summaryrefslogtreecommitdiff
path: root/source4/librpc/idl/lsa.idl
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7029: Make array support in pidl similar to that in other IDL compilers. We ↵Jelmer Vernooij1-13/+13
should now able to use constructions like these: [size_is(20)] int *x; -> Pointer to array of 20 ints [size_is(20)] int x[]; -> Array of 20 ints [size_is(20)] int *x[]; -> Array of 20 pointers to ints [size_is(20,)] int *x[] -> Array of 20 pointers to ints [size_is(,20)] int *x[]; -> Pointer to array of 20 ints [size_is(,20)] int **x; -> Pointer to pointer to array of 20 ints [size_is(20)] int x[][30]; -> 20 blocks of 30 ints (This used to be commit ecf583da71c2f80be124c17fccdcb284b47e0695)
2007-10-10r6973: Merge new version of pidl into the main SAMBA_4_0 branch.Jelmer Vernooij1-0/+1
The main difference in this new version is the extra data structure generated between the IDL data structure and the NDR parser: IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc } This makes the ndr_parser.pm internals much more sane. Other changes include: - Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags. - Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc.. - Use if() {} rather then if () goto foo; everywhere - NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC - By default, top level pointers are now "ref" (as is the default in most other IDL compilers). This can be overridden using the default_pointer_top() property. - initial work on new ethereal parser generators by Alan DeKok and me - pidl now writes errors in the standard format used by compilers, which is parsable by most editors - ability to warn about the fact that pidl extension(s) have been used, useful for making sure IDL files work with other IDL compilers. oh, and there's probably some other things I can't think of right now.. (This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2007-10-10r5672: Use switch_type() and the token storage mechanism for unions:Jelmer Vernooij1-2/+2
- Makes union handling less special - Allows unions in arrays, etc - Compatible with midl - Pidl will warn about switch_type() and the type of the switch_is() variable being different (This used to be commit dc6b4ffc82a191631bc16a4b93a4916a39183ec6)
2007-10-10r5661: Be a little stricter on syntax regarding arrays. A pointer to anJelmer Vernooij1-18/+18
array can now only be : type *name[]; rather then : type *name; which was supported in the past. Warnings will be given when the first syntax is used. Reasons for this change in behaviour include improved readability and the fact that the second format makes dealing with multiple levels of pointers harder. (This used to be commit a416de5825c540fd3741731c4be05e9a659a6fdb)
2007-10-10r5036: changed HYPER_T to the more standard "hyper"Andrew Tridgell1-2/+2
(This used to be commit 1d1a9c11ee681540ef8a1029409bb24fc26f976c)
2007-10-10r4768: Until I can prove it, we should not have these elements marked asAndrew Bartlett1-4/+4
size_is() base arrays. Andrew Bartlett (This used to be commit 3d3063b1f65efe3b9eb814f7425afa3278095a68)
2007-10-10r4720: Reformat, rename, and convert to enums parts of the LSA IDL ↵Andrew Bartlett1-45/+46
specification. Andrew Bartlett (This used to be commit d360f30948723687ec1504765e52db366f17cfa2)
2007-10-10r4708: Comparing with LDAP, it is clear that these 'flags' are in fact theAndrew Bartlett1-13/+13
POSIX offset for the trusted domain. Andrew Bartlett (This used to be commit cd9e795e4004e28dc0184b86f0c44431378fc3ff)
2007-10-10r4703: Add support for EnumTrustDomain, and expand the testsuite.Andrew Bartlett1-1/+4
Add my copyright to the SAMR server. Andrew Bartlett (This used to be commit 51e94fa26cc602ddca652776c213cd7096f9703a)
2007-10-10r4698: - Initial implementation of trusted domains in LSA.Andrew Bartlett1-1/+1
- Use templates for Secrets and the new trusted domains - Auto-add modifiedTime, createdTime and objectGUID to records in the samdb layer. Andrew Bartlett (This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett1-6/+6
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4673: Fix the IDL for the QuerySecret LSA call.Andrew Bartlett1-2/+2
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned, as the name suggests. Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to validate the behaviour of times, and of the old secrets. Thanks to tridge for spotting the use of HYPER! Andrew Bartlett (This used to be commit 1fed79cb0f2ae7940639d08ef99576559d4cd06e)
2007-10-10r4638: expose lsa and drsuapi on ncalrpcAndrew Tridgell1-1/+1
(This used to be commit 4e62bd2a349c0cce8cb82a401fdf1cc33828af6f)
2007-10-10r4568: make use of SidType and move it to lsa.idlStefan Metzmacher1-7/+18
metze (This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
2007-10-10r4564: added a comment on lsa_EnumAccounts IDLAndrew Tridgell1-0/+3
(This used to be commit 08d7b77efc05571146c54322e684753ccd4cd2d6)
2007-10-10r4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.Volker Lendecke1-1/+1
Volker (This used to be commit f8588a769c185f871fdcd5db35428ad587bdfad3)
2007-10-10r4449: fixed the helpstring for LSA IDLAndrew Tridgell1-1/+1
(This used to be commit 40a68a160e43b2e5d018e393ddecdfc50bad5360)
2007-10-10r4442: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid)Andrew Tridgell1-1/+1
(This used to be commit 0dd258709554265efaa0d25ad5bc86b559139c2e)
2007-10-10r4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3().Andrew Tridgell1-2/+35
For some reason I am getting ACCESS_DENIED from w2k3 on lsa_LookupSids3(). I will investigate. (This used to be commit c759fa0000e37c3e93a7529a7701998af6727612)
2007-10-10r4433: added the boilerplate for the new w2k3 LSA functions in preparationAndrew Tridgell1-0/+67
for adding LookupSids3 (needed for ACL editing from w2k3) (This used to be commit 745bbc0e1717c1e0068be00cff36071dbdc451a6)
2007-10-10r4310: fixed the authority_name field in lsa_GetUserName()Andrew Tridgell1-1/+1
(This used to be commit f78506697ad23456fcac6e8916d0dad05b0df6cc)
2007-10-10r4309: idl and torture test for lsa_GetUserName()Stefan Metzmacher1-2/+10
why does samba3 return domain_name as in the unknown_name field in the code and on the wire it returns DCERPC_FAULT_OP_RNG_ERROR? all of my test machines NT4,W2K,W2K3,XP returned NULL and if I file the string in the .in.* the server echos the strings back and returns NT_STATUS_INVALID_PARAMETER metze (This used to be commit 67e765b7e984d7aac2a7786b5bd0c80d10d6de5d)
2007-10-10r4279: added IDL and test code for lsa_AddPrivilegesToAccount() and ↵Andrew Tridgell1-3/+13
lsa_RemovePrivilegesFromAccount() (This used to be commit 705b870c73995609c8d3ebb24418538bfe20c05b)
2007-10-10r4195: added IDL, test suite and server side code for lsa_LookupPrivValueAndrew Tridgell1-8/+11
(This used to be commit 7bddd4740332017bb5f4bddcc9ba0234d05378bd)
2007-10-10r4003: run successful against a nt4 sp6 pdc with one nt4 sp6 trust and a ↵Stefan Metzmacher1-4/+4
w2k3 trust metze (This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
2007-10-10r3978: added IDL and test code for lsa_LookupSids2() and lsa_LookupNames2()Andrew Tridgell1-2/+51
(This used to be commit 9da455ed56ebc167f295b231c2730e3ff9c94617)
2007-10-10r3919: Add more info levels to the QueryTrustedDomainInfo structures, withAndrew Bartlett1-6/+72
names and other assistance from the ethereal sources. More work needs to be done to validate some of the levels, which do not appear in the query - perhaps they are modification levels. Andrew Bartlett (This used to be commit 63635533693fa364b0c697a3fe1010b3eb8b17d3)
2007-10-10r3917: A few more LSA RPCs found in my wanderings (for trusted domains, theseAndrew Bartlett1-3/+14
seem to be 'shortcut' RPCs, that just avoid an open/query pair). Rename a few others to give us a slightly sensible pattern. Andrew Bartlett (This used to be commit d6a7ab57e74ab89dd163d5f9f5f901e586b0aad4)
2007-10-10r3907: * Rename lsa_Name to lsa_StringAndrew Bartlett1-31/+60
* Add new IDL to LSA, to query information about trusted domains (for cross-check with SamSync). Andrew Bartlett (This used to be commit 174c0778421b5154ff2ba809688ea6ef38a1478b)
2007-10-10r3904: * Add new LSA calls to open trusted domainsAndrew Bartlett1-4/+16
* Add new tests for ACCOUNTs in SamSync * Clean up names in NETLOGON and LSA * Verify Security Descriptors against LSA, as well as SamR Andrew Bartlett (This used to be commit 7094502fe0346255a89667f702289b4c8dc9fa08)
2007-10-10r3885: Add security descriptor comparison to our RPC-SAMSYNC test. We nowAndrew Bartlett1-5/+0
verify that the security descriptor found in the SamSync is the same as what is available over SAMR. Unfortunately, the administrator seems unable to retrieve the SACL on the security descriptor, so I've added a new function to compare with a mask. Andrew Bartlett (This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
2007-10-10r3837: added support for LsaLookupSids in the LSA rpc server. This allows ↵Andrew Tridgell1-7/+7
the GUI ACL editor on w2k to correctly display names instead of SIDs. (This used to be commit fdaa753578c7b80806d4040ed131f87ddbf988e0)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher1-1/+2
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
2007-10-10r3283: converted to quoted uuid() defines in all our IDL. This should helpAndrew Tridgell1-1/+1
the build on systems like solaris with the SunPRO compiler (This used to be commit fe913ad11bf1c5e9fe04ed769a93b0ea16aa0a34)
2007-10-10r3162: Add client-side support for the ncalrpc: and ncacn_unix_stream: ↵Jelmer Vernooij1-1/+1
transports. ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets. (This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
2007-10-10r3043: Use binding strings for specifying endpoints. The property forJelmer Vernooij1-1/+1
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]", where ifacename is the name of the interface. Examples: [ uuid(60a15ec5-4de8-11d7-a637-005056a20182), endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:") ] interface rpcecho { void dummy(); } dcerpc_binding is now converted to ep_description in the server, but I hope to completely eliminate ep_description later on. The eventual goal of all these changes is to make it easier to add transports as I'm going to add support for ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets). (This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
2007-10-10r2199: the unknown 16 bit number in lsa_LookupPrivDisplayName() is a languageAndrew Tridgell1-3/+4
ID, so the client can choose what language they get the privilege description in. this is the first time I've seen a language ID on the wire in CIFS. (This used to be commit e99d88915fbfcfb50b04330cd1a32b90222fbca3)
2007-10-10r2158: removed a misleading comment (the extra uint16 is just padding)Andrew Tridgell1-4/+0
(This used to be commit 9e120bff7af076bbc541a88cefb3ba400fb91caa)
2007-10-10r2127: more lsa IDL updates from Richard RenardAndrew Tridgell1-3/+23
(This used to be commit 5be1b54d15e65008f0dc06a005fb205180817a6d)
2007-10-10r2126: two more lsa functions worked out by richard renardAndrew Tridgell1-3/+16
(This used to be commit 253203f58f7fe6d1b7aea50822d191a8377b47da)
2007-10-10r1838: Updates from the airplane:Jelmer Vernooij1-1/+2
- IDL fixes + adding comments - Start working on dcom infrastructure (This used to be commit ef0fc269f06c82594c34ad8673c76c5ea099250e)
2007-10-10r1799: List more uuids. FromJelmer Vernooij1-21/+64
http://www.hsc.fr/ressources/articles/win_net_srv (This used to be commit 8d36dbed8c5bdc82176083b2c6f8d989ae903ba5)
2007-10-10r937: - added a simple QuerySecurity implementation in samr serverAndrew Tridgell1-1/+1
- moved some sec desc defines into misc.idl - fixed pw_len field in UserInfo26 - made some pipes available on TCP - added netr_DsrEnumerateDomainTrusts() to netlogon - added templates for remaining netlogon IDL calls (from ethereal) - added a unistr_noterm vs unistr error detector in ndr basic decoder - added torture test for netr_DsrEnumerateDomainTrusts() (This used to be commit ae5a5113fb83640dcb9ae4642c1b9eaf28487956)
2007-10-10r919: - added lsa_QueryInfoPolicy2() to IDL, test suite and serverAndrew Tridgell1-1/+8
- added lsa_OpenPolicy2() to server - added guid handling in samdb - added a couple more info policy levels in lsa server - added some DNS info in the provisioning template and script With the above changes WinXP professional can join a Samba4 domain (This used to be commit d6dca96352144d6061175c964069ed54d942b9c2)
2007-10-10r917: - added the start of a LSA server to samba4.Andrew Tridgell1-35/+19
- added start of QueryDomainInfo in samr server "net rpc info" from samba3 now works against a samba4 server. I suspect join will work fairly soon. (This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
2007-10-10r877: This attempt at IDL was accidently included in the pervious commit.Andrew Bartlett1-9/+1
Andrew Bartlett (This used to be commit 6b91ab152d7bfadc113b6f206fcce4db54429871)
2007-10-10r874: This patch is a pile of work on NTLMSSP:Andrew Bartlett1-1/+9
Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
2007-10-10r101: added lsa_SetSecret() and lsa_QuerySecret()Andrew Tridgell1-2/+23
this required some crypto infrastructure and some sid utilities (This used to be commit 37d0efa9c2af8532536bea88412f0dd3ed39ecfc)
2004-04-03added IDL and test for lsa_OpenSecret()Andrew Tridgell1-1/+8
(This used to be commit dd95cd141dc63f16e14f4c9392529653084b5a2a)
2004-04-03added IDL and test suite for lsa_CreateSecret()Andrew Tridgell1-1/+6
(This used to be commit 4de08b64ddb3851e90a8dadd7d0d0991e933abf5)