Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-17 | s4-netlogon: added SEC_CHAN_RODC | Andrew Tridgell | 2 | -1/+7 | |
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs | |||||
2010-08-17 | s4-net: use an encrypted ldap session when setting passwords | Andrew Tridgell | 1 | -0/+3 | |
this allows for "net setpassword -H ldap://server -Uusername%password USERNAME" to set a password remotely on a windows DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: check the type of session_info from the opaque | Andrew Tridgell | 1 | -2/+2 | |
we saw a crash with a bad pointer here, and this may help track it down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-drs: allow getncchanges from RODC with WRIT_REP set | Andrew Tridgell | 1 | -2/+2 | |
w2k8r2 is setting this bit as a RODC. Instead of refusing the replication, we now remove the bit from req8, which means other places in the code that check this bit can stay the same Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-drs: added domain_sid to DRS security checks | Andrew Tridgell | 6 | -10/+14 | |
we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-drs: fixed check for SECURITY_RO_DOMAIN_CONTROLLER | Andrew Tridgell | 1 | -6/+6 | |
check more than the user_sid, and also check for the right rid value Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: added support for UF_PARTIAL_SECRETS_ACCOUNT | Andrew Tridgell | 2 | -2/+10 | |
when this is in user_account_control the account is a RODC, and we need to set the primaryGroupID to be DOMAIN_RID_READONLY_DCS Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: cope with cracknames of form dnsdomain\account | Andrew Tridgell | 1 | -2/+8 | |
this is used by w2k8r2 when doing a RODC dcpromo Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumber | Andrew Tridgell | 1 | -1/+8 | |
msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldb: added LDB_FLAG_INTERNAL_DISABLE_VALIDATION | Andrew Tridgell | 2 | -7/+15 | |
When this flag is set on an element in an add/modify request then the normal validate_ldb() call that checks the element against schema constraints is disabled Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldb: added LDB_FLAG_INTERNAL_MASK | Andrew Tridgell | 2 | -0/+31 | |
This ensures that internal bits for the element flags in add/modify requests are not set via the ldb API Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages | Andrew Tridgell | 8 | -23/+28 | |
The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: support LDB_CONTROL_RODC_DCPROMO_OID for nTDSDSA add | Andrew Tridgell | 1 | -1/+24 | |
this control disables the system only check for nTDSDSA add operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: fixed test for LDB_CONTROL_RODC_DCPROMO_OID | Andrew Tridgell | 1 | -1/+1 | |
the ldb_msg_add_fmt() call returns LDB_SUCCESS on success | |||||
2010-08-17 | s4-ldapserver: support controls on ldap add and rename | Andrew Tridgell | 1 | -10/+12 | |
we need to pass the controls down to the add and rename ldb operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: added support for LDB_CONTROL_RODC_DCPROMO_OID | Andrew Tridgell | 3 | -0/+76 | |
this control adds a unique msDS-SecondaryKrbTgtNumber attribute to a user object. There is some 'interesting' interaction with the rangeLower and rangeUpper attributes and this add. We don't implementat rangeLower/rangeUpper yet, but when we do we'll need an override for this control (or be careful about module ordering). Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldap: use common functions for ldap flag controls encode/decode | Andrew Tridgell | 1 | -163/+11 | |
many controls are simple present/not-present flags, and don't need their own parsers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s3-dcerpc: try to fix the non gssapi build. | Günther Deschner | 1 | -1/+2 | |
Guenther | |||||
2010-08-17 | s3-dcerpc: fix c++ build warning. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-08-17 | s3-dcerpc: fix uninitialized variable in cli_get_session_key(). | Günther Deschner | 1 | -1/+1 | |
Simo, please check. Guenther | |||||
2010-08-17 | s3-util: remove unused variable. | Günther Deschner | 1 | -1/+0 | |
Guenther | |||||
2010-08-17 | s3-ads: Remove unused function and file | Simo Sorce | 3 | -31/+1 | |
2010-08-17 | s3:winbindd: don't ignore 'result' in wb_dsgetdcname_done() | Stefan Metzmacher | 1 | -0/+4 | |
Ignoring it could cause a segfault in winbindd_getdcname_recv() metze | |||||
2010-08-17 | s3: Remove smbd_server_fd() from write_data() | Volker Lendecke | 3 | -25/+78 | |
This completely removes the DEBUG(0, ..) error message from write_data(). I've gone through all callers of write_data() and made sure that they have their own equivalent error message printing. | |||||
2010-08-17 | s3-dcerpc: Use common send functions for ntlmssp too | Simo Sorce | 1 | -51/+12 | |
Remove unused function. | |||||
2010-08-17 | s3-dcerpc: properly implement gse/spnego_get_session_key | Simo Sorce | 5 | -16/+63 | |
2010-08-17 | s3-dcerpc: Check data and return appropriate error | Simo Sorce | 1 | -2/+17 | |
2010-08-17 | s3-dcerpc: Remove unused function | Simo Sorce | 1 | -18/+0 | |
2010-08-17 | s3-dcerpc: make a few local functions as static | Simo Sorce | 2 | -8/+7 | |
2010-08-17 | Change debug statements to use __location__ | Simo Sorce | 1 | -13/+11 | |
2010-08-17 | s3-dcerpc: Pull packet in the caller, before validation | Simo Sorce | 2 | -31/+38 | |
2010-08-17 | Add my (c) | Simo Sorce | 1 | -5/+6 | |
2010-08-17 | s3-samr: Fixed some build warnings. | Andreas Schneider | 1 | -3/+3 | |
2010-08-17 | s3: Fix a ton of type-punned warnings | Volker Lendecke | 1 | -4/+4 | |
2010-08-17 | build fix | Brad Hards | 1 | -1/+5 | |
2010-08-17 | s4-ldb: test the 'displayName=a,b' bug | Andrew Tridgell | 1 | -0/+6 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s3-provision: cope with the policy directory already existing | Andrew Tridgell | 1 | -3/+8 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldb: fixed the ldb 'displayName=a,b' indexing bug | Andrew Tridgell | 1 | -2/+4 | |
the problem was the inconsistency between the key form of DNs between the itdb used for indexing and the on disk form Thanks to Matthieu Patou for finding this bug! Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-ldb: add some comments explaining the ltdb_index_idxptr() function | Andrew Tridgell | 1 | -0/+8 | |
this function copes with alignment sensitive CPUs Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-16 | s3: Remove smbd_server_fd() from smbd_process | Volker Lendecke | 1 | -8/+8 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_echo_loop | Volker Lendecke | 1 | -1/+1 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_echo_reader | Volker Lendecke | 1 | -2/+2 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_echo_reply | Volker Lendecke | 1 | -5/+3 | |
2010-08-16 | s3: Remove smbd_server_fd() from keepalive_fn | Volker Lendecke | 1 | -1/+1 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_server_connection_handler | Volker Lendecke | 1 | -1/+1 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_server_connection_read_handler | Volker Lendecke | 1 | -2/+2 | |
2010-08-16 | s3: Remove smbd_server_fd() from chain_reply | Volker Lendecke | 1 | -2/+2 | |
2010-08-16 | s3: Remove smbd_server_fd() from construct_reply | Volker Lendecke | 1 | -2/+2 | |
2010-08-16 | s3: Remove smbd_server_fd() from switch_message | Volker Lendecke | 1 | -1/+1 | |
2010-08-16 | s3: Remove smbd_server_fd() from smbd_server_connection_loop_once | Volker Lendecke | 1 | -2/+2 | |