summaryrefslogtreecommitdiff
path: root/source4/rpc_server/netlogon
AgeCommit message (Collapse)AuthorFilesLines
2010-10-02s4:rpc_server/netlogon: don't use dcerpc_binding_handle_call_send/recv() ↵Stefan Metzmacher1-12/+9
directly metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Oct 2 03:11:38 UTC 2010 on sn-devel-104
2010-09-27s4-netlogon: added RODC DNS update call fwded to dnsupdate taskAndrew Tridgell1-3/+89
when we get a netlogon RODC DNS update, we send it to the dnsupdate task
2010-09-16s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecordsAndrew Tridgell1-0/+20
this is used by a RODC to do DNS updates, as TSIG updates are not allowed by RODCs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-03s4:rpc_server/netlogon: use irpc_binding_handle_by_name()Stefan Metzmacher1-7/+10
metze
2010-08-17s4:netlogon RPC server - "ServerPasswordSet" operations - introduce also ↵Matthias Dieter Wallnöfer1-2/+43
here the new password change syntax
2010-08-17s4-netlogon: added SEC_CHAN_RODCAndrew Tridgell1-0/+5
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
2010-08-14s4:auth Move struct auth_usersupplied_info to a common locationAndrew Bartlett1-5/+1
This also changes the calling convention slightly - we should always allocate this with talloc_zero() to allow some elements to be optional. Some elements may only make sense in Samba3, which I hope will use this common structure. Andrew Bartlett
2010-07-31s4:dcesrv_netr_LogonGetDomainInfo - improve the client OS informations updateMatthias Dieter Wallnöfer1-19/+8
As ekacnet pointed out on the mailing list we don't need to do a delete if we (re)set the values afterwards - only if we don't set any new ones.
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-16/+16
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-18s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the detection of the address ↵Matthias Dieter Wallnöfer1-2/+3
family in a better way Obviously the last attempt wasn't enough. Now we do really only read the first byte in the address buffer which on little endian transmission does always contain the address family (MS-NRPC 2.2.1.2.4.1). This should now be working platform-independently.
2010-06-16s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the read of the IP packet versionMatthias Dieter Wallnöfer1-3/+4
This should make it clearer by the use of the standardised "sa_family_t" type and hopefully fixes the problems on platforms other than Linux (NetBSD in the buildfarm for example).
2010-05-31s3/s4:netrEnumerateTrustedDomains - this call returns a "NTSTATUS" resultMatthias Dieter Wallnöfer1-2/+2
See MS-NRPC 3.5.5.6.3.
2010-05-31s4:dcesrv_netr_DsrEnumerateDomainTrusts - fix an integer typeMatthias Dieter Wallnöfer1-1/+1
2010-05-24s4:LogonGetDomainInfo - allow to set DNS hostname for the first timeMatthias Dieter Wallnöfer1-11/+14
Otherwise it obviously can never be set.
2010-05-18Finish removal of iconv_convenience in public API's.Jelmer Vernooij1-3/+0
2010-05-03s4:LogonGetDomainInfo - fix a potential crash sourceMatthias Dieter Wallnöfer1-0/+4
2010-05-03s4:LogonGetDomainInfo - fix indentationMatthias Dieter Wallnöfer1-2/+2
2010-05-03s4:LogonGetDomainInfo - remove singular "dNSHostName" check - this doesn't ↵Matthias Dieter Wallnöfer1-19/+1
belong here I'm not really sure if this check is really done on Windows Server. And if it is done, then it's on the LDB level (module).
2010-04-28s4-netlogon: fixed getDcNameEx2 for blank inputsAndrew Tridgell1-1/+1
w2k8r2 returns the local DC information on no inputs for getDcNameEx2. This is needed for starting dsa.msc (ADUC) on Win7. CDLAP on the same call returns an error. This uses a parameter fill_on_blank_request to distinguish the two cases.
2010-04-27s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2()Stefan Metzmacher1-5/+9
metze
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+98
client site information This behaviour should be similar to the one of Windows Server (in my case 2008)
2010-04-27Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly ↵Matthias Dieter Wallnöfer1-93/+16
with the client site information" This reverts commit 908d982980846257b65ab576d31131e8793e9399. I need to merge the improved version of this commit.
2010-04-27Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch"Matthias Dieter Wallnöfer1-0/+6
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6. This isn't the correct behaviour. See MS-NRPC documentation under the "GetAnyDCName" section.
2010-04-27s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patchAndrew Tridgell1-6/+0
We should respond when we are the PDC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4:netlogon RPC server - we don't need "are we DC" proofsMatthias Dieter Wallnöfer1-8/+0
When we aren't a DC we shouldn't have the netlogon pipe available. [MS-NRPC 1.3] says that we can only have DCs on the server side. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementationMatthias Dieter Wallnöfer1-1/+23
Does for now only return DC's primary site. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the ↵Matthias Dieter Wallnöfer1-1/+13
MS-NRPC docs Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵Matthias Dieter Wallnöfer1-7/+55
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+93
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-21s4:netlogon RPC server - fix a counter variable typeMatthias Dieter Wallnöfer1-1/+2
2010-04-20s4:rpc_server/netlogon: add no memory checksStefan Metzmacher1-1/+2
metze
2010-04-20s4-netlogon: fixed dc_unc and dc_address_typeAndrew Tridgell1-1/+3
These are needed for dcpromo from w2k8r2
2010-04-20s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC ↵Matthias Dieter Wallnöfer1-1/+1
short domainname discovery Here we don't need to use "lp_sam_name" since in this function we are always a DC.
2010-04-13s4:"samdb_server_site_name" uses - proof for out of memoryMatthias Dieter Wallnöfer1-1/+4
2010-04-13s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementationMatthias Dieter Wallnöfer1-52/+37
On the base of the "fill_netlogon_samlogon_response" call. This removes duplicated code.
2010-04-13s4:use "samdb_forest_name" for the forest DNS domainname lookupMatthias Dieter Wallnöfer1-13/+8
2010-04-13Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"Matthias Dieter Wallnöfer1-3/+4
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-04-12s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵Matthias Dieter Wallnöfer1-2/+2
attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one.
2010-04-12s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functionsMatthias Dieter Wallnöfer1-1/+1
Purely cosmetic change.
2010-04-10s4:rpc_server Fix segfault in modified SamLogon handlingAndrew Bartlett1-0/+1
2010-04-10s4:rpc_server Add all SIDs into the netlogon SamLogon replyAndrew Bartlett1-32/+52
We were missing the SIDs that are not in the domain.
2010-03-16s4:idl change level to type in lsa_ForestTrustRecord.Simo Sorce1-2/+2
2010-03-09s4:netlogon RPC - "LogonGetDomainInfo" - make the call compatible with >= ↵Matthias Dieter Wallnöfer1-23/+62
Windows 2008 Add more security checks and other corrections to imitate Windows Server >= 2008.
2010-02-24s4:netlogon remove wrong ZERO_STRUCT of outputSimo Sorce1-6/+0
This was causing marshalling faults when we returned errors.
2010-02-23s4:schannel merge code with s3Simo Sorce1-24/+15
After looking at the s4 side of the (s)channel :) I found out that it makes more sense to simply make it use the tdb based code than redo the same changes done to s3 to simplify the interface. Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet that does not solve the lookup speed, with ldb it is always going to be slower. Looking through the history it is evident that the schannel database doesn't really need greate expanadability. And lookups are always done with a single Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated. The schannel database is not really a persistent one. It can be discared during an upgrade without causing any real issue. all it contains is temproary session data.
2010-02-23s4:schannel more readable check logicSimo Sorce1-12/+44
Make the initial schannel check logic more understandable. Make it easy to define different policies depending on the caller's security requirements (Integrity/Privacy/Both/None) This is the same change applied to s3
2010-02-23s4:netlogon RPC - fix the indentationMatthias Dieter Wallnöfer1-15/+15
Simo, I'm not really sure that those checks are valid. I read MS-NRPC section 3.5.4.1 about LOGONSRV_HANDLEs ("server_name" is of this type). There isn't stated that the server name has necessarily to be in the DNS form and should also be valid when it's NULL (if DCE server and client are the same - I don't know if me make use of it in s4).
2010-02-22s4:netlogon GetTrustedDomainInformationSimo Sorce1-6/+172
start implementing calls related to trusted domain information
2010-02-22s4:netlogon fix segfaultSimo Sorce1-12/+19
2010-02-21s4:netlogon enhance DsrEnumerateDomainTrustsSimo Sorce1-27/+178
Actually return trust relationships by searching the appropriate entries in the SAM database. Add checks and return the correct flags, type and attributes.