Age | Commit message (Collapse) | Author | Files | Lines |
|
Volker
(This used to be commit 04cf580ef30ac38f3f312184a7b18551195a17ce)
|
|
delete a user
with usrmgr.exe.
To fix: Remove domain group membership attrib values when a user is deleted.
Volker
(This used to be commit 83d180c732ba73cf50072ef73ccdd60e72bc9910)
|
|
* Implement samr_search_domain, filter out all elements with no "objectSid"
attribute and all objects outside a specified domain sid.
* Minor cleanups in dcerpc_samr.c due to that.
* Implement srvsvc_NetSrvGetInfo level 100. A quick hack to get usrmgr.exe
one step further.
* Same for samr_info_DomInfo1.
Volker
(This used to be commit cdec89611355fb75d253ecf5b658d0e23de8e440)
|
|
these two,
usrmgr.exe seems to become usable. Some quirks, but it's worth a try.
Volker
(This used to be commit 9c62a239cd609092654ad653972153a3a71e7279)
|
|
(This used to be commit ae3c329e9d718cdc011f8f291ccc68abad6b9cc7)
|
|
(This used to be commit 9e27a83ac3b1470ba52df01743d9a64fcbecc64b)
|
|
(Do we
have to sort the entries?)
Volker
(This used to be commit 26d21bb5cc26964f2d790aa83149ba399ac50db2)
|
|
Hmmm. How do I tell ldb not to descend into cn=Builtin?
Volker
(This used to be commit c95d20cd7c18fbfb5e6e9a5efac07354117610c5)
|
|
samr_GetMembersInAlias.
Volker
(This used to be commit 78802720ae922cf8ad19bf2e8be23a64435c4673)
|
|
Fix IDL
for samr_SetAliasInfo.
Volker
(This used to be commit d70e2371903fb21e24ab2e23d04ee4b0b2ef55e5)
|
|
(This used to be commit b8fa5b9419c6397a4266bfdce3a31b1e016d7faa)
|
|
(This used to be commit 1bab3254f6a27144c6f76edf66573f7fa25b3173)
|
|
samr_QueryGroupMember.
Volker
(This used to be commit 43581c3711d2eeb901094acebea294a3b87d4c0b)
|
|
(This used to be commit 79ec28ade826c6a36e129abbe1e0a207074c676f)
|
|
enough stuff to do in 3_0??? ;-)
Volker
(This used to be commit c0fa7a92d9f602dc50801a9827e121c2b095a336)
|
|
Volker
(This used to be commit 8f2b9c9d320dbea197808081528477d7e4c816d1)
|
|
computer accounts
metze
(This used to be commit f75c2004a0fc889ce5d96790f7d1d5031bce3992)
|
|
the idea is to have a directory service db layer
which will be used by the ldap server, samr server, drsuapi server
authentification...
I plan to make different implementations of this interface possible
- current default will be the current samdb code with sam.ldb
- a compat implementation for samba3 (if someone wants to write one)
- a new dsdb implementation which:
- understands naming contexts (directory parrtitions)
- do schema and acl checking checking
- maintain objectGUID, timestamps and USN number,
maybe linked attributes ('member' and 'memberOf' attributes)
- store metadata on a attribute=value combination...
metze
(This used to be commit 893a8b8bca2f020fbbe6f469aaa8dd4478249eb8)
|
|
lm hash from the samdb, and thus not checking the verifier)
fixed the client side to calculate the lm verifier based on the nt
hash, not the lm hash (confirmed using w2k3)
(This used to be commit 27e7fb3bafe4649359e2e68169b6f10fd4d2cc70)
|
|
hash, not the lm hash
(This used to be commit 8d4f0dc7d0745fc86fd43205b21d846acdc1d8c7)
|
|
password change code.
(This used to be commit f70e8f02d6164046781a5d63fa5c0b86b8ab8df9)
|
|
verify that the security descriptor found in the SamSync is the same
as what is available over SAMR.
Unfortunately, the administrator seems unable to retrieve the SACL on
the security descriptor, so I've added a new function to compare with
a mask.
Andrew Bartlett
(This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|
|
Andrew Bartlett
(This used to be commit 90398fda41dd15480899e3628df186eb02fdc139)
|
|
This compares values for the domain and for secrets. We still have
some problems we need to sort out for secrets.
Also rename a number of structures in samr.idl and netlogon.idl, to
better express their consistancy.
Andrew Bartlett
(This used to be commit 3f52fa3a42b030c9aef21c8bd88aad87a0aae078)
|
|
metze
(This used to be commit 4839ea156fea95743127753c194fbc23ccf732fd)
|
|
- split ldh.h out of samba's includes.h
- make ldb_context and ldb_module private to the subsystem
- use ltdb_ prefix for all ldb_tdb functions
metze
(This used to be commit f5ee40d6ce8224e280070975efc9911558fe675c)
|
|
NETLOGON.
In particular, rename samr_Name to samr_String - given that many
strings in this pipe are not 'names', the previous was just confusing.
(I look forward to PIDL turning these into simple char * some day...).
Also export out a few changes from testjoin.c to allow for how I have
written the new RPC-SAMSYNC test.
Andrew Bartlett
(This used to be commit 9cd666bcfb1fc752a4717010a7c4f05131dc728e)
|
|
(This used to be commit 729e0026e4408f74f140375537d4fe48c1fc3242)
|
|
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
|
|
(This used to be commit 3f902f8d851d32fa81d89ed61bfda6edaea00984)
|
|
SAMR_FIELD_PASSWORD has been split up).
Andrew Bartlett
(This used to be commit 5f2295a5fb422ad028e67b240e55206acefb48bd)
|
|
Andrew Bartlett
(This used to be commit 51774a9bcad97686e5259ac8d753b3df58072622)
|
|
caller doesn't have to worry about the constraint of only opening a
database a single time in a process. These wrappers will ensure that
only a single open is done, and will auto-close when the last instance
is gone.
When you are finished with a database pointer, use talloc_free() to
close it.
note that this code does not take account of the threads process
model, and does not yet take account of symlinks or hard links to tdb
files.
(This used to be commit 04e1171996612ddb15f84134cadded68f0d173b2)
|
|
so talloc now doesn't contain any ldb specific functions.
allow NULL to be passed to a couple more talloc() functions
(This used to be commit 1246f80d806fb5f63cfbf3879de6d546384552a8)
|
|
(This used to be commit feb63e74f923f2a50c6836e18a6c2bda39644e71)
|
|
simplifies things quite a bit
(This used to be commit c82a9cf750829c4f6982ca3133295c8599023c4e)
|
|
void *talloc_reference(const void *context, const void *ptr);
this function makes a secondary reference to ptr, and hangs it off the
given context. This greatly simplifies some of the current reference
counting code in the samr server and I suspect it will be widely used
in other places too.
the way you use it is like this:
domain_state->connect_state = talloc_reference(domain_state, connect_state);
that makes the element connect_state of domain_state a secondary
reference to connect_state. The connect_state structure will then only
be freed when both domain_state and the original connect_state go
away, allowing you to free them independently and in any order.
you could do this alrady using a talloc destructor, and that is what
the samr server did previously, but that meant this construct was
being reinvented in several places. So this convenience function sets
up the destructor for you, giving a much more convenient and less
error prone API.
(This used to be commit dc5315086156644fad093cbe6b02d999adba8540)
|
|
disconnects. Previously the ldb was always kept open.
(This used to be commit d78eea9eb8540f137d30aef5fbb397295312eb1b)
|
|
hierarchical memory allocation
(This used to be commit 26da45a8019a2d6c9ff2ac2a6739c7d0b42b00de)
|
|
(This used to be commit efb2b88edddef94ecbaa9a871d457d0d7c177546)
|
|
Andrew Bartlett
(This used to be commit f3bf57ca6be3b71ebd8f8312c3d9e54387bdc402)
|
|
have the handle type implied by the parameter name. There are four
types of handle: connect, domain, user and group handles. The
various samr_Connect functions return a connect handle, and the
samr_OpenFoo functions return a foo handle.
There is one exception - the samr_{Get,Set}Security function can
take any type of handle.
Fix up all C callers.
(This used to be commit 32f0f3154a8eb63de83145cbc8806b8906ccdc3e)
|
|
'authenticated' connections.
Fix kerberos session key issues - we need to call the
routine for extracting the session key, not just read the cache.
Andrew Bartlett
(This used to be commit b80d849b6b586869fc7d3d4153db1a316f2867a9)
|
|
Andrew Bartlett
(This used to be commit a089bcf503bfc91eead08d10539367886b7927cd)
|
|
server
(This used to be commit 3b4ed24f4ba467a77bef8d6c25695fdbdb42b2ac)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|