Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-05-10 | s4:passwords.py - add a python unittest for additional testing of my ↵ | Matthias Dieter Wallnöfer | 2 | -0/+580 | |
passwords work This performs checks on direct password changes over LDB/LDAP. Indirect password changes over the RPCs are already tested by some torture suite (SAMR passwords). So no need to do this again here. | |||||
2010-05-10 | s4:samdb_set_password - adapt it for the user password change handling | Matthias Dieter Wallnöfer | 1 | -0/+12 | |
Make use of the new "change old password checked" control. | |||||
2010-05-10 | s4:samdb_set_password/samdb_set_password_sid - Rework | Matthias Dieter Wallnöfer | 4 | -383/+159 | |
Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file | |||||
2010-05-10 | s4:password_hash - Implement password restrictions | Stefan Metzmacher | 1 | -0/+195 | |
Based on the Patch from Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>. metze | |||||
2010-05-10 | s4:password_hash - Rework to handle password changes | Matthias Dieter Wallnöfer | 1 | -138/+450 | |
- Implement the password restrictions as specified in "samdb_set_password" (complexity, minimum password length, minimum password age...). - We support only (administrative) password reset operations at the moment - Support password (administrative) reset and change operations (consider MS-ADTS 3.1.1.3.1.5) | |||||
2010-05-10 | s4:password_hash - Rework unique value checks | Matthias Dieter Wallnöfer | 1 | -49/+71 | |
Windows Server performs the constraint checks in a different way than we do. All testing has been done using "passwords.py". | |||||
2010-05-10 | s4:password_hash - Various (mostly cosmetic) prework | Matthias Dieter Wallnöfer | 1 | -176/+240 | |
- Enhance comments - Get some more attributes from the domain and user object (needed later) - Check for right objectclass on change/set operations (instances of "user" and/or "inetOrgPerson") - otherwise forward the request - (Cosmetic) cleanup in asynchronous results regarding return values | |||||
2010-05-10 | s4:dsdb: add new controls | Matthias Dieter Wallnöfer | 2 | -0/+24 | |
- Add a new control for getting status informations (domain informations, password change status) directly from the module - Add a new control for allowing direct hash changes - Introduce an addtional control "change_old password checked" for the password | |||||
2010-05-10 | s4:setup: mark DSDB_CONTROL_DN_STORAGE_FORMAT_OID 1.3.6.1.4.1.7165.4.3.4 as ↵ | Stefan Metzmacher | 1 | -2/+4 | |
allocated metze | |||||
2010-05-10 | v2 Latest enhancements in ldapcmp tool | Zahari Zahariev | 1 | -140/+262 | |
- Added support for replicating hosts versus hosts in different domains - Added switches for the following modes: = two - ignores additional attributes that cannot be the same in two different provisions (domains) = quiet - display nothing, only return code = verbose - display all dn objects through compare fase = default - display only objects with differences - Added more placeholders for nETBIOSDomainName and ServerName | |||||
2010-05-10 | s4-rodc: Fix provision warnings by creating ntds objectGUID in provision | Anatoliy Atanasov | 3 | -1/+32 | |
2010-05-10 | s3-rpcclient: fix two more invalid typecasts in spoolss commands. | Günther Deschner | 1 | -9/+47 | |
Guenther | |||||
2010-05-10 | s3: Work around dependency bug in Samba 4 waf build in merged build. | Jelmer Vernooij | 1 | -3/+4 | |
2010-05-10 | libwbclient: Fix a fd-leak at dlclose-time | Volker Lendecke | 1 | -0/+3 | |
__attribute__((destructor)) makes winbind_close_sock() being called at dlclose() time. Found while testing apache on Linux with mod_auth_pam. Other platforms will have to find a different fix. One possibility would be to always close the socket after each operation, but this badly sucks performance-wise. | |||||
2010-05-10 | s3: Test for "__attribute__((destructor))" | Volker Lendecke | 1 | -0/+16 | |
2010-05-10 | s4:acl ldb module - fix typos | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
2010-05-10 | s4:dsdb/util.c - Add a new function for retrieving password change attributes | Matthias Dieter Wallnöfer | 1 | -0/+41 | |
This is needed since we have not only reset operations on password fields (attributes marked with REPLACE flag) but also change operations which can be performed by users itself. They have one attribute with the old value marked with the REMOVE flag and one with the new one marked with the ADD flag. This function helps to retrieve them (argument "new" is used for the new password on both reset and change). | |||||
2010-05-10 | s4:blackbox password tests - more complex passwords | Stefan Metzmacher | 2 | -5/+5 | |
2010-05-10 | s4:selftest - change test passwords | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
The passwords need to be more complex to meet the new complexity criteria. | |||||
2010-05-10 | s4:selftest: add --socket-wrapper[-keep]-pcap options to "waf test" | Stefan Metzmacher | 1 | -0/+10 | |
metze | |||||
2010-05-10 | testprogs: update Makefile.mingw (although mingw current cant build it). | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2010-05-10 | testprogs: update README to reflect the util rename. | Günther Deschner | 1 | -9/+9 | |
Guenther | |||||
2010-05-10 | testprogs: add readme for testspoolss.exe. | Günther Deschner | 2 | -1/+65 | |
Patch from Kurt Pfeifle <Kurt.Pfeifle@ricoh.de>. Guenther | |||||
2010-05-10 | testprogs: add vcproj and sln files for testspoolss.exe. | Günther Deschner | 2 | -0/+244 | |
Patch from Kurt Pfeifle <Kurt.Pfeifle@ricoh.de>. Guenther | |||||
2010-05-10 | testprogs: rename spoolss.exe to testspoolss.exe. | Günther Deschner | 5 | -7/+7 | |
Patch from Kurt Pfeifle <Kurt.Pfeifle@ricoh.de>. Guenther | |||||
2010-05-10 | s3-net: Fix Bug #7417. 'net rpc user password' can set the wrong password. | Günther Deschner | 1 | -1/+4 | |
Guenther | |||||
2010-05-10 | tevent: Added a description for tevent queue. | Andreas Schneider | 1 | -0/+9 | |
2010-05-10 | tevent: Added an introduction to the tevent_queue tutorial. | Andreas Schneider | 1 | -4/+38 | |
Thanks Volker. | |||||
2010-05-10 | tevent: Fixed a doxygen problem with PRINTF_ATTRIBUTE. | Andreas Schneider | 1 | -3/+3 | |
2010-05-10 | talloc: Fixed a doxygen problem with PRINTF_ATTRIBUTE. | Andreas Schneider | 1 | -3/+3 | |
2010-05-10 | build: Update the waf build to fix python header checks | Kai Blin | 1 | -0/+0 | |
2010-05-10 | s3:provision_basedn_modify.ldif - add "msDS-NcType" attribute and fix comments | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
2010-05-09 | s3-proto: add missing protoype for dcerpc_fault_to_nt_status(). | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-05-09 | s3-lanman: use srvsvc for api_RNetServerGetInfo(). | Günther Deschner | 1 | -45/+47 | |
Following MS-RAP 3.2.5.3 NetServerGetInfo Command. Guenther | |||||
2010-05-09 | s3-spoolss: Make spoolss_Time_to_time_t public. | Simo Sorce | 3 | -15/+16 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-09 | s4:samldb LDB module - make "samldb_member_check" synchronous again | Matthias Dieter Wallnöfer | 1 | -64/+33 | |
2010-05-09 | s4:samldb LDB module - make "samldb_prim_group_users_check" synchronous again | Matthias Dieter Wallnöfer | 1 | -235/+24 | |
2010-05-09 | s4:samldb LDB module - update the copyright notice | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-09 | s4:blackbox/test_kinit.sh - Test the new "net user add <user> [<password>]" ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
syntax | |||||
2010-05-09 | s4:net utility - make outprinted description comments more consistent | Matthias Dieter Wallnöfer | 14 | -16/+16 | |
I've added a [server connection needed] when commands won't work on the local SamDB. | |||||
2010-05-09 | s4:net utility - remove unixname parameter of samdb.newuser | Matthias Dieter Wallnöfer | 1 | -9/+4 | |
We don't handle the id mapping stuff manually anymore. | |||||
2010-05-09 | s4:samdb python bindings - remove idmap creation stuff from this call | Matthias Dieter Wallnöfer | 1 | -22/+1 | |
The id mapping should now be handled automatically by the s4 daemon. | |||||
2010-05-09 | s4:net utility - add an optional password attribute to "net user add" | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
To make it behave similar to "net newuser". | |||||
2010-05-09 | s4:dsdb Provide an intelegent fallback if not CN=Subnets is found | Andrew Bartlett | 1 | -3/+7 | |
We may as well fall back rather than return NULL (which callers don't do useful things with). Andrew Bartlett | |||||
2010-05-09 | buildtools: Add 'make testenv' to Samba4 make targets | Andrew Bartlett | 1 | -0/+3 | |
I'm still too addicted to this as my standard debugging environment, and while I can learn the new command, this helps the muscle-memory. Andrew Bartlett | |||||
2010-05-09 | dsdb/password_hash: remove usage of msDs-KeyVersionNumber | Stefan Metzmacher | 1 | -37/+1 | |
metze | |||||
2010-05-09 | s4:dsdb Use replPropertyMetaData as the basis for msDS-KeyVersionNumber | Andrew Bartlett | 1 | -10/+76 | |
This means that the existing kvno will no longer be valid, all unix-based domain members may need to be rejoined, and upgradeprovision run to update the local kvno in secrets.ldb/secrets.keytab. This is required to match the algorithm used by Windows DCs, which we may be replicating with. We also need to find a way to generate a reasonable kvno with the OpenLDAP backend. Andrew Bartlett | |||||
2010-05-09 | librpc:dcerpc_error.c - fix a warning | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-05-09 | s3-libsmb: fix argument order for tevent_req_default_print in cli_pull_print(). | Günther Deschner | 1 | -1/+1 | |
Andreas, please check. Guenther | |||||
2010-05-08 | pidl: add NDR_PRINT_DEBUG output to generated s3 server dispatch tables. | Günther Deschner | 1 | -0/+10 | |
This dramatically helps tracking and debugging usage of the rpc_pipe_open_internal users. Guenther |