Merge passdb from HEAD -> 3.0

The work here includes:
 - metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.

 - volker's group mapping in passdb patch

 - volker's samsync stuff
 - volkers SAMR changes.

 - mezte's connection caching patch

 - my recent changes (fix magic root check, ldap ssl)

Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)

1 files changed, 13 insertions, 3 deletions

diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index ddf51fcf0b..08ed28e80a 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -6061,11 +6061,21 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
 	usr->user_rid  = user_rid;
 	usr->group_rid = group_rid;
 	usr->acb_info  = pdb_get_acct_ctrl(pw);
-	usr->unknown_3 = pdb_get_unknown3(pw);
+
+	/*
+	  Look at a user on a real NT4 PDC with usrmgr, press
+	  'ok'. Then you will see that unknown_3 is set to
+	  0x08f827fa. Look at the user immediately after that again,
+	  and you will see that 0x00fffff is returned. This solves
+	  the problem that you get access denied after having looked
+	  at the user.
+	  -- Volker
+	*/
+	usr->unknown_3 = 0x00ffffff;
 
 	usr->logon_divs = pdb_get_logon_divs(pw); 
 	usr->ptr_logon_hrs = pdb_get_hours(pw) ? 1 : 0;
-	usr->unknown_5 = pdb_get_unknown5(pw); /* 0x0002 0000 */
+	usr->unknown_5 = pdb_get_unknown_5(pw); /* 0x0002 0000 */
 
 	if (pdb_get_pass_must_change_time(pw) == 0) {
 		usr->passmustchange=PASS_MUST_CHANGE_AT_NEXT_LOGON;
@@ -6088,7 +6098,7 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
 	init_unistr2(&usr->uni_unknown_str, NULL, len_unknown_str);
 	init_unistr2(&usr->uni_munged_dial, munged_dial, len_munged_dial);
 
-	usr->unknown_6 = pdb_get_unknown6(pw);
+	usr->unknown_6 = pdb_get_unknown_6(pw);
 	usr->padding4 = 0;
 
 	if (pdb_get_hours(pw)) {