summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_netlogon.c
AgeCommit message (Collapse)AuthorFilesLines
2008-04-02Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner1-0/+11
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther (This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
2008-03-27Fix samlogon rpc client & server.Günther Deschner1-6/+6
Guenther (This used to be commit 0aaf975560dce3b4e58ab71687c3412c0c2a72cf)
2008-03-27Fix typo.Günther Deschner1-2/+0
Guenther (This used to be commit ffe77dc8b0476b7a5d81d63c3cf67f81033df12e)
2008-02-27Add my copyright.Günther Deschner1-0/+1
Guenther (This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
2008-02-19Fix some uninitialized data in new netlogon client.Günther Deschner1-0/+9
Guenther (This used to be commit bd6e2fcf3b3ab15736584edbbfb941b381988499)
2008-02-17Remove unused marshalling for NET_AUTH3.Günther Deschner1-52/+0
Guenther (This used to be commit ccf3ba0f5ce30d45a3d644552d1245391bf01754)
2008-02-17Use rpccli_netr_LogonSamLogonEx in rpccli wrapping function.Günther Deschner1-39/+57
Guenther (This used to be commit 51a664cd5fc1cecc21a8a515bb959cac87296bcb)
2008-02-17Finally let our samlogon routines call rpccli_netr_LogonSamLogon internally andGünther Deschner1-140/+213
return netr_SamInfo3. Guenther (This used to be commit 9e5b732d451f6a2f09d2a71e5a3aec59c771db01)
2008-02-16Remove unused marshalling for NET_SRV_PWSET.Günther Deschner1-48/+0
Guenther (This used to be commit e48737f04d2324b604f3290904ec6163a6242ae5)
2008-02-16Remove unused marshalling for NET_REQ_CHAL and NET_AUTH2.Günther Deschner1-82/+2
Guenther (This used to be commit 2123aff75c8db431cb37d132058902287e740a85)
2008-02-15Replace DOM_CHAL with "struct netr_Credential" where we can right now.Günther Deschner1-28/+24
This allows to remove some more old netlogon client calls. Guenther (This used to be commit c0b1a876583230a5130f5df1965d6c742961bcdc)
2008-02-15Remove unused marshalling for NET_SAM_SYNC.Günther Deschner1-53/+0
Guenther (This used to be commit a94d93725a649c7a0ac1fcd61ea07579f65596da)
2008-02-15Remove unused marshalling for NET_SAM_DELTAS.Günther Deschner1-52/+0
Guenther (This used to be commit 2dd01f07411744f1f8fec0bff7af554db08ab960)
2008-02-13Remove unused marshalling for NET_LOGON_CTRL and NET_LOGON_CTRL2.Günther Deschner1-32/+0
Guenther (This used to be commit c94538e742e469e4afc6e30d9d99951fda6dd219)
2008-02-08Remove unused marshalling for NET_DSR_GETDCNAME.Günther Deschner1-136/+0
Guenther (This used to be commit 65c2aa344e45064cbfddd87715862d60f7ac2a8a)
2008-02-07Remove unused marshalling for NET_DSR_GESITENAME.Günther Deschner1-42/+0
Guenther (This used to be commit c2682273fdbe35dce0a9caffb829c8693e3cd845)
2008-02-07Remove unused marshalling for NET_GETANYDCNAME and NET_GETANYDCNAME.Günther Deschner1-78/+0
Guenther (This used to be commit a495e0e7c1eb91dd700a7d0fe9832fd0811cb2bb)
2008-01-25Remove hand-written rpccli_netlogon_dsr_getdcnameex[2].Günther Deschner1-103/+0
Guenther (This used to be commit 3ded8b9b7eee18a3f903e264adfb7fea6a3c0c5f)
2007-12-28Remove static zerosVolker Lendecke1-4/+6
(This used to be commit dbcc213710a9af31b6094d4741a6f68f573dcdad)
2007-12-21Kill fstring in getdcname & getanydcname return.Günther Deschner1-6/+8
Guenther (This used to be commit b7383818168863a7ba43c2456f8c44e96e76707a)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23380: netr_getdcname returns WERROR not NTSTATUS.Günther Deschner1-7/+7
Guenther (This used to be commit 5e75ea7f2b568d76c8ced5f43171741532cc97c2)
2007-10-10r23219: Two warningsVolker Lendecke1-1/+2
(This used to be commit eccd50abdaed3e4e06cc5da5473ca1beeb3fc49a)
2007-10-10r23210: Very funny, we thought to use netr_GetDcName (e.g. in winbind) but ↵Günther Deschner1-23/+23
were using netr_GetDcAnyName all the time (which is the correct thing to do). Fix the naming and opcode mixup in all branches. Guenther (This used to be commit def6464c872a5939f0028837254f2c019d2d71c8)
2007-10-10r23127: Fill in some more netlogon dsgetdcname flavours (netr_DsRGetDCNameEx,Günther Deschner1-61/+177
netr_DsRGetDCNameEx2) and add new ds request and reply flags, also add some more WERROR codes. Guenther (This used to be commit 37ae7f419702c563bcd0d9c27c02bde7efd34dd7)
2007-10-10r23091: Add rpccli_netlogon_sam_network_logon_ex, fix its parsing. This does notVolker Lendecke1-0/+92
use the credential chain and only works over netlogon, but it would allow multiple outstanding auth requests for a single workstation account. (This used to be commit 123290d0947191abca4a3b3d81718c823c1bc4a0)
2007-10-10r20970: Allow to define workstation for samlogon in rpcclient (for testing).Günther Deschner1-1/+6
Guenther (This used to be commit 5d4747fdf2e5874cb5d2238ee62e4fcac1676134)
2007-10-10r19161: Add NET_GETANYDCNAME (getdcname only gives the PDC while getanydcnameGünther Deschner1-0/+38
gives just any DC), also make sure to set timeouts in rpcclient accordingly so that we actually get the DC's reply. Guenther (This used to be commit 6091c8152a3998d2503cb0911a217ee904509633)
2007-10-10r19143: getdcname on the NETLOGON pipe returns WERROR, not NTSTATUS.Günther Deschner1-7/+7
Guenther (This used to be commit 44e228ac796fca2db8509915067511ed705032bf)
2007-10-10r18654: Rename "struct uuid" => "struct GUID" for consistency.Jelmer Vernooij1-3/+3
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
2007-10-10r18188: merge 3.0-libndr branchJelmer Vernooij1-1/+1
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
2007-10-10r13639: Never overwrite the acct_flags in rpccli_netlogon_sam_network_logon().Günther Deschner1-1/+0
Guenther (This used to be commit c201e51de387d3d49880ed519eb9d825df92f5af)
2007-10-10r13539: Add 128 bit creds processing client and server. Thanks to Andrew ↵Jeremy Allison1-1/+2
Bartlett's Samba4 code. Jeremy. (This used to be commit a2fb436fc5dd536cfe860be93f55f9cb58139a0e)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-14/+14
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12853: Fix segfault in "net rpc vampire|samdump" (Bugzilla #3390).Günther Deschner1-4/+1
The session key, after beeing set, was zeroed later on by the prs_init in the CLI_DO_RPC macro. Guenther (This used to be commit eaaeaa767e86151886964dcdd9f3186f0b31ed53)
2007-10-10r11853: Add Dsr_GetSiteName (handy for experimenting with GPOs).Günther Deschner1-0/+41
Guenther (This used to be commit c54430a7b5e40d3bdf8afdc813eb722c0a3b861e)
2007-10-10r11706: Implement dsr_getdcname client code. It's handy: It not only gives ↵Volker Lendecke1-0/+123
you the IP address but also the fqdn of the remote dc and site info. Volker (This used to be commit 62d01ce7e6c14971084c208ab61f379cb172cb22)
2007-10-10r11573: Adding Andrew Bartlett's patch to make machine accountJeremy Allison1-8/+10
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes the auth module interface to 2 (from 1). The effect of this is that clients can access resources as a machine account if they set these flags. This is the same as Windows (think of a VPN where the vpn client authenticates itself to a VPN server using machine account credentials - the vpn server checks that the machine password was valid by performing a machine account check with the PDC in the same was as it would a user account check. I may add in a restriction (parameter) to allow this behaviour to be turned off (as it was previously). That may be on by default. Andrew Bartlett please review this change carefully. Jeremy. (This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
2007-10-10r11492: Fix bug #3224 (I hope). Correctly use machine_account_nameJeremy Allison1-2/+3
and client_name when doing netlogon credential setup. Jeremy. (This used to be commit 37e6ef9389041f58eada167239fd022f01c5fecb)
2007-10-10r11338: Move knowledge of \\ needed into rpc_client/cli_netlogonJeremy Allison1-1/+3
(this is the way it's been done in other functions). Instead of moving this into the IDL, I think the best solution would be to write a wrapper function around any call that needs this (this is what we already do for many of the calls). Jeremy. (This used to be commit aeca4efa11728be53b81967bb5442b5b09d1a975)
2007-10-10r11336: Start to get my control back :-). Volker, I thinkJeremy Allison1-2/+4
Andrew Bartlett is right - making lsa code do it the netlogon way, not vica-versa. Jeremy. (This used to be commit f313757e36215cb3dd956e4a73de6d30258a6974)
2007-10-10r11320: Fix error handling for rpccli_netlogon_getdcname. Jeremy, the other ↵Volker Lendecke1-2/+2
functions in cli_netlogon look similarly suspicious. Volker (This used to be commit 8d7713431efd80bd358daffcbbc4d715611b8b4b)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-5/+5
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-515/+345
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10269: Server-side fix for creds change - revert jcmd's change.Jeremy Allison1-1/+0
Jeremy. (This used to be commit e1c9813d63a441037bc71622a29acda099d72f71)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-20/+160
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r4561: This looks a lot larger than it is, this is to reduce the clutter on ↵Volker Lendecke1-10/+10
future patches. Pass down the pipe_idx down to all functions in cli_pipe where nt_pipe_fnum is referenced. First step towards having multiple pipes on a cli_struct. The idea is to not have a single nt_pipe_fnum but an array for the pipes we support. Volker (This used to be commit 93eab050201d4e55096a8820226749f001597b5d)
2007-10-10r4286: Give back 8 byte lm_session_key in Netrsamlogon-reply.Günther Deschner1-3/+9
The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting acct_flags with bizarre values, breaking a lot of things. This patch is successfully running in a production environment for quite some time now and is required to finally allow Exchange 5.5 to access another Exchange Server when both are running on NT4 in a samba-controlled domain. This also allows Exchange Replication to take place, Exchange Administrator to access other Servers in the network, etc. Fixes Bugzilla #1136. Thanks abartlet for helping me with that one. Guenther (This used to be commit bd4c5125d6989cebc90152a23e113b345806c660)
2007-10-10r1492: Rework our random number generation system.Andrew Bartlett1-2/+2
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)