summaryrefslogtreecommitdiff
path: root/source4/cldap_server/netlogon.c
AgeCommit message (Collapse)AuthorFilesLines
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer1-7/+5
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
2009-10-02s4-cldap: match w2k8-r2 for cldap netlogon bitsAndrew Tridgell1-10/+17
Windows does not set the 3 high bits, which is strange given their meaning. I've submitted a CAR on this.
2009-09-23s4-cldap: return domainFunctionality from SAMAndrew Tridgell1-0/+5
2009-07-13libds: merge the UF<->ACB flag mapping functions.Günther Deschner1-1/+1
Guenther
2009-05-26Don't use crossRef records to find our own domainAndrew Bartlett1-96/+20
A single AD server can only host a single domain, so don't stuff about with looking up our crossRef record in the cn=Partitions container. We instead trust that lp_realm() and lp_workgroup() works correctly. Andrew Bartlett
2009-03-19s4:cldap: rewrite the cldap library based on tsocketStefan Metzmacher1-11/+12
metze
2009-02-02s4:cldap: s/private/private_dataStefan Metzmacher1-1/+1
metze
2008-10-15idl: finally fully share nbt.idl in s3 and s4.Günther Deschner1-3/+3
Guenther
2008-10-14Sync with Samba 3.Jelmer Vernooij1-1/+1
2008-10-03Merge commit 'master/master'Andrew Tridgell1-40/+40
2008-10-02fixed the sense of ldb base dn comparisons in two places, and use aAndrew Tridgell1-1/+1
direct comparison instead of a sub-tree comparison in another this fixes basedn searches on the global catalog port
2008-10-02The IRIX compiler does not like embedded unnamed unionsVolker Lendecke1-40/+40
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce1-24/+20
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-08-22fixed the DomainDNS searches in the netlogon codeAndrew Tridgell1-2/+2
(This used to be commit 7dce38f9897df02073132f18b1021e0d0636590c)
2008-08-21Validate input in the CLDAP and DGRAM 'netlogon' responder.Andrew Bartlett1-7/+37
(This used to be commit 682ca3cae1d5e796bc58142f79c99d43742ac85c)
2008-08-20Add extra bits to our 'netlogon' response in CLDAP and NBT.Matthias Dieter Wallnöfer1-1/+7
I've studied now the netlogon attribute from the CLDAP request and have compared them with the table presented in the WSPP docs (http://msdn.microsoft.com/en-us/library/cc201036.aspx). The first two bytes seem to be correct, but that the third and fourth one is completely clear with SAMBA 4. Signed-off-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 3024a43c25e3ec9821d94a27d5cf738890b1b8f3)
2008-05-21Fix creation of sockaddr in netlogon datagram generator.Andrew Bartlett1-1/+1
The previous code sent uninitialised data, and was the wrong length. Andrew Bartlett (This used to be commit 8e070293cfd522b7464be5bc4d8045572d6d996c)
2008-05-21Extend the 'netlogon' CLDAP and NBT implementation.Andrew Bartlett1-10/+50
This now handles checking if the user exists, including validating the ACB mask on the user. This would be a nasty security hole, if Kerberos did not already expose this information anonymously... Andrew Bartlett (This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e)
2008-05-17Handle netbios domains in the CLDAP server too.Andrew Bartlett1-8/+64
This commit also fixes a number of issues found by the NBT-DGRAM and LDAP-CLDAP tests. Andrew Bartlett (This used to be commit 8f99a4b94e95f8bde0f80f92d4e57020c62cfaab)
2008-05-17Convert the CLDAP server to use the new netlogon structures.Andrew Bartlett1-95/+98
This also makes the CLDAP server the place where we create the NETLOGON SAMLOGON replies, regardless of protocol (NBT mailslots or CLDAP). Andrew Bartlett (This used to be commit 8b00a9429470c9ad3646255c340e6a963bd226bd)
2008-04-14Remove prototypes from build.h in preparation of removing build.hJelmer Vernooij1-1/+1
altogether. (This used to be commit dbeab2a9cdee4e5f69afeb2603ba29cbed56debd)
2008-01-06r26681: Use fewer magic numbers.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 16edbe1d607390227652ee97a000da98c696c735)
2008-01-06r26680: Don't always advertise GC functionality.Andrew Bartlett1-1/+4
Andrew Bartlett (This used to be commit 2f228bcbf63af98ff2d0f498f48d49d0f2926343)
2008-01-03r26649: Only claim to be a PDC if we are a PDC.Andrew Bartlett1-1/+5
Andrew Bartlett (This used to be commit fc5746ae95e5a0b751ec19cae1f204c505f4ca27)
2007-12-21r26402: Require a talloc context in libnetif.Jelmer Vernooij1-1/+1
(This used to be commit a35e51871bbf1ab33fc316fa59e597b722769c50)
2007-12-21r26401: Don't cache interfaces context in libnetif.Jelmer Vernooij1-1/+3
(This used to be commit 9f975417cc66bfd4589da38bfd23731dbe0e6153)
2007-12-21r26325: Remove use of global_loadparm in netif.Jelmer Vernooij1-1/+1
(This used to be commit e452cb28594f23add7c00247ed39e8323aea78a6)
2007-12-21r26319: Split encoding functions out of libcli_ldap.Jelmer Vernooij1-1/+1
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
2007-12-21r26271: Remove some more uses of global_loadparm.Jelmer Vernooij1-2/+2
(This used to be commit e9875fcd56de0748ed78d7e3c9cdb4919cd96d3c)
2007-12-21r26222: Avoid global_loadparm in a couple more places.Jelmer Vernooij1-9/+10
(This used to be commit 5bd053a570ec0a783b4dcd943698263925f819f9)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25939: Rework the CLDAP server not to use gendb_search but to call ldb_searchAndrew Bartlett1-28/+65
directly. Handle the errors from ldb_search (now that we get more than just -1), including NO_SUCH_ENTRY when the base DN doesn't exist. Andrew Bartlett (This used to be commit e47df4a0fe5efd91f0355aa13c9b50c7be789767)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-9/+11
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce1-4/+4
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce1-2/+2
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19736: handle rootdse call via CLDAPStefan Metzmacher1-8/+0
metze (This used to be commit 39dc94b219355ba774b309e26f1d93070d9d080b)
2007-10-10r19699: - use better names for the site stringsStefan Metzmacher1-8/+8
- use the client_site when creating the server object metze (This used to be commit b02d0e1be343c7d609715237dc842702b6fbe231)
2007-10-10r17824: add a wrapper for the common partitions_basedn calculationAndrew Tridgell1-1/+3
(This used to be commit 09007b0907662a0d147e8eb21d5bdfc90dbffefc)
2007-10-10r17823: get rid of most of the samdb_base_dn() calls, as they are no longerAndrew Tridgell1-1/+1
needed in searches (This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
2007-10-10r17609: Kill one more use of the fake dnsDomain attribute.Andrew Bartlett1-4/+5
Add a talloc_steal to avoid a memory leak of the ldb_search result. Andrew Bartlett (This used to be commit 69525129f9d199b1d4caeb5d52c918fc0bc95737)
2007-10-10r17586: merge lib/netif into lib/socket and use -lnsl -lsocket on theStefan Metzmacher1-1/+1
configure check for the interfaces. should fix the build on some old sun boxes metze (This used to be commit f20e251bfd9f1eb7ce5c00739631b1625a2aa467)
2007-10-10r16232: Avoid searching on domainDns, as it is not an AD attribute in theAndrew Bartlett1-17/+50
official schema. Add baseDNs, so we search the correct partition. Andrew Bartlett (This used to be commit f47b7720a3a69f60e60b3671b621f49b0c444eec)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-0/+1
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r14439: fix warningsStefan Metzmacher1-4/+4
metze (This used to be commit 3b712b70f05f2c41ce3cdfc295488a189a971bce)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+3
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett1-4/+4
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12542: Move some more prototypes out to seperate headersJelmer Vernooij1-0/+2
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett1-1/+1
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)