summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-02-02s3:groupdb: allow machine accounts as members.Stefan Metzmacher1-4/+4
metze
2011-02-02s3:winbindd: catch lookup_names/sids schannel errors over ncacn_ip_tcp (bug ↵Stefan Metzmacher1-0/+28
#7944) If winbindd connects to a domain controller it doesn't establish the lsa connection over ncacn_ip_tcp direct. This happens only on demand. If someone does a 'net rpc testjoin' and then a wbinfo -n DOMAIN\\administrator, we'll get DCERPC faults with ACCESS_DENIED/SEC_PKG_ERROR, because winbindd's in memory copy of the schannel session key is invalidated. This problem can also happen on other calls, but the lookup_names/sids calls on thet lsa ncacn_ip_tcp connection are the most important ones. The long term fix is to store the schannel client state in a tdb, but for now it's enough to catch the error and invalidate the all connections to the dc and reestablish the schannel session key. The fix for bug 7568 (commit be396411a4e1f3a174f8a44b6c062d834135e70a) made this worse, as it assumes winbindd's in memory session key is always the current one. metze
2011-02-02s3: Remove superfluous ;Günther Deschner13-18/+18
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 15:44:21 CET 2011 on sn-devel-104
2011-02-02nsswitch: remove unused code from wbinfo.cGünther Deschner1-27/+0
Guenther
2011-02-02s3: Fix a typoVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Feb 2 14:58:52 CET 2011 on sn-devel-104
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_msrpc.c.Günther Deschner1-24/+59
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Feb 2 14:14:43 CET 2011 on sn-devel-104
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_pam.c.Günther Deschner1-13/+37
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_rpc.c.Günther Deschner1-58/+134
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_samr.c.Günther Deschner1-43/+92
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in invalidate_cm_connection.Günther Deschner1-3/+6
Guenther
2011-02-02s3-winbind: prefer dcerpc_samr_X functions in cm_connect_sam.Günther Deschner1-13/+35
Guenther
2011-02-02s3-winbind: use status variable name in cm_connect_sam.Günther Deschner1-33/+33
Guenther
2011-02-02s3-selftest: Enable RPC-EPMAPPER tests.Andreas Schneider1-1/+1
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Feb 2 13:28:41 CET 2011 on sn-devel-104
2011-02-02s3-smbd: Disable the endpoint mapper by default.Andreas Schneider3-2/+32
2011-02-02s3-smbd: Added a function to setup rpc services.Andreas Schneider4-90/+411
Move the complete setup of the rpc service to its own file and use callbacks to register at the endpoint mapper.
2011-02-02s3-rpc_server: Only allow registering endpoints on priviledged pipes.Andreas Schneider1-4/+21
2011-02-02s3-librpc: Added dcerpc_binding_vector_create function.Andreas Schneider2-16/+107
2011-02-02s3-librpc: Added dcerpc register endpoint functions.Andreas Schneider3-0/+233
2011-02-02s3-epmapper: Commented unimplemented functions.Andreas Schneider1-4/+10
2011-02-02s3-epmapper: Improved the epm_Map function.Andreas Schneider1-44/+210
2011-02-02s3-epmapper: Implemented epm_Lookup.Andreas Schneider1-8/+327
2011-02-02s3-epmapper: Implemented epm_LookupHandleFree.Andreas Schneider1-5/+14
2011-02-02s3-epmapper: Added arg to match uuid in build_ep_list().Andreas Schneider1-1/+16
2011-02-02s3-epmapper: Added epm_Map function from Samba4.Andreas Schneider1-4/+77
2011-02-02s3-epmapper: Added epm_Delete function.Andreas Schneider1-7/+87
2011-02-02s3-epmapper: Added epm_Insert function.Andreas Schneider1-8/+234
2011-02-02s3-epmapper: Added a endpoint mapper skeleton.Andreas Schneider3-1/+131
2011-02-02s4:torture/rpc/netlogon: add invalid level tests for netr_LogonControl2Stefan Metzmacher1-0/+24
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Feb 2 12:43:32 CET 2011 on sn-devel-104
2011-02-02s4:torture/rpc/netlogon: improve comments in test_LogonControl2()Stefan Metzmacher1-12/+12
metze
2011-02-02s4:torture/rpc/netlogon: test invalid netr_LogonControl() levelStefan Metzmacher1-0/+7
metze
2011-02-02s4:torture/rpc/netlogon: test invalid LogonSamLogon levelsStefan Metzmacher1-0/+90
This proves that the invalid parameter/info class checks need to be done before the credential chain checks. metze
2011-02-02s4:torture/rpc/netlogon: test validation levels 2 and 3Stefan Metzmacher1-1/+1
metze
2011-02-02netlogon.idl: remove pointless union arms of netr_DELTA_UNIONStefan Metzmacher1-16/+4
These were just padding, which was needed as we didn't have 'ms_union' support. metze
2011-02-02netlogon.idl: use 'ms_union' as specified in [MS-NRPC]Stefan Metzmacher1-0/+1
metze
2011-02-02netlogon.idl: add missing [default]; union armsStefan Metzmacher1-0/+4
metze
2011-02-02s3:rpc_server/netlogon: add _netr_LogonSamLogon_check()Stefan Metzmacher1-14/+87
We need to check for invalid parameters before we check for access denied. metze
2011-02-02s4:rpc_server/netlogon: add dcesrv_netr_LogonSamLogon_check()Stefan Metzmacher1-10/+83
We need to check for invalid parameters before we check for access denied. metze
2011-02-02s4:rpc_server/netlogon: set *r->out.authoritative = 1 even on ↵Stefan Metzmacher1-2/+3
INVALID_PARAMETER/INFO_CLASS metze
2011-02-02s4:rpc_server/netlogon: return INVALID_INFO_CLASS for invalid ↵Stefan Metzmacher1-1/+1
netr_Validation levels metze
2011-02-02replace: Try to fix broken sys/capabilites.h on Linux.Andreas Schneider3-1/+6
As this is more or less a broken header we need to include linux/types.h before sys/capabilities.h to avoid redefinitions. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Feb 2 11:57:04 CET 2011 on sn-devel-104
2011-02-02s4/samba-tool: Add --sync-forced flag to 'drs replicate' commandKamen Mazdrashki1-1/+4
We are going to need this to trigger replication when inbound replication is disabled for a given DC Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Wed Feb 2 09:03:22 CET 2011 on sn-devel-104
2011-02-02s4-dsdb Add tests to ensure we don't break the rootDSE function levels againAndrew Bartlett1-0/+33
This both checks that the levels make sense, and they match what they should be based on in the DB. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Feb 2 06:09:53 CET 2011 on sn-devel-104
2011-02-02s4-dsdb Fix generation of rootDSE domainControllerFunctionalityAndrew Bartlett1-1/+3
The issue here is that when the samdb calls were removed, this call relied on going back to the top of the module stack, so as to re-enter the rootDSE search handler. It makes more sense to check the @ROOTDSE record directly, and therefore not to invoke the search() handler during the init. Andrew Bartlett
2011-02-02wintest Return debug info when dcpromo fails from the logAndrew Bartlett1-1/+11
2011-02-02s4-waf Don't install any Samba packages into PYTHONDIRAndrew Bartlett3-4/+4
This causes the parts of Samba installed into PYTHONARCHDIR to then be missed in mixed python/C module namespaces. Andrew Bartlett
2011-02-02s4-python Remove manipuation of python path from samba moduleAndrew Bartlett1-2/+1
This manipulation should be done by top level scripts, otherwise we won't find samba in the first place (and these can be munged correctly for the install). Andrew Bartlett
2011-02-02s4-python Ensure we add the Samba python path first.Andrew Bartlett16-16/+16
This exact form of the construction is important, and we match on it in the installation scripts. Andrew Bartlett
2011-02-02waf: Replace python installation rule to allow PYTHONARCHDIR and PYTHONDIRAndrew Bartlett1-7/+23
The old rule could only substitute one part of one line, but we need to add a second line to handle when PYTHONDIR and PYTHONARCHDIR do not match. This also avoids shelling out to sed with a regex, which was difficult to read. Andrew Bartlett
2011-02-02s4-python Remove unused missing.py (used by old build system)Andrew Bartlett1-17/+0
2011-02-02Remove unused installmisc.sh script, from old build systemAndrew Bartlett1-98/+0