summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett17-286/+389
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r11199: Push an objectSid into the schannel state database, to match the new ↵Andrew Bartlett1-10/+2
header. Andrew Bartlett (This used to be commit a665b56085cbf89c6deaeef0deaed31fcbc07458)
2007-10-10r11198: The recent changes to netlogon changed this from a RID to a SID.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 24dbf3435277a51dd49c5e2189fc6655260eddf4)
2007-10-10r11197: indentAndrew Bartlett1-2/+2
(This used to be commit a432ba105cbf2ea7b9010365c0a7d1dcc9ff5f7f)
2007-10-10r11196: Clean up memory leaks (pointed out by vl), and handle the case whereAndrew Bartlett1-11/+47
the client doesn't guess correctly on the mech to use. It must back off and try the mech the server selected from the list. I'm not particularly attached to our SPNEGO parser, so while I can't easily use the SPNEGO application logic in Heimdal, I'm going to look closely at using the asn1 routines to avoid some pain here. Andrew Bartlett (This used to be commit 929217387449270b60c3f825dca3b3cae5a4f9d1)
2007-10-10r11195: Add a new helper function (needed by my kpasswdd work, but hooked inAndrew Bartlett2-242/+136
for netlogon as well) to change/set a user's password, given only their SID. This avoids the callers doing the lookups, and also performs the actual 'set', as these callers do not wish any further buisness with the entry. Andrew Bartlett (This used to be commit 060a2a7bcca6b58d50bc4e0930c13616742a55d3)
2007-10-10r11194: Use the special ldb attribute "canonicalName" (therefore testing thatAndrew Bartlett1-11/+20
codepath) in DRSUAPI CrackNames. Fix the NT4 account return value. Andrew Bartlett (This used to be commit 2513c02c64b489ebf167e33fdb4ac51ce8783c04)
2007-10-10r11193: Implement wbinfo -mVolker Lendecke6-8/+173
(This used to be commit 12a800bc8541c4160a534d1edcaeb6774776e18d)
2007-10-10r11192: Too many contexts around... :-)Volker Lendecke1-1/+1
(This used to be commit 134e104c3ff39e5f3ebdaf9168df78a156490ed7)
2007-10-10r11189: add some more special group vs. special group tests,Stefan Metzmacher2-2/+15
to make sure that replicas from the same owner are blinding overwritten in all cases metze (This used to be commit 466baf737aedf240ff372ab8e8c708299102d1fa)
2007-10-10r11188: - add multi homed vs. multi homed sectionStefan Metzmacher2-6/+183
metze (This used to be commit 838323e58fe4e748a17100c4cd13788059dd12c6)
2007-10-10r11187: in case the msDS-KeyVersionNumber is replicated (I didn't assume ↵Stefan Metzmacher2-0/+4
this...) show the string in the debug output, and show it with --option="dssync:print_pwd_blobs=yes" metze (This used to be commit 98c1e8e3df90c05691a12bb25357fd75da419c5c)
2007-10-10r11186: - get rid of some .extra = True casesStefan Metzmacher2-8/+190
- add multihomed vs unique section - update conflict handling for the above case metze (This used to be commit c043e56efd3d72cdd5b17c78512e12285c87f221)
2007-10-10r11185: - resolve attid for "supplementalCredentials" into a nameStefan Metzmacher2-18/+22
- print "supplementalCredentials" also when --option="dssync:print_pwd_blobs=yes" is used abartlet: this field may contain the krb5 keys... metze (This used to be commit 26c69348ca3ae10128df9832f8b4d9c1024631e2)
2007-10-10r11184: Remove test that checks whether ftruncate() needs root, because I can'tJelmer Vernooij1-7/+0
find the file it tries to use (build/tests/ftruncroot.c) and the value it defines is not used anywhere. (This used to be commit 97bbf4a46035becaee50d242364146e3529cf631)
2007-10-10r11182: Explicitly add "." to perl include path so that perl doesn't use theJelmer Vernooij1-1/+1
Config module instead of the configure-generated config.pm on case-insensitive filesystems (MacOSX, OpenVMS) (This used to be commit 47b8095a0a0e7f352860999df3b131cab3e8a2b9)
2007-10-10r11181: Implement wbinfo -s and wbinfo --user-sids. The patch is so large ↵Volker Lendecke19-240/+1422
because --user-sids required the extension to trusted domains. Implement "winbind sealed pipes" parameter for debugging purposes. Volker (This used to be commit 3821a17bdb68b2f1389b5a150502c057d28569d2)
2007-10-10r11179: revert to the old code, till jelmer find a solution how toStefan Metzmacher1-1/+1
handle a UTF16 string in a uint8 array metze (This used to be commit d13315f3b135228febcbe9b99d3550363c21da81)
2007-10-10r11178: add some logic functions for the replica_vs_replica conflict handlingStefan Metzmacher1-0/+259
to our winsrepl server, but it handles only the simple cases (without merging) and we still didn't apply records to our wins.ldb, we just print out what we would do metze (This used to be commit e4edeeaa0a808c6bcdf022eec1257e796c1c0700)
2007-10-10r11177: move unique vs * and normal group vs * into this formStefan Metzmacher1-338/+113
ACTIVE vs ACTIVE ACTIVE vs TOMBSTONE RELEASED vs ACTIVE RELEASED vs TOMBSTONE TOMBSTONE vs ACTIVE TOMBSTONE vs TOMBSTONE as it seems that is all we need to test, and w2k3 only decides between ACTIVE and NON-ACTIVE (REALEASED or TOMBSTONE) when it gets new replica objects also I have removed all the extra test, we only test the worst cases now, and this will make the algorithms more clear when you look at the output of the NBT-WINSREPLICATION torture test metze (This used to be commit 7545e4e7160864f5feedd35cf90507e47d7cf469)
2007-10-10r11176: - add multi homed vs. special group sectionStefan Metzmacher1-1/+179
metze (This used to be commit 62ddca0e1f3d7484b32df7f5a56eca4761289c00)
2007-10-10r11175: - add multi homed vs. normal group sectionStefan Metzmacher1-1/+178
metze (This used to be commit 891416b79eeec3d6c9391181f86b104b887774a2)
2007-10-10r11174: - add special group vs. multi homed sectionStefan Metzmacher1-1/+179
- disable special group vs. special group, I need to look closer at this, as I'm getting strange timeouts randomly, so the server might be doing some challegnes while doing the merging of special group records, witch reaches timeouts metze (This used to be commit 7479760cbf5fe818c31b7795dc43b413800a63bd)
2007-10-10r11173: print out the correct messagesStefan Metzmacher1-2/+20
metze (This used to be commit d8e7e914bf29f7ae0b7cc1f47ea9f8cca210d8df)
2007-10-10r11172: - start with special group vs. special group testingStefan Metzmacher1-4/+143
metze (This used to be commit ba2c100be6eb1d352df762d213fc197f11f69da5)
2007-10-10r11171: fix the buildStefan Metzmacher1-1/+2
metze (This used to be commit 0d948cf430f34757a17170cdd26ac6b87341a75f)
2007-10-10r11146: make sure we get the expected amount of addressesStefan Metzmacher1-0/+9
metze (This used to be commit 9903a47151a96177e835ba45450ad12a2e969ee2)
2007-10-10r11144: - add special group vs. normal group sectionStefan Metzmacher1-0/+177
metze (This used to be commit 03a8ff89d0f40eed3a8e0f94d2e756d9c648b564)
2007-10-10r11142: - add special group vs. unique sectionStefan Metzmacher1-1/+178
metze (This used to be commit ba1727623675def77d4bf3a9bf643f80c7e168c2)
2007-10-10r11141: Re-add paranoid string terminator checkJelmer Vernooij2-15/+30
(This used to be commit 55805b5ed9493160ff17c26d2e1361947f368707)
2007-10-10r11122: Fix some talloc hierarchy errorsVolker Lendecke1-3/+3
(This used to be commit 449cc714b882d6ebea3e1cbf92e204efba98b6cb)
2007-10-10r11121: - add normal groups vs. multihomed sectionStefan Metzmacher1-24/+276
- make sure we test the worst case, so that we don't need to test everything... - same ip(s) => not replace - different ip(s) => replace metze (This used to be commit 4a22ce09b4cad7bb3d60e45f25fb19c36efb8dec)
2007-10-10r11120: calling_name is used later in sesssetup_nt1, so hang the names to ↵Volker Lendecke1-2/+4
the right talloc context. Volker (This used to be commit 256cf928d786b2533953505aea20ec80a25c6929)
2007-10-10r11119: add normal group vs. special group sectionStefan Metzmacher1-1/+232
metze (This used to be commit 13703b5c35e4473d0ab6b595f41f4cc35c18f81e)
2007-10-10r11117: add a normal group vs. normal group sectionStefan Metzmacher1-1/+232
metze (This used to be commit 9a7689c745e9fa9f40c46fa041a502967fd93ccc)
2007-10-10r11116: - don't display cleanup updatesStefan Metzmacher1-3/+156
- add unique vs. multi homed section metze (This used to be commit 7f8c26cd33a5dffd672d0995cf227177bc21a20e)
2007-10-10r11115: add unique vs special group sectionStefan Metzmacher1-2/+143
metze (This used to be commit 980e1a39eb039ebef3ca750eaf67bb87fd6f6980)
2007-10-10r11114: - fixed error handling on bad bind in ildap clientAndrew Tridgell2-2/+64
- added nicer error display, giving a string version of the error code (This used to be commit 5ec486bb81536b38a5f40cae7555cbcbbfa52263)
2007-10-10r11113: fixed two small bugs in newuserAndrew Tridgell1-1/+2
- randpass() is now in the random ejs module, not global - don't dereference the undefined variable on getopt failure (This used to be commit 7e338c23f5ac351b362a9e07fd81ec07bc700484)
2007-10-10r11112: listen on the global catalog ldap server port as well if we are aAndrew Tridgell1-0/+11
PDC. I suspect we should behave slightly differently on the two ports, but this is a lot closer than not listening at all. When creating a user with mmc the global catalog port is used to check for an existing user (This used to be commit f8430c3f41313d0a71cea23e1a2ef98f088aff44)
2007-10-10r11111: fixed a talloc error in the dn shortcut codeAndrew Tridgell1-5/+18
(This used to be commit e28a334eeb8fa22f686d0c1dc48b2977d85b9e10)
2007-10-10r11110: make ldb_oom() also set the ldb error stringAndrew Tridgell1-1/+1
(This used to be commit b6e8018a3b2326c3d1df4811a0581c5c0967bfd3)
2007-10-10r11109: fixed the error code return from most ldb functions (the change to useAndrew Tridgell1-6/+16
ldb_transaction_cancel() broke it) (This used to be commit dc41994ea72c7c7f571efa009930cf36d7a9897a)
2007-10-10r11108: - always test the old and new recordStefan Metzmacher1-3/+36
- check that the record is the same as what we pushed to the server (we need to verify the ip-addresses later too...) metze (This used to be commit f59e90299d1060a3c61ee24bdf4a2a13aac1bccf)
2007-10-10r11107: Include 0 byteJelmer Vernooij1-1/+2
(This used to be commit 407df9628e383822680af766dd94532e59397382)
2007-10-10r11106: Make the KDC handler plugable, as I want to drop kpasswdd into exactlyAndrew Bartlett1-16/+34
the same spot (it has identical TCP sementics). Andrew Bartlett (This used to be commit 84d6118e8762608af0945279d80ad0f898e693d9)
2007-10-10r11105: Warn if conformant arrays are not at the end of a structJelmer Vernooij6-12/+37
Support conformant [string] arrays Eliminate utf8string This breaks xattr binary compatibility with previous versions - is that a problem? (This used to be commit 7596c708ba6642473319a1b699a5a910a639e50d)
2007-10-10r11104: Fix LOCAL-PAC testJelmer Vernooij1-1/+1
(This used to be commit 22d0e4a9bf853fe67c402ce3ba6d950e753ab4d2)
2007-10-10r11103: Eliminate ascstrJelmer Vernooij3-11/+5
(This used to be commit c8a0511f37f8cff3e949ffda0bb7fae714d5bbb4)
2007-10-10r11102: Remove unistr_notermJelmer Vernooij2-7/+1
(This used to be commit bb1ed44f45020f1e11d928f5130a889c11ee59c4)