summaryrefslogtreecommitdiffstats
path: root/source3/libnet/libnet_join.c
Commit message (Collapse)AuthorAgeFilesLines
* allow net ads join accept new osServicePack parameterNoel Power2015-01-081-2/+13
| | | | | | | | | | | | | | | | | | | osServicePack paramater allows the default behaviour ( which is to use the samba version string as the operatingSystemServicePack attribute ) to be overridden Additionally make sure if blank string is passed that it is treated as attribute deletion. This is necessary as values for the os attributes are eventually passed to ads_modlist_add if the value is "" then the attempt to add this attribute fails in the underlying ldap 'ldap_modfiy_ext_s' function. In this case we need to pass NULL as the value to force deletion of the ldap attribute Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jan 8 00:18:05 CET 2015 on sn-devel-104
* auth: Allow domain join to itself when we are a PDCAndrew Bartlett2014-12-111-1/+3
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10891 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* netapi: Move DC check to NetJoinDomain() where it is needed.Andrew Bartlett2014-12-111-4/+0
| | | | | | | | | | This partially reverts 15f6e27bd5a9065c8b781fa21f5989ce2c355776. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10891 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* samba: pass down size_t instead of int to add_string_to_array().Günther Deschner2014-11-171-2/+2
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Nov 17 19:53:22 CET 2014 on sn-devel-104
* s3-winbindd: Attempt to connect to NETLOGON over NCACN_IP_TCP if we canAndrew Bartlett2014-10-081-2/+2
| | | | | | | | | | | | This is very helpful in the trusted domain situation, as we may not have a two-way trust but we can use our domain trust account to set up a connection to NETLOGON Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Oct 8 12:48:15 CEST 2014 on sn-devel-104
* s3-libnet: set list of allowed krb5 encryption types in AD >= 2008.Günther Deschner2014-09-261-0/+65
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-libnet: Make sure we do not overwrite precreated SPNs.Günther Deschner2014-09-261-3/+36
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984 Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Sep 26 08:22:45 CEST 2014 on sn-devel-104
* s3-libnet: Add libnet_join_get_machine_spns().Andreas Schneider2014-09-261-0/+20
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3-libnet: Improve error message.Andreas Schneider2014-07-021-1/+3
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Jul 2 16:54:10 CEST 2014 on sn-devel-104
* s3-kerberos: remove unused kdc_name from ↵Günther Deschner2014-03-071-2/+1
| | | | | | | | | | | | create_local_private_krb5_conf_for_domain(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Mar 7 18:43:57 CET 2014 on sn-devel-104
* s3:libnet: use rpccli_{create,setup}_netlogon_creds() in ↵Stefan Metzmacher2014-01-071-15/+51
| | | | | | | libnet_join_joindomain_rpc_unsecure Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libnet_join: make use of rpccli_{create,setup}_netlogon_creds()Stefan Metzmacher2014-01-071-30/+80
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpc_client: use netlogon_creds_cli_auth_level() in ↵Stefan Metzmacher2014-01-071-1/+0
| | | | | | | | | | cli_rpc_pipe_open_schannel_with_key() This means the auth level is now based on the "winbindd sealed pipes" option, defaulting to "yes" and DCERPC_AUTH_LEVEL_PRIVACY. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpc_client: make use of the new netlogon_creds_cli_contextStefan Metzmacher2014-01-071-1/+2
| | | | | | | | | | | | | | | This exchanges rpc_pipe_client->dc with rpc_pipe_client->netlogon_creds and lets the secure channel session state be stored in node local database. This is the proper fix for a large number of bugs: https://bugzilla.samba.org/show_bug.cgi?id=6563 https://bugzilla.samba.org/show_bug.cgi?id=7944 https://bugzilla.samba.org/show_bug.cgi?id=7945 https://bugzilla.samba.org/show_bug.cgi?id=7568 https://bugzilla.samba.org/show_bug.cgi?id=8599 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.Jeremy Allison2013-12-091-0/+16
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-libnet: Use a const char for realm.Andreas Schneider2013-11-151-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 15 23:11:54 CET 2013 on sn-devel-104
* s3-libnetjoin: Fix Bug #10262: use upper-case realm when composing default upn.Günther Deschner2013-11-121-1/+16
| | | | | | | | | | | | | | | In case we are about to generate a keytab during the join make sure the default upn we create is usable with kinit -k. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10262 Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Nov 12 16:39:03 CET 2013 on sn-devel-104
* s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher2013-08-101-1/+2
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libnet: let the caller truncate the pw in ↵Stefan Metzmacher2013-08-051-14/+1
| | | | | | | libnet_join_joindomain_rpc_unsecure() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-libnetjoin: add machine_name length check.Günther Deschner2013-08-051-0/+9
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3: libnet_join: use admin_domain in libnetjoin.Günther Deschner2013-08-051-1/+26
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().Günther Deschner2013-08-051-4/+4
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-rpc_cli: pass down ndr_interface_table to ↵Günther Deschner2013-08-051-1/+1
| | | | | | | | | | cli_rpc_pipe_open_schannel_with_key(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet increase timeout for machine password changeChristian Ambach2013-03-051-0/+9
| | | | | | | | | | DCs might run password filter modules that can delay the setting of the machine password for a significant amount of time use the same timeout as in the other paths of domain join (e.g. rpccli_netlogon_set_trust_password) Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Make sure that domain joins work correctly when the DC disallows NTLM auth.Richard Sharpe2013-02-271-3/+11
| | | | | | | | Signed-Off-By: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-By: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Feb 27 21:49:25 CET 2013 on sn-devel-104
* s3: use generate_random_password() instead of generate_random_str()Stefan Metzmacher2013-02-041-2/+6
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Correctly check for errors in strlower_m() returns.Jeremy Allison2012-08-091-4/+14
|
* Check error returns from strupper_m() (in all reasonable places).Jeremy Allison2012-08-091-2/+7
|
* s3:libnet_join: make use of cli_get_session_key() in ↵Stefan Metzmacher2012-08-011-2/+12
| | | | | | libnet_join_joindomain_rpc() metze
* lib/param: Move all enum declarations to lib/paramAndrew Bartlett2012-07-241-0/+1
| | | | | | | | This is in preperation for the parameter table being made common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
* s3:libsmb: get rid of cli_state_remote_nameLuk Claes2012-05-281-3/+3
| | | | | Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb: get rid of cli_state_*_sockaddrLuk Claes2012-05-281-1/+2
| | | | | Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett2012-03-041-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
* s3:libnet: s/Undefined/SMB_SIGNING_DEFAULT/Stefan Metzmacher2011-11-031-3/+3
| | | | metze
* s3-libnet: allow to use default krb5 ccache in libnet_Join/libnet_Unjoin.Günther Deschner2011-09-211-31/+0
| | | | | | | | | We force using a MEMORY ccache though in the wkssvc server. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Sep 21 19:13:33 CEST 2011 on sn-devel-104
* s3-libnet: add missing newlines in debug statement.Günther Deschner2011-09-141-2/+2
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Sep 14 15:52:10 CEST 2011 on sn-devel-104
* s3:libnet_join: use lp_load_global() wrapper of lp_load()Michael Adam2011-07-281-2/+2
|
* s3:libnet_join: make use of cli_state_remote_name()Stefan Metzmacher2011-07-221-3/+6
|
* s3:libnet: use cli_state_remote_sockaddr() in libnet_DomainJoin()Stefan Metzmacher2011-07-221-1/+1
| | | | metze
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-2/+2
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-lib Replace StrCaseCmp() with strcasecmp_m()Andrew Bartlett2011-05-181-2/+2
| | | | | | | strcasecmp_m() never needs to call to talloc, and via next_codepoint() still has an ASCII fast-path bypassing iconv() calls. Andrew Bartlett
* s3-libnetjoin: fix uninitialized variable.Günther Deschner2011-05-131-2/+2
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri May 13 01:22:18 CEST 2011 on sn-devel-104
* s3-libnetapi/libnetjoin: fix uninitialized variables after the libsmbconf ↵Günther Deschner2011-05-131-1/+1
| | | | | | changes. Guenther
* libsmbconf: Convert smbconf_delete_parameter() to sbcErr.Andreas Schneider2011-05-101-2/+5
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* libsmbconf: Convert smbconf_set_parameter() to sbcErr.Andreas Schneider2011-05-101-16/+38
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* libsmbconf: Convert smbconf_init() to sbcErr.Andreas Schneider2011-05-101-4/+8
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* s3-libsmb: move protos to libsmb/proto.hGünther Deschner2011-05-061-0/+1
| | | | Guenther
* s3:rpc_client: map fault codes to NTSTATUS with dcerpc_fault_to_nt_status()Stefan Metzmacher2011-04-241-1/+1
| | | | | | | | | | | | | Most fault codes have a NTSTATUS representation, so use that. This brings the fault handling in common with the source4/librpc/rpc code, which make it possible to share more highlevel code, between source3 and source4 as the error checking can be the same now. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Apr 24 10:44:53 CEST 2011 on sn-devel-104
* s3: For net ads join, create a krb5.confVolker Lendecke2011-04-121-0/+5
| | | | | | | Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Apr 12 14:10:05 CEST 2011 on sn-devel-104
* s3: Initialize output in libnet_JoinVolker Lendecke2011-04-121-0/+2
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
generated by cgit (git 2.34.1) at 2024-06-28 07:36:28 +0000