Age | Commit message (Collapse) | Author | Files | Lines |
|
call between 2 w2k3 boxes nicely, but I'm not sure if the amount
of 9 chunks is fixed...
metze
(This used to be commit adceac88519b5d61b759eac6e0b152da0529f85c)
|
|
Try to pass more of the CrackNames test. Make the test quieter.
Andrew Bartlett
(This used to be commit a6bbfebf52f53f99b0edf52d3c23b72785b97469)
|
|
there's a blob containing the real data,
but that needs handwritten code
metze
(This used to be commit dcb0ea99ba7589a3204d19f54c75a464f97bd1fd)
|
|
metze
(This used to be commit f7f9f174d77ddf7d4880b430b5dc7154ea1ddb3b)
|
|
returned by DsBind() on all drsuapi connection also contains the client
ip address. Also the u1 value of the clients DsBindInfoX structure is returned
in u5 here...
metze
(This used to be commit 1adb0fb291d788d0bf10a49b05970ac72eb4764e)
|
|
of all active connections to the Directory Service Agent (DSA)
(This can be LDAP or DRSUAPI connections)
abartlet: you had just luck by using flag(BIG_ENDIAN) as BIG_ENDIAN is
defined in <endian.h>, it should be flag(NDR_BIG_ENDIAN)...
metze
(This used to be commit c7e639763de1f8ddccfb954227feeaddb7386edc)
|
|
usual things are more complex than they appear.
Also remove the incorrect server-side implementation, which blindly
assumed some sense of consistancy across the API switch levels.
Andrew Bartlett
(This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
|
|
we crashed before trying ncacn_np: for frsrpc
as frsrpc doesn't have a ncacn_np endpoint listed
in the idl header and the endpoint mapping code
was trying our smbcli lib with a
NULL target_hostname -> called_name
metze
(This used to be commit ed49e4b1f87db483768dec36732b0c9765d1d4bc)
|
|
metze
(This used to be commit bbd086f2edf81028f2370be8ce0739144cd64b02)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
(This used to be commit 40406355135d5bebd9dad27168ab695657271f4f)
|
|
metze
(This used to be commit 6d0c788f3dffb7a553464404ebd9c0487d668bc5)
|
|
metze
(This used to be commit 0777a8e749e8df88dd1b9f7be9e4f3012559243b)
|
|
Do not require an artificial ASN.1 context to be setup.
Simo.
(This used to be commit 14b3b9861ae47498c74a6643e6979b3d85260a61)
|
|
metze
(This used to be commit ebbd6263bbc30001e25603c5e4f45393b5fadb3d)
|
|
and we return the array as hexstring. this is always in the last
array member of the meppings array, and I is always 21 bytes long
w2k in mixed mode: FF0000000000000000000000000000000000000000
w2k3 in mixed mode: FF00000002A5DA73B101C43B449028E2F832FE466F
w2k3 in native mode: FF00000001635D94BDE62E2C4C9BAC9D6AFA4F69F8
I assume it's some kind of schema version...
metze
(This used to be commit db16f6382da50167b6cefdaeb8488b00a45fb928)
|
|
uint8_t arrays
with ber encoded oid's
metze
(This used to be commit bc13b3690166b29df246cc4778b378e9cf2a22d7)
|
|
transferred
in replication replies, but I don't know the exact encoding.
for example the oids are transferred as:
2.5.4 => uint8_t v[] = { 0x55, 0x04 };
2.5.5 => uint8_t v[] = { 0x55, 0x05 };
2.5.6 => uint8_t v[] = { 0x55, 0x06 };
2.5.18 => uint8_t v[] = { 0x55, 0x12 };
2.5.20 => uint8_t v[] = { 0x55, 0x14 };
2.5.21 => uint8_t v[] = { 0x55, 0x15 };
1.2.840.113556.1.2 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x02 };
1.2.840.113556.1.3 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x03 };
1.2.840.113556.1.4 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x04 };
1.2.840.113556.1.5 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05 };
1.2.840.113556.1.5.7000 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05, 0xb6, 0x58 };
1.2.840.113549.1.9 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09 };
2.16.840.1.113730.3 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03 };
2.16.840.1.113730.3.1 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x01 };
2.16.840.1.113730.3.2 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x02 };
0.9.2342.19200300.100.1 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01 };
0.9.2342.19200300.100.4 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04 };
1.3.6.1.4.1.250.1 => uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x7a, 0x01 };
1.3.6.1.4.1.1466.101.119=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x65, 0x77 };
if someone knows how the encoding works, please tell me:-)
I assume some ASN.1 encoding...
metze
(This used to be commit aa720a15319392fee5c532959192d0df5bf4c718)
|
|
metze
(This used to be commit 3d51ce92c272582e19046337ea6b8b2acd60997d)
|
|
metze
(This used to be commit 38ae6ce7b9b5dd733e4e838da04d1c570c450c97)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
metze
(This used to be commit 4daa45f98a3bb6f3c245fe61e05681335ef8b5c6)
|
|
metze
(This used to be commit 3daa68e1c4212f1dad98b196a096ded3204b03ba)
|
|
metze
(This used to be commit 1b6621814ba83724e05c0c2bea28d6eb295a3655)
|
|
this wasn't noticed because on the 1st dc in the forest both have the
same value
metze
(This used to be commit 527bd9a0a361e19606e25e885b92da316e740bf9)
|
|
metze
(This used to be commit 3f1e88759cce7b05a117928efe73b353b28e8576)
|
|
http://msdn2.microsoft.com/en-us/library/ms676264.aspx
metze
(This used to be commit a52d5f6ed9d92890d2a677d9398450f355165de2)
|
|
request work correctly
- the error structures all have the same type
metze
(This used to be commit 3322dbd901106262b22db35e9ef455a08ac2867c)
|
|
metze
(This used to be commit 3e6264d872e4fc39a8e0712293492ad413345de9)
|
|
metze
(This used to be commit f79d3435936104813f9492a010c57ea99835702f)
|
|
avoid pushing the referred object twice) and add test for full pointers.
(This used to be commit 1638c8d234dbc85298000685e49570f23dfd0bf8)
|
|
duplicates later.
(This used to be commit 006ab1d4a449c81680add57e0116a86b8317fbfb)
|
|
- we don't need to add 'ref' explicit
- we some toplevel pointers need to be 'ptr' ('sptr' for now) pointers
metze
(This used to be commit c95cd82de29f4102d72030780da785bf28e0de9e)
|
|
(This used to be commit 92b8bde561277a6b83048ce003cc29ff1b380255)
|
|
a DC
metze
(This used to be commit df133cd22a350d422c49844e50a67f4cc1fb61e4)
|
|
(This used to be commit 48e6df59444a78dc268b84c5f94787de09d41908)
|
|
(This used to be commit 0221d5b6c4250a3a2c86c623c534996d7decb1f6)
|
|
(This used to be commit bd48f78b1d6dba73e44630ad930fd6089d2076b2)
|
|
- use the client_site when creating the server object
metze
(This used to be commit b02d0e1be343c7d609715237dc842702b6fbe231)
|
|
this also let wireshark match the responses
metze
(This used to be commit 9e52b0b9b59e2c8ee7b1242a191cc37e462842c1)
|
|
(This used to be commit 17c2557834aad8c85fb640054c942f99bbce1d94)
|
|
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
|
|
- remove ipv6 support untill the resolve layer can give ipv6 addresses
metze
(This used to be commit 1e518c3e675e6952044bc0fdf2537be432c0c56f)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
the build
for now.
(This used to be commit 1474f1a220d869c3c11dac038411149abe3e48fe)
|
|
(This used to be commit 347ae9628202ca4de4318ef8156999239aad9192)
|
|
places where this was currently not the case.
(This used to be commit 3894497a232df8cf0457c7439c9ae347f63f24a1)
|
|
libraries
works again now, by specifying --enable-dso to configure.
(This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
|
|
as well?
The server side change is needed to fix a valgrind error, which was
possibly exploitable if the client sent deliberately bad data
(This used to be commit e3c04cf165fe15739197b2713e78046399aa7653)
|
|
a RPC-SECRETS on kerberos test still fails, but I'll let andrew take a
look at that later :)
(This used to be commit c260b175682c1cd95eaba958bfd9f054cb2547ea)
|