Age | Commit message (Collapse) | Author | Files | Lines |
|
array can now only be :
type *name[];
rather then :
type *name;
which was supported in the past. Warnings will be given when the first
syntax is used. Reasons for this change in behaviour include improved
readability and the fact that the second format makes dealing with multiple
levels of pointers harder.
(This used to be commit a416de5825c540fd3741731c4be05e9a659a6fdb)
|
|
(This used to be commit 1d1a9c11ee681540ef8a1029409bb24fc26f976c)
|
|
size_is() base arrays.
Andrew Bartlett
(This used to be commit 3d3063b1f65efe3b9eb814f7425afa3278095a68)
|
|
specification.
Andrew Bartlett
(This used to be commit d360f30948723687ec1504765e52db366f17cfa2)
|
|
POSIX offset for the trusted domain.
Andrew Bartlett
(This used to be commit cd9e795e4004e28dc0184b86f0c44431378fc3ff)
|
|
Add my copyright to the SAMR server.
Andrew Bartlett
(This used to be commit 51e94fa26cc602ddca652776c213cd7096f9703a)
|
|
- Use templates for Secrets and the new trusted domains
- Auto-add modifiedTime, createdTime and objectGUID to records in the
samdb layer.
Andrew Bartlett
(This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
|
|
This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.
Some small changes to come, but the bulk of the work is now done.
A re-provision is required after this change.
Andrew Bartlett
(This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
|
|
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned,
as the name suggests.
Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to
validate the behaviour of times, and of the old secrets.
Thanks to tridge for spotting the use of HYPER!
Andrew Bartlett
(This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
|
|
(This used to be commit 4e62bd2a349c0cce8cb82a401fdf1cc33828af6f)
|
|
metze
(This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
|
|
(This used to be commit 08d7b77efc05571146c54322e684753ccd4cd2d6)
|
|
Volker
(This used to be commit f8588a769c185f871fdcd5db35428ad587bdfad3)
|
|
(This used to be commit 40a68a160e43b2e5d018e393ddecdfc50bad5360)
|
|
(This used to be commit 0dd258709554265efaa0d25ad5bc86b559139c2e)
|
|
For some reason I am getting ACCESS_DENIED from w2k3 on
lsa_LookupSids3(). I will investigate.
(This used to be commit c759fa0000e37c3e93a7529a7701998af6727612)
|
|
for adding LookupSids3 (needed for ACL editing from w2k3)
(This used to be commit 745bbc0e1717c1e0068be00cff36071dbdc451a6)
|
|
(This used to be commit f78506697ad23456fcac6e8916d0dad05b0df6cc)
|
|
why does samba3 return domain_name as in the unknown_name field in the code
and on the wire it returns DCERPC_FAULT_OP_RNG_ERROR?
all of my test machines NT4,W2K,W2K3,XP returned NULL
and if I file the string in the .in.* the server echos the strings back
and returns NT_STATUS_INVALID_PARAMETER
metze
(This used to be commit 67e765b7e984d7aac2a7786b5bd0c80d10d6de5d)
|
|
lsa_RemovePrivilegesFromAccount()
(This used to be commit 705b870c73995609c8d3ebb24418538bfe20c05b)
|
|
(This used to be commit 7bddd4740332017bb5f4bddcc9ba0234d05378bd)
|
|
w2k3 trust
metze
(This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
|
|
(This used to be commit 9da455ed56ebc167f295b231c2730e3ff9c94617)
|
|
names and other assistance from the ethereal sources.
More work needs to be done to validate some of the levels, which do
not appear in the query - perhaps they are modification levels.
Andrew Bartlett
(This used to be commit 63635533693fa364b0c697a3fe1010b3eb8b17d3)
|
|
seem to be 'shortcut' RPCs, that just avoid an open/query pair).
Rename a few others to give us a slightly sensible pattern.
Andrew Bartlett
(This used to be commit d6a7ab57e74ab89dd163d5f9f5f901e586b0aad4)
|
|
* Add new IDL to LSA, to query information about trusted domains (for
cross-check with SamSync).
Andrew Bartlett
(This used to be commit 174c0778421b5154ff2ba809688ea6ef38a1478b)
|
|
* Add new tests for ACCOUNTs in SamSync
* Clean up names in NETLOGON and LSA
* Verify Security Descriptors against LSA, as well as SamR
Andrew Bartlett
(This used to be commit 7094502fe0346255a89667f702289b4c8dc9fa08)
|
|
verify that the security descriptor found in the SamSync is the same
as what is available over SAMR.
Unfortunately, the administrator seems unable to retrieve the SACL on
the security descriptor, so I've added a new function to compare with
a mask.
Andrew Bartlett
(This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
|
|
the GUI ACL editor on w2k to
correctly display names instead of SIDs.
(This used to be commit fdaa753578c7b80806d4040ed131f87ddbf988e0)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|
|
the build on systems like solaris with the SunPRO compiler
(This used to be commit fe913ad11bf1c5e9fe04ed769a93b0ea16aa0a34)
|
|
transports.
ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets.
(This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
|
|
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The
default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]",
where ifacename is the name of the interface.
Examples:
[
uuid(60a15ec5-4de8-11d7-a637-005056a20182),
endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:")
]
interface rpcecho
{
void dummy();
}
dcerpc_binding is now converted to ep_description in the server, but I hope to
completely eliminate ep_description later on.
The eventual goal of all these changes is to make it easier to add
transports as I'm going to add support for
ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets).
(This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
|
|
ID, so the client can choose what language they get the privilege
description in.
this is the first time I've seen a language ID on the wire in CIFS.
(This used to be commit e99d88915fbfcfb50b04330cd1a32b90222fbca3)
|
|
(This used to be commit 9e120bff7af076bbc541a88cefb3ba400fb91caa)
|
|
(This used to be commit 5be1b54d15e65008f0dc06a005fb205180817a6d)
|
|
(This used to be commit 253203f58f7fe6d1b7aea50822d191a8377b47da)
|
|
- IDL fixes + adding comments
- Start working on dcom infrastructure
(This used to be commit ef0fc269f06c82594c34ad8673c76c5ea099250e)
|
|
http://www.hsc.fr/ressources/articles/win_net_srv
(This used to be commit 8d36dbed8c5bdc82176083b2c6f8d989ae903ba5)
|
|
- moved some sec desc defines into misc.idl
- fixed pw_len field in UserInfo26
- made some pipes available on TCP
- added netr_DsrEnumerateDomainTrusts() to netlogon
- added templates for remaining netlogon IDL calls (from ethereal)
- added a unistr_noterm vs unistr error detector in ndr basic decoder
- added torture test for netr_DsrEnumerateDomainTrusts()
(This used to be commit ae5a5113fb83640dcb9ae4642c1b9eaf28487956)
|
|
- added lsa_OpenPolicy2() to server
- added guid handling in samdb
- added a couple more info policy levels in lsa server
- added some DNS info in the provisioning template and script
With the above changes WinXP professional can join a Samba4 domain
(This used to be commit d6dca96352144d6061175c964069ed54d942b9c2)
|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
Andrew Bartlett
(This used to be commit 6b91ab152d7bfadc113b6f206fcce4db54429871)
|
|
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
|
|
this required some crypto infrastructure and some sid utilities
(This used to be commit 37d0efa9c2af8532536bea88412f0dd3ed39ecfc)
|
|
(This used to be commit dd95cd141dc63f16e14f4c9392529653084b5a2a)
|
|
(This used to be commit 4de08b64ddb3851e90a8dadd7d0d0991e933abf5)
|
|
(This used to be commit cdb47511531cb8ef19334088eecb14971e189a4f)
|
|
also tested lsa_Delete() to delete the newly created account
(This used to be commit c4d5d0e9eba6b564e2ce6885d66d644b6612d721)
|
|
makes pidl about 3x faster, and also gives us much better error
reporting and a more standard grammer definition that will be much
easier to code in lex/yacc if we want to do so at a later
date. (Parse::Yapp uses essentially the same grammer file as lex/yacc)
It also means we no longer need Parse::RecDescent, which should make
pidl much more portable.
(This used to be commit 4bbaffeb44dca99ad8c0245beb1fddbe01557215)
|