summaryrefslogtreecommitdiffstats
path: root/source3/libnet
Commit message (Collapse)AuthorAgeFilesLines
...
* s3-libnet: also remove libnet/libnet_samsync_keytab.c.orig.Günther Deschner2010-08-131-305/+0
| | | | | | Guys, what are you doing here ? ;-) Guenther
* s3-libnet: remove source3/libnet/libnet_join.c.orig, added by a previous commit.Günther Deschner2010-08-131-2187/+0
| | | | Guenther
* s3-krb5 Only build ADS support if arcfour-hmac-md5 is availableAndrew Bartlett2010-08-135-10/+2496
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Modern Kerberos implementations have either defines or enums for these key types, which makes doing #ifdef difficult. This shows up in files such as libnet_samsync_keytab.c, the bulk of which is not compiled on current Fedora 12, for example. The downside is that this makes Samba unconditionally depend on the arcfour-hmac-md5 encryption type at build time. We will no longer support libraries that only support the DES based encryption types. However, the single-DES types that are supported in common with AD are already painfully weak - so much so that they are disabled by default in modern Kerberos libraries. If not found, ADS support will not be compiled in. This means that our 'net ads join' will no longer set the ACB_USE_DES_KEY_ONLY flag, and we will always try to use arcfour-hmac-md5. A future improvement would be to remove the use of the DES encryption types totally, but this would require that any ACB_USE_DES_KEY_ONLY flag be removed from existing joins. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
* s3:libnet Add other required headers for libnet_samsync_keytab.cAndrew Bartlett2010-08-131-0/+3
| | | | | | | | | Due to missing defines in modern kerberos libraries, this code was not compiled and so this wasn't noticed. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
* s3-libnet: fix bug #6364: Pull realm from supplied username on libnet joinJim McDonough2010-08-121-0/+7
|
* s3:libnet/libnet_samsync.c: we also need some ndr_pull functionsStefan Metzmacher2010-08-081-0/+1
| | | | metze
* s3-libnet: include netlogon.h in libnet samsync header.Günther Deschner2010-08-061-0/+1
| | | | Guenther
* s3-secrets: only include secrets.h when needed.Günther Deschner2010-08-051-1/+1
| | | | Guenther
* s3: avoid global include of ads.h.Günther Deschner2010-08-051-0/+1
| | | | Guenther
* s3-libnet: add missing header file, sorry.Günther Deschner2010-07-131-0/+13
| | | | Guenther
* s3-libnet: better separate headers.Günther Deschner2010-07-1313-123/+50
| | | | Guenther
* s3-libads: only include libds flags where needed.Günther Deschner2010-07-011-0/+2
| | | | Guenther
* s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett2010-05-211-8/+8
| | | | | | | | | | This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3-rpc_client: move protos to init_samr.hGünther Deschner2010-05-181-0/+1
| | | | Guenther
* s3-rpc_client: move protos to cli_lsarpc.hGünther Deschner2010-05-181-0/+1
| | | | Guenther
* s3-rpc_client: move protos to cli_netlogon.hGünther Deschner2010-05-181-0/+1
| | | | Guenther
* s3: Remove use of iconv_convenience.Jelmer Vernooij2010-05-182-6/+5
|
* smbconf: only include smbconf headers where needed.Günther Deschner2010-05-181-0/+2
| | | | Guenther
* work around AIX6.1 name space pollution rename mod_name to module_nameOlaf Flebbe2010-05-121-8/+8
|
* s3: only include gen_ndr headers where needed.Günther Deschner2010-05-062-0/+4
| | | | | | | | | | | | | | | | | This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
* s3/drs: DsCrackNames - Propagating IDL changes to source codeKamen Mazdrashki2010-03-101-2/+2
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3/drs: DsGetNCChanges - Propagating IDL changes to source codeKamen Mazdrashki2010-03-101-6/+6
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell2010-01-181-5/+5
| | | | | | | The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
* s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke2010-01-101-10/+5
|
* s3-kerberos: only use krb5 headers where required.Günther Deschner2009-11-271-0/+1
| | | | | | | This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther
* s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵Günther Deschner2009-11-263-0/+4
| | | | | | samba. Guenther
* s3-netlogon: pass down account name to remote password set functions.Günther Deschner2009-10-131-0/+1
| | | | Guenther
* Revert "s3: Attempt to fix machine password change"Volker Lendecke2009-10-051-4/+5
| | | | | | This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed.
* s3: Attempt to fix machine password changeVolker Lendecke2009-10-051-5/+4
|
* w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUNDKamen Mazdrashki2009-09-301-2/+2
| | | | | | | It turns out in win32 ERROR_DC_NOT_FOUND exists and it is an error for Device Context (DC), not Domain Controller Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
* w32err: use WERR_DC_NOT_FOUND name instead of WERR_DOMAIN_CONTROLLER_NOT_FOUNDKamen Mazdrashki2009-09-171-2/+2
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags.Günther Deschner2009-09-151-1/+1
| | | | Guenther
* s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel().Günther Deschner2009-09-111-1/+2
| | | | Guenther
* s3-account_policy: add pdb_policy_type enum.Günther Deschner2009-07-141-9/+14
| | | | Guenther
* Don't use ads realm name for non-ads case. #6481Jim McDonough2009-06-261-7/+9
| | | | Also check that the connection to ads worked.
* s3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads ↵Günther Deschner2009-06-221-1/+7
| | | | | | struct. Guenther
* Don't require "Modify property" perms to unjoin bug #6481)Jim McDonough2009-06-191-14/+35
| | | | | | | | | | | | | | | | | | "net ads leave" stopped working when "modify properties" permissions were not granted (meaning you had to be allowed to disable the account that you were about to delete). Libnetapi should not delete machine accounts, as this does not happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag really means "disable" (both in practice and docs). However, to keep the functionality in "net ads leave", we will still try to do the delete. If this fails, we try to do the disable. Additionally, it is possible in windows to not disable or delete the account, but just tell the local machine that it is no longer in the account. libnet can now do this as well.
* Move smb_create_user() in samsyncSimo Sorce2009-05-161-0/+60
| | | | | It is not used anywhere else, so make it also static and remove it from proto.h
* s3-libnetjoin: make acct_flags dependent on secure channel type.Günther Deschner2009-04-241-3/+12
| | | | Guenther
* s3-libnetjoin: add support for WKSSVC_JOIN_FLAGS_JOIN_UNSECURE.Günther Deschner2009-04-241-3/+59
| | | | Guenther
* Fix an uninitialized variableVolker Lendecke2009-04-231-0/+2
|
* s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED.Günther Deschner2009-04-211-5/+5
| | | | Guenther
* Remove smb_mkstemp() - libreplace will now provide a secure mkstemp() ifJelmer Vernooij2009-04-201-2/+2
| | | | the system one is broken.
* Merge commit 'origin/master' into libcli-auth-merge-without-netlogondAndrew Bartlett2009-04-201-1/+1
|\
| * Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+Jeremy Allison2009-04-151-1/+1
| | | | | | | | | | | | | | What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy.
* | Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key()Andrew Bartlett2009-04-201-1/+1
| |
* | Make Samba3 use the new common libcli/auth codeAndrew Bartlett2009-04-141-4/+4
| | | | | | | | | | This is particuarly in the netlogon client (but not server at this stage)
* | Use common samsync delta decryption functions in libnet_samsync.cAndrew Bartlett2009-04-141-157/+7
| | | | | | | | Andrew Bartlett
* | Adapt to common crypto functions: sam_pwd_hash() -> sam_rid_crypt()Andrew Bartlett2009-04-142-8/+10
| |
* | Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett2009-04-141-8/+9
| | | | | | | | | | | | | | | | | | | | | | This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
generated by cgit (git 2.34.1) at 2025-09-01 06:03:40 +0000