summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-03-04s4:operational LDB - implement the "tokenGroups" constructed attributeMatthias Dieter Wallnöfer2-1/+96
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
2010-03-04s4:sam.c - make "authsam_expand_nested_groups" publicMatthias Dieter Wallnöfer2-1/+7
This is needed by the "tokenGroups" work in the operational LDB module.
2010-03-04s4:sam.c - cosmetic indentation fixMatthias Dieter Wallnöfer1-2/+1
2010-03-04s4:sam.c - change variable types to unsigned in "sids_contains_sid"Matthias Dieter Wallnöfer1-3/+4
Should also be unsigned - no need for a signed "i" and "num_sids" here.
2010-03-04s4:operational LDB module - use right memory context int ↵Matthias Dieter Wallnöfer1-2/+2
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
2010-03-04Revert "s3:configure: add --enable-as-needed"Karolin Seeger1-8/+2
This reverts commit 22d316926b9589608d332143c1fa134229b75b3c. Please see bug #7209 for details.
2010-03-04Refactored ACL python testsNadezhda Ivanova1-441/+256
Made each type into a separate class to be easily run individually, removed code duplication
2010-03-04s3:configure: add --enable-as-neededStefan Metzmacher1-2/+8
On some broken systems like RHEL5, we need to be able to disable --as-needed. metze
2010-03-04s4:provision - use the new "interface_ips" python call to detect the right ↵Matthias Dieter Wallnöfer1-8/+8
host IPv4 address Inform the user when there are more possibilities (so he can check for the right address and otherwise he is able to do an immediate reprovision) and no possibility at all (then we fall back to the loopback address "127.0.0.1" - this is thought for testing purposes). I think this should be enough for closing bug #5484.
2010-03-04s4:ldif_handlers - Use "unsigned int" for counting purposesMatthias Dieter Wallnöfer1-4/+4
I changed "uint32_t" to "unsigned int" since the LDB specification prescrives "unsigned (int)" for counter variables (number of attributes, number of values...).
2010-03-04testprogs: add test_PrinterDataW.Günther Deschner1-0/+81
Guenther
2010-03-04testprogs: use dump_data in dump_printer_data.Günther Deschner1-12/+4
Guenther
2010-03-04testprogs: add print_printer_dataw and dump_data to printlib.Günther Deschner2-11/+94
Guenther
2010-03-04testprogs: add some multibyte versions of PrinterData calls.Günther Deschner1-0/+130
Guenther
2010-03-06s3: Rerun genmsg after adding more strings.Bo Yang20-799/+8390
Signed-off-by: Bo Yang <boyang@samba.org>
2010-03-06s3: Add i18n/l10n strings in pam_winbind.c coming from winbindd.Bo Yang2-92/+96
Signed-off-by: Bo Yang <boyang@samba.org>
2010-03-03s4:samdb.c - Make it signed-safeMatthias Dieter Wallnöfer1-2/+2
Use an unsigned argument for the numbers of groups and the counter "i" since the function is called only by "auth_generate_session_info" with an unsigned number of groups argument.
2010-03-03s4:srvsvc RPC - "srvsvc_create_ntvfs_connect"Matthias Dieter Wallnöfer1-1/+1
Previous commit was incomplete. The "service" parameter in the "tcon" structure should point to "scfg->name". I'm not sure if "share" is right but the first was used before commit f390daef475126b4ff5a3d0ffd2babbd87d4c22b.
2010-03-03s4:srvsvc RPC - fix up the "ntvfs_connect" in "srvsvc_create_ntvfs_connect"Matthias Dieter Wallnöfer1-3/+5
This should be the right fix (set the service name in the tcon union to the share name/path). That should be the solution for bug #6784.
2010-03-03s4:torture/rpc/samr - Fix up SAMR-USERS testMatthias Dieter Wallnöfer1-10/+22
"QueryDomainInfo" returns only global groups, "QueryDisplayInfo" also universal ones. Consider MS-SAMR 3.1.5.5.1.1 and 3.1.5.3.1.
2010-03-03s4:torture/rpc/samr - enhance the "EnumDomainGroups" test regarding ↵Matthias Dieter Wallnöfer1-0/+15
universal groups Find the "Enterprise Admins" group which does exist on s4 and Windows directories and is always per default universal. Test this only when the target is set to s4 (s3 deployments don't contain this group). If the number of returned objects is "0" (count) then we are likely testing the builtin domain of an AD deployment.Then we ignore the inexistent "Enterprise Admins" group. I didn't enhance the test for "QueryDomainInfo" since this does itself a comparison of all returned objects with the "EnumDomainGroups" call. Therefore if the latter passes, and the "QueryDomainInfo" test passes also the "QueryDomainInfo" call is okay regarding groups.
2010-03-03s4:dcesrv_samr - Also "OpenGroup" needs to support universal groupsMatthias Dieter Wallnöfer1-2/+3
2010-03-03s4:dcesrv_samr - Fix up "EnumDomainGroups" and "QueryDisplayInfo" callsMatthias Dieter Wallnöfer1-3/+6
We need to look for both global and universal group types when querying them. Found by ekacnet (http://lists.samba.org/archive/samba-technical/2010-March/069777.html).
2010-03-03Fix typo in comments.Karolin Seeger6-10/+10
2010-03-03testprogs: fix boolean return code of test_PrinterData.Günther Deschner1-8/+12
Guenther
2010-03-03dns: make dns update script use unbuffered IOAndrew Tridgell1-0/+4
Otherwise we can lose debug output when a timeout happens
2010-03-03s4-posix: allow change ownership of files if the user has the right privilegesAndrew Tridgell1-2/+21
When a user has SEC_PRIV_TAKE_OWNERSHIP or SEC_PRIV_RESTORE they have permission to change the ownership of a file. This should fix bug 6987 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-03-03s4-build: fix SMB_LIBRARY and change its name so it didn't collide with s3 oneMatthieu Patou2-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03s3: Fix build file due to file move. Use the new path of iniparserMatthieu Patou2-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03s3: Move source3/iniparser to lib/iniparser to allow sharing between s3/s4Matthieu Patou26-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03s3: Allow pam_winbind.c to build without localedir.cMatthieu Patou1-1/+8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03nsswitch: libpam remove depedance on locale.h use directly LOCALEDIRMatthieu Patou2-2/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03s4-winrepl: Migrated the wins replication server to tsocket.Andreas Schneider4-141/+314
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-03s3:net: add a command "net registry setsd_sdd"Michael Adam1-0/+88
This permits to set the security descriptor of a registry key from the unix command line. Michael
2010-03-03s3:net: fix some i18n messages in net_registry_getsd_internal().Michael Adam1-2/+3
Michael
2010-03-03s3:net: add i18n macro _() to one messageMichael Adam1-1/+1
Michael
2010-03-03s3:net: add new subcommand "net registry getsd_sddl" to print secdesc in ↵Michael Adam1-0/+40
sddl format Michael
2010-03-03s3:net: refactor getting of secdesc out of net_registry_getsd()Michael Adam1-14/+42
New net_registry_getsd_internal does the work(), net_registry_getsd() just prints the result. This in preparation to add support for other output formats than the currently used display_sec_desc(). Michael
2010-03-03s3:smbcacls: add switch "--sddl" to output acls as sddl encoded stringsMichael Adam1-1/+9
2010-03-03s3: build sddl.c in samba3Michael Adam2-0/+2
2010-03-03libcli/security: fix sddl.c to be able to build it from source3Michael Adam1-1/+1
2010-03-03s4:move the sddl code down to the top levelMichael Adam5-2/+35
Michael
2010-03-03s4/ildap: fine tune ildb_callback()Kamen Mazdrashki1-3/+3
Actually ildb_context pointer is not supposed to be valid after calling ildb_request_done(). This is due to the fact that when calling ildb_request_done() caller will (most probably) free any locally built ldap_request objects - thus rendering ildb_context invalid. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-03-02s3: net_share.c: fix argc handlingHolger Hetterich1-6/+3
The "net share" command was no longer possible because it enters the net_share function with argc == 0.
2010-03-02s4-smbtorture: fix WINBIND-STRUCT assumptions about getpwent() for s3.Günther Deschner1-5/+16
In samba3 it is not an error when no users are returned in getpwent() calls (e.g. on a DC w/o interdomain trusts). Kai, please check. Guenther
2010-03-02s3:ads fix dn parsing name was always nullSimo Sorce1-19/+16
While there also use ldap_exploded_dn instead of ldb_dn_validate() so we can remove a huge dependency that is hanging there only for one very minor marginal use. Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-02testprogs: make sure to do the same tests as in smbtorture in ↵Günther Deschner3-23/+58
test_PrinterData(). Guenther
2010-03-02testprogs: fix REG_SZ in print_printer_data.Günther Deschner1-2/+10
Guenther
2010-03-02LDB:NSS - make LDB "signed-safe" on counter variablesMatthias Dieter Wallnöfer1-2/+2
"i" needs to be unsigned on both places since it counts till a "count" variable of a "struct ldb_result" object which itself is unsigned. I see counting variables much better as "unsigned" since in most cases we don't use negative values at all. We've only to be careful on binary searches and downto counts regarding them.
2010-03-02s4:echo RPC - make this one "signed-safe"Matthias Dieter Wallnöfer1-1/+1
"i" needs to be unsigned here since it counts until "r->in.len" which itself is unsigned and not signed.
generated by cgit (git 2.34.1) at 2024-11-01 00:31:58 +0000