summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_netlogon.c
AgeCommit message (Collapse)AuthorFilesLines
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-70/+0
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-11-05Removed duplicate debug.Tim Potter1-2/+0
(This used to be commit 5c3521c937f9ba3c4c586495f54dc69a664c392a)
2001-10-31Don't accidentally return success when sending a broken NET_SAMLOGONTim Potter1-0/+1
request. This exposes a domain authentication bug with win2k where a rpc fault is returned but not propagated up as an error. (This used to be commit 27cd7ac85779bbc1e9488ee06e87b0c743c5b29c)
2001-10-30Fixed typo in debug message.Tim Potter1-1/+1
(This used to be commit 26fa0374bb5894ece460899ca37cf512c4424b2f)
2001-10-14the next step in the intl changeover. This should get us compiling agian,Andrew Tridgell1-4/+0
and also completes the switch to lang_tdb.c. SWAT should now work with a po file in the lib/ directory also removed useless SYSLOG defines in many files (This used to be commit 5296b20ad85d7519c870768455cb4d8df048c55a)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-18Converted cli_net_auth2() and cli_nt_setup_creds() to return NTSTATUS.Tim Potter1-7/+9
(This used to be commit e0bdcbc5994345fdc76f7590dba7bce5f0127d58)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-23/+24
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-2/+2
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-24More status32 conversions.Tim Potter1-12/+10
(This used to be commit 031a19639ce862bd01c1a72d8b5ff21b0eae99d2)
2001-08-24Fixed typo in debug message.Tim Potter1-1/+1
(This used to be commit ea8c0a75affe56f8fbcb987cd6f8cdcd24e8a537)
2001-08-10Removed nt_error field from cli_state as it was not used anywhere.Tim Potter1-7/+1
(This used to be commit 589aaa5fb1ac55d8b0d5ae95921f071eb6ddacf6)
2001-07-04The big character set handling changeover!Andrew Tridgell1-6/+6
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-05-17Broke out change trust account password routines into separate fileTim Potter1-218/+0
since they're only used in one place anyway (timeout_processing() in process.c) (This used to be commit d1e5d5d62fcb5da30e3f2619721c5146db753f3c)
2001-03-11Removed JRATEST line.Jeremy Allison1-4/+0
Jeremy. (This used to be commit be9933ce353d0ad607c55e6e02aae09627bf9dd9)
2001-03-09Serious (and I *mean* serious) attempt to fix little/bigendian RPC issues.Jeremy Allison1-12/+12
We were reading the endainness in the RPC header and then never propagating it to the internal parse_structs used to parse the data. Also removed the "align" argument to prs_init as it was *always* set to 4, and if needed can be set differently on a case by case basis. Now ready for AS/U testing when Herb gets it set up :-). Jeremy. (This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
2001-02-25rpc_client/cli_netlogon.c: Fixed incorrect printf.Jeremy Allison1-1/+2
Added Solaris ACL support. Jeremy. (This used to be commit f0d11b6997cc46a0210adef8cf572cf8b7e2467a)
2001-02-24This patch (donated by Marc Jacobsen of HP) should make Sun and HP very ↵Jeremy Allison1-58/+112
happy :-). Probably Veritas too... :-). It allows Samba as a domain member to authenticate against an AS/U server such as the older HP PDC product or PD Netlink. It does this by trying a netlogon with info level 3 and then falling back to info level 2 if the PDC returns invalid info level. Jeremy. (This used to be commit bda1d6d4a4b3d2cfc260549280a2ce3e57fd0f86)
2001-02-14Merge of i18n fixes from appliance branch. Samba can now talk to a networkTim Potter1-12/+17
with a PDC that has international netbios name and domain name. There's still quite a bit of i18n stuff to fix though... (This used to be commit 79045bd72ace9144e7dd73785b1d10a71b0d15aa)
2000-12-19Fixed bug found by Gerald. If a Samba server joins a domain and is setJeremy Allison1-1/+2
to search for a DC to authenticate to using the "*" syntax than ensure that for the first hour after the password change is searches for the PDC using the 1B name not the 1C name as domain replication may not have occured. Jeremy. (This used to be commit c25533de9918ed9b0c79fd039e11d1b79f513db0)
2000-07-27Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison1-12/+12
in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy. (This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
2000-07-26Fixed memory leak in modify_trust_password()Tim Potter1-0/+4
(This used to be commit 7145689bf55b9f3100632badac486fde30ee4972)
2000-06-03moved secrets fns into secrets.cAndrew Tridgell1-2/+2
(This used to be commit f890bcf06786e7c63bf76fad2fd46d287a99a270)
2000-05-29Fixed LsaQueryInformationPolicy level 3 to return primary domain info.Matthew Chapman1-1/+8
Domain SID is saved in secrets.tdb upon joining domain. Added "Authenticated Users" and "SYSTEM" well-known SIDs (under NT Authority). (This used to be commit 7710b4f48d3e8532df5e37f99a779758f750efdb)
2000-05-08added secrets.tdb and changed storage of trust account password to useAndrew Tridgell1-2/+2
it (This used to be commit 88ad00b82acc4636ab57dfe710af08ea85b82ff1)
2000-03-22acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.Jeremy Allison1-26/+0
include/byteorder.h: Added alignment macros. include/nameserv.h: Added defines for msg_type field options - from rfc1002. lib/time.c: Typo fix. lib/util_unistr.c: Updates from UNICODE branch. printing/nt_printing.c: bzero -> memset. smbd/connection.c: Added check for UT_SYSLEN for utmp code. Other fixes : Rollback of unapproved commit from Luke. Please *ask* next time before doing large changes to HEAD. Jeremy. (This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
2000-03-22added the following message to all dce/rpc client/server code, exceptLuke Leighton1-0/+26
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface code that jeremy has been working up to TNG-functionality. i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE, because it is intolerable that potentially good modifications be made to code that is going to be thrown away, and people waste their time fixing bugs and adding enhancements that have already been carried out already, up to two years ago in the TNG branch. /* * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY, * INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH. * * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY. * * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH * * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG. * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT * MAY BE LOST. * * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST. * * THANK YOU. * * lkcl@samba.org */ (This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
2000-01-07this looks like a big commit, but it isn't really :)Andrew Tridgell1-1/+0
This fixes our netbios scope handling. We now have a 'netbios scope' option in smb.conf and the scope option is removed from make_nmb_name() this was prompted by a bug in our PDC finding code where it didn't append the scope to the query of the '*' name. (This used to be commit b563be824b8c3141c49558eced7829b48d4ab26f)
1999-12-21converted all our existing shared memory code to use a tdb databaseAndrew Tridgell1-1/+1
instead of either sysv or mmap shared memory or lock files. this means we can now completely remove locking_shm.c locking_slow.c shmem.c shmem_sysv.c and lots of other things also got simpler locking.c got a bit larger, but is much better compartmentalised now (This used to be commit e48c2d9937eea0667b8cd3332e49c06314ef31e7)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-343/+415
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-01damn, that took a while. nt login password was being stored incorrectlyLuke Leighton1-3/+4
in private .mac file (oops). ntlogin test now works. (This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
1999-12-01fixing joining to domain plus something weird going down with nt logins...Luke Leighton1-2/+3
(This used to be commit cef258f1c931ecb7c2dda9d5c9977153e4c1dc73)
1999-11-29first attempt at getting \PIPE\NETLOGON working. it's pretty horrible.Luke Leighton1-140/+166
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
1999-11-24ok. *whew*. this is the first completed part of the restructure.Luke Leighton1-2/+2
verified that lsaquery, lsalookupsids work, and found some bugs in the parameters of these commands :-) soo... we now have an lsa_* api that has the same arguments as the nt Lsa* api! cool! the only significant coding difference is the introduction of a user_credentials structure, containing user, domain, pass and ntlmssp flags. (This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
1999-10-26adding extra parameter back in to trust account functions (trust account name).Luke Leighton1-4/+11
restoring opening S-1-5-20 in sam enum users code. (This used to be commit 1be877114e2e958c59e6516dacf22d3fb5a4240f)
1999-10-25one of those wonderful moments when running against a different MSRPCLuke Leighton1-2/+2
implementation (NT5) when you discover that your code is trash. samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups() all take a HANDLE for multiple-call enumeration purposes. (This used to be commit 19490d8b4fb8a103f3df4e6104f6f22937b0c518)
1999-10-21various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.Luke Leighton1-196/+25
samr_lookup_rids() moved to a dynamic memory structure not a static one limited to 32 RIDs. cli_pipe.c reading wasn't checking ERRmoredata when DOS error codes negotiated (this terminates MSRPC code with prejudice). (This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
1999-10-19need status codes from cli_net_req_chal() and cli_net_auth2().Luke Leighton1-80/+93
this format is what i would like _all_ these functions to be (returning status codes, not BOOL) but that's a horrendous amount of work at the moment :) (This used to be commit 02f240604241367f146b26934ad1a1b2563430de)
1999-09-21split matthew's sync command (only currently called from smbpasswd)Luke Leighton1-73/+1
into a separate module (This used to be commit d99eca020a255022dbc71f3671127343d75db59e)
1999-07-22BDC support.Matthew Chapman1-0/+72
Added synchronise_passdb function to update accounts in a BDC's smbpasswd. Improved rpc_read, which was still somewhat broken for multiple PDU's. modify_trust_password must initialise cli.pwd (pwd_set_nullpwd). (This used to be commit 4783ac3968df1c5c8aa0b6ba9144df8b01ae0b99)
1999-07-21BDC support.Luke Leighton1-39/+11
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
1999-07-06use of safe_cli_errstr() and cli_establish_connection().Luke Leighton1-124/+99
(This used to be commit b60eb8c9fc61bf207ab3600eec3ca722403c4d19)
1999-06-24safe string error reporting functions (found a potential buffer overflowLuke Leighton1-8/+24
of a pstrcpy into an fstring). (This used to be commit ac0060443de800fec9042b69b299ff2e9128a31c)
1999-06-02Some more BDC-related fixes, mainly to the NET_SAM_SYNC RPC with respectMatthew Chapman1-4/+85
to alignment, missing fields, etc. - it should now work correctly. There is still the problem of decoding the private data field. (This used to be commit c3c25e762fbc30d5663323f23449c913f2ce4b0e)
1999-04-08Mainly BDC-related changes.Matthew Chapman1-7/+63
* Added SEC_CHAN_BDC * Propagate sec_chan into the various functions which change trust account passwords, so they can be used for domain control and inter-domain trusts. * Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A BUFFER2 is really a "unibuf" in my terminology and we should treat it as such. * Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4). * Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication. Still experimental and incomplete, with a few too many NULL security descriptors lying around (must go look at Jeremy's SD code). Haven't worked out password encryption yet either. However, the XXX_INFO structures I've added to rpc_netlogon.h are quite nice as they give some insight into how these objects are stored in the SAM. (This used to be commit 7b830350eb54dc9d357c115e12ddf9a0633527ac)
1999-03-12new "domtrust" test command. r&d into inter-domain trust accounts.Luke Leighton1-4/+6
(This used to be commit 65b0abe8b7594ff6c662da86dc2e35bd83a2d13d)
1998-12-07removed nt_pipe_fnum from struct cli_state. need to be able to callLuke Leighton1-19/+20
LsaLookupSids etc from within SamrQueryAliasMembers, for example. fnum is now a parameter to client functions. thanks to mike black for starting the ball rolling. (This used to be commit bee8f7fa6b0f7f995f71303f4e14a4aaed0c2437)
1998-11-20acconfig.h configure configure.in include/config.h.in: Added -lsec and ↵Jeremy Allison1-0/+7
-lsecurity checks in a more sane way. rpc_client/cli_netlogon.c: Removed correct bits check to see if this works with an NT3.51 PDC. rpc_parse/parse_samr.c: Fixed compile warnings. Jeremy. (This used to be commit 34d8f4b1c4d59ab3c009360fc67eef9361dd859b)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+0
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)