summaryrefslogtreecommitdiff
path: root/source3/utils/net_rpc_join.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r5203: additional changes for BUG 2291 to restrict who can join a BDC and ↵Gerald Carter1-1/+1
add domain trusts (This used to be commit 5ec1faa2ad33772fb48c3863e67d2ce4be726bb2)
2007-10-10r4570: Replace cli->nt_pipe_fnum with an array of NT file numbers, one for eachVolker Lendecke1-2/+2
supported pipe. Netlogon is still special, as we open that twice, one to do the auth2, the other one with schannel. The client interface is completely unchanged for those who only use a single pie. cli->pipe_idx is used as the index for everything except the "real" client rpc calls, which have been explicitly converted in my last commit. Next step is to get winbind to just use a single smb connection for multiple pipes. Volker (This used to be commit dc294c52e0216424236057ca6cd35e1ebf51d0da)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-1/+1
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid ofTim Potter1-1/+1
'..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2004-02-08Make more functions static, and remove duplication in the use of functionsAndrew Bartlett1-1/+1
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c (These should perhaps be pulled back out to smbpasswd.c, but that can occour later). Andrew Bartlett (This used to be commit fcdc5efb1e245c8fa95cd031f67ec56093b9056e)
2004-01-26This adds client-side support for the unicode/SAMR password change scheme.Andrew Bartlett1-8/+1
As well as avoiding DOS charset issues, this scheme returns useful error codes, that we can map back via the pam interface. This patch also cleans up the interfaces used for password buffers, to avoid duplication of code. Andrew Bartlett (This used to be commit 2a2b1f0c872d154fbcce71a250e23dfad085ba1e)
2004-01-15Fix net rpc join (at least newstyle) after it was broken by changingJim McDonough1-5/+5
the parms to cli_lsa_query_info_policy without changing them here... (This used to be commit a885df7635a9230bc6cca88e7e8fb1420c74c7fb)
2003-11-22Add support for variable-length session keys in our client code.Andrew Bartlett1-4/+4
This means that we now support 'net rpc join' with KRB5 (des based) logins. Now, you need to hack 'net' to do that, but the principal is important... When we add kerberos to 'net rpc', it should be possible to still do user management and the like over RPC. (server-side support to follow shortly) Andrew Bartlett (This used to be commit 9ecf9408d98639186b283f1acf0fac46417547d0)
2003-07-03Removed strupper/strlower macros that automatically map to ↵Jeremy Allison1-2/+2
strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-06-16This glosses over John's problem at SambaXP 2003. When we want to joinVolker Lendecke1-3/+17
a NT4 domain as a BDC with an existing workstation account (existing bdc is fine), we fail. Print a friendly error message in this case. The correct solution would probably be to delete the account and try again. But even this makes us better than NT: NT4 fails in this situation with an empty warning message box and an unusable BDC. It has unsuccessfully tried to suck down the domain database, and thus has no administrator account to log in after reboot.... Volker (This used to be commit 1ddeea2179b11cedccf205c7ffea523ee6750b24)
2003-06-16Fix misleading debug message.Volker Lendecke1-1/+1
Volker (This used to be commit a4f76f2520515d820eb4a320036b998c88c596a8)
2003-06-16another improved debug statementAndrew Tridgell1-1/+1
(This used to be commit ac69b9c83cde306f89143fe43038adff876dd0b0)
2003-06-08Make sure that we use schannel (if configured) when checking for a validAndrew Bartlett1-12/+13
join to the DC. Andrew Bartlett (This used to be commit af526fa9b39ab1f8483d5cee66321bc12f78ac05)
2003-04-22Fix up bugs in the new 'store sec_channel type' code - we were always joiningAndrew Bartlett1-0/+3
as a BDC. Andrew Bartlett (This used to be commit f35674e7552dcfece342e7bece10bbfb0e81cbf8)
2003-04-21Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett1-19/+43
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-14Merge of Jelmer's usage updates for net.Tim Potter1-1/+1
(This used to be commit 6a5b88c95b3fd17431cda79e9aa2a593fef85100)
2003-02-24Merge from HEAD client-side authentication changes:Andrew Bartlett1-7/+1
- new kerberos code, allowing the account to change it's own password without special SD settings required - NTLMSSP client code, now seperated from cliconnect.c - NTLMv2 client code - SMB signing fixes Andrew Bartlett (This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
2002-12-20Forward port the change to talloc_init() to make all talloc contextsJeremy Allison1-1/+1
named. Ensure we can query them. Jeremy. (This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-6/+2
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-10-04merge of new client side support the Win2k LSARPC UUID in rpcbindGerald Carter1-3/+3
from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter1-1/+2
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-08-17sync 3.0 branch with HEADJelmer Vernooij1-23/+87
(This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-7/+3
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-23Join as a server trust account if the server role is either PDC or BDC.Andrew Bartlett1-1/+1
(This used to be commit 0784ab67addb3422a2d17363b4c3328d2e4b1008)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-3/+3
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-15Change new style join function name for clarity in net_rpc.cJim McDonough1-1/+1
(This used to be commit 539d0cc03035c126e2de82523a07ed91997100b8)
2002-03-02Allow Samba to trust NT4 Domains.Andrew Bartlett1-1/+3
This commit builds on the auth subsystem to give Samba support for trusting NT4 domains. It is off by default, but is enabled by adding 'trustdomain' to the 'auth methods' smb.conf paramater. Tested against NT4 only - there are still some issues with the join code for Win2k servers (spnego stuff). The main work TODO involves enumerating the trusted domains (including the RPC calls to match), and getting winbind to run on the PDC correctly. Similarly, work remains on getting NT4 to trust Samba domains. Andrew Bartlett (This used to be commit ac8c24a9a888a3f916e8b40238b936e6ad743ef7)
2002-01-30Removed version number from file header.Tim Potter1-1/+0
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-12-30Add a pile of doxygen style comments to various parts of Samba. Many of theseAndrew Bartlett1-3/+9
probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-14Display a nice error message if the user%password specified for net rpcTim Potter1-2/+8
join does not have administrator privileges. (This used to be commit af24b1036c8ceaa37e6b68ac988401846c5c7fe4)
2001-12-14Merge from 2.2 to allow net rpc join -U to complete even if the workstationTim Potter1-2/+5
account already exists. # net rpc join --user=Administrator%password It's kind of weird seeing the mix of NET.EXE style of options (net command subcommand /arg:value) with the GNU-style long options. I think it works. (This used to be commit 3789c8c707acd9a4078d656c8de9ce1f4be9e388)
2001-12-11allow join of already joined domainAndrew Tridgell1-60/+35
(This used to be commit 784a3f295176dc87c8befd76d5f2dc9ef1e9e383)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-4/+2
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05Follow herb's suggestion and don't strdup a string to itselfAndrew Bartlett1-3/+6
(This used to be commit d00f461f43558c8ef942df305bcc2c89060b4800)
2001-12-04allow for passwords other than "samba2"Andrew Tridgell1-1/+1
:) (This used to be commit cee58f10974b55ead68362166d12285568feeb23)
2001-12-04Add 'net rpc join' to match the ADS equiv.Andrew Bartlett1-0/+311
This kills off the offending code in smbpasswd -j -Uab%c In the process we have changed from unsing compelatly random passwords to random, 15 char ascii strings. While this does produce a decrese in entropy, it is still vastly greater than we need, considering the application. In the meantime this allows us to actually *type* the machine account password duruign debugging. This code also adds a 'check' step to the join, confirming that the stored password does indeed do somthing of value :-) Andrew Bartlett (This used to be commit c0b7ee6ee547dc7ff798eaf8cb63fbe344073029)