summaryrefslogtreecommitdiff
path: root/source4/librpc/idl/lsa.idl
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r18238: add SID_NAME_COMPUTER to the enum lsa_SidType typeGerald Carter1-1/+2
(This used to be commit ced2f9599446520229566e25a783101b19c64177)
2007-10-10r17987: Make the LSA pipe listen on the \pipe\netlogon interface.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 700e9c0ea40799a09db3fdeb4a0ff3a417a8718e)
2007-10-10r17956: LSA Cleanup!Andrew Bartlett1-19/+37
This commit cleans up a number of aspects of the LSA interface. Firstly, we do 2 simple searches on opening the LSA policy, to obtain the basic information we need. This also avoids us searching for dnsDomain (an invented attribute). While I was at it, I added and tested new LSA calls, including the enumTrustedDomainsEx call. I have also merged the identical structures lsa_DomainInformation and lsa_DomainList. Also in this commit: Fix netlogon use of uninitialised variables. Andrew Bartlett (This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa)
2007-10-10r15776: Don't generate ref pointers in Samba4-generated code. There is no pointJelmer Vernooij1-1/+2
in having pointers for outgoing data when you can already modify the top-level element. This can be overridden (temporarily) by specifying the new "keepref" attribute. Once we've removed keepref from all IDL files, I'll remove this attribute as well. (This used to be commit bdc6dd37503ced8322a671d225122ccffbb8bfec)
2007-10-10r12635: use the new [validate] value() checking to fix the string types forAndrew Tridgell1-11/+11
the LSA pipe. Strangely, windows is not consistent for the LookupSids call. Sometimes the name is terminated and sometimes not?! It might depend on the type of rid (alias, group etc) ? (This used to be commit c0b7e0619a153f1da0fa76f176335d1b2afa340b)
2007-10-10r11288: Fill out LSA LookupNames4 and LookupSids3, including a server-sideAndrew Bartlett1-1/+10
implementation. Andrew Bartlett (This used to be commit a6a615cc997cd3a71ea0d63994f6cd97096afc30)
2007-10-10r11104: Fix LOCAL-PAC testJelmer Vernooij1-1/+1
(This used to be commit 22d0e4a9bf853fe67c402ce3ba6d950e753ab4d2)
2007-10-10r11102: Remove unistr_notermJelmer Vernooij1-1/+1
(This used to be commit bb1ed44f45020f1e11d928f5130a889c11ee59c4)
2007-10-10r11100: Replace unistr with [string,charset(UTF16)]Jelmer Vernooij1-4/+4
(This used to be commit 48f45927ceb4f7d39c4cc47b3b843e43a53b7f2b)
2007-10-10r11096: Eliminate pointer_default_top()Jelmer Vernooij1-121/+120
(This used to be commit b773d848e854394f36351f97130a20a245367b2c)
2007-10-10r9888: add IDL for lsa_QueryDomainInformationPolicy to query Kerberos Settings.Günther Deschner1-2/+37
Guenther (This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
2007-10-10r9574: - made the sec_info fields in lsa and samr use a IDL bitmapAndrew Tridgell1-1/+3
- fixed winreg_GetKeySecurity() to use a sec_info field correctly - simplied the winreg torture code, removing the separate opens for each hive - added torture cleanup code in winreg test - added 'create with security descriptor' in the winreg torture test (This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
2007-10-10r8375: - move from netr_StringLarge to lsa_StringLargeStefan Metzmacher1-3/+15
- we need to use lsa_StringLarge in lsa_DnsDomainInfo, to make windows clients happy metze (This used to be commit 044d18f85f82b4ab5d71a6ae366052af0dbe8e7e)
2007-10-10r8256: - allow rpc calls from non-command line ejs contexts by creating a setAndrew Tridgell1-1/+1
of null credentials to use if cmdline_credentials is not setup - hide the length and size elements of a lsa_String from js scripts, so you can use a lsa_String just as an ordinary string without knowing its a structure. We won't do this with all structures, just a few core ones that are used often enough to warrant it. - make sure returned ldb arrays have a length property (This used to be commit 12d2092dd8668de41776132ccbcd634790c371a9)
2007-10-10r8232: remove samr_String and netr_String as they are the same as lsa_StringStefan Metzmacher1-7/+17
metze (This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
2007-10-10r7870: fixed the RPC-SCHANNEL test. It turned out it was my const changes, asAndrew Tridgell1-1/+1
they slightly changed the semantics of value() in pidl, which broke a optimisation hack in some of our IDL files. I've changed the idl files to remove the hack for now. Sometime we need to find a better way to handle these :-) (This used to be commit 765f75ea630b13b1605409ff47a52cc11a1e496b)
2007-10-10r7552: Use ParseExpr() for [value] attributes; allowsJelmer Vernooij1-2/+2
us somewhat cleaner IDL. (This used to be commit b7b01bccd101654d1f5ec83cba9dea7e9431d6ce)
2007-10-10r7394: rename LSA_TRUSTED_DOMAIN_INFO_5 to LSA_TRUSTED_DOMAIN_INFO_BASIC.Günther Deschner1-12/+12
Guenther (This used to be commit aec0d99da17fcb8abb9a2b0037b7412e83fd393e)
2007-10-10r7029: Make array support in pidl similar to that in other IDL compilers. We ↵Jelmer Vernooij1-13/+13
should now able to use constructions like these: [size_is(20)] int *x; -> Pointer to array of 20 ints [size_is(20)] int x[]; -> Array of 20 ints [size_is(20)] int *x[]; -> Array of 20 pointers to ints [size_is(20,)] int *x[] -> Array of 20 pointers to ints [size_is(,20)] int *x[]; -> Pointer to array of 20 ints [size_is(,20)] int **x; -> Pointer to pointer to array of 20 ints [size_is(20)] int x[][30]; -> 20 blocks of 30 ints (This used to be commit ecf583da71c2f80be124c17fccdcb284b47e0695)
2007-10-10r6973: Merge new version of pidl into the main SAMBA_4_0 branch.Jelmer Vernooij1-0/+1
The main difference in this new version is the extra data structure generated between the IDL data structure and the NDR parser: IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc } This makes the ndr_parser.pm internals much more sane. Other changes include: - Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags. - Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc.. - Use if() {} rather then if () goto foo; everywhere - NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC - By default, top level pointers are now "ref" (as is the default in most other IDL compilers). This can be overridden using the default_pointer_top() property. - initial work on new ethereal parser generators by Alan DeKok and me - pidl now writes errors in the standard format used by compilers, which is parsable by most editors - ability to warn about the fact that pidl extension(s) have been used, useful for making sure IDL files work with other IDL compilers. oh, and there's probably some other things I can't think of right now.. (This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2007-10-10r5672: Use switch_type() and the token storage mechanism for unions:Jelmer Vernooij1-2/+2
- Makes union handling less special - Allows unions in arrays, etc - Compatible with midl - Pidl will warn about switch_type() and the type of the switch_is() variable being different (This used to be commit dc6b4ffc82a191631bc16a4b93a4916a39183ec6)
2007-10-10r5661: Be a little stricter on syntax regarding arrays. A pointer to anJelmer Vernooij1-18/+18
array can now only be : type *name[]; rather then : type *name; which was supported in the past. Warnings will be given when the first syntax is used. Reasons for this change in behaviour include improved readability and the fact that the second format makes dealing with multiple levels of pointers harder. (This used to be commit a416de5825c540fd3741731c4be05e9a659a6fdb)
2007-10-10r5036: changed HYPER_T to the more standard "hyper"Andrew Tridgell1-2/+2
(This used to be commit 1d1a9c11ee681540ef8a1029409bb24fc26f976c)
2007-10-10r4768: Until I can prove it, we should not have these elements marked asAndrew Bartlett1-4/+4
size_is() base arrays. Andrew Bartlett (This used to be commit 3d3063b1f65efe3b9eb814f7425afa3278095a68)
2007-10-10r4720: Reformat, rename, and convert to enums parts of the LSA IDL ↵Andrew Bartlett1-45/+46
specification. Andrew Bartlett (This used to be commit d360f30948723687ec1504765e52db366f17cfa2)
2007-10-10r4708: Comparing with LDAP, it is clear that these 'flags' are in fact theAndrew Bartlett1-13/+13
POSIX offset for the trusted domain. Andrew Bartlett (This used to be commit cd9e795e4004e28dc0184b86f0c44431378fc3ff)
2007-10-10r4703: Add support for EnumTrustDomain, and expand the testsuite.Andrew Bartlett1-1/+4
Add my copyright to the SAMR server. Andrew Bartlett (This used to be commit 51e94fa26cc602ddca652776c213cd7096f9703a)
2007-10-10r4698: - Initial implementation of trusted domains in LSA.Andrew Bartlett1-1/+1
- Use templates for Secrets and the new trusted domains - Auto-add modifiedTime, createdTime and objectGUID to records in the samdb layer. Andrew Bartlett (This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett1-6/+6
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4673: Fix the IDL for the QuerySecret LSA call.Andrew Bartlett1-2/+2
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned, as the name suggests. Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to validate the behaviour of times, and of the old secrets. Thanks to tridge for spotting the use of HYPER! Andrew Bartlett (This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
2007-10-10r4638: expose lsa and drsuapi on ncalrpcAndrew Tridgell1-1/+1
(This used to be commit 4e62bd2a349c0cce8cb82a401fdf1cc33828af6f)
2007-10-10r4568: make use of SidType and move it to lsa.idlStefan Metzmacher1-7/+18
metze (This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
2007-10-10r4564: added a comment on lsa_EnumAccounts IDLAndrew Tridgell1-0/+3
(This used to be commit 08d7b77efc05571146c54322e684753ccd4cd2d6)
2007-10-10r4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.Volker Lendecke1-1/+1
Volker (This used to be commit f8588a769c185f871fdcd5db35428ad587bdfad3)
2007-10-10r4449: fixed the helpstring for LSA IDLAndrew Tridgell1-1/+1
(This used to be commit 40a68a160e43b2e5d018e393ddecdfc50bad5360)
2007-10-10r4442: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid)Andrew Tridgell1-1/+1
(This used to be commit 0dd258709554265efaa0d25ad5bc86b559139c2e)
2007-10-10r4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3().Andrew Tridgell1-2/+35
For some reason I am getting ACCESS_DENIED from w2k3 on lsa_LookupSids3(). I will investigate. (This used to be commit c759fa0000e37c3e93a7529a7701998af6727612)
2007-10-10r4433: added the boilerplate for the new w2k3 LSA functions in preparationAndrew Tridgell1-0/+67
for adding LookupSids3 (needed for ACL editing from w2k3) (This used to be commit 745bbc0e1717c1e0068be00cff36071dbdc451a6)
2007-10-10r4310: fixed the authority_name field in lsa_GetUserName()Andrew Tridgell1-1/+1
(This used to be commit f78506697ad23456fcac6e8916d0dad05b0df6cc)
2007-10-10r4309: idl and torture test for lsa_GetUserName()Stefan Metzmacher1-2/+10
why does samba3 return domain_name as in the unknown_name field in the code and on the wire it returns DCERPC_FAULT_OP_RNG_ERROR? all of my test machines NT4,W2K,W2K3,XP returned NULL and if I file the string in the .in.* the server echos the strings back and returns NT_STATUS_INVALID_PARAMETER metze (This used to be commit 67e765b7e984d7aac2a7786b5bd0c80d10d6de5d)
2007-10-10r4279: added IDL and test code for lsa_AddPrivilegesToAccount() and ↵Andrew Tridgell1-3/+13
lsa_RemovePrivilegesFromAccount() (This used to be commit 705b870c73995609c8d3ebb24418538bfe20c05b)
2007-10-10r4195: added IDL, test suite and server side code for lsa_LookupPrivValueAndrew Tridgell1-8/+11
(This used to be commit 7bddd4740332017bb5f4bddcc9ba0234d05378bd)
2007-10-10r4003: run successful against a nt4 sp6 pdc with one nt4 sp6 trust and a ↵Stefan Metzmacher1-4/+4
w2k3 trust metze (This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
2007-10-10r3978: added IDL and test code for lsa_LookupSids2() and lsa_LookupNames2()Andrew Tridgell1-2/+51
(This used to be commit 9da455ed56ebc167f295b231c2730e3ff9c94617)
2007-10-10r3919: Add more info levels to the QueryTrustedDomainInfo structures, withAndrew Bartlett1-6/+72
names and other assistance from the ethereal sources. More work needs to be done to validate some of the levels, which do not appear in the query - perhaps they are modification levels. Andrew Bartlett (This used to be commit 63635533693fa364b0c697a3fe1010b3eb8b17d3)
2007-10-10r3917: A few more LSA RPCs found in my wanderings (for trusted domains, theseAndrew Bartlett1-3/+14
seem to be 'shortcut' RPCs, that just avoid an open/query pair). Rename a few others to give us a slightly sensible pattern. Andrew Bartlett (This used to be commit d6a7ab57e74ab89dd163d5f9f5f901e586b0aad4)
2007-10-10r3907: * Rename lsa_Name to lsa_StringAndrew Bartlett1-31/+60
* Add new IDL to LSA, to query information about trusted domains (for cross-check with SamSync). Andrew Bartlett (This used to be commit 174c0778421b5154ff2ba809688ea6ef38a1478b)
2007-10-10r3904: * Add new LSA calls to open trusted domainsAndrew Bartlett1-4/+16
* Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett (This used to be commit 7094502fe0346255a89667f702289b4c8dc9fa08)
2007-10-10r3885: Add security descriptor comparison to our RPC-SAMSYNC test. We nowAndrew Bartlett1-5/+0
verify that the security descriptor found in the SamSync is the same as what is available over SAMR. Unfortunately, the administrator seems unable to retrieve the SACL on the security descriptor, so I've added a new function to compare with a mask. Andrew Bartlett (This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
2007-10-10r3837: added support for LsaLookupSids in the LSA rpc server. This allows ↵Andrew Tridgell1-7/+7
the GUI ACL editor on w2k to correctly display names instead of SIDs. (This used to be commit fdaa753578c7b80806d4040ed131f87ddbf988e0)