Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-03-10 | s3/drs: DsCrackNames - Propagating IDL changes to source code | Kamen Mazdrashki | 1 | -2/+2 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2010-03-10 | s3/drs: DsGetNCChanges - Propagating IDL changes to source code | Kamen Mazdrashki | 1 | -6/+6 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2010-01-18 | idl: switched to using the WSPP names for the 'neighbour' DRS options | Andrew Tridgell | 1 | -5/+5 | |
The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations. | |||||
2010-01-10 | s3: Replace most calls to sid_append_rid() by sid_compose() | Volker Lendecke | 1 | -10/+5 | |
2009-11-27 | s3-kerberos: only use krb5 headers where required. | Günther Deschner | 1 | -0/+1 | |
This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther | |||||
2009-11-26 | s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵ | Günther Deschner | 3 | -0/+4 | |
samba. Guenther | |||||
2009-10-13 | s3-netlogon: pass down account name to remote password set functions. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2009-10-05 | Revert "s3: Attempt to fix machine password change" | Volker Lendecke | 1 | -4/+5 | |
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed. | |||||
2009-10-05 | s3: Attempt to fix machine password change | Volker Lendecke | 1 | -5/+4 | |
2009-09-30 | w32err: WERR_DC_NOT_FOUND replaced with WERR_DCNOTFOUND | Kamen Mazdrashki | 1 | -2/+2 | |
It turns out in win32 ERROR_DC_NOT_FOUND exists and it is an error for Device Context (DC), not Domain Controller Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> | |||||
2009-09-17 | w32err: use WERR_DC_NOT_FOUND name instead of WERR_DOMAIN_CONTROLLER_NOT_FOUND | Kamen Mazdrashki | 1 | -2/+2 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-15 | s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-09-11 | s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel(). | Günther Deschner | 1 | -1/+2 | |
Guenther | |||||
2009-07-14 | s3-account_policy: add pdb_policy_type enum. | Günther Deschner | 1 | -9/+14 | |
Guenther | |||||
2009-06-26 | Don't use ads realm name for non-ads case. #6481 | Jim McDonough | 1 | -7/+9 | |
Also check that the connection to ads worked. | |||||
2009-06-22 | s3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads ↵ | Günther Deschner | 1 | -1/+7 | |
struct. Guenther | |||||
2009-06-19 | Don't require "Modify property" perms to unjoin bug #6481) | Jim McDonough | 1 | -14/+35 | |
"net ads leave" stopped working when "modify properties" permissions were not granted (meaning you had to be allowed to disable the account that you were about to delete). Libnetapi should not delete machine accounts, as this does not happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag really means "disable" (both in practice and docs). However, to keep the functionality in "net ads leave", we will still try to do the delete. If this fails, we try to do the disable. Additionally, it is possible in windows to not disable or delete the account, but just tell the local machine that it is no longer in the account. libnet can now do this as well. | |||||
2009-05-16 | Move smb_create_user() in samsync | Simo Sorce | 1 | -0/+60 | |
It is not used anywhere else, so make it also static and remove it from proto.h | |||||
2009-04-24 | s3-libnetjoin: make acct_flags dependent on secure channel type. | Günther Deschner | 1 | -3/+12 | |
Guenther | |||||
2009-04-24 | s3-libnetjoin: add support for WKSSVC_JOIN_FLAGS_JOIN_UNSECURE. | Günther Deschner | 1 | -3/+59 | |
Guenther | |||||
2009-04-23 | Fix an uninitialized variable | Volker Lendecke | 1 | -0/+2 | |
2009-04-21 | s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED. | Günther Deschner | 1 | -5/+5 | |
Guenther | |||||
2009-04-20 | Remove smb_mkstemp() - libreplace will now provide a secure mkstemp() if | Jelmer Vernooij | 1 | -2/+2 | |
the system one is broken. | |||||
2009-04-20 | Merge commit 'origin/master' into libcli-auth-merge-without-netlogond | Andrew Bartlett | 1 | -1/+1 | |
2009-04-20 | Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key() | Andrew Bartlett | 1 | -1/+1 | |
2009-04-15 | Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+ | Jeremy Allison | 1 | -1/+1 | |
What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy. | |||||
2009-04-14 | Make Samba3 use the new common libcli/auth code | Andrew Bartlett | 1 | -4/+4 | |
This is particuarly in the netlogon client (but not server at this stage) | |||||
2009-04-14 | Use common samsync delta decryption functions in libnet_samsync.c | Andrew Bartlett | 1 | -157/+7 | |
Andrew Bartlett | |||||
2009-04-14 | Adapt to common crypto functions: sam_pwd_hash() -> sam_rid_crypt() | Andrew Bartlett | 2 | -8/+10 | |
2009-04-14 | Rework Samba3 to use new libcli/auth code (partial) | Andrew Bartlett | 1 | -8/+9 | |
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett | |||||
2009-04-14 | Move DRSUAPI per-attribute decryption into a common file | Andrew Bartlett | 1 | -71/+5 | |
This file (contining metze's decryption routines) is now also be used by Samba3's DRSUAPI implementation Andrew Bartlett | |||||
2009-04-07 | s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context | Andrew Bartlett | 1 | -18/+14 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-04-06 | s3:libads Make ads_get_dn() take a talloc context | Andrew Bartlett | 1 | -2/+2 | |
Also remove ads_memfree(), which was only ever a wrapper around SAFE_FREE, used only to free the DN from ads_get_ds(). This actually makes libgpo more consistant, as it mixed a talloc and a malloc based string on the same element. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-04-01 | s3-libnet-samsync: return appropriate error code in fetch_sam_entry(). | Günther Deschner | 1 | -22/+25 | |
Guenther | |||||
2009-04-01 | s3-libnet-samsync: use smb_create_user(). | Günther Deschner | 1 | -46/+6 | |
Guenther | |||||
2009-04-01 | s3-libnet-samsync: some pure cosmetics. | Günther Deschner | 1 | -0/+30 | |
Guenther | |||||
2009-04-01 | s3-libnet-samsync: use parent talloc context for libnet_samsync_passdb. | Günther Deschner | 1 | -26/+28 | |
Guenther | |||||
2009-04-01 | s3-libnet: only call libnet_dssync_process() startup and shutdown callbacks ↵ | Günther Deschner | 1 | -12/+16 | |
when filled in. Guenther | |||||
2009-03-25 | s3-libnet: Fix Bug #6193: avoid messing with sync_context in ↵ | Günther Deschner | 1 | -3/+0 | |
libnet_samsync_delta(). We absolutely need to avoid messing with the sync_context as that breaks the stream of replication data coming from the DC (only replicates ~350 instead of ~4000 groups). Guenther | |||||
2009-03-18 | s3: remove POLICY_HND. | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2009-02-26 | s3: move definition of W_ERROR_NOT_OK_GOTO_DONE down to libcli/util/werror.h | Michael Adam | 1 | -6/+0 | |
Michael | |||||
2009-02-19 | s3-libnet: fix coverity #848 (UNINIT). | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-02-03 | s3: Fix 'net rpc join' for users with the SeMachineAccountPrivilege. | Volker Lendecke | 1 | -2/+5 | |
2009-02-01 | Add two new parameters to control how we verify kerberos tickets. Removes ↵ | Dan Sledz | 1 | -1/+1 | |
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket. | |||||
2009-01-29 | Fix coverity CID#117 - resource leak in error path. | Jeremy Allison | 1 | -24/+53 | |
Jeremy. | |||||
2009-01-29 | Fix coverity CID#116. Resource leak on error path. | Jeremy Allison | 1 | -2/+4 | |
Jeremy. | |||||
2009-01-29 | Fix coverity CID#115. Resource leak in error path. | Jeremy Allison | 1 | -1/+4 | |
Jeremy. | |||||
2009-01-15 | s3: make better use of ccache by not including version.h in every C-file. | Michael Adam | 1 | -1/+1 | |
version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael | |||||
2009-01-06 | s3-samr: avoid all init_samr_user* functions. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2008-12-23 | Fix another "format not a string literal and no format arguments" warning. | Jeremy Allison | 1 | -2/+5 | |
Jeremy |