summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2008-10-20Make the updated RPC-LSA pass against Win2008, and Samba4 to matchAndrew Bartlett1-0/+1
2008-10-20LSA Patch for User ManagerMatthias Dieter Wallnöfer1-4/+37
New (major) patch ================= - Enhances the "lsa.idl" file in the sense that it adds more values to "PolicyInformation" to improve the "lsa_QueryInfoPolicy*" calls. - Adds a minimal implementation for "AuditEvents" (also lsa_QueryInfoPolicy* calls) to enable the "Audit" option in the "User Manager for Domains" (at least readable). - Adds to the "lsa.idl" file the system access mode flags needed for the calls "lsa_*SystemAccessAccount". - Fill in the "lsa_GetSystemAccessAccount" for enabling the "User Rights" option in the "User Manager for Domains" (at least readable). - Merge the two similar torture tests of the "lsa_QueryInfoPolicy*" calls in one using "if"'s for a few separations. - Add a torture test for "lsa_GetSystemAccessAccount". - Some cosmetic-only changes (unifications) in output strings in the "LSA" torture test. The work has been done using the Microsoft WSPP docs. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2008-10-18s4-drsuapi: merge drsuapi_DsCrackNames from s3 drsuapi idl.Günther Deschner1-8/+10
Guenther
2008-10-18s4-drsuapi: merge drsuapi_DsGetDomainControllerInfo from s3 drsuapi idl.Günther Deschner1-5/+7
Guenther
2008-10-18s4-drsuapi: merge drsuapi_DsWriteAccountSpn from s3 drsuapi idl.Günther Deschner1-5/+8
Guenther
2008-10-17Fix errrors in new password handling code found by RPC-SAMR.Andrew Bartlett1-2/+15
I'm very glad we have such a comprehensive testsuite for the SAMR password change process, as it makes this a much easier task to get right. Andrew Bartlett
2008-10-16Create a 'straight paper path' for UTF16 passwords.Andrew Bartlett3-66/+70
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
2008-10-15Merge branch 'master' of git://git.samba.org/sambaJelmer Vernooij1-1/+1
2008-10-15s4: merge from s3 samr.idl.Günther Deschner1-1/+1
Guenther
2008-10-15Sync parameter names with samba 3.Jelmer Vernooij1-6/+6
2008-10-15winreg.idl: Sync ref change from Samba 3.Jelmer Vernooij1-1/+1
2008-10-15Fix includes.Jelmer Vernooij1-1/+1
2008-10-12Use common strlist implementation in Samba 3 and Samba 4.Jelmer Vernooij1-1/+1
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij8-8/+8
2008-10-06Start implementing AD-style trusted domains in Samba4's NETLOGON serverAndrew Bartlett1-2/+50
2008-10-06Store trusted domain passwords in the LSA serverAndrew Bartlett1-4/+64
2008-10-06s4:rpc_server: tell the gensec layer that we want to do header signingStefan Metzmacher1-0/+4
Note: header signing is still off by default, as the gensec backends don't support it together with seal yet. metze
2008-10-05remove dependencies on my home domainAndrew Tridgell1-2/+3
(in other words, don't do commits in airports)
2008-10-05removed some debug lines I left in the last commitAndrew Tridgell1-4/+0
2008-10-03updated the LSA and NETLOGON servers with fixes resulting from the ADAndrew Tridgell3-20/+113
plugfest in Redmond
2008-10-02fixed a talloc error in the rpc handle desctructor - destructorsAndrew Tridgell1-1/+0
should not try to free the ptr they are given
2008-09-30fixed a number of places in our LSA server where we should return theAndrew Tridgell1-11/+13
sid/name array even when all are unmapped. If we don't fill in the array then the windows client runtime crashes
2008-09-30Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell4-34/+40
2008-09-30check call status not rpc fault code when calling to different levelsAndrew Tridgell1-4/+4
of calls
2008-09-30cope with NULL attrAndrew Tridgell1-1/+3
2008-09-30Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij3-15/+21
2008-09-29Rework to match new trustDomainPasswords IDLAndrew Bartlett1-5/+5
2008-09-29Fix parsing of the trust passwords in LSA CreateTrustedDomainEx*Andrew Bartlett1-4/+4
2008-09-30s4:rpc_server: correctly handle dcerpc requests with object uuidsStefan Metzmacher2-6/+12
metze
2008-09-30dcesrv: Remove use of global_loadparm.Jelmer Vernooij1-19/+19
2008-09-29WSPP docs say we need to check that root_dir is NULLAndrew Tridgell1-0/+6
2008-09-29we need to return NT_STATUS_INVALID_PARAMETER for bad levels inAndrew Tridgell1-0/+5
lsalookupnames2
2008-09-29unmapped SIDs should be rid 0 not rid -1Andrew Tridgell1-1/+4
2008-09-29added some more well known SIDs - thanks to the WSPP LSAT test suiteAndrew Tridgell1-1/+42
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij2-2/+2
2008-09-24Rename smbd -> samba.Jelmer Vernooij1-1/+1
This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091. Conflicts: source4/smbd/server.c
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce3-20/+19
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-09-22Remove unused parameter from decode_pw_buffer and fail on invalidAndrew Bartlett2-8/+5
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett
2008-09-21Revert "Rename smbd -> samba."Jelmer Vernooij1-1/+1
This reverts commit 0e9008be35a5b334bd65e6417193d4b8f27bdc36.
2008-09-21Rename smbd -> samba.Jelmer Vernooij1-1/+1
2008-09-13rpc_server: don't send auth trailers in level connectStefan Metzmacher2-89/+80
Also ignore auth trailers in level connect on receive. This fixes [krb5,connect] against windows. TODO: maybe the gensec mech need to decide if signatures are needed in level connect. metze (This used to be commit 2e3629719790e7631d9de383b565dc8a0997bcfb)
2008-09-13rpc_server: correctly calculate the auth paddingStefan Metzmacher1-3/+8
metze (This used to be commit e82468a8f538aa0cf6d477fb54cc0178c0d64574)
2008-09-08Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008.Andrew Bartlett1-51/+64
(This used to be commit 07cb8db799cc22685af4bb63285fa10115790ce1)
2008-09-08More work towards trusted domains support in Samba4's LSAAndrew Bartlett1-50/+323
Make 'lsar_CreateTrustedDomain' consistant with lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle Implement LSA server logic to create the cn=users trust account for incoming trusts. Andrew Bartlett (This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
2008-09-05Update copyright, I've been working here many long years...Andrew Bartlett1-1/+1
(This used to be commit 842ab594124198453fc88f46ab83b712a7d34dc1)
2008-09-03Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett1-1/+44
(This used to be commit 9590805bcbdd1924eda5a69978ffac7ec7603451)
2008-09-03Implement NETLOGON PAC verfication on the server-sideAndrew Bartlett1-31/+29
This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
2008-09-01Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.Andrew Bartlett1-0/+6
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
2008-08-29Start implementing the server-sde NETLOGON PAC verification.Andrew Bartlett1-1/+46
(This used to be commit 8741e8fee619cccd84f2f10e00426df1d4f34074)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett3-40/+92
(This used to be commit b706708210a05d6f10474a3cd2bbc550704d4356)