summaryrefslogtreecommitdiffstats
path: root/source4/rpc_server
Commit message (Collapse)AuthorAgeFilesLines
* s4/drs: propagate DRS_ extension flags in code baseKamen Mazdrashki2010-02-051-1/+1
|
* s4:rpc-server:samr: fix setting of lockout duration < lockout windowMichael Adam2010-01-211-1/+22
| | | | | | | | | | | | | | | | | | This should return NT_STATUS_INVALID_PARAMETER. This makes samba pass the first part of the samr-lockout test. This constraint is documented here for the samr server: http://msdn.microsoft.com/en-us/library/cc245667%28PROT.10%29.aspx MS-SAMR 3.1.1.6 Attribute Constraints for Originating Updates and here for the ldap backend: http://msdn.microsoft.com/en-us/library/cc223462(PROT.10).aspx MS-ADTS 3.1.1.5.3.2 Constraints So the check should actually be moved down into the backend, i.e. under dsdb/samdb/ldb_modules - TODO.. Michael
* idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell2010-01-181-4/+4
| | | | | | | The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
* s4-drs: allow for security bypass for DsReplicaGetInfoAndrew Tridgell2010-01-171-5/+9
| | | | | Use --option=drs:disable_sec_check=true until the group membership bug with the PAC is fixed.
* s4-dsdb: take advantage of local cursor and sortAndrew Tridgell2010-01-161-34/+3
| | | | | in getncchanges and repl task we don't need the extra load and sort any more.
* s4-drs: use dsdb_load_udv_v2() in getncchanges codeAndrew Tridgell2010-01-161-52/+6
|
* s4-drs: better debug info when security checks failAndrew Tridgell2010-01-161-3/+8
| | | | show the security token of the user at debug level 2
* s4-dsdb: require admin access for DsReplicaGetInfoAndrew Tridgell2010-01-161-5/+7
|
* s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS ↵Andrew Tridgell2010-01-161-1/+11
| | | | | | | | | | infoType. This patch includes the framework for the implementation of all infoTypes of the DsGetReplInfo() call, and includes the implementation for the first one, the DS_REPL_INFO_NEIGHBORS. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-drs: give better debug info on unsupported DRS callsAndrew Tridgell2010-01-161-14/+20
|
* s4:SAMR RPC - Fix the criteria for group searchesMatthias Dieter Wallnöfer2010-01-141-4/+4
| | | | This should match the MS-SAMR documentation (section 3.1.5.5.1.1)
* s4-drs: switch the DRS server to the generic DRS options flagsAndrew Tridgell2010-01-142-8/+8
|
* s4-debug: lower the verbosity of a couple of common log messagesAndrew Tridgell2010-01-091-1/+1
|
* s4-drs: base is_nc_prefix on instanceTypeAndrew Tridgell2010-01-091-1/+3
| | | | for extended operations comparing to the ncRoot_dn is not correct
* s4-drs: having no SPNs to change is not an errorAndrew Tridgell2010-01-091-0/+7
|
* s4-drs: fixed writespn to ignore add/delete errorsAndrew Tridgell2010-01-091-3/+40
| | | | | When a SPN is added and already exists, it is ignored. Similarly, when a SPN is deleted and doesn't exist, it is ignored.
* s4-drs: moved the DsWriteAccountSpn call to its own fileAndrew Tridgell2010-01-094-75/+104
|
* s4-drs: need to set the getncchanges extended_ret on success tooAndrew Tridgell2010-01-091-0/+3
|
* s4-drs: be less verbose when we filter objects by UDVAndrew Tridgell2010-01-091-5/+5
|
* s4-drs: added filtering by udv in getncchangesAndrew Tridgell2010-01-091-9/+57
| | | | | | When a client supplied an uptodateness_vector, we can use it to filter what objects we return. This greatly reduces the amount of replication traffic between DCs.
* s4-drs: fixed the NC in the getncchanges RID alloc replyAndrew Tridgell2010-01-091-11/+13
| | | | | the search happens on a different DN to the NC of the request, but the reply is with the original NC
* s4-drs: fixed usage of ldb_dn_new()Andrew Tridgell2010-01-091-1/+1
|
* s4-drs: added two more SPNs in addentryAndrew Tridgell2010-01-081-13/+32
| | | | | | w2k8r2 wants these after a DCPROMO Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: we need to wrap extended operations in transactionsAndrew Tridgell2010-01-081-5/+21
|
* s4-drs: added some debug messagesAndrew Tridgell2010-01-081-0/+6
| | | | It is nice to see when a RID Alloc is successful
* s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOCAndrew Tridgell2010-01-081-7/+103
| | | | | | This allocates a RID pool for the client DC when we are the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: don't give an error on repsTo delete if add is also specifiedAndrew Tridgell2010-01-021-1/+3
| | | | w2k8-r2 in dcpromo asks for a delete+add during its initial join.
* s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNsAndrew Tridgell2010-01-021-1/+1
| | | | This allows for more flags in the future
* s4-drs: sort linked attributesAndrew Tridgell2010-01-021-0/+73
| | | | | See MS-DRSR section 4.1.10.5.17 for a description of the sorting comparison function
* s4-drs: use dsdb linked attribute parse functionsAndrew Tridgell2010-01-021-19/+1
| | | | This makes the code considerably more readable
* s4-drs: set flag to indicate that we do support linked attributesAndrew Tridgell2010-01-021-4/+1
|
* s4-drs: update highwatermark after successfully encoding the objectAndrew Tridgell2010-01-021-8/+8
|
* s4-drs: send all linked attributes at the end of a replication cycleAndrew Tridgell2010-01-021-3/+7
| | | | This ensures that a link is not seen before the object it points to
* s4-drs: use the extended linearized form for DRS replicationAndrew Tridgell2010-01-021-5/+4
| | | | | | We were sending zero GUIDs. Not good! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: implemented sorting functions based on replication flagsAndrew Tridgell2010-01-021-2/+43
| | | | | I think we probably have more work to do on the sort order, but this brings us a bit closer.
* s4-drs: we are doing the sorting for getncchanges in the app code nowAndrew Tridgell2010-01-022-22/+0
| | | | | | | the sorting is quite delicate, and easier to get right in the getncchanges code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: give a reason when an AddEntry commit failsAndrew Tridgell2010-01-021-1/+2
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: fixed the UDV return in getncchangesAndrew Tridgell2010-01-021-5/+17
| | | | We should overwrite an existing entry if found
* s4-drs: some useful debugging options for getncchangesAndrew Tridgell2010-01-021-11/+42
| | | | | | | Added two debugging parametric options drs:max object sync = drs:extra filter =
* s4-drs: handle mixtures of old and new style links in getncchangesAndrew Tridgell2010-01-021-0/+17
| | | | We need to send non-upgraded links using the old format
* s4-drs: added linked attribute replication to getncchangesAndrew Tridgell2010-01-021-15/+203
|
* s4-dsdb: ask for REVEAL_INTERNALS in getncchangesAndrew Tridgell2010-01-021-0/+5
| | | | We need this for the linked attribute meta data
* s4:drsuapi/getncchanges.c - Update the list of operational attributesMatthias Dieter Wallnöfer2009-12-161-7/+8
| | | | | - Reorder them as specified in "operational.c" - Add also the lan manager hash password attribute
* s4-drs: ensure we fill in ncRoot_dn in getncchangesAndrew Tridgell2009-12-091-0/+7
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-drs: use parentGUID attribute in getncchangesAndrew Tridgell2009-12-091-34/+6
| | | | | | | Now that parentGUID is reliable again, use it instead of building our own Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-drsutil: fixed a memory leak in samdb_search_countAndrew Tridgell2009-12-041-3/+3
| | | | | In general functions that don't return any memory should not take a memory context. Otherwise it is too easy to have a bug like this where memory is leaked
* s4-drs: fixed UDV and overlapping sync calls in DRSAndrew Tridgell2009-12-031-40/+42
| | | | | | | | | When windows abandons a DRS sync, it will sometimes re-use the same bind handle for a new sync. This means we need to check the DN of the sync and blank the getnc_state if the DN has changed. This also fixes the UDV to use the highest uSN for the partition, not for the whole SAM.
* s4:WINREG RPC server - add another "talloc_unlink" in "DeleteKey"Matthias Dieter Wallnöfer2009-11-271-1/+5
| | | | Also here we waste memory - therefore free the pointless handle after the delete.
* s4:WINREG RPC server - Reintroduce the free operation on "CloseKey"Matthias Dieter Wallnöfer2009-11-271-0/+2
| | | | Better use "talloc_unlink" here Since we could have more than one reference.
* Revert "s4-netlogon: always set the dNSHostName in GetDomainInfo"Matthias Dieter Wallnöfer2009-11-241-7/+3
| | | | | | | | | | | | This reverts commit 87b6f2e863c6e117643ab6704e50167e849b69cc. This was the cause of the breakage of the "LogonGetDomainInfo" testsuite. I think my behaviour is more correct to Windows Server since the test works against it (at least release 2003 R2). One problem I discovered is that freshly joined workstations don't get their DNS name into the directory. Therefore I think also another part (maybe another RPC call) is able to do this.
generated by cgit (git 2.34.1) at 2025-09-28 06:09:07 +0000