| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This comes from Windows 2019 which supports FAST.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
string)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This takes the realm from the LDAP base DN and so avoids one
easy mistake to make. So far the NT4 domain name is not
auto-detected, so much be read from the smb.conf.
By using .guess() the smb.conf is read for the unspecified
parts (eg workstation for an NTLM login to the LDAP server if
the target server is an IP address).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This naturally does not change the test, but reduces developer
confusion.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
This test passed against Samba but failed against Windows when
an enterprise principal (user@domain.com@REALM) was encoded as
NT_PRINCIPAL.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Add new python test to document the differences between the MIT and
Heimdal Kerberos implementations.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Originally copied from 'source4/scripting/devel/createtrust'
(had to drop the TRUST_AUTH_TYPE_VERSION part though, as it
fails against samba DC).
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
This reverts commit eb0474d27bae4592b25ac6bf600da29c6a1cb9f8.
|
|
Add python canonicalization tests, loosely based on the code in
source4/torture/krb5/kdc-canon-heimdal.c. The long term goal is to move
the integration level tests out of kdc-canon-heimdal, leaving it as a
heimdal library unit test.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Add the canonicalize flag to KerberosFlags, so that it can be used in
python based canonicalization tests.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Make PrincipalName_create a class method, so it can be used in helper
classes.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
When parsing a principal-like name, user name was left with full
principal instead of taking only the left part before '@' sign.
>>> from samba import credentials
>>> t = credentials.Credentials()
>>> t.parse_string('admin@realm.test', credentials.SPECIFIED)
>>> t.get_username()
'admin@realm.test'
The issue is that cli_credentials_set_username() does a talloc_strdup()
of the argument, so we need to change order of assignment to allow
talloc_strdup() to copy the right part of the string.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov 4 00:19:25 UTC 2020 on sn-devel-184
|
|
Can be used to unlock a user when the badPwdCount has been reached.
Introduces SamDB error classes, as suggested by
Douglas Bagnall <douglas.bagnall@catalyst.net.nz> - thanks!
This helps to handle expected failures.
Tracebacks of really unexpected failures will not be hidden.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
The error 'uidNumber xxx is already being used.' in the samba tool tests
occurs when the random.randint functions returns the same value twice and
therefore a user or group with an already used gid or uid should be created.
Avoid this error by adding a list that stores the used IDs, so that the randomXid
function can check wheter a value is already used before returning it.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 29 18:54:24 UTC 2020 on sn-devel-184
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
`dnspython` 2.0.0 has many changes and several deprecations like:
```
> dns.resolver.resolve() has been added, allowing control of whether
search lists are used. dns.resolver.query() is retained for backwards
compatibility, but deprecated. The default for search list behavior can
be set at in the resolver object with the use_search_by_default
parameter. The default is False.
> dns.resolver.resolve_address() has been added, allowing easy
address-to-name lookups.
```
The new class `DNSResolver`:
- provides the compatibility layer
- defaults the previous behavior (the search list configured in the
system's resolver configuration is used for relative names)
- defaults lifetime to 15sec (determines the number of seconds
to spend trying to get an answer to the question)
The compatibility shim was developed by Stanislav Levin for FreeIPA and
adopted for Samba by Alexander Bokovoy.
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This fixes `make test` in a release tarball.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
This can be used in order to run a sepcific test (coded just once)
with an autogenerated set of arguments.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Pair-Programmed-With: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
The remaining compat code (get_string, get_bytes,
cmp) are useful helper routines which we should
simply merge into common (especially since there
is some duplication here).
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Fri Oct 2 14:49:36 UTC 2020 on sn-devel-184
|
|
The import dsdb needed for dsdb_Dn causes import
errors when trying to import get_bytes/get_string
in some places.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 1 02:44:09 UTC 2020 on sn-devel-184
|
|
Keep 'contact create' for compatibility reasons.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Add 'group create' command for a symmetric set of
samba-tool subcommands
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Keep 'computer create' for compatibility reasons.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Keep 'user create' for compatibility reasons.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Keep 'ou create' for compatibility reasons.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Tests the following options:
--surname
--given-name
--initials
--force-new-cn
--reset-cn
--display-name
--mail-address
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Usage: samba-tool contact rename <contactname> [options]
Rename a contact and related attributes.
This command allows to set the contact's name related attributes.
Use an empty attribute value to remove the specified attribute.
The contactname specified on the command is the CN.
Example1:
samba-tool contact rename "John Doe" --surname=Bloggs \\
--force-new-cn=John
Example1 shows how to change the surname ('sn' attribute) of a contact
'John Doe' to 'Bloggs' and change the CN to 'John' on the local server.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Tests the following options:
--samaccountname
--force-new-cn
--reset-cn
--mail-address
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Usage: samba-tool group rename <groupname> [options]
Rename a group and related attributes.
This command allows to set the group's name related attributes.
Use an empty attribute value to remove the specified attribute.
The groupname specified on the command is the sAMAccountName.
Example1:
samba-tool group rename employees --samaccountname=staff
Example1 shows how to change the sAMAaccountName of a group 'employees' to
'staff' on the local server.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Tests the following options:
--surname
--given-name
--initials
--force-new-cn
--reset-cn
--display-name
--mail-address
--samaccountname
--upn
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Usage: samba-tool user rename <username> [options]
Rename a user and related attributes.
This command allows to set the user's name related attributes. The user's
CN will be renamed automatically.
The user's new CN will be made up by combining the given-name, initials
and surname. A dot ('.') will be appended to the initials automatically.
Use the --force-new-cn option to specify the new CN manually.
The username specified on the command is the sAMAccountName.
Example1:
samba-tool user rename johndoe --surname='Bloggs'
Example1 shows how to change the surname of a user 'johndoe' to 'Bloggs' on
the local server. The user's CN will be renamed automatically, based on
the given name, initials and surname.
Pair-Programmed-With: Jule Anger <ja@sernet.de>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Add a method to construct the fullname, using the given name, the initials
and the surname.
If one of this values is empty, try to use the old one, given by an
attributs set.
If the combination is empty, the method will return the fallback-default
parameter.
Use this method to construct the CN or the displayName of users or
contacts.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Add a method to prepare a given Message to replace the given attribute.
If the given new value is None or the old value and the new value are
the same, do nothing.
If the new value is empty, prepare to replace the given attribute with
[].
Else prepare to replace the given attribute with the new value.
Use this for samdb.modify(msg).
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Sep 24 05:55:43 UTC 2020 on sn-devel-184
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Rowland Penny <rpenny@samba.org>
|
