Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-17 | idl: added DsExecuteKCC IDL | Andrew Tridgell | 2 | -4/+22 | |
2009-09-16 | ndr: added --ndr64 flag to ndrdump | Andrew Tridgell | 4 | -6/+44 | |
This only does pull, but it is useful for w2k8-r2 <-> w2k8-r2 ndrdump usage, which is always 64bit. | |||||
2009-09-17 | s3-winbindd: add and use winbindd_lookup_names(). | Günther Deschner | 2 | -20/+47 | |
Guenther | |||||
2009-09-17 | s3-winbindd: add and use winbindd_lookup_sids(). | Günther Deschner | 3 | -96/+78 | |
Guenther | |||||
2009-09-17 | cifs-upcall: fix the build after spnego merge. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2009-09-17 | w32err: use WERR_DC_NOT_FOUND name instead of WERR_DOMAIN_CONTROLLER_NOT_FOUND | Kamen Mazdrashki | 1 | -2/+2 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | w32err: Set hex format values for all errors | Kamen Mazdrashki | 1 | -90/+90 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | w32err: Re-define errors with numeric values | Kamen Mazdrashki | 1 | -46/+46 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | w32err: Sorting error codes in ascending order | Kamen Mazdrashki | 1 | -10/+8 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | w32err: NERR_ codes grouped together | Kamen Mazdrashki | 1 | -9/+9 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | w32err: WERR_CLASS_NOT_REGISTERED updated | Kamen Mazdrashki | 2 | -2/+7 | |
Error code move to COM/OLE group. Error value changed to as REGDB_E_CLASSNOTREG in Windows Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | To set file create/birth time in GPFS. Signed-off-by: Abhidnya Chirmule ↵ | Abhidnya Chirmule | 1 | -0/+42 | |
<achirmul@in.ibm.com> | |||||
2009-09-17 | s3:vfs: Fix the build of vfs_tsmsm after the VFS rewrite | Volker Lendecke | 1 | -3/+3 | |
2009-09-17 | spnego: add spnego_proto.h. | Günther Deschner | 2 | -1/+29 | |
Guenther | |||||
2009-09-17 | spnego: share spnego_parse. | Günther Deschner | 21 | -496/+71 | |
Guenther | |||||
2009-09-16 | libcli/auth: remove trailing whitespace. | Günther Deschner | 1 | -72/+72 | |
Guenther | |||||
2009-09-16 | s3-netlogon: support validation level 6 in netr_SamLogon calls. | Günther Deschner | 3 | -0/+65 | |
Guenther | |||||
2009-09-16 | s3-netlogon: match all logon levels in netr_SamLogon calls. | Günther Deschner | 1 | -0/+9 | |
Guenther | |||||
2009-09-16 | s3-rpcclient: fix netr_LogonGetCapabilities command. | Günther Deschner | 1 | -6/+5 | |
Guenther | |||||
2009-09-16 | security:idl Generated files | Nadezhda Ivanova | 3 | -0/+66 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-09-16 | Owner and group defaulting. | Nadezhda Ivanova | 9 | -59/+636 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-09-16 | Tests for descriptor inheritance | Zahari Zahariev | 3 | -1/+1613 | |
Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-09-16 | s4:kdc In the kpasswd server, don't use the client address in mk_priv | Andrew Bartlett | 1 | -0/+8 | |
This code eventually calls into mk_priv in the Heimdal code, and if the client is behind NAT, or somehow has an odd idea about it's own network addresses, it will fail to accept this packet if we set an address. It seems easiser not to. (Found by testing with NetAPP at plugfest) Andrew Bartlett | |||||
2009-09-16 | s4:rpc_server netgotiate max xmit size with RPC client | Andrew Bartlett | 1 | -2/+2 | |
Testing against NetAPP showed that clients can object to being told a larger max xmit fragment size than they negotiated. Choose the minimum of the server and client values. Andrew Bartlett | |||||
2009-09-16 | s3: Don't overwrite password in pam_winbind, subsequent pam modules | Bo Yang | 1 | -4/+0 | |
might use the old password and new password. Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-09-16 | s4-repl: raise a debug level | Andrew Tridgell | 1 | -1/+1 | |
2009-09-16 | s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't exist | Andrew Tridgell | 1 | -0/+8 | |
When a partition is first created it still needs a uSNHighest value | |||||
2009-09-16 | libcli/auth: rewrite schannel sign/seal code to be more generic | Stefan Metzmacher | 5 | -229/+263 | |
This prepares support for HMAC-SHA256/AES. metze | |||||
2009-09-16 | lib/crypto: include aes.h into crypto.h | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2009-09-13 | Ignore source4/dsdb/kcc/kcc_service_proto.h. | Matt Kraai | 1 | -0/+1 | |
2009-09-16 | s3-netapi: Fix Coverity #668: FORWARD_NULL. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-09-16 | s3-netapi: Fix Coverity #669 FORWARD_NULL. | Günther Deschner | 1 | -1/+1 | |
Guenthe | |||||
2009-09-16 | s3-netapi: Fix Coverity #670: FORWARD_NULL. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-09-16 | s3-eventlogadm: Fix Coverity #938: UNINIT. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-09-16 | s3-rpcclient: Fix Coverity #935: UNINIT. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-09-16 | s3-ntlmssp: add missing prototype. | Günther Deschner | 2 | -2/+3 | |
Guenther | |||||
2009-09-16 | s3-dcerpc: remove more obsolete or duplicate headers. | Günther Deschner | 6 | -111/+69 | |
Guenther | |||||
2009-09-16 | s3-schannel: add dump_NL_AUTH_SIGNATURE. | Günther Deschner | 4 | -44/+44 | |
Guenther | |||||
2009-09-15 | s4-repl: take advantage of async RPC forwarding | Andrew Tridgell | 2 | -26/+7 | |
This uses async RPC forwarding for the DsReplicaSync call | |||||
2009-09-15 | s4-rpc: added a module for forwarding RPC requests | Andrew Tridgell | 3 | -9/+116 | |
dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC request to another task in Samba4, with the return being handled asynchronously. This is useful for forwarding DRS requests to the repl or kcc tasks | |||||
2009-09-15 | s4-drs: lock down key DRS calls | Andrew Tridgell | 4 | -22/+54 | |
The key DRS calls should only be allowed by administrators or domain controllers | |||||
2009-09-15 | s4-security: added a new security level SECURITY_DOMAIN_CONTROLLER | Andrew Tridgell | 2 | -0/+10 | |
This will be used as a simple way to lock down DRS replication to administrators and domain controllers | |||||
2009-09-15 | s4-ldb: ldap attribute names can contain a '.' | Andrew Tridgell | 1 | -1/+2 | |
When they are of the form of OIDs | |||||
2009-09-15 | s4-ldb: expose ldb_transaction_prepare_commit() in ldb | Andrew Tridgell | 3 | -21/+64 | |
It is useful to be able to control the 2 phase commit from application code (s4 replication uses it) | |||||
2009-09-15 | s4-repl: don't do double replication | Andrew Tridgell | 4 | -6/+44 | |
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC | |||||
2009-09-15 | tdb: allow reads after prepare commit | Andrew Tridgell | 1 | -8/+0 | |
We previously only allowed a commit to happen after a prepare commit. It is in fact safe to allow reads between a prepare and a commit, and the s4 replication code can make use of that, so allow it. | |||||
2009-09-15 | s4-drs: filter based on local_usn | Andrew Tridgell | 1 | -1/+1 | |
The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData | |||||
2009-09-15 | s4-repl: make sure we marshal the replPropertyMetaData after the last change | Andrew Tridgell | 1 | -10/+10 | |
we were setting local_usn after the marshall, so it wasn't going into the object | |||||
2009-09-15 | s4-dsdb: use DLIST_ADD() not DLIST_ADD_END() | Andrew Tridgell | 2 | -4/+4 | |
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better. | |||||
2009-09-15 | s4-ldb: cope better with corruption of tdb records | Andrew Tridgell | 4 | -5/+30 | |
When doing an indexed search if we hit a corrupt record we abandoned the indexed search and did a full search. The problem was that we might have sent some records to the caller already, which means the caller ended up with duplicate records. Fix this by returning a search error if indexing returns an error and we have given any records to the caller. |