summaryrefslogtreecommitdiff
path: root/source4/rpc_server/samr
AgeCommit message (Collapse)AuthorFilesLines
2009-09-19more include minimisationAndrew Tridgell1-5/+0
2009-09-07s4:samr - Fix up the SAMR server to support the primary group of a user in ↵Matthias Dieter Wallnöfer1-128/+189
the right way When doing some tests with the NT User Manager for Domains on s4 I noticed that the handling of the primary group for a user wasn't correct. So I fixed this. Also some cosmetic changes (tab indent corrections).
2009-07-13libds: merge the UF<->ACB flag mapping functions.Günther Deschner1-3/+3
Guenther
2009-07-13libds: share UF_ flags between samba3 and 4.Günther Deschner2-2/+2
Guenther
2009-05-30Move a comment where it belongsVolker Lendecke1-3/+6
2009-05-29Win2k3 don't allow creating of domain trust accounts over SAMRAndrew Bartlett1-5/+5
2009-05-26Don't use crossRef records to find our own domainAndrew Bartlett1-94/+34
A single AD server can only host a single domain, so don't stuff about with looking up our crossRef record in the cn=Partitions container. We instead trust that lp_realm() and lp_workgroup() works correctly. Andrew Bartlett
2009-05-25cope with lanman auth being disabled in old password change codeAndrew Tridgell1-8/+15
When lanman auth is disabled and a user calls a password change method that requires it we should give NT_STATUS_NOT_SUPPORTED
2009-04-23s4:samr Use ldb_context * rather than void *Andrew Bartlett1-1/+1
2009-03-01s4: Use same function signature for convert_* as s3.Jelmer Vernooij1-8/+7
2009-03-01Add allow_badcharcnv argument to all conversion function, forJelmer Vernooij1-3/+3
consistency with Samba 3.
2008-12-10s4-samr: Fix Bug #5946. userparameters handling in samr server.Matthias Dieter Wallnöfer1-4/+6
Signed-off-by: Günther Deschner <gd@samba.org>
2008-12-05s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.Günther Deschner1-4/+4
Guenther
2008-12-05s4-samr: fix s4 samr server after idl change.Günther Deschner1-2/+1
Guenther
2008-12-02s4-samr: use samr_DomainServerState in samr server.Günther Deschner1-1/+1
Guenther
2008-11-10s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python)Günther Deschner1-5/+3
Guenther
2008-11-10s4-samr: merge samr_QueryGroupInfo from s3 idl. (fixme python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_QueryAliasInfo from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_EnumDomainGroups from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_EnumDomainUsers from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_EnumDomains from s3 idl. (fixme: python)Günther Deschner1-5/+5
Guenther
2008-11-10s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)Günther Deschner1-11/+11
Guenther
2008-11-10s4-samr: merge samr_EnumDomainAliases from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo from s3 idl. (fixme: python)Günther Deschner1-34/+30
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo2 from s3 idl. (fixme: python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo3 from s3 idl. (fixme: python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_GetGroupsForUser from s3 idl. (fixme: python)Günther Deschner1-1/+1
Guenther
2008-11-10s4-samr: merge samr_QueryDomainInfo from s3 idl. (fixme python)Günther Deschner1-20/+22
Guenther
2008-11-10s4-samr: merge samr_QueryGroupMember from s3 idl. (fixme: python)Günther Deschner1-1/+1
Guenther
2008-11-10s4-samr: merge samr_Connect5 from s3 idl. (fixme python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_GetDomPwInfo from s3 idl. (fixme: python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_GetUserPwInfo from s3 idl. (fixme: python)Günther Deschner1-7/+7
Guenther
2008-11-10s4-samr: merge samr_RidToSid from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_QuerySecurity from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_LookupRids from s3 idl.Günther Deschner1-6/+6
Guenther
2008-11-10s4-samr: merge samr_ChangePasswordUser3 from s3 idl.Günther Deschner1-3/+8
Guenther
2008-11-10s4-samr: prepare for Query.*Info calls: change macros.Günther Deschner1-31/+37
Guenther
2008-11-10s4-samr: merge samr_UserInfo20 from s3 idl.Günther Deschner1-6/+18
This must not be treated as a normal string (strlen truncates it). Guenther
2008-11-04Use ldb_dn_from_ldb_val() to create a DN in the SAMR serverAndrew Bartlett1-2/+7
The previous code incorrectly cast an ldb_val into a char *. Andrew Bartlett
2008-11-04Use ldb_dn_from_ldb_val to avoid possible over-run of the value.Andrew Bartlett1-3/+3
The ldb_val is length-limited, and while normally NULL terminated, this avoids the chance that this particular value might not be, as well as avoiding a cast. Andrew Bartlett
2008-10-24Remove iconv_convenience argument from convert_string{,talloc}() butJelmer Vernooij1-3/+3
make them wrappers around convert_string{,talloc}_convenience().
2008-10-17Fix errrors in new password handling code found by RPC-SAMR.Andrew Bartlett1-2/+15
I'm very glad we have such a comprehensive testsuite for the SAMR password change process, as it makes this a much easier task to get right. Andrew Bartlett
2008-10-16Create a 'straight paper path' for UTF16 passwords.Andrew Bartlett1-38/+50
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
2008-10-15s4: merge from s3 samr.idl.Günther Deschner1-1/+1
Guenther
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij2-2/+2
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij1-1/+1
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce1-6/+6
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-09-22Remove unused parameter from decode_pw_buffer and fail on invalidAndrew Bartlett1-6/+4
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett
2008-07-21Rename structures to better match the names in the WSPP IDL.Andrew Bartlett1-33/+33
The 'comment' element in a number of domain structures is called oem_information. This was picked up actually because with OpenLDAP doing the schema checking, it noticed that 'comment' was not a valid attribute. The rename tries to keep this consistant in both the LDB mappings and IDL, so we don't make the same mistake in future. This has no real schema impact, as this value isn't actually used for anything, as 'comment' was not used in the provision. Andrew Bartlett (This used to be commit 65dc0d536590d055a5ee775606ac90ee5fcaee9a)