summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-11-29libcli/smb: remove unused smb_signing_set_bsrspyl() prototypeStefan Metzmacher1-1/+0
metze
2011-11-29s3-passdb: make pdb_password_change_time_max static.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Nov 29 15:16:51 CET 2011 on sn-devel-104
2011-11-29s3-rpcclient: add tool to call lsa_SetInformationTrustedDomain.Günther Deschner1-0/+71
"lsasettrustdominfo S-1-5-21-123456-123456-123456 13 1" currently you only can set the encryption type field. Guenther
2011-11-29s3: Remove some false/superfluous translationsVolker Lendecke1-5/+5
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Nov 29 12:39:45 CET 2011 on sn-devel-104
2011-11-29selftest/Samba4: pass '--machinepass' to 'samba-tool domain join'Stefan Metzmacher1-0/+4
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Nov 29 11:00:42 CET 2011 on sn-devel-104
2011-11-29s4:python: add --machinepass option to 'samba-tool domain join'Stefan Metzmacher1-5/+11
metze
2011-11-29s4:python/samba/join.py: add optional 'machinepass' parameter to join_*()Stefan Metzmacher1-6/+12
metze
2011-11-29s4:python/samba/join.py: add optional 'machinepass' parameter to class dc_joinStefan Metzmacher1-2/+6
metze
2011-11-29s4:py_net: add optional 'machinepass' parameter to py_net_join_member()Stefan Metzmacher1-3/+4
metze
2011-11-29s4:libnet: make it possible to join with a given machine passwordStefan Metzmacher2-4/+16
metze
2011-11-29s4:libnet/py_net: ZERO_STRUCT() struct libnet_Join_member in ↵Stefan Metzmacher1-0/+2
py_net_join_member() metze
2011-11-29s4:torture/rpc: use talloc_zero() in torture_join_domain()Stefan Metzmacher1-2/+2
metze
2011-11-29s4:libnet: use talloc_zero(struct libnet_JoinDomain) in libnet_Join_member()Stefan Metzmacher1-2/+1
metze
2011-11-29s4-samba-tool: Add --principal argument to samba-tool domain exportkeytabAndrew Bartlett6-71/+174
This allows only a particular principal to be exported to the keytab. This is useful when setting up unix servers in a Samba controlled domain. Based on a request by Gémes Géza <geza@kzsdabas.hu> Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Nov 29 09:20:55 CET 2011 on sn-devel-104
2011-11-29s4-provision: Fix the security ace for DnsAdmins group on DNS recordsAmitay Isaacs1-12/+19
Find the objectSid for DnsAdmins group and use that instead of a fixed sid. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Nov 29 07:38:06 CET 2011 on sn-devel-104
2011-11-29s4-repl: Check if GC SPN exists before using it for replicationAmitay Isaacs1-3/+54
Sometimes windows DC will set up dNSHostname before setting up GC SPN and that causes replication errors since samba tries to use GC SPN, which does not yet exist locally. Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2011-11-29s4-provision: Make BIND9_DLZ as the default backend for DNSAmitay Isaacs4-6/+6
2011-11-29dlz_bind9: Added access check to verify dynamic updateAmitay Isaacs2-17/+167
This creates session info from kerberos ticket and verifies if the signer has write access to a particular DN corresponding to the name in dynamic update. Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2011-11-29dlz_bind9: Use the sam database in dns/ as defaultAmitay Isaacs2-60/+14
This change is introduced to access samdb copy directly, rather than over ildap. The advantage is that the samba server does not need to be running for bind9 to start.
2011-11-29s4-provision: Create a samdb copy for access by dlz_bind9 moduleAmitay Isaacs4-56/+158
This creates a copy of rootdse, configuration and schema partitions for dlz_bind9 use in dns/ directory. Since dlz_bind9 requires write access to DNS partitions (DomainDnsZones and ForestDnsZones), those partitions are hard-linked (or symlinked) to the actual partitions. An empty domain partition is created so samdb layer can work.
2011-11-29s4-provision: Extract security descriptors in separate fileAmitay Isaacs2-77/+111
Need to use domain security descriptor from sambadns.py also.
2011-11-29s4-test: Remove metadata and ldb.d directory on clean upAmitay Isaacs1-0/+5
When using partitions, metadata.tdb automatically gets created in ${prefix}ldb.d/ directory. To correctly clean up check if metadata.tdb exists, then remove metadata.tdb and directory.
2011-11-29s4-samdb: seqence_number() operation must be in a transactionAmitay Isaacs1-0/+14
2011-11-29s4-dsdb: Added metadata to partition module for global sequence numberAmitay Isaacs5-17/+612
This adds support for global sequence number which is independent of partition information. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-11-29s4-dsdb: use dsdb_module_extended instead of duplicate codeAmitay Isaacs2-31/+13
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-11-29s4-dsdb: Return ldb_result context in dsdb_module_extendedAmitay Isaacs1-3/+20
The result of the extended operation is now available in the calling routine. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-11-29s4-dsdb: Remove LDB_SEQ_HIGHEST_TIMESTAMP sequence number supportAmitay Isaacs2-140/+13
This was a hack for LDAP backends to store a sequence number as a timestamp. It is still supported in standalone ldb tdb backend. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-11-28s3: Use tevent_req_simple_recv_ntstatusVolker Lendecke1-6/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Nov 28 17:14:27 CET 2011 on sn-devel-104
2011-11-28Fix Coverity ID 2638: OVERRUN_STATICVolker Lendecke1-1/+1
2011-11-28Fix Coverity ID 2639: UNUSED_VALUEVolker Lendecke1-2/+0
2011-11-28s3: Fix a crash in group_mapping.ldb->tdb conversionVolker Lendecke1-0/+13
When we find a group_mapping.ldb entry without a comment, the upgrade code would have crashed with a NULL dereference Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Nov 28 12:24:08 CET 2011 on sn-devel-104
2011-11-27s4:torture/ldap/cldap.c - remove the ↵Matthias Dieter Wallnöfer1-87/+4
"test_cldap_netlogon_flag_ds_dns_forest" test The test is wrong since the DNS_* (DS_DNS_CONTROLLER, DS_DNS_DOMAIN, DS_DNS_FOREST_ROOT) flags are never set on the plain CLDAP pipe. They get added only over the DsRGetDCName* calls over NETLOGON RPC. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Nov 27 16:23:27 CET 2011 on sn-devel-104
2011-11-27s4:selftest/test_samba_tool.sh - add a basic unit test for the new "domain ↵Matthias Dieter Wallnöfer2-6/+9
info" command Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27samba-tool: domain info - add basic exception handlingMatthias Dieter Wallnöfer1-2/+4
It is nicer to get an error message rather than a stacktrace on wrong IP addresses. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27samba-tool: add a domain info command to get basic infoMatthieu Patou1-1/+24
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27s4:netlogon RPC server - DsRGetDcNameEx - set the DNS name flags correctlyMatthias Dieter Wallnöfer2-12/+14
The rules are explained in MS-NRPC 2.2.1.2.1. Patch inspired by Matthieu Patou. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27s4-netlogon: return WERR_NO_SUCH_DOMAIN instead of WERR_DS_UNAVAILABLE if we ↵Matthieu Patou1-1/+1
are unable to translate the domain to a dn Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27s4:cldap_server/netlogon.c - DS_SERVER_CLOSEST handlingMatthias Dieter Wallnöfer1-2/+5
DS_SERVER_CLOSEST is only set when the client and server site coincide. MS-NRPC 2.2.1.2.1 Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-27s4:netcmd/common.py: add a "netcmd" function to do a cldap netlogon requestMatthias Dieter Wallnöfer1-0/+9
This is useful for a new "samba-tool domain info" command. Patch inspired by Matthieu Patou. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26s4:libnet/py_net.c: "py_net_finddc" - add an "address" parameterMatthias Dieter Wallnöfer4-14/+25
This is useful for a new "samba-tool domain info" command. Patch inspired by Matthieu Patou. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26s4:libnet/py_net.c - initialise optional keyword argumentsMatthias Dieter Wallnöfer1-1/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26s4:libcli/finddcs_cldap.c - let "finddcs_cldap" work either with the IP ↵Matthias Dieter Wallnöfer1-14/+27
address or the domain name This will be useful for a new "samba-tool domain info" command. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26smbtorture: avoid sigsev if the password is not correctMatthieu Patou1-1/+1
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26s4:update_keytab LDB module - no need to filter for the DNMatthias Dieter Wallnöfer1-2/+2
We launch a search request with base scope on exactly the same DN (see downwards). Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-26idl:netlogon.idl - add the Active Directory Web Service bit (DS_SERVER_WEBSERV)Matthias Dieter Wallnöfer1-0/+1
MS-NRPC 2.2.1.2.1 Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-11-25s3:locking:posix: remove uses of SMB_ASSERT() from get_windows_lock_ref_count()Michael Adam1-2/+13
SMB_ASSERT is useless, since in non-developer build it does not actually fail after the log message, but usual flow just continues. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Nov 25 14:59:53 CET 2011 on sn-devel-104
2011-11-25s3:locking:posix: adapt use of dbrwrap_fetch() to new NTSTATUS semanticsMichael Adam1-5/+14
2011-11-25s3:registry: write INFO/version if we create registry.tdbGregor Beck1-0/+7
Signed-off-by: Michael Adam <obnox@samba.org>
2011-11-25s3:dbwrap: do not burden the user of db_open_ctdb with ifdef voodooGregor Beck2-3/+13
Signed-off-by: Michael Adam <obnox@samba.org>
2011-11-25s3:lib fix output of hex escapes > 0x7F with cbuf_print_quotedGregor Beck1-1/+1
(cherry picked from commit a1fcb7e37a23dcc035686486d4afe32a67082ae1)