summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_lsarpc.c
AgeCommit message (Collapse)AuthorFilesLines
2002-08-12Add lsa 0x2e (queryinfo2) client sideJim McDonough1-0/+86
(This used to be commit c3b05b21a0340d8ff02a79401399e3d43d9e759a)
2002-08-05This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell1-2/+3
setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
2002-08-02Moved rpc client routines from libsmb back to rpc_client where they belong.Tim Potter1-0/+1169
(This used to be commit cb946b5dadf3cfd21bf584437c6a8e9425f6d5a7)
2001-11-16I *love* removing code :-). Removed 4 files that weren't being used.Jeremy Allison1-693/+0
All this stuff was being pulled in due to *one* unneeded call to fetch a domain SID which smbpasswd already puts in the database... Jeremy. (This used to be commit 6bf2505cce7db770fd4db5b19999a78588e96b58)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-22/+23
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-1/+1
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-07-04The big character set handling changeover!Andrew Tridgell1-6/+2
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-05-01fixed some uninitialised variablesAndrew Tridgell1-5/+5
(This used to be commit 5d899e51a4fc4e872da550b88ef603dbd2d8391f)
2001-03-09Serious (and I *mean* serious) attempt to fix little/bigendian RPC issues.Jeremy Allison1-14/+14
We were reading the endainness in the RPC header and then never propagating it to the internal parse_structs used to parse the data. Also removed the "align" argument to prs_init as it was *always* set to 4, and if needed can be set differently on a case by case basis. Now ready for AS/U testing when Herb gets it set up :-). Jeremy. (This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
2001-03-07Sync up handle creation with 2.2 branch. We can now join AS/U domains andJeremy Allison1-8/+6
authenticate against them. Big/little endian issues fixed. Jeremy. (This used to be commit 0e6a34510ed598eaec7fe71a9c91fda528a4675c)
2000-12-15Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. MergedJeremy Allison1-1/+1
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
2000-12-13Wrong length for unistr2 in init_q_lookup_names()Tim Potter1-3/+3
Removed some more static arrays and replaced with tallocated memory blocks. (This used to be commit 1db0f31ae00bf9c91eb7d02c96bf766d04c7bdef)
2000-12-12Fixed some accidentally reversed patches.Tim Potter1-115/+411
(This used to be commit fa604bc85ea6989c794747f668be8a4e62527b79)
2000-12-12Merged in Tim's changes : Removed static limit of MAX_LOOKUP_SIDS in rpc ↵Jeremy Allison1-411/+115
server and client lsa_lookup_names() and lsa_lookup_sids(). Jeremy. (This used to be commit 9e9c71c8b3194b7cd02fea0b6a000d4f2940d905)
2000-12-08Removed a dead function.Tim Potter1-108/+0
(This used to be commit 4c8ce7af4625bd2a47006fa4b3cf9cb40d62841a)
2000-12-08Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions fromTim Potter1-7/+411
TNG branch. Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient. This requires most samba binaries to link in another handful of object files due to uncessary coupling between modules. )-: (This used to be commit 817819d0cc3ecf642be5a1656be3b71bed260ee4)
2000-07-27Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison1-8/+8
in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy. (This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
2000-06-03rpc_client/cli_lsarpc.c: Removed unused variable.Jeremy Allison1-1/+1
rpc_server/srv_spoolss_nt.c: Fixed more memory leaks. smbd/nttrans.c: Fixed shadow variable problem. Jeremy. (This used to be commit f0a7540831181d3a47e7f8ce8be55a36a2f2aba1)
2000-05-29Fixed LsaQueryInformationPolicy level 3 to return primary domain info.Matthew Chapman1-0/+23
Domain SID is saved in secrets.tdb upon joining domain. Added "Authenticated Users" and "SYSTEM" well-known SIDs (under NT Authority). (This used to be commit 7710b4f48d3e8532df5e37f99a779758f750efdb)
2000-03-22acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.Jeremy Allison1-25/+0
include/byteorder.h: Added alignment macros. include/nameserv.h: Added defines for msg_type field options - from rfc1002. lib/time.c: Typo fix. lib/util_unistr.c: Updates from UNICODE branch. printing/nt_printing.c: bzero -> memset. smbd/connection.c: Added check for UT_SYSLEN for utmp code. Other fixes : Rollback of unapproved commit from Luke. Please *ask* next time before doing large changes to HEAD. Jeremy. (This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
2000-03-22added the following message to all dce/rpc client/server code, exceptLuke Leighton1-0/+25
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface code that jeremy has been working up to TNG-functionality. i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE, because it is intolerable that potentially good modifications be made to code that is going to be thrown away, and people waste their time fixing bugs and adding enhancements that have already been carried out already, up to two years ago in the TNG branch. /* * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY, * INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH. * * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY. * * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH * * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG. * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT * MAY BE LOST. * * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST. * * THANK YOU. * * lkcl@samba.org */ (This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
2000-02-01system_name not server_nameTim Potter1-1/+1
(This used to be commit e9da53012011b30cab80074fdc55e624ede97979)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-847/+211
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-08jerry spotted that get_domain_sids() was being called with the wrongLuke Leighton1-2/+1
arguments: get_any_dc_name() was being called with a server name not a domain name. oops. (This used to be commit 631814302d6992138cfe024ba7bd456cc7e0d3bf)
1999-12-08ABOUT TIME!!!!!!!!Luke Leighton1-4/+4
damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
1999-12-02cleaning up: removing those horrible references to server listLuke Leighton1-10/+8
functions (cli_net_use_addlist()). needed originally because there was no get_dc_any_name() function. (This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
1999-11-29first attempt at getting \PIPE\NETLOGON working. it's pretty horrible.Luke Leighton1-1/+1
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
1999-11-27further abstraction involving client states. main client-side codeLuke Leighton1-19/+15
is pretty much independent of SMB client states, which will make it easier to add other transports. (This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
1999-11-25previous commit added an abstraction function that didn't even haveLuke Leighton1-67/+18
struct cli_state, uint16 fnum into the code: rpc_hnd_api_req(). modified cli_lsarpc.c to use this. the rest is const issues. (This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588)
1999-11-24ok. *whew*. this is the first completed part of the restructure.Luke Leighton1-6/+13
verified that lsaquery, lsalookupsids work, and found some bugs in the parameters of these commands :-) soo... we now have an lsa_* api that has the same arguments as the nt Lsa* api! cool! the only significant coding difference is the introduction of a user_credentials structure, containing user, domain, pass and ntlmssp flags. (This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-44/+111
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-23shuffling msrpc code around so that it can be used independently of rpcclientLuke Leighton1-2/+4
(This used to be commit e88e7d529b5bdf32ac3bc71fa8e18f6f2a98c695)
1999-11-20doing a code reshuffle. want to add code to establish trust relationships.Luke Leighton1-0/+179
(This used to be commit 3ec269b402ba6898d905ea1029c427e1b645faf4)
1999-11-02dynamic mem allocation in enum dom groups and enum dom aliasesLuke Leighton1-2/+2
(This used to be commit baa789fabc45e62889755802fd8ec8c9191fe767)
1999-11-01added lsaenumdomains command.Luke Leighton1-0/+143
attempting to get blood out of a stone^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H querysecret to work, it keeps returning access denied. (This used to be commit 953fe6ba9454fa4b8e69426527eca37b011f76ac)
1999-10-30NetServerTransportEnum parsing, client-side and rpcclient "srvtransports" added.Luke Leighton1-1/+1
(This used to be commit 37f4aac06fec3fbb34ed40d1010829b2e1f28558)
1999-10-28restructuring samr client code.Luke Leighton1-1/+1
(This used to be commit a78607b5dbf0fca6a22ab41195f465474578ee39)
1999-10-25- typecast malloc / Realloc issues.Luke Leighton1-3/+3
- signed / unsigned issues. (This used to be commit c8fd555179314baf1672a23db34dc8ad9f2d02bf)
1999-10-21turning some of the rpcclient functions dynamic. this is likely toLuke Leighton1-1/+1
break a few things... (This used to be commit 4b06f303235d36903b6e9f55ee45b987d98256b0)
1999-10-01error-code checking in lsa_lookup_sids. anonymous connections forLuke Leighton1-1/+1
domain info. adjusting net_srv_get_info function. (This used to be commit 42eb916fae0d377f8908dfc42b332e6a53c4e2d9)
1999-09-28memory problems associated with when lsalookupsids returnsLuke Leighton1-3/+20
NT_STATUS_NONE_MAPPED. (This used to be commit 9a43a2551186de02b6cf06a5b84c9591a66c1817)
1999-09-12- initialising mach_passwd_file locks to zero (prev. uninit.)Luke Leighton1-3/+3
- cleanup - #defined report to sprintf as it's #defined to another function in other uses of cmd_lsarpc.c (This used to be commit 8fb2ff247a2fe0ec5ce0c232d8a3da9774f7e6ae)
1999-03-24Fixed LSA Lookup Names. There were a few too many NULL pointers in aMatthew Chapman1-2/+2
negative response, which tended to crash lsass.exe. (This used to be commit 6d03f61d2536630968007958345cf44a42b03584)
1999-03-19valid_pol in lsa_query_secret() needed to be initialised to False.Luke Leighton1-1/+1
(This used to be commit 96e358a2f00ac603c95bc922e488ea2b64aeb829)
1999-03-19querysecret now shows the real, fairdinkum, decrypted secret :-)Matthew Chapman1-4/+4
(This used to be commit 5951e16a1134a559abefdd400e7a17627338f368)
1999-03-18Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRETMatthew Chapman1-0/+115
(-> LsarQuerySecret) on client side, including rpcclient command "querysecret" for others to play with. The major obstacle is working out the encryption algorithm used for the secret value. It definitely uses the NT hash as part of the key, and it seems the block size is 64 bits - probably DES based - but I can't work out what's done in between. Help required. (This used to be commit 365fa3b5fbf551670acc91f593138a7e91a5f7fa)
1999-02-15Always null-terminate strings.Matthew Chapman1-4/+4
Also some string length and sizeof(pointer) corrections. (This used to be commit ce24191939b82985d09eabe945199f38b0fea486)
1999-02-12UNICODE cleanup (see lib/util_unistr.c).Matthew Chapman1-4/+4
No more ugly static library buffers and all functions take a destination string length (especially unistrcpy was rather dangerous; we were only saved by the fact that datagrams are limited in size). (This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
1999-02-09removal of the use of unistrn2 function: replace it with unistr2_to_strLuke Leighton1-6/+2
which is more appropriate. (This used to be commit ac72fe1ab3d10f64a5945ccbd4ed3817e30f9f7b)