summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2008-07-23libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam2-1/+2
instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
2008-07-23libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 ↵Michael Adam1-10/+18
auth. This allows controlling whether krb5 auth is forced for the rpc bind in libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges only krb5 auth works due to a bug in Windows (it returns garbage - a positive object count is returned along with first object == NULL). For Windows 2008, on the other hand, krb5 auth does not work currently due to the lack of support for AES keys. (Metze is working on that.) Michael (This used to be commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3)
2008-07-23drsuapi: always set the pid field of the outgoing DsBindInfo to 0.Michael Adam3-8/+3
This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael (This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
2008-07-23libnet_unbecome_dc: teach unbecomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
..to work agains w2k8. Michael (This used to be commit 97e8d5813df19cae294b6de2a880606f0f8c2c59)
2008-07-23libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
To work with w2k8. Michael (This used to be commit 7d80fab912576923c7474d77b8ed960b01296914)
2008-07-23dsdb: teach dreplsrv_out_drsuapi_bind_recv() knowledge of DsBindInfo48.Michael Adam1-0/+9
To make it work against w2k8. Michael (This used to be commit a8aea9274170a2b472c45c97a4904bd299d2a92e)
2008-07-23password_hash: add generation of the Primary:Kerberos-Newer-Keys blobStefan Metzmacher1-3/+216
But it's still of by default until we now what triggers this generation. It could be that the value is always generated but the KDC only uses it when in a specific funtional level, but it could also be that it's only generated in a specific functional level. metze (This used to be commit 08618bbd508ede0bb9e1922fae562cffdca41cbd)
2008-07-23hdb-ldb: try to find Primary:Kerberos-Newer-Keys and fallback to ↵Stefan Metzmacher1-16/+114
Primary:Kerberos Now provide AES tickets if we find the keys in the supplementalCredentials attribute metze (This used to be commit 8300259f103f8cfe014988fad0f7ee0d49bb1ac2)
2008-07-23drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in ↵Stefan Metzmacher1-0/+37
supplementalCredentials metze (This used to be commit 97b7901afbccc9647ad2958d4cf12300de2655d1)
2008-07-23password_hash: order the supplementalCredentials Packages in the same order ↵Stefan Metzmacher1-13/+55
like windows metze (This used to be commit ca9cd81a1798fb15195566422b3cad7c282fce89)
2008-07-23password_hash: split the generation of krb5 keys into a different functionStefan Metzmacher1-92/+69
metze (This used to be commit 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a)
2008-07-23password_hash: simplify the logic if we have cleartext we always generate ↵Stefan Metzmacher1-2/+2
the hashes metze (This used to be commit 5edff84429ef0d03b47a438e18861d26c97e17b6)
2008-07-23password_hash: fix callers after idl change for package_PrimaryKerberosStefan Metzmacher1-7/+0
metze (This used to be commit 1bf552856f3a930c4716ceb73d9ba9adf7502d3d)
2008-07-23drsblobs.idl: fix unknowns in package_PrimaryKerberos idlStefan Metzmacher1-6/+8
metze (This used to be commit da9ceb2bf17f964334d9317829d40483e2c04b10)
2008-07-23hdb-ldb: check the SUPPLEMENTAL_CREDENTIALS_SIGNATUREStefan Metzmacher1-0/+6
metze (This used to be commit 7219740ef434091617c6bb727374251987ff2a62)
2008-07-23password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATUREStefan Metzmacher1-2/+11
metze (This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)
2008-07-23drsblobs.idl: fix idl for supplementalCredentialsSubBlobStefan Metzmacher1-3/+8
metze (This used to be commit 24c5b10136f6e640832193aaf9e6d7e865c288bc)
2008-07-23password_hash: ignore reserved value, but still set it like windows doesStefan Metzmacher1-8/+4
metze (This used to be commit 5b860572686167d0291161f6597f143e538e2f3a)
2008-07-23drsblobs.idl: rename unknown1 -> reservedStefan Metzmacher1-1/+1
metze (This used to be commit 9a70b2237d4fdd523edfbca0329ad35e71faf998)
2008-07-23password_hash: don't add zero padding as w2k8 also don't add itStefan Metzmacher1-10/+0
metze (This used to be commit 26e9169d454349795ad0bc64d7f65059541ab89e)
2008-07-23hdb-ldb: fix comment about paddingStefan Metzmacher1-1/+1
metze (This used to be commit ca28d05b11e602e0f98cda0e02f973562c199dc6)
2008-07-23hdb-ldb: fix crash bug in the error pathStefan Metzmacher1-0/+1
metze (This used to be commit ac02d6a0f765e3b66fb6796f129edb1a348ecd84)
2008-07-23RPC-DSSYNC: print 'supplementalCredentials' more verboselyStefan Metzmacher1-0/+10
metze (This used to be commit 6a7637b12e4a34915a53e81a0f47571da21fdc5a)
2008-07-23rpc_server: be more strict with the incoming assoc_group_idStefan Metzmacher1-12/+12
Allow 0 and 0x12345678 only. This fixes the RPC-HANDLES test. metze (This used to be commit c123e597cc84685abf2b0d3564e1a26d80bbef2f)
2008-07-23smbtorture: add a warning for unknown BindInfo length to the RPC-DSSYNC testMichael Adam1-0/+3
Michael (This used to be commit 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c)
2008-07-23smbtorture: add support for the DSBindInfo48 to the RPC-DSSYNC test.Michael Adam1-0/+9
Michael (This used to be commit 67a99e445871861945fd0a45784cffb358bdccf3)
2008-07-23libnet/become_dc: add a comment and explain why it's important to specify krb5Stefan Metzmacher1-0/+9
metze (This used to be commit 26d1f9366d8611af1a69095b4cede2d2c95c982d)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett2-0/+17
(This used to be commit ae311d89d2d477b235a6a9294a8bb463ed0a8c05)
2008-07-23The SMB session key must not be more than 16 bytes in SAMR (andAndrew Bartlett2-3/+22
presumably LSA). Tests show that Vista requires the sesion key to be truncated for a domain join. Andrew Bartlett (This used to be commit af629a3738298d27eb2dbecf466ceb503cec9638)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett10-57/+75
(This used to be commit 532ccbbe7aa360440f455dfa136f425b9996e998)
2008-07-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett8-20/+38
(This used to be commit a93b20b85b7b35965c428f1543cb7bbe96e16d42)
2008-07-23Remove the 'accoc_group_id' check in the RPC server.Andrew Bartlett1-0/+11
This check breaks more than it fixes, and while technically not correct, is the best solution we have at this time. Otherwise, SCHANNEL binds from WinXP fail. Andrew Bartlett (This used to be commit f8628fa330abcd50923d995d5bda1f4811582ea9)
2008-07-23Explain where some other OIDs are allocated.Andrew Bartlett1-0/+6
This is an odd place for an OID registry - we perhaps need a central wiki page. Andrew Bartlett (This used to be commit 1c909973977ae117703c1ccf7589acc4625e76e5)
2008-07-22Change occurrences of the u1 member of DsBindInfo* to pid after idl change.Michael Adam6-16/+19
Michael (This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de)
2008-07-22drsuapi.idl: change the u1 field in DsBindInfo* to "pid".Michael Adam1-4/+4
According to the WSPP docs, section 5.35, this is the "process identifyer" of the client. It is meant for informational and debugging purposes only and its assignment is implementation specific. Michael (This used to be commit 579306eb5b58b6c1142b3c489e4bcf6da50810d6)
2008-07-22drsuapi.idl: add drsuapi_SupportedExtensionsExt bitfield.Michael Adam1-1/+6
This knowledge is obtained from the wspp-docs (section 5.35). Michael (This used to be commit f5afb695045b1a2f3b8c00a4d82d40e8e50726c9)
2008-07-22drsuapi.idl: the last 16 bytes in DsBindInfo48 ar the GUID of the config dn.Michael Adam1-1/+2
This bit seems not to be documented in the WSPP docs. Michael (This used to be commit 705f79bd0a5e93daa0cb11b5dcca36e75c75df93)
2008-07-22drsuapi.idl: add drsuapi_DsBindInfo48.Michael Adam1-0/+10
This is necessary to make DsGetNcChanges work with win2008. Michael (This used to be commit dd278b069b8683a0e3721ebb7d0de06d2bc1c86f)
2008-07-22s3 cli_do_rpc_ndr does not use PI_* anymoreVolker Lendecke1-1/+0
(This used to be commit e625c6b2516111002c99239c1a2188c6d5d87ab6)
2008-07-22Install'named.txt' to private/ as documentation.Andrew Bartlett1-2/+26
This document is much more use when subbed with all the right things. Andrew Bartlett (This used to be commit 136a85599815670c807f212d7d4003ec53a13729)
2008-07-22Improve DNS and Group poicy configurations.Matthias Dieter Wallnöfer4-53/+68
- fixes bug #4813 (simplify DNS setup) - This reworks the named.conf to be a fully fledged include - This also moves the documentation into named.txt - improves bug #4900 (Group policy support in Samba) - by creating an empty GPT.INI - fixes bug #5582 (DNS: Enhanced zone file) - This is now closer to the zone file AD creates committed by Andrew Bartlett (This used to be commit 74d684f6b329d7dd573cdc55e16bb8e629474b02)
2008-07-21Properly cast array length in print functions.Jelmer Vernooij2-37/+37
(This used to be commit f321240fa91fa19c1131f119c42f64897d220682)
2008-07-21Fix winbindd not to sit in a busy loop...Andrew Bartlett1-1/+2
Clearly winbindd in Samba4 has not ever been run against windows, as when we fixed the Samba4 server not to cause XP to loop like this, Samba4's own client starts looping... Andrew Bartlett (This used to be commit 9741772190a85c7c42c17ff24a4aa3f53fbc9f3a)
2008-07-21Rename structures to better match the names in the WSPP IDL.Andrew Bartlett6-68/+68
The 'comment' element in a number of domain structures is called oem_information. This was picked up actually because with OpenLDAP doing the schema checking, it noticed that 'comment' was not a valid attribute. The rename tries to keep this consistant in both the LDB mappings and IDL, so we don't make the same mistake in future. This has no real schema impact, as this value isn't actually used for anything, as 'comment' was not used in the provision. Andrew Bartlett (This used to be commit 65dc0d536590d055a5ee775606ac90ee5fcaee9a)
2008-07-21Remove bogus test in 'enum trusted domains' LSA server.Andrew Bartlett2-6/+40
The change to the RPC-LSA test proves that when the remote server has 0 trusted domains, it will return NT_STATUS_NO_MORE_ENTRIES, not NT_STATUS_OK. Andrew Bartlett (This used to be commit 40a55b34c2ce75267cf004dc4cfb8153c061e66b)
2008-07-21Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett1-0/+1
(This used to be commit 55bde3c9daeafdac04574365c23d181345639f34)
2008-07-21Sleep longer in the hope that the OpenLDAP backend might catch upAndrew Bartlett1-2/+2
(This used to be commit 63c80c885dc3fb2228f082be8db752bb29e3962e)
2008-07-21Fix ldb_map to add/remove the same 'extra' objectclassAndrew Bartlett1-2/+3
The code previously added data->add_objectClass, but only removed the fixed objectclass of extensibleObject. Found by the ldap.py test. Andrew Bartlett (This used to be commit 4fa15c3173a997fa0b9041161d81e742e1fdb41c)
2008-07-21Make invalid 'member' detection work again.Andrew Bartlett1-0/+4
This defines a rootdn globally, and due to OpenLDAP bugs, gives it manage access to the whole database. This makes the memberOf module able to validate the links again, now we have database ACLs. Andrew Bartlett (This used to be commit 9fe3e9f09f89fd92f8a16768e53391ff5f8489ec)
2008-07-19Fix RAW-OPEN against Samba3Volker Lendecke1-0/+1
This test assumed that fnums are recycled immediately after a close. This is not true on Samba 3. Andrew B., I assume this is just a bug in the test. Assuming recycled fnums might be true on Windows and Samba 4, but I don't think we should assume this everywhere. Volker (This used to be commit a4c3a59d47b2b1c794eda556d252c61907be1b3c)
generated by cgit (git 2.34.1) at 2024-07-15 07:54:13 +0000