Age | Commit message (Collapse) | Author | Files | Lines |
|
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749
in net_rpc_audit.c: 754 755 756
in net_rpc_join.c: 757
in net_rpc_registry: 766 767
in net_rpc_samsync.c: 771 773
in net_sam.c: 797 798
Volker
(This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
|
|
features.
Guenther
(This used to be commit 446d79a0007d3d99c73eb758216f18f64036f11d)
|
|
add" (as the documentation says, and currently onle "net ads user add"
did). Fixes #3843.
Guenther
(This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
|
|
int
in a format string.
Jeremy.
(This used to be commit face01ef01e1a3c96eae17c56cadf01020d4cb46)
|
|
(This used to be commit a85dfb9eff222142eb1f9d89beb3d156661dd047)
|
|
The motivating factor is to not require more privileges for
the user account than Windows does when joining a domain.
The points of interest are
* net_ads_join() uses same rpc mechanisms as net_rpc_join()
* Enable CLDAP queries for filling in the majority of the
ADS_STRUCT->config information
* Remove ldap_initialized() from sam/idmap_ad.c and
libads/ldap.c
* Remove some unnecessary fields from ADS_STRUCT
* Manually set the dNSHostName and servicePrincipalName attribute
using the machine account after the join
Thanks to Guenther and Simo for the review.
Still to do:
* Fix the userAccountControl for DES only systems
* Set the userPrincipalName in order to support things like
'kinit -k' (although we might be able to just use the sAMAccountName
instead)
* Re-add support for pre-creating the machine account in
a specific OU
(This used to be commit 4c4ea7b20f44cd200cef8c7b389d51b72eccc39b)
|
|
(This used to be commit f21adc04f745a966dbe6ef0b4ffd9729afa3fa78)
|
|
Guenther
(This used to be commit e55e1e1e96e1a1e6d2bcc5897a44828ddc2c9f3b)
|
|
Guenther
(This used to be commit ba81b508caa4ab21a04d142f3621e43a55e859cf)
|
|
this is
sufficient to fix bug #3659.
Volker
(This used to be commit 0ef5e4372c45a60d66a902a6dbca58ae98529358)
|
|
(This used to be commit a6e88785e7116c1a88e1bfdfa2afadecd501bfb0)
|
|
Guenther
(This used to be commit 22b687589785051eca16a868e3475f066b647ea7)
|
|
winbindd server
(This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
|
|
servers. Also add a new "net rpc audit" tool. The lsa query infolevels
were taken from samb4 IDL, the lsa policy flags and categories are
partly documented on msdn. I need to cleanup the double
lsa_query_info_policy{2}{_new} calls next.
Guenther
(This used to be commit 0fed66926f4b72444abfc8ffb8c46cca8d0600aa)
|
|
Volker
(This used to be commit ba41c62b8b4d0c791035d63fb59496c0f655887f)
|
|
(This used to be commit 1df58c7a00b00242ee3eda09de92335d5dabe9c4)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
|
|
domain code
(This used to be commit 9eb743584d32cdb67e0512ac915c34565bce1c01)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
All 'usage' messages are still printed to stdout.
Fix some compiler warnings for system() calls where we didn't used the
return code. Add appropriate error messages and return with the error
code we got from system() or NT_STATUS_UNSUCCESSFUL.
(This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
|
|
Guenther
(This used to be commit e0be0e052380b38235d4f34d366f48707ed59df7)
|
|
x86_64 box.
Jeremy.
(This used to be commit d720867a788c735e56d53d63265255830ec21208)
|
|
(This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
(This used to be commit ffe4188847aabcbfbfadc0f5b60d0eeea9f13d83)
|
|
(This used to be commit 7af7343d9c7047998e4d54e07730ae1d87de3942)
|
|
<virtual.spirit@digizap.com.br> to include 'net rpc service' help in net rpc usage output
(This used to be commit ace8556b6525959114bea47d3be3b1b40756b058)
|
|
(This used to be commit e928a20c2bf9c79a68711c6bcd4fb91b270245f4)
|
|
Guenther
(This used to be commit bf67a8611491ed748c6975787ce2f0572586a3c6)
|
|
Volker
(This used to be commit 503a58b6be1972bea0804fab82aee1d814f6d522)
|
|
(dwatson@us.ibm.com). Yes,
that's my copyright...that's just how we have to do things at big blue.
Adds subcommand to vampire to allow data to be put into an ldif file instead
of actually writing to the passdb. See "net rpc help vampire" for usage
info. This should be added to docs as well.
(This used to be commit cb5634a305256a70daa2fcbd85d9a5459b4aeaa3)
|
|
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
|
|
share-acl from "net rpc share migrate shares".
God, how ugly does this syntax get.
Guenther
(This used to be commit 6f4d4acc868ee67f8434d904fa51c57d1b847135)
|
|
Jeremy.
(This used to be commit a667d9e474302e888a0cc009a342da471318928c)
|
|
Jeremy.
(This used to be commit 5fbabaef8cab894c6d349b0535a06c2c9d1437db)
|
|
* Allow to copy share security descriptors to already existing shares
separatly.
* Added abstraction function to enum all or a single share info
Guenther
(This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
|
|
much straither.
copy_top_level_perms() is jra's work.
I modified the copy_top_level_perms() function to use the copy_clistate.
And I don't forget trunk.
Lars
(This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
|
|
Guenther
(This used to be commit 1815e0745e4707f608a4803e67c7a3bd0c0b844a)
|
|
dir of a share. Till now we excluded '.' and '..' in general. For the
fix the information about top or lower level dir is stored in the
copy_clistate. src and dst share are now also part of this struct and
we only pass a pointer to the struct to the functions.
This bug was found by Bill Calero of Novell. Thanks Bill!
With this checkin no new functionality was added. But the copy_clistate
already knows about a mode. Later beside the migrate an additional
report mode will be added.
This changes are coordinated with Günther <gd>.
Lars
(This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
|
|
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
|
|
rpcclient-tester for some info-levels.
Jerry, I tried to adopt to prs_pointer() where possible and to not
interfere with your work for usrmgr.
- Add "net rpc trustdom vampire"-tool.
This allows to retrieve Interdomain Trust(ed)-Relationships from
NT4-Servers including cleartext-passwords (still stored in the local
secrets.tdb).
The net-hook was done in cooperation with Lars Mueller
<lmuelle@suse.de>.
To vampire trusted domains simply call:
net rpc trustdom vampire -S nt4dc -Uadmin%pass
Guenther
(This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
|
|
(This used to be commit 3002aa22505d4604f7919bf7207477e737372404)
|
|
Volker
(This used to be commit f25da82ffd8cdaf9ba773352b6f35d5390ee4aad)
|
|
(This used to be commit 11804521f9cf8cdfb8c1526ea81dfb8a2c16c194)
|
|
MMC manage computer plugin.
(This used to be commit c43c1ec80cb52569ccabcdf95e4004386ecb29d6)
|
|
initializable
statically.
Volker
(This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
|
|
fill in tomorrow
(This used to be commit 6bbd61cfd1ca2dbe8d96d894f90f263b8f24571f)
|
|
share migrate" (found by Lars Mueller <lmuelle@suse.de>).
Guenther
(This used to be commit 45a2a7bedb877745cd9677fe3124d5a2ad2c8853)
|
|
fix is a
bit more effort.
The real fix for this would be to open an schannel netlogon connection to the
remote DC and change the trust account password...
Volker
(This used to be commit ab8991c384d81d32ac13f89592e8b35208127b32)
|