- 19 Oct, 2021 8 commits
-
-
Andrew authored
Address a couple of typos preventing tests from running. Remove SMB share directory after SMB test completes
-
Andrew authored
This is an initial set of tests to cover very basic AD funcitonality in a clustered enviornment. The tests join AD, verify that AD users/groups are visible on all cluster nodes, verify that kerberos settings are configured correctly on all cluster nodes, then leaves the activedirectory domain and verifies that the cluster no longer reports as being joined to activedirectory.
-
themylogin authored
-
Caleb St. John authored
-
Andrew authored
This series of tests verifies that SMB share parameters are applied and read correctly on clustered server.
-
Andrew authored
-
Andrew authored
Add tests validating that we can stat, getacl, setacl, chown, chmod, etc on fuse-mounted gluster paths.
-
Andrew authored
There have been a couple of cases of users following bad advice and changing owner of these files. Log a warning and fix them during SMB configure.
-
- 18 Oct, 2021 2 commits
-
-
Waqar Ahmed authored
This commit adds changes to have proftpd-mod-crypto as a dependency for scale as modules required for TLS are not available in proftpd package and this package provides the relevant modules for TLS with proftpd to function.
-
Andrew authored
Time machine uses _adisk._tcp. mDNS SRV record to determine whether the target server is capable of serving as a time machine backup target. Users should not be able to disable mDNS if a timemachine SMB share is configured, and likewise users should not be able to enable or create a time machine target if mDNS is disabled.
-
- 16 Oct, 2021 1 commit
-
-
Caleb St. John authored
-
- 15 Oct, 2021 4 commits
-
-
Andrew authored
-
Andrew authored
* Fix issue with RID collision on creating new passdb users When pdb_default_create_user() in souce3/passdb in samba creates a new passdb entry, it automatically allocates generates a new SID for user based on nex_rid counter in passdb.tdb. Middleware keeps its own RID counter to ensure consistency between user and group RIDs across updates. Unfortunately, the passdb's next_rid function is not aware of manually allocated SIDs and so it's possible to generate a collision during new RID allocation and have it fail with STATUS_OBJECT_NAME_COLLISION even if `pdbedit` command specifies exact RID to use for new entry. This is because in this case the new passdb entry is generated with an auto-incremented RID and then updated to have the specified SID/RID. To address this issue, this PR introduces the following changes: 1) passdb.tdb is shifted to a tmpfs filesystem, which will reset the next_rid counter and also provide performance improvement compared to potentially slow boot medium. The information used to populate the passdb entry is already stored in our sqlite database. 2) bump up low end of middleware's next_rid so that new RIDs allocated will be a minimum of 10000, which will avoid passdb-allocated RIDs (start at 1000). * Fix omitted tdbsam prefix
-
Andrew authored
This validation should never fail, but it will potentially catch edge-case bugs where partially configured directory services try to get kerberos tickets. Allow kerberos principal from LDAP plugin
-
Andrew authored
Incorrect permissions on this directory will prevent winbindd from starting.
-
- 14 Oct, 2021 10 commits
-
-
Waqar Ahmed authored
We recently saw a reporter for whome a configuration file which we were relying on to exist didn't exist and resulted in failed migration. This commit adds changes to not rely on this and instead use setserial. It also removes size from the payload as that's not used anywhere.
-
Waqar Ahmed authored
This commit adds changes to not take into account any user properties when configuring k8s datasets as they are not being used by us and will result in failure when we operate on properties below.
-
Andrew authored
add_nfs_spn now expects netbios name and domain name to be provided explicitly.
-
Kris Moore authored
-
themylogin authored
-
themylogin authored
-
Waqar Ahmed authored
-
Waqar Ahmed authored
-
Caleb St. John authored
-
Tom Goodsell authored
-
- 13 Oct, 2021 14 commits
-
-
themylogin authored
-
themylogin authored
-
themylogin authored
-
Andrew authored
The reset_smb operation is failing due to improvements in validation of SMB server and share configuration. Specifically, aapl extension support cannot be disabled if any SMB shares are configured for time machine. This PR fixes the order of the server configuration reset steps prior to testing auxiliary parameter support so that time machine is disabled before disabling aapl extension support.
-
Andrew authored
During testing it was determined that AD leave can take more than 60 seconds in some environments (or when server is clustered), and so the method was converted to a middleware job. Fix API tests to also wait for the job to complete.
-
themylogin authored
-
themylogin authored
(cherry picked from commit bd4c519e356846369639e493e4c58a0ffc82cdb8)
-
themylogin authored
(cherry picked from commit 007b99aa7a044a3be1927d0cfb068cffc17c597f)
-
Andrew authored
NAS-112847 / 22.02-RC.2 / Fix invalid realm info in auto-generated realm and add job progress to activedirectory.leave (#7676) kerberos.realm.direct_create bypasses the plugin's compress method and so we need to insert empty strings for kdc, admin server, and kpasswd server. The activedirectory.leave method was converted into a middleware job, but progress messages were not added. Add these and also ensure that the idmap service is restarted after the domain is left and Samba reconfigured.
-
Caleb St. John authored
-
themylogin authored
-
themylogin authored
-
themylogin authored
-
Andrew authored
-
- 12 Oct, 2021 1 commit
-
-
Andrew authored
-