summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/lsa.c
AgeCommit message (Collapse)AuthorFilesLines
2008-09-08More work towards trusted domains support in Samba4's LSAAndrew Bartlett1-1/+1
Make 'lsar_CreateTrustedDomain' consistant with lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle Implement LSA server logic to create the cn=users trust account for incoming trusts. Andrew Bartlett (This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
2008-09-04More work to implement LSA CreateTrustedDomainEx2Andrew Bartlett1-3/+37
We still don't get the format inside the encrypted blob correct however. Andrew Bartlett (This used to be commit 99a3abda09716c064b3e9a37c4a79a8f62444eca)
2008-09-02Start testing CreateTrustedDomainEx2Andrew Bartlett1-1/+108
Andrew Bartlett (This used to be commit 91ae8dca254aa8c032daf0c87fa2a47760d32586)
2008-09-01Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.Andrew Bartlett1-3/+18
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
2008-08-26More LSA server and testuite work.Andrew Bartlett1-7/+25
- Implement QueryDomainInformationPolicy in Samba4 - Allow RPC-LSA to pass against Windows 2008 (which does not allow the Audit privilage to be removed) Andrew Bartlett (This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137)
2008-08-26Make RPC-LSA test deterministic with an msleep(200).Andrew Bartlett1-5/+8
(This used to be commit 914e1865aa9fba417f74a3abdd8b4b2659feb001)
2008-08-26Update RPC-LSA to (almost) pass against Windows 2008.Andrew Bartlett1-45/+61
(This used to be commit a17cb558c23142e522de3ed56d65c7694477395f)
2008-07-31Don't fail if the domain has a trust already.Andrew Bartlett1-1/+6
Andrew Bartlett (This used to be commit c2df7ffa6d67dd9381d10397c679746547cd5e17)
2008-07-21Remove bogus test in 'enum trusted domains' LSA server.Andrew Bartlett1-0/+40
The change to the RPC-LSA test proves that when the remote server has 0 trusted domains, it will return NT_STATUS_NO_MORE_ENTRIES, not NT_STATUS_OK. Andrew Bartlett (This used to be commit 40a55b34c2ce75267cf004dc4cfb8153c061e66b)
2008-06-14Make up the right dependencies now that ldb depends on libeventsSimo Sorce1-1/+1
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
2008-03-14Check for Administrator as a Alias (copy&paste bug)Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit e7afb31df1f12a3cd39ed9b95d76edc6ff0d6a70)
2007-12-21r26354: In trying to chase down why we have reports that WinXP won't joinAndrew Bartlett1-11/+87
Samba4, rule out incorrect sid types in LSA LookupName returns. Also fix the test to pass against Win2k3 Native mode. Andrew Bartlett (This used to be commit ca89dff45c62fab7092868c5b588326de5a4b197)
2007-12-21r26250: Avoid global_loadparm in a couple more places.Jelmer Vernooij1-52/+46
(This used to be commit 2c6b755309fdf685cd0b0564272bf83038574a43)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-229/+229
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r25430: Add the loadparm context to all parametric options.Jelmer Vernooij1-6/+6
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
2007-10-10r25194: A major rework of the Samba4 LSA LookupNames and LookupSids code, withAndrew Bartlett1-35/+183
a new torture suite to match. This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de> Previously we had no knowlege of BUILTIN or well-known names. This code needs expansion to check with winbind for trusted domains. Andrew Bartlett (This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
2007-10-10r25035: Fix some more warnings, use service pointer rather than service ↵Jelmer Vernooij1-5/+5
number in more places. (This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r24735: Use torture API in more places.Jelmer Vernooij1-5/+3
(This used to be commit 1319d88c099496be29dd9214fa2492c81e848369)
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-2/+2
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23383: Query transitive forest trust info in LSA torture test once we see ↵Günther Deschner1-0/+66
such trusts. Guenther (This used to be commit eaa17d5a8ff25ff96b3b6b71dab0effbeeb9b683)
2007-10-10r22944: fix bug #4618:Stefan Metzmacher1-2/+2
rename private -> private_data metze (This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2)
2007-10-10r22116: Only query by SID if we have a SIDAndrew Bartlett1-24/+23
Andrew Bartlett (This used to be commit 018939a8fd224f5aa404f08ec94ac49a7b43d7ec)
2007-10-10r19392: Use torture_setting_* rather than lp_parm_* where possible.Jelmer Vernooij1-4/+4
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
2007-10-10r18971: avoid strndup is a few places. Fixes a minor memory leak, and shouldAndrew Tridgell1-5/+10
fix RPC-LSA on AIX. (This used to be commit 6cce709d08579f4e00b44b692332a557b0ea3b86)
2007-10-10r18408: Only output a message if the async request fails.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 1ea6b600f42d3ccfb75da98f2013928fda524450)
2007-10-10r18358: handle errors in the RPC-LSA async testAndrew Tridgell1-6/+8
(This used to be commit d46c3be9f9db6666be52b5584b0210da925106d1)
2007-10-10r18356: doing 1000 of these requests can take over an hour underAndrew Tridgell1-11/+12
valgrind. Reduce to 50, which is plenty for testing the code (This used to be commit 911c8e1c73bf3953591755ecb4c50f5644fc9c18)
2007-10-10r17956: LSA Cleanup!Andrew Bartlett1-14/+96
This commit cleans up a number of aspects of the LSA interface. Firstly, we do 2 simple searches on opening the LSA policy, to obtain the basic information we need. This also avoids us searching for dnsDomain (an invented attribute). While I was at it, I added and tested new LSA calls, including the enumTrustedDomainsEx call. I have also merged the identical structures lsa_DomainInformation and lsa_DomainList. Also in this commit: Fix netlogon use of uninitialised variables. Andrew Bartlett (This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa)
2007-10-10r16827: Factor out some code into common samdb functions:Andrew Bartlett1-6/+31
- creation of ForeignSecurityPrincipals - template duplication code Rework much of the LSA server to pass the RPC-LSA test. Much of the server code was untested. In implementing the LSA Accounts feature, I have opted to have it only create entires when privilages are applied, and not to delete entries, but to delete the privilages. We skip some parts of the test, but it is much better than not testing it at all. Andrew Bartlett (This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
2007-10-10r16741: add a RPC-LSA-GETUSER test,Stefan Metzmacher1-9/+31
which is very useful for analysing a windows machine remotely with this I found that vista-beta2 doesn't have an 'administrator' account and mapps any not known user to MACHINENAME\Guest metze (This used to be commit 97ae93627527f65b6ecded9884a26d4cffa1409d)
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r14720: Add torture_context argument to all torture testsJelmer Vernooij1-1/+1
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14379: Build torture/rpc/ as a seperate smbtorture module. Move helperJelmer Vernooij1-2/+2
functions for rpc out of torture/torture.c (This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+2
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13004: fix compiler warningsStefan Metzmacher1-4/+4
metze (This used to be commit 833efdf8a943b210ba8e5b219dc754260001bedb)
2007-10-10r12693: Move core data structures out of smb.h into core.hJelmer Vernooij1-0/+1
torture prototypes in seperate header (This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
2007-10-10r12636: fixed some torture code for the changed lsa string typesAndrew Tridgell1-4/+4
(This used to be commit ce77c0e8bf4127027edd6291d2ae5d868e3372a1)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-5/+1
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r11473: Based on work by Jelmer, implement the [async] flag for rpc ↵Volker Lendecke1-3/+84
requests. If it's not there (it's not yet on *any* call... :-)), the rpc client strictly sequences calls to an rpc pipe. Might need some more work on the exact sequencing semantics when a pipe with both sync and async calls is actually deployed, but I want it in for winbind simplification. Volker (This used to be commit b8f324e4f000971b7dafc263c16dd4af958ee7f9)
2007-10-10r11405: Ensure we can never have secret4 be uninitialised. Found afterAndrew Bartlett1-3/+5
volker's urging on the use of -O1. Andrew Bartlett (This used to be commit 6a7bb391ba62a4f90f57aa76c5dcc0d35fca54a4)
2007-10-10r11287: Understand the new behaviour of the LSA pipe on ncacn_ip_tcp in ↵Andrew Bartlett1-74/+178
Win2k3 SP1. Only a few operations are supported (LookupSids3 and LookupNames4), and these are only supported under schannel. This appears to be the operations Win2k3 SP1 uses to verify part of the PAC back to the server. The test is setup to pass, but not enforce (so far) this new behaviour. Andrew Bartlett (This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
2007-10-10r9888: add IDL for lsa_QueryDomainInformationPolicy to query Kerberos Settings.Günther Deschner1-0/+33
Guenther (This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
2007-10-10r7685: Simply the test for session key logic, so we pass against NT4.Andrew Bartlett1-34/+0
Now, to try and figure out why this logic failed for jra... Andrew Bartlett (This used to be commit a32066a9ecf7cd82f66eb8381e07d014f5ac5eff)
2007-10-10r7684: Add a test aimed at checking we have agreement between client andAndrew Bartlett1-0/+34
server as to the CIFS session key. JRA had pain with this being wrong against NT4 (without spnego), hence this specific test. Andrew Bartlett (This used to be commit 47f433708ba38db9bf569567cc048e65f2786ebe)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-3/+3
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)