summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_lsa_nt.c
AgeCommit message (Collapse)AuthorFilesLines
2010-08-06s3-netlogon: remove global include of netlogon.h.Günther Deschner1-0/+1
This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther
2010-08-05s3-secrets: only include secrets.h when needed.Günther Deschner1-0/+1
Guenther
2010-07-28s3-dcerpc: Use dcerpc_AuthType in pipe_auth_dataSimo Sorce1-2/+2
2010-07-28s3-lsa: Use struct pipes_struct.Andreas Schneider1-83/+120
2010-07-13s3-dceprc: Store opnum in its own variableSimo Sorce1-2/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2010-06-07s3-privileges: use LUID defines from lsa IDL.Günther Deschner1-6/+4
Guenther
2010-06-03s3-security: use shared "Standard access rights.".Günther Deschner1-2/+2
Guenther
2010-05-28s3:auth use info3 in auth_serversupplied_infoSimo Sorce1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-17/+17
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner1-6/+6
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner1-1/+1
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner1-1/+1
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner1-1/+1
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-03-16s3-lsa: fix _lsa_lsaRSetForestTrustInformation server stub.Günther Deschner1-1/+1
Guenther Signed-off-by: Günther Deschner <gd@samba.org>
2010-01-10s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke1-2/+1
2009-11-26s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵Günther Deschner1-0/+1
samba. Guenther
2009-11-03s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy().Günther Deschner1-0/+32
Add dummys (just like s4 does) and fill in some more appropriate error codes. Guenther
2009-10-30s3-lsa: expand struct lsa_info to carry name and sd.Günther Deschner1-0/+2
Guenther
2009-10-30s3-lsa: use switch in _lsa_QuerySecurity().Günther Deschner1-3/+7
Guenther
2009-10-28s3-lsa: add lsa_trusted_domain_mapping.Günther Deschner1-0/+7
Guenther
2009-10-28s3-lsa: add lsa_secret_mapping.Günther Deschner1-0/+7
Guenther
2009-10-28s3-lsa: use correct function name in_lsa_RemoveAccountRights().Günther Deschner1-1/+1
Guenther
2009-10-28s3-lsa: pure cosmetic indentation fixes.Günther Deschner1-18/+16
Guenther
2009-10-28s3-lsa: use enum lsa_LookupNamesLevel in lsa_lookup_level_to_flags().Günther Deschner1-7/+8
Guenther
2009-10-21s3-lsa: Fix _lsa_EnumTrustDom() and avoid infite windows client loop.Günther Deschner1-0/+9
Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther
2009-10-21s3-lsa: make s3 pass against RPC-LSA-LOOKUPNAMES again.Günther Deschner1-6/+7
Do what W2k8 does and return the builtin domain for a NULL name. Guenther
2009-10-20s3-lsa: Fix _lsa_EnumTrustDom().Günther Deschner1-41/+25
Windows clients were showing a lot of duplicates in their list of trusted domains. Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther
2009-10-20s3-lsa: Fix _lsa_CreateAccount() for usage of SEC_FLAG_MAXIMUM_ALLOWED.Günther Deschner1-0/+5
Found by RPC-LSA-PRIVILEGES torture test. Guenther
2009-10-20s3-lsa: When looking up domains in LookupNames, do not strip the sid.Günther Deschner1-1/+5
Found by RPC-LSA-LOOKUPNAMES torture test. Guenther
2009-10-20s3-lsa: allow to have NULL strings in lsa LookupName queries.Günther Deschner1-1/+4
Found by RPC-LSA-LOOKUPNAMES torture test. Guenther
2009-09-11lsa: fill in more unknowns in lsa_LookupSid calls.Günther Deschner1-2/+2
Guenther
2009-07-25Fix a 32/64bit stack corruption bugVolker Lendecke1-1/+1
2009-07-17s3-lsa: let _lsa_Delete return NT_STATUS_NOT_SUPPORTED as w2k3 does.Günther Deschner1-6/+10
Guenther
2009-07-17s3-lsa: Fix access_mask calculation for new handle in _lsa_CreateAccount().Günther Deschner1-6/+24
Guenther
2009-07-17s3-lsa: add (not yet activate) level specific access checks for ↵Günther Deschner1-0/+42
_lsa_QueryInfoPolicy. Guenther
2009-07-17s3-lsa: also implement level 13 in lsa_QueryInfoPolicy.Günther Deschner1-19/+24
Guenther
2009-07-17s3-lsa: Fix policy handle memleak and handle type check in _lsa_DeleteObject().Günther Deschner1-4/+14
Guenther
2009-07-17s3-lsa: Fix pointless check for sec_info flags in _lsa_QuerySecurity().Günther Deschner1-13/+3
Guenther
2009-07-17s3-lsa: implement _lsa_LookupPrivName().Günther Deschner1-6/+45
Guenther
2009-07-17s3-lsa: implement _lsa_EnumAccountsWithUserRight().Günther Deschner1-6/+57
Guenther
2009-07-13s3-rpc_server: pass down full unix token to map_max_allowed_access().Günther Deschner1-2/+6
Also use unix_token->uid instead of geteuid() when checking for mapping of the SEC_FLAG_MAXIMUM_ALLOWED flag. Guenther
2009-07-04Handle LSA_POLICY_INFO_DNSVolker Lendecke1-0/+26
2009-07-04Implement QueryInfoPolicy2 similar to s4: Make it the same as QueryInfoPolicyVolker Lendecke1-3/+15
Don't reply to it for non-pdb-ads to keep up our old behaviour
2009-06-28_lsa_QueryInfoPolicy: Use symbolic info level namesVolker Lendecke1-4/+4
2009-06-23s3-lsa: Fix error path in _lsa_EnumAccountRights.Günther Deschner1-2/+11
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND again as described in MS-LSAD 3.1.4.5.10 and tested with the RPC-SAMR-USER-PRIVILEGES test. Guenther
2009-06-16_lsa_EnumAccountRights and _lsa_EnumPrivsAccount can return anJeremy Allison1-19/+17
empty set of privilages if the SID doesn't have any. (From [MS-LSAD.pdf]) Jeremy.
2009-06-08s3-lsa: remove old code that we cannot even compile anymore.Günther Deschner1-111/+0
Guenther
2009-05-20Add a security model to LSA. Similar to the SAMR code - usingJeremy Allison1-88/+227
the MS-LSA docs. Jeremy.
2009-05-18Change access_check_samr_object -> access_check_object.Jeremy Allison1-15/+9
Make map_max_allowed_access global. Change lsa_get_generic_sd to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just LSA_POLICY_EXECUTE. Jeremy.
2009-05-19s3-lsa: let _lsa_OpenPolicy() just call _lsa_OpenPolicy2().Günther Deschner1-37/+6
Guenther