| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Andrew Bartlett
(This used to be commit 379bcf7061d08b005008204cee4a9d65aae9541b)
|
|
what WinXP does when joining an AD domain, but in the meantime this
removes the excess unions, and uses the LSA pipe in same way XP does.
Andrew Bartlett
(This used to be commit d2789c426090c325f6535cdce380ac0f4e22c3c7)
|
|
into LDB are actually quite easy.
This brings us the users, and sets basic domain information.
You are expected to have provisioned with the settings for the target
domain, and have joined the domain as a BDC. Then simply 'net
samsync'.
Now we just need to flesh out the delta types.
Andrew Bartlett
(This used to be commit 1e0f7792bb29b17c23197a5e42ee8cabb0cf17d0)
|
|
Work on the talloc memory tree, as I think talloc_reference and other
things were biting me.
Crush unions in the name of code reform. ;-)
Andrew Bartlett
(This used to be commit 2eadcf46699f1cc7adb2066e17096f70c7b73998)
|
|
It's more like a placeholder now, than a working code. Just don't
want to hang it around my laptop only.
rafal
(This used to be commit bee1c9ec2dea4cad703386af35470c7d74cef4b0)
|
|
LOGON_INFO
LOGON_NAME
SRV_CHECKSUM
KDC_CHECKSUM
- w2k3 also don't use the groupmembership array with rids
it uses the othersids array
metze
(This used to be commit 2286fad27d749ebba14f5448f1f635bb36750c9c)
|
|
memory checks
- move to handmodified pull/push code for PAC_BUFFER
to get the _ndr_size field and the subcontext size right
- after looking closely to the sample w2k3 PAC in our torture test (and some more in my archive)
I found out that the first uint32 before the netr_SamInfo3 was also a pointer,
(and we passed a NULL pointer there before, so I think that was the reason why the windows clients doesn't want our PAC)
w2k3 uses this for unique pointers:
ptr = ndr->ptr_count * 4;
ptr |= 0x00020000;
ndr->ptr_count;
- do one more pull/push round with the sample PAC
metze
(This used to be commit 0eee17941595e9842a264bf89ac73ca66cea7ed5)
|
|
rafal
(This used to be commit 9f0dfafcdeceb23c19686d2163e6ff6e613bd067)
|
|
rafal
(This used to be commit 34592b6a92591122180649de251f2ddc181fe382)
|
|
- the out subcontext's need to have a fixed size of r->in.offered,
to make windows clients happy
metze
(This used to be commit 054e1ca434b2f81de199eeb41cb6233524fc5779)
|
|
rafal
(This used to be commit 6886aefe4c78e3e208eacb3c4b76f1189bd1352a)
|
|
(This used to be commit 31e7df1392f39e170e3d072b8356e746208d0621)
|
|
rafal
(This used to be commit 12b468417da04a2b7ddcacdf224ed7d055f0d3d9)
|
|
- this is an abstraction layer for print services,
like out NTVFS subsystem for file services
- all protocol specific details are still in rpc_server/spoolss/
- like the stupid in and out Buffer handling
- checking of the r->in.server_name
- ...
- this subsystem can have multiple implementation
selected by the "ntptr providor" global-section parameter
- I currently added a "simple_ldb" backend,
that stores Printers, Forms, Ports, Monitors, ...
in the spoolss.db, and does no real printing
this backend is basicly for testing, how the spoolss protocol
works
- the interface is just a prototype and will be changed a bit
the next days or weeks, till the simple_ldb backend can
handle all calls that are used by normal w2k3/xp clients
- I'll also make the api async, as the ntvfs api
this will make things like the RemoteFindFirstPrinterChangeNotifyEx(),
that opens a connection back to the client, easier to implement,
as we should not block the whole smbd for that
- the idea is to later implement a "unix" backend
that works like the current samba3 code
- and maybe some embedded print server vendors can write there own
backend that can directly talk to a printer without having cups or something like this
- the default settings are (it currently makes no sense to change them :-):
ntptr providor = simple_ldb
spoolss database = $private_dir/spoolss.db
metze
(This used to be commit 455b5536d41bc31ebef8290812f45d4a38afa8e9)
|
|
- hooked into events system, so requests can be truly async and won't
interfere with other processing happening at the same time
- uses NTSTATUS codes for errors (previously errors were mostly
ignored). In a similar fashion to the DOS error handling, I have
reserved a range of the NTSTATUS code 32 bit space for LDAP error
codes, so a function can return a LDAP error code in a NTSTATUS
- much cleaner packet handling
(This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
|
|
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
|
|
This makes more clear where the functions belong to. Also
the rule will be that lowercased function names are not
part of "official" libnet API (though it doesn't mean one
absolutely cannot use them).
rafal
(This used to be commit f6ef7b882acc6ee07422944a417a8d9013c9d8d2)
|
|
it based on composite functions. Moving to fully async CreateUser
on the way...
rafal
(This used to be commit 240409bc3cfa1426db15fc0537fcf0841f51ede0)
|
|
metze
(This used to be commit 73d597bacf83492ed3da2307dd6785548b903b39)
|
|
(This used to be commit 54ff16b9a198237999cedd973cced70a62f03418)
|
|
rafal
(This used to be commit be3b283b20af0b17d8c9711f362b63b881ffbc1c)
|
|
included Heimdal) to Samba4.
Andrew Bartlett
(This used to be commit 51ba3ea60c265b837821b6c3e031dfe229c10d6a)
|
|
metze
(This used to be commit e9f30ad69800a9858676c467f7f12aceff693358)
|
|
in esp scripts
lpGet takes 4 forms
v = lpGet("type:parm"); gets a parametric variable
v = lpGet("share", "type:parm"); gets a parametric variable on a share
v = lpGet("parm"); gets a global variable
v = lpGet("share", "parm"); gets a share variable
in all cases a ejs object of the appropriate type for the variable is returned.
This commit also adds the function typeof() which returns the type of an object
(This used to be commit 5537a0d38d4805cbc2dad0d6f76db15173b1fd60)
|
|
This includes an embedded server side scripting system called 'esp'
(see http://www.appwebserver.org/products/esp/esp.html) and javascript
based scripting language called 'esj' (see
http://www.appwebserver.org/products/ejs/ejs.html)
The justification for including this scripting language is that it
should make it much easier to write a high quality web interface for
Samba4. The scripting language can call into any Samba4 library code
(so for example it will be able to make ldb and loadparm calls), plus
it provides easy support for forms, cookies, sessions etc.
There is still quite a bit more work to do on the web server, but
there is enough here now for people to look at and comment. I will be
committing some sample web pages that test esp functionality shortly.
(This used to be commit 26f0ba92c0c565ac9e4cb5a079d795d4262497dd)
|
|
Original patch provided by Gregory Leocadie <gleocadie@idealx.com>
rafal
(This used to be commit eb83a8210a939a0512f505a283148898ba6eceb1)
|
|
Finally remove the distinction between 'krb5' and 'ms_krb5'. We now
don't do kerberos stuff twice on failure. The solution to this is
slightly more general than perhaps was really required (as this is a
special case), but it works, and I'm happy with the cleanup I achived
in the process. All modules have been updated to supply a
NULL-terminated list of OIDs.
In that process, SPNEGO code has been generalised, as I realised that
two of the functions should have been identical in behaviour.
Over in the actual modules, I have worked to remove the 'kinit' code
from gensec_krb5, and placed it in kerberos/kerberos_util.c.
The GSSAPI module has been extended to use this, so no longer requires
a manual kinit at the command line. It will soon loose the
requirement for a on-disk keytab too.
The general kerberos code has also been updated to move from
error_message() to our routine which gets the Heimdal error string
(which may be much more useful) when available.
Andrew Bartlett
(This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
|
|
support, and
filling in some of the returned parameters is quite rough, but it seems to work OK
(This used to be commit e564e3e596915414fad07c94f7ea8a0d9c3a1140)
|
|
(This used to be commit e51e0dffa8f8bff9bd1535751e805b548b6c6d7f)
|
|
rafal
(This used to be commit 3389cfb1354532aad4245b281a5637b58802a276)
|
|
This brings in a compatability layer for Samba3 in Samba4 - where we
will start to define file formats and similar details.
The 'net samdump' command uses 'password server = ' for now, and
performs a similar task to Samba3's 'net rpc samsync'.
Andrew Bartlett
(This used to be commit 550f17f9924fe783917318753de7d1a388423908)
|
|
We need to pass the 'secure channel type' to the NETLOGON layer, which
must match the account type.
(Yes, jelmer objects to this inclusion of the kitchen sink ;-)
Andrew Bartlett
(This used to be commit 8ee208a926d2b15fdc42753b1f9ee586564c6248)
|
|
Andrew Bartlett
(This used to be commit 106047032fe269f02c8ef71937e9d2e4ae0a4eb7)
|
|
with talloc() for the NTLMSSP system.
Andrew Bartlett
(This used to be commit 7a93ac49c28d433ccf0f077294f473fe728b9995)
|
|
want it to hang around not commited.
rafal
(This used to be commit 98d98b9bc7437e744e1e730fa8005b43fb1b672b)
|
|
rafal
(This used to be commit 3752122550dcdd1d954c602a28f4b6ad26fe3a0e)
|
|
- qfsinfo (query file system information)
- appendacl (append an ACL to existing file's security descriptor and get new
full ACL)
The second one also includes an improvement to security descriptor handling
which allows to copy security descriptor. Written by Peter Novodvorsky
<peter.novodvorsky@ru.ibm.com>
Both functions have corresponding torture tests added. Tested under valgrind and
work against Samba 4 and Windows XP.
ToDo: document composite call creation process in prog_guide.txt
(This used to be commit 441cff62ac75ed16851ce7b8daf9d03eb4c3ec79)
|
|
parsing incoming netlogon requests. No replies are sent yet.
(This used to be commit 3b34df6a674cd2aeddc354cdadae3f0e1c000d45)
|
|
(This used to be commit 47e1452da08d06b0b9f15545b3b2b0631f15bac2)
|
|
a handle as parameter,
EnumPorts
EnumPrinterDrivers
EnumMonitors
EnumPrintProcessors
EnumPrinters
we now do cross checks between the different info levels
and sore the results in a global context,
so that we later can add cross checks between the different object types
- add idl for EnumMonitors and EnumPrintProcessors
metze
(This used to be commit 92a3721bc7a28d521090b10eb3b1eed089036432)
|
|
metze
(This used to be commit 3e6ec811288d74921bf3e393213e75d928156772)
|
|
metze
(This used to be commit 1084ad4bfce6bc20537f5bfccb5a25b60f503b32)
|
|
in his comments to new rpc composite code.
rafal
(This used to be commit 1294db747e8c894d1c773b1fd028e7ae6deabc2c)
|
|
for the spoolss_Enum* functions
metze
(This used to be commit bfcc86e706cf32672323eda939e5def6694509a8)
|
|
wrepl_pull_names() functions, with reasonable
parameters, so callers don't need to deal directly with wins replication packet structures
- converted the NBT-WINSREPLICATION torture test to use the new APIs
(This used to be commit cec1672662b7e5b1bdf843e9dee317aa4b03f719)
|
|
- added a new IDL type "udlongr", which is like udlong, but with the
two uint32 halves reversed
- modified the winsrepl.idl to cope with a wider range of packets
(This used to be commit bc8d60c918f2e268d591aac464fc6a78c38a4cf9)
|
|
(This used to be commit 2899d289455d373409c2aadc3dbefd96ea1c91b8)
|
|
test, but doesn't yet
do secure server WACK responses
- added a ldap_string_to_time() function, for converting a LDAP
formatted time to a time_t
(This used to be commit 9aa3313b3f93e47e3f93028e072f6a23b3c22385)
|
|
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
|
|
(This used to be commit 826baec7b348814a7bbdcdbec8c8526514f25da1)
|
