summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-09-17idl: added DsExecuteKCC IDLAndrew Tridgell2-4/+22
2009-09-16ndr: added --ndr64 flag to ndrdumpAndrew Tridgell4-6/+44
This only does pull, but it is useful for w2k8-r2 <-> w2k8-r2 ndrdump usage, which is always 64bit.
2009-09-17s3-winbindd: add and use winbindd_lookup_names().Günther Deschner2-20/+47
Guenther
2009-09-17s3-winbindd: add and use winbindd_lookup_sids().Günther Deschner3-96/+78
Guenther
2009-09-17cifs-upcall: fix the build after spnego merge.Günther Deschner1-0/+1
Guenther
2009-09-17w32err: use WERR_DC_NOT_FOUND name instead of WERR_DOMAIN_CONTROLLER_NOT_FOUNDKamen Mazdrashki1-2/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17w32err: Set hex format values for all errorsKamen Mazdrashki1-90/+90
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17w32err: Re-define errors with numeric valuesKamen Mazdrashki1-46/+46
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17w32err: Sorting error codes in ascending orderKamen Mazdrashki1-10/+8
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17w32err: NERR_ codes grouped togetherKamen Mazdrashki1-9/+9
Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17w32err: WERR_CLASS_NOT_REGISTERED updatedKamen Mazdrashki2-2/+7
Error code move to COM/OLE group. Error value changed to as REGDB_E_CLASSNOTREG in Windows Signed-off-by: Günther Deschner <gd@samba.org>
2009-09-17To set file create/birth time in GPFS. Signed-off-by: Abhidnya Chirmule ↵Abhidnya Chirmule1-0/+42
<achirmul@in.ibm.com>
2009-09-17s3:vfs: Fix the build of vfs_tsmsm after the VFS rewriteVolker Lendecke1-3/+3
2009-09-17spnego: add spnego_proto.h.Günther Deschner2-1/+29
Guenther
2009-09-17spnego: share spnego_parse.Günther Deschner21-496/+71
Guenther
2009-09-16libcli/auth: remove trailing whitespace.Günther Deschner1-72/+72
Guenther
2009-09-16s3-netlogon: support validation level 6 in netr_SamLogon calls.Günther Deschner3-0/+65
Guenther
2009-09-16s3-netlogon: match all logon levels in netr_SamLogon calls.Günther Deschner1-0/+9
Guenther
2009-09-16s3-rpcclient: fix netr_LogonGetCapabilities command.Günther Deschner1-6/+5
Guenther
2009-09-16security:idl Generated filesNadezhda Ivanova3-0/+66
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-16Owner and group defaulting.Nadezhda Ivanova9-59/+636
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-16Tests for descriptor inheritanceZahari Zahariev3-1/+1613
Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-16s4:kdc In the kpasswd server, don't use the client address in mk_privAndrew Bartlett1-0/+8
This code eventually calls into mk_priv in the Heimdal code, and if the client is behind NAT, or somehow has an odd idea about it's own network addresses, it will fail to accept this packet if we set an address. It seems easiser not to. (Found by testing with NetAPP at plugfest) Andrew Bartlett
2009-09-16s4:rpc_server netgotiate max xmit size with RPC clientAndrew Bartlett1-2/+2
Testing against NetAPP showed that clients can object to being told a larger max xmit fragment size than they negotiated. Choose the minimum of the server and client values. Andrew Bartlett
2009-09-16s3: Don't overwrite password in pam_winbind, subsequent pam modulesBo Yang1-4/+0
might use the old password and new password. Signed-off-by: Bo Yang <boyang@samba.org>
2009-09-16s4-repl: raise a debug levelAndrew Tridgell1-1/+1
2009-09-16s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't existAndrew Tridgell1-0/+8
When a partition is first created it still needs a uSNHighest value
2009-09-16libcli/auth: rewrite schannel sign/seal code to be more genericStefan Metzmacher5-229/+263
This prepares support for HMAC-SHA256/AES. metze
2009-09-16lib/crypto: include aes.h into crypto.hStefan Metzmacher1-1/+1
metze
2009-09-13Ignore source4/dsdb/kcc/kcc_service_proto.h.Matt Kraai1-0/+1
2009-09-16s3-netapi: Fix Coverity #668: FORWARD_NULL.Günther Deschner1-1/+1
Guenther
2009-09-16s3-netapi: Fix Coverity #669 FORWARD_NULL.Günther Deschner1-1/+1
Guenthe
2009-09-16s3-netapi: Fix Coverity #670: FORWARD_NULL.Günther Deschner1-1/+1
Guenther
2009-09-16s3-eventlogadm: Fix Coverity #938: UNINIT.Günther Deschner1-1/+1
Guenther
2009-09-16s3-rpcclient: Fix Coverity #935: UNINIT.Günther Deschner1-1/+1
Guenther
2009-09-16s3-ntlmssp: add missing prototype.Günther Deschner2-2/+3
Guenther
2009-09-16s3-dcerpc: remove more obsolete or duplicate headers.Günther Deschner6-111/+69
Guenther
2009-09-16s3-schannel: add dump_NL_AUTH_SIGNATURE.Günther Deschner4-44/+44
Guenther
2009-09-15s4-repl: take advantage of async RPC forwardingAndrew Tridgell2-26/+7
This uses async RPC forwarding for the DsReplicaSync call
2009-09-15s4-rpc: added a module for forwarding RPC requestsAndrew Tridgell3-9/+116
dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC request to another task in Samba4, with the return being handled asynchronously. This is useful for forwarding DRS requests to the repl or kcc tasks
2009-09-15s4-drs: lock down key DRS callsAndrew Tridgell4-22/+54
The key DRS calls should only be allowed by administrators or domain controllers
2009-09-15s4-security: added a new security level SECURITY_DOMAIN_CONTROLLERAndrew Tridgell2-0/+10
This will be used as a simple way to lock down DRS replication to administrators and domain controllers
2009-09-15s4-ldb: ldap attribute names can contain a '.'Andrew Tridgell1-1/+2
When they are of the form of OIDs
2009-09-15s4-ldb: expose ldb_transaction_prepare_commit() in ldbAndrew Tridgell3-21/+64
It is useful to be able to control the 2 phase commit from application code (s4 replication uses it)
2009-09-15s4-repl: don't do double replicationAndrew Tridgell4-6/+44
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC
2009-09-15tdb: allow reads after prepare commitAndrew Tridgell1-8/+0
We previously only allowed a commit to happen after a prepare commit. It is in fact safe to allow reads between a prepare and a commit, and the s4 replication code can make use of that, so allow it.
2009-09-15s4-drs: filter based on local_usnAndrew Tridgell1-1/+1
The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData
2009-09-15s4-repl: make sure we marshal the replPropertyMetaData after the last changeAndrew Tridgell1-10/+10
we were setting local_usn after the marshall, so it wasn't going into the object
2009-09-15s4-dsdb: use DLIST_ADD() not DLIST_ADD_END()Andrew Tridgell2-4/+4
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better.
2009-09-15s4-ldb: cope better with corruption of tdb recordsAndrew Tridgell4-5/+30
When doing an indexed search if we hit a corrupt record we abandoned the indexed search and did a full search. The problem was that we might have sent some records to the caller already, which means the caller ended up with duplicate records. Fix this by returning a search error if indexing returns an error and we have given any records to the caller.