summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_become_dc.c
AgeCommit message (Collapse)AuthorFilesLines
2009-11-12s4:vampire Print error message when we fail on the CLDAP pingAndrew Bartlett1-2/+7
Andrew Bartlett
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-02s4-libnet: give sane error messages when functional levels don't matchAndrew Tridgell1-8/+12
It is nice to tell the user why their command failed :-)
2009-10-02s4:libnet_become_dc - add checks for valid domain/forest function levelsMatthias Dieter Wallnöfer1-10/+52
Add checks to make sure that we join only supported AD domains (we agreed that those are >= (Windows) 2003 Native per default - this is changeable with the "ads:function level" option). Add also checks to make sure that we cannot join domains which have a bigger function level than our DC capable function level (e.g. a (Windows) 2008 DC cannot join a (Windows) 2008 R2 domain).
2009-09-24s4-libnet: allow the functional level of becomeDC to be specifiedAndrew Tridgell1-1/+2
Use ads:functional level = 4 for DS_DC_FUNCTION_2008_R2 See libds/common/flags.h
2009-09-21s4:libnet_become_dc - bump down the level requested by abartletMatthias Dieter Wallnöfer1-1/+1
2009-09-17s4:libnet_become_dc - Fix some uninitialised variablesMatthias Dieter Wallnöfer1-3/+3
2009-09-17s4/domain behaviour flags: Fix them up in various locationsMatthias Dieter Wallnöfer1-1/+1
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-09s4: allow repl:RODC=true/false to set ourselves as a RODCAndrew Tridgell1-2/+6
I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing.
2009-09-08s4: fixed updaterefs options bitmapAndrew Tridgell1-1/+1
2009-07-13libds: share UF_ flags between samba3 and 4.Günther Deschner1-1/+1
Guenther
2009-03-19s4:cldap: rewrite the cldap library based on tsocketStefan Metzmacher1-11/+13
metze
2009-02-02s4:cldap: s/private/private_dataStefan Metzmacher1-2/+2
metze
2008-12-23Fix compiler warnings in libnet.Jelmer Vernooij1-2/+2
2008-10-18s4-drsuapi: merge drsuapi_DsGetNCChanges from s3 drsuapi idl.Günther Deschner1-47/+49
Guenther
2008-10-18s4-drsuapi: merge drsuapi_DsAddEntry from s3 drsuapi idl.Günther Deschner1-19/+23
Guenther
2008-10-02The IRIX compiler does not like embedded unnamed unionsVolker Lendecke1-1/+1
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce1-42/+37
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-08-20drsuapi: fix samba4 callers after drsuapi.idl changesStefan Metzmacher1-6/+13
metze (This used to be commit 4b054cee51c39c5430bcadd5c06a94dc3e6b0d8f)
2008-08-07drsuapi: fix callers after idl changeStefan Metzmacher1-1/+1
metze (This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)
2008-07-23libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam1-1/+1
instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
2008-07-23libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 ↵Michael Adam1-10/+18
auth. This allows controlling whether krb5 auth is forced for the rpc bind in libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges only krb5 auth works due to a bug in Windows (it returns garbage - a positive object count is returned along with first object == NULL). For Windows 2008, on the other hand, krb5 auth does not work currently due to the lack of support for AES keys. (Metze is working on that.) Michael (This used to be commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3)
2008-07-23drsuapi: always set the pid field of the outgoing DsBindInfo to 0.Michael Adam1-6/+1
This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael (This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
2008-07-23libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
To work with w2k8. Michael (This used to be commit 7d80fab912576923c7474d77b8ed960b01296914)
2008-07-23libnet/become_dc: add a comment and explain why it's important to specify krb5Stefan Metzmacher1-0/+9
metze (This used to be commit 26d1f9366d8611af1a69095b4cede2d2c95c982d)
2008-07-22Change occurrences of the u1 member of DsBindInfo* to pid after idl change.Michael Adam1-3/+3
Michael (This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de)
2008-07-16drsuapi: make use of the 'more_data' field in DsGetNCChangesCtr[1|6]Stefan Metzmacher1-3/+7
metze (This used to be commit 35c7fa470a7433d081403b2b57a331c7dc287aef)
2008-07-16drsuapi: check ctr6->drs_errorStefan Metzmacher1-0/+6
metze (This used to be commit 511847f5f5015bcdef69e80b91cb08ffb1690e59)
2008-07-16drsuapi: get ctr6 out of xpress compressed levelStefan Metzmacher1-0/+5
metze (This used to be commit 4e0708148a121bd41a12abf6122d5d6f3f09667a)
2008-07-16libnet/become_dc: an unknown field in drsuapi.idl changed to object_flagsStefan Metzmacher1-1/+1
metze (This used to be commit a6198ab6cb829969b12068324d870966a6cfc029)
2008-07-16become_dc: we need to replicate using krb5 auth to work against w2kStefan Metzmacher1-2/+2
With NTLMSSP we just get strange responses with a random object count and a NULL object list. On the domain partition where we try to replicate the password fields. metze (This used to be commit ce12a9105113ad7cff96b7d553a8d69901c56de7)
2008-06-30drsuapi.idl: remove some unknows from DsGetNCChanges() (update samba4 callers)Stefan Metzmacher1-6/+6
metze (This used to be commit d41b3dd6ffc4fd894bc05798dbc2ff4b53933a06)
2008-05-16Rework the CLDAP and NBT netlogon requests and responses.Andrew Bartlett1-11/+13
This now matches section 7.3.3 of the MS-ATDS specification, and all our current tests pass against windows. There is still more testing to do, and the server implementation to complete. Andrew Bartlett (This used to be commit 431d0c03965cbee85691cd0dc1e2a509c1a2b717)
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-1/+1
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-02-21Remove more global_loadparm instance.sJelmer Vernooij1-1/+2
(This used to be commit a1280252ce924df69d911e597b7f65d8038abef9)
2008-02-09Remove the forced 'krb5' from the NET-API-BECOME-DC test.Andrew Bartlett1-2/+2
If we want to try this authenication mechanism, we can always manually specify the binding string. Andrew Bartlett (This used to be commit 191d56d41e5af34e78e1ad711fb1c63c189f0b48)
2008-01-23Fix segfaults in codepaths only tested by the NET-API-BECOME-DC test.Andrew Bartlett1-12/+13
(I presume this has resulted from the global variable elimination) Perhaps the iconv handle argument to ndr_push_struct needs to be marked as 'not NULL' or similar? Andrew Bartlett (This used to be commit e8081333b8d43d96974c9e06a26aaa25dd34da56)
2008-01-05r26669: Janitorial: Remove uses of global_loadparm.Jelmer Vernooij1-3/+3
(This used to be commit 50c46160d997e0448f51ae09e0f3c79e8519fa41)
2008-01-01r26638: libndr: Require explicitly specifying iconv_convenience for ↵Jelmer Vernooij1-12/+12
ndr_struct_push_blob(). (This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
2007-12-21r26540: Revert my previous commit after concerns raised by Andrew.Jelmer Vernooij1-16/+16
(This used to be commit 6ac86f8be7d9a8c5ab396a93e6d1e6819e11f173)
2007-12-21r26539: Remove unnecessary statics.Jelmer Vernooij1-16/+16
(This used to be commit e53e79eebef3ece6978f0a2b4a1ee0a0814bb5d2)
2007-12-21r26328: remove more uses of global_loadparm.Jelmer Vernooij1-3/+3
(This used to be commit 40ae12c08647c47a9c504d39ee6f61c32b4e5748)
2007-12-21r26327: Explicit loadparm_context for RPC client functions.Jelmer Vernooij1-1/+2
(This used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)
2007-12-21r26277: Move loadparm context higher up the stack.Jelmer Vernooij1-1/+2
(This used to be commit 38fa08310ce573e9b46e76c840ddda6f18863573)
2007-12-21r26271: Remove some more uses of global_loadparm.Jelmer Vernooij1-0/+1
(This used to be commit e9875fcd56de0748ed78d7e3c9cdb4919cd96d3c)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25920: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers)Stefan Metzmacher1-34/+71
lib/messaging/ lib/registry/ lib/ldb-samba/ librpc/rpc/ auth/auth_winbind.c auth/gensec/ auth/kerberos/ dsdb/repl/ dsdb/samdb/ dsdb/schema/ torture/ cluster/ctdb/ kdc/ ntvfs/ipc/ torture/rap/ ntvfs/ utils/getntacl.c ntptr/ smb_server/ libcli/wrepl/ wrepl_server/ libcli/cldap/ libcli/dgram/ libcli/ldap/ libcli/raw/ libcli/nbt/ libnet/ winbind/ rpc_server/ metze (This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
2007-12-21r25803: Make our security descriptor acl manipulation methods more generic ↵Günther Deschner1-1/+1
so that we can add and delete ACEs for SACLs as well as for DACLs. Guenther (This used to be commit 947fff994181f0ae50ac76d09621ddd684873112)
2007-12-21r25607: Allow to set security descriptor type flags at creation time withGünther Deschner1-0/+1
security_descriptor_create(). Guenther (This used to be commit 7dd0d28d254f78891b0807492baafa188b42df16)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+1
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)