Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
wrapper.
Guenther
(This used to be commit fef58091408cce0d7870c86f28f78cf9400cf2b6)
|
|
We were calculating the session key but did not return it to the caller...
(cherry picked from commit 8ab79b1d009d53e414b90e4a0ab8fc7a4889b6df)
(This used to be commit b63a6a1fd6a96bbafd88cacb9493bfea9944d404)
|
|
(This used to be commit b60a681dd09349426aa522d697abacf62ebfdaf2)
|
|
(This used to be commit e89bbab1b875a0b55b70913dcc1e3e73137c8b90)
|
|
The general cli_pipe routines should not have to know about this NETLOGON
speciality.
(This used to be commit d30237598d0c55b73e202c1de3a020194b67a7e6)
|
|
(This used to be commit 4840febcd481563c3d9b2fabc1fe1b2ae5a76cf6)
|
|
This reduces the dependency on cli_state
(This used to be commit 783afab9c891dd7bcb78895b2a639b6f3a0edf5b)
|
|
(This used to be commit a6d74a5a562b54f0b36934965f545fdeb1e8b34a)
|
|
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.
Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.
Guenther
(This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
|
|
Guenther
(This used to be commit 0aaf975560dce3b4e58ab71687c3412c0c2a72cf)
|
|
Guenther
(This used to be commit ffe77dc8b0476b7a5d81d63c3cf67f81033df12e)
|
|
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
|
|
Guenther
(This used to be commit bd6e2fcf3b3ab15736584edbbfb941b381988499)
|
|
Guenther
(This used to be commit ccf3ba0f5ce30d45a3d644552d1245391bf01754)
|
|
Guenther
(This used to be commit 51a664cd5fc1cecc21a8a515bb959cac87296bcb)
|
|
return netr_SamInfo3.
Guenther
(This used to be commit 9e5b732d451f6a2f09d2a71e5a3aec59c771db01)
|
|
Guenther
(This used to be commit e48737f04d2324b604f3290904ec6163a6242ae5)
|
|
Guenther
(This used to be commit 2123aff75c8db431cb37d132058902287e740a85)
|
|
This allows to remove some more old netlogon client calls.
Guenther
(This used to be commit c0b1a876583230a5130f5df1965d6c742961bcdc)
|
|
Guenther
(This used to be commit a94d93725a649c7a0ac1fcd61ea07579f65596da)
|
|
Guenther
(This used to be commit 2dd01f07411744f1f8fec0bff7af554db08ab960)
|
|
Guenther
(This used to be commit c94538e742e469e4afc6e30d9d99951fda6dd219)
|
|
Guenther
(This used to be commit 65c2aa344e45064cbfddd87715862d60f7ac2a8a)
|
|
Guenther
(This used to be commit c2682273fdbe35dce0a9caffb829c8693e3cd845)
|
|
Guenther
(This used to be commit a495e0e7c1eb91dd700a7d0fe9832fd0811cb2bb)
|
|
Guenther
(This used to be commit 3ded8b9b7eee18a3f903e264adfb7fea6a3c0c5f)
|
|
(This used to be commit dbcc213710a9af31b6094d4741a6f68f573dcdad)
|
|
Guenther
(This used to be commit b7383818168863a7ba43c2456f8c44e96e76707a)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
Guenther
(This used to be commit 5e75ea7f2b568d76c8ced5f43171741532cc97c2)
|
|
(This used to be commit eccd50abdaed3e4e06cc5da5473ca1beeb3fc49a)
|
|
were using
netr_GetDcAnyName all the time (which is the correct thing to do).
Fix the naming and opcode mixup in all branches.
Guenther
(This used to be commit def6464c872a5939f0028837254f2c019d2d71c8)
|
|
netr_DsRGetDCNameEx2) and add new ds request and reply flags, also add some
more WERROR codes.
Guenther
(This used to be commit 37ae7f419702c563bcd0d9c27c02bde7efd34dd7)
|
|
use the credential chain and only works over netlogon, but it would
allow multiple outstanding auth requests for a single workstation
account.
(This used to be commit 123290d0947191abca4a3b3d81718c823c1bc4a0)
|
|
Guenther
(This used to be commit 5d4747fdf2e5874cb5d2238ee62e4fcac1676134)
|
|
gives just any DC), also make sure to set timeouts in rpcclient
accordingly so that we actually get the DC's reply.
Guenther
(This used to be commit 6091c8152a3998d2503cb0911a217ee904509633)
|
|
Guenther
(This used to be commit 44e228ac796fca2db8509915067511ed705032bf)
|
|
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
|
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
Guenther
(This used to be commit c201e51de387d3d49880ed519eb9d825df92f5af)
|
|
Bartlett's
Samba4 code.
Jeremy.
(This used to be commit a2fb436fc5dd536cfe860be93f55f9cb58139a0e)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
The session key, after beeing set, was zeroed later on by the prs_init
in the CLI_DO_RPC macro.
Guenther
(This used to be commit eaaeaa767e86151886964dcdd9f3186f0b31ed53)
|
|
Guenther
(This used to be commit c54430a7b5e40d3bdf8afdc813eb722c0a3b861e)
|
|
you the IP
address but also the fqdn of the remote dc and site info.
Volker
(This used to be commit 62d01ce7e6c14971084c208ab61f379cb172cb22)
|
|
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes
the auth module interface to 2 (from 1). The effect of this is
that clients can access resources as a machine account if they
set these flags. This is the same as Windows (think of a VPN
where the vpn client authenticates itself to a VPN server
using machine account credentials - the vpn server checks
that the machine password was valid by performing a machine
account check with the PDC in the same was as it would a
user account check. I may add in a restriction (parameter)
to allow this behaviour to be turned off (as it was previously).
That may be on by default.
Andrew Bartlett please review this change carefully.
Jeremy.
(This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
|
|
and client_name when doing netlogon credential setup.
Jeremy.
(This used to be commit 37e6ef9389041f58eada167239fd022f01c5fecb)
|
|
(this is the way it's been done in other functions). Instead
of moving this into the IDL, I think the best solution would
be to write a wrapper function around any call that needs
this (this is what we already do for many of the calls).
Jeremy.
(This used to be commit aeca4efa11728be53b81967bb5442b5b09d1a975)
|