Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 8968808c3b5b0208cbad9ac92eaf948f2c546dd9)
|
|
Jeremy.
(This used to be commit 8ad13718af0ba1fcb10a6f1631b1ed3cb8d11175)
|
|
(This used to be commit 2eec760154a4126df616a3c078b7741c57239c86)
|
|
metze
(This used to be commit aa28bcc4669bf08f73815d00cd87c854d2ac1e92)
|
|
not specific for NTLMSSP
- it's possible that the server sends a mechOID and authdata
if negResult != SPNEGO_NEG_RESULT_INCOMPLETE, but we still
force the mechOID to be present if negResult == SPNEGO_NEG_RESULT_INCOMPLETE
metze
(This used to be commit e9f2aa22f90208a5e530ef3b68664151960a0a22)
|
|
which matches what samba4 has.
also fix all the callers to prevent compiler warnings
metze
(This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
|
|
(This used to be commit e73a418b5b0100936efb4c1133da3cfe3fcb61cd)
|
|
Jeremy, I'm afraid you removed the "domain->initialized" from the
set_dc_types_and_flags() call when the connect to PI_LSARPC_DS failed
(with rev. 19148).
This causes now that init_dc_connection_network is called again and
again which in turn rescans the DC each time (which of course fails each
time with NT_STATUS_BUFFER_TOO_SMALL). Just continue with the
non-PI_LSARPC_DS scan so that the domain is initialized properly.
Guenther
(This used to be commit c6f63a08f55a4121cbe5aac537d2ef983dc25a97)
|
|
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".
Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).
Guenther
(This used to be commit 7e1a84b7226fb8dcd5d34c64a3478a6d886a9a91)
|
|
Guenther
(This used to be commit 5d4747fdf2e5874cb5d2238ee62e4fcac1676134)
|
|
(This used to be commit 7fd1578a905d3c974cb88cc93452d43a03038d30)
|
|
Guenther
(This used to be commit 27c35848ebc6d72fd4fccbb6597b63787230f80c)
|
|
gives just any DC), also make sure to set timeouts in rpcclient
accordingly so that we actually get the DC's reply.
Guenther
(This used to be commit 6091c8152a3998d2503cb0911a217ee904509633)
|
|
Guenther
(This used to be commit 44e228ac796fca2db8509915067511ed705032bf)
|
|
items in cac_winreg.c
* Get 'net rpc registry enumerate' to list values again
* Fix winreg.idl QueryInfoKey(). The max_subkeysize is the
max_classlen (we previously had this correct in Samba3")
* fix valgrind error about uninitialized memory and use-before-set
on size value inmemset() call
* Fix key enumeration in 'net rpc registry enumerate'
* regenerate gen_dir files based on local pidl patches
Please note that the generated ndr files are from my local
copy of pidl. If you need to regenerate, please apply the
patch that I posted to the samba-technical list earlier today.
(This used to be commit 5d843612a1b9d92022f76626f1c7473faebec4ba)
|
|
in,out ref pointer
* Clarify variable names in EnumValue IDL
* Fix server code for _winreg_EnumValue() and _winreg_QueryInfoKe()
(This used to be commit f520a9d0fba4cc3cfbda40dd68cb63c4c3c4ed30)
|
|
There some broken functionality here that I'm still working on.
* remove unneeded parsing routines
(This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
|
|
(This used to be commit 964d95bce6bbaf985ed8cd50daee8216bc446a28)
|
|
and server code.
This has had some basic testing. I'll do more during the next couple of days and hopefully also
make RPC-SRVSVC from Samba4 pass against it.
(This used to be commit ef10672399c4b82700dc431b4d93431ffdd42d98)
|
|
for the enumeration loop (following msdn docs of that call).
Guenther
(This used to be commit 138a921f82a02991eed7ab7d958ec7ea78608684)
|
|
(This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
|
|
descriptor
buffers.
Make security access masks simply a uint32 rather than a structure
with a uint32 in it.
(This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
|
|
* Remove the old wkssvc server, client, & parsing code.
* Update srv_wkssvc_nt.c with stubs for the remaining
stubs
(This used to be commit 0cb79ee13fd78b515a48b2c72d91596ed21e41a8)
|
|
(This used to be commit a2d61ca85c470be63c96a10a422a6b44e60f9b52)
|
|
code. Removed first rpc_parse/*.c file. w00t!
(This used to be commit bb9b7a058d72569bee5683856661ac063c281c9f)
|
|
* rpccli_reg_abort_shutdown()
* rpccli_reg_flush_key()
Remove the cmd_reg.c from rpcclient since the entire file
was unused
(This used to be commit c4788f0c1398feb098f131aa5c4d0398d7489527)
|
|
Guenther
(This used to be commit bd546edc482d42c6d783f474eeffa8a8086efd83)
|
|
(This used to be commit 5de76767e857e9d159ea46e2ded612ccd6d6bf19)
|
|
Guenther
(This used to be commit 1a307954e5ddc1441524eb6d22258be387cca9d4)
|
|
implement
some of the missing functions. RPC-ECHO now passes against Samba3.
(This used to be commit 9e9a05366176454cc1779acc6c2b6070743f5939)
|
|
* rename PI_SHUTDOWN from include/smb.h to PI_INITSHUTDOWN
for compatibility with pidl libndr output
(This used to be commit 23a882861311d9d6ca45af1bfcc90d05846ba3a9)
|
|
(This used to be commit e277fb067b1a12d816c8a066839751c1824d27bb)
|
|
make rpccli_lsa_close() a real one line wrapper for
rpccli_lsa_Close().
I'm still keeping the wrapper for now because I'm not sure
what we will do about a usable client API. I don't think
calling the autogenerated client code directly is a good idea
as the IDL is still evolving.
(This used to be commit 47f0c71218ade18cb94b48661f064e8956e06096)
|
|
* move OUR_HANDLE macro to include/rpc_misc.h
(This used to be commit 2b37079af2f569df7a58878150a61980c6fe06ee)
|
|
rpccli_lsa_Close().
(This used to be commit 365c75603d9130f46dd40ab46e14f3c91c687c65)
|
|
(This used to be commit 4fb35eeb44d434b04282c41e98c4a5767e1a8647)
|
|
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
|
|
(This used to be commit eec8b915d1bf6e62c45d309579a4f93380aa43a8)
|
|
initial work. I'm including the librpc/gen_ndr directory
in svn temporarily just to get some compile issues straightened
out.
(This used to be commit cf271aa433cfa606be5dbf3ed1d94fe3caf57653)
|
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
Guenther
(This used to be commit 8c1198c1592e7c07904b448ed7a54b9b23c941df)
|
|
* Remove "unknown" from dfs_Enum (samba4 dfs IDL updates to follow).
* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).
Guenther
(This used to be commit f9bef1f08f7d2a4c95c28329ac73e8646f033998)
|
|
(This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c)
|
|
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
by converting the lookup_XX functions to correctly
return SID_NAME_TYPE enums.
Jeremy.
(This used to be commit ee2b2d96b60c668e37592c79e86c2fd851e15f69)
|
|
(This used to be commit 555984ea772730a5752905f1130e0bf6ec48207f)
|
|
in smb.conf. This did work before the join rewrite.
Samba will have problems if you try to run any of the daemons
with an incorrect workgroup but it should not fail to join.
The summary is that a member server should always use it's
own machine name when setting up schannel since that is
the only account it has. Thanks to Volker for the discussion.
(This used to be commit 95763b94f709fe1ad9e381dbc6b364c2f3759024)
|
|
cli_rpc_pipe_open_krb5.
Guenther
(This used to be commit fa19099112490daa085bb310f2f4ed877bb22b40)
|
|
samr_query_domain_info(2) for consistency reasons.
Guenther
(This used to be commit 870495e2c8628deee0498e68cc1d93abfbc56da4)
|