedir' is nowdoneTim Potter2001-05-081-10/+6
| | | | by lp_string() calling standard_sub_basic().
* OK so I couldn't be as clever as I wanted to be with winbindd_glue.cTim Potter2001-05-071-2/+2
| | | | | so all the glue functions are prefixed with wb_ to avoid conflicts with the old rpc_client stuff which is still a dependency of smbd/nmbd.
View Lorry Controller Status