Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-07-05 | s4-dsdb: Implementation of User-Change-Password and User-Force-Password-Change | Nadezhda Ivanova | 1 | -0/+2 | |
These CARs need to be checked on password change and password reset operations. Apparently the password attributes are not influenced by Write Property. Single detele operations and modifications of dBCSPwd are let through to the password_hash module. This is determined experimentally. | |||||
2010-06-09 | Added guids for the validated writes. | Nadezhda Ivanova | 1 | -0/+7 | |
2010-06-03 | security: move generic_mapping and standard_mapping to security.idl. | Günther Deschner | 1 | -0/+18 | |
Guenther | |||||
2010-05-18 | Finish removal of iconv_convenience in public API's. | Jelmer Vernooij | 1 | -3/+3 | |
2010-05-18 | security: merge builtin rid tables. | Günther Deschner | 1 | -0/+19 | |
Guenther | |||||
2010-03-23 | security.idl: Add missing builtin groups. | Karolin Seeger | 1 | -0/+4 | |
Karolin | |||||
2010-03-16 | security.idl - push generated code diff | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-16 | Added a net acl ds command for modification of ACLs on directory objects | Nadezhda Ivanova | 1 | -1/+18 | |
At present the command supports only addition of control access rigts, done so DRS access checks can be tested. It will be expanded to deal with most ways to modify and view a DS ACL. Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed to this, which is "net acl ds" ./bin/net acl ds set --help Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn Options: -h, --help show this help message and exit --host=HOST LDB URL for database or target server --car=CAR The access control right to allow or deny --action=ACTION Deny or allow access --objectdn=OBJECTDN DN of the object whose SD to modify --trusteedn=TRUSTEEDN DN of the entity that gets access Samba Common Options: -s FILE, --configfile=FILE Configuration file Credentials Options: --simple-bind-dn=DN DN to use for a simple bind --password=PASSWORD Password -U USERNAME, --username=USERNAME Username -W WORKGROUP, --workgroup=WORKGROUP Workgroup -N, --no-pass Don't ask for a password -k KERBEROS, --kerberos=KERBEROS Use Kerberos | |||||
2010-02-18 | security: make two bitmaps public. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2010-01-29 | security.idl: add wellknown TrustedInstaller SID | Stefan Metzmacher | 1 | -0/+7 | |
metze | |||||
2009-11-27 | security.idl - Add some more wellknown SIDs/RIDs | Matthias Dieter Wallnöfer | 1 | -14/+17 | |
2009-11-17 | Fixed incorrect SID for RAS Servers. | Nadezhda Ivanova | 1 | -0/+1 | |
2009-11-03 | Removed the default DACL from token, as we will not be using it. | Nadezhda Ivanova | 1 | -1/+0 | |
2009-10-16 | idl: added bit definition for privilege masks | Andrew Tridgell | 1 | -0/+15 | |
When you have backup or restore privileges, you automatically get extra access bits in ACL interpretation. This adds definitions for the bits you get. | |||||
2009-09-16 | Owner and group defaulting. | Nadezhda Ivanova | 1 | -0/+34 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-05-29 | s4: Add additional well-known SID's/RID's. | Andrew Kroeger | 1 | -0/+4 | |
Information was found at http://support.microsoft.com/kb/243330 Not all well-known identifiers were included - only those necessary for enhancing the 2-letter mappings used in SDDL strings were added. | |||||
2009-05-29 | Fix incorrect RID for KRBTGT. (was incorectly 514, should be 502) | Andrew Bartlett | 1 | -1/+1 | |
Requires recompile of source4/kdc/* Found by Andrew Kroeger <andrew@id10ts.net> Andrew Bartlett | |||||
2009-05-27 | Add DOMAIN_RID_KRBTGT define to security.idl | Andrew Bartlett | 1 | -0/+1 | |
2009-05-20 | s4: try to fix privileges implementation in order to pass the ↵ | Günther Deschner | 1 | -1/+2 | |
RPC-SAMR-USERS-PRIVILEGES test. Guenther | |||||
2009-01-01 | Add iconv_convenience argument to size functions. | Jelmer Vernooij | 1 | -3/+3 | |
2008-12-16 | Rename dom_sid.idl -> server_id.idl (since it no longer actually contains ↵ | Jelmer Vernooij | 1 | -2/+0 | |
the dom_sid). No longer include it from security.idl. | |||||
2008-12-16 | Add python extensions for dom_sid. | Jelmer Vernooij | 1 | -2/+1 | |
2008-12-12 | Move dom_sid to the Samba 3 IDL file, remove the old definition. | Jelmer Vernooij | 1 | -0/+29 | |
2008-11-08 | s3: make idl | Stefan Metzmacher | 1 | -3/+3 | |
metze | |||||
2008-11-08 | security.idl: sometimes ACEs have some padding at the end | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2008-11-08 | s3: security.idl: split of dom_sid stuff into dom_sid.idl | Stefan Metzmacher | 1 | -19/+2 | |
And use the toplevel ndr_sec_helper.c metze | |||||
2008-11-01 | security-idl: fix typo. | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-10-31 | security-idl: add STANDARD_RIGHTS_X bits. | Günther Deschner | 1 | -0/+14 | |
Guenther | |||||
2008-10-15 | Share security.idl. | Jelmer Vernooij | 1 | -0/+394 | |