summaryrefslogtreecommitdiff
path: root/source4/rpc_server/samr
AgeCommit message (Collapse)AuthorFilesLines
2010-01-21s4:rpc-server:samr: fix setting of lockout duration < lockout windowMichael Adam1-1/+22
This should return NT_STATUS_INVALID_PARAMETER. This makes samba pass the first part of the samr-lockout test. This constraint is documented here for the samr server: http://msdn.microsoft.com/en-us/library/cc245667%28PROT.10%29.aspx MS-SAMR 3.1.1.6 Attribute Constraints for Originating Updates and here for the ldap backend: http://msdn.microsoft.com/en-us/library/cc223462(PROT.10).aspx MS-ADTS 3.1.1.5.3.2 Constraints So the check should actually be moved down into the backend, i.e. under dsdb/samdb/ldb_modules - TODO.. Michael
2010-01-14s4:SAMR RPC - Fix the criteria for group searchesMatthias Dieter Wallnöfer1-4/+4
This should match the MS-SAMR documentation (section 3.1.5.5.1.1)
2009-12-04s4-drsutil: fixed a memory leak in samdb_search_countAndrew Tridgell1-3/+3
In general functions that don't return any memory should not take a memory context. Otherwise it is too easy to have a bug like this where memory is leaked
2009-11-21s4:samr RPC - Use more LDB constantsMatthias Dieter Wallnöfer2-12/+12
2009-11-10s4:dcesrv_samr - Add more checks for invalid levelsMatthias Dieter Wallnöfer1-3/+27
Add more checks on valid levels, mark unimplemented ones as "UNSUPPORTED" and otherwise as "INVALID_INFO_CLASS" to be safe.
2009-11-06s4:dcesrv_samr_ValidatePassword - naturally this was only for debugging the ↵Matthias Dieter Wallnöfer1-1/+0
failure
2009-11-06s4:dcesrv_samr_ValidatePassword - adapt call to "samdb_check_password"Matthias Dieter Wallnöfer1-6/+3
I've forgotten that PIDL converts UTF16 parameters automatically back to the UNIX charset (in most cases UTF16). So I don't have to do this here.
2009-11-06s4:dcesrv_samr_ValidatePassword - I forgot to create an out bufferMatthias Dieter Wallnöfer1-4/+6
2009-11-05s4:dcesrv_samr - Implement "dcesrv_samr_ValidatePassword" using my new check ↵Matthias Dieter Wallnöfer1-7/+49
password call This implements a very basic method for password validation using my new "samdb_check_password" call.
2009-10-24s4:dcesrv_samr: always use mem_ctx as initial parent for samr_*_stateStefan Metzmacher1-7/+7
We always steal the state to the policy handle on success, but untill then keep it on the short term context. metze
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell1-3/+3
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-21s4:rpc_server Ensure we talloc_free handles when we delete objectsAndrew Bartlett1-0/+3
If we don't talloc_free the handle, we leak the memory onto the long-term context. Andrew Bartlett
2009-10-21s4:samr Don't leak the whole user onto the long-term handleAndrew Bartlett1-2/+2
The user entry is only required for this function, so use mem_ctx to hold it. Andrew Bartlett
2009-10-13s4:dcesrv_samr - add another constantMatthias Dieter Wallnöfer1-1/+1
2009-10-13s4:dcesrv_samr - prevent "ldb_modify" on a possibly empty messageMatthias Dieter Wallnöfer1-8/+10
In this code part under certain circumstances we can end up with an empty message. Since our new behaviour denies them (like the real AD) we need to bypass them on LDB modify calls.
2009-10-13s4:dcesrv_samr - Add additional "talloc_free"sMatthias Dieter Wallnöfer1-0/+4
2009-10-13s4:dcesrv_samr - CosmeticsMatthias Dieter Wallnöfer1-23/+31
Make more use of constants and add some braces around "if" blocks
2009-10-08s3/s4 - Adapt the IDL changes on various locationsMatthias Dieter Wallnöfer1-19/+20
2009-10-02s4-samr: fake up a samr_ValidatePassword responseAndrew Tridgell1-1/+5
mdw is working on the correct call to check the password strength
2009-09-19more include minimisationAndrew Tridgell1-5/+0
2009-09-07s4:samr - Fix up the SAMR server to support the primary group of a user in ↵Matthias Dieter Wallnöfer1-128/+189
the right way When doing some tests with the NT User Manager for Domains on s4 I noticed that the handling of the primary group for a user wasn't correct. So I fixed this. Also some cosmetic changes (tab indent corrections).
2009-07-13libds: merge the UF<->ACB flag mapping functions.Günther Deschner1-3/+3
Guenther
2009-07-13libds: share UF_ flags between samba3 and 4.Günther Deschner2-2/+2
Guenther
2009-05-30Move a comment where it belongsVolker Lendecke1-3/+6
2009-05-29Win2k3 don't allow creating of domain trust accounts over SAMRAndrew Bartlett1-5/+5
2009-05-26Don't use crossRef records to find our own domainAndrew Bartlett1-94/+34
A single AD server can only host a single domain, so don't stuff about with looking up our crossRef record in the cn=Partitions container. We instead trust that lp_realm() and lp_workgroup() works correctly. Andrew Bartlett
2009-05-25cope with lanman auth being disabled in old password change codeAndrew Tridgell1-8/+15
When lanman auth is disabled and a user calls a password change method that requires it we should give NT_STATUS_NOT_SUPPORTED
2009-04-23s4:samr Use ldb_context * rather than void *Andrew Bartlett1-1/+1
2009-03-01s4: Use same function signature for convert_* as s3.Jelmer Vernooij1-8/+7
2009-03-01Add allow_badcharcnv argument to all conversion function, forJelmer Vernooij1-3/+3
consistency with Samba 3.
2008-12-10s4-samr: Fix Bug #5946. userparameters handling in samr server.Matthias Dieter Wallnöfer1-4/+6
Signed-off-by: Günther Deschner <gd@samba.org>
2008-12-05s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.Günther Deschner1-4/+4
Guenther
2008-12-05s4-samr: fix s4 samr server after idl change.Günther Deschner1-2/+1
Guenther
2008-12-02s4-samr: use samr_DomainServerState in samr server.Günther Deschner1-1/+1
Guenther
2008-11-10s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python)Günther Deschner1-5/+3
Guenther
2008-11-10s4-samr: merge samr_QueryGroupInfo from s3 idl. (fixme python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_QueryAliasInfo from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_EnumDomainGroups from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_EnumDomainUsers from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_EnumDomains from s3 idl. (fixme: python)Günther Deschner1-5/+5
Guenther
2008-11-10s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python)Günther Deschner1-2/+2
Guenther
2008-11-10s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)Günther Deschner1-11/+11
Guenther
2008-11-10s4-samr: merge samr_EnumDomainAliases from s3 idl. (fixme: python)Günther Deschner1-10/+13
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo from s3 idl. (fixme: python)Günther Deschner1-34/+30
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo2 from s3 idl. (fixme: python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_QueryDisplayInfo3 from s3 idl. (fixme: python)Günther Deschner1-3/+3
Guenther
2008-11-10s4-samr: merge samr_GetGroupsForUser from s3 idl. (fixme: python)Günther Deschner1-1/+1
Guenther
2008-11-10s4-samr: merge samr_QueryDomainInfo from s3 idl. (fixme python)Günther Deschner1-20/+22
Guenther
2008-11-10s4-samr: merge samr_QueryGroupMember from s3 idl. (fixme: python)Günther Deschner1-1/+1
Guenther