Age | Commit message (Collapse) | Author | Files | Lines |
|
for NT4 DC's in mixed mode domains.
This call is triggered by tranferring the PDC FSMO Role to another DC
the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl
metze
(This used to be commit d883815c8d64429e4dac26a93a15e67d31dc263e)
|
|
Andrew Bartlett
(This used to be commit 21b38ae1e4c48dab4b89f234f4dc26a3aed401c3)
|
|
Andrew Bartlett
(This used to be commit 05debeaced7296762b293cc804a71abcfb096066)
|
|
usual things are more complex than they appear.
Also remove the incorrect server-side implementation, which blindly
assumed some sense of consistancy across the API switch levels.
Andrew Bartlett
(This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
I've attached the patch which fix this problem. I've only added
DCERPC_NDR_REF_ALLOC to the connection flags. This way it is processed
correctly by ndr_pull_init_flags and added to the ndr flags of the pull
structure.
metze
(This used to be commit ed4c7ce547c61907291d19c172d5eb6f4c4981fe)
|
|
to make the "remote" rpc proxy work for outlook and exchange
metze
(This used to be commit 00875f806eca4165cb098b0e01e33c74fdea2bf5)
|
|
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
|
|
there is no ongoing transaction in this code
(This used to be commit 93b738b1112d9e317cb29b32eee45003de37f693)
|
|
metze
(This used to be commit b4d7d49c276a4ec0bcf7971909e74e10476e9ca3)
|
|
a DC
metze
(This used to be commit df133cd22a350d422c49844e50a67f4cc1fb61e4)
|
|
(This used to be commit 0221d5b6c4250a3a2c86c623c534996d7decb1f6)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
DsWriteAccountSpn().
It passes the client toture test.
Andrew Bartlett
(This used to be commit a1e80eeb9561a856ac5aa1f5a991dcd648b152ff)
|
|
Andrew Bartlett
(This used to be commit 4c349f44f8a018e1ad6ed8e92c5083abc4979324)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
(This used to be commit 8143de855c0b65346b2d8e59ecdb78952927de4a)
|
|
libraries
works again now, by specifying --enable-dso to configure.
(This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
|
|
as well?
The server side change is needed to fix a valgrind error, which was
possibly exploitable if the client sent deliberately bad data
(This used to be commit e3c04cf165fe15739197b2713e78046399aa7653)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
length, use the amount the wapped message expanded by.
This works, because GSSAPI doesn't do AEAD (signing of headers), and
so changing the signature length after the fact is valid.
Andrew Bartlett
(This used to be commit bd1e0f679c8f2b9755051b8d34114fa127a7cf26)
|
|
output in the testsuite rather than just True or False for a
set of tests.
The aim is to use this for:
* known failure lists (run all tests and detect tests that
started working or started failing). This
would allow us to get rid of the RPC-SAMBA3-* tests
* nicer torture output
* simplification of the testsuite system
* compatibility with other unit testing systems
* easier usage of smbtorture (being able to run one test
and automatically set up the environment for that)
This is still a work-in-progress; expect more updates over the next couple of
days.
(This used to be commit 0eb6097305776325c75081356309115f445a7218)
|
|
that's why ntsrv and win2k3 srv could pass the net test
and we could not...
rafal
(This used to be commit 60ade8ddbd01ac45e5fe6380542ba23cd861e133)
|
|
with NTSTATUS, WERROR etc.
(This used to be commit fddb85bfa8bb5df7812d226a7a6f6fb41ccf107f)
|
|
when I fixed the previous bug in this code.
We need to remove fragments from the incoming fragment list, or else
we leak (actually, we walk free()'ed data as we add/remove elements).
Andrew Bartlett
(This used to be commit 77473d2ef9a7673cebb56b398acf390fd51a08c8)
|
|
OpenLDAP.
Andrew Bartlett
(This used to be commit 9ce88a8917d383104c47f794a8c554c43d13e383)
|
|
(This used to be commit be2f4a2c44ed2b4d586f0d6e9976158f33fb29d8)
|
|
(This used to be commit 2c035787d47c6055c4081021f30d08929f178ca3)
|
|
talloc(NULL, xxx) to allocate the registry context. That had two
consequences
1) it was a massive memory leak, as all winreg operations leaked their
entire context (including an open ldb database) every time
2) event_context_find() never found the exsting event context, so we
used a new event context each time, which called epoll_create()
each time, which caused a fd to be allocated
(This used to be commit 1c0a3de39828b43149d8981fc7f10e7c8b59a392)
|
|
Jerry, there is a big difference on the wire between these two:
[out] uint32 x;
and
[out] uint32 *x;
if you change from
[out] uint32 x;
then you need to change to:
[out,ref] uint32 *x;
otherwise it changes the format on the wire, which means we are no
longer compatible with MS servers.
but be aware that even if you change to a ref ptr, you also need to
change all the client code to set all the return variables in the out
part of the structure. That's why I don't like the MIDL restriction of
forcing the use of ref pointers for output variables - it makes life
much harder when writing client code, and makes the code much more
error prone (just look at all the extra code needed to make this work
again).
I know we could auto-allocate these variables in the generated client
side NDR code, but if we did that then we would have no way of doing a
_real_ ref out pointer, which we really wanted to set to some already
allocated variable.
So please hold off on changing our idl to use the MIDL convention for
output variables until Jelmer and I have had a good "chat" about this :-)
(This used to be commit 555aed43ba3c08360ca7fa921622b80732a7f657)
|
|
(This used to be commit ab0a798c57564901f0adcd8aedc1ef0928e79edd)
|
|
(This used to be commit 694677dafefdd94fa0a9bed93efab70c528dcb26)
|
|
Also cope with the fact that we define the FSTYPE as NTFS by default.
We never use this anywhere else, so we may just change it, but just
detect the fact and return DISK in share_classic for now.
(This used to be commit 4daf5f7764ce69c14066f7320961c90141f0863a)
|
|
metze
(This used to be commit d9137edbdb61f2847453357b94050e5afc2fe68b)
|
|
(This used to be commit 60076fa87d6c68295ebedc28cdbbd4556cfd0ae7)
|
|
Now we can add and remove a share from the "Computer Management"
console (not yet modify!) usinf share backend = ldb
(This used to be commit ae2f6d4a5a372a37b9783a02bb8e7f16588b21f0)
|
|
call.
Andrew Bartlett
(This used to be commit 5525baf5217417308ffcebe2be3b4df445fddf75)
|
|
Simo.
(This used to be commit 906429834a102349582017ef73a69e211ef5c500)
|
|
Andrew Bartlett
(This used to be commit 6419ef09b18b1105956211ae8774963f9cb30d2e)
|
|
Andrew Bartlett
(This used to be commit 27259f3632a3fe21cfc5d1375aa630ec0f9f4734)
|
|
and "priorSecret" are "currentValue" and "priorValue".
With this, we pass RPC-LSA against OpenLDAP.
Andrew Bartlett
(This used to be commit 4380bcaaee74a0aa1a83540bf39793c4aeab4068)
|
|
We were adding packet fragments onto the *reply* queue, not the
recieve queue. This worked, as long as we got a whole packet before
we did any reply work, but failed once the backend called a remote
LDAP server (and I presume something invoked the event loop).
Andrew Bartlett
(This used to be commit a0162e0ace48104d94f7b7dd3d2f62a7f42e10c6)
|
|
handle. Avoids a lookup for the basic domain information for every
request.
Andrew Bartlett
(This used to be commit 35b69bc5f4bda7f4f2480997cc32188154a175ce)
|
|
LookupNames3/LookupNames4
The latter calls don't supply a policy handle
The latter calls now acquire a policy handle, then call the earlier
calls. This means we still share the codepaths, but don't need to
fetch policy state when it is already provided.
Andrew Bartlett
(This used to be commit 5fa9e96bd0d1f75e208be9a8a04dfc90a854bee9)
|
|
(This used to be commit cc86719f53a47e3ca25b19d7a765314ce967ab01)
|
|
Fix spelling and consistencies issues in idl
(This used to be commit 1347c971ac4dd62e6e6643293d48917ac065d19c)
|
|
fix names to be consistent between level 101 and 102 and typo in idl
(This used to be commit 1962fb92d706962544c293770718294e595f9fc4)
|
|
(This used to be commit 4860d0256547b33709cdc109bdf7bb0310c2a5b6)
|