summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_passwd.c
AgeCommit message (Collapse)AuthorFilesLines
2009-06-18s4:libnet Allow 'net password change' to work on expired passwordsAndrew Bartlett1-1/+5
We need to pass down flags to the DCE/RPC layer to allow fallback to anonymous connections, as we can't log in with an expired password. The anonymous connection can then change the password with SAMR. Andrew Bartlett
2009-05-25fixed the client side password change codeAndrew Tridgell1-61/+25
The client side code was not falling back to older routines correctly as it didn't check for the operation range error appropriately. It also used the old rpc semantics.
2008-12-05s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.Günther Deschner1-2/+2
Guenther
2008-11-28s4-samr: fix samr passwdord_expired callers.Günther Deschner1-3/+2
Guenther
2008-11-10s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python)Günther Deschner1-1/+3
Guenther
2008-11-10s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)Günther Deschner1-3/+6
Guenther
2008-11-10s4-samr: merge samr_ChangePasswordUser3 from s3 idl.Günther Deschner1-0/+4
Guenther
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij1-1/+1
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-2/+2
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r22669: fix uninitialized element which was causing a crash with 'net ↵Stefan Metzmacher1-0/+1
password set' metze (This used to be commit 9bbe4733562a8fc6fe49377a47e482a14a6efc61)
2007-10-10r19934: - allow to pass a samr_UserInfo21 struct to be passed to ↵Stefan Metzmacher1-28/+48
libnet_SetPassword() - as the SetUserInfo2() levels 26/25 and 24/23 have the same encryption but 26 and 24 change only the password and 25 and 23 take a info21 and change the password, we now use 26 with fallback to 24 or 25 with fallback to 23. - use samr_SetUserInfo2() to match what w2k3 does (works also against nt4) - pass the info21 to libnet_SetPassword() to set acct_flags and full_name together with the password (to match what w2k3 does) metze (This used to be commit 1b86af32f3069cc75ae645698d3f92a0798e38f7)
2007-10-10r18609: error_string should not contain newlines.Günther Deschner1-24/+24
Guenther (This used to be commit 556666756418ad50c533199c736fe3696a7e20cb)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+0
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij1-2/+1
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r14058: Try to make the continuation on the list of password set mechs clearer.Andrew Bartlett1-2/+5
Andrew Bartlett (This used to be commit 0aa7160a66ee6951311fd7076faa2d27e25d620d)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r12858: This moves the libnet_LookupPdc code to use a GetDC request to findAndrew Bartlett1-4/+4
the remote server's name, or in the absence of a local nbt_server to communicate with (or without root access), a node status request. The result is that we are in a better position to use kerberos, as well as to remove the 'password server' mandatory parameter for the samsync and samdump commands. (I need this to put these into SWAT). The only problem I have is that I must create a messaging context, which requires a server ID. As a client process, I don't expect to get messages, but it is currently required for replies, so I generate a random() number. We probably need the servers to accept connections on streamed sockets too, for client-only tasks that want IRPC. Because I wanted to test this code, I have put the NET-API-* tests into our test scripts, to ensure they pass and keep passing. They are good frontends onto the libnet system, and I see no reason not to test them. In doing so the NET-API-RPCCONNECT test was simplified to take a binding string on the command line, removing duplicate code, and testing the combinations in the scripts instead. (I have done a bit of work on the list shares code in libnet_share.c to make it pass 'make test') In the future, I would like to extend the libcli/findds.c code (based off volker's winbind/wb_async_helpers.c, which is why it shows up a bit odd in the patch) to handle getting multiple name replies, sending a getdc request to each in turn. (posted to samba-technical for review, and I'll happily update with any comments) Andrew Bartlett (This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-0/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-1/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-6/+2
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r8235: fix the buildStefan Metzmacher1-1/+1
metze (This used to be commit 5933b00461e6e7c7f0ab60d61f9be215aa68c317)
2007-10-10r8232: remove samr_String and netr_String as they are the same as lsa_StringStefan Metzmacher1-3/+3
metze (This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
2007-10-10r8077: Propagate changes in rpc connect routine to functions using itRafal Szczesniak1-27/+27
(it's quite common). rafal (This used to be commit 798b00c24ae30a08ac81342d13130a6a2f9d3a08)
2007-10-10r7204: Also fall back to different password set methods on WRITE_FAULT, asAndrew Bartlett1-1/+1
NT4 apparently returns this. Andrew Bartlett (This used to be commit 06b1416c3162a525eac9626957dd3e4adf1d257e)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-2/+2
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5364: Rename string fields called 'domain' and 'name' to be 'domain_name'.Tim Potter1-1/+1
(This used to be commit 6749b9404d4e9876ecd964e038c608f05d2c0b69)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-1/+1
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4722: Start to add 'net join' to Samba4.Andrew Bartlett1-45/+1
Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2007-10-10r4721: Changes to libnet_passwd to take advantage of the new easier to callAndrew Bartlett1-198/+223
RPC client libs, and to make the fallback between the various SAMR levels easier to manage. I'm starting to enjoy the structure that libnet has actually, and I'm about to build 'net join' on that basis (and I didn't want to have to duplicate the password set code). Andrew Bartlett (This used to be commit f1dd179a50d2c9c81b90a621459c93b0d60e2609)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell1-3/+3
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r3724: Rename a number of structures, for better consistance between SAMR andAndrew Bartlett1-9/+9
NETLOGON. In particular, rename samr_Name to samr_String - given that many strings in this pipe are not 'names', the previous was just confusing. (I look forward to PIDL turning these into simple char * some day...). Also export out a few changes from testjoin.c to allow for how I have written the new RPC-SAMSYNC test. Andrew Bartlett (This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
2007-10-10r3478: split out some more pieces of includes.hAndrew Tridgell1-0/+1
(This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
2007-10-10r3462: separate out the crypto includesAndrew Tridgell1-0/+1
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
2007-10-10r3428: switched to using minimal includes for the auto-generated RPC code.Andrew Tridgell1-0/+1
The thing that finally convinced me that minimal includes was worth pursuing for rpc was a compiler (tcc) that failed to build Samba due to reaching internal limits of the size of include files. Also the fact that includes.h.gch was 16MB, which really seems excessive. This patch brings it back to 12M, which is still too large, but better. Note that this patch speeds up compile times for both the pch and non-pch case. This change also includes the addition iof a "depends()" option in our IDL files, allowing you to specify that one IDL file depends on another. This capability was needed for the auto-includes generation. (This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
2007-10-10r2545: str_charnum -> strlen_m.Andrew Bartlett1-1/+1
These two functions do exactly the same thing, I'll be removing str_charnum shortly. Andrew Bartlett (This used to be commit 5eaa4c97488671a0b7ff539d4d392cbaa29fa489)
2007-10-10r2458: Rename policy handle parameters for the SAMR pipe. Parameters nowTim Potter1-10/+10
have the handle type implied by the parameter name. There are four types of handle: connect, domain, user and group handles. The various samr_Connect functions return a connect handle, and the samr_OpenFoo functions return a foo handle. There is one exception - the samr_{Get,Set}Security function can take any type of handle. Fix up all C callers. (This used to be commit 32f0f3154a8eb63de83145cbc8806b8906ccdc3e)
2007-10-10r2346: fix some minor stuffStefan Metzmacher1-1/+1
metze (This used to be commit 56e21d0ce29b13808bbbd2a6c0464948886d317d)
2007-10-10r2064: fix some error casesStefan Metzmacher1-1/+36
metze (This used to be commit 85ba7b4d60be3f771364aebc9c803da26d2c090b)
2007-10-10r2021: add password change fallback to SetUserInfo level 25,24,23Stefan Metzmacher1-0/+130
metze (This used to be commit d31405ff2f379e9627cc9ee3acaf61e2ccc0f6e4)
2007-10-10r1952: change the _RPC levels into _SAMRStefan Metzmacher1-96/+130
because we may have other rpc levels in future add more comments about what's going on check the rsult of samr_OpenUser metze (This used to be commit 741f95909b42eb55a251e5de991e5b3185714e3e)
2007-10-10r1950: implement libnet_SetPassword_rpc()Stefan Metzmacher1-2/+207
this currently tries only SetUserInfo26 the fallback is not yet done metze (This used to be commit af6b5673b05e7fc1c876a248f99bc71faeec9538)
2007-10-10r1947: fix cup & paste errorsStefan Metzmacher1-14/+18
metze (This used to be commit 1c72f30650655b03fb04a34188a959dfe917b5ec)
2007-10-10r1928: give up on NT_STATUS_PASSWORD_RESTRICTIONStefan Metzmacher1-0/+3
(NOTE: this code pass isn't called yet, because pidl mixes the NTSTATUS of transport and request layer, and will be fixed soon) metze (This used to be commit 84c06d9ab0366772f71be088c53da9618e2555fe)
2007-10-10r1926: fallback to other SAMR ChangePasswordUser levelsStefan Metzmacher1-5/+121
1. ChangePasswordUser3 2. ChangePasswordUser2 3. OemChangePasswordUser2 4. ChangePasswordUser (not implemented complete) metze (This used to be commit eb93d38de0dab0d0ad5adf8cfb69623bc35e942a)
2007-10-10r1919: paasword change basicly works now:-)Stefan Metzmacher1-5/+5
but we need to find the real pdc for the users domain and fallback to other levels metze (This used to be commit f1b9c1f3dd0fb927c065541da900ae43e0018a62)