summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2009-12-03s4-drs: fixed UDV and overlapping sync calls in DRSAndrew Tridgell1-40/+42
When windows abandons a DRS sync, it will sometimes re-use the same bind handle for a new sync. This means we need to check the DN of the sync and blank the getnc_state if the DN has changed. This also fixes the UDV to use the highest uSN for the partition, not for the whole SAM.
2009-11-27s4:WINREG RPC server - add another "talloc_unlink" in "DeleteKey"Matthias Dieter Wallnöfer1-1/+5
Also here we waste memory - therefore free the pointless handle after the delete.
2009-11-27s4:WINREG RPC server - Reintroduce the free operation on "CloseKey"Matthias Dieter Wallnöfer1-0/+2
Better use "talloc_unlink" here Since we could have more than one reference.
2009-11-24Revert "s4-netlogon: always set the dNSHostName in GetDomainInfo"Matthias Dieter Wallnöfer1-7/+3
This reverts commit 87b6f2e863c6e117643ab6704e50167e849b69cc. This was the cause of the breakage of the "LogonGetDomainInfo" testsuite. I think my behaviour is more correct to Windows Server since the test works against it (at least release 2003 R2). One problem I discovered is that freshly joined workstations don't get their DNS name into the directory. Therefore I think also another part (maybe another RPC call) is able to do this.
2009-11-22s4:netlogon RPC - Remove trailing whitespaceMatthias Dieter Wallnöfer1-1/+1
2009-11-22s4:netlogon RPC - Fix up the error handlingMatthias Dieter Wallnöfer1-4/+2
2009-11-22s4:netlogon RPC - Fix up a commentMatthias Dieter Wallnöfer1-4/+5
Now we have Windows 7 released so don't refer to a beta anymore.
2009-11-21s4:lsa RPC - Fix type of variable "atype"Matthias Dieter Wallnöfer1-1/+2
This is an unsigned 32bit integer.
2009-11-21s4:samr RPC - Use more LDB constantsMatthias Dieter Wallnöfer2-12/+12
2009-11-21s4:lsa RPC - Use more LDB constantsMatthias Dieter Wallnöfer1-16/+16
And fix an obvious bug (call of "samdb_msg_add_delete")
2009-11-21s4:WINREG RPC server - CosmeticMatthias Dieter Wallnöfer1-2/+2
2009-11-20s4-dsdb: some more attribuutes that we should only give if asked forAndrew Tridgell1-1/+8
2009-11-20s4-drs: we need to specifically ask for ntSecurityDescriptorAndrew Tridgell1-1/+1
ntSecurityDescriptor is no longer included by default
2009-11-17s4:WINREG RPC server - remove a "talloc_free"Matthias Dieter Wallnöfer1-2/+0
I assume that this "talloc_free" isn't necessary since the DCERPC server frees the handle itself (we got always warnings about this).
2009-11-14s4-drs: DsExecuteKCC() implementationErick Nascimento1-1/+10
I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc(). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-10s4:dcesrv_samr - Add more checks for invalid levelsMatthias Dieter Wallnöfer1-3/+27
Add more checks on valid levels, mark unimplemented ones as "UNSUPPORTED" and otherwise as "INVALID_INFO_CLASS" to be safe.
2009-11-06s4:dcesrv_samr_ValidatePassword - naturally this was only for debugging the ↵Matthias Dieter Wallnöfer1-1/+0
failure
2009-11-06s4:dcesrv_samr_ValidatePassword - adapt call to "samdb_check_password"Matthias Dieter Wallnöfer1-6/+3
I've forgotten that PIDL converts UTF16 parameters automatically back to the UNIX charset (in most cases UTF16). So I don't have to do this here.
2009-11-06s4:dcesrv_samr_ValidatePassword - I forgot to create an out bufferMatthias Dieter Wallnöfer1-4/+6
2009-11-05s4:dcesrv_samr - Implement "dcesrv_samr_ValidatePassword" using my new check ↵Matthias Dieter Wallnöfer1-7/+49
password call This implements a very basic method for password validation using my new "samdb_check_password" call.
2009-10-24s4:dcesrv_samr: always use mem_ctx as initial parent for samr_*_stateStefan Metzmacher1-7/+7
We always steal the state to the policy handle on success, but untill then keep it on the short term context. metze
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell2-3/+3
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell4-10/+10
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-22s4-lsa: fixed breakage of lsa serverAndrew Tridgell1-0/+1
2009-10-22s4-lsa: fixed the lsa server to cope with the new tests from gdAndrew Tridgell1-12/+33
2009-10-21s4:rpc_server Ensure we talloc_free handles when we delete objectsAndrew Bartlett1-0/+3
If we don't talloc_free the handle, we leak the memory onto the long-term context. Andrew Bartlett
2009-10-21s4:samr Don't leak the whole user onto the long-term handleAndrew Bartlett1-2/+2
The user entry is only required for this function, so use mem_ctx to hold it. Andrew Bartlett
2009-10-21s4:epmapper Create a proper talloc tree of endpoint floorsAndrew Bartlett1-1/+1
Andrew Bartlett
2009-10-21s4-lsa: Fix dcesrv_lsa_EnumTrustDom() and avoid infite windows client loop.Günther Deschner1-0/+9
Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther
2009-10-20s4: ran minimal_includes.pl on source4/rpc_serverAndrew Tridgell9-25/+0
2009-10-18s4:sites - get the server site (name) from DSDBMatthias Dieter Wallnöfer1-1/+3
2009-10-18s4:dcerpc_netlogon - unify the two workstation object lookups (DNS hostname ↵Matthias Dieter Wallnöfer1-20/+26
and supported encryption types) This is simply for better performance (no functional change).
2009-10-17s4-lsasrv: make sure only admins can alter privilegesAndrew Tridgell1-0/+6
2009-10-17s4-privileges: moved privileges to private/privilege.ldbAndrew Tridgell3-32/+45
We were storing privileges in the sam, which was OK when we were a standalone DC, but is no good when we replicate with a windows DC. This moves the privileges to a separate (local) database
2009-10-15s4:dcerpc_server - Read the generic session key out from ↵Matthias Dieter Wallnöfer1-5/+2
"dcerpc_generic_session_key" I don't think that this code needs to exist identically on the server and on the client side. This patch leaves it on the client side (dcerpc lib) and calls it from the server.
2009-10-15s4-drs: support DRSUAPI_DRS_ADD_REF flagAndrew Tridgell1-5/+29
The DRSUAPI_DRS_ADD_REF flag tells the DRS server to run an UpdateRefs call on behalf of the client after the DsGetNCChanges call. The lack of support for this option may explain why the repsTo attribute was not being created for w2k8-r2 replication partners.
2009-10-15s4-drs: implement more of DsUpdateRefsAndrew Tridgell2-27/+63
The DsUpdateRefs calls takes a set of flags that indicates if the server should ignore specific add/delete error codes. This patch also exposes the core UpdateRefs call into a public function, so that it can be called from DsGetNCChanges
2009-10-15drs: improved error checkingAndrew Tridgell1-16/+49
Check the validity of the requested options in DsGetNCChanges
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer3-9/+11
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
2009-10-13s4:dcesrv_samr - add another constantMatthias Dieter Wallnöfer1-1/+1
2009-10-13s4:dcesrv_samr - prevent "ldb_modify" on a possibly empty messageMatthias Dieter Wallnöfer1-8/+10
In this code part under certain circumstances we can end up with an empty message. Since our new behaviour denies them (like the real AD) we need to bypass them on LDB modify calls.
2009-10-13s4:dcesrv_samr - Add additional "talloc_free"sMatthias Dieter Wallnöfer1-0/+4
2009-10-13s4:dcesrv_samr - CosmeticsMatthias Dieter Wallnöfer1-23/+31
Make more use of constants and add some braces around "if" blocks
2009-10-13s4-repl: check that a DsGetNCChanges is a continuation, and fix sortingAndrew Tridgell2-4/+17
When we indicate that a getncchanges request is not complete, we set the more_data flag to true in the response. The client usually then asks for the next block of data. If the client decides it wants to skip that replication and do a different replication then we need to make sure that the next call is in fact a continuation of the existing call, and not a new call. This relies on returning the results sorted by uSNChanged, as the client uses the tmp_highest_usn in each result to see if progress is being made.
2009-10-12s4-drs: make DsBind a bit less verboseAndrew Tridgell1-1/+1
2009-10-08s3/s4 - Adapt the IDL changes on various locationsMatthias Dieter Wallnöfer1-19/+20
2009-10-06s4-drs: added some debug lines to DsAddEntry()Andrew Tridgell1-0/+3
2009-10-06s4-drs: take advantage of system session auth in dsbindAndrew Tridgell2-41/+21
Now that the bind opens samdb with the right credentials, we no longer need the re-open in updaterefs and getncchanges
2009-10-06s4-drs: fixed error message for drs_security_level_checkAndrew Tridgell1-1/+3
2009-10-06s4-drs: open samdb with system credentials when authorisedAndrew Tridgell1-1/+14
When a DC connects to DRS, open the samdb with system session credentials, so that we don't have to re-open it each time on other calls.