Age | Commit message (Collapse) | Author | Files | Lines |
|
Andrew Bartlett
(This used to be commit 63eede2ad3f0238e1a925325c0be08d79f48c33b)
|
|
- Add more servicePrincipalNames
- Always add them, not just for BDC accounts, and not just the first
time the account is created (it might be an upgrade from an NT4
account).
This should fix us for being a domain member in ADS again.
(This used to be commit 3821821d4cb459edd331d40be8b84b3c82616a0a)
|
|
Win2k3 SP1.
Only a few operations are supported (LookupSids3 and LookupNames4),
and these are only supported under schannel. This appears to be the
operations Win2k3 SP1 uses to verify part of the PAC back to the
server.
The test is setup to pass, but not enforce (so far) this new
behaviour.
Andrew Bartlett
(This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
|
|
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
|
|
http://lists.samba.org/archive/samba-technical/2005-October/043443.html)
(This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
|
|
(This used to be commit a432ba105cbf2ea7b9010365c0a7d1dcc9ff5f7f)
|
|
(This used to be commit a14398715eceecf204caf815a8769ba8214d0576)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
ldap. Also ensure we put a objectclass on our private ldb's, so they
have some chance of being stored in ldap if you want to
(This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
|
|
authenticated session down into LDB. This associates a session info
structure with the open LDB, allowing a future ldb_ntacl module to
allow/deny operations on that basis.
Along the way, I cleaned up a few things, and added new helper functions
to assist. In particular the LSA pipe uses simpler queries for some of
the setup.
In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.
I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.
Andrew Bartlett
(This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
|
|
Andrew Bartlett
(This used to be commit 732b247a498e0b90b9f0c711baaac51ad6402496)
|
|
Also return an indication of if the join was of a new account, or
reworking an existing account.
Andrew Bartlett
(This used to be commit b6e4b36c4f1f90e42dd0543538956a1d89e3724b)
|
|
Also a bit of formatting.
rafal
(This used to be commit 1fefca2c172085d6bc05bfac1c10e52066e42606)
|
|
rafal
(This used to be commit 0e45dc3bac0e699b2da5b7f8df9d4bf7bd80a0f5)
|
|
rafal
(This used to be commit 426797f7b0d0321f6842db0b8d94c193726e8008)
|
|
then StaticLibrary()
(This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
|
|
Andrew Bartlett
(This used to be commit 640815008b78ca19a73beb523e6823dd61feffa5)
|
|
stuff.
- don't use SMBCLI_REQUEST_* state's in the genreic composite stuff
- move monitor_fn to libnet.
NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR
state in the _send() function. I haven't fixed this bugs in this
commit! We may need some composite_trigger_*() functions or so.
And maybe some other generic helper functions...
metze
(This used to be commit 4527815a0a9b96e460f301cb1f0c0b3964c166fc)
|
|
an ADS join, particularly as a DC. This represents the bulk of his
Google SOC work, and I'm very pleased to intergrate it into the tree.
(Metze will intergrate the DRSUAPI work later).
Both metze and myself have also put a lot of time into this patch, and
in mentoring Brad in general. In return, Brad has been a very good
student, and has taken the comments well.
Since it's last appearance on samba-technical@, I have made
correctness and valgrind fixups, as well as adding a new 'BINDING'
mode to the libnet_rpc routines. This allows the exact binding string
to be passed down from the torture code, including options and exact
target host.
Andrew Bartlett
(This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
|
|
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
|
|
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
|
|
(This used to be commit ce4902f8dea2b6f3568960278e08395ea3927146)
|
|
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m!
(This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
|
|
(This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00)
|
|
(This used to be commit 96298af202f994c3d5d0c7f5dacd1197a740f766)
|
|
Add ldb_dn_string_compose so that you can build a dn starting from a
struct ldb_dn base and a set of parameters to be composed in a format
string with the same syntax of printf
(This used to be commit 31c69d0655752cc8ea3bc5b7ea87792291302091)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
Found by coverity.
(This used to be commit bafd3afbef9b8d3a8baa55d4b31cc62bfeeed459)
|
|
rafal
(This used to be commit f0d51b78c040937bd27857c063fae215a3f0f465)
|
|
force_password_change datetime.
rafal
(This used to be commit dfa2cc6c4ed8273b1d3ee604954c81c75f0890bd)
|
|
SamSync and 'net join'.
Andrew Bartlett
(This used to be commit 257240b0e29da14f7a2e660182b367304a5fa530)
|
|
(This used to be commit 8d9c18a1b4cf31ebae1d0c84b00b4d781f55de66)
|
|
We now fill in the servicePrincipalName over LDAP, just like XP does,
and store the kvno in our local db.
Andrew Bartlett
(This used to be commit 5547c4e6f6a0c163aa38fa4d4ed8c627ae12bf80)
|
|
will use ldb to add servicePrincipalNames to this.
Andrew Bartlett
(This used to be commit c1f8cab3e3d3eaf4af372675656fe1a4da68a9f8)
|
|
rafal
(This used to be commit bbe7e726af8c61108a7bca1e10e9340bbe37f3ef)
|
|
alone in any of userinfo levels. What's needed is extra query step
to fill the userinfo structure and then modify a single field.
The other way to do it is userinfo level 21 with bitmap flags set,
but first all field flags need to be found.
rafal
(This used to be commit 59769977e8ebc54be7fa80f19638b634f52df515)
|
|
what WinXP does when joining an AD domain, but in the meantime this
removes the excess unions, and uses the LSA pipe in same way XP does.
Andrew Bartlett
(This used to be commit d2789c426090c325f6535cdce380ac0f4e22c3c7)
|
|
for noticing that.
rafal
(This used to be commit 109fc94c13ad04feaaa3f9c7666ad431b3255ae6)
|
|
rafal
(This used to be commit da7a31d7073d156ef5c593578a05fecf770ebc93)
|
|
text-based, after recent discussion with both Andrews :)
Basic test seems to work (at least it doesn't fail now).
rafal
(This used to be commit 1bc3162e9441aeae1d8c4b4f03b5b75eb848f4bf)
|
|
templating support for foreignSecurityPrincipals to the samdb module.
This is an extension beyond what microsoft does, and has been very
useful :-)
The setup scripts have been modified to use the new template, as has
the SAMR and LSA code.
Other cleanups in LSA remove the assumption that the short domain name
is the first component of the realm.
Also add a lot of useful debug messages, to make it clear how/why the
SamSync may have gone wrong. Many of these should perhaps be hooked
into an error string.
Andrew Bartlett
(This used to be commit 1f071b0609c5c83024db1d4a7d04334a932b8253)
|
|
rafal
(This used to be commit eaaefa374ce11ab5dc3738bea046d33ed879fc4c)
|
|
rafal
(This used to be commit 40061d7bd66be702d92c80da2c5f955b640eda22)
|
|
I need to take a grip over the ForiegnSecurityPrincipals, as the
SamSync currently fails on adding some aliases and privilages because
it can't find their entry.
Andrew Bartlett
(This used to be commit 533e44535392fdb292cfff3cdcda9c38ec329d01)
|
|
Andrew Bartlett
(This used to be commit bf594c1022f5ed59c06cb423411f94483b168cbb)
|
|
rafal
(This used to be commit 5be8479d5cf119bcda4046bf1c5d7c3b876e718d)
|
|
enum type has now been replaced with unsigned 32-bit field and
message data is passed as void pointer.
This allows various extension implementers to plug their monitor
messages in more easily.
rafal
(This used to be commit 4a6ab58133a59d3da3209b3e46c2a8cf848d25e7)
|
|
rafal
(This used to be commit 266aaacf0be955096d53e2a967bdaa5d0c5558ed)
|
|
into LDB are actually quite easy.
This brings us the users, and sets basic domain information.
You are expected to have provisioned with the settings for the target
domain, and have joined the domain as a BDC. Then simply 'net
samsync'.
Now we just need to flesh out the delta types.
Andrew Bartlett
(This used to be commit 1e0f7792bb29b17c23197a5e42ee8cabb0cf17d0)
|
|
Work on the talloc memory tree, as I think talloc_reference and other
things were biting me.
Crush unions in the name of code reform. ;-)
Andrew Bartlett
(This used to be commit 2eadcf46699f1cc7adb2066e17096f70c7b73998)
|