summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r475: Don't add ss padding length to the sent length as this is comparedJeremy Allison1-1/+1
with the actual data to return. Jeremy. (This used to be commit 7f837db6e47af39b4a33e10e745823b19edb3715)
2007-10-10r473: Fix for Microsoft hotfix MS04-011 password change breakage.Jeremy Allison1-26/+52
Jeremy. (This used to be commit 038cae8a377b75d70a099f03cb1b8ae9b50e7613)
2007-10-10r238: Fix memleakVolker Lendecke1-0/+3
(This used to be commit fe7daa3b8a080a9e39ff055177b54f476fce2c32)
2007-10-10r229: Don't list domain groups from BUILTIN.Volker Lendecke1-0/+7
Volker (This used to be commit b4429d97439e511d40901f809e3923945cb52221)
2007-10-10r196: merging struct uuid from trunkGerald Carter6-13/+69
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
2007-10-10r145: pdb_create_alias now returns NTSTATUS. More of this to follow.Volker Lendecke1-2/+5
Volker (This used to be commit 6e18bed17093e0b1792f68817096e64e0e841f26)
2007-10-10r116: volker's patch for local group and group nestingGerald Carter2-271/+185
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
2007-10-10r115: finally checking in tridge's winbindd_schannel patch for connectionsGerald Carter1-2/+2
(This used to be commit 1fae60ab20c5cbe396dc8af1c8c9a98d5683fdf4)
2007-10-10r91: Fix lsalookupnames. Previously we'd fail if we didn't find the name, butJim McDonough1-0/+6
we never checked if it was a domain user and didn't find a local one. (This used to be commit 68022f5ebc55d1f3403dee5198d364cff300baf5)
2007-10-10r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session ↵Andrew Bartlett1-7/+7
key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it. (This used to be commit 724e8d3f33719543146280062435c69a835c491e)
2007-10-10r39: * importing .cvsignore filesGerald Carter1-0/+0
* updateing WHATSNEW with vl's change (This used to be commit a7e2730ec4389e0c249886a8bfe1ee14c5abac41)
2004-04-02Added per-share parameter "store dos attributes". When set, will storeJeremy Allison1-4/+4
dos attributes in an EA. Based on an original patch from tridge, but modified somewhat to cover all cases. Jeremy. (This used to be commit ed653cd468213e0be901bc654aa3748ce5837947)
2004-04-01BUG 1023: surround get_group_from_gid() with become_unbecome_root() blockGerald Carter1-1/+5
(This used to be commit 1aeeb432c75eeb67e9e1323932b37d34da416d37)
2004-03-18Fix sambaUserWorkstations for network samlogons against us as DC. StripVolker Lendecke1-1/+9
the \\ off the workstation. Volker (This used to be commit d01cb00aad76f8be9767fdcfd92c88ea5d8c4f14)
2004-03-16merging print change notify fix from HP appliance. Also might address some ↵Gerald Carter1-78/+0
one the issues in BUG 1007 (This used to be commit 17ecea4152fb0883acde675b01f19d3e19ff1d64)
2004-03-10Formatting reformat before I start to change anything here.Jeremy Allison1-273/+258
Jeremy. (This used to be commit 80fde09fc4a5d7e72611fd587777151adc5c890d)
2004-03-04There's a specific error message NT_STATUS_ALIAS_EXISTS.Volker Lendecke1-1/+1
(This used to be commit f0d99f318c67852ac5bf9b606faa115ad36a5f80)
2004-03-03more usrmgr fixes: display lockout timers in minutes, not seconds, for samr 2eJim McDonough1-2/+2
(This used to be commit 832674c099a3ff9bb747dba6235e47d40a930abd)
2004-03-03quick for for usrmgr. unknown_6 is really max dimension of logon hours ↵Jim McDonough1-30/+12
array. need to update passdb for this. (This used to be commit fbf909926b7d7b1e92ebeba44469392296c35c1a)
2004-03-02Merge fields_present function from HEAD. Now, a field will not be updatedJim McDonough1-116/+158
on setuserinfo levels which include this field, unless the corresponding bit (defined in passdb.h) is turned on. Without this, newer versions of usrmgr break us pretty bad. (This used to be commit 840340bd96d3c6693b451bc61e155b7b426271e4)
2004-02-29net_rpc.c: Don't complain if [add|del]mem was successful.Volker Lendecke1-1/+1
srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
2004-02-25Do the query part of the previous fix...reset time and duration are set in ↵Jim McDonough1-2/+2
minutes, not seconds. Works from usrmgr. (This used to be commit 98833a82facb0bc25d9ba6f4d4c1200627e98d6d)
2004-02-25reset time and duration are set in minutes, not seconds. Works from usrmgr.Jim McDonough1-2/+2
(This used to be commit 700049d9efefc7f8952cc60bc46ba8aa790a28ba)
2004-02-19Fixup correct (as per W2K3) returns for lookupsids as well as lookupnames.Jeremy Allison1-6/+7
Inspired by Volkers patch. Jeremy. (This used to be commit a47127e90e7d0928b772ba45bd843eeeacc9ef8a)
2004-02-17Fix based on Volker's code to correctly return code from lsa_lookup_sidsJeremy Allison1-17/+19
on unmapped sids. Jeremy. (This used to be commit 37a52c31682fcf115eefc31381c02a3ec29c1f8d)
2004-02-17Be able to set alias info for builtin as well.Volker Lendecke1-1/+2
Volker (This used to be commit 7a947ecdf56f2dd02811262372708f8a74bfedad)
2004-02-17In samr_lookup_names Windows does not return WKN_GRP(5) but ALIAS(4) whenVolker Lendecke1-1/+6
you search in BUILTIN. Match that. Volker (This used to be commit 2863b21d8a5933c309c51edb09fbda4e669e4890)
2004-02-16Cosmetic fix: Use sid_is_in_our_domain instead of doing it per hand.Volker Lendecke1-7/+3
Volker (This used to be commit 04639e8862c360e89faac8b80c63197d514b7455)
2004-02-12More sync between passdb on 3.0 and HEAD.Jim McDonough1-6/+6
Replace unknown_3 with fields_present. Also causes rpc_samr structure field changes. (This used to be commit 1976843345efb6ca4f9cebd964a61acd8ae11d41)
2004-02-02remerge andrew's cracklib patch from HEAD and fix a compile warningsGerald Carter1-3/+14
(This used to be commit b60f6ec30d05e4e5bba9934a416ddc8bc089824f)
2004-01-30Fix up name canonicalization (needed for krb5 keytab support later).Jeremy Allison3-4/+4
Remove source_env handler (no longer used in any codepath). Jeremy. (This used to be commit 3a3e33603084048e647af86a9badaaf49433c789)
2004-01-26This adds client-side support for the unicode/SAMR password change scheme.Andrew Bartlett1-2/+2
As well as avoiding DOS charset issues, this scheme returns useful error codes, that we can map back via the pam interface. This patch also cleans up the interfaces used for password buffers, to avoid duplication of code. Andrew Bartlett (This used to be commit 2a2b1f0c872d154fbcce71a250e23dfad085ba1e)
2004-01-15Bug 381: check builtin (not local) group SID. Patch from Jianliang Lu ↵Gerald Carter1-1/+1
<j.lu@tiesse.com> (This used to be commit 2fd2c07df42df42103e81f5eb39bd1778de6ca0a)
2004-01-14revert the cracklib changes until post 3.0.2Gerald Carter1-14/+3
(This used to be commit 6202e0fa727a4307f51bf42f5ced401a7c7b8214)
2004-01-12First stab at cracklib support (password quality checking) in Samba 3.0Andrew Bartlett1-3/+14
This adds a configure test, that tries to find out if we have a working cracklib installation, and tries to pick up the debian hints on where the dictionary might be found. Default is per my Fedora Core 1 system - I'm not sure how much it changes. Andrew Bartlett (This used to be commit bc770edb788f0b6f719011cda683f045b76b7ba5)
2004-01-09fix some warnings from the Sun compilerGerald Carter1-1/+1
(This used to be commit ebabf72a78f0165521268b73e0fcabe1ea7834fd)
2004-01-02Match Win2k, and return NT_STATUS_INVALID_PARAMETERAndrew Bartlett1-2/+2
if this parameter is not an account type Andrew Bartlett (This used to be commit faddf5d8f9821176f4367caaf61844980df9f79c)
2004-01-02JHT came up with a nasty (broken) torture case in preparing examples forAndrew Bartlett1-99/+50
his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name->sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
2003-12-16make sure we delete the group mapping before calling the delete group ↵Gerald Carter1-2/+4
script; patch from Jianliang Lu <j.lu@tiesse.com> (This used to be commit 19a8dd523a4ee50ba9066efd60a29cf3ba9ae419)
2003-12-10Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail ↵Gerald Carter1-1/+1
on local files on on domain members; bug 875 (This used to be commit c6594e35573186966a4d57404f1c06b98670db06)
2003-12-10more group lookup access fixes on the neverending bug 281Gerald Carter2-11/+10
(This used to be commit 9359a6ea80d1228e87ea825a100a2d289c37162d)
2003-12-04fix process_incoming_data() to return the number of bytes handled this call ↵Gerald Carter1-1/+3
whether we have a complete pdu or not; fixes bug with multiple pdu request rpc's broken over SMBwriteX calls each (This used to be commit ff06f3ca8e597d093b8a76b5cfabfa6009f4b591)
2003-12-04* fix RemoveSidForeignDomain() ; bug 252Gerald Carter3-57/+92
* don't fall back to unmapped UNIX group for get_local_group_from_sid() * remove an extra become/unbecome_root() pair from group enumeration (This used to be commit da12bbdb0dd9179b1ed457fa009679e2da4a8440)
2003-12-02Match Win2k and return 'invalid parameter' for creating of a new account withAndrew Bartlett1-0/+6
account flags of 0. Andrew Bartlett (This used to be commit 601120f335b69e5b8a003038dfac00f3f234a5c1)
2003-11-25Patch for #263 from jpjanosi@us.ibm.com.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 0f2a50316d8245ea9c441f0ea08e1a0fd9a92583)
2003-11-24more access fixes for group enumeration in LDAP; bug 281Gerald Carter3-8/+24
(This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85)
2003-11-23Add server-side support for variable-length session keys (as used byAndrew Bartlett1-9/+6
DES based krb5 logins). Andrew Bartlett (This used to be commit 240b0d178e1b4a3556207bdf2e342c70155f64ee)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett4-13/+42
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-11-19Correct fix for checking of '$' name termination.Jeremy Allison1-3/+2
Jeremy. (This used to be commit ec2339645283c9e489659a8892c317bb9f7610f0)
2003-11-17* make sure we only enumerate group mapping entriesGerald Carter1-135/+44
(not /etc/group) even when doing local aliases * remove "hide local users" parameter; we have this behavior built into 3.0 (This used to be commit a7685a069766ac720f0b26fe01b0e17fc388fca3)