summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2002-06-24compile fixGerald Carter1-0/+1
(This used to be commit b07d6d4cebecd77314b123d83c7c2265eb62e1c1)
2002-06-24printing merge from SAMBA_2_2. Ther server code looks to be in sync now.Gerald Carter1-42/+95
Mostly formatting and s/free/SAFE_FREE/g changes with the two exceptions being * John driver init changes * Tim's printer enumeration bug fix (This used to be commit f7536762863811f96364e8acd3716bdb7d665bbf)
2002-06-18more debug classess activatedSimo Sorce20-0/+60
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-06-15Rework much of the service.c code:Andrew Bartlett1-3/+2
The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
2002-06-15Update the netlogon code to better cope with trusted domains, where thingsAndrew Bartlett1-10/+29
like the domain name and SID come from the remote domain, not the local one. These are filled out by the code from the previous commit (auth_util.c, the make_server_info_info3() fn) and read back here. Andrew Bartlett (This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca)
2002-06-14Add const, kill of useless casts and therefore eliminate warnings.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 29490f214750acd44cee6c4ab1354722d82d853a)
2002-06-13Latest patch from metze <metze@metzemix.de> to move most of samba acrossAndrew Bartlett1-12/+3
to using SIDs instead of RIDs. The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument. The idea here is to prevent mistakes where the SID is implict, but isn't the same one that we have in the struct. Andrew Bartlett (This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
2002-06-11merge from 2.2Gerald Carter1-0/+1
(This used to be commit 30a0e72572b25ddd99438b92b8ddf7f06e9ad819)
2002-06-09This (hopefully) fixes a bug reported by Kai Krueger <kai@kruegernetz.de>Andrew Bartlett2-17/+10
involving the use of lp_winbind_gid() without checking if they have been set. Also revert the 'clashing user' check back to a Get_Pwnam() - I probably should never have changed it. Andrew Bartlett (This used to be commit 1d6ba405589cee4e1582bc91cf659b89564899d4)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett3-30/+29
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-06-06Fix compile error - doh!Tim Potter1-4/+0
(This used to be commit e80e6637064a39635faba5311f774a90b1d5ab43)
2002-06-06Moved some notify related constants into srv_spoolss_nt.c sinceTim Potter1-0/+8
they're only used there. Added a PRINTER_NOTIFY_VERSION constant. (This used to be commit 9d3933a59219388c209d8be4ae6decfa337d229f)
2002-06-06Fixed out of date comment for _spoolss_rffpcnex()Tim Potter1-4/+2
(This used to be commit 7d9b8c58a63cf20d00dd7cf88cfb82aed3a47d12)
2002-06-04Update the SAMR pipe for more use of NTSTATUS and to talloc the stored list ofAndrew Bartlett1-96/+141
users/groups for better memory accounting. Andrew Bartlett (This used to be commit fe7c5efe91ab77784af9dbb56716170f4c6fd057)
2002-06-03Fix netsessenum RPC. Correctly respond with as much info as we can.Jim McDonough1-5/+12
(This used to be commit c8781a3fdaa4d8cb81233582f29159ace7e436ac)
2002-06-03Restrict anonymous checks for the SAMR pipe. This is done byTim Potter1-0/+27
returning access denied for a SAMR_CONNECT by an anonymous user which seems to be the way 2K does it rather than blocking individual RPC calls like NT. Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason doesn't require a policy handle to return information. No idea what it's actually used. (This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
2002-06-03Move restrict anonymous checks into a general function calledTim Potter2-18/+49
pipe_access_check(). Eventually this can take a security descriptor as an argument as well. (This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818)
2002-05-31Update netfileenum on both client and server sides to do an arbitrary numberJim McDonough1-61/+27
of files. This was done to better enable net rpc file. Perhaps we can start giving back real info this way, too. (This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
2002-05-31Return access denied for net_share_enum when restrict anonymous > 0Tim Potter1-0/+17
(This used to be commit 5df1aa9f20ae2036848b7e46703bfd3a923d7b4f)
2002-05-29Cleaned up srvsvc constants a bit.Tim Potter1-17/+17
(This used to be commit ca61f68d5ca8791bea34732bd358cfb63273fc5c)
2002-05-26change: pdb_getsampwrid() ->pdb_getsampwsid()Simo Sorce2-79/+64
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions. srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one. (This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
2002-05-25Clean up a few unused functions, add a bit of static etc.Andrew Bartlett1-0/+18
Importantly: The removal of the silly 'delete user script' behaviour when secuity=domain. I have left the name the same - as it still does the (previously documented, but not in smb.conf(5)) sane behaviour of deleting users on request. When we decide what to do with the 'add user' functionality, we might rename it. Andrew Bartlett (This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
2002-05-24merge from SAMBA_2_2Gerald Carter1-1/+3
(This used to be commit f0226a1d836b69d179a1a2eda79fa26911b78096)
2002-05-24merge from SAMBA_2_2.Gerald Carter1-3/+5
Tim, please check the prs_align() removed from sec_io_desc() and make sure it doesn't break anything else. I know it is right for the printing needs and I have tested some other general things like viewing acls on directories, but I would feel more comfortable if you would have a look as well. jerry (This used to be commit 83f109c940f30d9b35176540d8bdccbb22ffa3a1)
2002-05-22Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid.Andrew Bartlett1-2/+8
These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett (This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f)
2002-05-19Patch to only set SV_TYPE_PRINTQ_SERVER in default_server_announce if aTim Potter1-0/+3
print share is exported. Needs some more testing. (This used to be commit 92b36482fd6aa5103c30dad40fe799c07dd2d8d7)
2002-05-18Passdb:Andrew Bartlett1-4/+4
Kill off the silly code that attempts to do NT -> Unix username mapping. This is done well before here, no need to repeat it. Add some small fixes and extra debugs, trying to track down current build farm failures. pdb_unix: When 'updating' a pdb_unix account, instead add it to the default passdb. This means that you don't need to specify '-a' to smbpasswd any more when messing with an existing unix user, the account is simply 'upgraded'. The idea here is that these accounts are just as 'real' as any other, they just don't have the extra attributes an smbpasswd file does. I'm open for debate on the pdb_unix issue, and will remove it if given good reason. (without this, an attempt to add an account already in pdb_unix to smbpasswd would fail, as it would fail to update pdb_unix). rpc_server/srv_netlog_nt.c Change a couple of things around, so as to show the client workstation etc. WRONG_PASSWORD is certainly not the right default error. Try ACCESS_DENIED for now. Andrew Bartlett (This used to be commit d78b74b338df9accd9ad84c56a49fa4f787425e2)
2002-05-18A few things in this commit:Andrew Bartlett1-2/+2
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
2002-05-17A few more trusted domains updates from mimir.Andrew Bartlett1-6/+16
I think we may still need to look at our server enumeration code, but other than that, its much better in the tree than out. Andrew Bartlett (This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
2002-05-10Fix the bug that refused to allow IPC$ connection to be idled if a pipeJeremy Allison1-0/+17
was open - we now only refuse to allow IPC$ connection to be idled if a handle is open on a pipe. Jeremy. (This used to be commit fc043110bc42d56c8686b9b64c46af7be2fd236e)
2002-05-09Merged in printing fixes... There were many missing !Jeremy Allison1-1/+111
Jeremy (This used to be commit 32fa089adead6ff3279172fd36560f4f9e2aeef0)
2002-05-09Sync'ing SAMBA_2_2 with HEAD.Shirish Kalele1-13/+17
(This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6)
2002-04-23Fix my stupid compile bug in num_files_open.Jeremy Allison1-5/+6
Jeremy. (This used to be commit 7c02db7c4f0d04b7c45a9c580f3e85f52fa505d5)
2002-04-23Fix for a bug Jerry found with printing where a smbd connection mayJeremy Allison1-1/+6
be idled even with an open pipe. Jeremy. (This used to be commit 3a93c5daeca3edd4f319199c8a6068d25cb6750e)
2002-04-22merge from SAMBA_2_2Gerald Carter2-11/+1
(This used to be commit 5e381abbbfaa15f3ebd89cba3cd9bb6de8e4ff4e)
2002-04-18Fix found by Li Shao @ HP - XP clients don't bother to set the devmode_ptrJeremy Allison1-1/+1
in the SetPrinter() call - they send it in the devmode_ctr instead. Jeremy. (This used to be commit f988a1af034b4cea2412171a257a752192afaece)
2002-04-15Merge of print server permission handling fixes from HEAD.Tim Potter1-12/+37
Unit tests rock! (This used to be commit bc673c42045ceb46d9569bc4d88f9c64897fc85a)
2002-04-14Partly based on the work by mimir (Rafal SzczesniakAndrew Bartlett2-6/+16
<mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly enumerate its trusted domains - by exaimining the keys in the secrets.tdb file. This patch has been tested with both NT4 and rpcclient/wbinfo, and adds some extra functionality to talloc and rpc_parse to allow it to deal with already unicode strings. Finally, this cleans up some const warnings that were in net_rpc.c by pushing another dash of const into the rpc client code. Andrew Bartlett (This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296)
2002-04-11Much better support for both non-algorithic RIDs (where the RID is stored inAndrew Bartlett1-15/+0
the passdb) and RIDs not in the passdb, due to being NIS users etc. The main fix here is to add become_root()/unbecome_root() at critical places. This (finally) fixes the bug where you could not see local users's names in a file's security properties as non-root. Tested. The similar bug in uid_to_sid is also fixed, but is not (yet) Tested. Andrew Bartlett (This used to be commit 79327a305e20d78ab5ca21d01c39b5f49dc0d632)
2002-04-11Correctly emulate NT in printer handle opening access rights.Jeremy Allison1-1/+6
Jeremy. (This used to be commit 42ae2334f21402c347aee560f08fd8e730481169)
2002-04-11s/werror_str/dos_errstr/g to fix compileGerald Carter1-3/+3
(This used to be commit d7c9b00253499da047f30f71660dede3676d40ad)
2002-04-11merge from 2.2Gerald Carter1-1/+0
(This used to be commit 7db47c6647d764739e395948699cf115c4da4c8d)
2002-04-11WERROR merge from SAMBA_2_2Gerald Carter1-16/+22
(This used to be commit 32dc5dbbfb16cb9fd6f953dbb8148f5228b453a4)
2002-04-10Added Shirish's client side caching policy change.Jeremy Allison1-0/+52
Jeremy. (This used to be commit 16015c07eab2e57fa3771051e3e08fde21757cfa)
2002-04-09Fixed typo in debug statement.Tim Potter1-1/+1
(This used to be commit 49e429a97ff2b6b1889937c998f67d73d35829e1)
2002-04-09Fixed some compiler warnings.Tim Potter1-5/+5
(This used to be commit be6f955107429f1431c49c8b45fd623406a9d641)
2002-04-09Add a become_root()/unbecome_root() pair to allow acces to the passdb forAndrew Bartlett1-0/+4
SID lookup. This fixes a bug where SIDs (rather than names) are displayed in windows ACL lists (This used to be commit e60c509813a9113cd76135b6ded3018ff04d49f2)
2002-04-05Fix Gerry bug - MajorVersion should be 2 not 3.Jeremy Allison1-1/+1
Jeremy. (This used to be commit b8b88e863e3964231a85b4643a197d6d4d6b8f99)
2002-03-31Removed unused variable.Tim Potter1-1/+0
(This used to be commit 3e58e9dbabc4e4a1289ff6a43ddbb5de37b02515)
2002-03-30Hack to share pipe handles between lsa and samr pipes as NT4.x usrmgrJeremy Allison1-1/+12
insists on re-using an lsa handle opened on a pipe then closed - this keeps them around so long as a samr pipe is also open. Jeremy. (This used to be commit f029bd348c8c16a8774c3fb4f7f1d76470c7688f)