summaryrefslogtreecommitdiff
path: root/source3/utils/net_rpc_join.c
AgeCommit message (Collapse)AuthorFilesLines
2003-11-23Merge from 3.0:Andrew Bartlett1-4/+4
Add support for variable-length session keys in our client code. This means that we now support 'net rpc join' with KRB5 (des based) logins. Now, you need to hack 'net' to do that, but the principal is important... When we add kerberos to 'net rpc', it should be possible to still do user management and the like over RPC. - Add server-side support for variable-length session keys (as used by DES based krb5 logins). Andrew Bartlett (This used to be commit 1287cf5f921327c9ea758de46220c4e2dedc485c)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-16/+31
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-04-22Merge from 3.0 - fix domain joins not to always join as BDC.Andrew Bartlett1-0/+3
(This used to be commit 09bc2dd51c8407536b68aaeaeba4546f93256ec2)
2003-04-16Store the type of 'sec channel' that we establish to the DC. If we are aAndrew Bartlett1-19/+43
workstation, we have to use the workstation type, if we have a BDC account, we must use the BDC type - even if we are pretending to be a workstation at the moment. Also actually store and retreive the last change time, so we can do periodic password changes again (for RPC at least). And finally, a couple of minor fixes to 'net'. Andrew Bartlett (This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
2003-04-13Some small changes - typos, adding usage for some commandsJelmer Vernooij1-1/+1
and removing -j because it was not used at all. (This used to be commit e3e2c1b27128f7b5a1f4bbc8093c75b0c12549b4)
2003-02-16Add the 'session key' output of the NTLMSSP exchange to the cli struct, soAndrew Bartlett1-7/+1
it can be used for 'net rpc join'. Also fix a bug in our server-side NTLMSSP code - a client without any domain trust links to us may calculate the NTLMv2 response with "" as the domain. Andrew Bartlett (This used to be commit ddaa42423bc952e59b95362f5f5aa7cca10d1ad4)
2002-12-20Forward port the change to talloc_init() to make all talloc contextsJeremy Allison1-1/+1
named. Ensure we can query them. Jeremy. (This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-6/+2
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-10-04merge of new client side support the Win2k LSARPC UUID in rpcbindGerald Carter1-3/+3
from APP_HEAD (This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
2002-08-30added cli_net_auth_3 client code.Jean-François Micouleau1-1/+2
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch. pass also the negociation flags all the way. all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient. in the future we will be able to call auth_2 or auth_3 as we want. J.F. (This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
2002-08-05added 'net rpc testjoin' and 'net ads testjoin' commandsAndrew Tridgell1-20/+81
unfortuately we don't seem to be able to auto-test the ADS join due to a rather nasty property of the GSSAPI library. (This used to be commit 87c34a974a91e940bd26078a68dd84f4341d6913)
2002-07-21Renamed all the new_cli_netlogon_* functions to cli_netlogon_*Tim Potter1-1/+1
as they're no longer new! (This used to be commit 277f6bbb9a63541a473a80a7994e9bde5c6f22dc)
2002-07-20Oops, my bad. I forgot to assign this, so lookupnames wasn't doing much :-)Andrew Bartlett1-0/+1
(This used to be commit 508106285380b772850238a8ed6b78a2c3334887)
2002-07-20More fixes towards warnings on the IRIX compilerAndrew Bartlett1-3/+5
(and yes, some of these are real bugs) In particular, the samr code was doing an &foo of various types, to a function that assumed uint32. If time_t isn't 32 bits long, that broke. They are assignment compatible however, so use that and an intermediate variable. Andrew Bartlett (This used to be commit 30d0998c8c1a1d4de38ef0fbc83c2b763e05a3e6)
2002-05-18A few things in this commit:Andrew Bartlett1-7/+3
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
2002-03-23Join as a server trust account if the server role is either PDC or BDC.Andrew Bartlett1-1/+1
(This used to be commit 0784ab67addb3422a2d17363b4c3328d2e4b1008)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-3/+3
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-15Change new style join function name for clarity in net_rpc.cJim McDonough1-1/+1
(This used to be commit 539d0cc03035c126e2de82523a07ed91997100b8)
2002-03-02Allow Samba to trust NT4 Domains.Andrew Bartlett1-1/+3
This commit builds on the auth subsystem to give Samba support for trusting NT4 domains. It is off by default, but is enabled by adding 'trustdomain' to the 'auth methods' smb.conf paramater. Tested against NT4 only - there are still some issues with the join code for Win2k servers (spnego stuff). The main work TODO involves enumerating the trusted domains (including the RPC calls to match), and getting winbind to run on the PDC correctly. Similarly, work remains on getting NT4 to trust Samba domains. Andrew Bartlett (This used to be commit ac8c24a9a888a3f916e8b40238b936e6ad743ef7)
2002-01-30Removed version number from file header.Tim Potter1-1/+0
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-12-30Add a pile of doxygen style comments to various parts of Samba. Many of theseAndrew Bartlett1-3/+9
probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-14Display a nice error message if the user%password specified for net rpcTim Potter1-2/+8
join does not have administrator privileges. (This used to be commit af24b1036c8ceaa37e6b68ac988401846c5c7fe4)
2001-12-14Merge from 2.2 to allow net rpc join -U to complete even if the workstationTim Potter1-2/+5
account already exists. # net rpc join --user=Administrator%password It's kind of weird seeing the mix of NET.EXE style of options (net command subcommand /arg:value) with the GNU-style long options. I think it works. (This used to be commit 3789c8c707acd9a4078d656c8de9ce1f4be9e388)
2001-12-11allow join of already joined domainAndrew Tridgell1-60/+35
(This used to be commit 784a3f295176dc87c8befd76d5f2dc9ef1e9e383)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-4/+2
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05Follow herb's suggestion and don't strdup a string to itselfAndrew Bartlett1-3/+6
(This used to be commit d00f461f43558c8ef942df305bcc2c89060b4800)
2001-12-04allow for passwords other than "samba2"Andrew Tridgell1-1/+1
:) (This used to be commit cee58f10974b55ead68362166d12285568feeb23)
2001-12-04Add 'net rpc join' to match the ADS equiv.Andrew Bartlett1-0/+311
This kills off the offending code in smbpasswd -j -Uab%c In the process we have changed from unsing compelatly random passwords to random, 15 char ascii strings. While this does produce a decrese in entropy, it is still vastly greater than we need, considering the application. In the meantime this allows us to actually *type* the machine account password duruign debugging. This code also adds a 'check' step to the join, confirming that the stored password does indeed do somthing of value :-) Andrew Bartlett (This used to be commit c0b7ee6ee547dc7ff798eaf8cb63fbe344073029)