summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* s4-drs: Added check for drs-manage-topology to updateRefs.Nadezhda Ivanova2010-09-281-7/+9
|
* s4-drs: Added drs_security_access_check functionNadezhda Ivanova2010-09-282-0/+64
| | | | | It takes a security token, an ldb_context, and the desired CAR and checks if the principal has this CAR granted
* s4-dsdb: adapted check_access_on_dn for use in drs.Nadezhda Ivanova2010-09-281-9/+10
|
* heimdal Fix DNS name qualification to not mangle IP addressesAndrew Bartlett2010-09-291-5/+23
| | | | | | | | | If the host running this code used IPv6 forms for IPv4 addreses then the check for '.' would not be sufficient to determine that this isn't a name we should mangle. Instead, check if it can be parsed as a numeric address first, and only then mangle. Andrew Bartlett
* s4-kdc Handle the case where we may be given a ticket from an RODC in db layerAndrew Bartlett2010-09-296-37/+83
| | | | | | | | This includes rewriting the PAC if the original krbtgt isn't to be trusted, and reading different entries from the DB for the krbtgt depending on the krbtgt number. Andrew Bartlett
* heimdal Add an error code for use in the RODCAndrew Bartlett2010-09-291-0/+1
| | | | | | | | | | In this case, the whole request packet should be forwarded to a real KDC, with full secrets, as we don't have the password. This could also be used to implement 'play dead when the LDAP server is down'. Andrew Bartlett
* heimdal Add support for extracting a particular KVNO from the databaseAndrew Bartlett2010-09-297-19/+54
| | | | | | | | | This should allow master key rollover. (but the real reason is to allow multiple krbtgt accounts, as used by Active Directory to implement RODC support) Andrew Bartlett
* s4-kdc Add common setup, handle RODC setup caseAndrew Bartlett2010-09-295-73/+156
| | | | | | | | | | This means we just set up the system_session etc in one place and don't diverge between the MIT and Heimdal plugins. We also now determine if we are an RODC and store some details that we will need later. Andrew Bartlett
* s4-dsdb Add ldb_reset_err_string() when we set error codes.Andrew Bartlett2010-09-292-0/+4
| | | | If we don't we could show an old, incrorrect error
* s4-dsdb Make samdb_reference_dn() use dsdb_search() and DSDB_SEARCH_ONE_ONLYAndrew Bartlett2010-09-291-7/+8
| | | | | | | | This simplifies the function. While doing so, also change the error string setting to set a really clear error string for the failure to find and failure to parse cases. Andrew Bartlett
* s4-kdc Add function to determine if a hdb entry is a RODCAndrew Bartlett2010-09-292-0/+18
| | | | | | This is important, as we must ignore the PAC from an RODC. Andrew Bartlett
* s4-kdc Use msDS-SecondaryKrbTgtNumber to fill in the full KVNOAndrew Bartlett2010-09-292-1/+19
| | | | Andrew Bartlett
* s4-dsdb Fix segfault in error case in rootdse moduleAndrew Bartlett2010-09-291-1/+4
|
* Make upgrade procedure more explicit.Michael Wood2010-09-291-3/+5
| | | | | Add in a compile step. Change the tar command to include the recommended dirs.
* s3-waf: add AUTH_SCRIPT module to AUTH subsystem (which is build as sharedGünther Deschner2010-09-281-0/+7
| | | | | | module by default). Guenther
* s3-waf: add vfs_linux_xfs_sgid to the list of default shared modules.Günther Deschner2010-09-281-1/+1
| | | | Guenther
* s3: Attempt to fix bug 7518Volker Lendecke2010-09-281-6/+6
| | | | | | | | | | | If select returns -1, we can't rely on the fd sets. The current code might loop endlessly because when putting an invalid fd (the closed socket?) on the read set, a select implementation might choose not to touch it but directly return with EINVAL. Thus run_events will see the socket readable, which leads to a "return true", and thus a NT_STATUS_RETRY -> same game again. We should never get into this situation, but to me the logfiles given in bug 7518 do not reveal enough information to understand how this can happen.
* s3: Increase the debuglevel for connection termination msgsVolker Lendecke2010-09-281-2/+2
|
* s3-waf: fix dependencies in most of our module subsystems.Günther Deschner2010-09-284-23/+3
| | | | Guenther
* s3-waf: add pam_smbpass.Günther Deschner2010-09-283-6/+18
| | | | Guenther
* s3-auth_util: make sure the system server info actually contains S-1-5-18.Günther Deschner2010-09-281-0/+9
| | | | | | | | | Without this, all security descriptor checks for the winreg spoolss backend fail and make our spoolss system in its current shape basically unusable. Andreas, please check. Guenther
* s3-printing: remove unused old structs.Günther Deschner2010-09-281-60/+0
| | | | Guenther
* ldb: Fix path to alternative buildtools.Jelmer Vernooij2010-09-281-1/+1
|
* samba4: Don't update Makefile/configure from autogen.sh.Jelmer Vernooij2010-09-282-2/+12
|
* ldb/tevent: Fix detection of waf paths.Jelmer Vernooij2010-09-284-4/+22
|
* tevent: Remove make targets that are not relevant for tevent.Jelmer Vernooij2010-09-281-8/+0
|
* tevent: Don't update Makefile/configure files.Jelmer Vernooij2010-09-282-2/+12
|
* ldb: Update autogen-waf.sh to no longer overwrite existing files.Jelmer Vernooij2010-09-282-2/+12
|
* ldb: Remove samba-specific targets from Makefile.Jelmer Vernooij2010-09-281-8/+0
|
* ldb: Bump version because of addition of ldb_req_location.Jelmer Vernooij2010-09-281-1/+1
|
* format-subunit: Display number of failed tests even if there are noJelmer Vernooij2010-09-281-1/+3
| | | | failed testsuites.
* selftest: Abort early on SIGPIPE.Jelmer Vernooij2010-09-282-0/+9
|
* Add dedicated exception for immediate failure in filter-subunit, don't raise ↵Jelmer Vernooij2010-09-282-4/+14
| | | | it on known exceptions.
* s4-selftest: added a --fail-immediately option to s4 testAndrew Tridgell2010-09-281-0/+7
| | | | | | | this can be used to force an immediate test failure on the first failed test case. You can also use: make test FAIL_IMMEDIATELY=1
* filter-subunit: added a --fail-immediately optionAndrew Tridgell2010-09-282-2/+11
|
* s4-provision: fixed the authority response for our SOA recordAndrew Tridgell2010-09-281-1/+1
| | | | | | | some clients rely on this being the hostname, not the domain Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Sep 28 06:39:19 UTC 2010 on sn-devel-104
* s4-dns: implemented RODC DNS update in dns update taskAndrew Tridgell2010-09-271-0/+199
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-netlogon: added RODC DNS update call fwded to dnsupdate taskAndrew Tridgell2010-09-272-4/+100
| | | | | when we get a netlogon RODC DNS update, we send it to the dnsupdate task
* s4-dns: added --update-list option to samba_dnsupdateAndrew Tridgell2010-09-271-8/+14
| | | | this allows us to use it for RODC netlogon updates
* pidl: added ifdef guards around ndr headersAndrew Tridgell2010-09-271-1/+16
| | | | this prevents us parsing the leading headers needlessly
* s4-kdc: added ifdef guards in kdc.hAndrew Tridgell2010-09-271-0/+5
| | | | this prevents too much recursion in the compiler preprocessor
* s4-ldb: removed an unused variableAndrew Tridgell2010-09-271-1/+0
|
* s4-kcc: fixed a incorrect context to kcctpl_get_all_bridgehead_dcsAndrew Tridgell2010-09-271-1/+1
|
* s4-dsdb: added samdb_find_site_for_computer() and ↵Andrew Tridgell2010-09-271-0/+57
| | | | | | | | samdb_find_ntdsguid_for_computer() these will be used by the new RODC dns update code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-auth: removed unused variable dom_sidAndrew Tridgell2010-09-271-1/+1
|
* s3: Lift smbd_messaging_context() from open_sockets_smbd()Volker Lendecke2010-09-281-16/+14
|
* s3: Remove two calls to procid_self()Volker Lendecke2010-09-281-2/+4
|
* s3: Remove talloc_autofree_context() from myhostname()Volker Lendecke2010-09-281-3/+1
| | | | No destructor needed, so we can as well use the NULL context
* s3: Remove some remaining files.c globals to sconnVolker Lendecke2010-09-283-53/+49
|
* s3: Remove talloc_autofree_context() from files.cVolker Lendecke2010-09-283-7/+10
|
generated by cgit (git 2.34.1) at 2025-09-25 10:31:34 +0000