summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2009-09-15s4-repl: take advantage of async RPC forwardingAndrew Tridgell1-21/+4
This uses async RPC forwarding for the DsReplicaSync call
2009-09-15s4-rpc: added a module for forwarding RPC requestsAndrew Tridgell3-9/+116
dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC request to another task in Samba4, with the return being handled asynchronously. This is useful for forwarding DRS requests to the repl or kcc tasks
2009-09-15s4-drs: lock down key DRS callsAndrew Tridgell4-22/+54
The key DRS calls should only be allowed by administrators or domain controllers
2009-09-15s4-drs: filter based on local_usnAndrew Tridgell1-1/+1
The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData
2009-09-16schannel: move schannel_sign to main directory.Günther Deschner1-1/+2
Guenther
2009-09-14s4-drs: allow replication of renamesAndrew Tridgell1-6/+7
a rename may have no attribute changes
2009-09-13s4-drs: fixed search expressionAndrew Tridgell1-1/+1
At least on the command line the braces are needed. Strange.
2009-09-12s4-drs: change debug levelAndrew Tridgell1-1/+1
It's useful seeing the object count without as much detail
2009-09-12s4-drs: also fill in tmp_highest_usnAndrew Tridgell1-0/+1
Without this the client will not update its repsFrom highest_usn values
2009-09-12s4-drs: return objects with uSN > highest_usnAndrew Tridgell1-2/+6
When the client tells us the highest_usn they have is N, then we want to send them objects with usn>N, not>=N, as otherwise we end up sending them the same object (the one with the highest uSN) again and again.
2009-09-12s4-drs: spelling fix, and simpler search expressionAndrew Tridgell1-2/+2
uSNChanged>=N is good enough, and offers a possibility of a simple optimisation where the partition module could look for that expression and check the partitions sequence number, then avoid searching a partition that doesn't have any records with a larger uSN.
2009-09-12s4-drs: fixed the cursor generation to always be filled inAndrew Tridgell1-102/+152
We were relying on the uSNChanged>=n search always finding the DN of the root of the partition, but this now doesn't happen very often as we are now restricting when we change uSNChanged. This means we need to always load the replUpToDateVector attribute from the NC root and use it to populate the cursors in the return.
2009-09-12s4-repl: use common functions to simplify updaterefs.cAndrew Tridgell1-108/+4
We now have dsdb_loadreps() and dsdb_savereps()
2009-09-12Fix up-to-dateness vector creation.Anatoliy Atanasov1-15/+76
2009-09-11s4-drs: fixed the ldap SPN in AddEntryAndrew Tridgell1-1/+1
2009-09-11s4-idl: added the IDL for the DsReplica* callsAndrew Tridgell1-9/+9
2009-09-11lsa: fill in more unknowns in lsa_LookupSid calls.Günther Deschner1-4/+4
Guenther
2009-09-11s4-drs: actually call the new drsuapi_add_SPNs() codeAndrew Tridgell1-2/+2
An early return here didn't do any good :-)
2009-09-11s4-drs: add the magic DRS SPNs on AddEntryAndrew Tridgell1-4/+120
When a DsAddEntry is used to create a nTDSDSA object we need to also create the SPNs for the NTDS GUID in the servers machine account.
2009-09-11s4/drs: parentGUID needs to be specififcally asked forAndrew Tridgell1-1/+2
Right now parentGUID is a normal attribute in s4, but it should be generated, which means we need to ask for it in a search if we want to use it.
2009-09-10s4:srvsvc: Fix logic on error checking.Andrew Kroeger1-6/+6
2009-09-10s4:netlogon - Put the "supported encryption types" more back in the ↵Matthias Dieter Wallnöfer1-6/+8
"LogonGetDomainInfo" call They're needed only at the end.
2009-09-10s4/drs: enable attribute encryptionAndrew Tridgell1-6/+41
This means we now get passwords vampired correctly for s4<->s4 replication.
2009-09-10s4/drs: changed the UpdateRefs server to use the dn instead of the GUIDAndrew Tridgell1-27/+18
Our vampire code sends a zero GUID in the updaterefs calls. Windows seems to ignore the GUID and use the DN in the naming context instead, so I have changed our UpdateRefs server implementation to do the same. With this change we can now vampire from s4<->s4 successfully! Now to see if all the attributes came across correctly.
2009-09-10s4/drs: correctly fill in the GUID of DRS objectsAndrew Tridgell1-1/+1
2009-09-10s4: fix spellingAndrew Tridgell1-1/+1
2009-09-10s4/drs: when we don't find an attribute use zero valuesAndrew Tridgell1-19/+10
thanks to metze for pointing this out
2009-09-09s4:drs match the meta_data and attributes arrayAndrew Tridgell1-16/+46
These two arrays need to be in sync, as they are walked in sync by the client
2009-09-09s4/drs: broke out the core of the getncchanges codeAndrew Tridgell1-81/+96
It is easier to understand without the heavy nesting
2009-09-09s4:drs level_out is a pointerAndrew Tridgell1-1/+1
DsAddEntry now seems to work for simple tests
2009-09-09s4:drs split addentry and getncchanges into separate filesAndrew Tridgell7-292/+375
These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow
2009-09-09s4/repl: implement DsReplicaSyncAndrew Tridgell1-5/+26
This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition.
2009-09-09s4: fixed format of repsTo in samdbAndrew Tridgell1-52/+70
Metze pointed out what the windows tool ldp.exe will examine repsTo attributes on remote DCs, so we do in fact need to use the same format that windows uses. This patch changes the server side implementation of UpdateRefs to use the windows format
2009-09-08s3:drsuapi: add a simple DsRemoveDSServer() implementationStefan Metzmacher1-1/+42
metze
2009-09-08s4:drsuapi: add an incomplete DsAddEntry implementationStefan Metzmacher1-2/+37
metze
2009-09-08Return a correct value for Supported Encryption TypeMatthieu Patou1-1/+6
Vista and upper version use this value to check wether they should ask the DC to change the msDS-SupportedEncryptionTypes attribute or not. Declare the different value as a bitmap in Netlogon idl
2009-09-07s4:templates - Remove the latest relics (in "dcesrv_lsa_CreateSecret")Matthias Dieter Wallnöfer1-10/+0
2009-09-08s4: implemented server side of DSUpdateRefs callAndrew Tridgell5-11/+340
This call is made by DCs to tell us we should notify them of directory changes
2009-09-08s4: fixed a unsigned printf warningsAndrew Tridgell1-3/+3
2009-09-08s4: removed an unused variableAndrew Tridgell1-2/+0
2009-09-08Fill the meta data vector in the responce struct.Anatoliy Atanasov1-4/+32
2009-09-07s4:LogonGetDomainInfo - add a basic check for the hostnameMatthias Dieter Wallnöfer1-2/+17
This check is specified in Windows Server after release 2003. The parameter "hostname" should match as prefix of the dns hostname given as parameter in the "workstation" structure.
2009-09-07s4:samr - Fix up the SAMR server to support the primary group of a user in ↵Matthias Dieter Wallnöfer1-128/+189
the right way When doing some tests with the NT User Manager for Domains on s4 I noticed that the handling of the primary group for a user wasn't correct. So I fixed this. Also some cosmetic changes (tab indent corrections).
2009-09-03First attempt to implement dcesrv_drsuapi_DsGetNCChangesAnatoliy Atanasov1-1/+204
So far it returns the ctr6 responce without proper linked attributes support and metadata. A couple of improvements are the filter in the search uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes are excluded from the result.
2009-08-27s4-schannel: add ldb suffix to schannel functions.Günther Deschner1-8/+8
Guenther
2009-08-20s4-spoolss: add stubs for new idl opcodes in spoolss server.Günther Deschner1-0/+140
Guenther
2009-08-04s4:netlogon Fix warnings and segfault in GetDomainInfo callAndrew Bartlett1-4/+5
- Correctly use samdb_search_string to do a 'base' search (this needs a NULL, not a "" argument for the format string) - There is no need (and it caused a security hole) to use talloc_asprintf() with the only argument being the string to duplicate. Andrew Bartlett
2009-08-03s4: Enhancements in the "netr_LogonGetDomainInformations" callMatthias Dieter Wallnöfer1-65/+194
This addresses bug #4888 and #6596 in SAMBA 4 Bugzilla - It implements the call in the complete form as specified in the MSPP/WSPP docs and on the discussion on the "cifs-protocol" list - Therefore client informations (OS name, OS version, "servicePrincipalName"...) are now saved in the AD each time the client invokes the call
2009-07-31s4: Correct renamed constantsMatthias Dieter Wallnöfer1-4/+4
2009-07-23[SAMBA 4 / NETLOGON] Modify type of SAM contextsMatthias Dieter Wallnöfer1-9/+7
In the SAMBA 4 DCE/RPC NETLOGON server the SAM context references have generally the type "void *". But we know that those context objects are based on the "struct ldb_context" type. We've always to cast for using a SAM/LDB call. This I didn't find very appealing and so I assigned the right (detailed) type to each "sam_ctx". Therefore, the casts could disappear. Also this change is only cosmetic.