summaryrefslogtreecommitdiff
path: root/source3/libnet/libnet_join.c
AgeCommit message (Collapse)AuthorFilesLines
2008-08-29libnet_join: streamline logic of libnet_join_post_processing()Michael Adam1-9/+11
Michael (This used to be commit 81cc1af1e699e454fbb1d12636d002f845231006)
2008-08-29libnet: fix join by creating keytab after changing the config.Michael Adam1-10/+11
Michael (This used to be commit 96d1c780bf9524b929e6026776602a5288aea73d)
2008-08-11libnetjoin: support kerberized joining/unjoing (fix #5416).Günther Deschner1-19/+41
Guenther (This used to be commit da6e0f4f375aa533c4c765891c960070478972eb)
2008-07-31rpc_client: use init_samr_CryptPassword(Ex) in client tools.Günther Deschner1-24/+13
Guenther (This used to be commit 97f7f9f21f17e8414de15953cf4eaa9959dc6f75)
2008-07-30Enabled domain groups to be added to builtin groups at domain join timeTim Prouty1-0/+33
Previously this was done at token creation time if the Administrators and Users builtins hadn't been created yet. A major drawback to this approach is that if a customer is joined to a domain and decides they want to join a different domain, the domain groups from this new domain will not be added to the builtins. It would be ideal if these groups could be added exclusively at domain join time, but we can't rely solely on that because there are cases where winbindd must be running to allocate new gids for the builtins. In the future if there is a way to allocate gids for builtins without running winbindd, this code can be removed from create_local_nt_token. - Made create_builtin_users and create_builtin_administrators non-static so they can be called from libnet - Added a new function to libnet_join that will make a best effort to add domain administrators and domain users to BUILTIN\Administrators and BUILTIN\Users, respectively. If the builtins don't exist yet, winbindd must be running to allocate new gids, but if the builtins already exist, the domain groups will be added even if winbindd is not running. In the case of a failure the error will be logged, but the join will not be failed. - Plumbed libnet_join_add_dom_rids_to_builtins into the join post processing. (This used to be commit e92faf5996cadac480deb60a4f6232eea90b00f6)
2008-07-20Refactoring: Change calling conventions for cli_rpc_pipe_open_schannel_with_keyVolker Lendecke1-6/+4
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS (This used to be commit 78e9c937ff2d2e1b70cfed4121e17feb6efafda1)
2008-07-20Refactoring: Make get_schannel_session_key return NTSTATUSVolker Lendecke1-4/+3
(This used to be commit a0793cc853d3bd43df2fc49df193a5fead6b01ab)
2008-07-20Refactoring: Change calling conventions for cli_rpc_pipe_open_noauthVolker Lendecke1-6/+9
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS (This used to be commit 9abc9dc4dc13bd3e42f98eff64eacf24b51f5779)
2008-07-18libnetjoin: make libnet_join_rollback() static.Günther Deschner1-2/+2
Guenther (This used to be commit f1cc39e3759357344cb7abcb6bfa9d3e3f4969e6)
2008-07-03libnetjoin: fix Bug #5570.Günther Deschner1-1/+1
Thanks to Atte Peltomäki. Guenther (This used to be commit 144d374ad9dd981430a82369ceaa2783e6dae90a)
2008-06-24libads: use ads_connect_user_creds in some places.Günther Deschner1-1/+1
Guenther (This used to be commit ebf31203e7cf22e32b986c536279688b17a65d22)
2008-06-05libnetjoin: add libnet_join_rollback().Günther Deschner1-1/+30
This is required now if the join verify failed and we already modified the local configuration. Guenther (This used to be commit 2870fe50af5163e30330f5a3ef21d0b7eea85ee5)
2008-06-05libnetjoin: First store configuration and then verify the join.Günther Deschner1-4/+11
Jerry, this fixes the issues while joining with "config backend = registry". Guenther (This used to be commit b3d47f099286778252c6df6bf2c1fee0c4e26560)
2008-06-04libnetjoin: correctly copy returned lsa policy sid.Günther Deschner1-2/+4
Guenther (This used to be commit f9e5450c9492b0f35bd90040739007963e765ab1)
2008-06-04libnetjoin: only close existing policy handles while unjoining.Günther Deschner1-2/+10
Guenther (This used to be commit 6dbed6e7b7300962e11fdce1a713e6f3ea2cb619)
2008-06-04libnetjoin: delete possible "realm" leftover parameter.Günther Deschner1-0/+2
Guenther (This used to be commit d7ba98cc3f2d037ec01e079220a66da508b104b0)
2008-05-16libnetjoin: for informational reasons, report forest_name.Günther Deschner1-0/+1
Guenther (This used to be commit 452a9ea4af19d3aebc35929edaf4e5adf8c1fd11)
2008-05-14Fix Bug #5465 (joining with createcomputer=ou1/ou2/ou3).Günther Deschner1-2/+1
Guenther (This used to be commit f3251ba03a69c2fd0335861177159a32b2bc9477)
2008-05-09dsgetdcname: use existing messaging_context if possible.Günther Deschner1-0/+2
Guenther (This used to be commit 7889516a384c155a9045aad4409c041fddd0d98d)
2008-05-09Use strip_hostname after dsgetdcname/getdcname calls.Günther Deschner1-4/+6
Guenther (This used to be commit 82cbb3269b2e764c9c2a2fbcbe9c29feae07fb62)
2008-04-22libnetjoin: identify type of domain early.Günther Deschner1-16/+16
This finally enables joining AD using workgroup or realm name. Guenther (This used to be commit 0cf16e6b47f5978bdcb84ac8a29ef13ff2b5cca8)
2008-04-20Replace cli_rpc_pipe_close by a talloc destructor on rpc_pipe_structVolker Lendecke1-3/+3
(This used to be commit 99fc3283c4ecc791f5a242bd1983b4352ce3e6cf)
2008-04-20Add "desthost" to rpc_pipe_clientVolker Lendecke1-2/+2
This reduces the dependency on cli_state (This used to be commit 783afab9c891dd7bcb78895b2a639b6f3a0edf5b)
2008-04-14libnetjoin/net: Fix lp_config_backend_is_registry() handling.Günther Deschner1-14/+56
Thanks obnox, now we can net ads join and net ads leave with zero configuration changes if "config backend = registry". Guenther (This used to be commit 9003881773de787a51ceadcdc2cb1e95f6979763)
2008-04-14libnetjoin: delete the workgroup name when requested while unjoining.Günther Deschner1-0/+4
Guenther (This used to be commit 1782e89f3341eca5ee1fa39881ee8efb3fac9a5b)
2008-04-14libnetjoin: separate out libnet_join_lookup_dc_rpc.Günther Deschner1-37/+86
Guenther (This used to be commit 8d3d1c094a28f75b01315ee05b7939ffba374f20)
2008-04-14libnetjoin: Fix unjoining when no KRB5CCNAME is around.Günther Deschner1-0/+16
Guenther (This used to be commit 7fd237c545e0a7e0029195dbbb6691571abdfe84)
2008-04-14libnetjoin: Remove machine account if we failed to set password.Günther Deschner1-0/+4
Guenther (This used to be commit db5e0ed186429667a7f6fc67e4b19a7ca75f357e)
2008-04-14libnetjoin: Fix joining when no KRB5CCNAME is around.Günther Deschner1-0/+15
Guenther (This used to be commit 512e6ca0a9be9fe35994ec1010110573a5b551d1)
2008-04-02Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner1-2/+1
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther (This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
2008-03-28Support "net ads join" format while joining to a specific ou.Günther Deschner1-0/+5
libnetjoin now supports Computers/Servers/Unix as well as ou=Computers,ou=Servers,ou=Unix,dc=ber,dc=realm,dc=com. Guenther (This used to be commit c0be84c96d8133c6b77d1f0efe41f5f2373febb3)
2008-03-28Add Support for DOMAIN\DCNAME syntax in libnetjoin.Günther Deschner1-0/+58
This format is used by Windows to enforce joining to a specific DC. Guenther (This used to be commit cc654892c0d76dea001cd8f7bd6f50cf9e89e9c9)
2008-03-21libsmbconf: add a "path" variable to the conf context.Michael Adam1-2/+2
This is passed to the module init routines. In case of the registry, this is the path of the basekey in registry, that is to be used, defaulting to KEY_SMBCONF (HKLM\software\samba\smbconf), when NULL is given. This is the only case currently used. In order to support other keys, registry initialization for smbconf has to be changed to support different keys. Michael (This used to be commit 96434d9dc7a66773e313cc128af57493dee245a1)
2008-03-21Fix Coverity ID 547Volker Lendecke1-4/+1
Günther, please check. If r->in.ads==NULL, we can't call ads_leave_realm at all. Thanks, Volker (This used to be commit 120d8c889fa9ad61c74f1f936e83537513454648)
2008-03-21libsmbconf: add backend specific init function.Michael Adam1-2/+2
Hide generic init function taking smbconf_ops argument from public api. Michael (This used to be commit b3f6920ccb9a27fde26e889a7f1f3afaf56b784f)
2008-03-21libsmbconf: rename smbconf_close() to smbconf_shutdown().Michael Adam1-2/+2
Michael (This used to be commit 797b26ad3fad27e085827efb61f6b4d8b37e93f0)
2008-03-21libsmbconf: rename smbconf_open() to smbconf_init().Michael Adam1-2/+2
That's more appropriate. Michael (This used to be commit d7bd9bb8aa2003ec0a9860df26857f67255febe2)
2008-03-17libsmbconf: rename all occurrences of libnet_conf_ to smbconf_ .Michael Adam1-17/+17
Michael (This used to be commit 097af0309d7c3e9342058ba5266667293b23c80d)
2008-03-04Add secure_channel_type to libnetjoin.Günther Deschner1-1/+3
Guenther (This used to be commit f88910c1e5186737da4eda5a7a396c3238fc6775)
2008-03-04Use TALLOC_FREE in libnetjoin debugging dump code.Günther Deschner1-2/+2
Guenther (This used to be commit b753087ff79c1d35a409eddc1f61e115e887c1e1)
2008-03-01Make sure we are still able to join Windows 2008.Günther Deschner1-2/+1
Guenther (This used to be commit aa9c0f587718f4d647e87b9662acbedba042b9cb)
2008-02-29libnetjoin: add fallback to level 24 samr setinfo so that libnet can join NT4.Günther Deschner1-0/+19
Guenther (This used to be commit bc2d3d51449831146a9faf6e809e7a91d174659c)
2008-02-29libnetjoin: Trying to avoid confusion between acct_flags, acb_info andGünther Deschner1-12/+14
access_desired. Guenther (This used to be commit 63894e5c93ef0663fc58bcc191777cd1aca7e21c)
2008-02-28libnetjoin: Merge in comments, debugs and missing code from original join code.Günther Deschner1-3/+117
Guenther (This used to be commit 09e6010159cb9c2a5d86861889b8c2a07bd39a8d)
2008-02-28Add some more error handling in libnetjoin.Günther Deschner1-0/+10
Guenther (This used to be commit 892b2bc0cf1692c5707d322d0eb711b8245a3a96)
2008-02-28Let dsgetdcname() return a struct netr_DsRGetDCNameInfo.Günther Deschner1-4/+4
Guenther (This used to be commit b1a4b21f8c35dc23e5c986ebe44d3806055eb39b)
2008-02-28Store domain_is_ad info as early as possible in libnetjoin.Günther Deschner1-1/+16
Guenther (This used to be commit c4ba68aa94888eace393b91a669e22b27ffaba3e)
2008-02-28Check for mandatory domain name in libnetjoin/unjoin.Günther Deschner1-1/+8
Guenther (This used to be commit 95bdf2f23c195cad1b317995e362f153695e793a)
2008-02-28Delete affinity cache entries while unjoining with libnetunjoin.Günther Deschner1-2/+14
Guenther (This used to be commit 0315b8e53dca9a836d6bc2282fb1192f40545601)
2008-02-28Fill in machine account manipulation flags while unjoining in libnetunjoin.Günther Deschner1-0/+8
Guenther (This used to be commit 23ae67158e6506199318025e3dd5fd5c0b099548)