summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-09-08s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.Günther Deschner2-2/+2
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56 byte). We should just ignore the remaining 12 zeroed bytes and proceed. Guenther
2009-09-08s4:setpassword script - Passwords set by this script are set by the ↵Matthias Dieter Wallnöfer1-1/+1
administrator not the user
2009-09-08s4:provision - Cosmetic: Indent the parameters betterMatthias Dieter Wallnöfer1-36/+60
2009-09-07s4:templates - Remove the latest relics (in "dcesrv_lsa_CreateSecret")Matthias Dieter Wallnöfer2-114/+0
2009-09-07s4:wmic - Output enhancementsDmitry Karasik1-58/+105
Outputs shouldn't clash with metadata characters (|,()), special characters should be escaped, "NULL" values should be reported as "(null)" string. For the full explaination look at bug #6076.
2009-09-07Add read() to socketwrapper. Metze please check.Jeremy Allison3-2/+39
Jeremy.
2009-09-08s4: commit generated DRS changesAndrew Tridgell5-4/+274
2009-09-08s4: added the structure for repsToAndrew Tridgell1-0/+32
This structure is stored in NDR format in the repsTo attribute of each partition. It is updated by the DSUpdateRefs DSRUAPI call
2009-09-08s4: fixed updaterefs options bitmapAndrew Tridgell2-3/+4
2009-09-08s4: implemented server side of DSUpdateRefs callAndrew Tridgell5-11/+340
This call is made by DCs to tell us we should notify them of directory changes
2009-09-08s4/ldb: fixed spellingAndrew Tridgell1-2/+2
2009-09-08s4: 'index' is a libc functionAndrew Tridgell1-2/+2
2009-09-08s4: fixed a unsigned printf warningsAndrew Tridgell1-3/+3
2009-09-08s4: removed an unused variableAndrew Tridgell1-2/+0
2009-09-08s4: fixed some shadowed variable warningsAndrew Tridgell3-9/+9
2009-09-08Fill the meta data vector in the responce struct.Anatoliy Atanasov1-4/+32
2009-09-08s4:selftest Fix 'make testenv-gdb' and 'make valgrindtest' etcAndrew Bartlett1-28/+22
The problem here was that tridge's changes to ensure that test results were always propogated didn't merge well with the addition of extra environment variables for the 'make valgrindtest' and similar environments. By splitting out the macro further, we keep the build farm reporting accurate, but allow these other test modes to work. Andrew Bartlett
2009-09-07s4:tests/iconv - Fix a warningMatthias Dieter Wallnöfer1-1/+2
2009-09-07s4:pwsettings: Correct off by factor of 10 for ticks.Andrew Kroeger1-4/+4
The tick conversion math was off by a factor of 10 due to the incorrect usage of the "e" notation. The expression "XeY" means "X * (10^Y)", so the correct expression is 1e7 to get the correct adjustment for ticks.
2009-09-07gitignore: Ignore additional auto-generated files.Andrew Kroeger1-0/+4
2009-09-07s4: Let the "setpassword" script finally use the "samdb_set_password" routineMatthias Dieter Wallnöfer2-9/+70
The "setpassword" script should use the "samdb_set_password" call to change the NT user password. Windows Server tests show that "userPassword" is not the right place to save the NT password and does not inherit the password complexity.
2009-09-07s4:dsdb: correctly implement _dsdb_syntax_OID_oid_ldb_to_drsuapi()Stefan Metzmacher1-1/+31
Here we just need to map the oid string in the ldb value to the ATTRTYP id. metze
2009-09-07lib/tdr: fix the build with --enable-automatic-dependenciesStefan Metzmacher1-1/+1
metze
2009-09-07s4:LogonGetDomainInfo - add a basic check for the hostnameMatthias Dieter Wallnöfer1-2/+17
This check is specified in Windows Server after release 2003. The parameter "hostname" should match as prefix of the dns hostname given as parameter in the "workstation" structure.
2009-09-07tdb: fix c++ build warning.Günther Deschner1-2/+2
Guenther
2009-09-07s4: Fix "Small memory leak after calling several times lp_update"Inra2-37/+20
Should fix bug #6660.
2009-09-07s4: Exceptions in "provision.py"Michael Ströder1-11/+15
This looks much nicer than "normal" string exceptions - and fits better in the OO programming style.
2009-09-07s4:simple_ldap_map - "primaryGroupId"Matthias Dieter Wallnöfer1-4/+15
Previous patch was incomplete regarding the "primaryGroupId" attribute. Complete it.
2009-09-07s4:samldb - Fix typoMatthias Dieter Wallnöfer1-1/+1
2009-09-07s4:Foreign security principals - Fix them upMatthias Dieter Wallnöfer3-19/+31
I fixed them up to match with Windows Server 2003. I don't think that the creation of them in the provision script is needed so I put them in the "provision_users.ldif" file.
2009-09-07s4:subtree delete module - Cosmetic adaptionsMatthias Dieter Wallnöfer1-11/+16
2009-09-07s4:ldap.py - Adds a test for the primary group behaviourMatthias Dieter Wallnöfer1-12/+132
This passes the Windows Server behaviour. Also SAMBA 4 should match it. Also some small enhancement.
2009-09-07s4:provision - Change the module order to match Windows ServerMatthias Dieter Wallnöfer1-1/+1
Tests show that Windows Server seems to do the access checks on the very last moment.
2009-09-07s4:sam - Implement also here the right primary group behaviourMatthias Dieter Wallnöfer1-46/+71
We have not only to expand the additional groups but *also* the primary group to gain all rights of a user account. Also, remove an unneeded context (tmp_ctx) and "talloc_steal".
2009-09-07s4:samr - Fix up the SAMR server to support the primary group of a user in ↵Matthias Dieter Wallnöfer1-128/+189
the right way When doing some tests with the NT User Manager for Domains on s4 I noticed that the handling of the primary group for a user wasn't correct. So I fixed this. Also some cosmetic changes (tab indent corrections).
2009-09-07s4:samldb - Major reworkMatthias Dieter Wallnöfer4-328/+1000
This fixes up the change of the primary group of a user when using the ADUC console: - When the "primaryGroupId" attribute changes, we have to delete the "member"/"memberOf" attribute reference of the new primary group and add one for the old primary group. - Deny deletion of primary groups according to Windows Server (so we cannot have invalid "primaryGroupID" attributes in our AD). - We cannot add a primary group directly before it isn't a secondary one of a user account. - We cannot add a secondary reference ("member" attribute) when the group has been chosen as primary one. This also removes the LDB templates which are basically overhead now. This should also fix bug #6599.
2009-09-07s4:provision - Add a new delete function only for users and computersMatthias Dieter Wallnöfer1-0/+25
We need this new function to delete users and computers before other objects on reprovisioning. Otherwise primary groups could be deleted before user/computer accounts (which isn't allowed anymore by the reworked "samldb" module).
2009-09-07s4:provision - Change the "provision_users.ldif" file to support the ↵Matthias Dieter Wallnöfer1-26/+35
"samldb" changes The "provision_users.ldif" file needs some rework to pass against the changed and improved "samldb" module (see next commit).
2009-09-06Fix bug 6673 - smbpasswd does not work with "unix password sync = yes".Jeremy Allison5-22/+30
Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed from sys_read() to sys_recv(). read_socket_with_timeout() is called with non-fd's (with a pty in chgpasswd.c and with a disk file in lib/dbwrap_file.c via read_data()). recv works for the disk file, but not the pty. Change the name of read_socket_with_timeout() to read_fd_with_timeout() to make this clear (and add comments). Jeremy.
2009-09-07s4:setup_dns.sh fixed the update of the GUID CNAMEAndrew Tridgell1-8/+14
2009-09-07s4:nsupdate-gss allow forcing of the realmAndrew Tridgell1-35/+37
this is needed for the _msdcs zone
2009-09-07s4:setup: Remove display_specifiers.ldif.Andrew Kroeger1-482/+0
This file is no longer needed as the DisplaySpecifiers are now generated from files provided by Microsoft.
2009-09-07s4:setup: Updated comment to reflect new DisplaySpecifiers location.Andrew Kroeger1-1/+3
2009-09-07s4:setup: Use ms_display_specifiers script for provision.Andrew Kroeger1-2/+5
Changed the provisioning to use the new script to parse the Microsoft-provided DisplaySpecifiers LDIF file.
2009-09-07s4:setup: Added script to parse Microsoft DisplaySpecifiers document.Andrew Kroeger1-0/+189
Created this script based on the existing ms_schema.py script. - Removed some unnecessary transformations that are only necessary for schema processing. - Added capability to parse and properly output base64-encoded values. - Removed unnecessary attributes based on what attributes were present (and also what were explicitly removed) from display_specifiers.ldif.
2009-09-07s4:setup: Change license headers to LDIF comments.Andrew Kroeger5-86/+146
The original license headers provided by Microsoft cannot be parsed as valid LDIF. Changed the license headers to be valid LDIF comments, and added a new header section detailing the exact changes that were made to the original document. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-07s4:setup Add DisplaySpecifiers from Microsoft.Andrew Bartlett5-0/+148158
Like the schema, these are provided under the licence at the head of the file, which is not the GPL, but allows us to distribute them with Samba. Andrew Bartlett
2009-09-07s4: bring nsupdate-gss into the s4 treeAndrew Tridgell2-0/+379
This is a perl script that does TSIG-GSS DNS updates against a AD DC. The bind 9.5 nsupdate still doesn't seem to work with TSIG-GSS, and we need a way to do DNS updates when we vampire a domain, so I revived this ancient perl script and added a wrapper script that can update DNS entries using our machine account credentials
2009-09-07s4: fixed the secrets.ldb construction in libnetAndrew Tridgell1-8/+8
on a vampire join we were not putting the right attributes and objectclass on the secrets.ldb record
2009-09-07s4: the secrets.ldb module needs the loadparm opaque setupAndrew Tridgell1-0/+7