Age | Commit message (Collapse) | Author | Files | Lines |
|
* add some backwards compatibility to 'net rpc rights list'
* verify privilege name in 'net rpc rights privileges <name>' in order
to give back better error messages.
(This used to be commit 0e29dc8aa384dfa6d2495beb8a9ffb5371e60a13)
|
|
net rpc service stop
net rpc service start
net rpc service pause
net rpc service resume
(This used to be commit a7fb2c50b07a7d9965675272a71f42beba92acfe)
|
|
spooler service is SVCCTL_RUNNING.
Configuration details:
Service Type = 0x110
Start Type = 0x2
Error Control = 0x1
Tag ID = 0x0
Executable Path = C:\WINNT\system32\spoolsv.exe
Load Order Group = SpoolerGroup
Dependencies = RPCSS/
Start Name = LocalSystem
Display Name = Print Spooler
(This used to be commit b921bf568835042a43bb0bcb2abd9d36c9d2e43f)
|
|
(This used to be commit 42588ba50cb1b47a00f3e0bed33ca3431eb8af14)
|
|
'net rpc service'
(This used to be commit 759affb1e1aa59fcb878b4dee781aa362b3e7e1c)
|
|
open and close the service control manager.
Also experimenting with ideas for cli_xxx() interface.
(This used to be commit 4da89ef17b8c4644b97b923cebfe8e446b508b4d)
|
|
fill in tomorrow
(This used to be commit 6bbd61cfd1ca2dbe8d96d894f90f263b8f24571f)
|
|
pulling back all recent rpc changes from trunk into
3.0. I've tested a compile and so don't think I've missed
any files. But if so, just mail me and I'll clean backup
in a couple of hours.
Changes include \winreg, \eventlog, \svcctl, and
general parse_misc.c updates.
I am planning on bracketing the event code with an
#ifdef ENABLE_EVENTLOG until I finish merging Marcin's
changes (very soon).
(This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
|
|
all versions of a driver
(This used to be commit 1f0060278609a194b76872367530d2f7bcea7fa7)
|
|
segvs
(This used to be commit 25121547caaaed0d60f4db7458570c14e7d21b2a)
|
|
(This used to be commit 277203b5356af58ce62eb4eec0db2eccadeeffd6)
|
|
samr_remove_sid_from_foreign_domain.
(This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
|
|
Guenther
(This used to be commit 1c8616618cf35a5aaef03b6e570d95d1a3e34e4e)
|
|
rejects
everything but 1000 here, so there's no point in exposing that to the caller.
Thanks,
Volker
(This used to be commit 03ec1bd9e54b065c0494bc57a3d78ac0ae28e234)
|
|
Thanks,
Volker
(This used to be commit 43dcf0f5cb5dc2dd37ab3cdc2905970d9cc50ba4)
|
|
right pipe FID. Fixes NT_STATUS_INVALID_HANDLE error.
(This used to be commit bfd9b9e99711abcaac80d98160723f5dc37b6917)
|
|
fix a segfault in rpcclient's dsenumdomtrusts
(This used to be commit 558525abf14432bd5527e5578ce18d128627dabb)
|
|
* define some const SE_PRIV structure for use when
you need a SE_PRIV* to a privilege
* fix an annoying compiler warngin in smbfilter.c
* translate SIDs to names in 'net rpc rights list accounts'
* fix a seg fault in cli_lsa_enum_account_rights caused by
me forgetting the precedence of * vs. []
(This used to be commit d25fc84bc2b14da9fcc0f3c8d7baeca83f0ea708)
|
|
one small todo item is to add a 'accounts' sub option
to 'net rpc list' so enumerate all privileged SIDs
and their associated rights.
(This used to be commit bf4385c79a0ce2e4983ffa11d39367dbf1d4dcfd)
|
|
(This used to be commit a24df21e66aeafb15e22f9ed4df7d9dded3e3b52)
|
|
more than
one pointer...
Volker
(This used to be commit f2f08b64a53f6efd3154ff2656ecacc86872a18c)
|
|
(This used to be commit 4b351f2fcc365a7b7f8c22b5139c299aa54c9458)
|
|
(based on Simo's code in trunk). Rewritten with the
following changes:
* privilege set is based on a 32-bit mask instead of strings
(plans are to extend this to a 64 or 128-bit mask before
the next 3.0.11preX release).
* Remove the privilege code from the passdb API
(replication to come later)
* Only support the minimum amount of privileges that make
sense.
* Rewrite the domain join checks to use the SeMachineAccountPrivilege
instead of the 'is a member of "Domain Admins"?' check that started
all this.
Still todo:
* Utilize the SePrintOperatorPrivilege in addition to the 'printer admin'
parameter
* Utilize the SeAddUserPrivilege for adding users and groups
* Fix some of the hard coded _lsa_*() calls
* Start work on enough of SAM replication to get privileges from one
Samba DC to another.
* Come up with some management tool for manipultaing privileges
instead of user manager since it is buggy when run on a 2k client
(haven't tried xp). Works ok on NT4.
(This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
|
|
Also fix return of NT_STATUS_NO_MORE_ENTRIES should be
ERROR_NO_MORE_ITEMS reported by "Marcin Porwit" <mporwit@centeris.com>.
Jeremy.
(This used to be commit 511cdec60d431d767fb02f68ca5ddd4ddb59e64a)
|
|
supported pipe. Netlogon is still special, as we open that twice, one to do
the auth2, the other one with schannel.
The client interface is completely unchanged for those who only use a single
pie. cli->pipe_idx is used as the index for everything except the "real"
client rpc calls, which have been explicitly converted in my last commit. Next
step is to get winbind to just use a single smb connection for multiple pipes.
Volker
(This used to be commit dc294c52e0216424236057ca6cd35e1ebf51d0da)
|
|
future
patches.
Pass down the pipe_idx down to all functions in cli_pipe where nt_pipe_fnum is
referenced. First step towards having multiple pipes on a cli_struct. The idea
is to not have a single nt_pipe_fnum but an array for the pipes we support.
Volker
(This used to be commit 93eab050201d4e55096a8820226749f001597b5d)
|
|
The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting
acct_flags with bizarre values, breaking a lot of things.
This patch is successfully running in a production environment for quite
some time now and is required to finally allow Exchange 5.5 to access
another Exchange Server when both are running on NT4 in a
samba-controlled domain. This also allows Exchange Replication to take
place, Exchange Administrator to access other Servers in the network,
etc. Fixes Bugzilla #1136.
Thanks abartlet for helping me with that one.
Guenther
(This used to be commit bd4c5125d6989cebc90152a23e113b345806c660)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
architecture and a specific version.
Guenther
(This used to be commit a24df09386f177e625fb99c975896cbe7a594b4b)
|
|
function to rpcclient
(This used to be commit cfd51c02447f7b42cffcaf4cc6179237d58c8229)
|
|
(usersidlist/allowedusers) to scan a file server's share and list all users
who have permission to connect there.
Volker
(This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
|
|
Is there any other rpc-call to get the guid of a published printer?
Guenther
(This used to be commit 944ad569c7a88e1d2f14311eed10f80ea9861963)
|
|
* add IA64 to the architecture table of printer-drivers
* add new "net"-subcommands:
net rpc printer migrate {drivers|printers|forms|security|settings|all}
[printer]
net rpc share migrate {shares|files|all} [share]
this is the first part of the migration suite. this will will (once
feature-complete) allow to do 1:1 server-cloning in the best possible way by
making heavy use of samba's rpc_client-functions. all migration-steps
are implemented as rpc/smb-client-calls; net communicates via rpc/smb
with two servers at the same time (a remote, source server and a
destination server that currently defaults to the local smbd). this
allows e. g. printer-driver migration including driverfiles, recursive
mirroring of file-shares including file-acls, etc. almost any migration
step can be called with a migrate-subcommand to provide more flexibility
during a migration process (at the cost of quite some redundancy :) ).
"net rpc printer migrate settings" is still in a bad condition (many
open questions that hopefully can be adressed soon).
"net rpc share migrate security" as an isolated call to just migrate
share-ACLs will be added later.
Before playing with it, make sure to use a test-server. Migration is a
serious business and this tool-set can perfectly overwrite your
existing file/print-shares.
* along with the migration functions had to make I the following
changes:
- implement setprinter level 3 client-side
- implement net_add_share level 502 client-side
- allow security descriptor to be set in setprinterdata level 2
serverside
guenther
(This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
|
|
entries from rpcclient.
Jeremy.
(This used to be commit bd64f0c08143545a8613688402f769a713227557)
|
|
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
(This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
|
|
rpc_bind reply
(This used to be commit c6e73ff091b4d87111b33735400fdd10d4c8671c)
|
|
for setting up an schannel connection. This solves the problem
of a Samba DC running winbind, trusting a native mode AD domain,
and needing to enumerate AD users via wbinfo -u.
(This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
|
|
support 128 bit encryption
(This used to be commit 316ba5ad89ddfa445d44d28141c5901fc64aec90)
|
|
(This used to be commit 2cbcc07b7b1b78b1bed95bfd8b8fc34016553201)
|
|
delete'.
Volker
(This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
|
|
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
|
|
* updateing WHATSNEW with vl's change
(This used to be commit a7e2730ec4389e0c249886a8bfe1ee14c5abac41)
|
|
a DC it trusts.
Volker
(This used to be commit ae6840320ff47827c2817549fe3133a57e3fe77f)
|
|
NT session.
Andrew Bartlett
(This used to be commit 01fff20e6e0212e9f70a5a66c3e46f7079b342f1)
|
|
(This used to be commit 170c443b19604c3ec997ae494954c473e356e59d)
|
|
(This used to be commit 3aac1e549eaf4693ded84be432a2c94b6331ef6d)
|
|
so dont check for it
(This used to be commit 4d68d3d5ddeda9589f2e3387144fdac616bb791f)
|
|
Volker
(This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
|
|
group_info4 in set_dom_group_info also has the level in the record
itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can
still create a domain group on a samba machine.
Volker
(This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
|
|
As well as avoiding DOS charset issues, this scheme returns useful error
codes, that we can map back via the pam interface.
This patch also cleans up the interfaces used for password buffers, to
avoid duplication of code.
Andrew Bartlett
(This used to be commit 2a2b1f0c872d154fbcce71a250e23dfad085ba1e)
|