Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
(This used to be commit 39f8508f5d978a936779fdfd51b90fec4faa4301)
|
|
Guenther
(This used to be commit cb6a84712cf91d104206356f0ac256a071868d66)
|
|
Guenther
(This used to be commit 253cf1523871f2218e9e59b0a01f47b8bc745ac9)
|
|
Guenther
(This used to be commit 0c9904864b5c3b893f99abdebb18d9624aa0f560)
|
|
Guenther
(This used to be commit 87dc2471d1c2a5be17604399d4f684193a6bba38)
|
|
Guenther
(This used to be commit d7655932a7cb436f1ee44e443882e2f06d598aa0)
|
|
Guenther
(This used to be commit 07e5138ad960bce8569ea593ca9a1b4fbf2b1048)
|
|
Guenther
(This used to be commit 1f45079907d03116b48b55d616281ed4359a66d8)
|
|
Guenther
(This used to be commit b24cf05dcad5696a7b948c93de9e995c2b53e80f)
|
|
Guenther
(This used to be commit c86640320199898cc5e3040bc3339db683e98da8)
|
|
Guenther
(This used to be commit 62944007315c1744e2d2db7db593bc72af4b643b)
|
|
Guenther
(This used to be commit aaf662a724f1bae5333666caf8b2fbe908f13992)
|
|
Guenther
(This used to be commit 478612b79d11fa1ad3bf16e317d63c2a00e1957a)
|
|
Guenther
(This used to be commit e1968880a88ad2a56c5fef7d416646dcb96965ef)
|
|
Guenther
(This used to be commit d71f56a293d67971c45ee44219752a55fb21f8be)
|
|
Guenther
(This used to be commit 1b931e9145910a74b9e9661a9255cd79e434ffea)
|
|
Guenther
(This used to be commit 81e2e3a288fb40bf4ba1b83adf459a0cf6f02ed2)
|
|
Guenther
(This used to be commit 6b2f205844b1e2af4c74247fed13d6e383319067)
|
|
Guenther
(This used to be commit fc29364abe10d3ec249602cb3437e50294f5de76)
|
|
Guenther
(This used to be commit b6b226e6365477f855de1e549ef32df452838031)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
rename some DCERPC_ prefixes into NDR_
metze
(This used to be commit 8f07b8ab658ae3d63487ca5fb20065318cdd9d0e)
|
|
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
failed expression in SMB_ASSERT.
(This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
|
|
Convert the low-hanging fruit of the LSA server. This provides a sample how
the server calls can be converted one by one, see the "proxy_lsa_call"
function.
Volker
(This used to be commit 99e54a213ad3561ea6e8dc44c483847c18c5681e)
|
|
Jeremy.
(This used to be commit f1a362580ae37730dc8393a79f832aed5d0ea4be)
|
|
Jeremy.
(This used to be commit b57406c89feaf550f6c2d29ef0ed73a935908add)
|
|
Jeremy.
(This used to be commit a164cfab420a2439dad8fd85f8b4d652087fa6b9)
|
|
version to 3.0.20pre1
(This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
|
|
(This used to be commit 277203b5356af58ce62eb4eec0db2eccadeeffd6)
|
|
(This used to be commit ccdff4a998405544433aa32938963e4c37962fcc)
|
|
parsing bugs related to that code
(This used to be commit 7bf1312287cc1ec6b97917ba25fc60d6db09f26c)
|
|
(based on Simo's code in trunk). Rewritten with the
following changes:
* privilege set is based on a 32-bit mask instead of strings
(plans are to extend this to a 64 or 128-bit mask before
the next 3.0.11preX release).
* Remove the privilege code from the passdb API
(replication to come later)
* Only support the minimum amount of privileges that make
sense.
* Rewrite the domain join checks to use the SeMachineAccountPrivilege
instead of the 'is a member of "Domain Admins"?' check that started
all this.
Still todo:
* Utilize the SePrintOperatorPrivilege in addition to the 'printer admin'
parameter
* Utilize the SeAddUserPrivilege for adding users and groups
* Fix some of the hard coded _lsa_*() calls
* Start work on enough of SAM replication to get privileges from one
Samba DC to another.
* Come up with some management tool for manipultaing privileges
instead of user manager since it is buggy when run on a 2k client
(haven't tried xp). Works ok on NT4.
(This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
|
|
(no need to include all of smbd files to use some basic sec functions)
also minor compile fixes
couldn't compile to test these due to some kerberos problems wirh 3.0,
but on HEAD they're working well, so I suppose it's ok to commit
(This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
|
|
There is a workaround documented in the bug report.
This patch does:
* add server support for the LSA_DS UUID on the lsarpc pipe
* store a list of context_ids/api_structs in the pipe_struct
so that we don't have to lookup the function table for a pipe.
We just match the context_id. Note that a dce/rpc alter_context
does not destroy the previous context so it is possible to
have multiple bindings active on the same pipe. Observed from
standalone win2k sp4 client.
* added server code for DsROleGetPrimaryDOmainInfo() but disabled it
since it causes problems enumerating users and groups from a 2ksp4
domain member in a Samba domain.
(This used to be commit 96bc2abfcb0dd0912696fad76e43cb217b33e061)
|
|
(This used to be commit a2bd8f0bfa12f2a1e33c96bc9dabcc0e2171700d)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
unless we are trying to be an ADS DC
(This used to be commit bf20976e5a993f4cfa05c1e0a9ecab2c7da99263)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
|
|
(This used to be commit aca7319e8d45eb604f28b8bd490413b08e2c98f2)
|
|
(This used to be commit d9c485b01017594d113502f9de2248d6c120cfa3)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
(This used to be commit e01596853e3eea533baa08c33f26ded75f33fdd4)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
owner. that's basic stuff.
got the POLICY_ define from TNG but they are also in an include file in
the NT SDK.
J.F.
(This used to be commit 84289a9bf42847981926e198ad36c050904fa9ed)
|
|
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).
Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.
Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.
J.F.
(This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
LSA_ENUM_PRIVS
LSA_PRIV_GET_DISPNAME
LSA_ENUM_ACCOUNTS
LSA_OPENACCOUNT
LSA_ENUMPRIVSACCOUNT
LSA_GETSYSTEMACCOUNT
It's a work in progress. nobody should expect it to work
J.F.
(This used to be commit 3056357cd8d4b2460f73ba8a8931a143f07fa2a6)
|