| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
verify that the security descriptor found in the SamSync is the same
as what is available over SAMR.
Unfortunately, the administrator seems unable to retrieve the SACL on
the security descriptor, so I've added a new function to compare with
a mask.
Andrew Bartlett
(This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|
|
Andrew Bartlett
(This used to be commit 90398fda41dd15480899e3628df186eb02fdc139)
|
|
This compares values for the domain and for secrets. We still have
some problems we need to sort out for secrets.
Also rename a number of structures in samr.idl and netlogon.idl, to
better express their consistancy.
Andrew Bartlett
(This used to be commit 3f52fa3a42b030c9aef21c8bd88aad87a0aae078)
|
|
NETLOGON.
In particular, rename samr_Name to samr_String - given that many
strings in this pipe are not 'names', the previous was just confusing.
(I look forward to PIDL turning these into simple char * some day...).
Also export out a few changes from testjoin.c to allow for how I have
written the new RPC-SAMSYNC test.
Andrew Bartlett
(This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
|
|
the build on systems like solaris with the SunPRO compiler
(This used to be commit fe913ad11bf1c5e9fe04ed769a93b0ea16aa0a34)
|
|
transports.
ncalrpc uses the new config option "ncalrpc dir" for creating unix sockets.
(This used to be commit b15cfbe2512961a199ecb069730d9a19787579f5)
|
|
field. Add torture test for setting this feild - including all the
odd cases (not all the flags 'stick', and not others cannot be
removed).
Seperate the two 'password change' flags, and test them both in the
torture code.
Check that the password did change after every password set call.
Andrew Bartlett
(This used to be commit 3759128bd33b802d5213d50ba25f7c7d11cfe1d7)
|
|
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The
default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]",
where ifacename is the name of the interface.
Examples:
[
uuid(60a15ec5-4de8-11d7-a637-005056a20182),
endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:")
]
interface rpcecho
{
void dummy();
}
dcerpc_binding is now converted to ep_description in the server, but I hope to
completely eliminate ep_description later on.
The eventual goal of all these changes is to make it easier to add
transports as I'm going to add support for
ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets).
(This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
|
|
(This used to be commit c17d9254d42e5966fbdfeeda18023c8c0203dad1)
|
|
(This used to be commit 8921e34f989977efc5f9d4f5eabf21bbb5f52115)
|
|
IDL so this works (the previous IDL was bogus)
- changed a hyper to uint64 after looking at output on cascade on sparc
(This used to be commit db1ed5675a5271085ea0b89dd634b037ee710178)
|
|
(This used to be commit a0e571a9ddc01b8e90a93d591aec4b10c9926818)
|
|
have the handle type implied by the parameter name. There are four
types of handle: connect, domain, user and group handles. The
various samr_Connect functions return a connect handle, and the
samr_OpenFoo functions return a foo handle.
There is one exception - the samr_{Get,Set}Security function can
take any type of handle.
Fix up all C callers.
(This used to be commit 32f0f3154a8eb63de83145cbc8806b8906ccdc3e)
|
|
pwd -> password
passwd -> password
username -> account_name
Also work on consistant structure feild names between these two pipes,
and fix up some callers to use samr_Password for the netlogon
credential code.
Andrew Bartlett
(This used to be commit 4e35418c2776f7b79be5b358ffd077754685d1ac)
|
|
This includes the netlogon pipe, for the machine account password
change system.
Andrew Bartlett
(This used to be commit 49d545a82057ee8b60d50aa55e908efe59875150)
|
|
indicate this although I could not find any consistent pattern.
I found this as 'net rpc group list local' in Samba3 sets this to 250 and only
gets a fixed, but incomplete list of groups out of W2k3.
I tried to correlate the results I got from w2k3 with the LDAP contents of the
corresponding entries, but I could not find anything. Ethereal only decodes
the lower byte, but to get all it seems necessary to have 0xffff here.
If you have time, could you might want to spend some of it decoding the bits
for SAMR completeness....
Volker
(This used to be commit 74e59c45603a9f897a24e37fc7626cf8ffc81403)
|
|
- moved some sec desc defines into misc.idl
- fixed pw_len field in UserInfo26
- made some pipes available on TCP
- added netr_DsrEnumerateDomainTrusts() to netlogon
- added templates for remaining netlogon IDL calls (from ethereal)
- added a unistr_noterm vs unistr error detector in ndr basic decoder
- added torture test for netr_DsrEnumerateDomainTrusts()
(This used to be commit ae5a5113fb83640dcb9ae4642c1b9eaf28487956)
|
|
- added start of QueryDomainInfo in samr server
"net rpc info" from samba3 now works against a samba4 server. I
suspect join will work fairly soon.
(This used to be commit 0a2c6a1062d0e364356853001f5f39bdb542f453)
|
|
structures. This was suggested by metze recently.
I checked on the build farm and all the machines we have support 64
bit ints, and support the LL suffix for 64 bit constants. I suspect
some won't support strtoll() and related functions, so we will
probably need replacements for those.
(This used to be commit 9a9244a1c66654c12abe4379661cba83a73c4c21)
|
|
samr_QueryUserInfo levels except for the password
set levels.
This means that a large part of the RPC-SAMR torture test now runs correctly against Samba4
(This used to be commit ec0a51898f543578e755207d81ed5c1524861c64)
|
|
samr_EnumDomainUsers
(This used to be commit 252b11112ce22152de3d53d0ba657879346ff243)
|
|
samr_SetUserInfo and samr_QueryUserInfo
(This used to be commit e0db9659a85b59e52fbe033a94b411d6c64d9f9c)
|
|
(This used to be commit 2cb06b39d91ef18b21c18e9376ccbd8076aeecf8)
|
|
from abartlet
(This used to be commit 5f30c3b077b59fc7ec40644e3af7236292100c6b)
|
|
added tests for the level 23 and 25 password change methods
(This used to be commit d49f7a6a0d1895de3d654a5b46c6aec3a57fde76)
|
|
password). That makes 8 ways to change a password just on the SAMR
pipe!
Thanks to Luke Howard from PADL for this.
(This used to be commit c8a49a7e004468d13f656f67eac4b7b4e1759022)
|
|
(This used to be commit 4b4f025504cb5b92c8b119259f1df622cd72ec7c)
|
|
yay!
(This used to be commit 0221566cf5ff7dc5ce0de9af451b935ed8615f4e)
|
|
(This used to be commit a946315193443feab786a588f371ad2a560327d4)
|
|
possibly destructive tests. Use with care!
Added IDL and test code for samr_Shutdown() and samr_SetDsrmPassword()
(This used to be commit 84de0b7e58c69e0817b9d475de0895a54cc95927)
|
|
request (a dead socket). I discovered this when testing against Sun's
PC-NetLink.
cleaned up the naming of some of the samr requests
add IDL and test code for samr_QueryGroupMember(),
samr_SetMemberAttributesOfGroup() and samr_Shutdown(). (actually, I
didn't leave the samr_Shutdown() test in, as its fatal to windows
servers due to doing exactly what it says it does).
(This used to be commit 925bc2622c105dee4ffff809c6c35cd209a839f8)
|
|
(for example, not filling in extra
fields in level21 setuserinfo)
(This used to be commit d06ed158f9aef94159bfc09065ca5ad0c4c99de3)
|
|
Also added much better handling of random password generation in the
password change test code
(This used to be commit 67ae0b2a9851c1e77fdaa9f317a83bd54950618f)
|
|
metze
(This used to be commit d0aa749667cf0d9e7c290982d2b4232c27ced706)
|
|
samr_GetBootKeyInformation() and samr_Connect3()
also added some stub IDL for samr_SetBootKeyInformation() although I
don't yet have working test code. This one is tricky, as if you get it
wrong then the target system won't boot any more :)
(This used to be commit 118b6fc292ba3257511b1b83846582013fb59b23)
|
|
- completed the IDL and test code for the various set user password
mechanisms in samr. Three password mechanisms are now working, the
UserInfo24 method, the OemChangePasswordUser2() method (which only
sets the LM password) and the ChangePasswordUser2() method which sets
both the LM and NT passwords.
- updated some crypto routines to support the password change tests
(This used to be commit 051efa2abf9d1fbbf783df411c02f2714027f813)
|
|
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
(This used to be commit 849d0d314a2add80f2b2be6b503fea05973f998e)
|
|
samr_QueryUserInfo2(), samr_QueryDisplayInfo2() and
samr_GetDisplayEnumerationIndex2()
(This used to be commit fddda52500d482bde79994c14a0a822a1d305ac3)
|
|
samr_GetDisplayEnumerationIndex(), samr_TestPrivateFunctionsDomain(),
samr_TestPrivateFunctionsUser() and samr_RemoveMemberFromForeignDomain()
(This used to be commit 53c66708874f9f8e7868530cd2a780160e2eca01)
|
|
(This used to be commit 747351140b839879abe1a79a005d81ca4b35a658)
|
|
(This used to be commit 0b8203306d9eb61aaec9549d56c40831fcd091c3)
|
|
(This used to be commit fe1fc81ba76515b79069881d2d62f60201314d04)
|
|
test code
(This used to be commit 46185a71ba0e06544cacf117654e4dbf39385378)
|
|
(This used to be commit 9f12fb39dbac886582d0ccce418491522c042fe6)
|
|
we needed to adjust the alignment of [relative] buffers for this to
work. I wonder if they are always 4 byte aligned?
(This used to be commit 9cd0a0b8b976e62c6da71b7e55cba5b38483620d)
|
|
(This used to be commit f740b02ac36780740700909da2bcdf672cb146cb)
|
|
This patch adds the samr_CreateUser2 function, which is create_user
in Samba 3.0.
This also adds a torture suite that checks for various valid and invalid
account flags, and that they are persistant.
Also, a patch by Anthony Liguori to fix the build
Andrew Bartlett
(This used to be commit 53e657b74572ab329d4598a85e6989547c324209)
|
