Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-22 | s3-winbindd: Fix Bug #6711: trusts to windows 2008 (2008 r2) not working. | Günther Deschner | 3 | -5/+63 | |
Winbindd should always try to use LSA via an schannel authenticated ncacn_ip_tcp connection when talking to AD for LSA lookup calls. In Samba <-> W2k8 interdomain trust scenarios, LookupSids3 and LookupNames4 via an schannel ncacn_ip_tcp LSA connection are the *only* options to successfully resolve sids and names. Guenther | |||||
2009-09-22 | s3-winbindd: add cm_connect_lsa_tcp(). | Günther Deschner | 3 | -0/+63 | |
Guenther | |||||
2009-09-22 | lib/tevent: a cleaner fix for be4ac227842530d484659f2db683453366326d8b segv | Rusty Russell | 1 | -7/+1 | |
Revert 23abcd2318c69753aa2a144e1dc0f9cf9efdb705 and fix logic bug. The current code loops through the event contexts, when it sees a different one, it notifies the current one (ev) and updates ev to point to the new one. This is dumb, because: (1) ev starts as NULL, so this code crashes, and (2) The final context will not be notified. The correct fix for this is to update ev to the new one, then notify it. Volker's fix works because we currently always have one event context. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> | |||||
2009-09-21 | s4:dsdb Fix of double addition of SD-s | Nadezhda Ivanova | 2 | -11/+25 | |
Also add error strings in descriptor module | |||||
2009-09-21 | s4:ldb Add 'single-value' support to LDB. | Andrew Bartlett | 3 | -2/+56 | |
This is currently only triggered via Samba4's schema code. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 14 | -25/+358 | |
2009-09-21 | Initial Implementation of the DS objects access checks. | Nadezhda Ivanova | 9 | -1/+1441 | |
Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified. | |||||
2009-09-21 | Add support in the ldb_dn.c code for MS-ADTS:3.1.1.5.1.2 Naming Constraints | Anatoliy Atanasov | 1 | -0/+13 | |
2009-09-21 | Add tests for MS-ADTS:3.1.1.5.1.2 Naming Constraints | Anatoliy Atanasov | 1 | -0/+29 | |
2009-09-21 | s4:dsdb Run the new 'descriptor' module by default. | Andrew Bartlett | 1 | -6/+0 | |
This code was derived from the objectclass module, and we need the new code in the default provision, or else no ACL is set on each object. Andrew Bartlett | |||||
2009-09-21 | s4-ldb: bit prettier output | Andrew Tridgell | 1 | -7/+15 | |
2009-09-21 | s4-ldb: fixed O(n^2) string handling in ldif debug print | Andrew Tridgell | 1 | -3/+3 | |
2009-09-21 | s4-samdb: enable ldb tracing when log level >= 10 | Andrew Tridgell | 1 | -0/+4 | |
2009-09-21 | s4-schema: don't trace the schema load (too verbose) | Andrew Tridgell | 1 | -12/+24 | |
2009-09-21 | s4-ldb: add --trace command line option to ldb tools | Andrew Tridgell | 2 | -0/+6 | |
This enabled LDB_FLG_ENABLE_TRACING | |||||
2009-09-21 | s4-ldb: add a LDB_FLG_ENABLE_TRACING for full ldb tracing | Andrew Tridgell | 4 | -1/+135 | |
When LDB_FLG_ENABLE_TRACING is set ldb will send full traces of all operations and results | |||||
2009-09-21 | s4-ldap: default edn type is 0 | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4-ldb: add support for extended DNs in the rootDSE | Andrew Tridgell | 1 | -2/+135 | |
W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs | |||||
2009-09-21 | s4-dsdb: fixed a printf format warning | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 29 | -541/+839 | |
2009-09-21 | s4:kerberos Fix the salt to match Windows 2008. | Andrew Bartlett | 2 | -2/+2 | |
The previous commit changed the wrong end - we must fix our server, not our client. Andrew Bartlett | |||||
2009-09-21 | s4:provision Make our default salt match our server behaviour | Andrew Bartlett | 1 | -1/+1 | |
We need to look into salting algorithms further. Andrew Bartlett | |||||
2009-09-21 | tdb:tdbtool: fix indentation. | Michael Adam | 1 | -178/+177 | |
Michael | |||||
2009-09-21 | tdb:tdbtool: add transaction_start/_commit/_cancel commands. | Michael Adam | 1 | -0/+21 | |
So one can perform tdbtool operations protected by transactions. Michael | |||||
2009-09-21 | tdb:tdbtool: add the "speed" command to the help text. | Michael Adam | 1 | -0/+1 | |
Michael | |||||
2009-09-21 | s4:provision - Fix up ProvisioningError class as suggested by Jelmer | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
2009-09-21 | s4:samdb/tools - That should fix now the last failures | Matthias Dieter Wallnöfer | 3 | -3/+5 | |
2009-09-21 | s4:libnet_become_dc - bump down the level requested by abartlet | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2009-09-21 | s4:scripts - Reintroduce "-H" parameter | Matthias Dieter Wallnöfer | 6 | -12/+46 | |
I removed it since on some scripts it was present, on others not - so I thought it wouldn't be really needed. This was a bad decision (pointed out by abartlet). So I reintroduce it on all scripts (to have consistent parameters). | |||||
2009-09-21 | Revert "blackbox:test_kinit - Remove the "-H" (hive) parameter" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
This reverts commit d4389a230b6aea5a0b2a98e255b14a59c8248b0b. This revert changed the behaviour which I didn't expect. Thanks abartlet to point this out! | |||||
2009-09-20 | s4:provision Make us Windows 2008 level by defualt again | Andrew Bartlett | 1 | -4/+5 | |
Also add a note to clarify that this should not be changed without discussion and consensus. We don't want this bouncing around. Paramater support to allow optional selection of Win2003 mode welcomed. Andrew Bartlett | |||||
2009-09-21 | s3:secrets_schannel: revert to using version 1 | Stefan Metzmacher | 1 | -3/+9 | |
It doesn't really matter if the entries have invalid context in it. Older versions of samba refuse to open the file if the version doesn't match. If we can't parse individual records, we'll fail schannel binds, but the clients are supposed to reestablish the netlogon secure channel by doing ServerReqChallenge/ServerAuthenticate* again. This will just overwrite the old record. metze | |||||
2009-09-21 | s3:winbindd: avoid writing to a closed connection and generate SIGPIPE | Stefan Metzmacher | 1 | -12/+13 | |
metze | |||||
2009-09-21 | async_sock: return -1/EPIPE if we're getting an end of file on read. | Stefan Metzmacher | 1 | -0/+4 | |
This makes the error handling in the callers easier. metze | |||||
2009-09-21 | s3:lib/select: don't overwrite errno in the signal handler | Stefan Metzmacher | 1 | -0/+4 | |
metze | |||||
2009-09-21 | tevent: make sure we don't set errno within the signal handler function. | Stefan Metzmacher | 1 | -0/+3 | |
metze | |||||
2009-09-21 | s4:dsdb/resolve_oids: add fast pathes for the common operations without oids | Stefan Metzmacher | 1 | -0/+217 | |
metze | |||||
2009-09-21 | s4:dsdb/resolve_oids: check return values in recursion | Stefan Metzmacher | 1 | -3/+6 | |
metze | |||||
2009-09-20 | s4:py_security Add missing header | Andrew Bartlett | 1 | -0/+23 | |
2009-09-20 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 10 | -53/+93 | |
2009-09-20 | s4:provision Use code to store domain join in 'net join' as well | Andrew Bartlett | 7 | -309/+283 | |
This ensures we only have one codepath to store the secret, and therefore that we have a single choke point for setting the saltPrincipal, which we were previously skipping. Andrew Bartlett | |||||
2009-09-20 | s4:ldb print out which LDB the transaction is still active on. | Andrew Bartlett | 1 | -2/+2 | |
2009-09-20 | s4:provision split provision of DNS zone and self join keytab | Andrew Bartlett | 4 | -28/+34 | |
2009-09-20 | s4-selftest: disable RAP-SCAN test | Andrew Tridgell | 1 | -0/+1 | |
also pointless now we have docs | |||||
2009-09-20 | s4-selftest: disable RPC-COUNTCALLS | Andrew Tridgell | 1 | -0/+1 | |
The RPC-COUNTCALLS was useful when we were working out IDL by hand | |||||
2009-09-20 | Initial implementation of security descriptor creation in DS | Nadezhda Ivanova | 8 | -14/+459 | |
TODO's: ACE sorting and clarifying the inheritance of object specific ace's. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Matthias Dieter Wallnöfer | 4 | -1/+59 | |
2009-09-20 | s4:python tools - try to fix some test problems | Matthias Dieter Wallnöfer | 3 | -14/+16 | |
2009-09-20 | s4:samba3sam.py test - remove the primary group ID attribute here | Matthias Dieter Wallnöfer | 1 | -7/+2 | |
This shouldn't be specified on creation time (Windows Server doesn't allow that). Hope this also fixes the test (see buildfarm). | |||||
2009-09-20 | s4:sec_descriptor - fix constant | Matthias Dieter Wallnöfer | 1 | -4/+4 | |