Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
Guenther
|
|
It is not allowed to *set* this flag remotely if it has been not set already.
Found by torture test.
Guenther
|
|
levels.
Guenther
|
|
Guenther
|
|
Guenther
|
|
is set to 0. If the account wasn't expired but autolocked,
using "net user /dom <username> /active:y" would clear this,
incorrectly setting the current time as the new "password last set"
time.
(This used to be commit 0f292d70f698b8ae885005b5704a96476e876571)
|
|
(dialin settings, terminal server settings, etc.)
Guenther
(This used to be commit c4f248df8e34c6a028bf8d789fe9763b0ea063fe)
|
|
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
|
|
Guenther
(This used to be commit cd5bf3449adee7537ae6ca4e3b398e99d34555fd)
|
|
Guenther
(This used to be commit ef7c74401c71a238944cb1a9bbd448a4693339bf)
|
|
Guenther
(This used to be commit ed89daec1d170128047f157d7a9314ae83a21733)
|
|
Guenther
(This used to be commit 16199c26948ee3b501c051ef530d1b167cbb6196)
|
|
copy_id21_to_sam_passwd.
Guenther
(This used to be commit 118e166c003a931884c662423e1e280a5be3eb48)
|
|
Guenther
(This used to be commit d148ffbc955aa62e42ab480e41d3a9b8c63117cd)
|
|
Guenther
(This used to be commit 0b630db298a863ca5e38c9ee7b0202a58c51c6d1)
|
|
(This used to be commit ab0ee6e9a6a9eee317228f0c2bde254ad9a59b85)
|
|
srv_spoolss_nt.c and srv_srvsvc_nt.c.
They're next :-).
Jeremy.
(This used to be commit 55b4f9d003b036af69085f7b64e0df08c5ba440d)
|
|
(This used to be commit 5f205ab48d8ac3b7af573ea0be1ce095ab835448)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
This was only affecting the newer versions of usrmgr.exe, because they
use a user_info_25 struct. The password is getting set separately
inside that code, so the password last set time was getting set from the
password change logic.
We also were not parsing a number of fields (like logon hours) from the
user_info_25. That should also be fixed.
(This used to be commit afabd68b6ae874aceba708dc36808ed007ad496c)
|
|
(This used to be commit 8f67efd582655e03fea746eee499f3cab6cbdb4d)
|
|
(This used to be commit 3840d3785f1d61885aa7c83675a3e19673eb4b2a)
|
|
(This used to be commit 6b17af0769ab0d04ec01cc83ed6e7fad822b00b1)
|
|
calculated based on the last change time, policies, and acb flags.
Next step will be to not bother storing them. Right now I'm just trying to
get them reported correctly.
(This used to be commit fd5761c9e52cbf8f1f7e45e71693598b27ecbf57)
|
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
enough of
SetUserInfo level 25 to survive the join method XP uses if the user did not
exist before. For good taste this contains way too much cut&paste, but for a
real fix there is just not enough time.
Up to 3.0.22 we completely ignored that a full level 21 is being sent together
with level 25, but we got away with that because on creation we did not set
the "disabled" flag on the workstation account. Now we correctly follow W2k3
in this regard, and we end up with a disabled workstation after join.
Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr
parsing, but this is would probably be a bit too much for .23...
Thanks to Tom Bork for finding this one.
Volker
(This used to be commit 5a37aba10551456042266443cc0a92f28f8c3d0d)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
allow admins to uncheck the "User must change Password at next Logon"
checkbox in Usermanager.
Guenther
(This used to be commit b1e4b72c1c36869c4dfc5ed284be24edc99f6774)
|
|
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
|
|
(This used to be commit ede9fd08cf0ce04528f73c74e2345ba46d26f1e2)
|
|
referencing unknown_6 from sam, because it's just fixed at 1260, the max
len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb.
(This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
|
|
(This used to be commit 7fa2caec5ec2de4c5e7359621745a65ca9df255c)
|
|
Guenther
(This used to be commit 0930ad662770278cbe9fd4e3deaa523957b96697)
|
|
reset password counts when account is reset.
Jeremy.
(This used to be commit 6fb64d8b368d1b24768c5817d5deac1e502e694a)
|
|
write of a
0 in base64_encode_data_blob. I don't know what the base64 encoding of a NULL
string is, so fix the problematic caller I found. The real fix should go into
base64_encode_data_blob.
Volker
(This used to be commit 55fd1e490efbe91c391c27101166284034cd32ef)
|
|
array. need to update passdb for this.
(This used to be commit fbf909926b7d7b1e92ebeba44469392296c35c1a)
|
|
on setuserinfo levels which include this field, unless the corresponding
bit (defined in passdb.h) is turned on. Without this, newer versions
of usrmgr break us pretty bad.
(This used to be commit 840340bd96d3c6693b451bc61e155b7b426271e4)
|
|
Replace unknown_3 with fields_present. Also causes rpc_samr structure field changes.
(This used to be commit 1976843345efb6ca4f9cebd964a61acd8ae11d41)
|
|
<adegremont@idealx.com>with memory leak fixes by me.
Jeremy.
(This used to be commit e591854eda8568ed1a4ad6b9de64e523c02b4392)
|
|
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
(This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
|
|
(This used to be commit f7cfdf20b7b3b7743c0c3af4ff62fdde00e45fdc)
|
|
static 'unix' string, so we don't need a second pdb specific version.
Andrew Bartlett
(This used to be commit 91ca4771c6b834747b06fff21822a14e929de2c1)
|
|
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
|
|
(This used to be commit e026b84815ad1a5fa981c24fff197fefa73b4928)
|
|
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem.
Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the
eventual hope that we might one day support muliple domains off a single
passdb. To extract the RID, we use sid_peek_check_rid(), and supply an
'expected' domain SID.
The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to
srv_samr_util.c, to ease linking in passdb users.
Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in
pdb_compat.c
Andrew Bartlett
(This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
|