summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-04-27s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2()Stefan Metzmacher1-5/+9
metze
2010-04-27s4:rpc_server: remember the local and remote addressStefan Metzmacher3-0/+18
metze
2010-04-27s4:service_named_pipe: use the passed client and server addressesStefan Metzmacher1-1/+38
This gives the rpc server code the correct client and server ip addresses for ncacn_np. metze
2010-04-27s4:cldap_server: allow src_address = NULL in fill_netlogon_samlogon_response()Stefan Metzmacher1-2/+10
If we don't have the client address, we assume it's a local call, maybe ncalrpc. metze
2010-04-27s4:dsdb/common: if we don't have the ip of the client return the server site ↵Stefan Metzmacher1-0/+8
as client site metze
2010-04-27lib/tsocket: add tsocket_address_is_unix() functionStefan Metzmacher2-0/+29
metze
2010-04-27lib/tsocket: add tsocket_address_is_inet() functionStefan Metzmacher2-0/+54
metze
2010-04-27s4-test: make spnupdate work without make installAndrew Tridgell1-0/+1
thanks to metze for noticing this
2010-04-27s4-provision: setup spn_update_list in provisionAndrew Tridgell1-1/+5
2010-04-27s4-dns: install samba_spnupdateAndrew Tridgell2-2/+2
2010-04-27s4-dns: call spn update command alongside dns updateAndrew Tridgell1-0/+46
call samba_spnupdate at the same time as samba_spnupdate
2010-04-27s4-param: added a "spn update command" optionAndrew Tridgell2-0/+5
used by SPN update code
2010-04-27s4-dsdb: added samba_spnupdateAndrew Tridgell2-0/+164
this script adds all our required servicePrincipalName entries at runtime. The admin can add more entries to spn_update_list as needed
2010-04-27s4-dns: explain what the file is forAndrew Tridgell1-0/+2
2010-04-27s4-dns: cope better with comments in dns_update_listAndrew Tridgell1-7/+4
2010-04-27s4:gensec Use a different form of 'name' in GSSAPI import_name()Andrew Bartlett1-3/+3
The idea here is to make it not dependent on the system's default realm. Andrew Bartlett
2010-04-27Simple fix to prevent crash for non-pac principalsMarcel Ritter1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4:kerberos Give a better error message than "Could not allocate memory"Andrew Bartlett1-3/+3
Andrew Bartlett
2010-04-27s4:kcc_periodic.c - fix counter typesMatthias Dieter Wallnöfer1-1/+1
We are counting LDB objects here -> therefore "unsigned"
2010-04-27s4:wb_cmd_getdcname.c - fix s4 winbind up regarding the new correct ↵Matthias Dieter Wallnöfer1-0/+5
"GetAnyDCName" behaviour We get back "NO_SUCH_DOMAIN" when we query the PDC. This is fine and therefore we use the "logon_server" variable as "dcname".
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+98
client site information This behaviour should be similar to the one of Windows Server (in my case 2008)
2010-04-27Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly ↵Matthias Dieter Wallnöfer1-93/+16
with the client site information" This reverts commit 908d982980846257b65ab576d31131e8793e9399. I need to merge the improved version of this commit.
2010-04-27Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch"Matthias Dieter Wallnöfer1-0/+6
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6. This isn't the correct behaviour. See MS-NRPC documentation under the "GetAnyDCName" section.
2010-04-27s4-libnet: cope with an empty client site name from CLDAPAndrew Tridgell1-0/+5
We fall back to the server site name in a vampire Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patchAndrew Tridgell1-6/+0
We should respond when we are the PDC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4:knownfail - remove tests which should passMatthias Dieter Wallnöfer1-4/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:netlogon RPC server - we don't need "are we DC" proofsMatthias Dieter Wallnöfer1-8/+0
When we aren't a DC we shouldn't have the netlogon pipe available. [MS-NRPC 1.3] says that we can only have DCs on the server side. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:torture - DsRGetDcSiteCoverageW - adapt test to check for the sitenameMatthias Dieter Wallnöfer1-0/+24
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementationMatthias Dieter Wallnöfer1-1/+23
Does for now only return DC's primary site. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:torture - DsRGetSiteName - move "skip" statement before the ↵Matthias Dieter Wallnöfer1-3/+3
"computer_name" check We don't support the check for the computer name on the RPC server side. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the ↵Matthias Dieter Wallnöfer1-1/+13
MS-NRPC docs Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:torture - GetAnyDCName - adaptionsMatthias Dieter Wallnöfer1-2/+23
- Check for the various domainname set modes (on NULL and "" the domain should be the default domain on the server) - support return value "WERR_NO_SUCH_DOMAIN" (the server is the PDC of the domain) Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵Matthias Dieter Wallnöfer1-7/+55
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:torture - DsRAddressesToSitenames - enhance the testsuiteMatthias Dieter Wallnöfer1-24/+264
This shows the Windows behaviour of these two calls which we should match. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+93
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:CLDAP server - make use of the new "samdb_client_site_name" callMatthias Dieter Wallnöfer1-2/+3
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:util - add a function which finds the matching client site using the ↵Matthias Dieter Wallnöfer1-0/+90
client address The lookup of the client site is done using the subnets in the configuration partition. If no one matches we use the Windows Server fallback mechansim. This means: if only one site is available just use it. If they're more set the output variable to "". Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4-drsdevel: support sites in drs developer scriptsAndrew Tridgell3-3/+7
2010-04-27s4-vampire: show main CLDAP response attributes during vampireAndrew Tridgell1-0/+4
2010-04-27s4-repl: added a workaround for WERR_DS_DRA_NO_REPLICA DsReplicaSync errorsAndrew Tridgell2-2/+19
The 0xc0002104/WERR_DS_DRA_NO_REPLICA seems to be spurious, and can be avoided by setting DRSUAPI_DRS_SYNC_ALL in the DsReplicaSync request. We need to investigate this further, and find out from MS why this is sometimes being sent, even when the target DC has the right repsFrom entries
2010-04-26Correctly report share types (now Win7 makes RPC calls against us).Jeremy Allison1-1/+7
Jeremy.
2010-04-26Plumb in get_nt_acl into SMB2.Jeremy Allison3-46/+174
Jeremy.
2010-04-27s4-dns: fixed dc.dc duplication in DNS update listAndrew Tridgell1-2/+2
2010-04-27s4-drs: add entries to repsTo based on calculated repsFromAndrew Tridgell1-2/+30
This is based on the documentation: "the KCC will automatically create the Reps-To attributes on destination DSAs based on other DSAs Reps-From entries."
2010-04-27s4-drepl: don't setup a repsFrom from a DC that isn't a master for a NCAndrew Tridgell1-5/+50
use hasMasterNCs to see what NCs we should be pulling from each DC
2010-04-27s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPNAndrew Tridgell1-1/+3
this is an alternative way of establishing repsTo
2010-04-27s4-repl: these messages are common, and don't deserve debug level 1Andrew Tridgell1-2/+2
getting older attributes is quite common
2010-04-27s4-repl: on a failed request, clear the current ptrAndrew Tridgell1-0/+1
this prevents the queue being stuck on failure
2010-04-27s4-repl: end repl request when not doing an UpdateRefsAndrew Tridgell1-0/+2
otherwise the queue is stuck forever
2010-04-27s4-repl: don't delete repsTo entry on DsReplicaSyncAndrew Tridgell1-46/+12
we rely on the highestUSN counters instead. W2K8 does not resend DsUpdateRefs each time, and the WSPP docs do not indicate that repsTo should be deleted