summaryrefslogtreecommitdiffstats
path: root/source4/rpc_server
Commit message (Collapse)AuthorAgeFilesLines
* s4:rpc_server/netlogon: use irpc_binding_handle_by_name()Stefan Metzmacher2010-09-032-8/+11
| | | | metze
* s4:rpc_server/common: use irpc_binding_handle_by_name() in ↵Stefan Metzmacher2010-09-031-16/+25
| | | | | | dcesrv_irpc_forward_rpc_call() metze
* s4-drs: A quick fix for DRSUAPI_EXOP_FSMO_RID_ALLOC extended_op handlingKamen Mazdrashki2010-09-031-0/+9
| | | | | | | | | | | | When DRSUAPI_EXOP_FSMO_RID_ALLOC extended op is handled in DsGetNCChanges() stub, we need to returned a well know set of object - see: [ms-adts], 3.1.1.5.1.7 With this hack we are going to return just objects modified during RID allocation procedure - i.e. "RID Manager$", "RID Set" for computer object and computer object itself. Which is a close approximation of what we are expected to return.
* s4-trusts: fix trustDomainPasswords drsblobs IDL and server side support.Günther Deschner2010-08-251-42/+12
| | | | | | | Also remove bogus trustCurrentPasswords struct which we just had because our IDL was incorrect. Guenther
* s4:getncchanges.c - fix some counter variable typesMatthias Dieter Wallnöfer2010-08-231-3/+3
| | | | | They should be "unsigned" since they count LDB objects. And also the SID array can be counted as "unsigned".
* s4-drs: show the user sid that does the GetNCChanges callAndrew Tridgell2010-08-231-2/+3
| | | | | | this is useful when debugging replication Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: removed the warning on WRIT_REP being setAndrew Tridgell2010-08-231-4/+2
| | | | we just need to clear this flag
* s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett2010-08-234-6/+6
| | | | | | | | | struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
* librpc/rpc: move dcerpc_read_ncacn_packet_send/recv() to dcerpc_util.cStefan Metzmacher2010-08-201-174/+0
| | | | metze
* s4-drs: fixed the error code for EXOP_REPL_SECRET getncchanges callsAndrew Tridgell2010-08-201-10/+8
| | | | | | | | when we deny a EXOP_REPL_SECRET call we should set the exop error code to NONE, and the main return code to WERR_DS_DRA_ACCESS_DENIED (based on observing windows server behaviour) Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: bring us much closer to the docs for DRS secret replicationAndrew Tridgell2010-08-201-9/+241
| | | | | | | | | | | | | | | The rules for when a RODC can replicate secrets are: - it can always replicate its own acct - it can also replicate its krbtgt acct - it can't replicate other krbtgt accts - it can't replicate interdomain trust accounts - it can't replicate users in the denied group list - it can replicate users in the allowed group list otherwise it can't replicate Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: implement RODC attribute filtering overrideAndrew Tridgell2010-08-201-24/+50
| | | | | | | | When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: added sam_ctx_system on DRS bind stateAndrew Tridgell2010-08-202-0/+20
| | | | | | | | The getncchanges call needs to be able to access the sam as the system user for RODC clients. To do this it needs a sam_ctx connection with system credentials Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if ↵Kamen Mazdrashki2010-08-191-1/+2
| | | | it exists
* s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDsKamen Mazdrashki2010-08-191-3/+16
| | | | | | | | | | Depending on which NC is being replicated, GetNCChanges() returns either ATTID based on local prefixMap or msDs-IntId value of the attributeSchema class for the attribute being replicated. If set, msDs-IntId value is always returned when replicating object form NC other than Schema NC. Objects in Schema NC replica always use prefixMap based ATTIDs.
* s4:security Remove use of user_sid and group_sid from struct security_tokenAndrew Bartlett2010-08-184-7/+7
| | | | This makes the structure more like Samba3's NT_USER_TOKEN
* s4:netlogon RPC server - "ServerPasswordSet" operations - introduce also ↵Matthias Dieter Wallnöfer2010-08-171-2/+43
| | | | here the new password change syntax
* s4:samr RPC server - samr_password.c - make real user password changes workMatthias Dieter Wallnöfer2010-08-171-50/+74
| | | | | Now it's finally possible that the user can change his password with a DSDB connection using his credentials.
* s4:kdc/rpc server - adapt the "samdb_set_password" calls which perform ↵Matthias Dieter Wallnöfer2010-08-171-3/+3
| | | | password sets
* s4-rpcserver: log unknown RPC calls at debug level 3Andrew Tridgell2010-08-171-0/+6
| | | | | This was added as we are occasionally getting an encrypted unknown netlogon call, and I'm having trouble looking at it in wireshark
* s4-netlogon: added SEC_CHAN_RODCAndrew Tridgell2010-08-171-0/+5
| | | | This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
* s4-drs: allow getncchanges from RODC with WRIT_REP setAndrew Tridgell2010-08-171-2/+2
| | | | | | | | w2k8r2 is setting this bit as a RODC. Instead of refusing the replication, we now remove the bit from req8, which means other places in the code that check this bit can stay the same Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: added domain_sid to DRS security checksAndrew Tridgell2010-08-176-10/+14
| | | | | | | we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messagesAndrew Tridgell2010-08-171-4/+4
| | | | | | | | | | | | The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:auth Move struct auth_usersupplied_info to a common locationAndrew Bartlett2010-08-141-5/+1
| | | | | | | | | This also changes the calling convention slightly - we should always allocate this with talloc_zero() to allow some elements to be optional. Some elements may only make sense in Samba3, which I hope will use this common structure. Andrew Bartlett
* s4-build: fixed library name in dcerpc_server.pc.inAndrew Tridgell2010-08-141-1/+1
| | | | Thanks to Metze for spotting this
* s4-rpc_server: Fixed the build of the dcerpc_server library.Andreas Schneider2010-08-091-1/+1
| | | | Brad please check!
* s4-build: use @PACKAGE_VERSION@ in s4 pc.in filesAndrew Tridgell2010-08-091-1/+1
| | | | this gets replaced by vnum from the build rule
* s4-build: added dcerpc_server libraryBrad Hards2010-08-092-3/+16
| | | | | | OpenChange needs this for dcerpc_register_ep_server() Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4:rpc_server/lsa: better include a .h file don't include a .c fileStefan Metzmacher2010-08-071-1/+2
| | | | | | | This fixes the build with --nonshared-binary=smbtorture, as use by the source3/ make test. metze
* s3:dcesrv_lsa.c - use the RELAX control in order to create LSA objectsMatthias Dieter Wallnöfer2010-08-071-3/+3
|
* s4:dcesrv_netr_LogonGetDomainInfo - improve the client OS informations updateMatthias Dieter Wallnöfer2010-07-311-19/+8
| | | | | As ekacnet pointed out on the mailing list we don't need to do a delete if we (re)set the values afterwards - only if we don't set any new ones.
* s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell2010-07-1619-98/+98
| | | | | | | this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:drsuapi: don't return all linked attributes at the same timeStefan Metzmacher2010-07-091-8/+51
| | | | | | | | | | | | | Windows gives them in chunks, but I don't know the correct rule to calculate the chunk size. For now I'll use 1500 as the max size. Windows isn't happy when it gets ~ 100000 linked attributes in one response. It corrupts its directory index and later moves some objects to the LostAndFound folder. metze
* s4:drsuapi RPC server - "result_site_name" - fix variable denominationMatthias Dieter Wallnöfer2010-07-081-3/+3
|
* s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flagMatthias Dieter Wallnöfer2010-07-061-3/+22
| | | | | It has to consider the "password_expires" flag to known if the "pwdLastSet" has to be updated or to be resetted.
* s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag ↵Matthias Dieter Wallnöfer2010-07-061-1/+6
| | | | | | on level 21 Taken from the s3 server code
* s4:rpc_server/lsa/dcesrv_lsa.c - fix typoSumit Bose2010-07-061-1/+1
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s4:samr RPC server - "SetUserInfo" - allow some more informations to be setMatthias Dieter Wallnöfer2010-07-051-0/+25
| | | | Taken from the s3 implementation.
* s4:rpc_server/browser.c - remove unused codeMatthias Dieter Wallnöfer2010-06-291-2/+0
| | | | Spotted by the Solaris 10 compiler
* s4:dcesrv_drsuapi.c - fix a counter variableMatthias Dieter Wallnöfer2010-06-281-2/+1
|
* s4:lsa RPC server - Fix up "dcesrv_lsa_DeleteObject"Matthias Dieter Wallnöfer2010-06-281-3/+6
| | | | | | - Return always "NT_STATUS_OK" on success - Remove "talloc_free"s on handles since the frees are automatically performed by the DCE/RPC server code
* s4:dcesrv_samr_SetUserInfo - implement right "pwdLastSet" behaviourMatthias Dieter Wallnöfer2010-06-281-1/+72
| | | | Behaviour as the torture SAMR passwords tests show.
* s4:dcesrv_samr_SetUserInfo - deny operations when "fields_present" is 0Matthias Dieter Wallnöfer2010-06-281-0/+9
| | | | Taken from s3
* s4:dcesrv_samr_SetUserInfo - port the "SAMR_FIELD_LAST_PWD_CHANGE" check ↵Matthias Dieter Wallnöfer2010-06-281-0/+8
| | | | from s3 to s4
* s4:dcesrv_samr_SetUserInfo - implement password set level 21Matthias Dieter Wallnöfer2010-06-281-0/+33
|
* s4:dcesrv_samr_SetUserInfo - implement case 18 which allows to reset the ↵Matthias Dieter Wallnöfer2010-06-281-0/+10
| | | | user password
* s4:OemChangePasswordUser2 - return "NT_STATUS_WRONG_PASSWORD" when we ↵Matthias Dieter Wallnöfer2010-06-281-1/+1
| | | | | | haven't activated the the lanman auth This is what s3 does.
* s4:samr_password.c - add a function which sets the password through ↵Matthias Dieter Wallnöfer2010-06-281-0/+48
| | | | | | encrypted password hashes Used for password sets on "samr_SetUserInfo" level 18 and 21.
* s4:rpc_server/srvsvc/dcesrv_srvsvc.c - remove unreachable codeMatthias Dieter Wallnöfer2010-06-261-36/+0
|
generated by cgit (git 2.34.1) at 2025-09-26 00:00:14 +0000