Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit dc69a638b9e12726f050d79b63f92f816c35fe8f)
|
|
(This used to be commit 21d92802781ac224f569a990df3ec1070f0da434)
|
|
join to the DC.
Andrew Bartlett
(This used to be commit af526fa9b39ab1f8483d5cee66321bc12f78ac05)
|
|
we wouldn't build.
(This used to be commit 0e9836c4e9e71494b10d71a5f3d5f7da2888c5ef)
|
|
(This used to be commit daf443757b62bd3c254a303d638bfd030b4acd2a)
|
|
packets, otherwise repeated components will not decode correctly.
Thanks to aliguori@us.ibm.com for the fix, and lukeh@padl.com for pointing
us to the right docs.
(This used to be commit a8d5d74cf80c6cae3eac1daa3f88d56373789560)
|
|
Jeremy.
(This used to be commit 43ca4b8a8425b97a6bea08b91420bac6cde807b3)
|
|
Jeremy.
(This used to be commit 2a6d0c2481c3c34351e57c30a85004babdbf99b0)
|
|
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
|
|
Jump out of sam entry processing loop if the return value from
cli_netlogon_sam_sync() isn't OK or STATUS_MORE_ENTRIES.
(This used to be commit 47d8ee3679292ece5d86df11bc56c9b4d71f3d11)
|
|
(This used to be commit f67cc24acf37a9f46427c993574ecf261d7aec1a)
|
|
Also, we might be given a 0 length challenge, so don't smb_panic() for
smb_xmalloc() of zero size.
Andrew Bartlett
(This used to be commit 4842de04cf2e1528e726dfad070dfe3a82f46fa2)
|
|
command line.
Andrew Bartlett
(This used to be commit dd14da756640ba36834a05b9da4759a809c0bb37)
|
|
(This used to be commit ca2e453c7838b6d0ed2d0a45124d162073bbbf99)
|
|
PDCs running NT4SP1, NT4SP6 and Samba 3.0.
Volker
(This used to be commit 2143446043b2c29027cf69554caddf41274df709)
|
|
(This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e)
|
|
that is now possible to, for example, load a module which contains
an auth method into a binary without the auth/ subsystem built in.
(This used to be commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d)
|
|
With big thanks to tpot for the ethereal disector, and for the base code
behind this, we now fully support NTLMv2 as a client.
In particular, we support it with direct domain logons (tested with ntlm_auth
--diagnostics), with 'old style' session setups, and with NTLMSSP.
In fact, for NTLMSSP we recycle one of the parts of the server's reply directly...
(we might need to parse for unicode issues later).
In particular, a Win2k domain controller now supplies us with a session key
for this password, which means that doman joins, and non-spnego SMB signing
are now supported with NTLMv2!
Andrew Bartlett
(This used to be commit 9f6a26769d345d319ec167cd0e82a45e1207ed81)
|
|
users and groups.
(This used to be commit dcc6d9e76c737400aaffdd4f261fd0f191aaeea8)
|
|
(This used to be commit 045210e129e6e0aef8f847e7ed8714d0d9974e7f)
|
|
(This used to be commit 7f76eac5a0f93107d990b0fde651838c38970092)
|
|
- auth with ntlmv2 and lmv2 but deliberately break the ntlmv2 hash
- auth with ntlmv2 and lmv2 but deliberately break the lmv2 hash
- auth with ntlm and lm but deliberately break the ntlm hash
- auth with ntlm and lm but deliberately break the lm hash
My theory is that the NTLM or NTLMv2 field must be correct and if it is,
it doesn't matter what the value of the LM or LMv2 field is.
Fixed cosmetic test name display bug.
(This used to be commit 5dcde9451bd0d6a7462b77cf5ed137bfd691adaa)
|
|
Now the build farm will no doubt find more.
(This used to be commit e91e648c9b0841fbffbc8f39e71abade0996a1e7)
|
|
important once we start doing schannel, as there would be a lot more
roundtrips for the second PIPE open and bind. With this patch logging
in to a member server is a matter of two (three if you count the
ack...) packets between us and the DC.
Volker
(This used to be commit 5b3cb7725a974629d0bd8b707bc2940c36b8745e)
|
|
this world than 'status more entires'...
Also move all the cases to 'NT_STATUS_EQUAL()' to test it.
Andrew Bartlett
(This used to be commit b4645bf0661dadcd077b21bb6f6452ed8b2eb726)
|
|
(This used to be commit 29d775fe68be8988e344c35106a80d6ca8236e4d)
|
|
(This used to be commit 8257f537de57a2681e6d9cc2c421435b1d751a60)
|
|
Andrew Bartlett
(This used to be commit 7342c70b4cecfc1f42c46b19360db6c077604be2)
|
|
debug msg while establishing trust and listing relations of Samba PDC.
Rafal
(This used to be commit 8681cbae0d142a1f9ac537cb22e611a6f5262b54)
|
|
(This used to be commit 855fab395f97dd232fd9bb78e62ad12b16fe2a24)
|
|
Our NTLMv2 client code needs work, becouse we don't get the session key for
any of the NTLMv2 stuff...
Also test some of the more 'odd' auth cases - like putting the NT password
into the LM feild.
Clean up some static globals into static locals.
Andrew Bartlett
(This used to be commit 62f0acc99166e9518f59bc5d091b76c35837e65c)
|
|
(This used to be commit 52d5ff7bdafabb421e76b6b19d95be22b380ddb4)
|
|
user@realm, where realm might not be the realm we are joining.
Andrew Bartlett
(This used to be commit 00e08efb5cd21bf42be9125d3188efbf9d13b8b7)
|
|
Andrew Bartlett
(This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
|
|
(This used to be commit 2fabc356769477cc8bdbb23ecd8fee1e7d9fdb7d)
|
|
pointer.
(merge from HEAD).
Andrew Bartlett
(This used to be commit 9e3d0cd9dea1234d6e6a26d03995b5edfaed5186)
|
|
(a common bug with popt stuff, becouse it's fine with GCC).
(This used to be commit edbab685d181887f8cb055cc9dc175b2772bd0ff)
|
|
remove related file. Left in EHAD for reference (for now)
(This used to be commit 2e7537d8e29171bfddac984911c55cf567886956)
|
|
comments.
(This used to be commit b5b1732b1144c9bcf5c3b08f6f9da9ad8875f5f7)
|
|
Net.exe on windows won't allow more than 50 characters to be entered, but
through AD you can have much more than this.
(This used to be commit ca2886c9385361ea401e3e0b47c26cb39adcadbc)
|
|
(This used to be commit 2557b94519fbb3110948a3c6a3f412622757d2b0)
|
|
to the system. This means that we always run Get_Pwnam(), and can never add
FOO when foo exists on the system (the idea is to instead add foo into
the passdb, using it's full name, RID etc).
Andrew Bartlett
(This used to be commit bb79b127e02cefae13c822fd0fd165f1f214b740)
|
|
(This used to be commit f127f964250c86986996afab905b40cff420bfd5)
|
|
(This used to be commit a847ebd82732cc2b430c58c3b287a46db0e35ba1)
|
|
(This used to be commit f7cfdf20b7b3b7743c0c3af4ff62fdde00e45fdc)
|
|
(This used to be commit ee78196bcfe52dfdda0b7fd44a6701e2cf5f7d5a)
|
|
(This used to be commit 82f024723c5312fe2b6a57915de8e78c96f80ef0)
|
|
>When calling cli_samr_enum_{dom,als}_groups in a while loop, the
>terminating condition should be result != STATUS_MORE_ENTRIES, not
>result == NT_STATUS_OK otherwise we get stuck in an infinite loop
>when there's any sign of trouble.
(This used to be commit 4998a72cf8e3a2b254dc409a36b9bbd118bdc4fd)
|
|
(This used to be commit d9277bd06401cb040390739ae730c8991736c886)
|
|
(This used to be commit ce3dd8fd69231798185e3e3bb988775e5671e070)
|