summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:DSDB - DSDB_CONTROL_PASSWORD_CHANGE_OID - add a structure as value to the ↵Matthias Dieter Wallnöfer2010-08-171-0/+5
| | | | | | control This contains the NT and/or LM hash of the password specified by the user.
* s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID"Matthias Dieter Wallnöfer2010-08-174-11/+10
| | | | | Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash.
* Revert "waf: enable gccdeps in developer mode"Stefan Metzmacher2010-08-171-3/+2
| | | | | | | | | | | | | This reverts commit 61930f50cbace4741500d8b53fc11a4ef3e0d4f8. This breaks the build with older gcc versions gcc --version gcc (SUSE Linux) 4.3.2 [gcc-4_3-branch revision 141291] (This is SLES 11) Please only enable it if thet compiler supports it. metze
* s4:selftest: recreate $SELFTEST_PREFIX/s4client with each make test runStefan Metzmacher2010-08-171-3/+3
| | | | | | Otherwise just fill the disks of the build-farm hosts. metze
* s4:selftest: run ldapi tests in 'dc:local' environmentStefan Metzmacher2010-08-171-1/+1
| | | | metze
* s4-tests: Added tests for acl checks on search requestsNadezhda Ivanova2010-08-171-0/+218
|
* s3: Directly call write_data from print_job_write()Volker Lendecke2010-08-171-1/+1
|
* s3: Remove unused "pos" arg from print_job_writeVolker Lendecke2010-08-173-6/+3
|
* s3-samr: Correctly fix the transition from enum to uint32_t.Andreas Schneider2010-08-171-1/+5
| | | | | What type an enum is depends on the implementation, the compiler and probably the compiler options. sizeof(enum) is normally not sizeof(int)!
* s4-ldb: ensure element flags are zero in ldb search returnAndrew Tridgell2010-08-171-0/+2
| | | | the distinguishedName element was getting an uninitialised flags value
* s4-ldbwrap: ensure session_info in ldb opaque remains validAndrew Tridgell2010-08-171-0/+15
| | | | | | | A DRS DsBind handle can be re-used in a later connection. This implies reuse of the session_info for the connection. If the first connection is shutdown then the session_info in the sam context on the 2nd connection must remain valid.
* s4-rpcserver: log unknown RPC calls at debug level 3Andrew Tridgell2010-08-171-0/+6
| | | | | This was added as we are occasionally getting an encrypted unknown netlogon call, and I'm having trouble looking at it in wireshark
* s4-netlogon: added SEC_CHAN_RODCAndrew Tridgell2010-08-172-1/+7
| | | | This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
* s4-net: use an encrypted ldap session when setting passwordsAndrew Tridgell2010-08-171-0/+3
| | | | | | | this allows for "net setpassword -H ldap://server -Uusername%password USERNAME" to set a password remotely on a windows DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: check the type of session_info from the opaqueAndrew Tridgell2010-08-171-2/+2
| | | | | | | we saw a crash with a bad pointer here, and this may help track it down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: allow getncchanges from RODC with WRIT_REP setAndrew Tridgell2010-08-171-2/+2
| | | | | | | | w2k8r2 is setting this bit as a RODC. Instead of refusing the replication, we now remove the bit from req8, which means other places in the code that check this bit can stay the same Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: added domain_sid to DRS security checksAndrew Tridgell2010-08-176-10/+14
| | | | | | | we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: fixed check for SECURITY_RO_DOMAIN_CONTROLLERAndrew Tridgell2010-08-171-6/+6
| | | | | | check more than the user_sid, and also check for the right rid value Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: added support for UF_PARTIAL_SECRETS_ACCOUNTAndrew Tridgell2010-08-172-2/+10
| | | | | | | when this is in user_account_control the account is a RODC, and we need to set the primaryGroupID to be DOMAIN_RID_READONLY_DCS Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: cope with cracknames of form dnsdomain\accountAndrew Tridgell2010-08-171-2/+8
| | | | | | this is used by w2k8r2 when doing a RODC dcpromo Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumberAndrew Tridgell2010-08-171-1/+8
| | | | | | | | | msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: added LDB_FLAG_INTERNAL_DISABLE_VALIDATIONAndrew Tridgell2010-08-172-7/+15
| | | | | | | | When this flag is set on an element in an add/modify request then the normal validate_ldb() call that checks the element against schema constraints is disabled Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: added LDB_FLAG_INTERNAL_MASKAndrew Tridgell2010-08-172-0/+31
| | | | | | | This ensures that internal bits for the element flags in add/modify requests are not set via the ldb API Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messagesAndrew Tridgell2010-08-178-23/+28
| | | | | | | | | | | | The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: support LDB_CONTROL_RODC_DCPROMO_OID for nTDSDSA addAndrew Tridgell2010-08-171-1/+24
| | | | | | this control disables the system only check for nTDSDSA add operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: fixed test for LDB_CONTROL_RODC_DCPROMO_OIDAndrew Tridgell2010-08-171-1/+1
| | | | the ldb_msg_add_fmt() call returns LDB_SUCCESS on success
* s4-ldapserver: support controls on ldap add and renameAndrew Tridgell2010-08-171-10/+12
| | | | | | we need to pass the controls down to the add and rename ldb operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: added support for LDB_CONTROL_RODC_DCPROMO_OIDAndrew Tridgell2010-08-173-0/+76
| | | | | | | | | | | | this control adds a unique msDS-SecondaryKrbTgtNumber attribute to a user object. There is some 'interesting' interaction with the rangeLower and rangeUpper attributes and this add. We don't implementat rangeLower/rangeUpper yet, but when we do we'll need an override for this control (or be careful about module ordering). Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldap: use common functions for ldap flag controls encode/decodeAndrew Tridgell2010-08-171-163/+11
| | | | | | | many controls are simple present/not-present flags, and don't need their own parsers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-dcerpc: try to fix the non gssapi build.Günther Deschner2010-08-171-1/+2
| | | | Guenther
* s3-dcerpc: fix c++ build warning.Günther Deschner2010-08-171-1/+1
| | | | Guenther
* s3-dcerpc: fix uninitialized variable in cli_get_session_key().Günther Deschner2010-08-171-1/+1
| | | | | | Simo, please check. Guenther
* s3-util: remove unused variable.Günther Deschner2010-08-171-1/+0
| | | | Guenther
* s3-ads: Remove unused function and fileSimo Sorce2010-08-173-31/+1
|
* s3:winbindd: don't ignore 'result' in wb_dsgetdcname_done()Stefan Metzmacher2010-08-171-0/+4
| | | | | | Ignoring it could cause a segfault in winbindd_getdcname_recv() metze
* s3: Remove smbd_server_fd() from write_data()Volker Lendecke2010-08-173-25/+78
| | | | | | This completely removes the DEBUG(0, ..) error message from write_data(). I've gone through all callers of write_data() and made sure that they have their own equivalent error message printing.
* s3-dcerpc: Use common send functions for ntlmssp tooSimo Sorce2010-08-171-51/+12
| | | | Remove unused function.
* s3-dcerpc: properly implement gse/spnego_get_session_keySimo Sorce2010-08-175-16/+63
|
* s3-dcerpc: Check data and return appropriate errorSimo Sorce2010-08-171-2/+17
|
* s3-dcerpc: Remove unused functionSimo Sorce2010-08-171-18/+0
|
* s3-dcerpc: make a few local functions as staticSimo Sorce2010-08-172-8/+7
|
* Change debug statements to use __location__Simo Sorce2010-08-171-13/+11
|
* s3-dcerpc: Pull packet in the caller, before validationSimo Sorce2010-08-172-31/+38
|
* Add my (c)Simo Sorce2010-08-171-5/+6
|
* s3-samr: Fixed some build warnings.Andreas Schneider2010-08-171-3/+3
|
* s3: Fix a ton of type-punned warningsVolker Lendecke2010-08-171-4/+4
|
* build fixBrad Hards2010-08-171-1/+5
|
* s4-ldb: test the 'displayName=a,b' bugAndrew Tridgell2010-08-171-0/+6
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-provision: cope with the policy directory already existingAndrew Tridgell2010-08-171-3/+8
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: fixed the ldb 'displayName=a,b' indexing bugAndrew Tridgell2010-08-171-2/+4
| | | | | | | | | the problem was the inconsistency between the key form of DNs between the itdb used for indexing and the on disk form Thanks to Matthieu Patou for finding this bug! Signed-off-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 17:45:41 +0000