Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-05-15 | Ensure users with SeAddUser privs get full access to | Jeremy Allison | 1 | -3/+3 | |
groups/aliases when opening. Jeremy. | |||||
2009-05-15 | Add extra abilities for a user with SeAddUsers, so they | Jeremy Allison | 1 | -2/+15 | |
can manipulate groups and aliases. Jeremy. | |||||
2009-05-15 | DeleteUser doesn't need the priv checks, this is done at OpenUser time. | Jeremy Allison | 1 | -20/+0 | |
Jeremy. | |||||
2009-05-15 | s3-samr: Fix samr access checks in _samr_RemoveMemberFromForeignDomain(). | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-05-15 | s3-samr: Fix samr access checks in _samr_SetUserInfo(). | Günther Deschner | 1 | -14/+109 | |
Guenther | |||||
2009-05-15 | s3-samr: Fix samr access checks in _samr_QueryUserInfo(). | Günther Deschner | 1 | -3/+71 | |
Guenther | |||||
2009-05-15 | s3-samr: in _samr_QueryUserInfo() make sure to not return any info in error ↵ | Günther Deschner | 1 | -1/+6 | |
case. Guenther | |||||
2009-05-15 | s3-samr: Fix samr access checks in _samr_SetDomainInfo(). | Günther Deschner | 1 | -7/+22 | |
Guenther | |||||
2009-05-15 | s3-samr: Fix samr access checks in _samr_QueryDomainInfo(). | Günther Deschner | 1 | -1/+31 | |
Guenther | |||||
2009-05-15 | s3-samr: use normal integer in r->in.level switch statements. | Günther Deschner | 1 | -29/+29 | |
Guenther | |||||
2009-05-14 | Fix the core of the SAMR access functions. This passes make test, but | Jeremy Allison | 1 | -197/+156 | |
usrmgr fails against it. The core of this patch is to move all the access mask setup into the _samr_OpenXXX functions, and then have each specific function check the attached access_mask against the required bits. We can then go through the MS-SAMR doc and match things up. Signed off by Guenther, and writespace cleanup removal by Volker. Jeremy. | |||||
2009-05-11 | Fix a bunch of compiler warnings about wrong format types. | Jeremy Allison | 1 | -2/+2 | |
Should make Solaris 10 builds look cleaner. Jeremy. | |||||
2009-05-12 | s3-samr: implement _samr_RidToSid(). | Günther Deschner | 1 | -10/+30 | |
Guenther | |||||
2009-05-12 | s3-samr: Let _samr_TestPrivateFunctionsDomain() return ↵ | Günther Deschner | 1 | -1/+0 | |
NT_STATUS_NOT_SUPPORTED to make RPC-SAMR happy. Guenther | |||||
2009-05-11 | s3-samr: Fix Bug #5859, renaming of samr objects failed due to samr ↵ | Günther Deschner | 1 | -0/+3 | |
setuserinfo access checks. Torture test to follow... Guenther | |||||
2009-05-09 | s3-samr: Fix SetUserInfo level 7 when there has been no name change. | Günther Deschner | 1 | -0/+6 | |
Found by torture test. Guenther | |||||
2009-05-08 | s3-samr: more accurateness in _samr_SetDomainInfo(). | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2009-05-08 | s3-samr: implement more info levels in _samr_QueryDomainInfo(). | Günther Deschner | 1 | -0/+82 | |
Gets us closer to pass RPC-SAMR. Guenther | |||||
2009-05-08 | s3-samr: Fix potential memory leak in _samr_ChangePasswordUser(). | Günther Deschner | 1 | -1/+2 | |
Guenther | |||||
2009-05-08 | s3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass. | Günther Deschner | 1 | -0/+4 | |
Guenther | |||||
2009-05-08 | s3-samr: Do not leak information whether a user exist or not in pwd change ↵ | Günther Deschner | 1 | -0/+11 | |
calls. Found by torture test. Guenther | |||||
2009-05-08 | s3-samr: implement _samr_ChangePasswordUser(). | Günther Deschner | 1 | -10/+106 | |
This is vastly copied from samba4 samr server. Guenther | |||||
2009-05-08 | s3-samr: implement _samr_OemChangePasswordUser2(). | Günther Deschner | 1 | -10/+48 | |
Guenther | |||||
2009-05-08 | s3-samr: Let _samr_TestPrivateFunctionsUser() return not supported. | Günther Deschner | 1 | -1/+0 | |
This is to get us closer to pass RPC-SAMR-USERS. Guenther | |||||
2009-05-08 | s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain. | Günther Deschner | 1 | -0/+5 | |
Found by torture test. Guenther | |||||
2009-05-08 | s3-samr: let set_user_info_16 and 20 follow the same pattern as all other ↵ | Günther Deschner | 1 | -29/+17 | |
levels. Guenther | |||||
2009-05-08 | s3-samr: support some more info levels in samr_SetUserInfo calls. | Günther Deschner | 1 | -0/+230 | |
Guenther | |||||
2009-05-08 | s3-samr: support some more info levels in samr_QueryUser calls. | Günther Deschner | 1 | -0/+266 | |
Guenther | |||||
2009-05-07 | s3-samr: Fix _samr_Connect5(). In error case it still needs to return empty ↵ | Günther Deschner | 1 | -1/+2 | |
info1. Guenther | |||||
2009-04-21 | Remove "struct samr_info" | Volker Lendecke | 1 | -108/+0 | |
2009-04-21 | Fix _samr_QuerySecurity | Volker Lendecke | 1 | -43/+82 | |
2009-04-21 | Fix samr_SetSecurity | Volker Lendecke | 1 | -15/+15 | |
2009-04-21 | Convert the alias handles to type-safe policy handles | Volker Lendecke | 1 | -106/+65 | |
2009-04-21 | Convert the group handles to type-safe policy handles | Volker Lendecke | 1 | -104/+70 | |
2009-04-21 | Convert the user handles to type-safe policy handles | Volker Lendecke | 1 | -92/+60 | |
2009-04-20 | Merge commit 'origin/master' into libcli-auth-merge-without-netlogond | Andrew Bartlett | 1 | -360/+265 | |
2009-04-20 | Convert the domain handles to type-safe policy handles | Volker Lendecke | 1 | -283/+197 | |
2009-04-19 | Make force_flush_samr_cache use a dom_sid to find what to flush | Volker Lendecke | 1 | -16/+18 | |
2009-04-19 | Remove flag "builtin_domain" from disp_info | Volker Lendecke | 1 | -9/+5 | |
2009-04-19 | Remove flag "builtin_domain" from samr_info | Volker Lendecke | 1 | -6/+3 | |
2009-04-19 | Make get_samr_info_by_sid use recent coding conventions | Volker Lendecke | 1 | -9/+5 | |
2009-04-19 | Add "uint32_t access_granted" to policy handles | Volker Lendecke | 1 | -36/+27 | |
All policy handles have a mask of allowed operations attached that were calculated at creation time, so they should carry this mask. This is the basis for consolidating all our policy handle access checks. If you want to do your own more complicated access checks further down, just pass "0" to policy_handle_find. | |||||
2009-04-18 | Convert the samr connect_handles to type-safe calls | Volker Lendecke | 1 | -23/+37 | |
2009-04-17 | s3-samr: set the builtin_domain bool flag in get_samr_dispinfo_by_sid(). | Günther Deschner | 1 | -0/+2 | |
Volker, please check. Found by torture test RPC-SAMR-PASSWORDS-PWDLASTSET (which we pass with this fix). Guenther | |||||
2009-04-15 | Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+ | Jeremy Allison | 1 | -10/+3 | |
What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy. | |||||
2009-04-14 | Rework Samba3 to use new libcli/auth code (partial) | Andrew Bartlett | 1 | -9/+10 | |
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett | |||||
2009-04-06 | s3-samr: add support for _samr_Connect3() while planning to pass a s4 ↵ | Günther Deschner | 1 | -10/+19 | |
smbtorture test. Guenther | |||||
2009-04-03 | s3-samr: add support for setting password hashes via samr_SetUserInfo level 21. | Günther Deschner | 1 | -4/+53 | |
Guenther | |||||
2009-03-20 | s3-samr: try to to fix password_expired flag handling. | Günther Deschner | 1 | -49/+71 | |
Guenther | |||||
2009-03-18 | s3: remove POLICY_HND. | Günther Deschner | 1 | -15/+8 | |
Guenther |