summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_vampire.c
AgeCommit message (Collapse)AuthorFilesLines
2009-09-20s4:provision Use code to store domain join in 'net join' as wellAndrew Bartlett1-18/+31
This ensures we only have one codepath to store the secret, and therefore that we have a single choke point for setting the saltPrincipal, which we were previously skipping. Andrew Bartlett
2009-09-15s4-libnet: use updated dsdb commit functionAndrew Tridgell1-2/+4
2009-09-10s4/vampire: fixed i/j index mixup in vampire codeAndrew Tridgell1-3/+3
2009-09-03show more reasonable object counts during a vampireAndrew Tridgell1-4/+18
We now show the total number of objects we have processed, which gives the user a better idea of how much has been done. A vampire on a large domain can take an hour or more (which needs to be fixed btw, it is a problem with the lack of scalability of the ltdb index code). Watching the same msg for an hour makes you wonder if any progress is being made!
2009-09-02wrap the entire vampire operation in a transactionAndrew Tridgell1-13/+24
We want to grab the whole database, or none of it. This is also needed to get linked attributes right
2009-07-02the settings structure needs to be initialisedAndrew Tridgell1-0/+1
2009-04-02major upgrade to the ldb attribute handlingAndrew Tridgell1-1/+1
This is all working towards supporting the full WSPP schema without a major performance penalty. We now use binary searches when looking up classes and attributes. We also avoid the loop loading the attributes into ldb, by adding a hook to override the ldb attribute search function in a module. The attributes can thus be loaded once, and then saved as part of the global schema. Also added support for a few more key attribute syntaxes, as needed for the full schema.
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher1-1/+1
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij1-1/+1
2008-07-16drsuapi: print out the number of linked attribute values we gotStefan Metzmacher1-16/+27
metze (This used to be commit 34f8b2abdd546f6b60ddae2ad839119f211c995c)
2008-07-16drsuapi: make use of the 'more_data' field in DsGetNCChangesCtr[1|6]Stefan Metzmacher1-1/+1
metze (This used to be commit 35c7fa470a7433d081403b2b57a331c7dc287aef)
2008-07-16drsuapi: total_object_count was the wrong guessStefan Metzmacher1-13/+10
The total_object_count member of DsGetNCChangesCtr[1|6] was wrong it's the error code of an extended operation. DsGetNCChangesCtr6 has a nc_object_count value which contains the estimated amount of objects in the naming_context. W2k seems to have a bug and sends this number of objects in the extended_ret field. Maybe it's just a bug and not a feature:-) metze (This used to be commit 67931092128ce89aadf689a54e20d6e4a9d7fe2c)
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-3/+4
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-04-14Ensure we initialise s->lp_ctx for the way into the provision.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit b191a1953c24545e9dc1869fc33cb29343d4e3f2)
2008-04-11Use the python-provided ldb and lp_ctx pointers in libnet_vampire.cAndrew Bartlett1-29/+6
By using the already open smb.conf and sam.ldb, we not only avoid overhead, but also remove the risk we could touch a different database. Andrew Bartlett (This used to be commit 38634183a074556c8dfdcb6affc60f4bcc15a3f0)
2008-04-09Link the new vampire code togeather.Andrew Bartlett1-12/+38
This adds in the newly attached secrets handling, as well as an interface to the command line 'net' tool. Andrew Bartlett (This used to be commit 1282e3c39479aa580124206814b493370d10690a)
2008-04-09Start implementation of real 'net vampire' code.Andrew Bartlett1-318/+625
This will use DRS Replication (metze's thesis work) and possibly samsync, and will work outside the smbtorture process. Andrew Bartlett (This used to be commit 02a33165ca700f71cf09680ded35c87aa2e88552)
2008-01-05r26669: Janitorial: Remove uses of global_loadparm.Jelmer Vernooij1-1/+1
(This used to be commit 50c46160d997e0448f51ae09e0f3c79e8519fa41)
2008-01-01r26639: librpc: Pass iconv convenience on from RPC connection to NDR ↵Jelmer Vernooij1-1/+1
library, so it can be overridden by OpenChange. (This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
2007-12-21r26430: require explicit specification of loadparm context.Jelmer Vernooij1-1/+1
(This used to be commit 1b947fe0e6e16318e5a8127bb4932d6b5d20bcf6)
2007-12-21r26328: remove more uses of global_loadparm.Jelmer Vernooij1-1/+1
(This used to be commit 40ae12c08647c47a9c504d39ee6f61c32b4e5748)
2007-12-21r26327: Explicit loadparm_context for RPC client functions.Jelmer Vernooij1-1/+1
(This used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)
2007-12-21r26231: Spell check: credentails -> credentials.Jelmer Vernooij1-1/+1
(This used to be commit 4b46888bd0195ab12190f76868719fc018baafd6)
2007-12-21r25920: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers)Stefan Metzmacher1-4/+4
lib/messaging/ lib/registry/ lib/ldb-samba/ librpc/rpc/ auth/auth_winbind.c auth/gensec/ auth/kerberos/ dsdb/repl/ dsdb/samdb/ dsdb/schema/ torture/ cluster/ctdb/ kdc/ ntvfs/ipc/ torture/rap/ ntvfs/ utils/getntacl.c ntptr/ smb_server/ libcli/wrepl/ wrepl_server/ libcli/cldap/ libcli/dgram/ libcli/ldap/ libcli/raw/ libcli/nbt/ libnet/ winbind/ rpc_server/ metze (This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
2007-12-21r25823: remove unneeded nesting by using error and out logicStefan Metzmacher1-21/+21
metze (This used to be commit 86db839382a6cf92e659abb9e8e51ef828e1e422)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-2/+2
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-1/+2
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-2/+2
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r21300: let the caller decide if it wants rid decrypted hashes or notStefan Metzmacher1-3/+8
metze (This used to be commit 8711d01ffd080c43512b88b995daf2d6b7c06ba1)
2007-10-10r21255: Add a debugging option to avoid rid decryption in the samsync output.Andrew Bartlett1-12/+22
Andrew Bartlett (This used to be commit 9e15a51579157405b2013b9b948d279fefd0eda6)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-0/+1
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19261: Fix use of unitialised variables. (The binding string is used, if notAndrew Bartlett1-1/+2
NULL). This showed up in a manual pre-TP3 test of the 'net samdump' code, and shows the critical need for the windows testing infrustructure on the build farm. Andrew Bartlett (This used to be commit 9cef40779ad987b506b1f514a67b5b1c8aea9969)
2007-10-10r18609: error_string should not contain newlines.Günther Deschner1-2/+1
Guenther (This used to be commit 556666756418ad50c533199c736fe3696a7e20cb)
2007-10-10r15489: Typo fixes.Rafal Szczesniak1-2/+2
rafal (This used to be commit 221907fc0d0141c6c73f10f2dc829879205b9bcb)
2007-10-10r15435: Turn libnet_RpcConnectDCInfo into another level of libnet_RpcConnectRafal Szczesniak1-6/+7
and make it async. Also, update any other usages of old function. Build goes fine and so do tests, comments to follow. rafal (This used to be commit aef0a2de9d2f01a6f619e3fccc8715288f5c37a3)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-0/+1
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij1-2/+1
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13903: Don't generate prototypes for modules and binaries in include/proto.h byJelmer Vernooij1-0/+1
default. (This used to be commit c80a8f1102caf744b66c13bebde38fba74983dc4)
2007-10-10r12926: Syncronsise GUIDs on users and domains from the server. These alsoAndrew Bartlett1-5/+16
appear in DNS, so need to match. Andrew Bartlett (This used to be commit d092b0493d7c61112ef132c8fb259c15f189c5f6)
2007-10-10r12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect toAndrew Bartlett1-9/+34
the remote sever, and to query it for domain information. Provide and use this information in the SamSync/Vampire callbacks, to allow a parallel connection to LDAP, if we are talking to AD. This allows us to get at some important attributes not exposed in the old protocol. With this, we are able to do a all-GUI vampire of a AD domain from SWAT, including getting all the SIDs, servicePrincipalNames and the like correct. Andrew Bartlett (This used to be commit 918358cee0b4a1b2c9bc9e68d9d53428a634281e)
2007-10-10r12872: Add some more detail to debug message.Andrew Bartlett1-3/+9
Andrew Bartlett (This used to be commit cefba10bd5ed1f6d10a071e4239088d91f661a36)
2007-10-10r12865: Upgrade the librpc and libnet code.Andrew Bartlett1-37/+79
In librpc, always try SMB level authentication, even if trying schannel, but allow fallback to anonymous. This should better function with servers that set restrict anonymous. There are too many parts of Samba that get, parse and modify the binding parameters. Avoid the extra work, and add a binding element to the struct dcerpc_pipe The libnet vampire code has been refactored, to reduce extra layers and to better conform with the standard argument pattern. Also, take advantage of the new libnet_Lookup code, so we don't require the silly 'password server' smb.conf parameter. To better support forcing traffic to be sealed for the vampire operation, the dcerpc_bind_auth() function now takes an auth level parameter. Andrew Bartlett (This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
2007-10-10r12858: This moves the libnet_LookupPdc code to use a GetDC request to findAndrew Bartlett1-1/+1
the remote server's name, or in the absence of a local nbt_server to communicate with (or without root access), a node status request. The result is that we are in a better position to use kerberos, as well as to remove the 'password server' mandatory parameter for the samsync and samdump commands. (I need this to put these into SWAT). The only problem I have is that I must create a messaging context, which requires a server ID. As a client process, I don't expect to get messages, but it is currently required for replies, so I generate a random() number. We probably need the servers to accept connections on streamed sockets too, for client-only tasks that want IRPC. Because I wanted to test this code, I have put the NET-API-* tests into our test scripts, to ensure they pass and keep passing. They are good frontends onto the libnet system, and I see no reason not to test them. In doing so the NET-API-RPCCONNECT test was simplified to take a binding string on the command line, removing duplicate code, and testing the combinations in the scripts instead. (I have done a bit of work on the list shares code in libnet_share.c to make it pass 'make test') In the future, I would like to extend the libcli/findds.c code (based off volker's winbind/wb_async_helpers.c, which is why it shows up a bit odd in the patch) to handle getting multiple name replies, sending a getdc request to each in turn. (posted to samba-technical for review, and I'll happily update with any comments) Andrew Bartlett (This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-2/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-2/+1
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)