Age | Commit message (Collapse) | Author | Files | Lines |
|
workstation, we have to use the workstation type, if we have a BDC account,
we must use the BDC type - even if we are pretending to be a workstation
at the moment.
Also actually store and retreive the last change time, so we can do
periodic password changes again (for RPC at least).
And finally, a couple of minor fixes to 'net'.
Andrew Bartlett
(This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
|
|
(This used to be commit 117cc35dd0adc6fd5238a440e299d012bfd8e542)
|
|
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing platforms
different from NT4SP6.
Volker
(This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
|
|
support it.
(This used to be commit ac3df9a8051bd105e8e4192d36b3024fdf9f9506)
|
|
(This used to be commit 018733eedd7897e6811e8461c07e3acf418c0e09)
|
|
from APP_HEAD
(This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
|
|
J.F.
(This used to be commit 3cf419bdfbd3c56f31fb0794b206ab4bd2ac7120)
|
|
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch.
pass also the negociation flags all the way.
all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient.
in the future we will be able to call auth_2 or auth_3 as we want.
J.F.
(This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
|
|
(This used to be commit b8dba26978c281259e02b9d6ebacaa7cba4f7787)
|
|
(This used to be commit 6ec267618a7ba2c4a7170b78ccfe95120c5430c4)
|
|
- SAM_DELTA_RENAME{USER,GROUP,ALIAS}
- SAM_DELTA_DELETE{USER,GROUP}
Renamed some of the unknown delta types and their unmarshalling functions:
- SAM_DELTA_TRUST_DOMS
- SAM_DELTA_SECRET_INFO
(This used to be commit 1f29276c2ff450c4ca3705c27fb0be71ddcda4ad)
|
|
as they're no longer new!
(This used to be commit 277f6bbb9a63541a473a80a7994e9bde5c6f22dc)
|
|
The size of samba going down for once :-)
Andrew Bartlett
(This used to be commit 00ef4aad88f4ba9f2e242578c37933eac001c351)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
Ignacio you can update your howto ;-)
samsync: a small patch to try chaning challenges.
J.F.
(This used to be commit c99bc305599698f2291efbfe20024355cb2bcde0)
|
|
the validation level.
(This used to be commit c79e94ea27aab31423b1bdc34e9cff25688dbe5f)
|
|
there's a bug in the marshalling of net_sam_logon.
(This used to be commit 7c5ac46b8ad0be681d102e7ef3478d64d7a2b8e6)
|
|
rpcclient code. Refactored cmd_* functions to move common mem_ctx and pipe
opening stuff up one level. Moved rpcclient.h into rpcclient directory and
out of includes/smb.h
(This used to be commit a40facba9651f9fb1dcc9e143f92ca298a324312)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit e0bdcbc5994345fdc76f7590dba7bce5f0127d58)
|
|
the build farm
(This used to be commit 5bb7e4f0f65edf1db20245f403cbe81833134240)
|
|
Reverse-engineered the sam replication protocol from staring at hex dumps
for a while. It's pretty similar to the sam sync protocol with a couple of
different delta header types.
I wasn't able to figure out the format of the privilege stuff - needs more
time and a whiteboard. (-:
The impressive bit is that the sam sync stuff from tng basically just
worked thanks mainly to Luke Leighton's efforts in this area.
(This used to be commit 3a60cb44f22d5f3f8c78a56ed8f5ea4794cd7ab3)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
(This used to be commit 37052a1bcc5cd049918c3d5ac4c41c3a669290af)
|
|
(This used to be commit 1959864490e79756257ba10431b188de78b8c8a7)
|
|
(This used to be commit c93718daa1375269e4e0ef52016271b7a607e292)
|
|
(This used to be commit 3343c9f0d67d98687e5933e1a73c0ff487279160)
|
|
blocks around a few unimplemented functions. Also had to
add cli_reg.c to Makefile.in
--jerry
(This used to be commit 426c43fb5167b042682c22e67871e5ebadb4b769)
|
|
(This used to be commit f890bcf06786e7c63bf76fad2fd46d287a99a270)
|
|
it
(This used to be commit 88ad00b82acc4636ab57dfe710af08ea85b82ff1)
|
|
(This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
|
|
functions (cli_net_use_addlist()). needed originally because
there was no get_dc_any_name() function.
(This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
|
|
in private .mac file (oops). ntlogin test now works.
(This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
|
|
from previous lsaquery command. over-ridden from DOMAIN\username
2) initialisation of cli_state is a little more specific: sets use_ntlmv2
to Auto. this can always be over-ridden.
3) fixed reusage of ntlmssp_cli_flgs which was being a pain
4) added pwd_compare() function then fixed bug in cli_use where NULL
domain name was making connections multiply unfruitfully
5) type-casting of mallocs and Reallocs that cause ansi-c compilers to bitch
(This used to be commit 301a6efaf67ddc96e6dcfd21b45a82863ff8f39a)
|
|
parameters to connect to \PIPE\NETLOGON.
(This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
|
|
the remote machine, because i don't know what to _do_ with it!!!!
argh!!!
(This used to be commit 85cc680736f17e3f879895be5dac8f1427653919)
|
|
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
|
|
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
|
|
(This used to be commit 3e76ca9b172e1a6886e714d6a36453f30ff3e771)
|
|
means that some commands need more work, as they still use next_token(),
the use of which i wish to avoid.
plus, i was getting fed up of the poor command-line processing in some
of these commands. i'm starting to need getopt() in them, especially
in samsetuser.
WARNING: only cmd_samr has been modded to use getopt() so far! reg
commands won't work, esp.
(This used to be commit 9a1efa03c8bb86c9b7e73f102a9d48fb6a57a523)
|
|
restoring opening S-1-5-20 in sam enum users code.
(This used to be commit 1be877114e2e958c59e6516dacf22d3fb5a4240f)
|
|
(This used to be commit 134b20e2a7b5ddfa4cc9bf100de5025c7b98f594)
|
|
samr_lookup_rids() moved to a dynamic memory structure not a
static one limited to 32 RIDs. cli_pipe.c reading wasn't checking
ERRmoredata when DOS error codes negotiated (this terminates
MSRPC code with prejudice).
(This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
|
|
this format is what i would like _all_ these functions to be
(returning status codes, not BOOL) but that's a horrendous
amount of work at the moment :)
(This used to be commit 02f240604241367f146b26934ad1a1b2563430de)
|
|
into a separate module
(This used to be commit d99eca020a255022dbc71f3671127343d75db59e)
|
|
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
|
|
to alignment, missing fields, etc. - it should now work correctly.
There is still the problem of decoding the private data field.
(This used to be commit c3c25e762fbc30d5663323f23449c913f2ce4b0e)
|
|
* Added SEC_CHAN_BDC
* Propagate sec_chan into the various functions which change trust account
passwords, so they can be used for domain control and inter-domain
trusts.
* Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A
BUFFER2 is really a "unibuf" in my terminology and we should treat it as
such.
* Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4).
* Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication.
Still experimental and incomplete, with a few too many NULL security
descriptors lying around (must go look at Jeremy's SD code). Haven't
worked out password encryption yet either.
However, the XXX_INFO structures I've added to rpc_netlogon.h are quite
nice as they give some insight into how these objects are stored in the
SAM.
(This used to be commit 7b830350eb54dc9d357c115e12ddf9a0633527ac)
|