| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
- gss error code patch from a.bokovoy@sam-solutions.net
- better sid dumping in ads_dump
- fixed help in wbinfo
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a global singly-linked list of all active talloc pools, so that we
can eventually show how much memory is used for different purposes.
This also gives a check that pools are not being doubly freed.
talloc_init_named now handle a NULL name properly (ie does nothing)
Add accessor talloc_pool_name().
|
| | | |
|
| | |
| |
| |
| | |
talloc_vasprintf.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ancient mem_man.c:
Each TALLOC_CTX now has a field to store its purpose, to aid in
tracking down memory bloat. A new call talloc_init_named() should be
used instead of talloc_init() so that this is set.
Added talloc_vasprintf to be called by varargs functions.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
some cleanup of the lsa_open_policy and lsa_open_policy2 parser. the
length fields are not correct but that's what NT send. We don't anymore
underflow or overflow the decoding.
added the domain admins group to the default SD.
we are now checking the desired access flag in the lsa_open_policy_X()
calls and in most functions also.
J.F.
|
| | | |
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
owner. that's basic stuff.
got the POLICY_ define from TNG but they are also in an include file in
the NT SDK.
J.F.
|
| | |
| |
| |
| | |
Jeremy.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Ignacio you can update your howto ;-)
samsync: a small patch to try chaning challenges.
J.F.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
One is an entry for the trusted domains
The other is an entry for the trusting domains
They are pretty basic, I'll improve them.
J.F.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
a correct decoder for SAM_PRIVS_INFO (0x10)
this code is totally useless right now, it's just fun to decode those and
will save tpot some time.
J.F.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It's just to keep usermanager happy ;-)
clean up a bit samr_query_aliasinfo to return the group description
added: samr_del_aliasmem, samr_del_groupmem and samr_del_domuser
with the correct scripts, you can now entirely manage the users from
usermanager ! Closer to full PDC every day ;-)
J.F.
|
| | |
| |
| |
| |
| |
| | |
rpc. This was supposed to fix a printer driver download bug but it didn't
but it seemed a shame to trash all this code so I'm commiting it #ifdef'ed
out in case someone needs it one day.
|
| | | |
|
| | |
| |
| |
| | |
cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm
|
| | |
| |
| |
| |
| |
| | |
This allows embedded systems to compile out the higher debug
levels. It should gain speed as well as reducing the code
size. Setting it to 1 saves about 300k of code on my system.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This moves the rest of the functionality into the 'net rpc join' code.
Futhermore, this moves that entire area over to the libsmb codebase, rather
than the crufty old rpc_client stuff.
I have also fixed up the smbpasswd -a -m bug in the process.
We also have a new 'net rpc changetrustpw' that can be called from a
cron-job to regularly change the trust account password, for sites
that run winbind but not smbd.
With a little more work, we can kill rpc_client from smbd entirly!
(It is mostly the domain auth stuff - which I can rework - and the
spoolss stuff that sombody else will need to look over).
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| | |
winbindd can do a kinit
this will be removed once we have code that gets a tgt
and puts it in a place where cyrus-sasl can see it
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
You can change them with either usermanager->policies->account
or from a command prompt on NT/W2K: net accounts /domain
we can add a rpc accounts to the net command. As the net_rpc.c is still
empty, I did not start. How should I add command to it ? Should I take the
rpcclient/cmd_xxx functions and call them from there ?
alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more
for jeremy ;-)
J.F.
|
| | | |
|
| | |
| |
| |
| | |
least basic operations work
|
| | |
| |
| |
| | |
rats.
|
| | |
| |
| |
| |
| |
| | |
This just splits off the dispinfo call behind a methods structure.
I'll split off a few more functions soon, then we will be ready for
LDAP replacement methods
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
definitions.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).
Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.
Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.
J.F.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We now get the full account policy window in usermanager, and the
framework to store all those values. I plan to add a TDB file to store
them.
oh, and found that the last value in a sam_unknown_info_12_inf struct is
an uint16 and not a uint32.
andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it
to a value setable in usermanager.
J.F.
|
| | |
| |
| |
| |
| | |
this was causing the kerberos stuff to fail compilation on several
platforms
|
| | |
| |
| |
| | |
Jeremy
|
| | |
| |
| |
| | |
some systems have libkrb5 but not krb5.h
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Why do people keep adding stuff to includes.h (OK I am guilty of this too)?
It's getting really huge and full of random junk. )-:
I've noticed TNG have started to split stuff up in to individual header
files included as needed.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
