Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2008-11-10 | s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python) | Günther Deschner | 1 | -5/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryGroupInfo from s3 idl. (fixme python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryAliasInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainGroups from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainUsers from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomains from s3 idl. (fixme: python) | Günther Deschner | 1 | -5/+5 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupNames from s3 idl. (fixme: python) | Günther Deschner | 1 | -11/+11 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainAliases from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -34/+30 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo2 from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo3 from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetGroupsForUser from s3 idl. (fixme: python) | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDomainInfo from s3 idl. (fixme python) | Günther Deschner | 1 | -20/+22 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryGroupMember from s3 idl. (fixme: python) | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_Connect5 from s3 idl. (fixme python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetDomPwInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetUserPwInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -7/+7 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_RidToSid from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QuerySecurity from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupRids from s3 idl. | Günther Deschner | 1 | -6/+6 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_ChangePasswordUser3 from s3 idl. | Günther Deschner | 1 | -3/+8 | |
Guenther | |||||
2008-11-10 | s4-samr: prepare for Query.*Info calls: change macros. | Günther Deschner | 1 | -31/+37 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_UserInfo20 from s3 idl. | Günther Deschner | 1 | -6/+18 | |
This must not be treated as a normal string (strlen truncates it). Guenther | |||||
2008-11-04 | Use ldb_dn_from_ldb_val() to create a DN in the SAMR server | Andrew Bartlett | 1 | -2/+7 | |
The previous code incorrectly cast an ldb_val into a char *. Andrew Bartlett | |||||
2008-11-04 | Use ldb_dn_from_ldb_val to avoid possible over-run of the value. | Andrew Bartlett | 1 | -3/+3 | |
The ldb_val is length-limited, and while normally NULL terminated, this avoids the chance that this particular value might not be, as well as avoiding a cast. Andrew Bartlett | |||||
2008-10-24 | Remove iconv_convenience argument from convert_string{,talloc}() but | Jelmer Vernooij | 1 | -3/+3 | |
make them wrappers around convert_string{,talloc}_convenience(). | |||||
2008-10-17 | Fix errrors in new password handling code found by RPC-SAMR. | Andrew Bartlett | 1 | -2/+15 | |
I'm very glad we have such a comprehensive testsuite for the SAMR password change process, as it makes this a much easier task to get right. Andrew Bartlett | |||||
2008-10-16 | Create a 'straight paper path' for UTF16 passwords. | Andrew Bartlett | 1 | -38/+50 | |
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett | |||||
2008-10-15 | s4: merge from s3 samr.idl. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-10-11 | Fix include paths to new location of libutil. | Jelmer Vernooij | 2 | -2/+2 | |
2008-09-24 | Move source4/lib/crypto to lib/crypto. | Jelmer Vernooij | 1 | -1/+1 | |
2008-09-23 | Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. | Simo Sorce | 1 | -6/+6 | |
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful. | |||||
2008-09-22 | Remove unused parameter from decode_pw_buffer and fail on invalid | Andrew Bartlett | 1 | -6/+4 | |
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett | |||||
2008-07-21 | Rename structures to better match the names in the WSPP IDL. | Andrew Bartlett | 1 | -33/+33 | |
The 'comment' element in a number of domain structures is called oem_information. This was picked up actually because with OpenLDAP doing the schema checking, it noticed that 'comment' was not a valid attribute. The rename tries to keep this consistant in both the LDB mappings and IDL, so we don't make the same mistake in future. This has no real schema impact, as this value isn't actually used for anything, as 'comment' was not used in the provision. Andrew Bartlett (This used to be commit 65dc0d536590d055a5ee775606ac90ee5fcaee9a) | |||||
2008-04-17 | Specify event_context to ldb_wrap_connect explicitly. | Jelmer Vernooij | 2 | -5/+5 | |
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91) | |||||
2008-03-14 | Rework our SAMR test and SAMR server. | Andrew Bartlett | 2 | -25/+49 | |
Now that we don't create users/domain groups/aliases in the builtin domain, we hit some bugs in the server-side implementation of the enumeration functions. In essence, it turns out to be: don't treat 0 as a special case. Also, fix up the PDC name to always be returned. I'm sure nothing actually uses it, particularly for BUILTIN... Andrew Bartlett (This used to be commit 353bb79f568f20c8469cb9458f7b14c24612ad23) | |||||
2008-03-13 | Rework SAMR functions to avoid gendb_search() | Andrew Bartlett | 1 | -26/+38 | |
The gendb_*() API does not return error codes, and mixes error returns with the count of returned entries. Andrew Bartlett (This used to be commit facbc8dfa5188fdd610f400b5be6e05bc33b0820) | |||||
2008-03-13 | Rework to have member server 'domains' be CN=NETBIOSNAME | Andrew Bartlett | 1 | -1/+1 | |
This reworks quite a few parts of our provision system to use CN=NETBIOSNAME as the domain for member servers. This makes it clear that these domains are not in the DNS structure, while complying with our own schema (found by OpenLDAP's schema validation). Andrew Bartlett (This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402) | |||||
2008-02-28 | Check for and reject invalid account flags. | Andrew Bartlett | 1 | -0/+14 | |
(lest we have an account set with 0 flags) Andrew Bartlett (This used to be commit 7a46e72f8dbb191ac8a811eb4cd95210fab7dc7b) | |||||
2008-02-28 | Generate ACB_PW_EXPIRED correctly | Andrew Bartlett | 1 | -14/+14 | |
More correctly handle expired passwords, and do not expire machine accounts. Test that the behaviour is consistant with windows, using the RPC-SAMR test. Change NETLOGON to directly query the userAccountControl, just because we don't want to do the extra expiry processing here. Andrew Bartlett (This used to be commit acda1f69bc9b9c43e157e254d0bae54d11363661) | |||||
2008-01-16 | Print out the reason we can't delete the user in SAMR. | Andrew Bartlett | 1 | -0/+3 | |
We need to be far more granular bout this - in particular, we need a decide LDAP -> NTSTATUS conversion. Andrew Bartlett (This used to be commit 30fc3752c7573fcf8b1a41f7b3bc8dad860077f8) | |||||
2007-12-21 | r26540: Revert my previous commit after concerns raised by Andrew. | Jelmer Vernooij | 1 | -27/+27 | |
(This used to be commit 6ac86f8be7d9a8c5ab396a93e6d1e6819e11f173) | |||||
2007-12-21 | r26539: Remove unnecessary statics. | Jelmer Vernooij | 1 | -27/+27 | |
(This used to be commit e53e79eebef3ece6978f0a2b4a1ee0a0814bb5d2) | |||||
2007-12-21 | r26328: remove more uses of global_loadparm. | Jelmer Vernooij | 2 | -6/+6 | |
(This used to be commit 40ae12c08647c47a9c504d39ee6f61c32b4e5748) | |||||
2007-12-21 | r26319: Split encoding functions out of libcli_ldap. | Jelmer Vernooij | 1 | -1/+1 | |
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6) | |||||
2007-12-21 | r26313: Fix more uses of static loadparm. | Jelmer Vernooij | 1 | -3/+4 | |
(This used to be commit 6fd0d9d3b75546d08c24c513e05b1843d5777608) | |||||
2007-12-21 | r26296: Store loadparm context in DCE/RPC server context. | Jelmer Vernooij | 2 | -5/+5 | |
(This used to be commit fc1f4d2d65d4c983cba5421e7ffb64dd75482860) | |||||
2007-12-21 | r26272: Remove global_loadparm in some more places. | Jelmer Vernooij | 1 | -2/+3 | |
(This used to be commit 1ab76ecc5311fa863e5d04899b6f110899818f55) | |||||
2007-12-21 | r26252: Specify loadparm_context explicitly when creating sessions. | Jelmer Vernooij | 1 | -3/+3 | |
(This used to be commit 7280c1e9415daabb2712db1372e23f9846272ede) |