Age | Commit message (Collapse) | Author | Files | Lines |
|
J.F.
(This used to be commit 3cf419bdfbd3c56f31fb0794b206ab4bd2ac7120)
|
|
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch.
pass also the negociation flags all the way.
all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient.
in the future we will be able to call auth_2 or auth_3 as we want.
J.F.
(This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
|
|
(This used to be commit 4631e1fd1039c7eed58d3738bd7310219acc9000)
|
|
(This used to be commit 355d28d9eae2fd4b94bb591c5c51cad2fab9d2fd)
|
|
(This used to be commit 4e142ba3749d2eb45687425ff87c153fb6147056)
|
|
(This used to be commit e09007dd5d17d5f84aea3c2fed16ce79ba7be1f2)
|
|
server name and everything works as advertised. See the MSDN doco for details.
(This used to be commit d6b10fe9691bfc96d5933c029990c60fd292bdc9)
|
|
(This used to be commit b8dba26978c281259e02b9d6ebacaa7cba4f7787)
|
|
(This used to be commit 6ec267618a7ba2c4a7170b78ccfe95120c5430c4)
|
|
- SAM_DELTA_RENAME{USER,GROUP,ALIAS}
- SAM_DELTA_DELETE{USER,GROUP}
Renamed some of the unknown delta types and their unmarshalling functions:
- SAM_DELTA_TRUST_DOMS
- SAM_DELTA_SECRET_INFO
(This used to be commit 1f29276c2ff450c4ca3705c27fb0be71ddcda4ad)
|
|
samsync operations (as a BDC)
(This used to be commit e4cb106d2e3e6a41529369545a7a6ce5fe6d8986)
|
|
try to keep to functions inside libsmbclient.
Andrew Bartlett
(This used to be commit 340bc31fdb031d79fa87de27c2c46215dd8113a3)
|
|
(This used to be commit 009b331182b1338e07968388004f5d44b835e7f5)
|
|
(This used to be commit f2c48cadb22256564f2ddaa5169812c7c4383ec5)
|
|
which lsaqueryinfo to do based in infoclass. Currently 12 is the only one
that causes a queryinfo2.
(This used to be commit f4ec2d52a7b093da701d68906cce6de197f182be)
|
|
what 2k does.
(This used to be commit 99437db17aa7c2e3448f28f627e993e8ab762d31)
|
|
(This used to be commit fe43c2ac2d2e1dd3b3a25c807d4dd379c5ac4960)
|
|
setups.
- split up the ads structure into logical pieces. This makes it much
easier to keep things like the authentication realm and the server
realm separate (they can be different).
- allow ads callers to specify that no sasl bind should be performed
(used by "net ads info" for example)
- fix an error with handing ADS_ERROR_SYSTEM() when errno is 0
- completely rewrote the code for finding the LDAP server. Now try DNS
methods first, and try all DNS servers returned from the SRV DNS
query, sorted by closeness to our interfaces (using the same sort code
as we use in replies from WINS servers). This allows us to cope with
ADS DCs that are down, and ensures we don't pick one that is on the
other side of the country unless absolutely necessary.
- recognise dnsRecords as binary when displaying them
- cope with the realm not being configured in smb.conf (work it out
from the LDAP server)
- look at the trustDirection when looking up trusted domains and don't
include trusts that trust our domains but we don't trust
theirs.
- use LDAP to query the alternate (netbios) name for a realm, and make
sure that both and long and short forms of the name are accepted by
winbindd. Use the short form by default for listing users/groups.
- rescan the list of trusted domains every 5 minutes in case new trust
relationships are added while winbindd is running
- include transient trust relationships (ie. C trusts B, B trusts A,
so C trusts A) in winbindd.
- don't do a gratuituous node status lookup when finding an ADS DC (we
don't need it and it could fail)
- remove unused sid_to_distinguished_name function
- make sure we find the allternate name of our primary domain when
operating with a netbiosless ADS DC (using LDAP to do the lookup)
- fixed the rpc trusted domain enumeration to support up to approx
2000 trusted domains (the old limit was 3)
- use the IP for the remote_machine (%m) macro when the client doesn't
supply us with a name via a netbios session request (eg. port 445)
- if the client uses SPNEGO then use the machine name from the SPNEGO
auth packet for remote_machine (%m) macro
- add new 'net ads workgroup' command to find the netbios workgroup
name for a realm
(This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
|
|
(This used to be commit a5a0ff8bd7ee4a3586647d14fd750ec6df73efa8)
|
|
problems here.
Also fixed some non-constant initialisers in samsync.
(This used to be commit 33bd7214736dafd5927d63af5f8510646b81e7df)
|
|
and must == unix username for sane implementation in passdb.
Andrew Bartlett
(This used to be commit 412c791980de7f88a926b2f9ed361f0f882594c8)
|
|
pretty half-arsed at the moment and doesn't work very well but Mr Bartlett
was interested in it.
Also started playing around with the more interesting bits of popt. The
auto-generated usage information is pretty neat.
(This used to be commit b3e51bfe6c13f1d20e599f675332f0489d8462e7)
|
|
(This used to be commit 8c17904848a6206ab35652625ff5f3afcf6bcb0d)
|
|
(This used to be commit 28373e5bc2acc09a9e4c9dab3f76c21d04850dde)
|
|
as they're no longer new!
(This used to be commit 277f6bbb9a63541a473a80a7994e9bde5c6f22dc)
|
|
(This used to be commit 6129718bea458ceb7669ecabc8cf0c8f908c7074)
|
|
determine what access masks should be applied to various SAMR calls.
Andrew Bartlett
(This used to be commit dbf28f992bcd4859a9b7d78ac1d33e4063617f94)
|
|
(This used to be commit 2674adf1b5c54da03e8a445ec1e12d382294d1c1)
|
|
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a
function to make the SID types appear as text strings in logs/rpcclient.
Also, remove a silly case that would cause 'failure' to be 'success'. (Might
look at this a bit more in future).
Andrew Bartlett
(This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
|
|
code
(This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0)
|
|
Now let's keep this in sync !
Jeremy.
(This used to be commit 3603cd4947df2c10df604447dc542932cb9e5d5a)
|
|
(This used to be commit e77e21cdbe2cb2d594494dd6e5cac37b5b1bcab8)
|
|
Andrew Bartlett
(This used to be commit ebc8452a30b2a9bdd6698af8dad489f3f92ae7a6)
|
|
few more places to use it.
Andrew Bartlett
(This used to be commit 23689b0746d5ab030d8693abf71dd2e80ec1d7c7)
|
|
(This used to be commit 361afd241beeda033068c7f3a976f3f69fa2ac33)
|
|
(This used to be commit b3b3e45583718e5b034f6c67609523f35753c1a8)
|
|
(This used to be commit c3921e36071a70ab9534fe92286b361aae2336b6)
|
|
(This used to be commit 70f8adf297a3979230e425126cd5868972b1d17e)
|
|
Some reformatting.
(This used to be commit 612eae45ef7b0289e0c67b331d96a351fc567e5c)
|
|
(This used to be commit 099b750b4ed8f04a1fd8a018508d412691e37df6)
|
|
when using restrictanonymous.
(This used to be commit 0c65978ed07903af808da5f32cc29531aef23225)
|
|
(This used to be commit 99ac1b339c2b4ec5b85ecc3a87efa2ef508ecab1)
|
|
- close down connect and domain policy handles when exiting
- allow enumeration of > 65535 groups or aliases
- error handling for non-zero return value from enumeration functions
(This used to be commit a48f362ca7ff6477d3064bc2c5c888eeb095d2ce)
|
|
didn't make any sense, and its was always just strlen(password) anyway.
This fixes it to be strlen(password)+1
Andrew Bartlett
(This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
|
|
this:
More code cleanup - this lot a bit more dodgy than the last:
The aim is to trim pwd_cache down to size. Its overly complex, and a
pain to deal with. With a header comment like this:
'obfusticaion is planned'
I think it deserved to die (at least partly).
This was being done to allow 'cli_establish_connection' to die - its
functionality has been replaced by cli_full_connection(), which does
not duplicate code everywhere for creating names etc.
This also removes the little 'init' fucntions for the various pipes,
becouse they were only used in one place, and even then it was dodgy.
(I've reworked smbcacls not to use anonymous connections any more, as
this will (should) fail with a 'restrict anonymous' PDC).
This allowed me to remove cli_pipe_util.c, which was calling
cli_establish_connection.
tpot: I'm not sure what direction you were going with the client stuff,
and you may well have been wanting the init functions. If thats the case,
give me a yell and I'll reimplement them against cli_full_connection.
Andrew Bartlett
(This used to be commit fa67e4626bed623333c571e76e06ccd52cba5cc5)
|
|
The size of samba going down for once :-)
Andrew Bartlett
(This used to be commit 00ef4aad88f4ba9f2e242578c37933eac001c351)
|
|
I think we may still need to look at our server enumeration code, but
other than that, its much better in the tree than out.
Andrew Bartlett
(This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
|
|
(This used to be commit 79d7bcf42e568b8fe75818c1d2344bff738afd70)
|
|
The semantics of the src_len argument to rpcstr_pull() seem to have changed
breaking most of the spoolss commands in rpcclient. Changed a bunch of
0's to -1's to fix it.
(This used to be commit f32e3f2087c44f27bcfc8a8b1c76ee2b29f01dea)
|
|
(This used to be commit fa5c1ba12b4cae0c03f1adbc38e7ad5eeca0e895)
|