summaryrefslogtreecommitdiff
path: root/source3/libnet/libnet_join.c
AgeCommit message (Collapse)AuthorFilesLines
2013-08-10s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05s3:libnet: let the caller truncate the pw in ↵Stefan Metzmacher1-14/+1
libnet_join_joindomain_rpc_unsecure() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3-libnetjoin: add machine_name length check.Günther Deschner1-0/+9
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3: libnet_join: use admin_domain in libnetjoin.Günther Deschner1-1/+26
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().Günther Deschner1-4/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3-rpc_cli: pass down ndr_interface_table to ↵Günther Deschner1-1/+1
cli_rpc_pipe_open_schannel_with_key(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-03-05s3:libnet increase timeout for machine password changeChristian Ambach1-0/+9
DCs might run password filter modules that can delay the setting of the machine password for a significant amount of time use the same timeout as in the other paths of domain join (e.g. rpccli_netlogon_set_trust_password) Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-02-27Make sure that domain joins work correctly when the DC disallows NTLM auth.Richard Sharpe1-3/+11
Signed-Off-By: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-By: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Feb 27 21:49:25 CET 2013 on sn-devel-104
2013-02-04s3: use generate_random_password() instead of generate_random_str()Stefan Metzmacher1-2/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-08-09Correctly check for errors in strlower_m() returns.Jeremy Allison1-4/+14
2012-08-09Check error returns from strupper_m() (in all reasonable places).Jeremy Allison1-2/+7
2012-08-01s3:libnet_join: make use of cli_get_session_key() in ↵Stefan Metzmacher1-2/+12
libnet_join_joindomain_rpc() metze
2012-07-24lib/param: Move all enum declarations to lib/paramAndrew Bartlett1-0/+1
This is in preperation for the parameter table being made common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_remote_nameLuk Claes1-3/+3
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_*_sockaddrLuk Claes1-1/+2
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-03-04s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett1-1/+0
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2011-11-03s3:libnet: s/Undefined/SMB_SIGNING_DEFAULT/Stefan Metzmacher1-3/+3
metze
2011-09-21s3-libnet: allow to use default krb5 ccache in libnet_Join/libnet_Unjoin.Günther Deschner1-31/+0
We force using a MEMORY ccache though in the wkssvc server. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Sep 21 19:13:33 CEST 2011 on sn-devel-104
2011-09-14s3-libnet: add missing newlines in debug statement.Günther Deschner1-2/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Sep 14 15:52:10 CEST 2011 on sn-devel-104
2011-07-28s3:libnet_join: use lp_load_global() wrapper of lp_load()Michael Adam1-2/+2
2011-07-22s3:libnet_join: make use of cli_state_remote_name()Stefan Metzmacher1-3/+6
2011-07-22s3:libnet: use cli_state_remote_sockaddr() in libnet_DomainJoin()Stefan Metzmacher1-1/+1
metze
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-2/+2
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-05-18s3-lib Replace StrCaseCmp() with strcasecmp_m()Andrew Bartlett1-2/+2
strcasecmp_m() never needs to call to talloc, and via next_codepoint() still has an ASCII fast-path bypassing iconv() calls. Andrew Bartlett
2011-05-13s3-libnetjoin: fix uninitialized variable.Günther Deschner1-2/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri May 13 01:22:18 CEST 2011 on sn-devel-104
2011-05-13s3-libnetapi/libnetjoin: fix uninitialized variables after the libsmbconf ↵Günther Deschner1-1/+1
changes. Guenther
2011-05-10libsmbconf: Convert smbconf_delete_parameter() to sbcErr.Andreas Schneider1-2/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2011-05-10libsmbconf: Convert smbconf_set_parameter() to sbcErr.Andreas Schneider1-16/+38
Signed-off-by: Michael Adam <obnox@samba.org>
2011-05-10libsmbconf: Convert smbconf_init() to sbcErr.Andreas Schneider1-4/+8
Signed-off-by: Michael Adam <obnox@samba.org>
2011-05-06s3-libsmb: move protos to libsmb/proto.hGünther Deschner1-0/+1
Guenther
2011-04-24s3:rpc_client: map fault codes to NTSTATUS with dcerpc_fault_to_nt_status()Stefan Metzmacher1-1/+1
Most fault codes have a NTSTATUS representation, so use that. This brings the fault handling in common with the source4/librpc/rpc code, which make it possible to share more highlevel code, between source3 and source4 as the error checking can be the same now. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Apr 24 10:44:53 CEST 2011 on sn-devel-104
2011-04-12s3: For net ads join, create a krb5.confVolker Lendecke1-0/+5
Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Apr 12 14:10:05 CEST 2011 on sn-devel-104
2011-04-12s3: Initialize output in libnet_JoinVolker Lendecke1-0/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2011-03-30s3-passdb: add passdb.h where needed.Günther Deschner1-0/+1
Guenther
2011-02-28s3-rpc_client: Move client pipe functions to own header.Andreas Schneider1-0/+1
2011-02-27s3: Fix some nonempty blank linesVolker Lendecke1-2/+2
2011-02-11s3-libnet: fix a WITH_ADS / HAVE_ADS mismatch.Günther Deschner1-10/+10
Guenther
2011-02-02s3-libnet: prefer dcerpc_lsa_X functions.Günther Deschner1-8/+17
Guenther
2011-02-01s3-libnet: prefer dcerpc_samr_X functions.Günther Deschner1-45/+141
Guenther
2011-01-13s3-libnet: prefer dcerpc_netr_X functions.Günther Deschner1-1/+1
Guenther Signed-off-by: Andreas Schneider <asn@samba.org>
2010-12-20s3: Remove unused "retry" from cli_full_connectionVolker Lendecke1-3/+3
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-1/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-09-20s3-util: use shared dom_sid_dup.Günther Deschner1-3/+4
Guenther
2010-08-26s3-build: only include krb5 environment variables where required.Günther Deschner1-0/+1
Guenther
2010-08-25s3-lsa: separate out init_lsa headers.Günther Deschner1-0/+1
Guenther
2010-08-13s3-krb5 Only build ADS support if arcfour-hmac-md5 is availableAndrew Bartlett1-6/+0
Modern Kerberos implementations have either defines or enums for these key types, which makes doing #ifdef difficult. This shows up in files such as libnet_samsync_keytab.c, the bulk of which is not compiled on current Fedora 12, for example. The downside is that this makes Samba unconditionally depend on the arcfour-hmac-md5 encryption type at build time. We will no longer support libraries that only support the DES based encryption types. However, the single-DES types that are supported in common with AD are already painfully weak - so much so that they are disabled by default in modern Kerberos libraries. If not found, ADS support will not be compiled in. This means that our 'net ads join' will no longer set the ACB_USE_DES_KEY_ONLY flag, and we will always try to use arcfour-hmac-md5. A future improvement would be to remove the use of the DES encryption types totally, but this would require that any ACB_USE_DES_KEY_ONLY flag be removed from existing joins. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
2010-08-12s3-libnet: fix bug #6364: Pull realm from supplied username on libnet joinJim McDonough1-0/+7
2010-08-05s3-secrets: only include secrets.h when needed.Günther Deschner1-1/+1
Guenther
2010-08-05s3: avoid global include of ads.h.Günther Deschner1-0/+1
Guenther
2010-07-13s3-libnet: better separate headers.Günther Deschner1-1/+2
Guenther
generated by cgit (git 2.34.1) at 2024-07-03 21:41:36 +0000