summaryrefslogtreecommitdiff
path: root/source4/ldap_server
AgeCommit message (Collapse)AuthorFilesLines
2014-08-03Imported Upstream version 4.1.11upstream/4.1.11Jelmer Vernooij1-1/+7
2014-07-15s3/s4: smbd, rpc, ldap, cldap, kdc services.Jeremy Allison1-1/+7
Allow us to start if we bind to *either* :: or 0.0.0.0. Allows us to cope with systems configured as only IPv4 or only IPv6. Bug #10653 - Samba won't start on a machine configured with only IPv4. https://bugzilla.samba.org/show_bug.cgi?id=10653 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Reviewed-By: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104 (cherry picked from commit 463311422ca1caad2e228deb630e9d12e212fae1)
2014-06-03Imported Upstream version 4.1.8+dfsgupstream/4.1.8+dfsgIvo De Decker1-0/+3
2014-04-29s4:dsdb/rootdse: Support netlogon requestBenjamin Franzke1-0/+3
This patch adds support for a netlogon ldap style request over the tcp socket. This is available since win2k3+ [1]. The automatic client join & configuration daemon "realmd" makes use of this ability. Realmd can now be used to join a computer to a samba 4 domain. (See also: https://lists.samba.org/archive/samba-technical/2013-October/095606.html) Tested with: ldapsearch -h samba-srv -x -b '' -s base "(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon And compared the result in wireshark with cldap request issued by examples/misc/cldap.pl. [1]: http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com> (cherry picked from commit 0620c79d76b69811fd6c00d912db05477d894724)
2014-04-18Imported Upstream version 4.1.7+dfsgupstream/4.1.7+dfsgIvo De Decker1-2/+2
2014-04-01s4:lib/socket: simplify iface_list_wildcard() and its callersStefan Metzmacher1-2/+2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464 Signed-off-by: Stefan Metzmacher <metze@samba.org> Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 7 02:18:17 CET 2014 on sn-devel-104 (cherry picked from commit f7883ae02a4e8935a44396f776712cebfd411e52)
2013-11-17Imported Upstream version 4.1.1+dfsgupstream/4.1.1+dfsgJelmer Vernooij1-0/+3
2013-06-13s4:ldap_server: call irpc_add_name() at startup (bug #9905)Stefan Metzmacher1-0/+3
We should call irpc_add_name() when we start the ldap_server task. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-05-10Imported Upstream version 4.0.0+dfsg1upstream/4.0.0+dfsg1Ivo De Decker7-149/+83
2012-10-07ldap-server: sscanf result was never used to mistyped varMatthieu Patou1-2/+1
2012-10-07ldap-server: remove warning for the ret not being usedMatthieu Patou1-2/+1
2012-07-24Fix debug print warning message.Jeremy Allison1-1/+3
2012-06-22dsdb-schema: do not reload more often than schema_reload_intervalMatthieu Patou1-2/+23
Samba 4 use to try to reload the schema every time dsdb_get_schema was called (which could be 20+ time per ldb request). Now we only reload at most every xx seconds (xx being the value of dsdb:"schema_reload_interval" or 120). The timestamp of the last reloaded schema is kept in the dsdb_schema object. There is also a timestamp in the ldb_context, that is used by the LDAP server to know if it has to reload the schema after handling the request. This is used to allow that the schema will be immediately reload after a schemaUpdateNow request has been issued, the reload can't occur in the handling of the LDAP request itself because we have a transaction autostarted.
2012-06-15lib/param: Create a seperate server role for "active directory domain ↵Andrew Bartlett1-1/+1
controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
2012-05-23Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy1-0/+1
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-04-03s4:ldap_server: fix typo in DEBUG() messageStefan Metzmacher1-1/+1
metze
2012-01-26Load samba-3.6.2 into branches/samba/upstream.upstream/3.6.2bubulle7-447/+1170
git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3992 fc4039ab-9d04-0410-8cac-899223bdd6b0
2011-10-18gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett1-1/+1
This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-11s4:ldap_backend.c/"map_ldb_error" - handle errors similar to "PyErr_SetLdbError"Matthias Dieter Wallnöfer1-6/+2
If the call was done using an error string ("add_err_string"), then use that one without an additional "ldb_strerror()" for the definitive LDAP output. Otherwise generate one using "ldb_strerror()". This omits redundancies in the error string generation (twice the same information by "ldb_strerror()"). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-10-04s4-ldap-server: disallow all modifies on global catalog portAndrew Tridgell1-0/+20
2011-09-27s4-ldap_server: Fix segfault on startup failure of ldap serverAndrew Bartlett1-2/+2
2011-09-22s4-ldap-server: set the NO_GLOBAL_CATALOG control on non-GC operationsAndrew Tridgell1-0/+2
this makes us honor GC semantics on the two ldap ports
2011-08-18credentials: Rename library to samba-credentials to avoid name clashes.Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Aug 18 22:16:38 CEST 2011 on sn-devel-104
2011-08-03gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett1-4/+2
gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
2011-06-20Use tevent_req_oomVolker Lendecke1-1/+1
This fixes a few Coverity errors
2011-06-20libcli/util Rename common map_nt_error_from_unix to avoid duplicate symbolAndrew Bartlett1-1/+1
The two error tables need to be combined, but for now seperate the names. (As the common parts of the tree now use the _common function, errmap_unix.c must be included in the s3 autoconf build). Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jun 20 08:12:03 CEST 2011 on sn-devel-104
2011-06-07Revert upstream branch to 3.5.8....oopsbubulle7-1170/+447
git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3810 fc4039ab-9d04-0410-8cac-899223bdd6b0
2011-06-07Load samba-3.6.0rc2 into branches/samba/upstream.bubulle7-447/+1170
git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3807 fc4039ab-9d04-0410-8cac-899223bdd6b0
2011-06-06s4-ipv6: update callers to load_interface_list()Andrew Tridgell1-1/+1
2011-06-06s4-ipv6: use "ip" instead of "ipv4" for serversAndrew Tridgell1-4/+4
this allows stream_setup_socket() to work with both v4 and v6 addresses
2011-06-06s4-ipv6: use iface_list_wildcard() to listen on IPv6Andrew Tridgell1-3/+12
when we need to listen on a wildcard address, we now listen on a list of sockets, usually 0.0.0.0 and ::
2011-05-08s4-interfaces Rename interfaces code so not to conflict with source3/Andrew Bartlett1-3/+3
The iface_count, iface_n_bcast, and load_interfaces functions conflicted with functions of the same name in source3, so the source4 functions were renamed. Hopefully we can actually wrap one around the other in future. Andrew Bartlett
2011-04-29s4-param Rename private_path() -> lpcfg_private_path()Andrew Bartlett1-2/+2
This is consistent with lock_path() Andrew Bartlett
2011-03-04s4/ldb - remove now superflous "ldb_dn_validate" checksMatthias Dieter Wallnöfer1-1/+1
If we immediately afterwards perform an LDB base operation then we don't need an explicit "ldb_dn_validate" check anymore (only OOM makes sense). Reviewed by: Tridge
2011-03-04s4:LDAP server - remove validation checks of input DNsMatthias Dieter Wallnöfer1-23/+8
We should rather try to let the LDB modules perform these checks otherwise different backends behaviour differently. Reviewed by: Tridge
2011-03-04s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner1-2/+2
Guenther
2011-02-10ldb: use #include <ldb.h> for ldbAndrew Tridgell3-6/+6
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-01Added SSL global catalogWilliam Brown1-3/+18
Reviewed-by: Andrew Bartlett Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Feb 1 20:05:39 CET 2011 on sn-devel-104
2011-01-07s4-ldap_server Allow multiple binds on LDAP serverAndrew Bartlett1-0/+18
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Jan 7 00:02:23 CET 2011 on sn-devel-104
2010-12-13s4:ldap_server: don't call ldb_req_mark_untrusted() on the privileged ldapi ↵Stefan Metzmacher3-8/+21
socket metze
2010-12-13s4:ldap_server: rename helper functions to ldapsrv_ prefix and pass ldapsrv_callStefan Metzmacher1-15/+19
metze
2010-12-01s4-ldap: removed an incorrect talloc_move()Andrew Tridgell1-1/+1
the parent of this session_info is either the stream_connection, or its a system_session(). In either case reparenting it on the ldapsrv_connection doesn't achieve anything that I can see. The move was causing a steal on reference error because the session_info often has multiple references. Thanks to Metze for spotting this. Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Dec 1 22:10:42 CET 2010 on sn-devel-104
2010-11-22service_ldap, service_smb: Lowercase output file names.Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Nov 22 20:28:14 CET 2010 on sn-devel-104
2010-11-15s4: Build ldap and samba3_smb services as shared modules.Jelmer Vernooij1-1/+2
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Nov 15 03:04:41 UTC 2010 on sn-devel-104
2010-11-15s4-server: make server sockets a child of the task contextAndrew Tridgell1-8/+10
We previously allocated sockets as direct children of the event context. That led to crashes if a service called task_server_terminate(), as it left the socket open and handling events for a dead protocol. Making them a child of the task allows the task to terminate and take all its sockets with it. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-07credentials: Lowercase library name,Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
2010-11-07samdb: Lowercase library name.Jelmer Vernooij1-1/+1
2010-11-05s4/auth: Add logon_parameters to authenticate_username_pwAnatoliy Atanasov1-0/+2
We need to be able to set the logon parameters in the same way as in the ntlm server so we can handle openldap simple authentication call correctly. Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org> Autobuild-Date: Fri Nov 5 06:32:43 UTC 2010 on sn-devel-104
2010-11-05s4-ldap_server Don't DEBUG() at level 2 every time a caller disconnectsAndrew Bartlett1-3/+0
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Nov 5 00:12:37 UTC 2010 on sn-devel-104
2010-10-31s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij1-22/+0
The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-25 10:08:27 +0000