Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 5c8f6be290e78c4e72c821abdc9f06b7150e68e7)
|
|
One day I'll get around to refactoring the DOS error handling so it mirrors
the NT error handling code.
(This used to be commit f4535721d350f3068e8dfb612331eb609ea03da0)
|
|
to NT_STATUS_UNSUCCESSFUL according to AB's funky new error map.
(This used to be commit 9c968fbb017d3369ac207e65348a9a22dbed0213)
|
|
(This used to be commit c6affae4bf749a67c90468702eb6d4eeb97a4363)
|
|
(This used to be commit 08bb2dfec2ca0282e9268d09da2b966d3bdf493a)
|
|
This applies only to the NT->Dos map, I'm still trying to come up with a way to
do the reverse.
(This used to be commit 323dd422bd4bdeeee72c9200821e28f86d3072c8)
|
|
(This used to be commit b2af4372b1dac2e8f283184191fbb0231409a625)
|
|
This new table is rather different to the old one (see diff posted to the
list for a sorted list of differences) and needs a *lot* of testing.
It does however seem to line up much better with what NT is using, as
exampled by the change to the OBJECT_NAME_COLLISION DOS error, it now matches
win2k where it didn't before.
I can't see any critical errors we now get wrong, and I know that the auth
errors are correct as per my on-the-wire observations.
This table was produced (and I hope to comment this better later) by
using the ERRMAPEXTRACT smbtorture tool, a Win2k domain member and the
'name_to_ntstatus' auth module on the HEAD PDC. This module returned
the username as the error, and the NT box was forced to give me a dos
error becouse thats all I negotiated on that connection. Hence the map.
Andrew Bartlett
(This used to be commit a855dfb2e0b899d03087860e5462c2aed3ca4cad)
|
|
stuck in an infinite loop.
(This used to be commit fe1fb6589a0a4b4cff7a0ee0267f6e09e10e2a85)
|
|
commands in rpcclient. Replacing ERROR_INSUFFICIENT_BUFFER with
NT_STATUS_BUFFER_TOO_SMALL fixes it. Yay!
I always thought the caller (i.e cmd_spoolss.c) should take care of the
whole requested/needed buffer size thingy though...
(This used to be commit 6c950db05a2772f11b20cc13c65a123ea8b878c2)
|
|
I'll post the changes to the actual map to the list for comment, but this fixes
the 'unknown' case.
Andrew Bartlett
(This used to be commit 024843a2cedb0b9f06a3351c5838caea372b6c5c)
|
|
code.
Andrew Bartlett
(This used to be commit f0089b089b319009576bb39a076397bb44aff628)
|
|
presupplied challange-response pairs, and only using the 'network' version.
This will be used to move the auth subsystem over to a libsmb (rather than
rpc_client) base.
Andrew Bartlett
(This used to be commit fe9d77791583737320f8c7560861168df7388c2f)
|
|
(This used to be commit 2d1612dd3560bb5ef35fa1eeee00e3d7976bcd62)
|
|
(This used to be commit 45042bef7cdede6f991572677654903bbf7d9144)
|
|
cli_reg.c - indentation
pdb_ldap.c - some checks on init fns parameters
pdb_tdb.c - some checks on init fns parameters + make sure we close the db on failure
(This used to be commit 49f5cb7a3df6d673f86e6769319aa657e30d8380)
|
|
(This used to be commit 79031b68ce6bdf882d9c9bd4f3310f597e0c1fda)
|
|
- don't display Domain=[] for auth protocols that don't give us a domain
(This used to be commit 20368455ea59e6e9b85632848bbe92069e7b0f38)
|
|
(This used to be commit 1da988456dbd885820093ae43c74e0ac66f72802)
|
|
the method used for checking if a domain is a trusted domain is very
crude, we should really call a backend fn of some sort. For now I'm
using winbindd to do the dirty work.
(This used to be commit adf44a9bd0d997ba4dcfadc564a29149531525af)
|
|
some cleanup of the lsa_open_policy and lsa_open_policy2 parser. the
length fields are not correct but that's what NT send. We don't anymore
underflow or overflow the decoding.
added the domain admins group to the default SD.
we are now checking the desired access flag in the lsa_open_policy_X()
calls and in most functions also.
J.F.
(This used to be commit a217c4e4ff4d13122703d22258792fe5e8e9f02f)
|
|
(This used to be commit 594634ff1a1d5f780ddb9909f5365ee3e420a76c)
|
|
Ignacio you can update your howto ;-)
samsync: a small patch to try chaning challenges.
J.F.
(This used to be commit c99bc305599698f2291efbfe20024355cb2bcde0)
|
|
Jeremy.
(This used to be commit d3ac2265b1b83e2e030688ee8e0d43918ce4d203)
|
|
(This used to be commit a181f49b4269baa1752ce6ed4f9093e38d2d3ce5)
|
|
netbios lookup for name NAME with node type xx.
This affects all our client progs. Very useful :)
(This used to be commit b4304c5231159fc6295c445f2eb4470c179b8d5e)
|
|
- added lsaquerysecobj to rpcclient
- renamed querysecobj to samquerysecobj
- removed duplicated display_sec_acl() code from cmd_spoolss.c and
cmd_samr.c and moved it into display_sec.c
(This used to be commit 59b2e3f408a5ff22f2d81a927d010a7df5f19f7f)
|
|
J.F.
(This used to be commit 80e36549b61cc2bb5148f6abb175d31a0c7782a1)
|
|
(This used to be commit d4bc8f02f7dc856ffb29e95a81ffcc3a9d4b1695)
|
|
Jeremy.
(This used to be commit 919b11a787145139e6255674179b2ff7e587475d)
|
|
(ie. the call can succeed, but still be an encoded error).
Jeremy.
(This used to be commit 3c68b94199ff08b205d1eb14da56804936b900a8)
|
|
rpc. This was supposed to fix a printer driver download bug but it didn't
but it seemed a shame to trash all this code so I'm commiting it #ifdef'ed
out in case someone needs it one day.
(This used to be commit bef43656471741c6c10b12e7516c15de9ae76394)
|
|
cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm
(This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
|
|
Now, is there any reason that the prs_init() doesn't use the talloc context
that it is supplied as an argument for the actual data buffer?
It would seem logical to replace the malloc with a talloc, but I'm sure
there is some method to the madness (extrnal use/Reallocing of it I presume)
Andrew Bartlett
(This used to be commit ad18f33bfa79ce93024f3cb3a334cff622fe82a4)
|
|
of how to use this interface.
Jeremy.
(This used to be commit 291985123515f99bb3fd86605d5b8a08301070a2)
|
|
This moves the rest of the functionality into the 'net rpc join' code.
Futhermore, this moves that entire area over to the libsmb codebase, rather
than the crufty old rpc_client stuff.
I have also fixed up the smbpasswd -a -m bug in the process.
We also have a new 'net rpc changetrustpw' that can be called from a
cron-job to regularly change the trust account password, for sites
that run winbind but not smbd.
With a little more work, we can kill rpc_client from smbd entirly!
(It is mostly the domain auth stuff - which I can rework - and the
spoolss stuff that sombody else will need to look over).
Andrew Bartlett
(This used to be commit 575897e879fc175ba702adf245384033342c903d)
|
|
(This used to be commit e1b940c91b748230664544fd9191123247dd1f24)
|
|
This kills off the offending code in smbpasswd -j -Uab%c
In the process we have changed from unsing compelatly random passwords
to random, 15 char ascii strings. While this does produce a decrese in
entropy, it is still vastly greater than we need, considering the application.
In the meantime this allows us to actually *type* the machine account
password duruign debugging.
This code also adds a 'check' step to the join, confirming that the
stored password does indeed do somthing of value :-)
Andrew Bartlett
(This used to be commit c0b7ee6ee547dc7ff798eaf8cb63fbe344073029)
|
|
(as per tridge's instructions)
(This used to be commit 0692d792f24f1c82c69532e50a6c4373c9a8b476)
|
|
(This used to be commit 9f5d7e8a04c36395570247bc5e1b7b3fc5d1a322)
|
|
session setup
(This used to be commit c7665706cd5633ede710afe41413624124038238)
|
|
(This used to be commit 359ca8f246c46b1700418fe0226458023f808d67)
|
|
'net' untility.
This should make it easier to port rpcclient code across to net.
It also allows SPNEGO (the NTLMSSP subsystem in particular) to work, becouse
it kills off the early destruction of the clear-text password.
Andrew Bartlett
(This used to be commit eee925861a3af3aa16efa3b1700a980c9510c14e)
|
|
and some comments to the samr server code, to explain what we should
return here.
J.F.
(This used to be commit 06cb20a46d9d9f8abf0d92ba4cfa4d23187ad715)
|
|
J.F.
(This used to be commit d8809c58614cd97ef78d398645788e41022a8c39)
|
|
name_status_find() call here should look up a #1c name instead of #1d.
This fixes some bugs currently with BDC authentication in winbindd and in
smbd as you can't query the #1d name with the ip address of a BDC.
Who is Uncle Tom Cobbley anyway?
(This used to be commit 4215048f7b20a8f9e5877bdbb2f54841b2f7fa64)
|
|
(This used to be commit 23ef22f11700bbaa5778a9678a990a2b041fcefe)
|
|
(This used to be commit e790bb21d3895bef97522b68c6f00812e6c286f2)
|
|
(This used to be commit e2ba2383c9f679c076749a8f4fccefc3559e37ec)
|
|
Jeremy.
(This used to be commit 39f076b56cf457cc780dd30a4d3150d8bfc60d13)
|