- Original Message -
From: "Eddie Lania" <[EMAIL PROTECTED]> Sent: Wednesday, September 25, 2002
8:47 PM
> I haven't got this to work altough I have read several mails now on this
> list of people that seem to have it working.
> I was wondering how this should be done.
> I can start Use
Hi,
the attached patch (against HEAD) tries to cleanup the way well-known SIDs
are handled in the lookup_sid() and lookup_name() functions. With this
patch, the SID or name is first checked against a list of well-known SIDs.
If this failes, the SID or name is again checked against the list to see
Here comes version 3:
1.) change lp_sam_backend syntax to sam backend =
plugin[|domain_name][:options] this was needed as ',' is a list
seperator. The syntax is probably going to change again soon, but not
tonight
2.) Added some DEBUG(). They are still in a total mess though
3.) I've actuall
> Hi Kai, Metze, Andrew,
>
> Would this work as syntax for lp_sam_backends() ?
>
> When there's only one backend specified
>
> sam backends = backend:options
this should work
>
> otherwise:
>
> sam backends = backend1:options|domain_name1 \
> backend2:options|domain_name2
I'm against haveing do
Here comes the next version with the following changes:
1.) use SAM_ASSERT() some more
2.) implement context_sam_update_domain I forgot last time
3.) change the way context_sam_update_* and context_sam_delete_* find
their sam_methods. Use current_sam_methods from the handle
Kai
> Hi,
>
> Thi
Hi,
This patch is a combination of patches to the sam.
1.) change sam_init() to include a domain sid as an in parameter. It is
used to tell the backend module for which domain it is responsible.
2.) implement the rest of the context_sam_* functions
3.) several style and debug cleanups
4.) ch
Hi Jelmer, Hi Andrew, Hi Stefan
I've started to code up some functions to parse the lp_sam_backend list and
create a sam_context from it. In contrast to the current implementation,
these functions can take a domain name per backend and pass it down to the
apropriate sam_init(). To create a maximu
- Original Message -
From: "Stefan (metze) Metzmacher" <[EMAIL PROTECTED]>
To: "Jelmer Vernooij" <[EMAIL PROTECTED]>; "Andrew Bartlett"
<[EMAIL PROTECTED]>; "Kai Krueger" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sen
Hi,
there is a missing "," in default_classname_table[] between "sam" and
"auth".
The appended patch fixes this.
Kai
typo.diff
Description: Binary data
Hi
There seems to be a bug in debug.c. It causes samba to crash with SIGSEGV on
startup if a unknown debug class is specified in smb.conf.
The problem is in debug_parse_params(). This function gets a pointer to the
debug classes as parameter instead of useing the global DEBUGLEVEL_CLASS
arrays. I
Here are some changes in codeing style of the first patches. Instead of
dbgtext(), DEBUGADD() is used. I've also reversed if conditions to avoid
whole of function if statements
Kai
util_sock_cleanup2.diff
Description: Binary data
util_cleanup2.diff
Description: Binary data
util_seaccess_cl
Hi,
The appended patches try to cleanup the debug logs a little by grouping
debug messages together that belong together. I.e it removes the debug
headers inbetween. Not only does it reduce the log size (up to 20% depending
on debugleve), but IMHO also increases readability.
They affect show_msg
I assume the following lines in HEAD/source/libsmb/clispnego.c
if (neg_flags & NTLMSSP_NEGOTIATE_SIGN)
DEBUG(4, (" NTLMSSP_NEGOTIATE_SIGN\n"));
if (neg_flags & NTLMSSP_NEGOTIATE_SIGN)
DEBUG(4, (" NTLMSSP_NEGOTIATE_SEAL\n"));
should be
if
From: "Kai Krueger" <[EMAIL PROTECTED]> Sent: Wednesday, July 31, 2002
10:21 PM
> So now back to the structure of the handles. As mentioned before, I don't
> think it has actually been decided upon (but perhaps I'm just not aware of
> it). All opinions with
- Original Message -
From: "Andrew Bartlett" <[EMAIL PROTECTED]>
Sent: Thursday, August 01, 2002 1:09 AM
> Kai Krueger wrote:
>
> > P.S. perhaps adding const all along would make it clear which parameters
are
> > "in parameters" and which
- Original Message -
From: "Jelmer Vernooij" <[EMAIL PROTECTED]> Sent: Wednesday, July 31, 2002
5:53 PM
> [ Ok, I've switched off gpg signing for all samba lists... ]
>
> Hi!
>
> I'm working on the new sam system currently and was wondering whether
> the following patch should be appl
- Original Message -
From: "Simo Sorce" <[EMAIL PROTECTED]>
To: "Stefan (metze) Metzmacher" <[EMAIL PROTECTED]>
Cc: "Samba Technical" <[EMAIL PROTECTED]>
>Hi metze,
>on top of the first doc I see you state that all strings should be utf8.
>I hearteadly disagree, I woul d rather like to se
Hi,
I'm haveing problems with the recent samba wins server after deleting the
wins.tdb. After restarting samba, the wins_server_subnet does not contain
all the names it should do (e.g. domain<1b> domain<1c> sambaserver<00>
sambaserver<20> ...). If I use an old CVS checkout from the end of Mai
eve
Hi
This patch implements the un-, marshalling of the RPC SetSecObj and
returns NT_STATUS_NOT_IMPLEMENTED, so that the function
can be implemented more easily later on.
One of the places where the RPC call SetSecObj() is needed,
is in usrmgr.exe to set the flag "User cannot change password".
This
- Original Message -
From: "Andrew Bartlett" <[EMAIL PROTECTED]> Sent: Wednesday, June 26,
2002 5:49 AM
> > It would be good, if all those q_u->pol could be renamed to
identify on what
> > type of sam-object each of the policies where opened. i.e.
q_u->domain_pol,
> > q_u->user_pol,
- Original Message -
From: "Stefan (metze) Metzmacher" <[EMAIL PROTECTED]> Sent: Thursday, June 13, 2002
12:07 PM
> >My suggestion is something like the below. But it is more a thought till
> >now than a proper api
> >
> >BOOL add_group_entry (GROUP_INFO1 group, BOOL local_global, DO
- Original Message -
From: "Stefan (metze) Metzmacher" [EMAIL PROTECTED] Sent: Wednesday, June 12, 2002
10:43 AM
> Hi,
> I've startet to make the group mapping code modulized in the way it is done
> in the auth and passdb subsystems.
I think modularising the group mapping code is a
Hi
Here comes the next part of the access control patch.
It fixes the nt_user_token in the pipes_struct and should therefore make the
whole patch function correctly so that it probably could then be applied.
Till now the current_user struct in pipes_struct was only initialised in the
code for th
I've noticed two problems with enumerating aliases in srv_samr_nt.c.
The first problem is, that local unix groups only appear as aliases in win2k user
manager
if I have a debug level bigger than 2. I assume this is not a feature ?!? ;-)
The problem seams to be that the smb.conf parameter "w
- Original Message -
From: "Andrew Bartlett" <[EMAIL PROTECTED]> Sent: Friday, June 07, 2002 1:42 PM
> > Yup, I can try and update it to current CVS, as long as that doesn't change to
>often ;-)
> > I'll hopefully be able to do it soon. Should I send the next version of the patch
- Original Message -
From: "Andrew Bartlett" <[EMAIL PROTECTED]>
Sent: Thursday, June 06, 2002 1:01 PM
> > As the SDs contained numerical constants as well, that part is included as well,
>so it is a patch
> > against a fresh samba HEAD cvs from 31.5.02
>
> Firstly, can you up
- Original Message -
From: "Jeremy Allison" <[EMAIL PROTECTED]> Sent: Wednesday, June 05, 2002 8:07 PM
Subject: Re: Access control to SAM / _samr_query_sec_obj
> Nice patch. I do have one request though. I've (for years)
> been removing magic numerical constants from Samba (like
This is the first version of the patch to implement access control to SAM.
It implements checks of the desired access in all open functions (those that create
handles)
against the appropriate default SDs of the previous patch and associates the granted
access bits
with the handle. These gra
- Original Message -
From: "Tim Potter" <[EMAIL PROTECTED]> Sent: Saturday, June 01, 2002 8:17 PM
> On Sat, Jun 01, 2002 at 12:17:19AM +0200, Kai Krueger wrote:
>
> > currently, as far as I can see, the access control to the SAM database is
> &
Hi,
currently, as far as I can see, the access control to the SAM database is
only based upon file access to the db-files. On normal installations
therefore only the root user can change, delete or add things instead of the
entire administrators group. As this is IMHO rather "unhelpfull", es
30 matches
Mail list logo
