Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-04-29 | s4/rodc: RODC FAS initial implementation | Anatoliy Atanasov | 1 | -11/+10 | |
2010-04-28 | s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID | Kamen Mazdrashki | 1 | -4/+4 | |
This function is used in DRSUpdateRefs() implementation where we get DSA's objectGUID rather than invocationId | |||||
2010-04-27 | s4:rpc_server: remove unused socket_address based functions | Stefan Metzmacher | 1 | -18/+0 | |
metze | |||||
2010-04-28 | s4-netlogon: fixed getDcNameEx2 for blank inputs | Andrew Tridgell | 1 | -1/+1 | |
w2k8r2 returns the local DC information on no inputs for getDcNameEx2. This is needed for starting dsa.msc (ADUC) on Win7. CDLAP on the same call returns an error. This uses a parameter fill_on_blank_request to distinguish the two cases. | |||||
2010-04-27 | s4:rpc_server: remove 'socket_address' based functions | Stefan Metzmacher | 3 | -23/+0 | |
metze | |||||
2010-04-27 | s4:rpc_server/srvsvc: pass tsocket_address to the ntvfs layer | Stefan Metzmacher | 1 | -13/+5 | |
metze | |||||
2010-04-27 | s4:rpc_server/spoolss: use tsocket_address in dcesrv_spoolss_check_server_name() | Stefan Metzmacher | 1 | -4/+7 | |
metze | |||||
2010-04-27 | s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2() | Stefan Metzmacher | 1 | -5/+9 | |
metze | |||||
2010-04-27 | s4:rpc_server: remember the local and remote address | Stefan Metzmacher | 3 | -0/+18 | |
metze | |||||
2010-04-27 | s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵ | Matthias Dieter Wallnöfer | 1 | -16/+98 | |
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) | |||||
2010-04-27 | Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly ↵ | Matthias Dieter Wallnöfer | 1 | -93/+16 | |
with the client site information" This reverts commit 908d982980846257b65ab576d31131e8793e9399. I need to merge the improved version of this commit. | |||||
2010-04-27 | Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch" | Matthias Dieter Wallnöfer | 1 | -0/+6 | |
This reverts commit e88a54a87e185b44e2d216bd853e6a87bf950be6. This isn't the correct behaviour. See MS-NRPC documentation under the "GetAnyDCName" section. | |||||
2010-04-27 | s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch | Andrew Tridgell | 1 | -6/+0 | |
We should respond when we are the PDC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-27 | s4:netlogon RPC server - we don't need "are we DC" proofs | Matthias Dieter Wallnöfer | 1 | -8/+0 | |
When we aren't a DC we shouldn't have the netlogon pipe available. [MS-NRPC 1.3] says that we can only have DCs on the server side. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementation | Matthias Dieter Wallnöfer | 1 | -1/+23 | |
Does for now only return DC's primary site. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the ↵ | Matthias Dieter Wallnöfer | 1 | -1/+13 | |
MS-NRPC docs Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵ | Matthias Dieter Wallnöfer | 1 | -7/+55 | |
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵ | Matthias Dieter Wallnöfer | 1 | -16/+93 | |
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPN | Andrew Tridgell | 1 | -1/+3 | |
this is an alternative way of establishing repsTo | |||||
2010-04-26 | s4-drs: don't send uninstantiated objects in getncchanges | Andrew Tridgell | 1 | -0/+5 | |
This includes deleted partitions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: validate RODC credentials via the user_sid | Andrew Tridgell | 1 | -27/+12 | |
This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level | Andrew Tridgell | 7 | -27/+47 | |
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-04-22 | s4-drs: only allow replication with the right invocationId | Andrew Tridgell | 1 | -1/+20 | |
Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: Use new samdb_rodc() function in s4 code | Fernando J V da Silva | 1 | -1/+3 | |
This patch fits the calling to the new samdb_rodc() function and fix a little bug in this function. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges reply | Fernando J V da Silva | 1 | -0/+14 | |
During building an object to send it on a GetNCChanges reply, it checks the attributes and if any of them is a RODC filtered and the recipient is a RODC, then such attribute is not sent. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: samdb_is_rodc() function and new samdb_rodc() function | Fernando J V da Silva | 2 | -2/+16 | |
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-21 | s4:netlogon RPC server - fix a counter variable type | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-04-20 | s4:rpc_server/netlogon: add no memory checks | Stefan Metzmacher | 1 | -1/+2 | |
metze | |||||
2010-04-20 | s4-netlogon: fixed dc_unc and dc_address_type | Andrew Tridgell | 1 | -1/+3 | |
These are needed for dcpromo from w2k8r2 | |||||
2010-04-20 | s4:netlogon RPC - "fill_one_domain_info" - use "lp_workgroup" for the DC ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
short domainname discovery Here we don't need to use "lp_sam_name" since in this function we are always a DC. | |||||
2010-04-13 | s4:"samdb_server_site_name" uses - proof for out of memory | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
2010-04-13 | s4:dcesrv_netr_DsRGetDCNameEx2 - provide a much better implementation | Matthias Dieter Wallnöfer | 1 | -52/+37 | |
On the base of the "fill_netlogon_samlogon_response" call. This removes duplicated code. | |||||
2010-04-13 | s4:use "samdb_forest_name" for the forest DNS domainname lookup | Matthias Dieter Wallnöfer | 1 | -13/+8 | |
2010-04-13 | Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions" | Matthias Dieter Wallnöfer | 3 | -7/+8 | |
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library. | |||||
2010-04-12 | s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one. | |||||
2010-04-12 | s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions | Matthias Dieter Wallnöfer | 2 | -2/+2 | |
Purely cosmetic change. | |||||
2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 2 | -2/+1 | |
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
2010-04-10 | s4:rpc_server Fix segfault in modified SamLogon handling | Andrew Bartlett | 1 | -0/+1 | |
2010-04-10 | s4:rpc_server Add all SIDs into the netlogon SamLogon reply | Andrew Bartlett | 1 | -32/+52 | |
We were missing the SIDs that are not in the domain. | |||||
2010-04-09 | s4-winreg: Fix dcesrv_winreg_CreateKey after rename. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-04-09 | s4-winreg: add winreg_DeleteKeyEx stub. | Günther Deschner | 1 | -0/+9 | |
Guenther | |||||
2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 1 | -0/+2 | |
them | |||||
2010-04-06 | s4-waf: install the rest of the headers | Andrew Tridgell | 1 | -4/+1 | |
2010-04-06 | build: waf quicktest nearly works | Andrew Tridgell | 1 | -3/+3 | |
Rewrote wafsamba using a new dependency handling system, and started adding the waf test code | |||||
2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 1 | -0/+138 | |
2010-03-30 | s4:lsa implement lsaRSetForestTrustInformation | Simo Sorce | 1 | -5/+549 | |
2010-03-29 | s4:registry - move the UTF16 length calculation for "reg_key_get_info" into ↵ | Matthias Dieter Wallnöfer | 1 | -0/+9 | |
the RPC server code It does fit better there. | |||||
2010-03-24 | s4/drs: drsuapi_DsAddEntry_ErrData propagate structure def in source code | Kamen Mazdrashki | 1 | -4/+4 | |
2010-03-22 | s4:lsa Functions to set Domain Trust Information | Simo Sorce | 1 | -7/+592 | |
2010-03-22 | s4:lsa move code to add trusted domain user into its own function | Simo Sorce | 1 | -72/+101 | |