summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* s4-auth: removed unused variable dom_sidAndrew Tridgell2010-09-271-1/+1
|
* s4:gensec_tstream: remove plain socket handlingStefan Metzmacher2010-09-281-124/+12
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Sep 28 04:54:24 UTC 2010 on sn-devel-104
* s4:lib/tls: add gnutls backend for tstreamStefan Metzmacher2010-09-283-3/+1298
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Sep 28 02:29:42 UTC 2010 on sn-devel-104
* s4:gensec: add gensec_create_tstream()Stefan Metzmacher2010-09-283-1/+764
| | | | | | Based on the initial patch from Andreas Schneider <asn@redhat.com>. metze
* s4:wrepl_server: use SOCKET_FLAG_NOCLOSE instead of a dup()Stefan Metzmacher2010-09-281-18/+3
| | | | | | | | | | The key thing is that we might have to turn the incomming connection into a outgoing connection. This change makes sense anyway, because we donate the fd to tstream. metze
* s4:rpc_server: use SOCKET_FLAG_NOCLOSE to avoid calling close() on the ↵Stefan Metzmacher2010-09-281-0/+1
| | | | | | socket fd twice. metze
* s4-ildap: two more places that need talloc_reparent()Andrew Tridgell2010-09-282-2/+2
| | | | | | | these contexts can have references Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Sep 28 00:04:03 UTC 2010 on sn-devel-104
* s4-kcc: don't print "Testing kcctpl_create_intersite_connections"Andrew Tridgell2010-09-271-1/+1
| | | | log level 0 is excessive for this!
* s4-drs: make getncchanges debug less verboseAndrew Tridgell2010-09-271-1/+1
| | | | quieten make test a little
* s4-dns: avoid search domains expansion in DNS resolverAndrew Tridgell2010-09-271-0/+8
| | | | add a '.' if the name contains a '.' already, but not at the end
* heimdal: avoid DNS search domain expansion Andrew Tridgell2010-09-271-1/+16
| | | | | | | | | When you have a domain search list in resolv.conf, and one of the DNS servers for a searched domain is uncontactable then we would timeout resolving DNS names. Avoid this by adding a '.' to the hostname if the hostname already has a '.' in it, which we assume to mean it is fully qualified.
* s4-smbtorture: rework spoolss_EnumPrintProcDataTypes test.Günther Deschner2010-09-281-34/+79
| | | | Guenther
* s4-smbtorture: rework test_EnumPrintProcessors to let it test more combinations.Günther Deschner2010-09-281-33/+15
| | | | Guenther
* s4-ildap: fixed a talloc_steal with references errorAndrew Tridgell2010-09-271-1/+1
| | | | | | | | | We need talloc_reparent() instead Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 20:38:00 UTC 2010 on sn-devel-104
* s4-ldb: Added ldb_request_replace_controlNadezhda Ivanova2010-09-273-1/+35
| | | | | | | | It is the same as ldb_request_add_control, except it will replace an existing control. Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 19:00:38 UTC 2010 on sn-devel-104
* s4/irpc: Add security token to the binding handle when doing irp call forwardingAnatoliy Atanasov2010-09-271-0/+7
|
* s4/irpc: Add function to add security token to the binding handleAnatoliy Atanasov2010-09-272-0/+12
|
* s4:irpc: optionaly pass the security_token via IRPC requests.Stefan Metzmacher2010-09-272-0/+8
| | | | metze
* s4:torture/ldap: close connections with an UnbindRequestStefan Metzmacher2010-09-271-0/+29
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Sep 27 07:14:23 UTC 2010 on sn-devel-104
* LDAP-BASIC: test AbandonRequestStefan Metzmacher2010-09-271-0/+41
| | | | metze
* s4:libcli/ldap: fix sending oneway requestsStefan Metzmacher2010-09-271-18/+26
| | | | metze
* waf: add more NDR subsystems for shared IDL files.Günther Deschner2010-09-271-2/+2
| | | | Guenther
* s4-waf: remove NDR-SRVSVC alias.Günther Deschner2010-09-271-1/+0
| | | | | | Thanks tridge, this was driving me nuts... Guenther
* s4-smbtorture: remove unneeded dcerpc_mgmt alias.Günther Deschner2010-09-273-3/+2
| | | | Guenther
* s4-drs: fixed comment in getncchanges codeAndrew Tridgell2010-09-271-1/+1
| | | | | Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 04:54:43 UTC 2010 on sn-devel-104
* s4-gensec: fixed a valgrind error in gensecAndrew Tridgell2010-09-261-12/+2
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dns: use the generated krb5.conf in samba_dnsupdateAndrew Tridgell2010-09-271-0/+5
| | | | | | | this gives one less thing that an admin can get wrong Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 02:35:29 UTC 2010 on sn-devel-104
* s4-provision: fixed the generation of the krb5.conf for vampireAndrew Tridgell2010-09-271-6/+6
| | | | we need a correct krb5.conf for nsupdate from bind9
* s4-ldbmodules: Added new module aclread to handle access checks on LDAP searchNadezhda Ivanova2010-09-264-0/+327
| | | | | | | It is currently enabled only if the request comes from the LDAP server, and is disabled by default. Use acl:search=true in smb.conf to enable it. It filters out all objects the user is not allowed to see, and all attributes the user does not have RP on. Extended access not supported yet.
* s4-tests: Added tests for search checks on attributesNadezhda Ivanova2010-09-262-5/+102
| | | | | The ACL reach tests are in the knowfail because aclread module is not enabled by default
* s4-tests: Removed search tests with anonymous credentials as they fail ↵Nadezhda Ivanova2010-09-262-4/+4
| | | | | | againts Windows These tests will fail in make test as well if the acl_read module is enabled.
* s4-dsdb: Added a function to check access on a particular object by its guidNadezhda Ivanova2010-09-261-0/+37
| | | | Similar to dsdb_check_access_on_dn, only it searches by guid.
* s4-dsdb: A helper to determine if an attribute is part of the search filterNadezhda Ivanova2010-09-261-0/+46
|
* s4-dsdb: Moved some helper functions to a separate fileNadezhda Ivanova2010-09-265-222/+260
| | | | We need these to be accessible to the aclread module as well.
* s4-ldap: Added a control to apply the access checks on read via LDAPNadezhda Ivanova2010-09-263-0/+6
|
* s4:schannel: handle move flag combinations in the serverStefan Metzmacher2010-09-261-13/+23
| | | | | | This fixes some testsuites in the CIFS plugfest. metze
* s4-auth: fixed the SID list for DCs in the PACAndrew Tridgell2010-09-264-29/+16
| | | | | | | | | | | the S-1-5-9 SID is added in the PAC by the KDC, not on the server that receives the PAC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 07:09:08 UTC 2010 on sn-devel-104
* s4-drs: use the system sam_ctx for updaterefsAndrew Tridgell2010-09-261-8/+9
| | | | this is needed for RODC clients calling updaterefs
* s4-spn: don't try to do SPN updates as a RODCAndrew Tridgell2010-09-261-0/+4
| | | | we don't have the permissions to do it
* s4-kerberos Don't segfault if the password isn't specified in keytab generationAndrew Bartlett2010-09-261-0/+7
| | | | | | | Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sun Sep 26 03:29:34 UTC 2010 on sn-devel-104
* upgradeprovision: fix a typoMatthieu Patou2010-09-261-1/+1
|
* upgradeprovision: Fix a bug with renamed entriesMatthieu Patou2010-09-261-2/+13
| | | | | The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one.
* upgradeprovision: fix a bug with not updated linksMatthieu Patou2010-09-261-0/+1
|
* s4 provision: start with gpo of version 0 and be consistent between ↵Matthieu Patou2010-09-262-3/+3
| | | | different policies
* s4 upgradeprovision: fix a bug with empty reference objectsMatthieu Patou2010-09-261-1/+9
| | | | Thanks to lukas@eecs.qmul.ac.uk for poiting it to me
* s4 upgradeprovision: Copy versionNumber if not present it helps to make gpo ↵Matthieu Patou2010-09-261-3/+3
| | | | valid
* s4 provision: Make GPO folder group writableMatthieu Patou2010-09-261-3/+3
| | | | | | The group of this folder is domain administrator and it seems sensible that all domain administrators have the right to modify the gpo (they have it at the NT ACLs level ...)
* upgradeprovision: use the same case for hostname in reference provision as ↵Matthieu Patou2010-09-261-1/+1
| | | | | | | in the current provision Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 01:21:52 UTC 2010 on sn-devel-104
* s4-dns: the DNS/${HOSTNAME} SPN should be on the DNS account onlyAndrew Tridgell2010-09-261-1/+0
|
* s4-provision: switch to dns-HOSTNAME instead of dnsAndrew Tridgell2010-09-264-25/+33
| | | | | | | | | We now use a host specific account name for the DNS account, which is the account used for dynamic DNS updates. We also setup the servicePrincipalName for automatic update, and add both DNS/${DNSDOMAIN} and DNS/${DNSNAME} for compatibility with both the old and new SPNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 11:28:04 +0000