summaryrefslogtreecommitdiff
path: root/source4/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
2010-10-23s4:rpc_server/netlogon: netr_ServerAuthenticate3 should return ↵Stefan Metzmacher1-8/+8
NO_TRUST_SAM_ACCOUNT If we can't find the account we should return NT_STATUS_NO_TRUST_SAM_ACCOUNT instead of NT_STATUS_ACCESS_DENIED. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Oct 23 10:05:35 UTC 2010 on sn-devel-104
2010-10-23s4:rpc_server/netlogon: netr_ServerAuthenticate3 should reject invalid ↵Stefan Metzmacher1-3/+15
sec_channel_types early metze
2010-10-23s4:rpc_server/netlogon: netr_ServerAuthenticate3 should check the challenge ↵Stefan Metzmacher1-5/+5
after the account metze
2010-10-23s4:rpc_server/netlogon: fix comment in netr_DsRGetDCName()Stefan Metzmacher1-1/+1
metze
2010-10-23s4:rpc_server/netlogon: handle DC_RETURN_NETBIOS and DC_RETURN_DNS in ↵Stefan Metzmacher1-3/+28
netr_DsRGetDCNameEx2() metze
2010-10-23s4:rpc_server/netlogon: validate flags in netr_DsRGetDCNameEx2() and callersStefan Metzmacher1-2/+37
Thanks to Tarun Chopra for the help of looking up all the bits in the docs. metze
2010-10-23s4:rpc_server/netlogon: netr_GetDcName should return WERR_DCNOTFOUND for ↵Stefan Metzmacher1-0/+19
invalid names Only netbios domain names are allowed. metze
2010-10-21s4-rpc_server: split out DCERPC_SHARE as a separate subsystemAndrew Tridgell3-2/+10
this avoids a problem with -Wl,-no-undefined in the ntvfs layer Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-17Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer4-0/+4
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer4-4/+0
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-16s4:dsdb - fix unsigned integer save problems using the "%u" specifierMatthias Dieter Wallnöfer1-12/+12
The issue here is that we have not yet first cast to int32_t explicitly, before we cast to an signed int to printf() into the %d or cast to a int64_t before we then cast to a long long to printf into a %lld. There are *no* unsigned integers in Active Directory LDAP, even the RID allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities. (See the schema, and the syntax definitions in schema_syntax.c). The failure has been detected by Matthieu Patou on the buildfarm host "tridge" due to a malformed "groupType" attribute. The solution is to use the "%d" specifier. Either to use it directly - or better (when possible) use the call "samdb_msg_add_uint" (which encapsulates it). This patch changes such problematic situations.
2010-10-15s4:lsa RPC server - use LDB result constantMatthias Dieter Wallnöfer1-1/+1
2010-10-15s4:dsdb - remove "samdb_msg_add_value"Matthias Dieter Wallnöfer1-7/+4
This can be substituted by "ldb_msg_add_value". Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Oct 15 00:21:53 UTC 2010 on sn-devel-104
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer6-48/+49
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-14libcli/security Use static SIDs rather than parsing from stringsAndrew Bartlett1-1/+1
This should make the security_token_is_*() calls a little faster. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-13s4 rpc_server: fix a build error on freebsdMatthieu Patou1-0/+9
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Wed Oct 13 10:48:04 UTC 2010 on sn-devel-104
2010-10-12s4-libcli/security Use seperate subsystem for session related functionsAndrew Bartlett8-4/+10
The merged I plan in this area require spliting security.h into two header files, a common header and a session.h for the remaining source4-specific code. Andrew Bartlett
2010-10-12libcli/security Add debug class to security_token_debug() et alAndrew Bartlett2-3/+3
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett
2010-10-11s4-param Refactor secrets code to not require an event context.Andrew Bartlett1-2/+2
A new event context is constructed by LDB when required for secrets.ldb This will be essentially unused, as LDB on TDB will only trigger 'fake' events, and blocks on transactions and lock operations anyway. Andrew Bartlett
2010-10-11torture: Link against rpc server itself, not service module. (against which ↵Jelmer Vernooij4-445/+460
we can't link).
2010-10-10samdb: Add flags argument to samdb_connect().Jelmer Vernooij7-27/+27
2010-10-07samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray.Günther Deschner1-7/+7
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 7 12:04:32 UTC 2010 on sn-devel-104
2010-10-07s4-samr: Fix dcesrv_samr_QueryGroupMember.Günther Deschner1-1/+3
Guenther
2010-10-05s4:kdc - use "userAccountControl" always unsignedMatthias Dieter Wallnöfer1-1/+1
It doesn't change much but it's nicer to have it consistent.
2010-10-05Add missing dependencies for com_err.Jelmer Vernooij1-1/+1
2010-10-04spoolss: fill in spoolss_SetPort IDL.Günther Deschner1-3/+3
Guenther
2010-10-03s4:dsdb - substitute the "show_deleted" with the "show_recycled" controlMatthias Dieter Wallnöfer1-1/+1
We intend to see always all objects with the "show_deleted" control specified. To see also recycled objects (beginning with 2008_R2 function level) we need to use the new "show_recycled" control. As far as I see this is only internal code and therefore we don't run into problems if we do substitute it. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-03s4:getncchanges.c - fix some counter typesMatthias Dieter Wallnöfer1-3/+3
2010-10-03s4:rpc_server/echo: fix compiler warningStefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Oct 3 09:41:51 UTC 2010 on sn-devel-104
2010-10-02s4:rpc_server/netlogon: don't use dcerpc_binding_handle_call_send/recv() ↵Stefan Metzmacher1-12/+9
directly metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Oct 2 03:11:38 UTC 2010 on sn-devel-104
2010-09-30s4-drs: put the GCSPN flag into the repsTo if requestedAndrew Tridgell2-0/+8
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-drs: added support for level 10 of getncchangesAndrew Tridgell2-73/+112
added a simple mapping from req8
2010-09-29s4-drs: implement PAS checks and access checks for getncchangesAndrew Tridgell1-26/+130
This implements partial attribute set checking on getncchanges. If the client sends a partial_attribute_set then we only return the specified attributes. This also implements access checking on the NC root for the access right GUIDs for requests with and without reveal secrets Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29s4-drs: added drs_security_access_check_nc_root()Andrew Tridgell2-12/+63
this checks securiity on the NC root of the specified naming context
2010-09-28s4-drs: added support for DRSUAPI_EXOP_REPL_OBJAndrew Tridgell1-1/+32
this extended getncchanges operation replicates a single object
2010-09-28s4-drs: use drs_ObjectIdentifier_*() calls in getncchangesAndrew Tridgell1-14/+16
this allows for replication by GUID or SID
2010-09-28s4-drs: moved the drs_ObjectIdentifier handling to dsdb_dn.cAndrew Tridgell1-44/+0
this will be used outside of the drs server. This also fixes the handling of the ndr_size elements of the drs_ObjectIdentifier
2010-09-28s4-drs: Added check for drs-manage-topology to updateRefs.Nadezhda Ivanova1-7/+9
2010-09-28s4-drs: Added drs_security_access_check functionNadezhda Ivanova2-0/+64
It takes a security token, an ldb_context, and the desired CAR and checks if the principal has this CAR granted
2010-09-27s4-netlogon: added RODC DNS update call fwded to dnsupdate taskAndrew Tridgell1-3/+89
when we get a netlogon RODC DNS update, we send it to the dnsupdate task
2010-09-28s4:rpc_server: use SOCKET_FLAG_NOCLOSE to avoid calling close() on the ↵Stefan Metzmacher1-0/+1
socket fd twice. metze
2010-09-27s4-drs: make getncchanges debug less verboseAndrew Tridgell1-1/+1
quieten make test a little
2010-09-27s4/irpc: Add security token to the binding handle when doing irp call forwardingAnatoliy Atanasov1-0/+7
2010-09-27s4-drs: fixed comment in getncchanges codeAndrew Tridgell1-1/+1
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 04:54:43 UTC 2010 on sn-devel-104
2010-09-26s4-drs: use the system sam_ctx for updaterefsAndrew Tridgell1-8/+9
this is needed for RODC clients calling updaterefs
2010-09-25s4-repl: make getncchanges a bit less verboseAndrew Tridgell1-1/+1
this should reduce some of the clutter in make test
2010-09-24s4:rpc_server/dcerpc_server.c - fix a "const" warningMatthias Dieter Wallnöfer1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-23s4/eventlog6: Add dummy implementation for calls 0x5 and 0xBAnatoliy Atanasov1-2/+6
The code is enough to let us run all dcdiag tests against samba4 server
2010-09-23s4/eventlog6: Build and hook EventLog6 RPC endpont mapper and idlAnatoliy Atanasov3-0/+21
2010-09-23s4/eventlog6: Add endpoint server for EventLog6 RPCAnatoliy Atanasov1-0/+319
The file is generated using PIDL --template command.