Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-02-15 | s4:samr RPC server - QueryDisplayInfo returns always all domains users, ↵ | Matthias Dieter Wallnöfer | 1 | -34/+40 | |
aliases and groups That means when calling "QueryDisplayInfo" on the BUILTIN handle we still get all related domain objects - for example all domain (global + universal) groups. This is contrary to the "EnumDomain..." calls which do really only return the objects in the specified domain policy handle. This has been observed against Windows Server 2008 and confirmed by dochelp. In the same occasion I've converted from a "gendb*"-oriented search call to "dsdb_search". Patch-reviewed-by: Andrew Tridgell <tridge@samba.org> | |||||
2011-02-10 | ldb: use #include <ldb.h> for ldb | Andrew Tridgell | 1 | -2/+2 | |
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2011-01-15 | s4:samr RPC server - always interpret filter integer values as signed | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
To prevent platform-dependant problems. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Jan 15 14:54:14 CET 2011 on sn-devel-104 | |||||
2010-12-04 | s4:samr RPC server - dcesrv_samr_GetBootKeyInformation - return NOT_SUPPORTED | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
Windows Server 2008 does this Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Dec 4 12:11:47 CET 2010 on sn-devel-104 | |||||
2010-11-06 | s4:samr RPC server - "dcesrv_samr_RemoveMemberFromForeignDomain" | Matthias Dieter Wallnöfer | 1 | -12/+6 | |
- Remove TODO comment: MS-SAMR 3.1.5.8.7 explicitly states: "The SamrRemoveMemberFromForeignDomain method removes a member from all aliases." - Remove the search attributes since they aren't strictly needed. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 6 18:07:57 UTC 2010 on sn-devel-104 | |||||
2010-10-30 | s4:samr RPC server - the LDB error codes for adding or deleting a group ↵ | Matthias Dieter Wallnöfer | 1 | -4/+2 | |
member have changed | |||||
2010-10-29 | s4:samr RPC server - fix trailing whitespaces | Matthias Dieter Wallnöfer | 3 | -268/+268 | |
2010-10-29 | s4:samr RPC server - fix indentation of function parameters | Matthias Dieter Wallnöfer | 1 | -29/+30 | |
2010-10-29 | s4:samr RPC server - DomainGeneralInformation - never return NULL on the oem ↵ | Matthias Dieter Wallnöfer | 1 | -2/+6 | |
name As far as I can tell Windows SAMR never returns NULL on unknown values in this call. | |||||
2010-10-29 | s4:samr RPC server - provide the right "ReplicaSourceNodeName" | Matthias Dieter Wallnöfer | 1 | -12/+16 | |
It's the content of the "domainReplica" attribute if it exists and has only a meaning on interim/mixed domain function levels (with NT4 dcs). | |||||
2010-10-29 | s4:samr RPC server - remove wrong implementation of ReplicaSourceNodeName | Matthias Dieter Wallnöfer | 1 | -20/+7 | |
This should represent a replication partner - never the DC iself | |||||
2010-10-25 | s4:samr RPC server - "dcesrv_samr_info_DomGeneralInformation" - count always ↵ | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
all type of groups One pair are universal an global groups (on the SAMR pipe called "groups") and the other one are the domain and builtin local groups (on the SAMR pipe called "aliases"). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 19:37:27 UTC 2010 on sn-devel-104 | |||||
2010-10-25 | s4:samr RPC server - remove a somewhat pointless comment | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
Regardless if groups and users do exist in the builtin domain or not we do count always all users, groups and aliases. | |||||
2010-10-25 | s4:"samdb_search_count" - introduce a "mem_ctx" parameter | Matthias Dieter Wallnöfer | 1 | -3/+6 | |
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't? Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104 | |||||
2010-10-17 | Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵ | Matthias Dieter Wallnöfer | 2 | -0/+2 | |
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104 | |||||
2010-10-17 | s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵ | Matthias Dieter Wallnöfer | 2 | -2/+0 | |
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104 | |||||
2010-10-15 | s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵ | Matthias Dieter Wallnöfer | 1 | -27/+27 | |
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-10-10 | samdb: Add flags argument to samdb_connect(). | Jelmer Vernooij | 2 | -8/+8 | |
2010-10-07 | samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray. | Günther Deschner | 1 | -7/+7 | |
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 7 12:04:32 UTC 2010 on sn-devel-104 | |||||
2010-10-07 | s4-samr: Fix dcesrv_samr_QueryGroupMember. | Günther Deschner | 1 | -1/+3 | |
Guenther | |||||
2010-09-11 | s4:dcesrv_samr_GetGroupsForUser - also universal group memberships are ↵ | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
returned here Tested using User Manager for Domains against Windows Server 2008. MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team. | |||||
2010-08-17 | s4:samr RPC server - samr_password.c - make real user password changes work | Matthias Dieter Wallnöfer | 1 | -50/+74 | |
Now it's finally possible that the user can change his password with a DSDB connection using his credentials. | |||||
2010-08-17 | s4:kdc/rpc server - adapt the "samdb_set_password" calls which perform ↵ | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
password sets | |||||
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 2 | -12/+12 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-06 | s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag | Matthias Dieter Wallnöfer | 1 | -3/+22 | |
It has to consider the "password_expires" flag to known if the "pwdLastSet" has to be updated or to be resetted. | |||||
2010-07-06 | s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag ↵ | Matthias Dieter Wallnöfer | 1 | -1/+6 | |
on level 21 Taken from the s3 server code | |||||
2010-07-05 | s4:samr RPC server - "SetUserInfo" - allow some more informations to be set | Matthias Dieter Wallnöfer | 1 | -0/+25 | |
Taken from the s3 implementation. | |||||
2010-06-28 | s4:dcesrv_samr_SetUserInfo - implement right "pwdLastSet" behaviour | Matthias Dieter Wallnöfer | 1 | -1/+72 | |
Behaviour as the torture SAMR passwords tests show. | |||||
2010-06-28 | s4:dcesrv_samr_SetUserInfo - deny operations when "fields_present" is 0 | Matthias Dieter Wallnöfer | 1 | -0/+9 | |
Taken from s3 | |||||
2010-06-28 | s4:dcesrv_samr_SetUserInfo - port the "SAMR_FIELD_LAST_PWD_CHANGE" check ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
from s3 to s4 | |||||
2010-06-28 | s4:dcesrv_samr_SetUserInfo - implement password set level 21 | Matthias Dieter Wallnöfer | 1 | -0/+33 | |
2010-06-28 | s4:dcesrv_samr_SetUserInfo - implement case 18 which allows to reset the ↵ | Matthias Dieter Wallnöfer | 1 | -0/+10 | |
user password | |||||
2010-06-28 | s4:OemChangePasswordUser2 - return "NT_STATUS_WRONG_PASSWORD" when we ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
haven't activated the the lanman auth This is what s3 does. | |||||
2010-06-28 | s4:samr_password.c - add a function which sets the password through ↵ | Matthias Dieter Wallnöfer | 1 | -0/+48 | |
encrypted password hashes Used for password sets on "samr_SetUserInfo" level 18 and 21. | |||||
2010-06-22 | s4:samr RPC server - make use of LDB constants in macros | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
2010-06-20 | s4:samr RPC server - fix Solaris build warning | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
2010-06-14 | s4:SAMR server - cosmetic fix | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-06-14 | s4:SAMR server - on alias search operations do never use the domain DN as ↵ | Matthias Dieter Wallnöfer | 1 | -10/+7 | |
base dn Aliases (especially in the "builtin" domain) are often domain-independant. | |||||
2010-06-12 | s4:dcesrv_samr_GetGroupsForUser - return error code if a SID wasn't found | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
This shouldn't happen since SIDs are mandatory for security objects | |||||
2010-06-12 | s4:dcesrv_samr_QueryGroupMember/GetMembersInAlias - unify the structure | Matthias Dieter Wallnöfer | 1 | -30/+32 | |
Mostly cosmetic fixes | |||||
2010-06-12 | s4:dcesrv_samr_GetAliasMembership - provide a correct implementation | Matthias Dieter Wallnöfer | 1 | -31/+31 | |
We could also have no valid SID specified at all and also then we have to return an empty array with "NT_STATUS_OK". This shows the torture testsuite. | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainGroups/Aliases - when we don't get a SID then the ↵ | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
database is corrupted Group/User/Alias entries do always have a SID (it's a mandatory attribute in the SAM directory)! | |||||
2010-06-12 | s4:dcesrv_samr_QueryAliasInfo - return "NT_STATUS_NO_SUCH_ALIAS" when it ↵ | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
wasn't found | |||||
2010-06-12 | s4:dcesrv_samr_QueryGroupInfo - make it more like "QueryAliasInfo" | Matthias Dieter Wallnöfer | 1 | -14/+7 | |
2010-06-12 | s4:dcesrv_samr_QueryUserInfo - minor fixes | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
Return "NT_STATUS_NO_SUCH_USER" when user account doesn't exist. | |||||
2010-06-12 | s4:dcesrv_samr_QueryDomainInfo - allocate the "info" structure only when ↵ | Matthias Dieter Wallnöfer | 1 | -7/+9 | |
really needed That means the allocation should move after the lookup (as it is on "QueryUserInfo"). Return "NT_STATUS_NO_SUCH_DOMAIN" on an invalid domain. | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainGroups - mostly small fixes | Matthias Dieter Wallnöfer | 1 | -3/+7 | |
2010-06-12 | s4:dcesrv_samr_EnumDomainAliases - return an empty array also when no entry ↵ | Matthias Dieter Wallnöfer | 1 | -3/+0 | |
was returned | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainAliases - mostly small fixes | Matthias Dieter Wallnöfer | 1 | -7/+10 | |
The biggest change consists in the implementation of the Windows Server return size formula MIN(*r->out.num_entries, 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER). | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainUsers - make this call look more similar to ↵ | Matthias Dieter Wallnöfer | 1 | -23/+28 | |
"EnumDomainGroups" and "EnumDomainAliases" That means that the lookup is now also done by "samdb_search_domain" to be more consistent. |