summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2008-07-25Make a new define to ensure the accoc_group_id we use is always in common.Andrew Bartlett1-2/+4
(This used to be commit b62490e3e21b606b66e0737a403b0d170b64cddd)
2008-07-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett24-290/+1140
(This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
2008-07-25Try to avoid a memory leak if we re-set the global schemaAndrew Bartlett1-0/+9
However, try also not to pull a schema out from under a running ldb session. Andrew Bartlett (This used to be commit 7cf9b9dd0bb35835a7c6e9897ea99951a33c63c7)
2008-07-25Complain if we are told to use an ldap backend, without the typeAndrew Bartlett1-0/+2
(This used to be commit e9c3c9ad8289ee48efa998ab6b486250dcd40b52)
2008-07-25Clarify how we are doing the 'this is a rootdse query' check.Andrew Bartlett1-1/+2
(This used to be commit 8dfba3160cc4bc518f3ad8570d104e5baae784ca)
2008-07-24hdb-ldb: fix the callers after drsblobs.idl changesStefan Metzmacher1-45/+30
metze (This used to be commit 1223cd17c79d130b46b0e0ccb0f6011c92441173)
2008-07-24password_hash: fix the callers after drsblobs.idl changesStefan Metzmacher1-33/+41
metze (This used to be commit fac7c79afae05a88ecc2a63c8eb9f2fd53ab7ce6)
2008-07-24drsblobs.idl: unify the Primary:Kerberos and Primary:Kerberos-Newer-Keys structsStefan Metzmacher1-29/+18
metze (This used to be commit 4b79a7678571ac2f7d5f827913fdcb419f5d2e20)
2008-07-24drsblobs.idl: give some unknowns a meaningStefan Metzmacher1-9/+11
metze (This used to be commit 231e6f5ab2dc8a3e991a9872be252cffff6f14c6)
2008-07-24Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell38-387/+1326
(This used to be commit 24309dbf4d9622fcfafa29ef98bc0459fdaa814b)
2008-07-24we can't query the ACL on a new file till it exists!Andrew Tridgell1-6/+6
(This used to be commit 4f6646f06988b1fb8be9e0c8ae833bb9792184af)
2008-07-24initialise query_maximal_access here tooAndrew Tridgell1-0/+1
(This used to be commit 4b3af09450cf33c6785a3d8fddddc68047f2e388)
2008-07-24make sure we initialise query_maximal_accessAndrew Tridgell1-0/+1
(This used to be commit 036f73d39a7ef882fd76afcd3c11eef483f6c308)
2008-07-24fixed spelling errorAndrew Tridgell1-1/+1
(This used to be commit 341f64834e13cdbc7d4742a4652ae39b70a4231f)
2008-07-24dsdb_create_prefix_mapping() implementation checks for existing prefix ↵Anatoliy Atanasov1-36/+257
maping in ldb. if one not found it creates a mapping for it and updates the prefixMap schema attribute in ldb. (This used to be commit bbe895db7144b192981fad9ab6bbd3ebacb8d299)
2008-07-24Handle schema reloading request.Anatoliy Atanasov4-4/+158
The ldif for that operation looks like this: dn: changetype: Modify add: schemaUpdateNow schemaUpdateNow: 1 It uses the rootdse's object functional attribute schemaUpdateNow. In rootdse_modify() this command is being recognized and it is send as extended operation with DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID. In the partition module its dispatched to the schema_fsmo module. The request is processed in the schema_fsmo module by schema_fsmo_extended(). (This used to be commit 39f9184ddf215f2b512319211c0a05702218ef87)
2008-07-24fixd a bug in the signal handling code - we could get phantom signalsAndrew Tridgell1-5/+5
(signum 64) (This used to be commit af7fb2e38ba27cf8058eb1cef1f96bbc7b19849f)
2008-07-23libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam2-1/+2
instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
2008-07-23libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 ↵Michael Adam1-10/+18
auth. This allows controlling whether krb5 auth is forced for the rpc bind in libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges only krb5 auth works due to a bug in Windows (it returns garbage - a positive object count is returned along with first object == NULL). For Windows 2008, on the other hand, krb5 auth does not work currently due to the lack of support for AES keys. (Metze is working on that.) Michael (This used to be commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3)
2008-07-23drsuapi: always set the pid field of the outgoing DsBindInfo to 0.Michael Adam3-8/+3
This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael (This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
2008-07-23libnet_unbecome_dc: teach unbecomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
..to work agains w2k8. Michael (This used to be commit 97e8d5813df19cae294b6de2a880606f0f8c2c59)
2008-07-23libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
To work with w2k8. Michael (This used to be commit 7d80fab912576923c7474d77b8ed960b01296914)
2008-07-23dsdb: teach dreplsrv_out_drsuapi_bind_recv() knowledge of DsBindInfo48.Michael Adam1-0/+9
To make it work against w2k8. Michael (This used to be commit a8aea9274170a2b472c45c97a4904bd299d2a92e)
2008-07-23password_hash: add generation of the Primary:Kerberos-Newer-Keys blobStefan Metzmacher1-3/+216
But it's still of by default until we now what triggers this generation. It could be that the value is always generated but the KDC only uses it when in a specific funtional level, but it could also be that it's only generated in a specific functional level. metze (This used to be commit 08618bbd508ede0bb9e1922fae562cffdca41cbd)
2008-07-23hdb-ldb: try to find Primary:Kerberos-Newer-Keys and fallback to ↵Stefan Metzmacher1-16/+114
Primary:Kerberos Now provide AES tickets if we find the keys in the supplementalCredentials attribute metze (This used to be commit 8300259f103f8cfe014988fad0f7ee0d49bb1ac2)
2008-07-23drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in ↵Stefan Metzmacher1-0/+37
supplementalCredentials metze (This used to be commit 97b7901afbccc9647ad2958d4cf12300de2655d1)
2008-07-23password_hash: order the supplementalCredentials Packages in the same order ↵Stefan Metzmacher1-13/+55
like windows metze (This used to be commit ca9cd81a1798fb15195566422b3cad7c282fce89)
2008-07-23password_hash: split the generation of krb5 keys into a different functionStefan Metzmacher1-92/+69
metze (This used to be commit 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a)
2008-07-23password_hash: simplify the logic if we have cleartext we always generate ↵Stefan Metzmacher1-2/+2
the hashes metze (This used to be commit 5edff84429ef0d03b47a438e18861d26c97e17b6)
2008-07-23password_hash: fix callers after idl change for package_PrimaryKerberosStefan Metzmacher1-7/+0
metze (This used to be commit 1bf552856f3a930c4716ceb73d9ba9adf7502d3d)
2008-07-23drsblobs.idl: fix unknowns in package_PrimaryKerberos idlStefan Metzmacher1-6/+8
metze (This used to be commit da9ceb2bf17f964334d9317829d40483e2c04b10)
2008-07-23hdb-ldb: check the SUPPLEMENTAL_CREDENTIALS_SIGNATUREStefan Metzmacher1-0/+6
metze (This used to be commit 7219740ef434091617c6bb727374251987ff2a62)
2008-07-23password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATUREStefan Metzmacher1-2/+11
metze (This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)
2008-07-23drsblobs.idl: fix idl for supplementalCredentialsSubBlobStefan Metzmacher1-3/+8
metze (This used to be commit 24c5b10136f6e640832193aaf9e6d7e865c288bc)
2008-07-23password_hash: ignore reserved value, but still set it like windows doesStefan Metzmacher1-8/+4
metze (This used to be commit 5b860572686167d0291161f6597f143e538e2f3a)
2008-07-23drsblobs.idl: rename unknown1 -> reservedStefan Metzmacher1-1/+1
metze (This used to be commit 9a70b2237d4fdd523edfbca0329ad35e71faf998)
2008-07-23password_hash: don't add zero padding as w2k8 also don't add itStefan Metzmacher1-10/+0
metze (This used to be commit 26e9169d454349795ad0bc64d7f65059541ab89e)
2008-07-23hdb-ldb: fix comment about paddingStefan Metzmacher1-1/+1
metze (This used to be commit ca28d05b11e602e0f98cda0e02f973562c199dc6)
2008-07-23hdb-ldb: fix crash bug in the error pathStefan Metzmacher1-0/+1
metze (This used to be commit ac02d6a0f765e3b66fb6796f129edb1a348ecd84)
2008-07-23RPC-DSSYNC: print 'supplementalCredentials' more verboselyStefan Metzmacher1-0/+10
metze (This used to be commit 6a7637b12e4a34915a53e81a0f47571da21fdc5a)
2008-07-23rpc_server: be more strict with the incoming assoc_group_idStefan Metzmacher1-12/+12
Allow 0 and 0x12345678 only. This fixes the RPC-HANDLES test. metze (This used to be commit c123e597cc84685abf2b0d3564e1a26d80bbef2f)
2008-07-23smbtorture: add a warning for unknown BindInfo length to the RPC-DSSYNC testMichael Adam1-0/+3
Michael (This used to be commit 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c)
2008-07-23smbtorture: add support for the DSBindInfo48 to the RPC-DSSYNC test.Michael Adam1-0/+9
Michael (This used to be commit 67a99e445871861945fd0a45784cffb358bdccf3)
2008-07-23libnet/become_dc: add a comment and explain why it's important to specify krb5Stefan Metzmacher1-0/+9
metze (This used to be commit 26d1f9366d8611af1a69095b4cede2d2c95c982d)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett2-0/+17
(This used to be commit ae311d89d2d477b235a6a9294a8bb463ed0a8c05)
2008-07-23The SMB session key must not be more than 16 bytes in SAMR (andAndrew Bartlett2-3/+22
presumably LSA). Tests show that Vista requires the sesion key to be truncated for a domain join. Andrew Bartlett (This used to be commit af629a3738298d27eb2dbecf466ceb503cec9638)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett10-57/+75
(This used to be commit 532ccbbe7aa360440f455dfa136f425b9996e998)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett8-20/+38
(This used to be commit a93b20b85b7b35965c428f1543cb7bbe96e16d42)
2008-07-23Remove the 'accoc_group_id' check in the RPC server.Andrew Bartlett1-0/+11
This check breaks more than it fixes, and while technically not correct, is the best solution we have at this time. Otherwise, SCHANNEL binds from WinXP fail. Andrew Bartlett (This used to be commit f8628fa330abcd50923d995d5bda1f4811582ea9)
2008-07-23Explain where some other OIDs are allocated.Andrew Bartlett1-0/+6
This is an odd place for an OID registry - we perhaps need a central wiki page. Andrew Bartlett (This used to be commit 1c909973977ae117703c1ccf7589acc4625e76e5)