Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-22 | s4-lsa: added support for QuerySecurity on LSA | Andrew Tridgell | 1 | -2/+85 | |
This follows the sd pattern from samba3 | |||||
2009-09-19 | more include minimisation | Andrew Tridgell | 1 | -2/+0 | |
2009-09-11 | lsa: fill in more unknowns in lsa_LookupSid calls. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2009-09-07 | s4:templates - Remove the latest relics (in "dcesrv_lsa_CreateSecret") | Matthias Dieter Wallnöfer | 1 | -10/+0 | |
2009-07-16 | lsa: fix typo in lsa_TrustDomInfoEnum enum in IDL. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-07-13 | libds: merge the UF<->ACB flag mapping functions. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2009-05-26 | Don't use crossRef records to find our own domain | Andrew Bartlett | 1 | -57/+12 | |
A single AD server can only host a single domain, so don't stuff about with looking up our crossRef record in the cn=Partitions container. We instead trust that lp_realm() and lp_workgroup() works correctly. Andrew Bartlett | |||||
2009-04-23 | Fix Coverity ID 628, Andrew B., please check! | Volker Lendecke | 1 | -1/+1 | |
2009-02-02 | s4:rpc_server/lsa: s/delete/del s/open/opn | Stefan Metzmacher | 1 | -30/+32 | |
metze | |||||
2008-12-29 | s4:lib/tevent: rename structs | Stefan Metzmacher | 1 | -1/+1 | |
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze | |||||
2008-10-28 | s4: lsa-server: fix crash bugs related to [out,ref] ** changes | Stefan Metzmacher | 1 | -4/+4 | |
metze | |||||
2008-10-28 | s4-lsa-server: remove merge leftover. | Günther Deschner | 1 | -1/+0 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_QueryInfoPolicy/{2} from s3 lsa idl. | Günther Deschner | 1 | -19/+18 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_LookupNames/{2,3,4} from s3 lsa idl. | Günther Deschner | 1 | -9/+13 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_LookupSids/{2,3} from s3 lsa idl. | Günther Deschner | 1 | -5/+9 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_QueryDomainInformationPolicy from s3 lsa idl. | Günther Deschner | 1 | -7/+10 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_QueryTrustedDomainInfoByName from s3 lsa idl. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_QueryTrustedDomainInfo from s3 idl. | Günther Deschner | 1 | -14/+18 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_QueryTrustedDomainInfoBySid from s3 lsa idl. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_LookupPrivName from s3 lsa idl. | Günther Deschner | 1 | -3/+7 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_EnumPrivsAccount from s3 lsa idl. | Günther Deschner | 1 | -13/+29 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_LookupPrivDisplayName from s3 lsa idl. | Günther Deschner | 1 | -5/+9 | |
Guenther | |||||
2008-10-27 | s4-lsa: merge lsa_GetUserName from s3 lsa idl. | Günther Deschner | 1 | -11/+15 | |
Guenther | |||||
2008-10-20 | Make the updated RPC-LSA pass against Win2008, and Samba4 to match | Andrew Bartlett | 1 | -0/+1 | |
2008-10-20 | LSA Patch for User Manager | Matthias Dieter Wallnöfer | 1 | -4/+37 | |
New (major) patch ================= - Enhances the "lsa.idl" file in the sense that it adds more values to "PolicyInformation" to improve the "lsa_QueryInfoPolicy*" calls. - Adds a minimal implementation for "AuditEvents" (also lsa_QueryInfoPolicy* calls) to enable the "Audit" option in the "User Manager for Domains" (at least readable). - Adds to the "lsa.idl" file the system access mode flags needed for the calls "lsa_*SystemAccessAccount". - Fill in the "lsa_GetSystemAccessAccount" for enabling the "User Rights" option in the "User Manager for Domains" (at least readable). - Merge the two similar torture tests of the "lsa_QueryInfoPolicy*" calls in one using "if"'s for a few separations. - Add a torture test for "lsa_GetSystemAccessAccount". - Some cosmetic-only changes (unifications) in output strings in the "LSA" torture test. The work has been done using the Microsoft WSPP docs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2008-10-16 | Create a 'straight paper path' for UTF16 passwords. | Andrew Bartlett | 1 | -13/+8 | |
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett | |||||
2008-10-11 | Fix include paths to new location of libutil. | Jelmer Vernooij | 2 | -2/+2 | |
2008-10-06 | Store trusted domain passwords in the LSA server | Andrew Bartlett | 1 | -4/+64 | |
2008-10-03 | updated the LSA and NETLOGON servers with fixes resulting from the AD | Andrew Tridgell | 2 | -14/+75 | |
plugfest in Redmond | |||||
2008-09-30 | fixed a number of places in our LSA server where we should return the | Andrew Tridgell | 1 | -11/+13 | |
sid/name array even when all are unmapped. If we don't fill in the array then the windows client runtime crashes | |||||
2008-09-30 | Merge branch 'master' of ssh://git.samba.org/data/git/samba | Andrew Tridgell | 1 | -9/+9 | |
2008-09-30 | check call status not rpc fault code when calling to different levels | Andrew Tridgell | 1 | -4/+4 | |
of calls | |||||
2008-09-30 | cope with NULL attr | Andrew Tridgell | 1 | -1/+3 | |
2008-09-29 | Rework to match new trustDomainPasswords IDL | Andrew Bartlett | 1 | -5/+5 | |
2008-09-29 | Fix parsing of the trust passwords in LSA CreateTrustedDomainEx* | Andrew Bartlett | 1 | -4/+4 | |
2008-09-29 | WSPP docs say we need to check that root_dir is NULL | Andrew Tridgell | 1 | -0/+6 | |
2008-09-29 | we need to return NT_STATUS_INVALID_PARAMETER for bad levels in | Andrew Tridgell | 1 | -0/+5 | |
lsalookupnames2 | |||||
2008-09-29 | unmapped SIDs should be rid 0 not rid -1 | Andrew Tridgell | 1 | -1/+4 | |
2008-09-29 | added some more well known SIDs - thanks to the WSPP LSAT test suite | Andrew Tridgell | 1 | -1/+42 | |
2008-09-24 | Move source4/lib/crypto to lib/crypto. | Jelmer Vernooij | 1 | -1/+1 | |
2008-09-23 | Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. | Simo Sorce | 1 | -5/+4 | |
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful. | |||||
2008-09-08 | Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008. | Andrew Bartlett | 1 | -51/+64 | |
(This used to be commit 07cb8db799cc22685af4bb63285fa10115790ce1) | |||||
2008-09-08 | More work towards trusted domains support in Samba4's LSA | Andrew Bartlett | 1 | -50/+323 | |
Make 'lsar_CreateTrustedDomain' consistant with lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle Implement LSA server logic to create the cn=users trust account for incoming trusts. Andrew Bartlett (This used to be commit d87b655e20b7c38756774cec2e5898af38c46786) | |||||
2008-09-01 | Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust. | Andrew Bartlett | 1 | -0/+6 | |
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613) | |||||
2008-08-26 | More LSA server and testuite work. | Andrew Bartlett | 1 | -1/+38 | |
- Implement QueryDomainInformationPolicy in Samba4 - Allow RPC-LSA to pass against Windows 2008 (which does not allow the Audit privilage to be removed) Andrew Bartlett (This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137) | |||||
2008-08-26 | Implement matching logic to Windows 2008 on handling of secrets. | Andrew Bartlett | 1 | -16/+8 | |
This is enforced by the new RPC-LSA test. Andrew Bartlett (This used to be commit da200ac64485fd9531b1aa048570c682b680b012) | |||||
2008-08-26 | Fix LSA server to pass more of RPC-LSA and match Windows 2008 | Andrew Bartlett | 1 | -17/+32 | |
This fixes some info levels in the QueryTrustedDomainInfo call, and changes from implementing lsa_Delete to lsa_DeleteObject (which has an explicit close and reutrns a NULL handle). Andrew Bartlett (This used to be commit 1f12c368b2566b378a6c521c389b8b1bafbcf916) | |||||
2008-07-21 | Remove bogus test in 'enum trusted domains' LSA server. | Andrew Bartlett | 1 | -6/+0 | |
The change to the RPC-LSA test proves that when the remote server has 0 trusted domains, it will return NT_STATUS_NO_MORE_ENTRIES, not NT_STATUS_OK. Andrew Bartlett (This used to be commit 40a55b34c2ce75267cf004dc4cfb8153c061e66b) | |||||
2008-06-14 | Make up the right dependencies now that ldb depends on libevents | Simo Sorce | 1 | -2/+2 | |
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0) | |||||
2008-04-17 | Specify event_context to ldb_wrap_connect explicitly. | Jelmer Vernooij | 2 | -8/+9 | |
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91) |