| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
enough of
SetUserInfo level 25 to survive the join method XP uses if the user did not
exist before. For good taste this contains way too much cut&paste, but for a
real fix there is just not enough time.
Up to 3.0.22 we completely ignored that a full level 21 is being sent together
with level 25, but we got away with that because on creation we did not set
the "disabled" flag on the workstation account. Now we correctly follow W2k3
in this regard, and we end up with a disabled workstation after join.
Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr
parsing, but this is would probably be a bit too much for .23...
Thanks to Tom Bork for finding this one.
Volker
(This used to be commit 5a37aba10551456042266443cc0a92f28f8c3d0d)
|
|
call.
Guenther
(This used to be commit 9b0731b2a9b45153356f9f7fad384a02028a8bd3)
|
|
Guenther
(This used to be commit 6ed7d7fa70e3f750f921192c0f75594d608875b7)
|
|
Guenther
(This used to be commit ef40428d935831bdb19111c933d20e381647f6f8)
|
|
Also return the hostname for the level 6 call (to be consistent with the
server name in level 2).
Guenther
(This used to be commit 41b72e77ae70c96de4659af6b4b6bd842dd67981)
|
|
Guenther
(This used to be commit 6e225e0528604c797a953eb8d3b49a873b21584f)
|
|
name eversince instead of the domain name when we are a DC.
Yes, there are applications relying on this call to be correct.
Guenther
(This used to be commit 26dd22c9af8caf3db236984e4683ba210376ca59)
|
|
Guenther
(This used to be commit 6c4fe819c69f281915ad0f4c3bde4dfb194aa33a)
|
|
* Finally fix parsing idmap uid/gid ranges not to break with spaces
surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
_samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
and Users BUILTIN groups automatically from smbd (and not just check the
winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
grant is not already assigned in our own SAM (retries up to 250 times).
This fixes passdb with existing SIDs assigned to users from the RID algorithm
but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
|
|
Jeremy.
(This used to be commit df32eb70a45150e459997c2ae92c865cd0e083f6)
|
|
deref.
Jeremy.
(This used to be commit 0026fb0b2843271c27e9dc02a32e88d580bebbc3)
|
|
Jeremy.
(This used to be commit 76c4d5212bcb5f54472c9ceac2368078ebad7a3b)
|
|
Guenther
(This used to be commit 0ae3fddf95a95ec8a2f4d52e1276c1721b33ddfd)
|
|
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
Guenther
(This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
|
|
changereject.
Guenther
(This used to be commit 98d3c63e04e1317a0a2f100e89d9be65a98ecc7e)
|
|
Guenther
(This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38)
|
|
from Samba4 on how to decode the 532 byte password buffers.
Getting closer to passing samba4 RPC-SCHANNEL test.
Jeremy.
(This used to be commit 205db6968a26c43dec64c14d8053d8e66807086f)
|
|
Jeremy.
(This used to be commit 6f8334ad31ac773f5c13335f5d8c5bed62987466)
|
|
Implement 'net rpc shell account' -- An editor for account policies
nt_time_to_unix_abs changed its argument which to me seems wrong, and I could
not find a caller that depends on this. So I changed it. Applied some more
const in time.c.
Volker
(This used to be commit fc73690a7000d5a3f0f5ad34461c1f3a87edeac5)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
patch by Alex Deiter (tiamat@komi.mts.ru).
Introduces level 9 of getuserinfo and allows to successfully install MS SMS2003
on a member of a Samba domain. Also added support for this level in rpcclient.
The code for infolevel 9 is modelled upon Samba-TNG by Alex Deiter.
Jerry, we need this in 3.0.21b.
(This used to be commit 93461646ce2ad6e2f8b11d40ce98722d56a83b43)
|
|
it is. (SAM_UNK_INFO_1 should get a better name as well).
Guenther
(This used to be commit d94aaeb625c39b6205fe61c274aed57b1399bafc)
|
|
Guenther
(This used to be commit 0705fed566efdeab05d605dd239afe67ca5e9811)
|
|
Can anyone remember why we initialize groups only with 0x03 instead of 0x07 ?
Guenther
(This used to be commit 3282c7c458d390547fbaca44821eff376e8f9aaa)
|
|
Guenther
(This used to be commit a8bc4bc902075cfd009dc92674c4560a44a74277)
|
|
client behaviour (ie.:
open pipe/open SAMR handle/enumerate 0 - 1024
close SAMR handle, close pipe.
open pipe/open SAMR handle/enumerate 1024 - 2048...
close SAMR handle, close pipe.
And on ad-nausium. Amazing.... probably object-oriented
client side programming in action yet again.
This change should *massively* improve performance when
enumerating users from an LDAP database.
Jeremy.
(This used to be commit 8ce705d9cc1b6a79d710a10ff38f72a0f1006dda)
|
|
if changing to support samr_connect5 might help so quickly coded
it up. No it doesn't :-(. Don't merge this for 3.0.21 please.
Jeremy.
(This used to be commit bff1df678a8948d382f4555e83a1df23146a4b12)
|
|
x86_64 box.
Jeremy.
(This used to be commit d720867a788c735e56d53d63265255830ec21208)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
ldapsam code
(This used to be commit 62f9fb5e3a9bce539c9fedc5fdec1b8741a922c7)
|
|
not unix name)
(This used to be commit 8928575abde51f04d0596420a85381f697b66c58)
|
|
using USER_INFO_XX structs and functions where XX was sometimes
in hex and sometimes in decimal. Now it's all in decimal (should
be no functionality change).
Jeremy.
(This used to be commit 84651aca04cbcbf50ab2e78333cc9d9e49dd92f5)
|
|
MMC manage computer plugin.
(This used to be commit c43c1ec80cb52569ccabcdf95e4004386ecb29d6)
|
|
pieces that
can be taken out of it, so I decided to commit this in one lump. It changes
the passdb enumerating functions to use ldap paged results where possible. In
particular the samr calls querydispinfo, enumdomusers and friends have
undergone significant internal changes. I have tested this extensively with
rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will
follow later.
The code is based on a first implementation by Günther Deschner, but has
evolved quite a bit since then.
Volker
(This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
|
|
referencing unknown_6 from sam, because it's just fixed at 1260, the max
len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb.
(This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
|
|
should not say we are a PDC.
Guenther
(This used to be commit 6cdf3b97de2c28ac92f972621b0ce04c1c80cea5)
|
|
Note that Samba3 does not yet support it server-side.
Guenther
(This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
|
|
set the value "forcibly disconnect remote users from server when logon
hours expire" to "no", instead take the value from our account-policy
storage.
Guenther
(This used to be commit e3bd2a22a5cebc4adf6910d3ec31bc6fada8cd35)
|
|
based on samba4-idl.
This saves us an enormous amount of totally unnecessary ldap-traffic
when several hundreds of winbind-daemons query a Samba3 DC just to get
the fake SAM-sequence-number (time(NULL)) by enumerating all users, all
groups and all aliases when query-dom-info level 2 is used.
Note that we apparently never get the sequence number right (we parse a
uint32, although it's a uint64, at least in samba4 idl). For the time
being, I would propose to stay with that behaviour.
Guenther
(This used to be commit f9ab15a986626581000d4b93961184c501f36b93)
|
|
comment string and not an unknown 12 byte structure...
Found after abartlet's smbtorture extended this string to
"Tortured by Samba4: Fri Nov 26 15:40:18 2004 CET"
;-))
Volker
(This used to be commit b41d94d8186f66136918432cf32e9dcef5a8bd12)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
(This used to be commit 3ebfd137b2d8f393874561046ef79f4d9a8cae52)
|
|
Andrew Bartlett
(This used to be commit 61768f4cb3a268ce30911b15b30f82de36716b5f)
|
|
Volker
(This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
|
|
Jeremy.
(This used to be commit b9e79004a4c1e4a472f0627d2c33c966af22ccd2)
|
|
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
|
|
Volker
(This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
|
|
group_info4 in set_dom_group_info also has the level in the record
itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can
still create a domain group on a samba machine.
Volker
(This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
|
