summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2010-05-18Finish removal of iconv_convenience in public API's.Jelmer Vernooij8-59/+32
2010-05-10s4:samdb_set_password/samdb_set_password_sid - ReworkMatthias Dieter Wallnöfer2-96/+21
Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file
2010-05-03s4:LogonGetDomainInfo - fix a potential crash sourceMatthias Dieter Wallnöfer1-0/+4
2010-05-03s4:LogonGetDomainInfo - fix indentationMatthias Dieter Wallnöfer1-2/+2
2010-05-03s4:LogonGetDomainInfo - remove singular "dNSHostName" check - this doesn't ↵Matthias Dieter Wallnöfer1-19/+1
belong here I'm not really sure if this check is really done on Windows Server. And if it is done, then it's on the LDB level (module).
2010-04-29s4/rodc: RODC FAS initial implementationAnatoliy Atanasov1-11/+10
2010-04-28s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUIDKamen Mazdrashki1-4/+4
This function is used in DRSUpdateRefs() implementation where we get DSA's objectGUID rather than invocationId
2010-04-27s4:rpc_server: remove unused socket_address based functionsStefan Metzmacher1-18/+0
metze
2010-04-28s4-netlogon: fixed getDcNameEx2 for blank inputsAndrew Tridgell1-1/+1
w2k8r2 returns the local DC information on no inputs for getDcNameEx2. This is needed for starting dsa.msc (ADUC) on Win7. CDLAP on the same call returns an error. This uses a parameter fill_on_blank_request to distinguish the two cases.
2010-04-27s4:rpc_server: remove 'socket_address' based functionsStefan Metzmacher3-23/+0
metze
2010-04-27s4:rpc_server/srvsvc: pass tsocket_address to the ntvfs layerStefan Metzmacher1-13/+5
metze
2010-04-27s4:rpc_server/spoolss: use tsocket_address in dcesrv_spoolss_check_server_name()Stefan Metzmacher1-4/+7
metze
2010-04-27s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2()Stefan Metzmacher1-5/+9
metze
2010-04-27s4:rpc_server: remember the local and remote addressStefan Metzmacher3-0/+18
metze
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+98
client site information This behaviour should be similar to the one of Windows Server (in my case 2008)
2010-04-27Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly ↵Matthias Dieter Wallnöfer1-93/+16
with the client site information" This reverts commit 908d982980846257b65ab576d31131e8793e9399. I need to merge the improved version of this commit.
2010-04-27Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch"Matthias Dieter Wallnöfer1-0/+6
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6. This isn't the correct behaviour. See MS-NRPC documentation under the "GetAnyDCName" section.
2010-04-27s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patchAndrew Tridgell1-6/+0
We should respond when we are the PDC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4:netlogon RPC server - we don't need "are we DC" proofsMatthias Dieter Wallnöfer1-8/+0
When we aren't a DC we shouldn't have the netlogon pipe available. [MS-NRPC 1.3] says that we can only have DCs on the server side. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementationMatthias Dieter Wallnöfer1-1/+23
Does for now only return DC's primary site. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the ↵Matthias Dieter Wallnöfer1-1/+13
MS-NRPC docs Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵Matthias Dieter Wallnöfer1-7/+55
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵Matthias Dieter Wallnöfer1-16/+93
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPNAndrew Tridgell1-1/+3
this is an alternative way of establishing repsTo
2010-04-26s4-drs: don't send uninstantiated objects in getncchangesAndrew Tridgell1-0/+5
This includes deleted partitions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: validate RODC credentials via the user_sidAndrew Tridgell1-27/+12
This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER levelAndrew Tridgell7-27/+47
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-22s4-drs: only allow replication with the right invocationIdAndrew Tridgell1-1/+20
Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: Use new samdb_rodc() function in s4 codeFernando J V da Silva1-1/+3
This patch fits the calling to the new samdb_rodc() function and fix a little bug in this function. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges replyFernando J V da Silva1-0/+14
During building an object to send it on a GetNCChanges reply, it checks the attributes and if any of them is a RODC filtered and the recipient is a RODC, then such attribute is not sent. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22s4-drs: samdb_is_rodc() function and new samdb_rodc() functionFernando J V da Silva2-2/+16
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-21s4:netlogon RPC server - fix a counter variable typeMatthias Dieter Wallnöfer1-1/+2
2010-04-20s4:rpc_server/netlogon: add no memory checksStefan Metzmacher1-1/+2
metze
2010-04-20s4-netlogon: fixed dc_unc and dc_address_typeAndrew Tridgell1-1/+3
These are needed for dcpromo from w2k8r2
2010-04-20s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC ↵Matthias Dieter Wallnöfer1-1/+1
short domainname discovery Here we don't need to use "lp_sam_name" since in this function we are always a DC.
2010-04-13s4:"samdb_server_site_name" uses - proof for out of memoryMatthias Dieter Wallnöfer1-1/+4
2010-04-13s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementationMatthias Dieter Wallnöfer1-52/+37
On the base of the "fill_netlogon_samlogon_response" call. This removes duplicated code.
2010-04-13s4:use "samdb_forest_name" for the forest DNS domainname lookupMatthias Dieter Wallnöfer1-13/+8
2010-04-13Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"Matthias Dieter Wallnöfer3-7/+8
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-04-12s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵Matthias Dieter Wallnöfer1-2/+2
attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one.
2010-04-12s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functionsMatthias Dieter Wallnöfer2-2/+2
Purely cosmetic change.
2010-04-11s4:auth Remove event context from anonymous_session()Andrew Bartlett2-2/+1
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett
2010-04-10s4:rpc_server Fix segfault in modified SamLogon handlingAndrew Bartlett1-0/+1
2010-04-10s4:rpc_server Add all SIDs into the netlogon SamLogon replyAndrew Bartlett1-32/+52
We were missing the SIDs that are not in the domain.
2010-04-09s4-winreg: Fix dcesrv_winreg_CreateKey after rename.Günther Deschner1-1/+1
Guenther
2010-04-09s4-winreg: add winreg_DeleteKeyEx stub.Günther Deschner1-0/+9
Guenther
2010-04-06s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell1-0/+2
them
2010-04-06s4-waf: install the rest of the headersAndrew Tridgell1-4/+1
2010-04-06build: waf quicktest nearly worksAndrew Tridgell1-3/+3
Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
2010-04-06build: commit all the waf build files in the treeAndrew Tridgell1-0/+138