summaryrefslogtreecommitdiff
path: root/source3/winbindd/idmap_ad.c
Commit message (Collapse)AuthorAgeFilesLines
* winbindd: Use dom_sid_str_bufVolker Lendecke2018-12-201-2/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* idmap: Use dom_sid_str_bufVolker Lendecke2018-11-091-1/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap: Use dom_sid_str_bufVolker Lendecke2018-11-091-2/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Give namequery.c its own headerVolker Lendecke2018-04-111-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: make sure we don't contact trusted domains via LDAP as AD DCStefan Metzmacher2018-02-231-0/+11
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWNDustin L. Howett via samba-technical2017-07-121-1/+18
| | | | | | | | | | | | | All other ldap-querying methods in idmap_ad make a single retry attempt if they get TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design. This fixes the symptom described in 12720 at the cost of an additional reconnect per failed lookup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12720 Signed-off-by: Dustin L. Howett <dustin@howett.net> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib: modules: Change XXX_init interface from XXX_init(void) to ↵Jeremy Allison2017-04-221-2/+2
| | | | | | | | | | | | | | | | | | | | XXX_init(TALLOC_CTX *) Not currently used - no logic changes inside. This will make it possible to pass down a long-lived talloc context from the loading function for modules to use instead of having them internally all use talloc_autofree_context() which is a hidden global. Updated all known module interface numbers, and added a WHATSNEW. Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
* idmap_ad: Use idmap_config_boolVolker Lendecke2017-03-201-14/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* idmap_ad: Use idmap_config_const_stringVolker Lendecke2017-03-201-2/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:idmap_ad: make use of pdb_get_trust_credentials() to get the machine ↵Stefan Metzmacher2017-02-241-23/+13
| | | | | | | | | | | | | | account creds This is mostly a cosmetic change currently. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12598 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Feb 24 22:34:48 CET 2017 on sn-devel-144
* idmap_ad: Restore querying SFU nss infoVolker Lendecke2017-01-021-0/+110
| | | | | | | | | | | | | With the last commit the getpwsid call did not look at the winbind nss info parameter anymore. This restores it for the idmap ad backend with slightly different semantics and configuration: We now have the unix_primary_group and unix_nss_info domain-specific parameters for idmap config. This enables overriding the Windows primary group with the unix one. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* idmap_ad: Fix retrieving credentials from clustered secrets.tdbChristof Schmitt2016-09-291-1/+10
| | | | | | | | | | | cli_credentials_set_machine_account only reads from a local tdb. Change that call to cli_credentials_set_machine_account_db_ctx to fix this for clustered Samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12295 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* winbind: Base idmap_ad on tldapVolker Lendecke2016-04-151-405/+654
| | | | | | | | | | | | | | | The main reason for this is to do proper connection management. I tried hard, but I failed trying to slowly migrate the ads_struct based code to something saner. So I polished tldap, which thanks to metze does proper sasl. This patch is pretty much a complete rewrite, so looking at it in diff -u format does not really make sense. Look at the final output. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Apr 15 19:13:39 CEST 2016 on sn-devel-144
* idmap_ad: Separate out the nss functionsVolker Lendecke2016-04-151-420/+5
| | | | | | | | | | | The nss functions technically right now are part of the idmap modules. However, there is no intrinsic reason for this mixture of concerns. I would like to heavily modify the idmap_ad idmapping functions without modifying the nss functions (yet!!). So as a first step this patch moves the nss functions textually out of the way. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap_ad: Fix a copy&paste errorVolker Lendecke2016-02-161-1/+2
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Feb 16 14:14:21 CET 2016 on sn-devel-144
* winbind: Fix a type errorVolker Lendecke2016-02-161-4/+13
| | | | | | | | | | nss_info_methods has "get_nss_info"'s p_gid parameter as gid_t *, not uint32_t *. Probably that did not hurt due to typedefs, but if we find a platform where gid_t is not uint32_t, this would be VERY hard to debug Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:winbindd/idmap_*: make function prototypes available via static_decl_idmap;Stefan Metzmacher2015-08-201-0/+1
| | | | | | | This allows the static build of the modules. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Change all uint32/16/8 to 32_t/16_t/8_t in winbindd.Richard Sharpe2015-04-291-2/+2
| | | | | Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Rename module init functions from samba_init_moduleChristof Schmitt2014-04-021-1/+1
| | | | | | | | | | | | | | | Some modules use samba_init_module as the name for the init functions, others use a name based on the module name. Rename the init functions from samba_init_module, to be consistent across all modules. This change also allows to build idmap_tdb2 and perfcount_test statically. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 2 08:50:04 CEST 2014 on sn-devel-104
* s3-winbindd: remove unneded include of secrets.h from idmap_ad.cGünther Deschner2013-08-291-1/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* winbind/idmap_ad: be verbose about the user that we fail to mapBjörn Jacke2013-05-141-2/+3
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Move connection to AD server from idmap_adChristof Schmitt2013-03-091-45/+4
| | | | | | Having this in a common place allows reuse by other idmap modules. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbindd: Use common helper function for connecting to ADSChristof Schmitt2013-03-091-36/+5
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbindd: Move code for verifying ADS connection to common helper functionChristof Schmitt2013-03-091-24/+2
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbindd: Move common code for LDAP id mapping to idmap_utilsChristof Schmitt2013-03-091-39/+4
| | | | | | | | idmap_ad and idmap_ldap use the same helper functions and the same maximum query size. Move the code to idmap_utils so that it can be shared by every module issuing LDAP queries. Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Remove unused bool "local"Christof Schmitt2012-02-061-5/+2
| | | | | | | | | | "local" is always False, so simply remove it and the if statement checking its value. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Feb 6 23:27:48 CET 2012 on sn-devel-104
* Revert making public of the samba-module library.Jelmer Vernooij2011-12-031-1/+1
| | | | | | | | | | | | | | | This library was tiny - containing just two public functions than were themselves trivial. The amount of overhead this causes isn't really worth the benefits of sharing the code with other projects like OpenChange. In addition, this code isn't really generically useful anyway, as it can only load from the module path set for Samba at configure time. Adding a new library was breaking the API/ABI anyway, so OpenChange had to be updated to cope with the new situation one way or another. I've added a simpler (compatible) routine for loading modules to OpenChange, which is less than 100 lines of code. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Dec 3 08:36:33 CET 2011 on sn-devel-104
* s3-modules: remove the last "init_module" traces.Günther Deschner2011-11-141-2/+0
| | | | Guenther
* lib/util Rename samba_init_module -> samba_module_initAndrew Bartlett2011-10-281-1/+1
| | | | | | | This is to provide a cleaner namespace in the public samba plugin functions. Andrew Bartlett
* s3:winbindd/idmap make idmap modules loadable againChristian Ambach2011-10-211-1/+1
| | | | | commit 355b5e3a831415d9bef97 changed the module system to expect 'samba_init_module' as fixed initializer function
* s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett2011-06-091-3/+3
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
* s3:idmap: remove the params argument from the init functionMichael Adam2011-03-221-2/+1
|
* s3: Remove close_fn from idmap_methodsVolker Lendecke2011-03-061-23/+0
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Mar 6 13:37:13 CET 2011 on sn-devel-104
* s3: Replace idmap_ad_close by a destructorVolker Lendecke2011-03-061-11/+12
|
* s3-idmap-ad: Make ad_schema properly tallocedVolker Lendecke2011-03-061-4/+2
|
* s3: Remove some unused codeVolker Lendecke2011-03-061-21/+0
|
* s3: Remove unused args from get_nss_infoVolker Lendecke2011-03-061-2/+0
|
* s3: Fix a typoVolker Lendecke2011-02-271-1/+1
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Feb 27 20:14:20 CET 2011 on sn-devel-104
* s3: Fix some nonempty blank linesVolker Lendecke2011-02-271-8/+8
|
* s3: Fix a debug messageVolker Lendecke2011-02-271-2/+3
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Feb 27 16:59:19 CET 2011 on sn-devel-104
* s3:winbindd/idmap_ad.c: update my CMichael Adam2011-01-031-1/+1
| | | | | Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Mon Jan 3 09:19:07 CET 2011 on sn-devel-104
* s3: Fix bug 7832Volker Lendecke2010-11-301-0/+2
| | | | | | | Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Nov 30 14:39:34 CET 2010 on sn-devel-104
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-1/+1
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s3: Replace sid_binstring and sid_guidstring with PIDL-based alternativesAndrew Bartlett2010-09-201-2/+3
| | | | | | | | | This reduces the manual marshalling of these structures by removing the duplication here. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner2010-09-201-1/+2
| | | | Guenther
* s3-idmap: only include idmap headers where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3:idmap_ad: untangle two assignments from checksMichael Adam2010-08-141-2/+4
|
* s3:idmap_ad: remove unused filter_low_id and filter_high_id from ↵Michael Adam2010-08-141-14/+0
| | | | | | idmap_ad_context The filter range from the idmap_domain is used now.
* s3:idmap_ad: use range from idmap_domain in idmap_ad_sids_to_unixids()Michael Adam2010-08-141-4/+2
|
* s3:idmap_ad: use range from idmap_domain in idmap_ad_unixids_to_sids()Michael Adam2010-08-141-4/+2
|
View Lorry Controller Status