summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2009-06-30s3-netlogon: remove unneeded fstrings from netlogon server.Günther Deschner1-22/+12
Guenther
2009-06-30s3-spoolss: Bug #6512. Fix support for enumerating user forms.Günther Deschner1-5/+5
Found while testing Xerox WorkCentre 133 PCL driver, now also tested with torture test. Guenther
2009-06-28_lsa_QueryInfoPolicy: Use symbolic info level namesVolker Lendecke1-4/+4
2009-06-25s3-netlogon: remove init_netr_SamInfo functions.Günther Deschner1-25/+25
Guenther
2009-06-25s3-netlogon: fix validation level 2 support in netr_SamLogon and friends.Günther Deschner2-47/+112
Guenther
2009-06-25s3-samr: refactor _samr_SetDomainInfo().Günther Deschner1-25/+72
Guenther
2009-06-25s3-samr: refactor _samr_QueryDomainInfo().Günther Deschner1-213/+322
Guenther
2009-06-24s3-spoolss: restructure _spoolss_EndDocPrinter().Günther Deschner1-30/+32
Guenther
2009-06-23s3-lsa: Fix error path in _lsa_EnumAccountRights.Günther Deschner1-2/+11
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND again as described in MS-LSAD 3.1.4.5.10 and tested with the RPC-SAMR-USER-PRIVILEGES test. Guenther
2009-06-23s3-eventlog: implement _eventlog_ReportEventW().Günther Deschner1-6/+77
Guenther
2009-06-18Add some const to the stat struct in the dosmode calls.Jeremy Allison1-15/+4
Fix a couple more unix_convert uses to filename_convert. Fix bug in acl_group_override() where an uninitialized struct could be used. Move unix_convert with wildcard use in SMBsearch reply to boilerplate code. Jeremy.
2009-06-18s3:netlogon Cope with recent rename in netlogon.idlAndrew Bartlett1-1/+1
2009-06-16Fix msdfs after the change to smb_filename struct. We must *always*Jeremy Allison1-2/+23
pull the pathname, then call resolve_dfspath(), before unix_convert(). Jeremy.
2009-06-16_lsa_EnumAccountRights and _lsa_EnumPrivsAccount can return anJeremy Allison1-19/+17
empty set of privilages if the SID doesn't have any. (From [MS-LSAD.pdf]) Jeremy.
2009-06-12s3: Plumb smb_filename through SMB_VFS_CREATE_FILETim Prouty1-25/+7
2009-06-10s3: Make all callers of SMB_VFS_CREATEFILE call unix_convert firstTim Prouty1-9/+47
This step is a requirement to change SMB_VFS_CREATEFILE to take an smb_filename struct.
2009-06-08s3-lsa: remove old code that we cannot even compile anymore.Günther Deschner1-111/+0
Guenther
2009-06-08s3-spoolss: add server-support for queries for the "all" architecture in ↵Günther Deschner1-7/+67
printdriver enum calls. Guenther
2009-06-08Pass a talloc_ctx to pdb_enum_aliasmemVolker Lendecke1-1/+2
2009-06-08s3-samr: fix enum_acb_mask type (uint32 instead of uint16).Günther Deschner1-1/+1
Guenther
2009-06-08s3-samr: support _samr_SetGroupInfo level 2.Günther Deschner1-2/+2
Guenther
2009-06-07s3-samr: SetGroupInfo level 1 should not return NT_STATUS_INVALID_INFO_CLASS.Günther Deschner1-3/+0
Found by RPC-SAMR torture test. Guenther
2009-06-07s3-samr: fix _QueryDisplayInformation r->out.returned_size.Günther Deschner1-1/+1
*r->out.returned_size needs to be 0 if nothing was enumerated. Found by RPC-SAMR torture test. Guenther
2009-06-07s3-samr: remove total_data_size variable in _samr_QueryDisplayInfo.Günther Deschner1-5/+2
Guenther
2009-06-07s3-samr: let _samr_SetGroupInfo level 3 just pass with success.Günther Deschner1-0/+2
Guenther
2009-06-07s3-samr: _samr_EnumDomain{Users,Groups} need to return an emtpy array even ↵Günther Deschner1-12/+12
for builtin domain. Found by RPC-SAMR torture test. Guenther
2009-06-07s3-samr: cosmetic fixes for _samr_QueryDisplayInfo.Günther Deschner1-20/+18
use the variables of the struct samr_QueryDisplayInfo directly to make it easier to track where variables are defined from. Guenther
2009-06-03s3:smbd: move more session specific globals to struct smbd_server_connectionStefan Metzmacher1-3/+7
metze
2009-05-29s3-netlogon: Fix _netr_LogonSamLogon{Ex} with validation level != 3.Günther Deschner1-6/+7
Guenther
2009-05-29s3-netlogon: return proper error code for unsupported validation class.Günther Deschner1-1/+1
Guenther
2009-05-29s3-rpc_server: increase max number of open policy handles per pipe to 2048.Günther Deschner1-1/+1
Guenther
2009-05-25s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.Günther Deschner1-0/+12
This is now also verified with the RPC-SAMR-LARGE-DC test. Guenther
2009-05-24Add "err_on_readability" to writev_sendVolker Lendecke1-1/+1
A socket where the other side has closed only becomes readable. To catch errors early when sitting in a pure writev, we need to also test for readability.
2009-05-20Add a security model to LSA. Similar to the SAMR code - usingJeremy Allison1-88/+227
the MS-LSA docs. Jeremy.
2009-05-18Change access_check_samr_object -> access_check_object.Jeremy Allison2-24/+18
Make map_max_allowed_access global. Change lsa_get_generic_sd to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just LSA_POLICY_EXECUTE. Jeremy.
2009-05-19s3-lsa: let _lsa_OpenPolicy() just call _lsa_OpenPolicy2().Günther Deschner1-37/+6
Guenther
2009-05-18Fix SAMR server for winbindd access. Ensure we allowJeremy Allison1-2/+2
MAX_ACCESS to be mapped to what we're giving Everyone. Jeremy.
2009-05-18s3-lsa: let _lsa_GetSystemAccessAccount() call into _lsa_EnumPrivsAccount().Günther Deschner1-3/+23
Inspired by lsa server from Samba 4. Just removing a user in SAMR does not remove a user in LSA. If you use usermanager from windows, the "User Rights" management gui gets unaccessable as soon as you delete a user that had privileges granted. With this fix, that no longer existing user would properly appear as an unknown account in the GUI (as it does while using usermanager with windows domains). This almost makes Samba3 pass the RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-18s3-lsa: start a very basic implementation of _lsa_DeleteObject().Günther Deschner1-1/+23
Certainly not the full story but this gets us closer to pass the RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-15Ensure users with SeAddUser privs get full access toJeremy Allison1-3/+3
groups/aliases when opening. Jeremy.
2009-05-15Add extra abilities for a user with SeAddUsers, so theyJeremy Allison1-2/+15
can manipulate groups and aliases. Jeremy.
2009-05-15DeleteUser doesn't need the priv checks, this is done at OpenUser time.Jeremy Allison1-20/+0
Jeremy.
2009-05-15s3-samr: Fix samr access checks in _samr_RemoveMemberFromForeignDomain().Günther Deschner1-1/+1
Guenther
2009-05-15s3-samr: Fix samr access checks in _samr_SetUserInfo().Günther Deschner1-14/+109
Guenther
2009-05-15s3-samr: Fix samr access checks in _samr_QueryUserInfo().Günther Deschner1-3/+71
Guenther
2009-05-15s3-samr: in _samr_QueryUserInfo() make sure to not return any info in error ↵Günther Deschner1-1/+6
case. Guenther
2009-05-15s3-samr: Fix samr access checks in _samr_SetDomainInfo().Günther Deschner1-7/+22
Guenther
2009-05-15s3-samr: Fix samr access checks in _samr_QueryDomainInfo().Günther Deschner1-1/+31
Guenther
2009-05-15s3-samr: use normal integer in r->in.level switch statements.Günther Deschner1-29/+29
Guenther
2009-05-14Fix the core of the SAMR access functions. This passes make test, butJeremy Allison1-197/+156
usrmgr fails against it. The core of this patch is to move all the access mask setup into the _samr_OpenXXX functions, and then have each specific function check the attached access_mask against the required bits. We can then go through the MS-SAMR doc and match things up. Signed off by Guenther, and writespace cleanup removal by Volker. Jeremy.