samba.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	spoolss: add stubs for new JobNamedProperty dcerpc calls.	Günther Deschner	2013-01-07	1	-0/+37
\| \| \| \| \| \| \| \| \| \|	Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jan 7 19:06:25 CET 2013 on sn-devel-104
*	s4:drsuapi: try to behave more like windows for usn order (bug #9508)	Stefan Metzmacher	2013-01-01	1	-11/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	We don't behave completely like a Windows server, but it's much more identical than before. The partition head is always the first object followed by the rest sorted by uSNChanged. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jan 1 21:09:42 CET 2013 on sn-devel-104
*	s4:drsuapi: make use of LDB_TYPESAFE_QSORT() and pass getnc_state	Stefan Metzmacher	2013-01-01	1	-10/+14
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: make sure we report the meta data from the cycle start (bug #9508)	Stefan Metzmacher	2013-01-01	1	-9/+38
\| \| \| \| \| \| \| \| \| \| \|	We should build the final highwatermark and uptodatevector of a replication cycle at the start of the cycle. Before we search for the currently missing objects. Otherwise we risk that some objects get lost. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: check the source_dsa_invocation_id (bug #9508)	Stefan Metzmacher	2013-01-01	1	-0/+15
\| \| \| \| \| \| \| \|	The given highwatermark is only valid relative to the specified source_dsa_invocation_id. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: make sure we never return the same highwatermark twice in a ↵	Stefan Metzmacher	2013-01-01	1	-0/+36
\| \| \| \| \| \| \| \| \| \| \|	replication cycle (bug #9508) If the highwatermark given by the client is not the one we expect, we need to start a new replication cycle. Otherwise the destination dsa skips objects and linked attribute values. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: add drsuapi_DsReplicaHighWaterMark_cmp()	Stefan Metzmacher	2013-01-01	1	-0/+20
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: always use the current uptodateness_vector	Stefan Metzmacher	2013-01-01	1	-11/+9
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: avoid a ldb_dn_copy() and use talloc_move() instead	Stefan Metzmacher	2013-01-01	1	-3/+3
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: remove unused 'highest_usn' from drsuapi_getncchanges_state	Stefan Metzmacher	2013-01-01	1	-4/+0
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4:drsuapi: move struct drsuapi_getncchanges_state to the top of getncchanges.c	Stefan Metzmacher	2013-01-01	1	-17/+17
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	s4-rpc_server: use netlogon_creds_encrypt_samlogon().	Günther Deschner	2012-12-16	1	-34/+3
\| \| \| \| \| \| \| \| \| \|	Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Sun Dec 16 01:34:01 CET 2012 on sn-devel-104
*	s4-rpc_server: limit allowed transports for samr_ValidatePassword().	Günther Deschner	2012-12-12	1	-0/+5
\| \| \| \| \| \| \|	Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
*	s4:rpc_server/samr: do WRONG_PASSWORD checks after the complexity checks	Michael Adam	2012-12-11	1	-47/+65
\| \| \| \| \| \| \| \| \|	This matches the windows behavior. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
*	s4-rpc_server: support AES encryption in interactive and generic samlogon.	Günther Deschner	2012-12-09	1	-5/+23
\| \| \| \| \| \| \|	Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
*	s4-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.	Günther Deschner	2012-12-09	1	-1/+6
\| \| \| \| \| \| \|	Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
*	s3:build: move sessionid_tdb.o and conn_tdb.o to SMBD_OBJ_BASE	Gregor Beck	2012-10-19	1	-1/+1
\| \| \| \| \| \| \| \|	and use SMBD_OBJ_BASE for a couple of targets where sessionid_tdb and conn_tdb were used. Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
*	s4-rpc: dnsserver: Ignore DNS zones that are not used by RPC dnsserver	Amitay Isaacs	2012-10-09	1	-0/+4
\| \| \| \| \| \| \| \| \|	..TrustAnchors zone is not interpreted by RPC dnsserver code. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Tue Oct 9 03:21:07 CEST 2012 on sn-devel-104
*	drsuapi: Validate the input parameters for the drsuapi_UpdateRefs function	Matthieu Patou	2012-10-07	1	-0/+16
\|
*	drsuapi: check more carefully the validity of the NC	Matthieu Patou	2012-10-07	1	-4/+11
\| \| \| \| \|	Check that both the GUID and DN are the GUID/DN of a NC if not return WERR_DS_DRA_BAD_NC
*	s4-drs: fix the logic to allow REPL_SECRET if the account has GET_ALL_CHANGES	Matthieu Patou	2012-10-07	1	-0/+24
\|
*	s4-drs: EXOP_REPL_SECRETS can be called by RW DC as well	Matthieu Patou	2012-10-07	1	-7/+15
\|
*	drs-getncchanges: do not set the highestUsn to 0	Matthieu Patou	2012-10-07	1	-1/+0
\| \| \| \| \| \| \| \|	Paragraph 4.1.10.5 says that if err = 0 then msgOut.pNC := msgIn.pNC msgOut.usnvecFrom := msgIn.usnvecFrom so no need to set the highestUsn to 0
*	kcc: return invalid parameter if the taskId is not 0	Matthieu Patou	2012-10-07	1	-1/+3
\|
*	Implement the LIST_INFO_FOR_SERVER input format	Matthieu Patou	2012-10-07	1	-1/+2
\|
*	getdcinfo: Check that the server object has a serverreference objects ↵	Matthieu Patou	2012-10-07	1	-2/+4
\| \| \| \| \| \| \| \|	pointing to a DC object The problem was found by the DRSR testsuite where server objects were created in the Site container without serverrefrence attribute triggering error in the testsuite.
*	netlogon: Per MS-NRPC, don't send unknown workstation flags back to the	Jelmer Vernooij	2012-09-26	1	-1/+2
\| \| \| \|	client.
*	s4:rpc_server/drsuapi: use talloc_zero instead of talloc() in ↵	Stefan Metzmacher	2012-09-25	1	-1/+1
\| \| \| \| \| \| \| \| \|	dcesrv_drsuapi_DsBind() metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 25 03:06:13 CEST 2012 on sn-devel-104
*	s4:rpc_server/drsuapi: fix a crash in ↵	Stefan Metzmacher	2012-09-25	1	-6/+6
\| \| \| \| \| \|	dcesrv_drsuapi_DsGetDomainControllerInfo_1() metze
*	s4-repl: Use samdb_reference_dn_is_our_ntdsa()	Andrew Bartlett	2012-08-14	1	-15/+13
\|
*	s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dn	Andrew Bartlett	2012-08-14	2	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
*	build: rename security → samba-security	Björn Jacke	2012-08-10	1	-2/+2
\| \| \| \| \| \| \| \| \|	there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
*	lib/param: Remove "ntptr providor" and hard-code in s4 spoolss server	Andrew Bartlett	2012-07-24	1	-1/+1
\| \| \| \| \| \| \| \|	This stub codebase does not justify a merged parameter. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
*	s4:rpc_server/netlogon: add support for AES based netlogon schannel	Stefan Metzmacher	2012-07-17	1	-0/+4
\| \| \| \| \| \|	metze Signed-off-by: Günther Deschner <gd@samba.org>
*	s4:rpc_server/netlogon: only return STRONG_KEYS if the client asked for it	Stefan Metzmacher	2012-07-17	1	-26/+31
\| \| \| \| \| \|	metze Signed-off-by: Günther Deschner <gd@samba.org>
*	s4:rpc_server/netlogon: implement netr_LogonGetCapabilities	Stefan Metzmacher	2012-07-17	1	-2/+20
\| \| \| \| \| \| \| \|	This is also needed to support AES. metze Signed-off-by: Günther Deschner <gd@samba.org>
*	s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for tcp	Andreas Schneider	2012-07-06	1	-0/+10
\| \| \| \| \|	Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 6 11:50:40 CEST 2012 on sn-devel-104
*	s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for np	Andreas Schneider	2012-07-06	3	-0/+45
\|
*	s4-lsarpc: Restrict LookupSids3 to crypto connections only.	Andreas Schneider	2012-07-06	1	-0/+10
\|
*	s4-lsarpc: Restrict LookupNames4 to crypto connections only.	Andreas Schneider	2012-07-06	1	-0/+10
\|
*	s4-lsarpc: Don't call lsa_OpenPolicy2 in lsa_LookupSids3.	Andreas Schneider	2012-07-06	1	-46/+48
\|
*	s4-lsaprc: Don't call lsa_OpenPolicy2 in lsa_LookupNames4.	Andreas Schneider	2012-07-06	1	-49/+53
\|
*	lib/param: Create a seperate server role for "active directory domain ↵	Andrew Bartlett	2012-06-15	4	-8/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
*	Revert "waf-mitkrb5: enable dcerpc_server library to support OpenChange ↵	Alexander Bokovoy	2012-06-01	1	-37/+20
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	client code" This reverts commit f8c447b1a48eaf12dcf70b92fd7525c4ad26c246. After discussing with Julien (Openchange) and Metze, I decided to revert this code. Instead I made a patch to Openchange which allows to build client side only. Openchange server code requires working s4 member DC and --without-ad-dc build does not provide working provisioning even if we enable dcerpc_server and end point mapper. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Fri Jun 1 16:46:08 CEST 2012 on sn-devel-104
*	waf-mitkrb5: enable dcerpc_server library to support OpenChange client code	Alexander Bokovoy	2012-06-01	1	-20/+37
\| \| \| \|	Signed-off-by: Andreas Schneider <asn@samba.org>
*	Introduce system MIT krb5 build with --with-system-mitkrb5 option.	Alexander Bokovoy	2012-05-23	2	-12/+60
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
*	auth and s4-rpc_server: Do not use features we currently can't implement ↵	Simo Sorce	2012-05-23	1	-0/+6
\| \| \| \|	with MIT Kerbros build
*	Fix direct access to krb5_principal structure	Simo Sorce	2012-05-04	1	-2/+4
\|
*	Move kdc_get_policy helper in the lsa server where it belongs.	Simo Sorce	2012-04-20	2	-2/+26
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This was used in only 2 places, db-glue.c and the lsa server. In db-glue.c it is awkward though, as it forces to use an unconvenient lsa structure and conversions from time_t to nt_time only to have nt_times converted back to time_t for actual use. This is silly. Also the kdc-policy file was a single funciton library, that's just ridiculous. The loadparm helper is all we need to keep the values consistent, and if we ever end up doing something with group policies we will care about it when it's the time. the code would have to change quite a lot anyway. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Fri Apr 20 01:53:37 CEST 2012 on sn-devel-104
*	s4-rpc: dnsserver: Fix IPv6 reverse zone handling	Amitay Isaacs	2012-03-21	1	-0/+7
\| \| \| \|	Thanks to Marcel Ritter <marcel.ritter@rrze.fau.de> for the patch.