Gerald Carter [Fri, 22 Oct 2004 20:15:24 +0000 (20:15 +0000)]
r3140: * try to ensure consistent usage of the username map.
Use the fully qualified DOMAIN\user format for 'security = domain|ads'
and apply after authentication has succeeded.
* also change fill_domain_username() to only lowercase the username
and not the domain+username. This was a cosmetic fix only.
makes the output more consistent with %D and %U.
Gerald Carter [Tue, 19 Oct 2004 14:45:48 +0000 (14:45 +0000)]
r3065: BUG 1519 (more): apparently the server_name notify request is used to fill in the title bar of the port monitor window and unless we get it right, you cannot open the printer properties from the port monitor window
Gerald Carter [Mon, 18 Oct 2004 19:57:03 +0000 (19:57 +0000)]
r3049: fixing some calls in the printing code to stanard_sub_basic(); fix standard_sub_snum() to use the current user's gid; add some (snum == -1) checks to standard_sub_advanced()
Andrew Tridgell [Sun, 17 Oct 2004 00:22:11 +0000 (00:22 +0000)]
r3008: when checking for the existance of a lock we are only doing a single
tdb call, so there is no need to get the chainlock. This reduces the
number of tdb locking calls made on file IO
Jeremy Allison [Sat, 16 Oct 2004 03:04:40 +0000 (03:04 +0000)]
r3002: Fix for bug #1886 - prevent delete on close being set
for readonly files (and return the correct error code).
We now pass the Samba4 test suite on this.
Jeremy.
Richard Sharpe [Thu, 14 Oct 2004 03:19:57 +0000 (03:19 +0000)]
r2959: If we want to support writes >= 65536 with cli_write, then it had better
return a size_t, not an ssize_t, and we had better left shift the upper
part of the write count, not right shift it.
Günther Deschner [Wed, 13 Oct 2004 01:40:35 +0000 (01:40 +0000)]
r2942: Add client-side support of triggering ads printer publishing over msrpc
setprinter calls inside the net-tool.
This is usefull to mimic the same queries a windows-client does. At
least win2k returns WERR_IO_PENDING when printer is published via
setprinter, samba returns WERR_OK but this does not hurt.
Volker Lendecke [Tue, 12 Oct 2004 11:58:01 +0000 (11:58 +0000)]
r2935: This is a long-standing one in my patch-queue: A pair of net commands
(usersidlist/allowedusers) to scan a file server's share and list all users
who have permission to connect there.
Tim Potter [Sun, 10 Oct 2004 12:01:14 +0000 (12:01 +0000)]
r2894: Certain versions of GNU ld the default is not to have the
--allow-shlib-undefined flag defined. This causes a stackload of
warnings when building modules.
Andrew Bartlett [Sat, 9 Oct 2004 01:44:05 +0000 (01:44 +0000)]
r2868: Well, I'm not quite sure what I'm doing back in Samba 3.0, but anyway...
I've been grumbling about under-efficient calls in SAMR, and finally
got around to fixing some of them.
We now call sys_getgroups() (which in turn calls initgroups(), until
glibc 3.4 is released) to figure out a user's group membership. This
is far, far more efficient than scanning all the groups looking for a
match, and is still the 'posix way', just using an effiecient call.
The seperate issue of 'who is in this group' remains, but this one has
been biting some people.
I need to talk to VL about how best to exersise nasty corner cases,
but my initial tests hold strong. (The code is also much simpiler
than before, which has to count for something :-)
Andrew Bartlett [Fri, 8 Oct 2004 13:00:47 +0000 (13:00 +0000)]
r2865: Add static and remove unused functions that only cload the blame-game
in finding out who is causing the massive performance problems with
large LDAP directories.
Tim Potter [Thu, 7 Oct 2004 04:01:18 +0000 (04:01 +0000)]
r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid of
'..' from all #include preprocessor commands. This fixes bugzilla #1880
where OpenVMS gets confused about the '.' characters.
Tim Potter [Thu, 7 Oct 2004 03:55:39 +0000 (03:55 +0000)]
r2834: Netapps can return NT_STATUS_ACCESS_DENIED when trying to return the
security descriptor for a file. Return an error in this case instead
of panicing trying to unpack a zero length buffer. Found by Brett
Funderburg.
r2832: Readd WKGUID-binding to match the correct default-locations of new
User-, Group- and Machine-Accounts in Active Directory (this got lost
during the last trunk-merge).
This way we match e.g. default containers moved by redircmp.exe and
redirusr.exe in Windows 2003 and don't blindly default to cn=Users or
cn=Computers.
Further wkguids can be examied via "net ads search wellknownobjects=*".
This should still keep a samba3-client joining a samba4 dc. Fixes
Bugzilla #1343.
Andrew Tridgell [Tue, 5 Oct 2004 03:26:02 +0000 (03:26 +0000)]
r2824: restored the is_case_sensitive option to ms_fnmatch() in Samba3. It is
very rarely used, but we sohuldn't be removing a feature in a minor
release of this kind.
r2821: Adding "Windows x64" as architecture string and driverdir "x64" for the
64bit AMD platform.
(This used to be "Windows AMD64" and "AMD64" in one of the release
candidates of SP2 for Windows XP. AMD64 is obviously still supported but
not documented.)
r2819: Make 'password history'-behaviour in ldapsam more consistent.
Currently we cannot store more then 15 password history entries (windows
NT4 allows to store 24) in ldapsam. When choosing more then "15" with
pdbedit -P "password history", we fail to initialize the password
history upon password change and overwrite the history, effectively
using a password history of "1". We do already decrease any
history-policy larger then 15 to 15 while storing the password history
list attribute in ldap.
r2772: Check correct string length when verifying password-policies. Do not
allow e.g. two umlauts and one ascii char to comply with account-policy
"min password length" of 5.
Thanks to Uwe Morgenroth from CC Compunet and Volker.
TODO: we do check the length against AP_MIN_PASSWORD_LEN *and*
lp_min_passwd_length() - both can have differing values.
r2771: Second (and last) part of Swat-i18n-Patch from Björn Jacke
<bjacke@sernet.de>
"Do not use display charset for swat output. In HTML we do not care
about the "locale charmap" because HTML code is UTF-8 only now.
Additionally take care that we convert files from statuspage from unix
charset to UTF-8. Thus we have correct HTML output under all
circumstances. We now also convert the share names correctly from unix
encoding to web encoding and vice vera. "
Gerald Carter [Fri, 1 Oct 2004 20:34:12 +0000 (20:34 +0000)]
r2768: BUG 1519: save the hostname used in the open_printer_ex() for later reuse when filling in the spolss replies (also gets rid of get_called_name()
Andrew Bartlett [Fri, 1 Oct 2004 03:28:39 +0000 (03:28 +0000)]
r2762: Remove silly conversion to and from UTF8 on the winbind pipe. Fix the
naming of the require_membership_of parameter in pam_winbind and fix
the error code for 'you didn't specify a domain' in ntlm_auth.
r2753: Workaround for the (rather broken) _samr_query_useraliases rpc-call.
_samr_query_useraliases shows up with all kind of very weird memberships
(global-groups, machine-accounts, etc.). Sometimes even if there is no
alias-membership at all.
One of the biggest mistakes is to convert any unix-group the user is a
member of, into an alias by default in get_group_from_gid.
get_alias_user_groups should be rewritten to use
pdb_enum_alias_memberships.
r2752: Fix the paranoia-check to ensure the ldap-attribute and the
smb.conf-parameter for samba's "algorithmic rid base" in ldapsam are
identical.
It tried to get the value of LDAP_ATTR_ALGORITHMIC_RID_BASE via
get_userattr_key2string() for a very long time now. This just can not
work because LDAP_ATTR_ALGORITHMIC_RID_BASE is neither in attrib_map_v22
nor in attrib_map_v30. Instead, get it directly from dominfo_attr_list.
Ldapsam will now correctly refuse to initialize when admins tried
manually to have differing values for "algorithmic rid base" in ldap and
smb.conf. idmap_ldap is another story...
r2715: Swat-i18n-Patch from Björn Jacke <bjacke@sernet.de>:
"Unify charset-handling in Content-Type:-headers to UTF-8 (fixes #1766),
making UTF-8 the only supported (but fully functional) charset. Also
remove html-header-files for ja and tr that have become obsolete now.
Reformat msgstr in msg-files to UTF-8."
r2706: The code that prints the remote MAC address (from the statistics section
of the response packet) was outside of the if() that determined whether
the query was successful or not. As a result, the MAC address would print
out even if there was no MAC address. At least the garbage it printed was
relatively consistent. :)
I moved the MAC printing into the if() block and added an 'else' to print
"No reply..." if the query fails.
Jeremy Allison [Mon, 27 Sep 2004 23:57:59 +0000 (23:57 +0000)]
r2700: Fix bug where we could incorrectly set sparse attribute. Don't use
st_blksize, it isn't what you think....
Jeremy.
--his line, and those below, will be ignored--
Jeremy Allison [Sun, 26 Sep 2004 06:27:54 +0000 (06:27 +0000)]
r2651: Added 'stat' command to smbclient to exercise the UNIX_FILE_BASIC
info level. Outputs data on the file in the same format the the
stat command in Linux. Should be useful to people wanting to learn
how to parse the UNIX extension output.
Yes I will add the docs later :-).
Jeremy.
r2619: Only issue the ldap extended password change operation if the ldap server
supports it. This might be a fix for bugs 1823 and 1545, notifying both.
Also ignore object class violation errors from the extended operation. We
don't have the userPassword field in sambaSamAccount, and if we have such
broken setup with user in /etc/passwd and only samba attribs in ldap, we fail
this :-)
Jeremy Allison [Fri, 24 Sep 2004 01:32:19 +0000 (01:32 +0000)]
r2578: Pick up optimisation from Samba4 - thanks tridge !
- I recently found out that charaters below 0x3F are guaranteed not to
occur as secondary bytes in any multi-byte character set. This
allows for a very simple optimisation in strchr_m() and
strrchr_m(). It might be a good idea to pick this up for Samba3.
Jeremy.
Gerald Carter [Thu, 23 Sep 2004 19:24:02 +0000 (19:24 +0000)]
r2569: Patch from Rob Foehl <rwf@loonybin.net>:
- fix typo in libads/ldap_printer.c:39, ads_find_printer_on_server()
(originally libads-typo.patch)
- fix leak in printing/nt_printing.c, is_printer_published()
(originally is_printer_published-leak.patch)
- fix double print_backend_init() calls, now only called from main()
- restructuring in printing/nt_printing.c
- replaced (un)publish_it() with ads-specific functions
- moved common code to nt_printer_publish()
- improved error handling in several places
- added check_published_printers() in printing/nt_printing.c, to verify
that each published printer is actually in the directory at startup
- changed calling semantics of mod_a_printer, dump_a_printer, and
update_driver_init to be more consistent with the rest of the api and
reduce some copying
Jeremy Allison [Thu, 23 Sep 2004 00:19:18 +0000 (00:19 +0000)]
r2548: Fix for bug reported by Edward Spragins <spragins@gmail.com> - don't try to
set security descriptors on shares where this has been turned off.
Jeremy.
Jeremy Allison [Wed, 22 Sep 2004 00:33:09 +0000 (00:33 +0000)]
r2481: Patch from Igor Belyi <sambauser@katehok.ac93.org>. Ensure pdb
user is deleted first before deleting UNIX user (LDAP backend
needs this ordering).
Jeremy.
projects / thirdparty / samba.git / log
