Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-05-10 | s4:samdb_set_password/samdb_set_password_sid - Rework | Matthias Dieter Wallnöfer | 2 | -96/+21 | |
Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file | |||||
2010-05-03 | s4:LogonGetDomainInfo - fix a potential crash source | Matthias Dieter Wallnöfer | 1 | -0/+4 | |
2010-05-03 | s4:LogonGetDomainInfo - fix indentation | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-05-03 | s4:LogonGetDomainInfo - remove singular "dNSHostName" check - this doesn't ↵ | Matthias Dieter Wallnöfer | 1 | -19/+1 | |
belong here I'm not really sure if this check is really done on Windows Server. And if it is done, then it's on the LDB level (module). | |||||
2010-04-29 | s4/rodc: RODC FAS initial implementation | Anatoliy Atanasov | 1 | -11/+10 | |
2010-04-28 | s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID | Kamen Mazdrashki | 1 | -4/+4 | |
This function is used in DRSUpdateRefs() implementation where we get DSA's objectGUID rather than invocationId | |||||
2010-04-27 | s4:rpc_server: remove unused socket_address based functions | Stefan Metzmacher | 1 | -18/+0 | |
metze | |||||
2010-04-28 | s4-netlogon: fixed getDcNameEx2 for blank inputs | Andrew Tridgell | 1 | -1/+1 | |
w2k8r2 returns the local DC information on no inputs for getDcNameEx2. This is needed for starting dsa.msc (ADUC) on Win7. CDLAP on the same call returns an error. This uses a parameter fill_on_blank_request to distinguish the two cases. | |||||
2010-04-27 | s4:rpc_server: remove 'socket_address' based functions | Stefan Metzmacher | 3 | -23/+0 | |
metze | |||||
2010-04-27 | s4:rpc_server/srvsvc: pass tsocket_address to the ntvfs layer | Stefan Metzmacher | 1 | -13/+5 | |
metze | |||||
2010-04-27 | s4:rpc_server/spoolss: use tsocket_address in dcesrv_spoolss_check_server_name() | Stefan Metzmacher | 1 | -4/+7 | |
metze | |||||
2010-04-27 | s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2() | Stefan Metzmacher | 1 | -5/+9 | |
metze | |||||
2010-04-27 | s4:rpc_server: remember the local and remote address | Stefan Metzmacher | 3 | -0/+18 | |
metze | |||||
2010-04-27 | s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵ | Matthias Dieter Wallnöfer | 1 | -16/+98 | |
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) | |||||
2010-04-27 | Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly ↵ | Matthias Dieter Wallnöfer | 1 | -93/+16 | |
with the client site information" This reverts commit 908d982980846257b65ab576d31131e8793e9399. I need to merge the improved version of this commit. | |||||
2010-04-27 | Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch" | Matthias Dieter Wallnöfer | 1 | -0/+6 | |
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6. This isn't the correct behaviour. See MS-NRPC documentation under the "GetAnyDCName" section. | |||||
2010-04-27 | s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch | Andrew Tridgell | 1 | -6/+0 | |
We should respond when we are the PDC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-27 | s4:netlogon RPC server - we don't need "are we DC" proofs | Matthias Dieter Wallnöfer | 1 | -8/+0 | |
When we aren't a DC we shouldn't have the netlogon pipe available. [MS-NRPC 1.3] says that we can only have DCs on the server side. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementation | Matthias Dieter Wallnöfer | 1 | -1/+23 | |
Does for now only return DC's primary site. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the ↵ | Matthias Dieter Wallnöfer | 1 | -1/+13 | |
MS-NRPC docs Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵ | Matthias Dieter Wallnöfer | 1 | -7/+55 | |
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵ | Matthias Dieter Wallnöfer | 1 | -16/+93 | |
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPN | Andrew Tridgell | 1 | -1/+3 | |
this is an alternative way of establishing repsTo | |||||
2010-04-26 | s4-drs: don't send uninstantiated objects in getncchanges | Andrew Tridgell | 1 | -0/+5 | |
This includes deleted partitions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: validate RODC credentials via the user_sid | Andrew Tridgell | 1 | -27/+12 | |
This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level | Andrew Tridgell | 7 | -27/+47 | |
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-04-22 | s4-drs: only allow replication with the right invocationId | Andrew Tridgell | 1 | -1/+20 | |
Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: Use new samdb_rodc() function in s4 code | Fernando J V da Silva | 1 | -1/+3 | |
This patch fits the calling to the new samdb_rodc() function and fix a little bug in this function. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges reply | Fernando J V da Silva | 1 | -0/+14 | |
During building an object to send it on a GetNCChanges reply, it checks the attributes and if any of them is a RODC filtered and the recipient is a RODC, then such attribute is not sent. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: samdb_is_rodc() function and new samdb_rodc() function | Fernando J V da Silva | 2 | -2/+16 | |
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-21 | s4:netlogon RPC server - fix a counter variable type | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-04-20 | s4:rpc_server/netlogon: add no memory checks | Stefan Metzmacher | 1 | -1/+2 | |
metze | |||||
2010-04-20 | s4-netlogon: fixed dc_unc and dc_address_type | Andrew Tridgell | 1 | -1/+3 | |
These are needed for dcpromo from w2k8r2 | |||||
2010-04-20 | s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
short domainname discovery Here we don't need to use "lp_sam_name" since in this function we are always a DC. | |||||
2010-04-13 | s4:"samdb_server_site_name" uses - proof for out of memory | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
2010-04-13 | s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementation | Matthias Dieter Wallnöfer | 1 | -52/+37 | |
On the base of the "fill_netlogon_samlogon_response" call. This removes duplicated code. | |||||
2010-04-13 | s4:use "samdb_forest_name" for the forest DNS domainname lookup | Matthias Dieter Wallnöfer | 1 | -13/+8 | |
2010-04-13 | Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions" | Matthias Dieter Wallnöfer | 3 | -7/+8 | |
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library. | |||||
2010-04-12 | s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one. | |||||
2010-04-12 | s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions | Matthias Dieter Wallnöfer | 2 | -2/+2 | |
Purely cosmetic change. | |||||
2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 2 | -2/+1 | |
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
2010-04-10 | s4:rpc_server Fix segfault in modified SamLogon handling | Andrew Bartlett | 1 | -0/+1 | |
2010-04-10 | s4:rpc_server Add all SIDs into the netlogon SamLogon reply | Andrew Bartlett | 1 | -32/+52 | |
We were missing the SIDs that are not in the domain. | |||||
2010-04-09 | s4-winreg: Fix dcesrv_winreg_CreateKey after rename. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-04-09 | s4-winreg: add winreg_DeleteKeyEx stub. | Günther Deschner | 1 | -0/+9 | |
Guenther | |||||
2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 1 | -0/+2 | |
them | |||||
2010-04-06 | s4-waf: install the rest of the headers | Andrew Tridgell | 1 | -4/+1 | |
2010-04-06 | build: waf quicktest nearly works | Andrew Tridgell | 1 | -3/+3 | |
Rewrote wafsamba using a new dependency handling system, and started adding the waf test code | |||||
2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 1 | -0/+138 | |
2010-03-30 | s4:lsa implement lsaRSetForestTrustInformation | Simo Sorce | 1 | -5/+549 | |