[SCM] Samba Shared Repository - branch v4-0-stable updated
Andrew Bartlett
abartlet at samba.org
Sun Jan 10 23:08:53 MST 2010
The branch, v4-0-stable has been updated
via c41fb54... more WHATSNEW4
via 1a76c80... This is Samba4 alpha11!
via 4f6e9a0... release notes for Samba4 alpha11 (to be released this week)
via 73422e7... Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode"
via 3af84c1... Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now"
via 306de30... Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group"
via aa45015... Revert "s4:provision_users.ldif - Add objects for IIS"
via d0123e0... s4-selftest: when a command fails show both normal and expanded command
via 1eebdfd... s4-test: fixed make test without having done make install
via 2cedefa... s4:upgradeprovision - fix up the script regarding linked attributes
via e0d6b097.. s4:upgradeprovision - Reformat comments
via 601ea3a... s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
via 91e2100... s4:provision_users.ldif - Add objects for IIS
via e72787f... s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
via 9ee895f... s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group
via 81a848b... s3: Remove some unused variables
via fd1b6bd... s3: Fix some nonempty blank lines
via 86a73e6... s3: Use sid_check_is_domain instead of a direct sid_equal
via 48251c3... s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid
via 3ea64e0... s3: Replace most calls to sid_append_rid() by sid_compose()
via 50b7a32... s3: Remove unused samr_make_sam_obj_sd
via 0815730... s3: Remove the typedef for "auth_serversupplied_info"
via 9bb4766... s3: Remove the typedef for "auth_usersupplied_info"
via 6f0e7b9... s3: Trim libnss_wins.so
via 0f9268b... s3: Trim down some utilities a bit
via 61dfd3d... s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
via 5c174c6... s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
via a3e089d... s4-ldb: display security descriptors with correct SDL for known SIDs
via d5091a1... s4-dsdb: added samdb_domain_sid_cache_only()
via fd92db5... s3: Remove a pointless "else" branch from add_ccache_to_list()
via fc17573... s3: Slightly simplify winbindd_store_creds
via 43c841b... s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()
via c03a101... s4-drs: instanceType is always sent, regardless of UDV values
via a894eea... s4-debug: lower the verbosity of a couple of common log messages
via 93fefef... s4-samldb: fixed primaryGroupID when promoting a machine to a DC
via 8a09dc1... s4-schema: fixed the SDDL for the schema root security descriptor
via 45f49d0... s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
via b37bec8... s4-drs: give DN of failed replication partition
via 04e8237... s4-drs: base is_nc_prefix on instanceType
via 67d8518... s4-drs: having no SPNs to change is not an error
via ba745a4... s4-drs: fixed writespn to ignore add/delete errors
via 8c2d7ae... s4-dsdb: added samdb_ldb_val_case_cmp()
via acf33e0... s4-drs: moved the DsWriteAccountSpn call to its own file
via 8ccedc3... s4-libnet: dsdb_wellknown_dn() in vampire code
via 1158c13... s4-drs: need to set the getncchanges extended_ret on success too
via 7010fad... s4-drs: calculate and send a uptodateness_vector with replication requests
via 39730ac... s4-drs: be less verbose when we filter objects by UDV
via 349f7ba... s4-drs: added filtering by udv in getncchanges
via b0090d0... s4-idl: give a enum for attribute cn and a 'NONE' attribute
via 9e6eb22... s4-drs: fixed the NC in the getncchanges RID alloc reply
via 273a4d9... s4-debug: removed debug_ctx(). It didn't catch on :-)
via 651ddb7... s4-messaging: remove only usage of debug_ctx()
via 6a36799... s4-messaging: fixed a memory leak in messaging_path()
via 196cb6b... s4-drs: fixed usage of ldb_dn_new()
via 39a4e2a... s4-ldb: validate the type of the ldb argument to ldb_dn_new()
via 7eee8e0... Fix comment
via d7713d1... Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
via fca0c4d... s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
via 0588f34... s4-kdc: Migrate tcp connections to tsocket.
via 42c34cd... s4:kdc: use LIBSAMBA_TSOCKET
via d97562b... s4:kdc: the ->process function returns "bool"
via bbaec01... libcli/util: add tstream_read_pdu_blob_send/recv
via 1bc9530... s3-time: fix build warnings after we moved to shared time functions.
via 9bdd3d6... s3-docs: mention -K option in pdbedit manpage.
via 8d87c0a... s4-drs: added two more SPNs in addentry
via ad11deb... s4-schema: fixes for W2K8-R2 schema
via ebec499... s4-schema: added msDS-NcType to schema container
via ce21151... s4-schema: fixed attributes of aggregate schema
via 38909a4... s4-schema: switch to W2K8-R2 schema
via d371b0e... s4-schema: added adminDisplayName and adminDescription
via c93a182... s4-schema: added some debug for bad attributes
via 9d296e6... s4-provision: added W2K8-R2 schema as provided by WSPP
via 5ccf8ae... s4-samba3samtest: we need to force netbios name as well
via dde2b66... s4-samba3sid: fixed error returns when res->count != 1 and oom
via 9aed099... s4-samba3samtest: force workgroup so the domain is right
via f68c43e... s4-samba3sid: the sambaNextRid attribute is actually the previous RID
via d6f92db... s4-samba3sam: use samba3sid module
via dd61336... s4-dsdb: added a samba3sid module
via 66f161d... s4-acl: fixed acl.py test to use correct ldif
via 81c0b01... s4-secdesc: fixed the sec_descriptor.py test
via 43a815c... s4-samba3samtest: use system credentials for creating users
via 8b8bb15... s4-dsdb: fixed const misuse in acl module
via baa8793... s4-dsdb: use dsdb_module_am_system() in acl module
via 595fad2... s4-dsdb: allow specification of a SID if we are system
via f118f54... s4-dsdb: added dsdb_module_am_system()
via d22a9e5... s4-dsdb: squash some unknown structure warnings
via 5d6032e... s4-partition: fixed selection of partitions on exact match
via 59f314d... s4-scripting: we need to use a base search for the NTDS GUID
via 501dd4a... s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
via 278d2f7... s4-smbd: setup the default event contexts for other process models
via 5803253... s4-drs: we need to wrap extended operations in transactions
via 2d10f3a... s4-dsdb: poke the RID Manager when completely out of RIDs too
via a65823e... s4-dsdb: ensure we will in all the attributes for RID Set
via 308a479... s4-dsdb: added DSDB_FLAG_TOP_MODULE
via 5f36f03... s4-dsdb: no longer need special invocationID handling for standalone servers
via a7fffe8... s4-provision: do a self join for all server types
via f6cf895... s4-schema: added generic attributeID conversion functions
via f7517e6... s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
via cd65ce8... s4-schema: make ldb_val to string comparison safer with nul termination
via ff968e4... s4-idl: regenerate DRS IDL
via 4c7bf05... s4-idl: added some more wellknown attributeIDs
via 3352e5d... s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB
via 2523811... Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
via 6247a13... s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
via 73838b3... s4-libnet: better error messages in libnet_vampire.c
via 9871f52... s4/dsdb_schema: use msDS-IntId value for attribute look-up
via a44ae10... s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
via a7b3891... s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
via f7756c8... s4-partition: don't ignore errors from other modules
via 9672a3d... s4-devel: a useful script to setup bin/ and st/ as tmpfs filesystems
via 1f25d0a... s4-provision: re-open sam.ldb after creating the schema
via 42f0bda... s4-provision: RID 1000 is consumed by the machine account
via fdf12a6... s4-ldb: improve error handling in indexing code
via c4fa4d1... s4-dsdb: improve error messages in schema and pdc_fsmo modules
via ac5d426... s4-drs: added some debug messages
via dcbba58... s4-event: added s4_event_context_set_default()
via f254091... s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOC
via b1f97b7... s4-dsdb: added an extended operation for allocating a new RID pool
via 2590b77... s4-repl: implement MSG_DREPL_ALLOCATE_RID
via cc7967b... s4-repl: allow for callbacks when a repl operation completes
via 7a40cac... s4-dsdb: the dsdb ldb modules now need messagiing
via dc11414... s4-dsdb: send a message to the drepl task when we need another RID pool
via 805ab0e... s4-messaging: added a new msg type MSG_DREPL_ALLOCATE_RID
via 19e515a... s4-repl: added request for RID allocation in drepl task
via 8cd2bed... s4-dsdb: added dsdb_find_guid_attr_by_dn()
via 37340d5... s4-ridalloc: copy with missing rIDNextRid and rIDAllocationPool
via 45550f8... s4-dsdb: added dsdb_module_set_integer()
via c12b9ab... s4-dsdb: clarify who is responsible for each attribute
via dd8cb3c... s4-dsdb: fixed usage of rIDAllocationPool and rIDPreviousAllocationPool
via 5136438... s4-dsdb: implement refresh of RID Set pool for a local RID Manager
via 53d10d1... s4-provision: don't hard wire the creation of the RID Set object
via 1053ce5... s4-dsdb: implement creation of the RID Set object
via 439ee5a... s4-dsdb: use dsdb_next_callback()
via d0bd6e7... s4-dsdb: added dsdb_next_callback()
via e6f14ac... s4-dsdb: added dsdb_module_constrainted_update_integer()
via f240110... s4-dsdb: added dsdb_module_reference_dn()
via f137f93... s4-dsdb: added dsdb_module_add()
via fcfb5d7... s4-provision: allow provision modifies to add records
via 226460d... s4-dsdb: move the RID allocation logic into ridalloc.c
via 7f90a05... s4-samldb: use RID Set to allocate user/group RIDs
via 5eb3b91... s4-provision: the DC object itself needs a fixed objectSID
via 2bad107... s4-dsdb: added samdb_rid_set_dn()
via a136249... s4-provision: added an initial RID Set
via bd6d0e9... s4-ldb: added nice ldif display of 64 bit ranges for RIDs
via fbc3a0f... s4-dsdb: added samdb_reference_dn()
via c915bd8... linked_attributes: Fix missing dependency on util.
via 339afda... testprogs: add support for "print" option in win32 spoolss torture test.
via 9185fd0... testprogs: pass down architecture in spoolss test.
via 487a03a... testprogs: add win32 spoolss testsuite.
via 57be1d0... s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files
via 34f0cff... s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share
via dc68982... s3:auth: don't update the bad pw count if pw is among last 2 history entries
via 46111dc... s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation
via 017ccd0... s3:passdb: store the plain nt passwords hashes in history, not salted md5
via 667b6f3... s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash
via 801edec... s3: Remove some code that has become unnecessary
via c1ca000... s3-docs: fix eventlogadm manpage typo.
via 8289b46... s3: Lock down some srvsvc calls according to what w2k3 seems to do
via 7248873... s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account
via 5ad1b7e... s3:auth:check_sam_security: fix a leading tab/ws mixup
via 970317c... s3:auth:check_sam_security: create (and use) a common exit point
via de4fb80... s3:auth:check_sam_security: null out sampass after it has been stolen.
via 3634859... s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass
via c0f404a... s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()
via 0172587... s3:auth:sam_password_ok: fix allocation of a data blob.
via 7ac18c7... s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers
via b5fcb34... s3:check_sam_security: untangle assignment from statement
via 53a1ed9... s3: Factor password_in_history() out of check_passwd_history()
via be05d71... Simplify E_md5hash a bit
via 5e2fc28... s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore
via 2a11f3b... s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above
via ec0998a... s3: Add a paranoia check to pdb_set_plaintext_passwd()
via a3f5222... s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition
via 7633837... s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes
via 864ed92... s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array
via e729025... s3: Make use of talloc_array in pdb_set_plaintext_passwd()
via 7ba0064... s3: Simplify pdb_set_plaintext_passwd() a bit
via ca6c1cd... s3: Simplify pdb_set_plaintext_passwd() slightly
via 3d83949... s3: Fix a typo
via 147a2c0... s3: Avoid a memset(, 0, ) call
via 2fad148... s3:pdb_set_pw_history: free the old history before setting the new.
via 71e3de6... s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check
via 71a40d7... s4/torture: fix small bug in lock test
via 655bdb1... s4/torture: add more lock cancellation tests
via f5729db... s3:lib/time: remove TIME_T_MIN/MAX defines
via 571ee54... lib/util: move TIME_T_MIN/MAX defines into header file
via b3e065e... Ñ3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/
via c5f24c3... s3:lib/time: remoce null_mtime() - use null_time()
via c1c7b6c... s3:lib/time: remove unused nt_time_equals
via d5995ee... Second part of the fix for bug #7020 - smbd using 2G memory.
via 3dbe860... s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.
via 7568f49... s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.
via 0457cf9... s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.
via e172b21... Ñ3:configure: use gettimeofday check from lib/util/
via 350db0b... vfs_commit: print warning when no fsync support is there
via c01f443... tdb: fix standalone 'make installdocs'
via 0a3a6bb... tdb: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
via eff6022... talloc: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
via f408d58... tevent: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
via a2044b9... s4: Fix result check for getaddrinfo()
via f6bd654... Fix bug #7020 - smbd using 2G memory.
via a08a0ff... s4:SAMLDB LDB module - Fix trailing whitespaces
via 77ce33c... s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes
via c051008... s4:schema_load.c - Typo
via bbf9885... s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory"
via d8ca002... s4:ldap_schema.py - Move generated attributes check
via d06fb8e0.. s3: List trusted domains from wcache when domain is offline.
via 133638c... s3: Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query.
via 36493bf... s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
via da41f23... s3 net: Fix up a share type translation and translate some more strings
via 9a9d737... s3 net: Add a few missing gettext calls.
via 2a66db8... Fix the merged build. Probably not strictly correct but allows us to "make test". Jeremy.
via f04e10f... s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req
via 1525e59... blackbox/test_export_keytab.sh: correctly remove temporary files
via 5df8b33... blackbox/test_export_keytab.sh: use VALGRIND for samba4kinit
via a06e5cd... s4: Happy New Year 2010
via 2ed51fb... s3: Happy New Year 2010
via 283a73c... s3: Trim down smbcontrol a bit
via ac5b090... s3: Fix a shadowed variable warning
via 675d5fe... s3: Fix an uninitialized variable warning
via 37ac16a... s3: Convert cli_ulogoff to the async API
via 99f2924... s3: Convert cli_tdis to the async API
via 41a5149... s3: Slightly simplify winbindd_dual_ccache_ntlm_auth
via e2f361d... s3: Fix some nonempty blank lines
via 6ada1f2... libwbclient: Remove a pointless check
via 6edfbbd... s3: Remove some unused code
via 2d75aa0... s3: Convert cli_sesssetup_ntlmssp to the async API
via 3f25fb5... s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value
via a321dd9... s3: Convert cli_session_setup_kerberos to the async API
via 063900a... s3: Fix a typo
via a66341b... s3: simplify find_root_domain, find_our_domain() never fails
via 133f023... s3: Use global_sid_Builtin in find_builtin_domain
via 92345f4... s3: Avoid adding a domain twice
via 22a4a00... s3: Make free_domain_list() static
via 583d192... s3: Adapt sid_dup_talloc to README.Coding
via d05e17f... s3: Introduce domain_is_forest_root() helper function
via 5047548... s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
via e809b72... s4-drs: don't give an error on repsTo delete if add is also specified
via 0bc902a... s4-sddl: DRS replication needs REVISION_ADS for SDs
via a214ebc... ldb: Fix the standalone ldb build.
via fef3c91... libreplace: some systems don't have memmem()
via 00b39c7... s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs
via cced567... s4-kcc: added a preiodic task to remove deleted objects
via 08bad38... s4-dsdb: fixed several memory leaks
via 031460b... s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID
via 335af02... s4-ldb: fixed valgrind error: ares can be freed by callback
via 8eaed07... s4-dsdb: make sure 'whenChanged' is set on modify
via 9819d28... s4-dsdb: added dsdb_tombstone_lifetime()
via 23eb9f4... s4-dsdb: allow system to remove deleted objects
via 1c5a268... s4-ldaptest: need to use MessageElement for modify messages
via e410a91... s4-ldb: show an error string, as well as error message
via 4eecfc8... s4-drs: make sure the DNs we put in the db have a extended GUID
via 6628588... s4-dsdb: added dsdb_set_extended_dn_guid()
via 98d94cc... s4-ldbtest: fixed message element in modify
via 81e8a18... s4-ldb: allow modules to override error return values
via 302dcd0... s4-ldbmodify: show the error code as well as error string
via 1ab5020... s4-ldb: declate ldb_val_to_time()
via 53e86ac... s4-ldb: use safe length limited conversions for int64 and time
via 708ad42... s4-dsdb: use safe length limiting in string->integer conversion
via c306179... s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()
via baae6ef... s4-ldb: added ldb_val_to_time()
via e3cf818... s4-drs: sort linked attributes
via d48237d... s4-drs: re-resolve the DN in linked attribute processing
via 5dd6e08... s4-drs: use dsdb_module_rename()
via 38160de... s4-drs: use dsdb linked attribute parse functions
via 5e52c71... s4-dsdb: added parse functions for DRS linked attribute blobs
via a81dd03... s4-drs: set flag to indicate that we do support linked attributes
via 36f8ece... s4-ldb: show the error code as well as errstr
via db3f0e8... s4-dsdb: fixed valgrind error in replmd modify
via 9f053d4... s4-drs: don't try to remove backlinks directly
via 0bf7f95... s4-drs: isRecycled only exists in FL W2K8-R2
via 5305032... s4-drs: use DSDB_FLAG_OWN_MODULE
via 9572535... s4-drs: update comment to refect only forward link in this fn
via 5b31cb2... s4-drs: fixed typo for uSNCreated
via 7a39340... s4-drs: use dsdb_module_guid_by_dn()
via e3054ce... s4-drs: cope better with NULL GUIDS from DRS
via 2e11448... s4-drs: give an error message in repl_meta_data if we don't get a partition control
via 0d5d7f5... s4-drs: treat a zero GUID as not present in replmd_add_fix_la
via 0c2afdd... s4-drs: update highwatermark after successfully encoding the object
via ff6dd4a... s4-drs: send all linked attributes at the end of a replication cycle
via 5bf257f... s4-drs: use the extended linearized form for DRS replication
via 7653f56... s4-drs: implemented sorting functions based on replication flags
via 701148b... s4-drs: we are doing the sorting for getncchanges in the app code now
via cb00e44... s4-drs: give a reason when an AddEntry commit fails
via 9f02898... s4-schema: don't fill in the extended DN with a zero GUID
via d4853fe... sd-schema: order DRS classes on the wire in reverse order
via ca5c3a0... s4-dsdb: added DSDB_FLAG_OWN_MODULE
via e1ffcfc... s4-ldb: added ldb_module_get_ops()
via dd33a22... s4-dsdb: use a common method for finding a link pair
via 340d7e8... s4-drs: fixed the UDV return in getncchanges
via bcc952d... s4-drs: some useful debugging options for getncchanges
via bf8ccd2... s4-dsdb: fill in the correct version number of links that come over DRS
via 5dcb903... s4-dsdb: move checking for single valued links to samba modules
via 3c1259f... s4-dsdb: added dsdb_check_single_valued_link()
via 225bcfa... s4-drs: handle mixtures of old and new style links in getncchanges
via 64802c5... s4-dsdb: added dsdb_dn_is_upgraded_link_val()
via b34db08... s4-ldb: use the RELAX control to disable single value checking on replace
via 26ec526... s4-dsdb: auto-upgrade w2k formatted linked attributes when modified
via fde3f64... s4-drs: added linked attribute replication to getncchanges
via beba977... s4-dsdb: ask for REVEAL_INTERNALS in getncchanges
via 809bcfc... s4-dsdb: minor cleanup in DRS replicated objects code
via 4dbcab4... s4-dsdb: store full meta data from DRS for linked attributes
via 312ef9d... s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes
via b1db66a... s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()
via f1b6484... s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN
via e4a6f5c... s4-dsdb: handle links with no backlinks in replmd_delete
via 5eefff9... s4-dsdb: simplify the linked_attributes module
via e9699e9... s4-dsdb: do the rename after the modify in replmd_delete
via 2b5cd3d... s4-dsdb: some backlinks can be processed immediately
via 3fe9244... s4-dsdb: remove linked_attributes_add
via 9e96ae8... s4-dsdb: add linked attributes meta_data handling to replmd_add
via 348bcfc... s4-dsdb: added replmd_delete, based on Eduardos work
via 5964acf... s4-dsdb: the linked_attributes module no longer handles deletes
via bd5678f... s4-dsdb: repl_meta_data now replaces objectguid in all cases
via 3199e02... s4-dsdb: add a comment on the use of ldb_rename()
via c071af3... s4-dsdb: linked_attributes_modify no longer handles modifies
via 3b05606... s4-dsdb: added support for backlinks in repl_meta_data
via dee6b6f... s4-dsdb: implemeneted replmd_modify_la_replace()
via d5020e3... s4-dsdb: add a TODO item for linked attributes in extended_dn_out
via 41c3c97... s4-dsdb: add support for storing linked attribute meta data in extended DNs
via 9085499... heimdal_build: Explicitly specify 'YES' when enabling external libraries.
via 0c29640... s4/build: Indicate whether Samba4 is being built against the system Heimdal.
via de94857... s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)
via 9d6411d... s4-testpasswords: fixed CONFIG and quoting
via 3239872... s4-net: fixed pwsettings command
via dbd7a62... py/security: Add test for dom_sid.split.
via 66f81d1... samba: Fix whitespace, remove pointless 'pass' statement.
via ea5af6e... pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
via 7effe2d... net: Support 'super' commands implemented in Python.
via 9e5ef91... net: Move 'newuser' to 'net newuser'
via 73594c2... net: Fix tests and documentation of setexpiry.
via 345b25d... net: Move setexpiry to 'net setexpiry'
via b531696... net: Move 'setpassword' to 'net setpassword'.
via 552e656... net: Allow Python commands to return None instead of 0.
via 797977a... blackbox.passwords: Use convenience variable for net.
via 18d2213... Fix commands in password tests.
via 31cc963... net: Allow python subcommands to provide commands that are not recognized by net itself.
via 3a271a8... Prevent NULL dereference if group has no members
via 1aed373... s4:lib/registry/util.c - Reintroduce "FIXME"s
via b0dd364... net: Add some German translation
via d5cbfbb... s4:ntlmssp: remove mem_ctx from check_password() callback to match s3
via f31d144... s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop
via 994d34b... s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()
via 3f04b60... s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()
via 7d4692f... s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()
via dea4560... s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()
via 60b9434... s4:ntlmssp_server: remove unused variable
via a8e61ac... s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
via c9b6ad2... s3:ntlmssp: change get_challange() to return NTSTATUS
via fbb59b2... dsdb: Fix dependencies when building against system ldb.
via 94454ad... net: Make arguments available to python commands as sys.argv.
via 588b3e6... python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py.
via e2c4d82... s4/net: Allow options before arguments for Python commands.
via 433f58f... s4/net: Pass all arguments through to the Python commands.
via e60a40e... s4/net: Add domainlevel subcommand.
via 027f6ad... s4/net: Use d_printf consistently when reporting errors.
via 732a763... Use CommandError exception to deal with problems during net commands.
via eaf4a9a... s4/net: Make pwsettings a net subcommand.
via 8c19cd2... netcmd: Add some basic tests.
via 9e603dfb.. s4/net: Support parsing arguments in Python commands.
via 9b1a210... net: Support usage/help of subcommands implemented in Python.
via c064549... net: Support implementing subcommands in python.
via 8b68349... s4:auth: add auth_get_server_info_principal() prototype to auth.h
via 27349a6... s4:auth: make auth_challenge_may_be_modified() public
via af25fb5... s4:auth: remove autogenerated auth/ntlm/auth_proto.h
via 4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
via 9d5f41c... s3:ntlmssp: move some indentation in ntlmssp_sign.c
via 05f7a86... s3:ntlmssp: remove unused ntlmssp_stored_response()
via 7cff7d9... s3:ntlmssp: remove unused ref_count from ntlmssp_state
via e78558a... s3:ntlmssp: fix whitespace in ntlmssp.h
via 5541a91... s3:ntlmssp: fix spelling
via 5ff127b... s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
via 8ab6279... s4:ntlmssp: fix whitespaces in ntlmssp.h
via e5fbff0... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
via c0289d6... s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid()
via b8fcba9... s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains)
via 0aa8946... s3: Simplify winbindd_ads.c:trusted_domains()
via 2c49678... s3: Remove some unused code
via d53cfb7... s3: Simplify winbindd_list_trusted_domains() slightly
via 2daa084... s3: Simplify "setup_domain_child" slightly
via 72d9359... python: Remove sys.path line rather than updating it when installing to python system path.
via ff0f8bd... s3:winbind Make the normal client exit message a bit more understandable
via 0a6a13d... s3: Fix a typo found by Matthias Dieter Wallnöfer <mdw at samba.org> -- thanks :-)
via 7e66145... s3: Fix a bogus uninitialized variable warning
via 634d084... s3: Replace IS_DOMAIN_OFFLINE by a function
via 50e5f9d... s3: Fix some nonempty blank lines
via 03617df... s3: winbindd_cli_state->getgrent_state is no longer used
via b911a7b... s3: getgrent_state has been replaced by grent_state
via ef453c6... py_net/libnet: Remove C++-style comments, add more error checking, move initialization of dcerpc subsystem to libnet.
via 33699bb... s4-libnet: Simple test for net.SetPassword() python binding
via 20c7c27... s4-libnet: Python binding for libnet_SetPassword()
via f03e88f... s4-net: Fix 'talloc_free with references ...' error
via 078482a... s4:auth: change auth_check_password_send/recv to tevent_req
via 577857d... s4:gensec: change gensec_update_send/recv to tevent_req
via 5126b52... s4:kdc: use the remote and local address from the stream_connection struct
via 500f55c... s4:smbd: hold tsocket_addresses on the stream_connection
via 4e2da42... s4:smb_server: fix mixing socket_address and tsocket_address
via d3ee0f0... s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address
via 445baf5... s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address
via 17c804a... tsocket: only copy the specific part of sockaddr*
via 4784c8c... tsocket: allow AF_UNIX sockaddrs smaller than sizeof(sockaddr_un)
via 9620791... s3: Remove unused delete_negative_conn_cache()
via ffab1a2... s3: Remove unused flush_negative_conn_cache()
via 53bf5f0... s3: Remove some unnecessary variables from libsmb/conn_cache.c
via a3f43e3... s3: Fix a comment in conn_cache.c
via 0421098... s3: Fix a 64-bit error
via daecb74... s3: Remove some pointless SMB_ASSERTs
via 56f9d18... s3: Remove some pointless casts
via 6dcbb84... Attempt to fix one of the last two bugs with the full Windows ACL support.
via 3d85b1e... The posix acl version of set_nt_acl() could set the stat_ex struct in the fsp->fsp_name pointer incorrectly for a directory.
via 67d1af4... s4:cleanups More trailing spaces and tabs
via da27d4e... s4:cleanups remove trailing spaces and tabs
via 29a8467... doc: update mount.cifs man page with nounix option
via 7e8b042... s4:ldb Fix declaration in the middle of the code
via 4cc0bb7... s4: Fix the build
via 8dc636a... s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify
via 3bd4f67... s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch
via 5aa0d97... s3: wbinfo --ping-dc is not cacheable
via 6dc924f... s3: Remove some unused code
via 40d4c31... s3: Remove unused sendto_child()
via 475d296... s3-net: use generated krb5.conf in 'net ads testjoin'
via 3b40ec8... s3-docs: mention -M option and remove nonexisting -G option in pdbedit manpage.
via 802e932... s3:ntlmssp: only include ntlmssp.h where actually needed
via 5b37cd2... s3:ntlmssp: remove the typedef NTLMSSP_STATE
via dee35f7... s3:ntlmssp: move to C99 integer types in ntlmssp.h
via 9b36fa0... s3:ntlmssp: rename enum NTLMSSP_ROLE into enum ntlmssp_role
via ba2cfce... libcli/auth Make gd's NDR NTLMSSP parsers helpers common
via 47bee67... s3: Restore correct timeouts for SMB requests
via 528c150... s3: Remove a pointless else branch
via b6f446c... s3: Move smb_splice_chain to smbd/process.c, its only user
via 585900d... s4:gensec Don't give a warning when Windows client connects with NTLM
via 0809696... s4:auth Change 'get_challenge' API to be more like Samba3
via 383369e... s4:auth generate the prototype file in the right place
via 551ea65... Samba4 and LDB requires talloc 2.0.1
via 100168d... Fix bug reported in mangle_hash code (no bugid yet).
via fd5350d... s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19
via 43a8b49... s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior
via c33988c... s4 torture: Be more permissive with share modes for oplock testing
via fd0c3a2... s4 torture: Do a better job of closing open files in RAW-OPLOCK.
via 2a9c227... param: Fix build on systems without ldb installed.
via 5b9e98a... provision/pyldb: Avoid linking in static python ldb module.
via 1d9a243... ldb_wrap: Fix compilation when using system ldb.
via 0110990... tdb: Also build and install tdb manpages from standalone tdb.
via 8b278e6... tdb: Fix formatting of API check file.
via c8e6279... Fix initialisation of TypeObject samba.param.LoadparmService.
via 9b6b01a... s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc
via 2308ec7... s3:winbindd: Fix a brown paper bag bug in wbinfo -t ...
via 74deee3... Rename reply_doserror() -> reply_force_doserror().
via 642101a... Remove all calls to reply_doserror - turn them into correct reply_nterror calls. Next rename reply_doserror -> reply_force_doserror and plumb in when NT_STATUS_DOS is used. Jeremy.
via 714c60e... Rename 282 -> ERReasnotsupported. Jeremy.
via 9a7bed7... s3-docs: mention long and undocumented option names in rpcclient manpage.
via 308e1b5... s3-docs: mention long and undocumented option names in smbcacls manpage.
via 71a5aef... s3-docs: mention long and undocumented option names in smbclient manpage.
via 6ffa5df... s3-docs: mention -O, --stdout in smbget manpage.
via f868672... s3-docs: mention long option names in smbtree manpage.
via 722a330... s3-docs: mention long and undocumented option names in pdbedit manpage.
via 0d41278... s3-docs: mention all long option names in samba.entities file.
via d9ca148... s3-docs: not working for SuSE anymore...
via e7468fb... s3: Shrink winbindd_proto.h a bit
via e1bf189... s3: Fix some nonempty blank lines
via d534a5b... s3: Remove unused get_sam_group_entries
via 0a130da... s3: Remove unused winbindd_dual_getsidaliases
via 66bcae6... s3: Remove an unused struct definition
via 9568c76... s3: Remove unused winbindd_dual_getuserdomgroups
via 958fdaf... s3: Remove unused winbindd_dual_getdcname
via 4f434e0... s3: Remove unused winbindd_dual_lookupname
via 74b1a02... s3: Remove unused winbindd_dual_lookupsid
via c25d9ad... s3: Remove unused winbindd_dual_userinfo
via a8875c5... s3: Remove some unused dual functions
via 4b84d75... s3: Remove unused do_async
via 3f98c2c... s3: Remove unused winbindd_gid2sid_async
via 93bcc34... s3: Remove unused winbindd_uid2sid_async
via fb77442... s3: Remove unused winbindd_sid2gid_async
via d40edae... s3: Remove unused winbindd_sid2uid_async
via dfd876e... s3: Remove unused do_async_domain
via 2591a52... s3: Remove unused query_user_async
via 5156fa8... s3: Remove unused winbindd_getsidaliases_async
via 0c3e3b7... s3: Remove unused winbindd_lookupname_async
via ebcb28c... s3: Remove unused winbindd_lookupsid_async
via 0c36259... s4-schema: fixed the sorting of schema attributes
via ec7dc6a... s4-torture: update uuid_compare test for new behaviour
via ad35153... s4-drs: Implement constraints on ATTID values in prefixMap
via 911cefd... s4-tort: Test handling of different ATTID values in prefixMap interface.
via 35b8808... Adapted acl module to skip checks if as_system control is provided.
via 9f6c818... s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control
via 7685bbb... s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM
via 11e2c57... s4-dsdb-util: Utility function to process ldb_request in transaction
via 516316b... s4-schema: Implement msDS-IntId attribute generation
via a409c0f... s4-schema: Constraints on msDS-IntId attribute
via 4e8ad28... s4-schema: Set ATTID in schema cache from "msDS-IntId"
via 14bac3a... Revert "s4-drs: cope with bogus empty attributes from w2k8-r2"
via ee48f58... s4-tort: Tests for "msDS-IntId" attribute implemented
via c113be8... s4-tort: Move Schema tests from ldap.py into separate module
via d9606d6... s4-drs: Fix bug - prefixMap is not updated when adding new OIDs.
via 03a1451... s4-drstest: Don't remove temp LDB so it can be reviewed if necessary
via 452fc0d... s4-repl: give a reason why the prepare commit failed
via 92d75a4... s4-kcc: don't crash with a NULL ntds connection list
via 60acce5... s4-repl: only try to replicate for NCs that we are a master for
via 87f28cc... s4-torture: another unsigned comparison bug
via ec74ffa... s4-schema: a unsigned comparison bug in the schema code
via d370810... s4-drs: another two unsigned comparison bugs
via a106fef... librpc: fixed the GUID_compare() function
via 2a4a159... s4-repl: lower debug level of a common message
via 47560bf... s4-dsdb: don't use a non-constant format string for a printf format
via a070119... s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls
via 9d56f65... s4-dsdb: added dsdb_get_extended_dn_uint64()
via e89a2db... s4-dsdb: use varargs expression in dsdb_module_search()
via 2c88ffb... s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions
via dbda2c2... s4-provision: added a note about where invocationIDs come from
via 882768c... s4-dsdb: give us an invocationID when in standalone mode
via 1b5389a... s3: Fix an error case in cli_negprot
via 4b7a6b1... tevent: prefix types and defined with tevent_ and TEVENT_
via 590f7c2... Output %p as unsigned in snprintf replacement.
via fcbe8f0... s4:kdc: setup the local and remote tsocket_address at accept time
via 4dc958c... s4:kdc: convert UDP based communication to tdgram_context
via 32861b9... Actually explain the twisty paths of tortured logic behind reply_doserror(), reply_nterror(), and reply_nterror(NT_STATUS_DOS()).
via 0dd8c8a... reply_doserror() doesn't force DOS errors on the wire.
via 69d26d2... reply_force_nterror() is not used anywhere. Remove it. Jeremy.
via daa561d... s4 torture: Add test to show archive bit behavior with directories
via 9b86923... s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3
via ea365af... Added freeing a successful req so it doesnt croud the ldb context
via 39616c0... Added oid for AS_SYSTEM control, used to bypass access checks for system operations.
via 72d68ac... s3-docs: mention pam_winbind.conf(5) manpage in pam_winbind(8) manpage.
via 7481667... s3-docs: add new pam_winbind.conf(5) manpage.
via 19cdcde... s4-dsdb: stop warnings about unknown struct GUID in prototypes
via cb841c3... s4-ldb: fixed a valgrind error in ldbtest
via 5d7805b... s4-dsdb: greatly simplify the subtree_delete module
via b3c69e7... s4-dsdb: declare ldb_dn_update_components()
via 82bf0d8... s4-dsdb: added ldb_dn_update_components()
via db76e65... s4-dsdb: fixed the sort in dsdb_find_nc_root()
via f392ae5... s4-ldb: display msDS-OptionalFeatureGUID as a GUID
via 811b405... s4-scripts: add a enablerecyclebin script
via 20869a0... s4-ldb: canonicalise the message on ldb_add
via 7cb858e... s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user
via 0806006... s4-dsdb: fix handling of AUX classes in objectclass_sort
via 8b88925... s4-dsdb: return an error if samAccountName is not specified when creating a user.
via d99084f... s4-dsdb: Move get_last_structural class from descriptor.c to util.c
via 2ad086e... s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message
via 027cba6... Return NULL in strlower_talloc if src is NULL
via c3d1e5c... s4:provision Give a more useful error message in guess_names
via 0c1ff3b... Always map EMFILE to ERRDOS, ERRnofids, *NOT* NT_STATUS_TOO_MANY_OPENED_FILES. This is what W2KR3 does for NTCreateX and openX calls. May be the correct fix for bug 6837 - "Too many open files" when trying to access large number of files. Jeremy.
via f8ab38a... Vector correctly through reply_openerror() (which uses the same logic). Jeremy.
via cfbf62d... s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file
via c3582f9... s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle
via f8bb5a6... s4 torture: Parameterize streams delete behavior rather than commenting out the check.
via f02206d... s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode
via 5c13a90... s4 torture: close handle instead of using exit
via fbf4923... Update default with correct value. Add a note about Win7 behavior here. Jeremy.
via 159c1b8... Fix bug #6939 - mangling method = hash breaks long filenames.
via bbec305... s4:"samdb_set_password" - remove delete instructions
via dc4c411... s4-smbtorture: skip GetAliasMembership against s4.
via c0883fb... Fixed incorrect checking of PRINCIPAL_SELF permissions.
via 619ad0c... s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR.
via a23084e... tdbtool: avoid using c++ reserved words.
via eb7ff92... s3: Run RPC-SAMBA3-GETALIASMEMBERSHIP-0 in make test
via 1d0f364... s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message
via e3ee8ff... s3: Fix bug 6992, make test for getgrouplist cacheable
via a9689bb... s4-smbtorture: fix smbtorture after setprinter IDL fixes.
via 31cf2b0... s3-spoolss: fix rpcclient after setprinter IDL fixes.
via be95cb6... spoolss: more mork on SetPrinterInfo() levels.
via 0708b2a... s4-ntvfs: check if pvfs is NULL in pvfs_logoff
via fae70e1... s4:gensec: allow clearing local and remote address by passing NULL
via c457d54... s4-gensec: Remove obsolete socket_address vars and fns.
via 1e54888... s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.
via ac2d31e... s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.
via 8ca8804... s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.
via 226a9db... s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.
via 743e636... s4-gensec: Added remote and local setter/getter using tsocket.
via 8f4d4a6... Final part of the fix for 6837 - "Too many open files" when trying to access large number of files
via b8c87c4... Add helpful debug of DACL for errors on ACL access. Jeremy.
via 64e588f... spoolss: add spoolss_DriverInfo7.
via d9f9322... s3-pdbedit: allow to call "pdbedit -N description -u user" without specifiyng "-r".
via 8d3fc23... s4-dsdb: also mark the relax control non-critical when done
via 558a386... s4-dsdb: it is a better pattern to mark a control as done than remove it
via 41e403a... s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor
via 934bb28... s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical
via 9955756... s4-ldb: show the OID of any unhandled critical controls
via f8320b3... s4-ldb: fixed a transaction error on prepare_commit
via e14c728... s4-ldb: added --show-deactivated-link command line option
via f9302f9... ldap: give a debug error when we don't know a control
via 6c21255... s4-dsdb: added dsdb_get_deleted_objects_dn()
via 3c1f18c... s4-dsdb: added dsdb_find_nc_root()
via 7d0fdca... s4-dsdb: added dsdb_wellknown_dn()
via b7a74ac... libds: added GUIDs for wellknown AD objects
via 8a74633... s4-dsdb: added a dsdb_module_rename() call
via 9fa1f96... s4-dsdb: added dsdb_module_modify()
via 4b970c0... s4-dsdb: fixed dsdb_module_dn_by_guid()
via cd4574f... s4-dsdb: dsdb_flags should be unsigned
via 57b10b6... s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls
via 9515926... s4-dsdb: added dsdb_module_dn_by_guid()
via 32995e8... s4-dsdb: use dsdb_dn_is_deleted_val()
via 152f415... s4-dsdb: added dsdb_dn_is_deleted_val()
via d31b636... s4-ntvfs: try to fix bug 6989
via e22e336... s4:drsuapi/getncchanges.c - Update the list of operational attributes
via e831e3e... Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level.
via 308b50a... s4-smbtorture: run GetPrinterDriver2 tests against each printer's driver.
via 1a43d86... s4:prog_guide4.txt: remove obsolete comments
via a88b288... s4: Fixed the programming guide to reflect the current tree.
via b55d076... s4-kdc: Migrate to tsocket_address.
via a5bdab8... tsocket: Fixed tsocket_guide.txt asciidoc syntax.
via e33ae22... tsocket: Fixed documentation for tsocket_address_bsd_sockaddr().
via ab04dd3... tsocket: Fixed typo in LGPL header.
via edbf2ca... tsocket: add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr()
via 4a19ada... smbtorture4: Add rpc-samba3-getaliasmembership-0
via 20bcdf8... s3: Fix _samr_GetAliasMembership for results with 0 rids
via 4330efe... Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.
via b85f6f6... s4 torture: Add new RAW-SEARCH test to explore strange max count behavior
via 8ba02d9... s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server
via 5930f77... s4 torture: Convert RAW-OPEN to suite form
via d732fb4... s4 torture: Add SHARE_DELETE to create_directory_handle
via 7f95686... Fix release script to work with recent git versions
via f346079... s4:tls: fix the build on Solaris
via 4deaa84... Fixed a problem with duplicate values of allowedAttributesEffective.
via ef5508b... s4: rename res/res2 to something more explicit
via d2ec67e... s4: upgradeprovision handle renaming and knownobjects
via fb85977... s4: upgradeprovision rename also when there is a mismatch on the case of name attribute
via 3357319... s4: reorder action to permit old provision to be correctly upgraded
via f871de7... s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's.
via 0d10efe... s3: Allow up to 20480 entries in LookupSids, as mandated by the official IDL
via 9260396... s4-dsdb: added REVEAL_INTERNALS flag to dsdb_module_search_handle_flags()
via 7f6b524... s4-devel: support vampire_ad.sh with no initial smb.conf
via b11b227... s4-loadparm: call reload_charcnv() also for a missing smb.conf
via 7f16da7... s4-dsdb: return a zero guid on error in samdb_result_guid()
via bb00941... heimdal: work around differences between GNU and XSI strerror_r()
via 665e57f... s4-dsdb: use the reveal control to hide/show extended DN components
via e3c2309... s4-ldb: added new ldb_dn extended components for linked attributes
via 0d76df9... s4-ldb: added a function to filter extended components of a ldb_dn
via 725e25a... s4-ldb: added a new "reveal" control
via 56b90ac... s4-ldb: sort the linearized extended DN by component name
via a3b7e84... librpc/ndr: avoid comparison_fn_t to fix the openchange build on solaris
via 6bc29ec... add ignore for autogenrated files as they are not used by s3
via 155bdea... torture: add new tests for dfsblobs
via 8f8613d... idl: introduce new file: dfsblobs.idl
via 05effef... librpc/ndr: add missing prototypes for relative_short functions
via e316624... spoolss: fix spoolss_PrinterData size calculation.
via 5ae61cf... spoolss: trivial fix for spoolss_FormInfo2 IDL.
via 801fbd0... s4-smbtorture: check whether a returned buffer size is a multiple of 4 in RPC-SPOOLSS.
via f740bdc... s3:docs: Fix 'make manpages3'.
via f8c34c4... s4:"samdb_set_password_sid" - clean up created objects correctly
via 1788abb... s4:operational LDB module - cosmetic - reorder an attribute list
via 24a398b... s3: Fix a very embarrassing build failure
via 678f2ca... pidl: Introduce new dirrective: relative_short
via f0054da... librpc/ndr: add support for relative_short pointers
via 5767b1d... s4:utils/oLschema2ldif.c - remove (now) unused variables
via c69b9b7... s3:docs: document ldap deref
via 5dd86c7... s3:loadparm: Change the "ldap deref" value "defualt" to "auto".
via 31321ac... s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
via f3205d3... s3: add prototype to fix the build
via 31202a9... s3-selftest: enable RPC-SAMBA3-WINREG.
via c2618d2... s3-rpcclient: allow to set offered size for enumkey command.
via dc71d1c... s4-smbtorture: add more spoolss_EnumPrinterKey tests for local NDR test.
via e92b034... s3: make own defines for ldap deref types
via 6683644... s3: add LDAP Alias Dereferencing support
via 835e7d6... spoolss: remove unused spoolss_StringArray2.
via ce33967... s4-smbtorture: fix and extend enum printerkey test.
via f20effc... s3-spoolss: fix enumprinter key client and server.
via fa413d1... s3: re-run make samba3-idl.
via 0ecb7f6... spoolss: use spoolss_KeyNames in spoolss_EnumPrinterKey.
via cf25614... spoolss: add spoolss_KeyNames union.
via 0604c69... s3:packaging: Fix version detection.
via 56b754e... Implementation of sDRightsEffective, allowedAttributesEffective and allowedChildClassesEffective.
via 85e79a2... s3:packaging: Fix source dir.
via b5011ba... s3:packaging: Fix typo in comment.
via c59372b... s4-ldb: fixed 2 bugs in ldb_dn_set_extended_component()
via 62dc7f6... s4-libcli: GUID_from_ndr_blob() is strict about the blob size
via c7c97b6... s4-schema: use GUID_to_ndr_blob()
via d35b7d0... s4-schema: use binsearch.h
via 71943e8... util: added binsearch.h for binary array searches
via 261ba40... s4-dsdb: use GUID_to_ndr_blob()
via 215cc5a... s4-ldb: use GUID_to_ndr_blob()
via 9822286... s4-libnet: use GUID_to_ndr_blob()
via b4ea96e... s4-libcli: use GUID_to_ndr_blob()
via 33cbe9c... s4-server: use GUID_to_ndr_blob() in cldap and smb servers
via 1b20002... libcli: use GUID_to_ndr_blob()
via d035a60... s3-ldb: use GUID_to_ndr_blob()
via 3ce800d... libndr: added a GUID_to_ndr_blob() helper function
via 2493776... s4-ldb: simplify ldif handlers using new GUID functions
via d337cef... s4-dsdb: simplify samdb_result_guid()
via 56b887e... s4-dsdb: simplify linked attributes code using GUID functions
via 81bc561... s4-dsdb: simplify schema code using new GUID functions
via f01ea8b... s4-smb2: use new GUID function in smb2 negprot
via 498f2b8... s4-libcli: use new GUID functions in libcli
via 08e8988... s4-dsdb: use GUID_from_ndr_blob() to create dsdb_get_extended_dn_guid()
via effff54... librpc: split out a separate GUID_from_ndr_blob() function
via d2f13dd... s4-smbtorture: enhance spoolss_EnumPrinterKey torture test.
via c7e3a2d... s3: check for PAM_RADIO_TYPE.
via b386c33... s3: Fix build on non-linux platform.
via bfbccbb... WHATSNEW4: Samba 3.0 is not up-to-date.
via 0fca76e... s4-dsdb: added dsdb_functional_level() helper function
via 732c701... s4-drs: ensure we fill in ncRoot_dn in getncchanges
via 16eb25b... s4-drs: use parentGUID attribute in getncchanges
via 4bb2958... s4-ldb: fixed nested searches inside ldb modules
via e5a478d... s4-ldb: added a missing ltdb_unlock_read()
via 3397671... s4-dsdb: use dsdb_module_search_dn in repl_meta_data
via 707cd30... s4-dsdb: fixed steal of parentGUID for empty msg
via f772329... s3: Give the user a chance to change password when password will expire soon.
via fd58556... s3: keep subsecond times on cross-filesystem moves and don't follow links
via b617466... s3:configure: check for lutimes, futimes and futimens
via bd11ec4... Merge commit 'origin/master' into abartlet-devel
via 1853098... s4: On the way to alpha11
via 3609c74... s3:doc: make dos filetimes description less contradictory
via 0d53ce7... s3: make sys_posix_fallocate more generic
via e14fb8f... s3-spoolss: use SPOOLSS_ARCHITECTURE_ALL in driver enum server code.
via fb3b098... spoolss: add more spoolss architectures to IDL.
from 100e249... This is alpha10
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable
- Log -----------------------------------------------------------------
commit c41fb54cb7a1f647e239e4479e8603633685781e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jan 11 16:35:28 2010 +1100
more WHATSNEW4
commit 1a76c80466bf877a806c1c220b41e0ed37d92ed7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jan 11 14:57:55 2010 +1100
This is Samba4 alpha11!
commit 4f6e9a0bf7f4cdd63ed4c95da3a914a85737d8a9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jan 11 12:00:34 2010 +1100
release notes for Samba4 alpha11 (to be released this week)
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 6 +-
WHATSNEW4.txt | 37 +-
docs-xml/build/DTD/samba.entities | 20 +-
docs-xml/manpages-3/eventlogadm.8.xml | 2 +-
docs-xml/manpages-3/mount.cifs.8.xml | 54 +-
docs-xml/manpages-3/pam_winbind.8.xml | 6 +-
docs-xml/manpages-3/pam_winbind.conf.5.xml | 190 +
docs-xml/manpages-3/pdbedit.8.xml | 175 +-
docs-xml/manpages-3/rpcclient.1.xml | 11 +-
docs-xml/manpages-3/smbcacls.1.xml | 28 +-
docs-xml/manpages-3/smbclient.1.xml | 28 +-
docs-xml/manpages-3/smbget.1.xml | 8 +-
docs-xml/manpages-3/smbtree.1.xml | 6 +-
docs-xml/manpages-3/tdbbackup.8.xml | 2 +-
docs-xml/manpages-3/tdbdump.8.xml | 2 +-
docs-xml/manpages-3/tdbtool.8.xml | 2 +-
docs-xml/smbdotconf/ldap/ldapderef.xml | 21 +
docs-xml/smbdotconf/misc/dosfiletimes.xml | 8 +-
docs-xml/smbdotconf/tuning/maxopenfiles.xml | 21 +-
lib/replace/libreplace.m4 | 2 +
lib/replace/replace.c | 23 +
lib/replace/replace.h | 6 +
lib/replace/snprintf.c | 1 +
lib/replace/test/testsuite.c | 37 +
lib/talloc/script/release-script.sh | 2 +-
lib/talloc/talloc.mk | 5 +
lib/tdb/Makefile.in | 7 +-
lib/tdb/configure.ac | 7 +
lib/tdb/include/tdb.h | 2 +-
.../tdb/manpages}/tdbbackup.8.xml | 0
.../manpages-3 => lib/tdb/manpages}/tdbdump.8.xml | 0
.../manpages-3 => lib/tdb/manpages}/tdbtool.8.xml | 0
lib/tdb/tdb.mk | 19 +-
lib/tdb/tdb.signatures | 2 +-
lib/tdb/tools/tdbtool.c | 4 +-
lib/tevent/tevent.mk | 4 +
lib/tevent/tevent_signal.c | 76 +-
lib/tsocket/tsocket.c | 2 +-
lib/tsocket/tsocket.h | 17 +-
lib/tsocket/tsocket_bsd.c | 68 +-
lib/tsocket/tsocket_guide.txt | 317 +-
lib/tsocket/tsocket_helpers.c | 2 +-
lib/tsocket/tsocket_internal.h | 2 +-
lib/util/binsearch.h | 68 +
lib/util/charset/util_unistr.c | 4 +
lib/util/debug.h | 4 -
lib/util/time.c | 14 -
lib/util/time.h | 14 +
libcli/auth/ntlmssp_ndr.c | 145 +
{source3/libsmb => libcli/auth}/ntlmssp_ndr.h | 0
libcli/auth/smbencrypt.c | 8 +-
libcli/ldap/ldap_message.c | 2 +
libcli/ldap/ldap_ndr.c | 7 +-
libcli/util/tstream.c | 167 +
libcli/util/tstream.h | 79 +
libds/common/flags.h | 13 +
librpc/gen_ndr/cli_spoolss.c | 9 +-
librpc/gen_ndr/cli_spoolss.h | 6 +-
librpc/gen_ndr/drsuapi.h | 12 +-
librpc/gen_ndr/lsa.h | 4 +-
librpc/gen_ndr/ndr_drsuapi.c | 5 +
librpc/gen_ndr/ndr_lsa.c | 4 +-
librpc/gen_ndr/ndr_spoolss.c | 532 +-
librpc/gen_ndr/ndr_spoolss.h | 11 +-
librpc/gen_ndr/spoolss.h | 48 +-
librpc/gen_ndr/srv_spoolss.c | 15 +-
librpc/idl/dfsblobs.idl | 116 +
librpc/idl/drsuapi.idl | 7 +-
librpc/idl/lsa.idl | 4 +-
librpc/idl/spoolss.idl | 50 +-
librpc/ndr/libndr.h | 7 +-
librpc/ndr/ndr.c | 42 +
librpc/ndr/ndr_basic.c | 12 +
librpc/ndr/ndr_spoolss_buf.c | 73 +-
librpc/ndr/ndr_spoolss_buf.h | 4 +-
librpc/ndr/uuid.c | 65 +-
nsswitch/libwbclient/wbc_pam.c | 45 +
nsswitch/libwbclient/wbc_util.c | 2 +-
nsswitch/libwbclient/wbclient.h | 14 +
nsswitch/pam_winbind.c | 126 +-
nsswitch/wbinfo.c | 34 +
nsswitch/winbind_struct_protocol.h | 4 +-
packaging/RHEL/makerpms.git.sh | 6 +-
packaging/RHEL/makerpms.sh.tmpl | 2 +-
pidl/lib/Parse/Pidl/Compat.pm | 4 +
pidl/lib/Parse/Pidl/NDR.pm | 3 +
pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 17 +-
prog_guide4.txt | 63 +-
selftest/selftest.pl | 13 +
source3/Makefile.in | 35 +-
source3/auth/auth_builtin.c | 12 +-
source3/auth/auth_compat.c | 10 +-
source3/auth/auth_domain.c | 12 +-
source3/auth/auth_netlogond.c | 6 +-
source3/auth/auth_ntlmssp.c | 8 +-
source3/auth/auth_sam.c | 215 +-
source3/auth/auth_script.c | 4 +-
source3/auth/auth_server.c | 4 +-
source3/auth/auth_unix.c | 4 +-
source3/auth/auth_util.c | 64 +-
source3/auth/auth_wbc.c | 4 +-
source3/auth/auth_winbind.c | 4 +-
source3/configure.in | 51 +-
source3/groupdb/mapping.c | 3 +-
source3/include/async_smb.h | 5 -
source3/include/auth.h | 10 +-
source3/include/client.h | 4 +-
source3/include/includes.h | 4 +-
source3/include/local.h | 24 +-
source3/include/ntlmssp.h | 34 +-
source3/include/proto.h | 108 +-
source3/include/smb.h | 2 +-
source3/include/smb_macros.h | 3 +-
source3/lib/ldb/samba/ldif_handlers.c | 3 +-
source3/lib/smbldap.c | 11 +
source3/lib/system.c | 8 +-
source3/lib/time.c | 124 +-
source3/lib/util_seaccess.c | 40 -
source3/lib/util_sid.c | 17 +-
source3/libads/sasl.c | 1 +
source3/libnet/libnet_samsync_passdb.c | 15 +-
source3/librpc/gen_ndr/cli_wbint.c | 130 +
source3/librpc/gen_ndr/cli_wbint.h | 8 +
source3/librpc/gen_ndr/ndr_wbint.c | 51 +-
source3/librpc/gen_ndr/ndr_wbint.h | 11 +-
source3/librpc/gen_ndr/srv_wbint.c | 80 +
source3/librpc/gen_ndr/srv_wbint.h | 2 +
source3/librpc/gen_ndr/wbint.h | 8 +
source3/librpc/idl/wbint.idl | 3 +
source3/libsmb/async_smb.c | 219 +-
source3/libsmb/cliconnect.c | 950 +-
source3/libsmb/clidfs.c | 6 +-
source3/libsmb/clifsinfo.c | 1 +
source3/libsmb/conncache.c | 82 +-
source3/libsmb/errormap.c | 6 +-
source3/libsmb/libsmb_cache.c | 4 +-
source3/libsmb/ntlmssp.c | 88 +-
source3/libsmb/ntlmssp_ndr.c | 145 -
source3/libsmb/ntlmssp_sign.c | 57 +-
source3/libsmb/samlogon_cache.c | 6 +-
source3/libsmb/smb_seal.c | 5 +-
source3/locale/net/de.po | 2070 ++--
source3/modules/vfs_acl_common.c | 106 +
source3/modules/vfs_commit.c | 2 +
source3/modules/vfs_default.c | 47 +-
source3/param/loadparm.c | 26 +
source3/passdb/lookup_sid.c | 21 +-
source3/passdb/passdb.c | 3 +-
source3/passdb/pdb_compat.c | 10 +-
source3/passdb/pdb_get_set.c | 141 +-
source3/passdb/pdb_interface.c | 3 +-
source3/passdb/pdb_ldap.c | 6 +-
source3/passdb/util_unixsids.c | 26 +-
source3/passdb/util_wellknown.c | 4 +-
source3/printing/nt_printing.c | 4 +-
source3/rpc_client/cli_netlogon.c | 7 -
source3/rpc_client/cli_pipe.c | 29 +-
source3/rpc_client/cli_spoolss.c | 7 +-
source3/rpc_client/ndr.c | 15 +
source3/rpc_client/rpc_transport_np.c | 12 +
source3/rpc_client/rpc_transport_smbd.c | 10 +
source3/rpc_client/rpc_transport_sock.c | 53 +
source3/rpc_server/srv_lsa_nt.c | 3 +-
source3/rpc_server/srv_netlog_nt.c | 4 +-
source3/rpc_server/srv_pipe.c | 1 +
source3/rpc_server/srv_pipe_hnd.c | 7 +
source3/rpc_server/srv_samr_nt.c | 25 +-
source3/rpc_server/srv_spoolss_nt.c | 15 +-
source3/rpc_server/srv_srvsvc_nt.c | 21 +
source3/rpcclient/cmd_spoolss.c | 17 +-
source3/script/tests/test_posix_s3.sh | 3 +-
source3/smbd/chgpasswd.c | 87 +-
source3/smbd/dir.c | 8 -
source3/smbd/dosmode.c | 28 +-
source3/smbd/error.c | 50 +-
source3/smbd/lanman.c | 2 +-
source3/smbd/mangle_hash.c | 14 +-
source3/smbd/message.c | 8 +-
source3/smbd/nttrans.c | 91 +-
source3/smbd/open.c | 12 +-
source3/smbd/password.c | 2 +-
source3/smbd/pipes.c | 24 +-
source3/smbd/posix_acls.c | 25 +-
source3/smbd/process.c | 186 +-
source3/smbd/quotas.c | 4 +-
source3/smbd/reply.c | 121 +-
source3/smbd/seal.c | 1 +
source3/smbd/sesssetup.c | 13 +-
source3/smbd/smb2_sesssetup.c | 1 +
source3/smbd/trans2.c | 49 +-
source3/torture/torture.c | 41 +-
source3/utils/net_ads.c | 4 +
source3/utils/net_groupmap.c | 9 +-
source3/utils/net_help.c | 4 +-
source3/utils/net_rpc.c | 17 +-
source3/utils/net_util.c | 8 +-
source3/utils/ntlm_auth.c | 81 +-
source3/utils/pdbedit.c | 9 +-
source3/winbindd/idmap_hash/idmap_hash.c | 3 +-
source3/winbindd/idmap_tdb.c | 3 +-
source3/winbindd/wb_getgrsid.c | 11 +
source3/winbindd/wb_gettoken.c | 7 +
source3/winbindd/wb_sid2gid.c | 2 +-
source3/winbindd/wb_sid2uid.c | 2 +-
source3/winbindd/winbindd.c | 17 +-
source3/winbindd/winbindd.h | 23 +-
source3/winbindd/winbindd_ads.c | 236 +-
source3/winbindd/winbindd_async.c | 549 -
source3/winbindd/winbindd_cache.c | 474 +-
source3/winbindd/winbindd_ccache_access.c | 35 +-
source3/winbindd/winbindd_check_machine_acct.c | 2 +-
source3/winbindd/winbindd_cm.c | 3 +-
source3/winbindd/winbindd_cred_cache.c | 13 +-
source3/winbindd/winbindd_creds.c | 12 +-
source3/winbindd/winbindd_domain.c | 30 -
source3/winbindd/winbindd_dual.c | 94 +-
source3/winbindd/winbindd_dual_srv.c | 48 +
source3/winbindd/winbindd_getgrnam.c | 23 +-
source3/winbindd/winbindd_getgroups.c | 24 -
source3/winbindd/winbindd_group.c | 284 -
source3/winbindd/winbindd_idmap.c | 321 -
source3/winbindd/winbindd_misc.c | 192 +-
source3/winbindd/winbindd_pam.c | 4 +-
source3/winbindd/winbindd_passdb.c | 72 +-
source3/winbindd/winbindd_ping_dc.c | 96 +
source3/winbindd/winbindd_proto.h | 169 +-
source3/winbindd/winbindd_reconnect.c | 12 +-
source3/winbindd/winbindd_rpc.c | 76 +-
source3/winbindd/winbindd_user.c | 73 -
source3/winbindd/winbindd_util.c | 138 +-
source4/Makefile | 2 +-
source4/VERSION | 2 +-
source4/auth/auth.h | 25 +-
source4/auth/credentials/config.mk | 2 +-
source4/auth/gensec/config.mk | 2 +-
source4/auth/gensec/cyrus_sasl.c | 25 +-
source4/auth/gensec/gensec.c | 218 +-
source4/auth/gensec/gensec.h | 35 +-
source4/auth/gensec/gensec_krb5.c | 41 +-
source4/auth/ntlm/auth.c | 271 +-
source4/auth/ntlm/auth_proto.h | 50 -
source4/auth/ntlm/auth_server.c | 7 +-
source4/auth/ntlm/auth_unix.c | 6 +-
source4/auth/ntlm/auth_util.c | 12 +-
source4/auth/ntlm/auth_winbind.c | 6 +-
source4/auth/ntlm/config.mk | 6 +-
source4/auth/ntlmssp/ntlmssp.h | 34 +-
source4/auth/ntlmssp/ntlmssp_server.c | 106 +-
source4/auth/ntlmssp/ntlmssp_sign.c | 31 +-
source4/build/smb_build/summary.pm | 1 +
source4/cldap_server/netlogon.c | 12 +-
source4/dsdb/common/dsdb_dn.c | 69 +
source4/dsdb/common/dsdb_dn.h | 5 +
source4/dsdb/common/util.c | 638 +-
source4/dsdb/config.mk | 8 +-
source4/dsdb/kcc/kcc_connection.c | 6 +-
source4/dsdb/kcc/kcc_deleted.c | 156 +
source4/dsdb/kcc/kcc_periodic.c | 5 +
source4/dsdb/kcc/kcc_service.h | 2 +
source4/dsdb/repl/drepl_notify.c | 20 +-
source4/dsdb/repl/drepl_out_helpers.c | 533 +-
source4/dsdb/repl/drepl_out_pull.c | 63 +-
source4/dsdb/repl/drepl_partitions.c | 87 +-
source4/dsdb/repl/drepl_periodic.c | 2 +
source4/dsdb/repl/drepl_ridalloc.c | 282 +
source4/dsdb/repl/drepl_service.c | 1 +
source4/dsdb/repl/drepl_service.h | 11 +-
source4/dsdb/repl/replicated_objects.c | 29 +-
source4/dsdb/samdb/ldb_modules/acl.c | 769 +-
source4/dsdb/samdb/ldb_modules/config.mk | 38 +-
source4/dsdb/samdb/ldb_modules/descriptor.c | 57 +-
source4/dsdb/samdb/ldb_modules/extended_dn_in.c | 5 +
source4/dsdb/samdb/ldb_modules/extended_dn_out.c | 74 +-
source4/dsdb/samdb/ldb_modules/extended_dn_store.c | 4 +-
source4/dsdb/samdb/ldb_modules/instancetype.c | 3 +-
source4/dsdb/samdb/ldb_modules/kludge_acl.c | 5 +-
source4/dsdb/samdb/ldb_modules/lazy_commit.c | 16 +-
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 1272 +--
source4/dsdb/samdb/ldb_modules/objectclass.c | 279 +-
source4/dsdb/samdb/ldb_modules/operational.c | 57 +-
source4/dsdb/samdb/ldb_modules/partition.c | 12 +-
source4/dsdb/samdb/ldb_modules/password_hash.c | 13 +-
source4/dsdb/samdb/ldb_modules/pdc_fsmo.c | 4 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 1818 ++-
source4/dsdb/samdb/ldb_modules/ridalloc.c | 646 +
source4/dsdb/samdb/ldb_modules/rootdse.c | 5 +-
source4/dsdb/samdb/ldb_modules/samba3sid.c | 197 +
source4/dsdb/samdb/ldb_modules/samba_dsdb.c | 21 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 836 +-
source4/dsdb/samdb/ldb_modules/schema_data.c | 180 +-
source4/dsdb/samdb/ldb_modules/schema_load.c | 10 +-
source4/dsdb/samdb/ldb_modules/show_deleted.c | 11 +-
source4/dsdb/samdb/ldb_modules/simple_ldap_map.c | 22 +-
source4/dsdb/samdb/ldb_modules/subtree_delete.c | 137 +-
source4/dsdb/samdb/ldb_modules/tests/samba3sam.py | 17 +-
source4/dsdb/samdb/ldb_modules/util.c | 452 +-
source4/dsdb/samdb/ldb_modules/util.h | 10 +
source4/dsdb/samdb/samdb.h | 8 +
source4/dsdb/schema/prefixmap.h | 11 +
source4/dsdb/schema/schema.h | 1 +
source4/dsdb/schema/schema_init.c | 53 +-
source4/dsdb/schema/schema_prefixmap.c | 24 +
source4/dsdb/schema/schema_query.c | 113 +-
source4/dsdb/schema/schema_set.c | 20 +-
source4/dsdb/schema/schema_syntax.c | 282 +-
source4/heimdal/lib/krb5/fcache.c | 12 +-
source4/heimdal_build/external.m4 | 8 +-
source4/kdc/config.mk | 3 +-
source4/kdc/hdb-samba4.c | 241 +-
source4/kdc/hdb-samba4.h | 8 +-
source4/kdc/kdc.c | 708 +-
source4/kdc/kdc.h | 18 +-
source4/kdc/kpasswdd.c | 225 +-
source4/kdc/pac-glue.c | 30 +-
source4/kdc/pac-glue.h | 6 +-
source4/ldap_server/ldap_backend.c | 46 +-
source4/lib/events/events.h | 1 +
source4/lib/events/tevent_s4.c | 15 +-
source4/lib/ldb-samba/ldif_handlers.c | 225 +-
source4/lib/ldb-samba/ldif_handlers.h | 1 +
source4/lib/ldb/common/attrib_handlers.c | 61 +-
source4/lib/ldb/common/ldb.c | 30 +-
source4/lib/ldb/common/ldb_controls.c | 27 +
source4/lib/ldb/common/ldb_dn.c | 75 +-
source4/lib/ldb/common/ldb_modules.c | 10 +-
source4/lib/ldb/common/ldb_msg.c | 27 +
source4/lib/ldb/config.mk | 13 +
source4/lib/ldb/external/libtalloc.m4 | 2 +-
source4/lib/ldb/include/ldb.h | 41 +-
source4/lib/ldb/include/ldb_module.h | 1 +
source4/lib/ldb/ldb.mk | 28 +-
source4/lib/ldb/ldb_tdb/ldb_cache.c | 2 +-
source4/lib/ldb/ldb_tdb/ldb_index.c | 36 +-
source4/lib/ldb/ldb_tdb/ldb_search.c | 1 +
source4/lib/ldb/ldb_tdb/ldb_tdb.c | 48 +-
source4/lib/ldb/ldb_tdb/ldb_tdb.h | 3 +-
source4/lib/ldb/pyldb.c | 4 +-
source4/lib/ldb/pyldb.h | 1 -
source4/lib/ldb/tests/python/acl.py | 46 +-
source4/lib/ldb/tests/python/ldap.py | 190 +-
source4/lib/ldb/tests/python/ldap_schema.py | 525 +
source4/lib/ldb/tests/python/sec_descriptor.py | 229 +-
source4/lib/ldb/tests/sample_module.c | 30 +-
source4/lib/ldb/tests/test-controls.sh | 46 +
source4/lib/ldb/tests/test-tdb.sh | 2 +
source4/lib/ldb/tools/cmdline.c | 22 +-
source4/lib/ldb/tools/config.mk | 13 +
source4/lib/ldb/tools/ldbadd.c | 14 +-
source4/lib/ldb/tools/ldbdel.c | 25 +-
source4/lib/ldb/tools/ldbmodify.c | 17 +-
source4/lib/ldb/tools/ldbtest.c | 2 +
source4/lib/ldb/tools/ldbutil.c | 149 +
source4/lib/ldb/tools/ldbutil.h | 41 +
source4/lib/ldb_wrap.c | 2 +-
source4/lib/messaging/messaging.c | 17 +-
source4/lib/messaging/messaging.h | 1 +
source4/lib/registry/util.c | 2 +
source4/lib/socket/config.mk | 2 +-
source4/lib/socket/socket.c | 72 +
source4/lib/socket/socket.h | 7 +
source4/lib/tls/config.m4 | 3 +
source4/libcli/config.mk | 5 +
source4/libcli/finddcs.c | 3 +
source4/libcli/raw/rawfsinfo.c | 12 +-
source4/libcli/raw/rawrequest.c | 26 +-
source4/libcli/resolve/dns_ex.c | 17 +-
source4/libcli/security/access_check.c | 15 +-
source4/libcli/security/sddl.c | 2 +-
source4/libcli/security/tests/bindings.py | 11 +-
source4/libcli/smb2/negprot.c | 13 +-
source4/libnet/libnet.c | 3 +
source4/libnet/libnet_become_dc.c | 84 +-
source4/libnet/libnet_passwd.c | 8 +-
source4/libnet/libnet_samsync_ldb.c | 10 +-
source4/libnet/libnet_vampire.c | 4 +-
source4/libnet/py_net.c | 78 +-
source4/librpc/config.mk | 7 +-
source4/librpc/ndr/py_security.c | 36 +
source4/min_versions.m4 | 2 +-
source4/ntvfs/posix/pvfs_open.c | 5 +
source4/ntvfs/posix/pvfs_wait.c | 4 +-
source4/param/config.mk | 2 +-
source4/param/loadparm.c | 4 +
source4/param/provision.c | 31 +-
source4/param/pyparam.c | 3 +
source4/param/tests/bindings.py | 10 +-
source4/rpc_server/config.mk | 1 +
source4/rpc_server/drsuapi/addentry.c | 48 +-
source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 82 +-
source4/rpc_server/drsuapi/dcesrv_drsuapi.h | 3 +-
source4/rpc_server/drsuapi/drsutil.c | 22 +-
source4/rpc_server/drsuapi/getncchanges.c | 696 +-
source4/rpc_server/drsuapi/updaterefs.c | 4 +-
source4/rpc_server/drsuapi/writespn.c | 145 +
source4/script/installmisc.sh | 42 +-
source4/scripting/bin/enablerecyclebin | 54 +
source4/scripting/bin/setup_dns.sh | 2 +-
source4/scripting/bin/upgradeprovision | 285 +-
source4/scripting/devel/drs/vampire_ad.sh | 5 +-
source4/scripting/devel/tmpfs.sh | 13 +
source4/scripting/python/modules.c | 43 +-
source4/scripting/python/modules.h | 2 +-
source4/scripting/python/pyglue.c | 23 -
source4/scripting/python/samba/__init__.py | 67 +-
source4/scripting/python/samba/getopt.py | 14 +-
source4/scripting/python/samba/ms_schema.py | 2 +
source4/scripting/python/samba/netcmd/__init__.py | 145 +
.../scripting/python/samba/netcmd/domainlevel.py | 229 +
.../scripting/python/samba/netcmd/enableaccount.py | 65 +
source4/scripting/python/samba/netcmd/newuser.py | 70 +
.../scripting/python/samba/netcmd/pwsettings.py | 190 +
source4/scripting/python/samba/netcmd/setexpiry.py | 72 +
.../scripting/python/samba/netcmd/setpassword.py | 77 +
source4/scripting/python/samba/provision.py | 61 +-
source4/scripting/python/samba/schema.py | 28 +-
source4/scripting/python/samba/tests/netcmd.py | 34 +
source4/selftest/tests.sh | 2 +
.../ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt |16060 ++++++++++++++++++++
.../ad-schema/MS-AD_Schema_2K8_R2_Classes.txt | 3577 +++++
source4/setup/aggregate_schema.ldif | 2 +
source4/setup/domainlevel | 250 -
source4/setup/enableaccount | 65 -
source4/setup/newuser | 69 -
source4/setup/provision.ldif | 2 +-
source4/setup/provision_schema_basedn.ldif | 1 +
source4/setup/provision_self_join.ldif | 20 +-
source4/setup/provision_self_join_modify.ldif | 15 +
source4/setup/pwsettings | 198 -
source4/setup/schema-map-fedora-ds-1.0 | 5 +
source4/setup/schema_samba4.ldif | 4 +
source4/setup/setexpiry | 72 -
source4/setup/setpassword | 74 -
source4/setup/tests/blackbox_newuser.sh | 11 +-
source4/setup/tests/blackbox_setpassword.sh | 10 +-
source4/smb_server/blob.c | 10 +-
source4/smb_server/smb/negprot.c | 5 +-
source4/smb_server/smb/sesssetup.c | 74 +-
source4/smb_server/smb2/negprot.c | 10 +-
source4/smb_server/smb2/sesssetup.c | 17 +-
source4/smbd/config.mk | 2 +-
source4/smbd/process_prefork.c | 8 +-
source4/smbd/process_single.c | 2 +-
source4/smbd/process_standard.c | 6 +
source4/smbd/server.c | 5 +-
source4/smbd/service_stream.c | 32 +-
source4/smbd/service_stream.h | 3 +
source4/torture/config.mk | 2 +-
source4/torture/drs/unit/prefixmap_tests.c | 45 +-
source4/torture/libnet/python/samr-test.py | 62 +
source4/torture/ndr/README | 4 +
source4/torture/ndr/dfsblob.c | 50 +
source4/torture/ndr/ndr.c | 14 +-
source4/torture/ndr/spoolss.c | 14 +
source4/torture/raw/lock.c | 98 +-
source4/torture/raw/open.c | 366 +-
source4/torture/raw/oplock.c | 265 +-
source4/torture/raw/qfileinfo.c | 35 +-
source4/torture/raw/raw.c | 2 +-
source4/torture/raw/rename.c | 2 +-
source4/torture/raw/search.c | 75 +
source4/torture/raw/setfileinfo.c | 153 +
source4/torture/raw/streams.c | 129 +-
source4/torture/rpc/rpc.c | 2 +
source4/torture/rpc/samba3rpc.c | 60 +
source4/torture/rpc/samr.c | 51 +
source4/torture/rpc/spoolss.c | 499 +-
source4/torture/rpc/spoolss_win.c | 12 +-
source4/torture/util_smb.c | 2 +-
source4/utils/net/net.c | 178 +-
source4/utils/oLschema2ldif.c | 2 -
testprogs/blackbox/test_export_keytab.sh | 8 +-
testprogs/blackbox/test_kinit.sh | 2 +-
testprogs/blackbox/test_passwords.sh | 45 +-
testprogs/win32/spoolss/Makefile | 40 +
testprogs/win32/spoolss/Makefile.mingw | 23 +
testprogs/win32/spoolss/README | 1 +
testprogs/win32/spoolss/error.c | 115 +
testprogs/win32/spoolss/error.h | 36 +
testprogs/win32/spoolss/printlib.c | 608 +
testprogs/win32/spoolss/printlib_proto.h | 46 +
testprogs/win32/spoolss/spoolss.c | 784 +
testprogs/win32/spoolss/spoolss.h | 51 +
testprogs/win32/spoolss/string.h | 15 +
testprogs/win32/spoolss/torture.c | 106 +
testprogs/win32/spoolss/torture.h | 91 +
testprogs/win32/spoolss/torture_proto.h | 32 +
486 files changed, 42317 insertions(+), 11517 deletions(-)
create mode 100644 docs-xml/manpages-3/pam_winbind.conf.5.xml
create mode 100644 docs-xml/smbdotconf/ldap/ldapderef.xml
copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbbackup.8.xml (100%)
copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbdump.8.xml (100%)
copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbtool.8.xml (100%)
create mode 100644 lib/util/binsearch.h
create mode 100644 libcli/auth/ntlmssp_ndr.c
rename {source3/libsmb => libcli/auth}/ntlmssp_ndr.h (100%)
create mode 100644 libcli/util/tstream.c
create mode 100644 libcli/util/tstream.h
create mode 100644 librpc/idl/dfsblobs.idl
delete mode 100644 source3/libsmb/ntlmssp_ndr.c
create mode 100644 source3/winbindd/winbindd_ping_dc.c
delete mode 100644 source3/winbindd/winbindd_user.c
delete mode 100644 source4/auth/ntlm/auth_proto.h
create mode 100644 source4/dsdb/kcc/kcc_deleted.c
create mode 100644 source4/dsdb/repl/drepl_ridalloc.c
create mode 100644 source4/dsdb/samdb/ldb_modules/ridalloc.c
create mode 100644 source4/dsdb/samdb/ldb_modules/samba3sid.c
create mode 100755 source4/lib/ldb/tests/python/ldap_schema.py
create mode 100755 source4/lib/ldb/tests/test-controls.sh
create mode 100644 source4/lib/ldb/tools/ldbutil.c
create mode 100644 source4/lib/ldb/tools/ldbutil.h
create mode 100644 source4/rpc_server/drsuapi/writespn.c
create mode 100755 source4/scripting/bin/enablerecyclebin
create mode 100755 source4/scripting/devel/tmpfs.sh
create mode 100644 source4/scripting/python/samba/netcmd/__init__.py
create mode 100644 source4/scripting/python/samba/netcmd/domainlevel.py
create mode 100755 source4/scripting/python/samba/netcmd/enableaccount.py
create mode 100755 source4/scripting/python/samba/netcmd/newuser.py
create mode 100644 source4/scripting/python/samba/netcmd/pwsettings.py
create mode 100644 source4/scripting/python/samba/netcmd/setexpiry.py
create mode 100644 source4/scripting/python/samba/netcmd/setpassword.py
create mode 100644 source4/scripting/python/samba/tests/netcmd.py
create mode 100644 source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt
create mode 100644 source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt
delete mode 100755 source4/setup/domainlevel
delete mode 100755 source4/setup/enableaccount
delete mode 100755 source4/setup/newuser
delete mode 100755 source4/setup/pwsettings
delete mode 100755 source4/setup/setexpiry
delete mode 100755 source4/setup/setpassword
create mode 100644 source4/torture/libnet/python/samr-test.py
create mode 100644 source4/torture/ndr/README
create mode 100644 source4/torture/ndr/dfsblob.c
create mode 100644 testprogs/win32/spoolss/Makefile
create mode 100644 testprogs/win32/spoolss/Makefile.mingw
create mode 100644 testprogs/win32/spoolss/README
create mode 100644 testprogs/win32/spoolss/error.c
create mode 100644 testprogs/win32/spoolss/error.h
create mode 100644 testprogs/win32/spoolss/printlib.c
create mode 100644 testprogs/win32/spoolss/printlib_proto.h
create mode 100644 testprogs/win32/spoolss/spoolss.c
create mode 100644 testprogs/win32/spoolss/spoolss.h
create mode 100644 testprogs/win32/spoolss/string.h
create mode 100644 testprogs/win32/spoolss/torture.c
create mode 100644 testprogs/win32/spoolss/torture.h
create mode 100644 testprogs/win32/spoolss/torture_proto.h
Changeset truncated at 500 lines:
diff --git a/.gitignore b/.gitignore
index 13dd2d8..4f93726 100644
--- a/.gitignore
+++ b/.gitignore
@@ -77,6 +77,10 @@ source3/lib/netapi/examples/Makefile
source3/lib/netapi/tests/Makefile
source3/library-versions
librpc/gen_ndr/cli_krb5pac.*
+librpc/gen_ndr/cli_dfsblobs.*
+librpc/gen_ndr/dfsblobs.h
+librpc/gen_ndr/ndr_dfsblobs.*
+librpc/gen_ndr/srv_dfsblobs.*
source3/librpc/gen_ndr/cli_libnetapi.c
source3/librpc/gen_ndr/cli_libnetapi.h
source3/librpc/gen_ndr/cli_messaging.*
@@ -115,7 +119,7 @@ source3/samba4-data.mk
source3/samba4-config.mk
source3/torture.tdb
source4/apidocs
-source4/auth/auth_proto.h
+source4/auth/ntlm/auth_proto.h
source4/auth/auth_sam.h
source4/auth/auth_sam_reply.h
source4/auth/credentials/credentials_krb5_proto.h
diff --git a/WHATSNEW4.txt b/WHATSNEW4.txt
index 75e2482..b4c6e7d 100644
--- a/WHATSNEW4.txt
+++ b/WHATSNEW4.txt
@@ -1,25 +1,25 @@
-What's new in Samba 4 alpha10
+What's new in Samba 4 alpha11
============================
Samba 4 is the ambitious next version of the Samba suite that is being
-developed in parallel to the stable 3.0 series. The main emphasis in
+developed in parallel to the stable 3.x series. The main emphasis in
this branch is support for the Active Directory logon protocols used
by Windows 2000 and above.
-Samba4 alpha10 follows on from the alpha release series we have been
+Samba4 alpha11 follows on from the alpha release series we have been
publishing since September 2007
WARNINGS
========
-Samba4 alpha10 is not a final Samba release. That is more a reference
+Samba4 alpha11 is not a final Samba release. That is more a reference
to Samba4's lack of the features we expect you will need than a
statement of code quality, but clearly it hasn't seen a broad
deployment yet. If you were to upgrade Samba3 (or indeed Windows) to
Samba4, you would find many things work, but that other key features
you may have relied on simply are not there yet.
-For example, while Samba 3.0 is an excellent member of a Active
+For example, while Samba 3 is an excellent member of a Active
Directory domain, Samba4 is happier as a domain controller, and it is
in this role where it has seen deployment into production.
@@ -62,12 +62,29 @@ working on modules to map between AD-like behaviours and this backend.
We are aiming for Samba 4 to be powerful frontend to large
directories.
-CHANGES SINCE alpha9
+CHANGES SINCE alpha10
=====================
-Alpha9 was released last week, but in the time since the release we
-have found and fixed an important segfault, and improved the
-experimental DRS replication.
+Since the alpha10 release, we have fixed a number of serious bugs in
+the implementation of AD-compatible 'Directory Replication Services'.
+We can now join an AD domain as a read-write DC
+
+Importantly, since alpha10, the following serious issues were
+addressed:
+ - We now allocate RID values safely (previous implementations would
+ add users and groups without regard to allocated RID pools, possibly
+ creating duplicates)
+ - In previous Samba4 versions, a failure to 'prepare' a transaction
+ would silently commit the transaction.
+
+Any deployments of Samba4 before this alpha are very strongly
+encouraged to upgrade. Assistance may be found in the
+upgradeprovision script, and the advice of the Samba Team should be
+sought to determine the impact of these issues in your particular
+deployment.
+
+Our progress on DRS is being tracked in the Samba wiki:
+http://wiki.samba.org/index.php/Samba4_DRS_TODO_List
CHANGES
=======
@@ -103,7 +120,7 @@ KNOWN ISSUES
since it's completely experimental!
- ACL are not set by default on shares created by the provision.
- Work is underway on this subject and it should be fixed in Alpha10.
+ Work is underway on this subject and it should be fixed in Alpha12.
RUNNING Samba4
==============
diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities
index 2e924d4..4ad65ca 100644
--- a/docs-xml/build/DTD/samba.entities
+++ b/docs-xml/build/DTD/samba.entities
@@ -50,8 +50,8 @@
<!ENTITY person.gd '
<firstname>Guenther</firstname><surname>Deschner</surname>
<affiliation>
- <orgname>SuSE</orgname>
- <address><email>gd at suse.de</email></address>
+ <orgname>Samba Team</orgname>
+ <address><email>gd at samba.org</email></address>
</affiliation>'>
<!ENTITY author.gd '<author>&person.gd;</author>'>
@@ -214,7 +214,7 @@ in the &smb.conf; file.</para>
<!ENTITY stdarg.configfile '
<varlistentry>
-<term>-s <configuration file></term>
+<term>-s|--configfile <configuration file></term>
<listitem><para>The file specified contains the
configuration details required by the server. The
information in this file includes server-specific
@@ -227,7 +227,7 @@ compile time.</para></listitem>
<!ENTITY stdarg.version '
<varlistentry>
-<term>-V</term>
+<term>-V|--version</term>
<listitem><para>Prints the program version number.
</para></listitem>
</varlistentry>'>
@@ -249,7 +249,7 @@ log.smbd, etc...). The log file is never removed by the client.
<!ENTITY stdarg.resolve.order '
<varlistentry>
-<term>-R <name resolve order></term>
+<term>-R|--name-resolve <name resolve order></term>
<listitem><para>This option is used to determine what naming
services and in what order to resolve
host names to IP addresses. The option takes a space-separated
@@ -307,7 +307,7 @@ resolution methods will be attempted in this order. </para></listitem>
<!ENTITY stdarg.netbios.name '
<varlistentry>
-<term>-n <primary NetBIOS name></term>
+<term>-n|--netbiosname <primary NetBIOS name></term>
<listitem><para>This option allows you to override
the NetBIOS name that Samba uses for itself. This is identical
to setting the <smbconfoption><name>netbios name</name></smbconfoption> parameter in the &smb.conf; file.
@@ -318,7 +318,7 @@ line setting will take precedence over settings in
<!ENTITY stdarg.scope '
<varlistentry>
-<term>-i <scope></term>
+<term>-i|--scope <scope></term>
<listitem><para>This specifies a NetBIOS scope that
<command>nmblookup</command> will use to communicate with when
generating NetBIOS names. For details on the use of NetBIOS
@@ -340,7 +340,7 @@ SAM (as opposed to the Domain SAM). </para></listitem>
<!ENTITY stdarg.socket.options '
<varlistentry>
-<term>-O socket options</term>
+<term>-O|--socket-options socket options</term>
<listitem><para>TCP socket options to set on the client
socket. See the socket options parameter in
the &smb.conf; manual page for the list of valid
@@ -357,7 +357,7 @@ options. </para></listitem>
<!ENTITY stdarg.nopass '
<varlistentry>
-<term>-N</term>
+<term>-N|--no-pass</term>
<listitem><para>If specified, this parameter suppresses the normal
password prompt from the client to the user. This is useful when
accessing a service that does not require a password. </para>
@@ -420,7 +420,7 @@ access from unwanted users. </para></listitem>
<!ENTITY stdarg.kerberos '
<varlistentry>
-<term>-k</term>
+<term>-k|--kerberos</term>
<listitem><para>
Try to authenticate with kerberos. Only useful in
an Active Directory environment.
diff --git a/docs-xml/manpages-3/eventlogadm.8.xml b/docs-xml/manpages-3/eventlogadm.8.xml
index 4c399a3..c104120 100644
--- a/docs-xml/manpages-3/eventlogadm.8.xml
+++ b/docs-xml/manpages-3/eventlogadm.8.xml
@@ -111,7 +111,7 @@
<varlistentry>
<term>
<option>-o</option>
- <literal>write</literal>
+ <literal>dump</literal>
<replaceable>EVENTLOG</replaceable>
<replaceable>RECORD_NUMBER</replaceable>
</term>
diff --git a/docs-xml/manpages-3/mount.cifs.8.xml b/docs-xml/manpages-3/mount.cifs.8.xml
index 372b477..d930600 100644
--- a/docs-xml/manpages-3/mount.cifs.8.xml
+++ b/docs-xml/manpages-3/mount.cifs.8.xml
@@ -477,12 +477,35 @@ permissions in memory that can't be stored on the server. This information can d
<varlistentry>
<term>noserverino</term>
- <listitem><para>client generates inode numbers (rather than using the actual one
- from the server) by default.
+ <listitem>
+ <para>
+ Client generates inode numbers (rather than
+ using the actual one from the server) by default.
+ </para>
+ <para>
+ See section <emphasis>INODE NUMBERS</emphasis> for
+ more information.
</para></listitem>
</varlistentry>
<varlistentry>
+ <term>nounix</term>
+ <listitem>
+ <para>
+ Disable the CIFS Unix Extensions for this mount. This
+ can be useful in order to turn off multiple settings at once.
+ This includes POSIX acls, POSIX locks, POSIX paths, symlink
+ support and retrieving uids/gids/mode from the server. This
+ can also be useful to work around a bug in a server that
+ supports Unix Extensions.
+ </para>
+ <para>
+ See section <emphasis>INODE NUMBERS</emphasis> for
+ more information.
+ </para> </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>nouser_xattr</term>
<listitem><para>(default) Do not allow getfattr/setfattr to get/set xattrs, even if server would support it otherwise. </para></listitem>
</varlistentry>
@@ -533,6 +556,33 @@ permissions in memory that can't be stored on the server. This information can d
</refsect1>
<refsect1>
+ <title>INODE NUMBERS</title>
+ <para>
+ When Unix Extensions are enabled, we use the actual inode
+ number provided by the server in response to the POSIX calls as an
+ inode number.
+ </para>
+ <para>
+ When Unix Extensions are disabled and "serverino" mount option
+ is enabled there is no way to get the server inode number. The
+ client typically maps the server-assigned "UniqueID" onto an inode
+ number.
+ </para>
+ <para>
+ Note that the UniqueID is a different value from the server
+ inode number. The UniqueID value is unique over the scope of the entire
+ server and is often greater than 2 power 32. This value often makes
+ programs that are not compiled with LFS (Large File Support), to
+ trigger a glibc EOVERFLOW error as this won't fit in the target
+ structure field. It is strongly recommended to compile your programs
+ with LFS support (i.e. with -D_FILE_OFFSET_BITS=64) to prevent this
+ problem. You can also use "noserverino" mount option to generate inode
+ numbers smaller than 2 power 32 on the client. But you may not be able
+ to detect hardlinks properly.
+ </para>
+</refsect1>
+
+<refsect1>
<title>FILE AND DIRECTORY OWNERSHIP AND PERMISSIONS</title>
<para> The core CIFS protocol does not provide unix ownership
diff --git a/docs-xml/manpages-3/pam_winbind.8.xml b/docs-xml/manpages-3/pam_winbind.8.xml
index f8c4375..14f4e70 100644
--- a/docs-xml/manpages-3/pam_winbind.8.xml
+++ b/docs-xml/manpages-3/pam_winbind.8.xml
@@ -62,7 +62,9 @@
file situated at
<filename>/etc/security/pam_winbind.conf</filename>. Options
from the PAM configuration file take precedence to those from
- the configuration file.
+ the configuration file. See
+ <citerefentry><refentrytitle>pam_winbind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for further details.
<variablelist>
@@ -231,6 +233,8 @@
<refsect1>
<title>SEE ALSO</title>
<para><citerefentry>
+ <refentrytitle>pam_winbind.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
<refentrytitle>wbinfo</refentrytitle>
<manvolnum>1</manvolnum></citerefentry>, <citerefentry>
<refentrytitle>winbindd</refentrytitle>
diff --git a/docs-xml/manpages-3/pam_winbind.conf.5.xml b/docs-xml/manpages-3/pam_winbind.conf.5.xml
new file mode 100644
index 0000000..113515c
--- /dev/null
+++ b/docs-xml/manpages-3/pam_winbind.conf.5.xml
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="pam_winbind.conf.5">
+
+<refmeta>
+ <refentrytitle>pam_winbind.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="source">Samba</refmiscinfo>
+ <refmiscinfo class="manual">5</refmiscinfo>
+ <refmiscinfo class="version">3.6</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+ <refname>pam_winbind.conf</refname>
+ <refpurpose>Configuration file of PAM module for Winbind</refpurpose>
+</refnamediv>
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>This configuration file is part of the <citerefentry><refentrytitle>samba</refentrytitle>
+ <manvolnum>7</manvolnum></citerefentry> suite.</para>
+
+ <para>
+ pam_winbind.conf is the configuration file for the pam_winbind PAM
+ module. See
+ <citerefentry><refentrytitle>pam_winbind</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ for further details.
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>SYNOPSIS</title>
+
+ <para>
+ The pam_winbind.conf configuration file is a classic ini-style
+ configuration file. There is only one section (global) where
+ various options are defined.
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>OPTIONS</title>
+ <para>
+
+ pam_winbind supports several options which can either be set in
+ the PAM configuration files or in the pam_winbind configuration
+ file situated at
+ <filename>/etc/security/pam_winbind.conf</filename>. Options
+ from the PAM configuration file take precedence to those from
+ the pam_winbind.conf configuration file.
+
+ <variablelist>
+
+ <varlistentry>
+ <term>debug = yes|no</term>
+ <listitem><para>Gives debugging output to syslog. Defaults to "no".</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>debug_state = yes|no</term>
+ <listitem><para>Gives detailed PAM state debugging output to syslog. Defaults to "no".</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>require_membership_of = [SID or NAME]</term>
+ <listitem><para>
+ If this option is set, pam_winbind will only succeed if the user is a member of the given SID or NAME. A SID
+ can be either a group-SID, an alias-SID or even an user-SID. It is also possible to give a NAME instead of the
+ SID. That name must have the form: <parameter>MYDOMAIN\\mygroup</parameter> or
+ <parameter>MYDOMAIN\\myuser</parameter>. pam_winbind will, in that case, lookup the SID internally. Note that
+ NAME may not contain any spaces. It is thus recommended to only use SIDs. You can verify the list of SIDs a
+ user is a member of with <command>wbinfo --user-sids=SID</command>. This setting is empty by default.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>try_first_pass = yes|no</term>
+ <listitem><para>
+ By default, pam_winbind tries to get the authentication token from a previous module. If no token is available
+ it asks the user for the old password. With this option, pam_winbind aborts with an error if no authentication
+ token from a previous module is available. If a primary password is not valid, PAM will prompt for a password.
+ Default to "no".
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>krb5_auth = yes|no</term>
+ <listitem><para>
+
+ pam_winbind can authenticate using Kerberos when winbindd is
+ talking to an Active Directory domain controller. Kerberos
+ authentication must be enabled with this parameter. When
+ Kerberos authentication can not succeed (e.g. due to clock
+ skew), winbindd will fallback to samlogon authentication over
+ MSRPC. When this parameter is used in conjunction with
+ <parameter>winbind refresh tickets</parameter>, winbind will
+ keep your Ticket Granting Ticket (TGT) uptodate by refreshing
+ it whenever necessary. Defaults to "no".
+
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>krb5_ccache_type = [type]</term>
+ <listitem><para>
+
+ When pam_winbind is configured to try kerberos authentication
+ by enabling the <parameter>krb5_auth</parameter> option, it can
+ store the retrieved Ticket Granting Ticket (TGT) in a
+ credential cache. The type of credential cache can be set with
+ this option. Currently the only supported value is:
+ <parameter>FILE</parameter>. In that case a credential cache in
+ the form of /tmp/krb5cc_UID will be created, where UID is
+ replaced with the numeric user id. Leave empty to just do
+ kerberos authentication without having a ticket cache after the
+ logon has succeeded. This setting is empty by default.
+
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>cached_login = yes|no</term>
+ <listitem><para>
+ Winbind allows to logon using cached credentials when <parameter>winbind offline logon</parameter> is enabled. To use this feature from the PAM module this option must be set. Defaults to "no".
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>silent = yes|no</term>
+ <listitem><para>
+ Do not emit any messages. Defaults to "no".
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mkhomedir = yes|no</term>
+ <listitem><para>
+ Create homedirectory for a user on-the-fly, option is valid in
+ PAM session block. Defaults to "no".
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>warn_pwd_expire = days</term>
+ <listitem><para>
+ Defines number of days before pam_winbind starts to warn about passwords that are
+ going to expire. Defaults to 14 days.
+ </para></listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </para>
+
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+ <para><citerefentry>
+ <refentrytitle>pam_winbind</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry>
+ <refentrytitle>wbinfo</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>, <citerefentry>
+ <refentrytitle>winbindd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry>
+ <refentrytitle>smb.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry></para>
+</refsect1>
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>This man page is correct for version 3 of Samba.</para>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>
+ The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by
+ the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
+ </para>
+
+ <para>This manpage was written by Jelmer Vernooij and Guenther Deschner.</para>
+
+</refsect1>
+
+</refentry>
diff --git a/docs-xml/manpages-3/pdbedit.8.xml b/docs-xml/manpages-3/pdbedit.8.xml
index d0ea811..2be49a1 100644
--
Samba Shared Repository
More information about the samba-cvs
mailing list