| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2010-04-22 | s4-drs: validate RODC credentials via the user_sid | Andrew Tridgell | 1 | -27/+12 | |
| This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
| 2010-04-22 | s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level | Andrew Tridgell | 7 | -27/+47 | |
| This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
| 2010-04-22 | s4-drs: only allow replication with the right invocationId | Andrew Tridgell | 1 | -1/+20 | |
| Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
| 2010-04-22 | s4-drs: Use new samdb_rodc() function in s4 code | Fernando J V da Silva | 1 | -1/+3 | |
| This patch fits the calling to the new samdb_rodc() function and fix a little bug in this function. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-04-22 | s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges reply | Fernando J V da Silva | 1 | -0/+14 | |
| During building an object to send it on a GetNCChanges reply, it checks the attributes and if any of them is a RODC filtered and the recipient is a RODC, then such attribute is not sent. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-04-22 | s4-drs: samdb_is_rodc() function and new samdb_rodc() function | Fernando J V da Silva | 2 | -2/+16 | |
| This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-04-21 | s4:netlogon RPC server - fix a counter variable type | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
| 2010-04-20 | s4:rpc_server/netlogon: add no memory checks | Stefan Metzmacher | 1 | -1/+2 | |
| metze | |||||
| 2010-04-20 | s4-netlogon: fixed dc_unc and dc_address_type | Andrew Tridgell | 1 | -1/+3 | |
| These are needed for dcpromo from w2k8r2 | |||||
| 2010-04-20 | s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
| short domainname discovery Here we don't need to use "lp_sam_name" since in this function we are always a DC. | |||||
| 2010-04-13 | s4:"samdb_server_site_name" uses - proof for out of memory | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
| 2010-04-13 | s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementation | Matthias Dieter Wallnöfer | 1 | -52/+37 | |
| On the base of the "fill_netlogon_samlogon_response" call. This removes duplicated code. | |||||
| 2010-04-13 | s4:use "samdb_forest_name" for the forest DNS domainname lookup | Matthias Dieter Wallnöfer | 1 | -13/+8 | |
| 2010-04-13 | Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions" | Matthias Dieter Wallnöfer | 3 | -7/+8 | |
| We should use the "ldb_get_*_basedn" calls since they are available in the LDB library. | |||||
| 2010-04-12 | s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
| attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one. | |||||
| 2010-04-12 | s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions | Matthias Dieter Wallnöfer | 2 | -2/+2 | |
| Purely cosmetic change. | |||||
| 2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 2 | -2/+1 | |
| This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
| 2010-04-10 | s4:rpc_server Fix segfault in modified SamLogon handling | Andrew Bartlett | 1 | -0/+1 | |
| 2010-04-10 | s4:rpc_server Add all SIDs into the netlogon SamLogon reply | Andrew Bartlett | 1 | -32/+52 | |
| We were missing the SIDs that are not in the domain. | |||||
| 2010-04-09 | s4-winreg: Fix dcesrv_winreg_CreateKey after rename. | Günther Deschner | 1 | -1/+1 | |
| Guenther | |||||
| 2010-04-09 | s4-winreg: add winreg_DeleteKeyEx stub. | Günther Deschner | 1 | -0/+9 | |
| Guenther | |||||
| 2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 1 | -0/+2 | |
| them | |||||
| 2010-04-06 | s4-waf: install the rest of the headers | Andrew Tridgell | 1 | -4/+1 | |
| 2010-04-06 | build: waf quicktest nearly works | Andrew Tridgell | 1 | -3/+3 | |
| Rewrote wafsamba using a new dependency handling system, and started adding the waf test code | |||||
| 2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 1 | -0/+138 | |
| 2010-03-30 | s4:lsa implement lsaRSetForestTrustInformation | Simo Sorce | 1 | -5/+549 | |
| 2010-03-29 | s4:registry - move the UTF16 length calculation for "reg_key_get_info" into ↵ | Matthias Dieter Wallnöfer | 1 | -0/+9 | |
| the RPC server code It does fit better there. | |||||
| 2010-03-24 | s4/drs: drsuapi_DsAddEntry_ErrData propagate structure def in source code | Kamen Mazdrashki | 1 | -4/+4 | |
| 2010-03-22 | s4:lsa Functions to set Domain Trust Information | Simo Sorce | 1 | -7/+592 | |
| 2010-03-22 | s4:lsa move code to add trusted domain user into its own function | Simo Sorce | 1 | -72/+101 | |
| 2010-03-22 | s4:lsa Abstract crypto (un)wrapping in separate functions | Simo Sorce | 1 | -81/+89 | |
| 2010-03-22 | s4:WINREG RPC - add also here a "W_ERROR_HAVE_NO_MEMORY" | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
| 2010-03-22 | s4:registry - adaptions for "add memory contexts for delete value/key functions" | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
| 2010-03-21 | s4:WINREG RPC server - don't check for the "name" size in "EnumValue" | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
| This isn't needed at all since: 1.) a new name object is created and sent back to the client 2.) the "size" seems to be the size of the "name" pointer. On my test with the "regedt32" program this has always been "4". | |||||
| 2010-03-21 | s4:WINREG RPC - we support only non-volatile keys | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
| 2010-03-21 | s4:WINREG RPC - specify the performed create action for "CreateKey" | Matthias Dieter Wallnöfer | 1 | -1/+10 | |
| To make the WINREG RPC testsuite happy. | |||||
| 2010-03-16 | s4-lsa: fix dcesrv_lsa_lsaRSetForestTrustInformation server stub. | Günther Deschner | 1 | -3/+3 | |
| Guenther Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-03-16 | s4:idl change level to type in lsa_ForestTrustRecord. | Simo Sorce | 1 | -2/+2 | |
| 2010-03-16 | s4:dsdb Change dsdb_get_schema() callers to use new talloc argument | Andrew Bartlett | 1 | -2/+2 | |
| This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett | |||||
| 2010-03-12 | s4:rpc_server/spoolss: make use of dcerpc_binding_handle stubs | Stefan Metzmacher | 1 | -1/+1 | |
| metze | |||||
| 2010-03-11 | s4-winreg: continue processing in WERR_MORE_DATA case in ↵ | Günther Deschner | 1 | -1/+1 | |
| dcesrv_winreg_QueryValue(). Matthias, please check. Guenther | |||||
| 2010-03-11 | s4:rpc_server/drsuapi: don't reset [out,ref] pointer to NULL in ↵ | Stefan Metzmacher | 1 | -1/+0 | |
| dcesrv_drsuapi_DsRemoveDSServer() metze | |||||
| 2010-03-11 | s4/rpc_server Don't segfault over replPropertyMetaData contents | Andrew Bartlett | 1 | -0/+7 | |
| The replPropertyMetaData may contain attrid values that we don't yet have in the local schema. We need to deal with this - it is a serious error, but we should not segfault. Andrew Bartlett | |||||
| 2010-03-10 | s4:winreg RPC - fix up the "QueryValue" call to work against the enhanced ↵ | Matthias Dieter Wallnöfer | 1 | -7/+11 | |
| torture test Found out by gd's updated torture test. | |||||
| 2010-03-10 | s4:rpc_server/wkssvc: don't reset [out,ref] pointer to 0 | Stefan Metzmacher | 1 | -6/+0 | |
| r->out.total_entries = 0; should be *r->out.total_entries = 0; Otherwise we fail to marshall the reponse or crash if we run with log level = 10 and trigger the ndr_print functions. All out elements are already setup and initialized by the pidl generated code. metze | |||||
| 2010-03-10 | s4:rpc_server/wkssvc: remove unneeded talloc_reference() | Stefan Metzmacher | 1 | -4/+2 | |
| metze | |||||
| 2010-03-10 | s4:rpc_server/wkssvc: avoid ZERO_STRUCT(r->out) and use already allocated ↵ | Stefan Metzmacher | 1 | -4/+0 | |
| [out,ref] memory metze | |||||
| 2010-03-10 | s4:rpc_server/srvsvc: remove unused ZERO_STRUCT(r->out); | Stefan Metzmacher | 1 | -2/+0 | |
| Here it doesn't matter, but it's a bad example for other code as it might reset the [out,ref] pointers which are already generated by the pidl generated code. metze | |||||
| 2010-03-10 | s4-spoolss: remove unsed iconv handle from dcesrv_spoolss_GetPrinterData(). | Günther Deschner | 1 | -1/+0 | |
| Guenther | |||||
| 2010-03-10 | s4:winreg RPC - don't crash when incoming data wasn't correctly specified | Matthias Dieter Wallnöfer | 1 | -2/+8 | |
| Also found by the WINREG torture test enhancements by gd. | |||||
 |
index : samba | |
| Unnamed repository; edit this file 'description' to name the repository. | ben |
| summaryrefslogtreecommitdiff |