58 Commits

Author	SHA1	Message	Date
Alexander Bokovoy	761cb71838	Support requests for DOMAIN$ account for trusted domains in ipasam module ... https://fedorahosted.org/freeipa/ticket/2870	2012-06-28 07:57:29 +02:00
Sumit Bose	20fce97dfa	ipasam: remove unused struct elements	2012-06-11 12:03:09 +02:00
Sumit Bose	b367c9ee7e	Use exop instead of kadmin.local	2012-06-11 09:40:59 +02:00
Alexander Bokovoy	27c24ff7be	ipa-sam: update sid_to_id() interface to follow passdb API changes in Samba ... Commit a6e29f23f09ba5b6b6d362f7683ae8088bc0ba85 in Samba changed id mapping API in passdb interface to use 'struct unixid'. The change replaced three arguments (uid, gid, type) by one (struct unixid). As result, ipa-sam became broken. Without this change ipa-sam introduces stack corruption in Samba post 4.0.0alpha18 leading to corrupted security context stack as well and then crashing in setgroups(3).	2012-06-07 09:39:10 +02:00
Alexander Bokovoy	bd0d858043	Add trust-related ACIs ... A high-level description of the design and ACIs for trusts is available at https://www.redhat.com/archives/freeipa-devel/2011-December/msg00224.html and https://www.redhat.com/archives/freeipa-devel/2011-December/msg00248.html Ticket #1731	2012-06-07 09:39:10 +02:00
Alexander Bokovoy	b32204fccc	Add separate attribute to store trusted domain SID ... We need two attributes in the ipaNTTrustedDomain objectclass to store different kind of SID. Currently ipaNTSecurityIdentifier is used to store the Domain-SID of the trusted domain. A second attribute is needed to store the SID for the trusted domain user. Since it cannot be derived safely from other values and since it does not make sense to create a separate object for the user a new attribute is needed. https://fedorahosted.org/freeipa/ticket/2191	2012-06-07 09:39:09 +02:00
Sumit Bose	808e75c13d	Add a second module init call for newer samba versions	2011-12-09 15:57:49 -05:00
Sumit Bose	edb6ed5007	Add ipasam samba passdb backend ... https://fedorahosted.org/freeipa/ticket/1874	2011-12-06 08:29:53 -05:00