Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-05-25 | cope with lanman auth being disabled in old password change code | Andrew Tridgell | 1 | -8/+15 | |
When lanman auth is disabled and a user calls a password change method that requires it we should give NT_STATUS_NOT_SUPPORTED | |||||
2009-04-23 | s4:samr Use ldb_context * rather than void * | Andrew Bartlett | 1 | -1/+1 | |
2009-03-01 | s4: Use same function signature for convert_* as s3. | Jelmer Vernooij | 1 | -8/+7 | |
2009-03-01 | Add allow_badcharcnv argument to all conversion function, for | Jelmer Vernooij | 1 | -3/+3 | |
consistency with Samba 3. | |||||
2008-12-10 | s4-samr: Fix Bug #5946. userparameters handling in samr server. | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2008-12-05 | s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2008-12-05 | s4-samr: fix s4 samr server after idl change. | Günther Deschner | 1 | -2/+1 | |
Guenther | |||||
2008-12-02 | s4-samr: use samr_DomainServerState in samr server. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python) | Günther Deschner | 1 | -5/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryGroupInfo from s3 idl. (fixme python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryAliasInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainGroups from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainUsers from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomains from s3 idl. (fixme: python) | Günther Deschner | 1 | -5/+5 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupNames from s3 idl. (fixme: python) | Günther Deschner | 1 | -11/+11 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_EnumDomainAliases from s3 idl. (fixme: python) | Günther Deschner | 1 | -10/+13 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -34/+30 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo2 from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDisplayInfo3 from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetGroupsForUser from s3 idl. (fixme: python) | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryDomainInfo from s3 idl. (fixme python) | Günther Deschner | 1 | -20/+22 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QueryGroupMember from s3 idl. (fixme: python) | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_Connect5 from s3 idl. (fixme python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetDomPwInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_GetUserPwInfo from s3 idl. (fixme: python) | Günther Deschner | 1 | -7/+7 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_RidToSid from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_QuerySecurity from s3 idl. (fixme: python) | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_LookupRids from s3 idl. | Günther Deschner | 1 | -6/+6 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_ChangePasswordUser3 from s3 idl. | Günther Deschner | 1 | -3/+8 | |
Guenther | |||||
2008-11-10 | s4-samr: prepare for Query.*Info calls: change macros. | Günther Deschner | 1 | -31/+37 | |
Guenther | |||||
2008-11-10 | s4-samr: merge samr_UserInfo20 from s3 idl. | Günther Deschner | 1 | -6/+18 | |
This must not be treated as a normal string (strlen truncates it). Guenther | |||||
2008-11-04 | Use ldb_dn_from_ldb_val() to create a DN in the SAMR server | Andrew Bartlett | 1 | -2/+7 | |
The previous code incorrectly cast an ldb_val into a char *. Andrew Bartlett | |||||
2008-11-04 | Use ldb_dn_from_ldb_val to avoid possible over-run of the value. | Andrew Bartlett | 1 | -3/+3 | |
The ldb_val is length-limited, and while normally NULL terminated, this avoids the chance that this particular value might not be, as well as avoiding a cast. Andrew Bartlett | |||||
2008-10-24 | Remove iconv_convenience argument from convert_string{,talloc}() but | Jelmer Vernooij | 1 | -3/+3 | |
make them wrappers around convert_string{,talloc}_convenience(). | |||||
2008-10-17 | Fix errrors in new password handling code found by RPC-SAMR. | Andrew Bartlett | 1 | -2/+15 | |
I'm very glad we have such a comprehensive testsuite for the SAMR password change process, as it makes this a much easier task to get right. Andrew Bartlett | |||||
2008-10-16 | Create a 'straight paper path' for UTF16 passwords. | Andrew Bartlett | 1 | -38/+50 | |
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett | |||||
2008-10-15 | s4: merge from s3 samr.idl. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-10-11 | Fix include paths to new location of libutil. | Jelmer Vernooij | 2 | -2/+2 | |
2008-09-24 | Move source4/lib/crypto to lib/crypto. | Jelmer Vernooij | 1 | -1/+1 | |
2008-09-23 | Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. | Simo Sorce | 1 | -6/+6 | |
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful. | |||||
2008-09-22 | Remove unused parameter from decode_pw_buffer and fail on invalid | Andrew Bartlett | 1 | -6/+4 | |
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett | |||||
2008-07-21 | Rename structures to better match the names in the WSPP IDL. | Andrew Bartlett | 1 | -33/+33 | |
The 'comment' element in a number of domain structures is called oem_information. This was picked up actually because with OpenLDAP doing the schema checking, it noticed that 'comment' was not a valid attribute. The rename tries to keep this consistant in both the LDB mappings and IDL, so we don't make the same mistake in future. This has no real schema impact, as this value isn't actually used for anything, as 'comment' was not used in the provision. Andrew Bartlett (This used to be commit 65dc0d536590d055a5ee775606ac90ee5fcaee9a) | |||||
2008-04-17 | Specify event_context to ldb_wrap_connect explicitly. | Jelmer Vernooij | 2 | -5/+5 | |
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91) | |||||
2008-03-14 | Rework our SAMR test and SAMR server. | Andrew Bartlett | 2 | -25/+49 | |
Now that we don't create users/domain groups/aliases in the builtin domain, we hit some bugs in the server-side implementation of the enumeration functions. In essence, it turns out to be: don't treat 0 as a special case. Also, fix up the PDC name to always be returned. I'm sure nothing actually uses it, particularly for BUILTIN... Andrew Bartlett (This used to be commit 353bb79f568f20c8469cb9458f7b14c24612ad23) | |||||
2008-03-13 | Rework SAMR functions to avoid gendb_search() | Andrew Bartlett | 1 | -26/+38 | |
The gendb_*() API does not return error codes, and mixes error returns with the count of returned entries. Andrew Bartlett (This used to be commit facbc8dfa5188fdd610f400b5be6e05bc33b0820) | |||||
2008-03-13 | Rework to have member server 'domains' be CN=NETBIOSNAME | Andrew Bartlett | 1 | -1/+1 | |
This reworks quite a few parts of our provision system to use CN=NETBIOSNAME as the domain for member servers. This makes it clear that these domains are not in the DNS structure, while complying with our own schema (found by OpenLDAP's schema validation). Andrew Bartlett (This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402) | |||||
2008-02-28 | Check for and reject invalid account flags. | Andrew Bartlett | 1 | -0/+14 | |
(lest we have an account set with 0 flags) Andrew Bartlett (This used to be commit 7a46e72f8dbb191ac8a811eb4cd95210fab7dc7b) | |||||
2008-02-28 | Generate ACB_PW_EXPIRED correctly | Andrew Bartlett | 1 | -14/+14 | |
More correctly handle expired passwords, and do not expire machine accounts. Test that the behaviour is consistant with windows, using the RPC-SAMR test. Change NETLOGON to directly query the userAccountControl, just because we don't want to do the extra expiry processing here. Andrew Bartlett (This used to be commit acda1f69bc9b9c43e157e254d0bae54d11363661) | |||||
2008-01-16 | Print out the reason we can't delete the user in SAMR. | Andrew Bartlett | 1 | -0/+3 | |
We need to be far more granular bout this - in particular, we need a decide LDAP -> NTSTATUS conversion. Andrew Bartlett (This used to be commit 30fc3752c7573fcf8b1a41f7b3bc8dad860077f8) |