summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4057: unknown5 represents the account policy "Users must logon to changeGünther Deschner1-1/+1
password". Guenther (This used to be commit 18e01ae25493d2b4b9b86d090199d5202d7a9e42)
2007-10-10r4056: modified the access check code based on results from RAW-ACLSAndrew Tridgell2-26/+60
test. Also added generic mapping bits for pvfs. We don't pass RAW-ACLS yet, but its close. (This used to be commit c7cbd966d49a5345ea326732587555d209c531fc)
2007-10-10r4055: fixed more places to use type safe allocation macrosAndrew Tridgell31-67/+64
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
2007-10-10r4054: got rid of Realloc(), replacing it with the type safe macro realloc_p()Andrew Tridgell11-50/+25
(This used to be commit b0f6e21481745d1b2ced28d9ed6f09f6ffd99562)
2007-10-10r4053: expanded and fixed a bug in the RAW-ACLS testAndrew Tridgell1-6/+19
(This used to be commit 0d19b4a09f4ce0b0c5e7779809c383322f4de4fc)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell23-55/+77
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4051: use talloc_array() instead of talloc() when allocating arrays in ↵Andrew Tridgell1-1/+1
auto-generated ndr code (This used to be commit 90cdfd921e1a6f8806fe94bba61f1bbaa79c79f1)
2007-10-10r4050: make sure we add objectClass and sAMAccountNameAndrew Tridgell1-7/+6
(This used to be commit 57d0079bb91b8edc625027e1f28203794e018afc)
2007-10-10r4049: a simple perl script to add a new user to Samba4 ldbAndrew Tridgell1-0/+146
(This used to be commit 76f2ae32040fe494e703abb54dd7ad09d7110408)
2007-10-10r4048: a very simple howto for new developers to tell them how to build and ↵Andrew Tridgell1-0/+118
install samba4 (This used to be commit 4e7d723dacc0d6d526721ee037502c02ffd3fdec)
2007-10-10r4046: add more servicePrincipalName's for the dc accountStefan Metzmacher1-0/+5
metze (This used to be commit 659a0b26e2fa466169078bab6dd4af1e5fffb48b)
2007-10-10r4045: readd krb5 support defaulted to disableStefan Metzmacher8-5/+22
use: gensec:krb5=yes gensec:ms_krb5=yes to enable it or -k on the client tools on the command line metze (This used to be commit 0ae5794cf44933d2554e0356baaca24c7a784f71)
2007-10-10r4044: only send supportedMech when we also send other dataStefan Metzmacher1-5/+8
metze (This used to be commit 1e0483a8482574fa0f8d7ad31cc4bf4a6155ec52)
2007-10-10r4042: fix segfault on server schannel connectionsStefan Metzmacher1-1/+4
metze (This used to be commit 57bd26f9c528687ca2ca9bbaa56f7f36efd2231f)
2007-10-10r4041: fix cut-n-paste typoStefan Metzmacher1-1/+1
metze (This used to be commit 54398aa889b5954c7c387b252dd1a9173eac36f0)
2007-10-10r4040: sorry today is not my day...Stefan Metzmacher1-2/+2
uint32 != uint8_t ... metze (This used to be commit a8a3b8ee341fda041383df225ea2b7f9b589fc04)
2007-10-10r4039: added a test for an element > 128 bytes in length, to ensure we testAndrew Tridgell1-0/+3
for sign extending errors in element length (This used to be commit 07378fca6c12ffffcd3fe5e91f4d70ef838a45d5)
2007-10-10r4038: fix sign/unsign bug I introduced in -r 4022Stefan Metzmacher1-2/+2
this caused new ldb record to be corrupt if the length was > 12b byte thanks tridge for finding this metze (This used to be commit 6998c37b473d8efeb2ed5285f10f469a29ad787a)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell22-48/+50
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
2007-10-10r4036: expanded the RAW-ACLS torture test to include tests for theAndrew Tridgell1-2/+427
generic->specific access mask mappings, and tests of the behaviour of SID_CREATOR_OWNER and SEC_FLAG_MAXIMUM_ALLOWED (This used to be commit f572fe6d29d5a318b24d71a2ebfa2baca2b79a10)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell32-104/+116
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r4034: add a function security_descriptor_create() which can be used toAndrew Tridgell1-0/+79
easily create complex security descriptors for testing. This greatly simplifies the smbtorture code I am writing for testing our new access_check code. (This used to be commit 891a8bc16af3c6ce5800e793ce4ec8b0078e444f)
2007-10-10r4033: removed a pointless commentAndrew Tridgell1-1/+1
(This used to be commit 1f3f9f829444cb889c6782c4fe52773fd6867b55)
2007-10-10r4027: add a useful function for debuggingStefan Metzmacher1-0/+18
metze (This used to be commit 41b1ba53fc201b7b9f9d806dccef6258b2a1d157)
2007-10-10r4026: added NT ACL checking on pvfs_open() for existing files. I need toAndrew Tridgell2-16/+90
work out some way to do a decent test suite for this. (This used to be commit 9a9a0d0e791e4b64f0a35c921729e623b977af47)
2007-10-10r4025: added a sec_access_check() function for checking security descriptorsAndrew Tridgell3-39/+163
against a users security token and access_mask (This used to be commit c4d21cd4b1ccffd5aaa70a551c57f6eab1ca9c6d)
2007-10-10r4022: fix compiler warningsStefan Metzmacher4-6/+7
metze (This used to be commit 79d0eb2f677f9e985ba476a9680f68537d41be6f)
2007-10-10r4015: correct copyright attributionsAndrew Tridgell1-3/+2
(This used to be commit 078d9ab05bffc79e4f329ea18fe3dafd144d989c)
2007-10-10r4014: removed unused MacExtension.h headerAndrew Tridgell1-246/+0
(This used to be commit 5ffffdd79f23c461e30bc91e983b12939f063d2d)
2007-10-10r4013: got rid of a bunch of unused or unmaintained codeAndrew Tridgell12-2676/+80
- removed the clitar code. It is unmaintained, and a horribly badly done hack - removed client.h as it contained mostly unused definitions - removed the unused clidfs.c code (This used to be commit 31a7bddbb3815b4d625e993dbce4805dae1c18f8)
2007-10-10r4012: split out the lsa lookup single name logic into a separate functionAndrew Tridgell1-24/+34
(This used to be commit 44d97619623830cc24905a5f4df941d45ebd41c3)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell41-646/+450
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r4010: fixed parsing of null attributes in the ldb ldif parserAndrew Tridgell2-2/+7
(This used to be commit b4fd76f78eadd8648ceed508766235e80702aa8f)
2007-10-10r4003: run successful against a nt4 sp6 pdc with one nt4 sp6 trust and a ↵Stefan Metzmacher2-10/+23
w2k3 trust metze (This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
2007-10-10r4002: NT 4.0 sp6a can't do schannel 128Stefan Metzmacher1-2/+2
metze (This used to be commit c04a77ed6945db0292434fb5461a884708a9ebf2)
2007-10-10r4001: fix segfault fix auth failedStefan Metzmacher2-0/+4
metze (This used to be commit 6a7eee1d9917e0884072354dddae568645798da5)
2007-10-10r4000: DATA_BLOB.data is uint8_t * not void * :-)Stefan Metzmacher5-5/+5
(thanks abartlet for telling me) metze (This used to be commit 2783bf393f6310f9d827538329d619dad5b02dd0)
2007-10-10r3999: - reply with the same DsBindInfo blob as w2k3 in the server functionStefan Metzmacher2-6/+54
- add idl for drsuapi_DsReplicaSync() not yet complete - just return WERR_OK for the drsuapi_DsReplicaSync() server function metze (This used to be commit e896925ac0b58bd48b5b9cc2d675682409d09ae1)
2007-10-10r3998: allow const arrays (see next commit to drsuapi.idl)Stefan Metzmacher3-469/+626
metze (This used to be commit 7264a2227d7a1881db01964d0d713c144eb77152)
2007-10-10r3997: fix STR_CHARLEN pull caseStefan Metzmacher1-21/+25
metze (This used to be commit 623411f74ee766dee2170949b118216387779929)
2007-10-10r3996: add some commentsStefan Metzmacher1-5/+5
metze (This used to be commit 87a92d3d5c7c2ab0bc07a9fb101022b3db1d637b)
2007-10-10r3995: improved the default ACL mapping from unix permsAndrew Tridgell1-7/+11
(This used to be commit 01e89697fe837ee76fedda149e1e2b389a7d3889)
2007-10-10r3994: - removed the unused reference count code in lsa serverAndrew Tridgell1-37/+39
- fixed the sid_index field in lsa LookupSids and LookupNames (This used to be commit 677f701e71609d82376b1ea2fa9ebc3521896671)
2007-10-10r3993: use distinctive fnums in the ipc backend, to make monitoring sniffs ↵Andrew Tridgell1-1/+3
easier (This used to be commit 54209ed05686a442156f7927c58d8656aa5e4900)
2007-10-10r3992: provide hooks for lsa to lookup sids allocated using the linear ↵Andrew Tridgell2-17/+104
id->sid mapping (This used to be commit e61140510905b6bbe57ad35dad8e4dd68d1f6bd8)
2007-10-10r3991: for uid->sid and gid->sid to be efficient we need to index on unixIDAndrew Tridgell1-0/+2
and unixName in samdb. (This used to be commit 5c966821e2eced9a1b34a5274cc317eab1a44eaf)
2007-10-10r3990: take advantage of the uid->sid and gid->sid code to create a muchAndrew Tridgell3-14/+97
better default NT ACL in pvfs (This used to be commit 9ff6ecbdb6c08528193f7958d7ea7d9a8df6defd)
2007-10-10r3989: added a linear algorithmic mapping for uid->sid and gid->sid withinAndrew Tridgell1-21/+351
our local domain. Note that this linear mapping does not suffer from the "foreign sid" problems of the linear mappings we have previously rejected for the sid->uid problem. the mapping allows for 1 billion automatically allocated users or groups for the local domain. (This used to be commit 8f573439753e2a425305936107442c85cffb9369)
2007-10-10r3988: made dom_sid_add_rid() allocate the new sid with proper parent/child ↵Andrew Tridgell1-3/+5
talloc relationship (This used to be commit 5db0eb1fe3abb5150bef27bfed4b7da723e4a287)
2007-10-10r3984: success full parse the repsFrom/repsTo LDAP fieldsStefan Metzmacher2-28/+36
metze (This used to be commit 56c66f4a090b1efca011fc2fc9880c4d93da164c)