Age | Commit message (Collapse) | Author | Files | Lines |
|
This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc. This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.
The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.
Andrew Barltett
|
|
We need to check for invalid parameters before we check for
access denied.
metze
|
|
INVALID_PARAMETER/INFO_CLASS
metze
|
|
netr_Validation levels
metze
|
|
- Performs the short computer name check against the sam account name.
- Enhances the LogonGetDomainInfo testsuite which checks the NULL
"dns_hostname" behaviour
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 19 12:50:33 CET 2010 on sn-devel-104
|
|
codes
Plus some cosmetic indentation fixes
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 31 19:26:45 UTC 2010 on sn-devel-104
|
|
"servicePrincipalName" generation is still needed
|
|
strings
They can be substituted by "ldb_msg_add_string" if the string was already
talloc'ed.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 24 20:03:27 UTC 2010 on sn-devel-104
|
|
NO_TRUST_SAM_ACCOUNT
If we can't find the account we should return NT_STATUS_NO_TRUST_SAM_ACCOUNT
instead of NT_STATUS_ACCESS_DENIED.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 23 10:05:35 UTC 2010 on sn-devel-104
|
|
sec_channel_types early
metze
|
|
after the account
metze
|
|
metze
|
|
netr_DsRGetDCNameEx2()
metze
|
|
Thanks to Tarun Chopra for the help of looking up all the bits in
the docs.
metze
|
|
invalid names
Only netbios domain names are allowed.
metze
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
"samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
directly
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 2 03:11:38 UTC 2010 on sn-devel-104
|
|
when we get a netlogon RODC DNS update, we send it to the dnsupdate
task
|
|
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
metze
|
|
here the new password change syntax
|
|
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
|
|
This also changes the calling convention slightly - we should always
allocate this with talloc_zero() to allow some elements to be
optional. Some elements may only make sense in Samba3, which I hope
will use this common structure.
Andrew Bartlett
|
|
As ekacnet pointed out on the mailing list we don't need to do a delete if we
(re)set the values afterwards - only if we don't set any new ones.
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
family in a better way
Obviously the last attempt wasn't enough. Now we do really only read the first
byte in the address buffer which on little endian transmission does always
contain the address family (MS-NRPC 2.2.1.2.4.1).
This should now be working platform-independently.
|
|
This should make it clearer by the use of the standardised "sa_family_t" type
and hopefully fixes the problems on platforms other than Linux (NetBSD in the
buildfarm for example).
|
|
See MS-NRPC 3.5.5.6.3.
|
|
|
|
Otherwise it obviously can never be set.
|
|
|
|
|
|
|
|
belong here
I'm not really sure if this check is really done on Windows Server. And if it
is done, then it's on the LDB level (module).
|
|
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.
CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
|
|
metze
|
|
client site information
This behaviour should be similar to the one of Windows Server (in my case 2008)
|
|
with the client site information"
This reverts commit 908d982980846257b65ab576d31131e8793e9399.
I need to merge the improved version of this commit.
|
|
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6.
This isn't the correct behaviour. See MS-NRPC documentation under the
"GetAnyDCName" section.
|
|
We should respond when we are the PDC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
When we aren't a DC we shouldn't have the netlogon pipe available.
[MS-NRPC 1.3] says that we can only have DCs on the server side.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Does for now only return DC's primary site.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
MS-NRPC docs
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
documentation
This implementation checks if the domainname is valid for us or a trusted domain.
Then I've also added the PDC location functionality. That means that we should
return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5).
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
client site information
This behaviour should be similar to the one of Windows Server (in my case 2008)
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
metze
|