Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
(This used to be commit d8fe7652bda2a984d830b83762950377a4849d64)
|
|
Guenther
(This used to be commit 2114103aedbe2134624caa3aba42b6f7721e6d45)
|
|
Guenther
(This used to be commit 109e05b5117b1722a190765f84563cea24273de1)
|
|
Guenther
(This used to be commit 5922a1228653709e1ff99be50e902663e152c706)
|
|
"Add missing security_secinfo bits as seen while managing security descriptor
inheritance with regedit."
Guenther
(This used to be commit 1c1811c5e34b18f448beb544de0c5f8612653293)
|
|
- also add dcerpc_AuthLevel enum
metze
(This used to be commit efb2416939d5def030e56b0497bab5345426840f)
|
|
constants
(This used to be commit 0c3d38b0d9c2a335c6449955a137627ba16623a4)
|
|
(This used to be commit 9c38c61c337da911d56df33f1b72be8cf7d0d4c6)
|
|
(This used to be commit 37425495f392a2d0122a93aa2c42758eab7dab5a)
|
|
a new torture suite to match.
This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de>
Previously we had no knowlege of BUILTIN or well-known names.
This code needs expansion to check with winbind for trusted domains.
Andrew Bartlett
(This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
|
|
include/ now only contains build system related headers, all other headers are
now near the source code they're related to.
(This used to be commit 6890a01dbfc6d8041a88ef5c6be52dfcd046fe80)
|
|
objects on the samr pipe.
8 of these bits :
get name etc
get locale
get loc com
set attributes
change password
set password
get groups
comes from wireshark/ethereal where they were added Aug 21 2002
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987&r2=6054
3 bits :
get attributes
get group membership
change group membership
also come from wireshark/ethereal where they were added Jul 24 2003
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=8022&r2=8080
(This used to be commit 1c2729228a341a2d063a444e9546e7e09f23c966)
|
|
domains on the samr pipe
10 of these bits :
lookup info 1
set info 1
lookup info 2
set info 2
create user
create group
create alias
enum account
open account
set info 3
come from wireshark/ethereal and were added to wireshark in Aug 21 2002
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987&r2=6054
one bit
lookup alias
also comes from wireshark where it was added in wireshark in Feb 21 2003
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=7173&r2=7178
(This used to be commit 4b2c8e28657b31c606d21946e7949c9cc52613c9)
|
|
to Groups on the samr pipe
the five bits
lookup info
set info
add member
remove member
get members
comes from the wireshark/ethereal sources where they were added in Aug
21 2002
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987&r2=6054
(This used to be commit 1f00ac5dbe8f034d845c4e579a3f517311784900)
|
|
these five access mask bits :
add member
remove members
get members
lookup info
set info
come from wireshark/ethereal where they were added to cvs in Aug 21 2002
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/epan/dissectors/packet-dcerpc-samr.c?r1=5987&r2=6054
(This used to be commit e39556ba4cc76b2754ef891d5c696bc3a5761310)
|
|
policy handles that are create by Connect?() calls on the samr pipe.
these bits come from the wireshark/ethereal sources where they have
been documented for a long time.
the bits :
connect to server
initialize server
create domain
were added to wireshark/ethereal in svn 8080 Jul 24 2003
the bits :
open domain
enum domain
shutdown server
were added to wireshark/ethereal in svn 6054 Aug 21 2002
(This used to be commit 04e67bb6807c318de44d5434bc4344b24494b4a1)
|
|
(This used to be commit 2a5a0819eea86ba322434306e062d13893b5722e)
|
|
and move it into misc.idl
The goal is to get rid a all dcerpc specific stuff in the
generated ndr layer.
metze
(This used to be commit 2ed014cfb894cccab1654e3f7d5876393e2b52d7)
|
|
I assume what we need is an array of strings,
so the code isn't used and broken anyway without
a testsuite...just get rid of the pidl warning
metze
(This used to be commit 46fadeb6983dff4e6a38fceec4679d3bf44dd5d9)
|
|
metze
(This used to be commit f6ae9574b208e42a819249918b827457f245f519)
|
|
restriction on the maximum returned size. There isn't a good reason
to have a limit on this one.
Andrew Bartlett
(This used to be commit 9a8315019e20f736c6977451c1d1f1f3fcba16f2)
|
|
SAMR. This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.
As noted in bug #4829.
Andrew Bartlett
(This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
|
|
- The icons in usermgr were incorrect, because the acct_flags were
not filled in (due to missing attribute in ldb query)
- The Full name was missing, and the description used as the full
name (due to missing attributes in ldb query and incorrect IDL)
To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.
This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...
Getting this right is important, because Samba3's RPC winbind methods
uses these queries.
Andrew Bartlett
(This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)
|
|
RPC-SAMBA3-GETUSERNAME tests before the previous password expiration
fixes, because if you create a user and only set the password
administratrively, the "last set time" should not get updated. Needed
to add some more of the fields_present flags to do this.
(This used to be commit ce5637de22c19551c0ce5147658ceae33b976ef1)
|
|
only query transitive forest trusts.
Guenther
(This used to be commit 71e5e1109cb924fbcd9eedd031fbf0973e8c8ff5)
|
|
Guenther
(This used to be commit 7c6297027d51011a59c86b6dc45338bbe4b2d5ef)
|
|
metze
(This used to be commit a7be6810771b804932abbf2ace4c2a7c5dd8a349)
|
|
Guenther
(This used to be commit 82477b311e2a7a51906d0c00d8714f545b12b0bd)
|
|
Guenther
(This used to be commit 54fa6d453c628039e5ec9053b0693229efdbe011)
|
|
WERROR_DOMAIN_CONTROLLER_NOT_FOUND from
SAMBA_3_0.
Guenther
(This used to be commit 841ad140a34648ff52d5e44a6642f346ef9eee02)
|
|
Guenther
(This used to be commit 9c2b9642336ed954c8f9fc0ccce95547d7c18aa8)
|
|
Guenther
(This used to be commit cf953d04813d193da5e9714ceebb7826dc7e4d0b)
|
|
* netr_DsRGetDCName_flags, netr_DsRGetDCNameInfo_AddressType and netr_DsR_DcFlags
* the mask in netr_DsRGetDCNameEx2 turns out to be samr_AcctFlags
Guenther
(This used to be commit 9cdd6d9782a7a70f01d748228beb80c454d1468b)
|
|
metze
(This used to be commit 4105e3db317b124bb9c708d508895756c9c0c5a3)
|
|
way to go, as this has bitrotted over the past months.
This change in particular catches winbind up with the next
composite_create() function.
We also needed to remove an unused flags field, and fill in the lm
response.
Andrew Bartlett
(This used to be commit bd26e4ffaf1c060fdc3aae28fd4393e83c5a83ea)
|
|
(This used to be commit 1b73e6a776a3ef478718f656523d125d28589f5c)
|
|
see http://www.hsc.fr/ressources/articles/win_net_srv/msrpc_wzcsvc.html
and http://www.hsc.fr/ressources/articles/win_net_srv/msrpc_scheduler.html
thanks to jbm for the report!
metze
(This used to be commit 8bc1316741e59da100aee434617136136fdedb3f)
|
|
metze
(This used to be commit 521355b57b74dbdccc6ae15738345e1d989ce262)
|
|
(This used to be commit 6fb3b4be10d204bec61a1fddd1c50c1c24d52ebf)
|
|
and use the struct member names in all cases
metze
(This used to be commit c543ee57454d006c545e3e9e20c9ac0114081d3d)
|
|
(This used to be commit 2eae55819ec51dc53aa8bdea7b777cb2e8444cea)
|
|
(This used to be commit 0b1e793ed56e3c4c592d8baaf3139e42b01b942b)
|
|
metze
(This used to be commit b8af925da9c515f3803aa813ef5e4cded892a525)
|
|
It's now possible to use "struct foo" without a typedef in IDL files.
echo_info4 is the first type that's been converted.
(This used to be commit 3ac68e858df9b53cf5e0a84741916214a53b3121)
|
|
also make it possible to pass and get the assoc_group_id for
a pipe.
also make it possible to pass the DCERPC_PFC_FLAG_CONC_MPX flag
in bind requests. From the spec it triggers support for
concurrent multiplexing on a single connection.
w2k3 uses the assoc_group_id feature when it becomes a domain controller
of an existing domain. Know the ugly part, with this it's possible to
use a policy handle from one connection on a different one...
typically the DsBind() call is on the 1st connection while DsGetNCChanges()
call using the first connections bind handle are on the 2nd connection.
The second connection also has the DCERPC_PFC_FLAG_CONC_MPX flag attached,
but that doesn't seem to be related to the cross connection handle usage
Can anyone think of a nice way to implement the assoc_group_id stuff in our server?
metze
(This used to be commit 2d8c85397d9027485ed6dbdcca87cc1ec84c7b76)
|
|
(This used to be commit 268915961d0b2766eb9a4e106fdf5cfdf68de07e)
|
|
support in ejs.
(This used to be commit a396c5de12cd958fe0457fa5372e539132ad7ed9)
|
|
(This used to be commit 17d1da19474de3c501b532aec74b1fb93ed3ae3f)
|
|
the hashes are
MD5("user:realm:password") which a lot of user and realm combinations
see:
http://fresh.t-systems-sfr.com/unix/src/www/httpauth-0.6.tar.gz:a/httpauth-0.6/tools/mkha1.c
metze
(This used to be commit f764941af6a13b59ea604b4b5c275da802b3e061)
|
|
so that ndr_pull will fail if version isn't 3 and we notice
if the format changes...
metze
(This used to be commit 91f7a094cfd04405c224b9579146d814cba507b3)
|