...
Is there no way to indicate this in the URL?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
Steve Langasek wrote:
On Wed, Oct 30, 2002 at 10:15:46AM +1100, Andrew Bartlett wrote:
It appears that in Samba 3.0, the meaning of ldap ssl = start tls is
somewhat diluted. First, the start tls command is only ever issued if
the given ldapsam URI has a protocol string of ldaps
? (There are lots of good answers
to this question, but make sure you do have one of the answers).
Samba 2.2 has always supported being a member server in a domain with
domain trusts, for the record.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication
support for.
The reason we don't support this already is that while the auth works, a
*lot* of other things break.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
Andrew Bartlett wrote:
Matthew Hannigan wrote:
With a single server, settings security = server and
password server = pdc1 pdc2', I can successfully
authenticate against two entirely different PDCs
depending on which order I put the two machines in
the 'password server' list
usrmgr actually works pretty well!
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
test hardware, no. But Apple does ship Samba, so
it must work somehow...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
full sids for each group.
Also, we never addressed the timeout issue (we should not cache that
info forever).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker
welcome
to it...
I already have my fingers in too many pies...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
Stefan (metze) Metzmacher wrote:
Hi Andrew,
here's the newest version of my connection caching patch.
I used it for a few days without problems...
This looks like a very well done patch, nice work!
I'll see what I can do in applying this sometime soon...
Andrew Bartlett
--
Andrew
?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
or somthing. The
size of a uid_t is probably the same as a gid_t, but may not be the same
as int.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
merge harder)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
at the same time).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
19 20:45:34 2002
@@ -335,6 +335,7 @@
if (c == *s) return (smb_ucs2_t *)s;
s++;
}
+ if (c == *s) return (smb_ucs2_t *)s;
return NULL;
}
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication
... )
+ LIBS=${LIBS} -lc -lcc_dynamic
+ CFLAGS=-dynamic -fno-common ${CFLAGS}
+ ;;
*solaris*) AC_DEFINE(SUNOS5)
BLDSHARED=true
LDSHFLAGS=-G
Andrew Bartlett
--
Andrew Bartlett
' for both RPC createuser and auth magic. I
had wanted to just kill the auth usage, but this does need to be cleaned up.
Andrew Bartlett
-
Stefan metze Metzmacher [EMAIL PROTECTED]
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
Stefan (metze) Metzmacher wrote:
At 00:26 25.10.2002 +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
Hi Andrew,
I want to add a new parameter 'ldap rebind timeout'
I have problems when my samba adds a user following an update referral.
samba tries to read
Stefan (metze) Metzmacher wrote:
At 00:56 25.10.2002 +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
At 00:26 25.10.2002 +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
Hi Andrew,
I want to add a new parameter 'ldap rebind timeout
beware if you
have not been merging appropriate changes into both
branches.
I have not merged in the passdb changes (metze's patch) becouse I got a
bit busy - and I wanted to let them settle in for a bit.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED
' queries anyway?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
? That is, every loop has a 10 line
chunk, can you put that into a helper?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
to squid-NTLM)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
Does sombody who has worked with the recycle bin want to comment on this
patch?
Andrew Bartlett
Original Message
Subject: Common recycle bin (PATCH#1083)
Date: Fri, 18 Oct 2002 09:56:20 -0400 (EDT)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL
with LDAP there is often a bit more
to setup, and such doco can look into how it intergrates with other
things. (A Samba LDAP installation is almost always tacked onto a much
larger setup).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager
be able to have more than one domain per ldap tree - we
should use the ldap suffix, and the ldap search filter to allow it.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
and
I'm sure quite a bit more...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
.
This file has 2 copies of the same function, only the struct name is
different. Looking at how ethereal decodes it, it's actually the same
struct - just 23 is a 21 embedded inside a struct holding the passwords
as well..
Andrew Bartlett
--
Andrew Bartlett [EMAIL
[EMAIL PROTECTED] wrote:
Hi!
This fixes some bugs I found when playing with NT4 usrmgr.exe.
With the unknown_3 stuff - seeing we can't actually use if for anything,
should we remove it compleatly?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED
don't want to have
to install active directory.
This looks very interesting - I'll need a lot more detail before I can
be much use unfortuntly. But given sufficnet traces, we should be able
to track this down...
Andrew Bartlett
--
Andrew Bartlett [EMAIL
, it would of course need to play with 'net rpc vampire'
correctly...
Anyway, this area is messy.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
with it in the actual operation I think.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
in the
tdb.
Both of these ideas sound fine to me
Sounds fine to me.
Andrew Bartlett
Simo Sorce wrote:
On Sun, 2002-10-13 at 15:40, Andrew Bartlett wrote:
Yep, that sounds worthwhile. We could even just make it a timeout - and
finally put gencache to use :-). (mimir's generalised tdb cache).
We do **not** need timeouts!
remember that sid-uid mapping is written
- but it's not been a priority.
Andrew Bartlett
Andrew Bartlett wrote:
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- Also, I wanted to be sure we always got correct uid-sid and sid-uid
mapping for the guest user. I wanted an NT ACL to be able to include
this 'well known' user, and have it behave
, force user, force guest.
These all currently recreate an NT_TOKEN from the current group list.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
important.
Yes, we need a simple solution, but I'm not sure there is one...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
much better than existing code.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
Simo Sorce wrote:
On Sun, 2002-10-13 at 14:58, Andrew Bartlett wrote:
Simo Sorce wrote:
Isn't idmap the right place to go?
I think so. And I think we can construct one that makes sense for
admins. For example, we could contstruct an LDAP based one that uses
the uidNumber
[EMAIL PROTECTED] wrote:
Andrew,
On Sat, Oct 12, 2002 at 09:25:22AM +1000, Andrew Bartlett wrote:
You either need to keep the 'unixsam' in your 'passdb backends' line in
your smb.conf, or add a 'guest' account to ldap, with a real unix UID
(possibly the same as nobody, should
attributes.
Comments?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
Ignacio Coupeau wrote:
Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
We need a race-proof scheme to allocate RIDs, and I would prefer not to
need to use a local TDB - I would like it all 'in ldap', if at all
possible.
yes, and is better
[EMAIL PROTECTED] wrote:
On Sat, Oct 12, 2002 at 07:17:10PM +1000, Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
Look at google for 'ldap atomic increment'. The second article gives some hints
on how an atomic increment might be implemented
of the 'not like NT, but what admin expects' things
- and I agree. Possible make groups 100 'aliases' by default, but
that's minor.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
' to contact the PDC when they
want to chase somthing. You *really* don't want changes on the
indiviual servers.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
the unix side of that is meant to be in).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
connections -
it doesn't look too hard, just a wrapper around the actual calls, but
I've not had a chance to implement it.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
.
In particular, when we are not using LDAP and Active Directory, it
appears that there is no other way to reterive these groups. BTW, I
think the problematic file is netlogon_unigroup.tdb.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication
better user education (lot of good that will do me).
In HEAD and 3.0 the auth subsystem uses the value of 'allow trusted
domains' to determine if it should change the client-supplied domain.
If that smb.conf value is false, the domain is replaced with the local
domain.
Andrew Bartlett
--
Andrew
logon refreshes the cache. The real messy case is SSH
key-based logins.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
*does* implement the createuser SAMR call, so this should work...
(Both 2.2 and HEAD)
I'll be very interested to see why it doesn't.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
is released, this debug statement ought to be reduced in
severity.
I'll fix this one up. We should probably push into an fstring, then
copy the first 14 chars. I think the LM hash is meant to be truncated
at 14, not null terminated, but I'll double-check.
Andrew Bartlett
--
Andrew Bartlett
Richard Sharpe wrote:
On Mon, 7 Oct 2002, Andrew Bartlett wrote:
Rafal Szczesniak wrote:
On Mon, Oct 07, 2002 at 01:22:26PM +0930, Richard Sharpe wrote:
Hi,
net help user suggests that net user add accepts optional -F user_flags,
but in scanning the code, I don't see
with it regularly, and it seems to
work...
I'll chase up the issues you have raised.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED
.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
should be allowed? 1 for IPC? 1 for
the home directory? How about one for a printer?
PAM is per-session, not per-tree. That is why it is more suitable for
this task.
Users authenticate once to the server, then mount multiple shares on
that connection.
Andrew Bartlett
--
Andrew Bartlett
[EMAIL PROTECTED] wrote:
On Thu, Oct 03, 2002 at 04:06:37PM +1000, Andrew Bartlett wrote:
The use of multiple backends in passdb has acknowledged issues, and I'm
not particularly fussed if you feel it should not ship with this
functionality enabled. However, please do note
Simo Sorce wrote:
On Thu, 2002-10-03 at 08:06, Andrew Bartlett wrote:
[EMAIL PROTECTED] wrote:
Let just remove the multi-domain stuff for now and try
and get 3.0 in a shippable state.
The 'new SAM' stuff is not being proposed for 3.0! Certainly not yet,
we have a *lot* of work
might be running
on a system that has multiple, independent smbd instances on separate
IPs.
In any case, the syntax will need to get much clearer if this is to stay
around for long. (idra seems determined to kill it).
Andrew Bartlett
--
Andrew Bartlett [EMAIL
Gerald Carter wrote:
On Wed, 2 Oct 2002, Andrew Bartlett wrote:
This seems like a lot of duplication of code and can lead to
There's a bug in SAM1 but not SAM2. If the access checks
will always be the same, why push them into the SAM module and
force each write to cut-n-paste
if we were to kill it, becouse we need to verify these things
anyway. (That a sensible 'domain' or 'domain sid' has been passed).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network
accounts? It just does
not make sense to me. We need real users/groups mapping instead
(opposed to created on the fly by winbind based accounts).
I'm not sure what you mean here - the current code doesn't even know
about unix accounts.
Andrew Bartlett
--
Andrew Bartlett
should have to go so far out
of their way (linking our rpc client and server code) in order to
perform their operations.
I prefer to take one step back, and construct an API that is influenced
by, but not dictated by, the SAMR pipe.
Andrew Bartlett
--
Andrew Bartlett
the trusted domain directly, we
could have either a separate Samba on another IP, or they could contact
the remote DC directly.
I see this as a powerful way to push Samba into places that it currently
can't go, and I would like a chance to explore it.
Andrew Bartlett
--
Andrew Bartlett
. (vl has a patch for it that I
think does some nice stuff too, without pulling it apart too far).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
Gerald Carter wrote:
On Wed, 2 Oct 2002, Andrew Bartlett wrote:
The access checking is done by the SAM module. The reason it is not
done 'above' the interface is to ensure a 'choke point'. I put a lot of
effort into the auth subsystem to ensure we never 'accidentally' forgot
is writing a module
that reads existing passdb backends, and translates them into SAM
replies. (Also pulling data from the account policy DB etc). We also
intend to write a module that does the reverse - gives the SAM a passdb
interface.
Andrew Bartlett
--
Andrew Bartlett
.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
**accounts)
Should have a TALLOC_CTX, but I'll chase it up.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http
structure usrmgr sends on updates.
ldapsam doens't store this, so is unaffected.
If you return the unknown3 usrmgr 'sets' then it freaks out.
I need to do some traces on Win2k and see what it does - and if this is
a real feild, or if it's some flags or somthing.
Andrew Bartlett
--
Andrew
Jelmer Vernooij wrote:
On Sun, Sep 29, 2002 at 03:04:25PM +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
At 18:27 26.09.2002 +0200, Jelmer Vernooij wrote:
Hi all!
What kind of a value is the acct_ctrl argument of
context_sam_enum_accounts supposed
changing their own password).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
.
It would also make samtest magicly 'work' before you specify a context,
rather than segfaulting...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
the SAM is
being developed - but once we start hooking into the rest of Samba I'll
get very strict, on both new and existing code...)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student
it at my site). Therefore having the max rid stuff in LDAP
might be benifitial.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
. Not sure if I
really like that. I better write a good text export/import pdbedit frontend for
tdbsam...
We actually have all this already. Jelmer has an XML passdb backend,
and pdbedit -i and -e do the rest.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED
backend however).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
Stefan Metzmacher wrote:
At 07:13 26.09.2002 +1000, Andrew Bartlett wrote:
Stefan (metze) Metzmacher wrote:
Hi Jerry,
please don't kick 3.0alpha20 before this is fixed. Andrew B. optimizes my
patch...
metze, I want to get that patch 'right', so I may take some time
that are in the
BUILTIN\Administrators group of the samba PDC. So not many people will have
noticed it.
3) wait till Andrew Bartlet has applied the patch to HEAD
Applied.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL
Eddie Lania wrote:
Does this also removes the bug that causes the user password time settings
being changed, even when the cancel button is pressed in usermgr?
No, but my other commit (the patch from metze) could well have helped on
that.
Andrew Bartlett
--
Andrew Bartlett
that struct changes shape regularly.
- is the winbind team willing to add more RPC calls to the interface?
Not unless they are related to authentication or user/group enumeration.
Agreed. (However I am thinking of moving nss_wins in there soon too, to
match the IRIX code).
Andrew Bartlett
, people have been using smbpasswd on the assumption that
'password does not expire' was implicity set. Possibly having an easy
tool to set that on every account might be a good idea, but I'm just not
sure.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED
to do it.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
different, that's fine - we may well have
misunderstood each other.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
Steve Langasek wrote:
On Fri, Sep 27, 2002 at 11:18:01AM +1000, Andrew Bartlett wrote:
The problem isn't actually tdbsam, it's smbpasswd. Smbpasswd is giving
out dodgy made up values. See, we have a policy database that stores
the 'max password age' etc, but we don't do 'last change
with the thought how far you can
take the existing passdb interface. Take out the domain SIDs as well?
yes, domain sids do belong elsewhere.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED
, using 'hide unreadable'
counts as asking for the mapping, as I found out recently...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED
Volker Lendecke wrote:
On Wed, Sep 25, 2002 at 10:54:40PM +1000, Andrew Bartlett wrote:
Despite all the fuss, the changes there really are not that
big, just fundamental ;-)
vlendec@delphin:~/head/source find -name \*.c | xargs grep pdb\_ | wc -l
1596
As I said, not that big
, and removed them...
In any case, as long as it doesn't break, I'm not too fussed - but I
actually like the ability to say 'not implemented' in a way much clearer
than than trying to infer it from a BOOL return.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED
code much
easier!).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http
the difference between null pointers and zero length
strings correctly.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
, into a (large)
buffer?
We would then process the commands one-by one, until we reached one that
had a length beyond the end of the buffer. Then we memmove it to the
start, read to it's end, process and start the game again.
What am I missing here... (I'm sure there must be somthing).
Andrew Bartlett
the user's security context etc. As to unicode, I
have designated one call as being in utf8, to cope with external
interaction, so it's possible things can happen here.
However, we really need to know what you are trying to do...
Andrew Bartlett
--
Andrew Bartlett
on. Either way, this
is needed for the SAM replication to make any sense, somthing we are
hoping to get into 3.0
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator
there is? Steve's CIFS
VFS does NTLMSSP (though it does also do Unicode).
Yes, I should avoid generalisations... :-)
Andrew,
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker
Henrik Nordström wrote:
On Sun, 8 Sep 2002, Andrew Bartlett wrote:
The current stable code uses the interface Squid expects - that's in
Samba 2.2.4 and above. Samba 2.2 is in feature freeze, and I would not
expect any changes to this interface, In particular becouse of it's use
doesn't make sense on 445 anyway - it's meant to be for
'NetBIOSless' smb...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http
201 - 300 of 417 matches
Mail list logo