Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
New (major) patch
=================
- Enhances the "lsa.idl" file in the sense that it adds more values to
"PolicyInformation" to improve the "lsa_QueryInfoPolicy*" calls.
- Adds a minimal implementation for "AuditEvents" (also lsa_QueryInfoPolicy*
calls) to enable the "Audit" option in the "User Manager for Domains" (at least
readable).
- Adds to the "lsa.idl" file the system access mode flags needed for the calls
"lsa_*SystemAccessAccount".
- Fill in the "lsa_GetSystemAccessAccount" for enabling the "User Rights"
option in the "User Manager for Domains" (at least readable).
- Merge the two similar torture tests of the "lsa_QueryInfoPolicy*" calls in
one using "if"'s for a few separations.
- Add a torture test for "lsa_GetSystemAccessAccount".
- Some cosmetic-only changes (unifications) in output strings in the "LSA"
torture test.
The work has been done using the Microsoft WSPP docs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
plugfest in Redmond
|
|
sid/name array even when all are unmapped. If we don't fill in the
array then the windows client runtime crashes
|
|
|
|
|
|
Make 'lsar_CreateTrustedDomain' consistant with
lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle
Implement LSA server logic to create the cn=users trust account for
incoming trusts.
Andrew Bartlett
(This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
|
|
We still don't get the format inside the encrypted blob correct
however.
Andrew Bartlett
(This used to be commit 99a3abda09716c064b3e9a37c4a79a8f62444eca)
|
|
(This used to be commit e5520706c88911c66b3ce5817e371900212ca083)
|
|
(This used to be commit a17cb558c23142e522de3ed56d65c7694477395f)
|
|
(This used to be commit b7b46ddd412bd106655c2a7b96a322d9f6ac3019)
|
|
(This used to be commit 3e3563f2840e7cd795f5fc157003af3c932cb4d1)
|
|
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
|
|
We already did this before b994f899b42d294c0418bdc82660a2f7510667d6.
This is needed to handle NULL strings, where strlen() would crash...
Maybe we should add a strlen_a() and strlen_a_term() later...
metze
(This used to be commit c388efab13d1be2086a99e6615fa348c4cdc4594)
|
|
metze
(This used to be commit bdd8d9ebdf184ee3e23a8de92fa4dec7123a8824)
|
|
metze
(This used to be commit 646c597b79cb01474ed8139e4e790206bd84632c)
|
|
metze
(This used to be commit b994f899b42d294c0418bdc82660a2f7510667d6)
|
|
Guenther
(This used to be commit 1b5706e413f1c6aa1ede15a625929f785ce37272)
|
|
Guenther
(This used to be commit 068697706652373d28091cd7594e0276da27dbc4)
|
|
Guenther
(This used to be commit 54458c46249e07176e2a5b37279a3c95d21df0ab)
|
|
(This used to be commit 3fd750bd54f150ff62fd8165406bd26d03d624cf)
|
|
restriction on the maximum returned size. There isn't a good reason
to have a limit on this one.
Andrew Bartlett
(This used to be commit 9a8315019e20f736c6977451c1d1f1f3fcba16f2)
|
|
only query transitive forest trusts.
Guenther
(This used to be commit 71e5e1109cb924fbcd9eedd031fbf0973e8c8ff5)
|
|
Guenther
(This used to be commit 7c6297027d51011a59c86b6dc45338bbe4b2d5ef)
|
|
Guenther
(This used to be commit 54fa6d453c628039e5ec9053b0693229efdbe011)
|
|
(This used to be commit f3680ba118d4de4c535ceabda69e3b9f00424cd6)
|
|
(This used to be commit 2e2b15e3d258b66c3a150b97748ff6b4eed69a9a)
|
|
(This used to be commit 88fa90778a0e1f5efca08e5e6ba1b165399de30c)
|
|
(This used to be commit bfc2a1c50596ac3aee871de63fdd99362a65d7d8)
|
|
(This used to be commit 347ae9628202ca4de4318ef8156999239aad9192)
|
|
(This used to be commit d1364ef0cd8f1a64f44476476323ab390ac4de48)
|
|
(This used to be commit ced2f9599446520229566e25a783101b19c64177)
|
|
Andrew Bartlett
(This used to be commit 700e9c0ea40799a09db3fdeb4a0ff3a417a8718e)
|
|
This commit cleans up a number of aspects of the LSA interface.
Firstly, we do 2 simple searches on opening the LSA policy, to obtain
the basic information we need. This also avoids us searching for
dnsDomain (an invented attribute).
While I was at it, I added and tested new LSA calls, including the
enumTrustedDomainsEx call. I have also merged the identical structures
lsa_DomainInformation and lsa_DomainList.
Also in this commit: Fix netlogon use of uninitialised variables.
Andrew Bartlett
(This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa)
|
|
in having pointers for outgoing data when you can already modify the top-level
element.
This can be overridden (temporarily) by specifying the new "keepref"
attribute. Once we've removed keepref from all IDL files, I'll remove this
attribute as well.
(This used to be commit bdc6dd37503ced8322a671d225122ccffbb8bfec)
|
|
the LSA pipe. Strangely, windows is not consistent for the LookupSids
call. Sometimes the name is terminated and sometimes not?! It might
depend on the type of rid (alias, group etc) ?
(This used to be commit c0b7e0619a153f1da0fa76f176335d1b2afa340b)
|
|
implementation.
Andrew Bartlett
(This used to be commit a6a615cc997cd3a71ea0d63994f6cd97096afc30)
|
|
(This used to be commit 22d0e4a9bf853fe67c402ce3ba6d950e753ab4d2)
|
|
(This used to be commit bb1ed44f45020f1e11d928f5130a889c11ee59c4)
|
|
(This used to be commit 48f45927ceb4f7d39c4cc47b3b843e43a53b7f2b)
|
|
(This used to be commit b773d848e854394f36351f97130a20a245367b2c)
|
|
Guenther
(This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
|
|
- fixed winreg_GetKeySecurity() to use a sec_info field correctly
- simplied the winreg torture code, removing the separate opens for
each hive
- added torture cleanup code in winreg test
- added 'create with security descriptor' in the winreg torture test
(This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
|
|
- we need to use lsa_StringLarge in lsa_DnsDomainInfo, to make windows clients happy
metze
(This used to be commit 044d18f85f82b4ab5d71a6ae366052af0dbe8e7e)
|
|
of null credentials to use if cmdline_credentials is not setup
- hide the length and size elements of a lsa_String from js scripts,
so you can use a lsa_String just as an ordinary string without
knowing its a structure. We won't do this with all structures, just
a few core ones that are used often enough to warrant it.
- make sure returned ldb arrays have a length property
(This used to be commit 12d2092dd8668de41776132ccbcd634790c371a9)
|
|
metze
(This used to be commit e601042c07d7b6eed0dc34e5b136d9266b8a0f81)
|