summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_samr.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r20904: This is a placeholder fix. Apparently Windows 2000Gerald Carter1-1/+9
is sharing the IDL for the SAMR pipe with Windows 2003 but returning NT_STATUS_NOT_SUPPORTED rather than a DCE/RCE fault. We need to catch this in the general sense by looking at the returned PDU size. But this immediate change fixes password changes via pam_winbind against Windows 2000 DCs. (This used to be commit a3602cc6d4926852a21b13d4b731419f70477f5c)
2007-10-10r18722: Fix up password change times. The can change and must change times areJim McDonough1-5/+10
calculated based on the last change time, policies, and acb flags. Next step will be to not bother storing them. Right now I'm just trying to get them reported correctly. (This used to be commit fd5761c9e52cbf8f1f7e45e71693598b27ecbf57)
2007-10-10r18677: quickly add samr_GetDisplayEnumerationIndex for debugging to rpcclient.Günther Deschner1-0/+70
Guenther (This used to be commit bd546edc482d42c6d783f474eeffa8a8086efd83)
2007-10-10r18369: I've got a sniff where NT4 sends just a single byte after the 516 byteVolker Lendecke1-3/+4
password blob, it seems that pw_len is just a uint8 instead of uint16. This might also be interesting for Samba4's samr.idl. Volker (This used to be commit 68ded4ba07703a20b046e4a58e7a746a78fcedf5)
2007-10-10r18271: Big change:Gerald Carter1-1/+1
* autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2007-10-10r18188: merge 3.0-libndr branchJelmer Vernooij1-18/+9
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
2007-10-10r17877: Make it explicit to the checker that we can never passJeremy Allison1-2/+1
in NULL as ctr to a void returning fn. Jeremy. (This used to be commit 397ab2b1ab72093ba0572493b2e97a93dfc75478)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison1-25/+25
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16373: Fix Klocwork #1071.Jeremy Allison1-2/+8
Jeremy (This used to be commit 080464b93d965a583b2b5f248a2bb8a7fb516e6f)
2007-10-10r16060: This is one of the more dirty patches I've put in lately. Parse ↵Volker Lendecke1-1/+3
enough of SetUserInfo level 25 to survive the join method XP uses if the user did not exist before. For good taste this contains way too much cut&paste, but for a real fix there is just not enough time. Up to 3.0.22 we completely ignored that a full level 21 is being sent together with level 25, but we got away with that because on creation we did not set the "disabled" flag on the workstation account. Now we correctly follow W2k3 in this regard, and we end up with a disabled workstation after join. Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr parsing, but this is would probably be a bit too much for .23... Thanks to Tom Bork for finding this one. Volker (This used to be commit 5a37aba10551456042266443cc0a92f28f8c3d0d)
2007-10-10r15453: Process all the supported info levels in the samr_query_domain_info2Günther Deschner1-0/+16
call. Guenther (This used to be commit 9b0731b2a9b45153356f9f7fad384a02028a8bd3)
2007-10-10r15452: Again purely cosmetic reformat of the samr query domain info calls.Günther Deschner1-22/+22
Guenther (This used to be commit 6ed7d7fa70e3f750f921192c0f75594d608875b7)
2007-10-10r15443: Purely cosmetic reformat, no functional changes.Günther Deschner1-174/+175
Guenther (This used to be commit ef40428d935831bdb19111c933d20e381647f6f8)
2007-10-10r15442: Add some more client rpc for the querydominfo calls (from samba4 idl).Günther Deschner1-7/+118
Also return the hostname for the level 6 call (to be consistent with the server name in level 2). Guenther (This used to be commit 41b72e77ae70c96de4659af6b4b6bd842dd67981)
2007-10-10r15441: cleanup older unused padding.Günther Deschner1-2/+0
Guenther (This used to be commit 6e225e0528604c797a953eb8d3b49a873b21584f)
2007-10-10r15438: Fix samrQueryDomainInfo level 5 where we returned our netbiosGünther Deschner1-5/+5
name eversince instead of the domain name when we are a DC. Yes, there are applications relying on this call to be correct. Guenther (This used to be commit 26dd22c9af8caf3db236984e4683ba210376ca59)
2007-10-10r14646: Adding samr querygroup infolevels 2 & 5.Günther Deschner1-0/+67
Guenther (This used to be commit 6c4fe819c69f281915ad0f4c3bde4dfb194aa33a)
2007-10-10r14634: Many bug fixes thanks to train rides and overnight stays in airportsGerald Carter1-0/+29
* Finally fix parsing idmap uid/gid ranges not to break with spaces surrounding the '-' * Allow local groups to renamed by adding info level 2 to _samr_set_aliasinfo() * Fix parsing bug in _samr_del_dom_alias() reply * Prevent root from being deleted via Samba * Prevent builting groups from being renamed or deleted * Fix bug in pdb_tdb that broke renaming user accounts * Make sure winbindd is running when trying to create the Administrators and Users BUILTIN groups automatically from smbd (and not just check the winbind nexted groups parameter value). * Have the top level rid allocator verify that the RID it is about to grant is not already assigned in our own SAM (retries up to 250 times). This fixes passdb with existing SIDs assigned to users from the RID algorithm but not monotonically allocating the RIDs from passdb. (This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
2007-10-10r14115: Fix coverity bug #23. Don't deref a potentially null ptr.Jeremy Allison1-1/+5
Jeremy. (This used to be commit df32eb70a45150e459997c2ae92c865cd0e083f6)
2007-10-10r14092: Fix coverity bug #22. Ensure no possible nullJeremy Allison1-1/+5
deref. Jeremy. (This used to be commit 0026fb0b2843271c27e9dc02a32e88d580bebbc3)
2007-10-10r14090: Fix coverity bug #21, don't deref potential null.Jeremy Allison1-1/+5
Jeremy. (This used to be commit 76c4d5212bcb5f54472c9ceac2368078ebad7a3b)
2007-10-10r13864: Some cleanup and the samr set security object function client-side.Günther Deschner1-0/+15
Guenther (This used to be commit 0ae3fddf95a95ec8a2f4d52e1276c1721b33ddfd)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner1-15/+6
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13576: This is the beginnings of moving the SAM_ACCOUNT data structureGerald Carter1-2/+2
to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10r13522: Add SAMR_GET_USRDOM_PWINFO client-side.Günther Deschner1-4/+5
Guenther (This used to be commit 290a581b7567eab82b18fbadae9aa2ab29e95069)
2007-10-10r13445: We already made the decision whether to include the dominfo andGünther Deschner1-9/+7
changereject. Guenther (This used to be commit 98d3c63e04e1317a0a2f100e89d9be65a98ecc7e)
2007-10-10r13442: Implement samr_chgpasswd_user3 server-side.Günther Deschner1-29/+41
Guenther (This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38)
2007-10-10r13396: Add in userinfo26, re-enable userinfo25 - took the knowledgeJeremy Allison1-0/+38
from Samba4 on how to decode the 532 byte password buffers. Getting closer to passing samba4 RPC-SCHANNEL test. Jeremy. (This used to be commit 205db6968a26c43dec64c14d8053d8e66807086f)
2007-10-10r13386: Fix parsing of SAMR_Q_CONNECT_ANON.Jeremy Allison1-5/+6
Jeremy. (This used to be commit 6f8334ad31ac773f5c13335f5d8c5bed62987466)
2007-10-10r13350: Implement rpccli_samr_set_domain_info. Weird that it was not around :-)Volker Lendecke1-2/+4
Implement 'net rpc shell account' -- An editor for account policies nt_time_to_unix_abs changed its argument which to me seems wrong, and I could not find a caller that depends on this. So I changed it. Applied some more const in time.c. Volker (This used to be commit fc73690a7000d5a3f0f5ad34461c1f3a87edeac5)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-3/+3
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12935: After discussion with Volker fix bug #3397 using a variant of the ↵Alexander Bokovoy1-0/+42
patch by Alex Deiter (tiamat@komi.mts.ru). Introduces level 9 of getuserinfo and allows to successfully install MS SMS2003 on a member of a Samba domain. Also added support for this level in rpcclient. The code for infolevel 9 is modelled upon Samba-TNG by Alex Deiter. Jerry, we need this in 3.0.21b. (This used to be commit 93461646ce2ad6e2f8b11d40ce98722d56a83b43)
2007-10-10r11964: rename flag to password_properties in SAM_UNK_INFO_1 because that's whatGünther Deschner1-3/+3
it is. (SAM_UNK_INFO_1 should get a better name as well). Guenther (This used to be commit d94aaeb625c39b6205fe61c274aed57b1399bafc)
2007-10-10r11963: add rpccli_samr_chgpasswd3 from samba4.Günther Deschner1-1/+167
Guenther (This used to be commit 0705fed566efdeab05d605dd239afe67ca5e9811)
2007-10-10r11856: Replace unknown1 with group_attr.Günther Deschner1-4/+4
Can anyone remember why we initialize groups only with 0x03 instead of 0x07 ? Guenther (This used to be commit 3282c7c458d390547fbaca44821eff376e8f9aaa)
2007-10-10r11852: Fill in samr_get_dom_pwinfo based on Samba4.Günther Deschner1-6/+2
Guenther (This used to be commit a8bc4bc902075cfd009dc92674c4560a44a74277)
2007-10-10r11793: Fix the SAMR cache so it works across completely insaneJeremy Allison1-9/+9
client behaviour (ie.: open pipe/open SAMR handle/enumerate 0 - 1024 close SAMR handle, close pipe. open pipe/open SAMR handle/enumerate 1024 - 2048... close SAMR handle, close pipe. And on ad-nausium. Amazing.... probably object-oriented client side programming in action yet again. This change should *massively* improve performance when enumerating users from an LDAP database. Jeremy. (This used to be commit 8ce705d9cc1b6a79d710a10ff38f72a0f1006dda)
2007-10-10r11769: Looking at a performance problem enumerating accounts, wonderedJeremy Allison1-1/+111
if changing to support samr_connect5 might help so quickly coded it up. No it doesn't :-(. Don't merge this for 3.0.21 please. Jeremy. (This used to be commit bff1df678a8948d382f4555e83a1df23146a4b12)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-2/+2
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-4/+2
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r9660: real fix for group enumeration bug in 3.0.20; only affected the ↵Gerald Carter1-1/+1
ldapsam code (This used to be commit 62f9fb5e3a9bce539c9fedc5fdec1b8741a922c7)
2007-10-10r9593: fix enumerated group name (should be full name (i.e. mapped name) and ↵Gerald Carter1-1/+1
not unix name) (This used to be commit 8928575abde51f04d0596420a85381f697b66c58)
2007-10-10r8564: Sometimes we're too dumb to live... Fix samr calls where we wereJeremy Allison1-44/+44
using USER_INFO_XX structs and functions where XX was sometimes in hex and sometimes in decimal. Now it's all in decimal (should be no functionality change). Jeremy. (This used to be commit 84651aca04cbcbf50ab2e78333cc9d9e49dd92f5)
2007-10-10r6601: fixing query and set alias info calls (level 1 from theGerald Carter1-52/+35
MMC manage computer plugin. (This used to be commit c43c1ec80cb52569ccabcdf95e4004386ecb29d6)
2007-10-10r6351: This is quite a large and intrusive patch, but there are not many ↵Volker Lendecke1-135/+86
pieces that can be taken out of it, so I decided to commit this in one lump. It changes the passdb enumerating functions to use ldap paged results where possible. In particular the samr calls querydispinfo, enumdomusers and friends have undergone significant internal changes. I have tested this extensively with rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will follow later. The code is based on a first implementation by Günther Deschner, but has evolved quite a bit since then. Volker (This used to be commit f0bb44ac58e190e19eb4e92928979b0446e611c9)
2007-10-10r5580: Fix "net rpc trustdom add". Much closer to what windows does. Also stopJim McDonough1-42/+18
referencing unknown_6 from sam, because it's just fixed at 1260, the max len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb. (This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
2007-10-10r5262: Fix server_role in the samr_query_dom_info calls. When we are a BDC weGünther Deschner1-6/+6
should not say we are a PDC. Guenther (This used to be commit 6cdf3b97de2c28ac92f972621b0ce04c1c80cea5)
2007-10-10r4868: Add "net rpc user RENAME"-command.Günther Deschner1-2/+51
Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2007-10-10r4336: Apply some other samba4 SAMR idl that is just too obvious. Don't hardGünther Deschner1-6/+4
set the value "forcibly disconnect remote users from server when logon hours expire" to "no", instead take the value from our account-policy storage. Guenther (This used to be commit e3bd2a22a5cebc4adf6910d3ec31bc6fada8cd35)
2007-10-10r4331: Implement SAMR query_dom_info-call info-level 8 server- and client-side,Günther Deschner1-5/+42
based on samba4-idl. This saves us an enormous amount of totally unnecessary ldap-traffic when several hundreds of winbind-daemons query a Samba3 DC just to get the fake SAM-sequence-number (time(NULL)) by enumerating all users, all groups and all aliases when query-dom-info level 2 is used. Note that we apparently never get the sequence number right (we parse a uint32, although it's a uint64, at least in samba4 idl). For the time being, I would propose to stay with that behaviour. Guenther (This used to be commit f9ab15a986626581000d4b93961184c501f36b93)