summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_become_dc.c
AgeCommit message (Collapse)AuthorFilesLines
2010-02-26s4:libnet: use a connected CLDAP socket.Stefan Metzmacher1-3/+15
This is needed because we don't (want) to specify an explicit local address. And the socket family (ipv4 vs. ipv6) needs to be autodetected based on the remote address before the socket() syscall. Otherwise we would try to connect to a ipv4 address through an ipv6only socket. metze
2010-02-17s4/rodc: change the libnet_become_dc code to do RODC joinAnatoliy Atanasov1-5/+54
2010-02-05s4/drs: propagate DRS_ extension flags in code baseKamen Mazdrashki1-1/+1
2010-01-18idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell1-18/+18
The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
2010-01-14s4-torture: switch to generic DRS options flagsAndrew Tridgell1-3/+2
2010-01-09s4-libnet: dsdb_wellknown_dn() in vampire codeAndrew Tridgell1-60/+17
2009-12-11s4:libnet/libnet_become_dc - Fix a small glitch in ↵Matthias Dieter Wallnöfer1-4/+1
"becomeDC_drsuapi1_add_entry_send" We shouldn't use the now uninitialised "status" variable anymore.
2009-12-10s4-libnet: use GUID_to_ndr_blob()Andrew Tridgell1-3/+3
2009-11-24s4:libnet_become_dc - fix typoMatthias Dieter Wallnöfer1-1/+1
2009-11-12s4:vampire Print error message when we fail on the CLDAP pingAndrew Bartlett1-2/+7
Andrew Bartlett
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-02s4-libnet: give sane error messages when functional levels don't matchAndrew Tridgell1-8/+12
It is nice to tell the user why their command failed :-)
2009-10-02s4:libnet_become_dc - add checks for valid domain/forest function levelsMatthias Dieter Wallnöfer1-10/+52
Add checks to make sure that we join only supported AD domains (we agreed that those are >= (Windows) 2003 Native per default - this is changeable with the "ads:function level" option). Add also checks to make sure that we cannot join domains which have a bigger function level than our DC capable function level (e.g. a (Windows) 2008 DC cannot join a (Windows) 2008 R2 domain).
2009-09-24s4-libnet: allow the functional level of becomeDC to be specifiedAndrew Tridgell1-1/+2
Use ads:functional level = 4 for DS_DC_FUNCTION_2008_R2 See libds/common/flags.h
2009-09-21s4:libnet_become_dc - bump down the level requested by abartletMatthias Dieter Wallnöfer1-1/+1
2009-09-17s4:libnet_become_dc - Fix some uninitialised variablesMatthias Dieter Wallnöfer1-3/+3
2009-09-17s4/domain behaviour flags: Fix them up in various locationsMatthias Dieter Wallnöfer1-1/+1
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-09s4: allow repl:RODC=true/false to set ourselves as a RODCAndrew Tridgell1-2/+6
I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing.
2009-09-08s4: fixed updaterefs options bitmapAndrew Tridgell1-1/+1
2009-07-13libds: share UF_ flags between samba3 and 4.Günther Deschner1-1/+1
Guenther
2009-03-19s4:cldap: rewrite the cldap library based on tsocketStefan Metzmacher1-11/+13
metze
2009-02-02s4:cldap: s/private/private_dataStefan Metzmacher1-2/+2
metze
2008-12-23Fix compiler warnings in libnet.Jelmer Vernooij1-2/+2
2008-10-18s4-drsuapi: merge drsuapi_DsGetNCChanges from s3 drsuapi idl.Günther Deschner1-47/+49
Guenther
2008-10-18s4-drsuapi: merge drsuapi_DsAddEntry from s3 drsuapi idl.Günther Deschner1-19/+23
Guenther
2008-10-02The IRIX compiler does not like embedded unnamed unionsVolker Lendecke1-1/+1
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce1-42/+37
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-08-20drsuapi: fix samba4 callers after drsuapi.idl changesStefan Metzmacher1-6/+13
metze (This used to be commit 4b054cee51c39c5430bcadd5c06a94dc3e6b0d8f)
2008-08-07drsuapi: fix callers after idl changeStefan Metzmacher1-1/+1
metze (This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)
2008-07-23libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam1-1/+1
instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
2008-07-23libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 ↵Michael Adam1-10/+18
auth. This allows controlling whether krb5 auth is forced for the rpc bind in libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges only krb5 auth works due to a bug in Windows (it returns garbage - a positive object count is returned along with first object == NULL). For Windows 2008, on the other hand, krb5 auth does not work currently due to the lack of support for AES keys. (Metze is working on that.) Michael (This used to be commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3)
2008-07-23drsuapi: always set the pid field of the outgoing DsBindInfo to 0.Michael Adam1-6/+1
This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael (This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
2008-07-23libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam1-0/+9
To work with w2k8. Michael (This used to be commit 7d80fab912576923c7474d77b8ed960b01296914)
2008-07-23libnet/become_dc: add a comment and explain why it's important to specify krb5Stefan Metzmacher1-0/+9
metze (This used to be commit 26d1f9366d8611af1a69095b4cede2d2c95c982d)
2008-07-22Change occurrences of the u1 member of DsBindInfo* to pid after idl change.Michael Adam1-3/+3
Michael (This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de)
2008-07-16drsuapi: make use of the 'more_data' field in DsGetNCChangesCtr[1|6]Stefan Metzmacher1-3/+7
metze (This used to be commit 35c7fa470a7433d081403b2b57a331c7dc287aef)
2008-07-16drsuapi: check ctr6->drs_errorStefan Metzmacher1-0/+6
metze (This used to be commit 511847f5f5015bcdef69e80b91cb08ffb1690e59)
2008-07-16drsuapi: get ctr6 out of xpress compressed levelStefan Metzmacher1-0/+5
metze (This used to be commit 4e0708148a121bd41a12abf6122d5d6f3f09667a)
2008-07-16libnet/become_dc: an unknown field in drsuapi.idl changed to object_flagsStefan Metzmacher1-1/+1
metze (This used to be commit a6198ab6cb829969b12068324d870966a6cfc029)
2008-07-16become_dc: we need to replicate using krb5 auth to work against w2kStefan Metzmacher1-2/+2
With NTLMSSP we just get strange responses with a random object count and a NULL object list. On the domain partition where we try to replicate the password fields. metze (This used to be commit ce12a9105113ad7cff96b7d553a8d69901c56de7)
2008-06-30drsuapi.idl: remove some unknows from DsGetNCChanges() (update samba4 callers)Stefan Metzmacher1-6/+6
metze (This used to be commit d41b3dd6ffc4fd894bc05798dbc2ff4b53933a06)
2008-05-16Rework the CLDAP and NBT netlogon requests and responses.Andrew Bartlett1-11/+13
This now matches section 7.3.3 of the MS-ATDS specification, and all our current tests pass against windows. There is still more testing to do, and the server implementation to complete. Andrew Bartlett (This used to be commit 431d0c03965cbee85691cd0dc1e2a509c1a2b717)
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-1/+1
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-02-21Remove more global_loadparm instance.sJelmer Vernooij1-1/+2
(This used to be commit a1280252ce924df69d911e597b7f65d8038abef9)
2008-02-09Remove the forced 'krb5' from the NET-API-BECOME-DC test.Andrew Bartlett1-2/+2
If we want to try this authenication mechanism, we can always manually specify the binding string. Andrew Bartlett (This used to be commit 191d56d41e5af34e78e1ad711fb1c63c189f0b48)
2008-01-23Fix segfaults in codepaths only tested by the NET-API-BECOME-DC test.Andrew Bartlett1-12/+13
(I presume this has resulted from the global variable elimination) Perhaps the iconv handle argument to ndr_push_struct needs to be marked as 'not NULL' or similar? Andrew Bartlett (This used to be commit e8081333b8d43d96974c9e06a26aaa25dd34da56)
2008-01-05r26669: Janitorial: Remove uses of global_loadparm.Jelmer Vernooij1-3/+3
(This used to be commit 50c46160d997e0448f51ae09e0f3c79e8519fa41)
2008-01-01r26638: libndr: Require explicitly specifying iconv_convenience for ↵Jelmer Vernooij1-12/+12
ndr_struct_push_blob(). (This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
2007-12-21r26540: Revert my previous commit after concerns raised by Andrew.Jelmer Vernooij1-16/+16
(This used to be commit 6ac86f8be7d9a8c5ab396a93e6d1e6819e11f173)
2007-12-21r26539: Remove unnecessary statics.Jelmer Vernooij1-16/+16
(This used to be commit e53e79eebef3ece6978f0a2b4a1ee0a0814bb5d2)