summaryrefslogtreecommitdiff
path: root/source3/include/rpc_netlogon.h
AgeCommit message (Collapse)AuthorFilesLines
2003-03-24(merge from HEAD)Andrew Bartlett1-1/+1
NTLM Authentication: - Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter1-94/+99
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-12-12decoded SAM_DELTA 0x0e and 0x12.Jean-François Micouleau1-0/+59
One is an entry for the trusted domains The other is an entry for the trusting domains They are pretty basic, I'll improve them. J.F. (This used to be commit 8d359e62138aa327cb00875dc446234ce4be6f02)
2001-12-12a ugly decoder for SAM_DELTA_DOM_INFO (0x0d)Jean-François Micouleau1-3/+88
a correct decoder for SAM_PRIVS_INFO (0x10) this code is totally useless right now, it's just fun to decode those and will save tpot some time. J.F. (This used to be commit 314b675ed9ebacba9db25938c43cfa304462ebe2)
2001-09-30Make header comment clearer, these are RIDs, not UIDs.Andrew Bartlett1-2/+3
(This used to be commit 663c1c91bdd020e2e8266d25909db12b28fbb7d8)
2001-09-22These are RIDs not Unix UIDs so make this clear in the feild names.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit d1bc778301b31d77fdc3837ec3cff24ce37adcd7)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-8/+5
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-28Merge of SAM delta type constants and BDC replication types from TNG.Tim Potter1-0/+282
(This used to be commit 73eeaadbe212989b5c1b2e494500e9618c3f3a5e)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-12/+10
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-05-24Added structures for LOGON_CTRL rpc.Tim Potter1-21/+55
Make proto. (This used to be commit 0650f87000dcf5572f3a8d61ab93760d94eee770)
2001-04-23Fix "proc num out of range" error. Missing rpc call.Jeremy Allison1-2/+17
Jeremy. (This used to be commit 6248fb22926d72fddaecad5af117af1bdd08fda3)
2001-02-24This patch (donated by Marc Jacobsen of HP) should make Sun and HP very ↵Jeremy Allison1-14/+45
happy :-). Probably Veritas too... :-). It allows Samba as a domain member to authenticate against an AS/U server such as the older HP PDC product or PD Netlink. It does this by trying a netlogon with info level 3 and then falling back to info level 2 if the PDC returns invalid info level. Jeremy. (This used to be commit bda1d6d4a4b3d2cfc260549280a2ce3e57fd0f86)
2000-10-10a netlogon enum trust query doesn't have a function_code at end.Jean-François Micouleau1-2/+0
a sam_user_info_24 doesn't have a uint16 at end samr_create_user also creates the unix account now samr_set_userinfo changes the password. J.F. (This used to be commit 94f4024481fcd0cb6647af1bd4364033be020641)
2000-09-06Fix for the SID history problem when using a Win2k domain controllerJeremy Allison1-1/+4
with security=domain. Also fixed to dynamically allocate the SIDs and GIDs. Jeremy. (This used to be commit 2b1f66eb82f05fe0b85ac5b4916e32847b8de675)
2000-06-09dynamic allocation of NET_USER_INFO_3 gids.Luke Leighton1-2/+2
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid, array-of-group-rids (but array-of-group-sids would do). please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you that we really do need to store the entire NET_USER_INFO_3 structure. then again, api_NetWkstaGetInfo is only used by win9x so who cares :) (This used to be commit bd34f652390adc32c4959d164c628687f526d977)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-290/+34
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-01damn, that took a while. nt login password was being stored incorrectlyLuke Leighton1-2/+2
in private .mac file (oops). ntlogin test now works. (This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
1999-11-16attempting to get nt5 wksta to join domain.Luke Leighton1-1/+1
1) had to fix samr "create user" and "set user info" (level 23). 2) had to fix netlogon enum trust domains 3) registry key needed \\ in it not \. (This used to be commit 70b2c1ecbb4fbbb86fea676c80754485aae5ab13)
1999-11-16Changes to implement NET_AUTH based on NET_AUTH2, to get Win2000Richard Sharpe1-2/+17
happier in joining a Samba domain. (This used to be commit 70274b5253182f3541584ecd844f07376a3d3df9)
1999-07-22BDC support.Matthew Chapman1-6/+4
Fixing and clarifying SAM_PWD structure. (This used to be commit 8e36b07a0e8e7ea8b72e1b9e3b747795b2685e85)
1999-07-21BDC support.Luke Leighton1-2/+21
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
1999-06-02Some more BDC-related fixes, mainly to the NET_SAM_SYNC RPC with respectMatthew Chapman1-20/+30
to alignment, missing fields, etc. - it should now work correctly. There is still the problem of decoding the private data field. (This used to be commit c3c25e762fbc30d5663323f23449c913f2ce4b0e)
1999-04-08Mainly BDC-related changes.Matthew Chapman1-2/+244
* Added SEC_CHAN_BDC * Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A BUFFER2 is really a "unibuf" in my terminology and we should treat it as such. * Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4). * Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication. Still experimental and incomplete, with a few too many NULL security descriptors lying around (must go look at Jeremy's SD code). Haven't worked out password encryption yet either. However, the XXX_INFO structures I've added to rpc_netlogon.h are quite nice as they give some insight into how these objects are stored in the SAM. (This used to be commit 74d6dec25d6b44e26d3895f789f1958d5f4639ee)
1998-04-29This is the checkin that adds the security=domain functionality.Jeremy Allison1-0/+3
WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
1998-03-24clientgen.c ipc.c smbpasswd.c: Fixes for warnings (from Herb).Jeremy Allison1-2/+2
quotas.c: Linux quota fix. util.c: Ensure smb_read_error is zero in all calls that can set it. lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c lib/rpc/server/srv_netlog.c : Modify Luke's code to call SamOEMhash(). Jeremy. (This used to be commit 7f749708383b8b36c3f23a5fbc5cbdf39bc8e555)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-0/+372
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)