summaryrefslogtreecommitdiffstats
path: root/source3/include/rpc_lsa.h
Commit message (Collapse)AuthorAgeFilesLines
* r18654: Rename "struct uuid" => "struct GUID" for consistency.Jelmer Vernooij2007-10-101-1/+1
| | | | (This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
* r15041: Adding rpc client calls to manipulate auditing policies on remote CIFSGünther Deschner2007-10-101-59/+115
| | | | | | | | | | servers. Also add a new "net rpc audit" tool. The lsa query infolevels were taken from samb4 IDL, the lsa policy flags and categories are partly documented on msdn. I need to cleanup the double lsa_query_info_policy{2}{_new} calls next. Guenther (This used to be commit 0fed66926f4b72444abfc8ffb8c46cca8d0600aa)
* r13458: Add parsing functions - but stub internals for lookupnames3 and 4.Jeremy Allison2007-10-101-2/+77
| | | | | Jeremy. (This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
* r13456: Add lsa_lookup_names2.Jeremy Allison2007-10-101-1/+1
| | | | | Jeremy. (This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
* r13455: Prepare to add lookupnames2.Jeremy Allison2007-10-101-1/+35
| | | | | Jeremy. (This used to be commit 2274709587bd1f27bea2eacf633182f20cd07b1e)
* r13449: Ensure we don't crash if no dc struct on pipe.Jeremy Allison2007-10-101-0/+3
| | | | | Jeremy. (This used to be commit a9e1d0f3b4fd7a0732a5023d0b4dcc2c4b1b03f8)
* r13447: Added LSA_LOOKUPSIDS2 and LSA_LOOKUPSIDS3.Jeremy Allison2007-10-101-19/+89
| | | | | Jeremy. (This used to be commit a164cfab420a2439dad8fd85f8b4d652087fa6b9)
* r13316: Let the carnage begin....Gerald Carter2007-10-101-1/+55
| | | | | Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
* r10656: BIG merge from trunk. Features not copied overGerald Carter2007-10-101-2/+0
| | | | | | | | * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
* r7391: - Added client-support for various lsa_query_trust_dom_info-calls and aGünther Deschner2007-10-101-5/+151
| | | | | | | | | | | | | | | | | | | | | | | rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
* r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter2007-10-101-25/+94
| | | | | | version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
* r6228: remove BUFHDR2 and clean up LsaEnumTrustedDomains()Gerald Carter2007-10-101-22/+24
| | | | | Tested client and server code. (This used to be commit efb3ac4c69c72c0fa01c558951fa357893562bce)
* r6071: * clean up UNISTR2_ARRAY ( really just an array of UNISTR4 + count )Gerald Carter2007-10-101-4/+4
| | | | | | | * add some backwards compatibility to 'net rpc rights list' * verify privilege name in 'net rpc rights privileges <name>' in order to give back better error messages. (This used to be commit 0e29dc8aa384dfa6d2495beb8a9ffb5371e60a13)
* r6014: rather large change set....Gerald Carter2007-10-101-1/+1
| | | | | | | | | | | | | | | pulling back all recent rpc changes from trunk into 3.0. I've tested a compile and so don't think I've missed any files. But if so, just mail me and I'll clean backup in a couple of hours. Changes include \winreg, \eventlog, \svcctl, and general parse_misc.c updates. I am planning on bracketing the event code with an #ifdef ENABLE_EVENTLOG until I finish merging Marcin's changes (very soon). (This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
* r5726: merge LsaLookupPrivValue() code from trunkGerald Carter2007-10-101-10/+9
| | | | (This used to be commit 277203b5356af58ce62eb4eec0db2eccadeeffd6)
* r5456: Increase limit of mapped SIDS to 0x5000, which is what 2k and later do.Jim McDonough2007-10-101-2/+2
| | | | | | | | NT has no limit. We still don't respond the way 2k would to requests larger, which is to actually allocate the memory and send back the entire response, plus a return status of NT_STATUS_NONE_MAPPED. Still looking into ways of doing this without crashing windows. (This used to be commit 9afe5acdc22adaed4b4b3d70ba3a1a7898256282)
* r5056: * correct STANDARD_RIGHTS_WRITE_ACCESS bitmask defineGerald Carter2007-10-101-1/+1
| | | | | | | | | | | | | * make sure to apply the rights_mask and not just the saved bits from the mask in access_check_samr_object() * allow root to grant/revoke privileges (in addition to Domain Admins) as suggested by Volker. Tested machine joins from XP, 2K, and NT4 with and without pre-existing machine trust accounts. Also tested basic file operations using cmd.exe and explorer.exe after changing the STANDARD_RIGHTS_WRITE_ACCESS bitmask. (This used to be commit c0e7f7ff60a4110809b8f500fdc68a1bf963da36)
* r4724: Add support for Windows privileges in Samba 3.0Gerald Carter2007-10-101-3/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | (based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4. (This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
* r196: merging struct uuid from trunkGerald Carter2007-10-101-1/+1
| | | | (This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
* split some security related functions in their own files.Simo Sorce2003-10-061-3/+3
| | | | | | | | | (no need to include all of smbd files to use some basic sec functions) also minor compile fixes couldn't compile to test these due to some kerberos problems wirh 3.0, but on HEAD they're working well, so I suppose it's ok to commit (This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
* Fix for #480. Change the interface for init_unistr2 to not take a lengthJeremy Allison2003-09-251-2/+0
| | | | | | | but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. This is not the case. Count it after conversion. Jeremy. (This used to be commit f82c273a42f930c7152cfab84394781744815e0e)
* Attempt at fixing bug #283. There however is no solution.Gerald Carter2003-08-141-0/+6
| | | | | | | | | | | | | | | | | | There is a workaround documented in the bug report. This patch does: * add server support for the LSA_DS UUID on the lsarpc pipe * store a list of context_ids/api_structs in the pipe_struct so that we don't have to lookup the function table for a pipe. We just match the context_id. Note that a dce/rpc alter_context does not destroy the previous context so it is possible to have multiple bindings active on the same pipe. Observed from standalone win2k sp4 client. * added server code for DsROleGetPrimaryDOmainInfo() but disabled it since it causes problems enumerating users and groups from a 2ksp4 domain member in a Samba domain. (This used to be commit 96bc2abfcb0dd0912696fad76e43cb217b33e061)
* And finally IDMAP in 3_0Simo Sorce2003-05-121-20/+0
| | | | | | | | | | | | | | | | | | | | | We really need idmap_ldap to have a good solution with ldapsam, porting it from the prvious code is beeing made, the code is really simple to do so I am confident it is not a problem to commit this code in. Not committing it would have been worst. I really would have been able to finish also the group code, maybe we can put it into a followin release after 3.0.0 even if it may be an upgrade problem. The code has been tested and seem to work right, more testing is needed for corner cases. Currently winbind pdc (working only for users and not for groups) is disabled as I was not able to make a complete group code replacement that works somewhat in a week (I have a complete patch, but there are bugs) Simo. (This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
* Merge tridge's client priv code from HEAD.Jeremy Allison2003-01-291-3/+20
| | | | | Jeremy (This used to be commit 49739be1e2f047fa2cc2fd42eadb190a82114485)
* Merging tridge's privillage client changes from HEAD.Jeremy Allison2003-01-281-5/+20
| | | | | Jeremy. (This used to be commit 30a33920b4d834edc877cc0080291fbda983083a)
* merging some rpcclient and net functionality from HEADGerald Carter2003-01-151-0/+17
| | | | (This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
* sync 3.0 branch with headJelmer Vernooij2002-08-171-0/+38
| | | | (This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
* updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell2002-07-151-15/+2
| | | | (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
* Removed version number from file header.Tim Potter2002-01-301-1/+1
| | | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
* Move the lsa code across to the changed args for lookup_name, and surround itAndrew Bartlett2002-01-261-4/+2
| | | | | | | | | | | | | in become_root()/unbecome_root(). Also only allocate the memory the client reqests - and don't allow the client to trigger an SMB_ASSERT if they ask for 'more'. Up the maximum number of sids allowed, and note that this is an arbiary guess, and can be raised without consequence. Andrew Bartlett (This used to be commit 6e7667125d142670db7393ed7a48386f3821d896)
* Correct4ed comment.Tim Potter2002-01-111-1/+1
| | | | (This used to be commit 78814664ef7d41c2f6637b508711ab45647a64f9)
* Doc.Martin Pool2002-01-021-2/+1
| | | | (This used to be commit b354163834e0f2da7d3caacfe8d2ac6e2a6949e8)
* there is no unknown field in LSA_SEC_QOSJean-François Micouleau2001-12-171-1/+0
| | | | | | | | | | | | | | some cleanup of the lsa_open_policy and lsa_open_policy2 parser. the length fields are not correct but that's what NT send. We don't anymore underflow or overflow the decoding. added the domain admins group to the default SD. we are now checking the desired access flag in the lsa_open_policy_X() calls and in most functions also. J.F. (This used to be commit a217c4e4ff4d13122703d22258792fe5e8e9f02f)
* add lsa_query_secobj server code. level 4 is the ACL, level 1 is theJean-François Micouleau2001-12-141-16/+47
| | | | | | | | | | owner. that's basic stuff. got the POLICY_ define from TNG but they are also in an include file in the NT SDK. J.F. (This used to be commit 84289a9bf42847981926e198ad36c050904fa9ed)
* Changed again how the privilege list is handled in the group mapping code.Jean-François Micouleau2001-11-291-0/+42
| | | | | | | | | | | | | | | | | This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
* added lsaenumprivsaccount and lsalookupprivvalue to rpcclientJean-François Micouleau2001-11-241-0/+13
| | | | | | | and more to come ... J.F. (This used to be commit 1748d5a2af1f2dcf718d6f162ed483b001542494)
* Oops.Tim Potter2001-09-141-1/+1
| | | | (This used to be commit 4c92d82bdb35db3e01a162fb0aa00a6fe7486c70)
* Discovered a whole lot more opcodes on the LSA pipe while writing a rpcTim Potter2001-09-131-6/+38
| | | | | | | | | scanner. There's lots of quota, privilege, and trusted domain goodness waiting to be reverse engineered here! Unfortunately the scanner can crash LSASS.EXE on NT4 just by writing packets containing 0xdeadbeef. )-: (This used to be commit f0ef301cff57c9bf07694e0675eec67c61367afb)
* the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell2001-09-041-1/+0
| | | | | | the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
* started converting NTSTATUS to be a structure on systems with gcc in order ↵Andrew Tridgell2001-08-271-16/+16
| | | | | | to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs (This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
* implement:Jean-François Micouleau2001-07-091-2/+150
| | | | | | | | | | | | | | LSA_ENUM_PRIVS LSA_PRIV_GET_DISPNAME LSA_ENUM_ACCOUNTS LSA_OPENACCOUNT LSA_ENUMPRIVSACCOUNT LSA_GETSYSTEMACCOUNT It's a work in progress. nobody should expect it to work J.F. (This used to be commit 3056357cd8d4b2460f73ba8a8931a143f07fa2a6)
* Added LsaGetConnectedCredentials patch from Manoj Naik <manoj@almaden.ibm.com>.Jeremy Allison2001-06-291-0/+28
| | | | | Jeremy. (This used to be commit 7079300da6dbd950e55dc5871851250d5a3717ff)
* Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison2001-03-111-0/+1
| | | | | | | RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
* Started conversion of lsa server code to canonical format (as srv_reg andJeremy Allison2001-02-261-0/+19
| | | | | | srv_samr have been). Jeremy. (This used to be commit f434cda9774b4864321b37b0f8f42e6e8dee8d5b)
* Fixed "object picker can't determine if object in domain" bug seen from W2KJeremy Allison2001-01-251-7/+26
| | | | | | | | clients. Did this by importing Samba-TNG code that correctly handles LSA lookups. *MANY* thanks to Luke, Sander, Elrond and the rest of the TNG gang ! Jeremy (This used to be commit f76dc952f70862a6a390e9f35edd651867842a01)
* Merge of various fixes from the tng headers.Tim Potter2001-01-111-5/+5
| | | | (This used to be commit a6d4aad391d2a9e38cbb28d9ddc3e4ff454a759d)
* make protoTim Potter2000-12-131-2/+2
| | | | | Updates for dynamic sized lookup names/sids (This used to be commit 34743c157632b1784bd15e3ca97380b1f9754e46)
* Merged in Tim's changes : Removed static limit of MAX_LOOKUP_SIDS in rpc ↵Jeremy Allison2000-12-121-5/+5
| | | | | | | | server and client lsa_lookup_names() and lsa_lookup_sids(). Jeremy. (This used to be commit 9e9c71c8b3194b7cd02fea0b6a000d4f2940d905)
* Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions fromTim Potter2000-12-081-1/+1
| | | | | | | | | | TNG branch. Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient. This requires most samba binaries to link in another handful of object files due to uncessary coupling between modules. )-: (This used to be commit 817819d0cc3ecf642be5a1656be3b71bed260ee4)
* Some code moved back from TNG - updates to LSA stuff. Not yet used butJeremy Allison2000-09-201-2/+19
| | | | | | will be needed soon. Jeremy. (This used to be commit f0aa8f9314c837fe39b6d1b0c41d5cfae2e4098f)
generated by cgit (git 2.34.1) at 2024-10-02 06:39:14 +0000