Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
Make 'lsar_CreateTrustedDomain' consistant with
lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle
Implement LSA server logic to create the cn=users trust account for
incoming trusts.
Andrew Bartlett
(This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
|
|
We still don't get the format inside the encrypted blob correct
however.
Andrew Bartlett
(This used to be commit 99a3abda09716c064b3e9a37c4a79a8f62444eca)
|
|
Andrew Bartlett
(This used to be commit 91ae8dca254aa8c032daf0c87fa2a47760d32586)
|
|
Also check we get the defaults correct with a query in the torture
suite.
Andrew Bartlett
(This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
|
|
- Implement QueryDomainInformationPolicy in Samba4
- Allow RPC-LSA to pass against Windows 2008 (which does not allow
the Audit privilage to be removed)
Andrew Bartlett
(This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137)
|
|
(This used to be commit 914e1865aa9fba417f74a3abdd8b4b2659feb001)
|
|
(This used to be commit a17cb558c23142e522de3ed56d65c7694477395f)
|
|
Andrew Bartlett
(This used to be commit c2df7ffa6d67dd9381d10397c679746547cd5e17)
|
|
The change to the RPC-LSA test proves that when the remote server has
0 trusted domains, it will return NT_STATUS_NO_MORE_ENTRIES, not
NT_STATUS_OK.
Andrew Bartlett
(This used to be commit 40a55b34c2ce75267cf004dc4cfb8153c061e66b)
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|
|
Andrew Bartlett
(This used to be commit e7afb31df1f12a3cd39ed9b95d76edc6ff0d6a70)
|
|
Samba4, rule out incorrect sid types in LSA LookupName returns.
Also fix the test to pass against Win2k3 Native mode.
Andrew Bartlett
(This used to be commit ca89dff45c62fab7092868c5b588326de5a4b197)
|
|
(This used to be commit 2c6b755309fdf685cd0b0564272bf83038574a43)
|
|
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
a new torture suite to match.
This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de>
Previously we had no knowlege of BUILTIN or well-known names.
This code needs expansion to check with winbind for trusted domains.
Andrew Bartlett
(This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
(This used to be commit 1319d88c099496be29dd9214fa2492c81e848369)
|
|
metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
such trusts.
Guenther
(This used to be commit eaa17d5a8ff25ff96b3b6b71dab0effbeeb9b683)
|
|
rename private -> private_data
metze
(This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2)
|
|
Andrew Bartlett
(This used to be commit 018939a8fd224f5aa404f08ec94ac49a7b43d7ec)
|
|
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
|
|
fix RPC-LSA on AIX.
(This used to be commit 6cce709d08579f4e00b44b692332a557b0ea3b86)
|
|
Andrew Bartlett
(This used to be commit 1ea6b600f42d3ccfb75da98f2013928fda524450)
|
|
(This used to be commit d46c3be9f9db6666be52b5584b0210da925106d1)
|
|
valgrind. Reduce to 50, which is plenty for testing the code
(This used to be commit 911c8e1c73bf3953591755ecb4c50f5644fc9c18)
|
|
This commit cleans up a number of aspects of the LSA interface.
Firstly, we do 2 simple searches on opening the LSA policy, to obtain
the basic information we need. This also avoids us searching for
dnsDomain (an invented attribute).
While I was at it, I added and tested new LSA calls, including the
enumTrustedDomainsEx call. I have also merged the identical structures
lsa_DomainInformation and lsa_DomainList.
Also in this commit: Fix netlogon use of uninitialised variables.
Andrew Bartlett
(This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa)
|
|
- creation of ForeignSecurityPrincipals
- template duplication code
Rework much of the LSA server to pass the RPC-LSA test. Much of the
server code was untested. In implementing the LSA Accounts feature, I
have opted to have it only create entires when privilages are applied,
and not to delete entries, but to delete the privilages.
We skip some parts of the test, but it is much better than not testing
it at all.
Andrew Bartlett
(This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
|
|
which is very useful for analysing a windows machine remotely
with this I found that vista-beta2 doesn't have an 'administrator' account
and mapps any not known user to MACHINENAME\Guest
metze
(This used to be commit 97ae93627527f65b6ecded9884a26d4cffa1409d)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
|
|
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
|
|
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
|
|
functions for rpc out of torture/torture.c
(This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
metze
(This used to be commit 833efdf8a943b210ba8e5b219dc754260001bedb)
|
|
torture prototypes in seperate header
(This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
|
|
(This used to be commit ce77c0e8bf4127027edd6291d2ae5d868e3372a1)
|
|
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
|
|
requests. If it's
not there (it's not yet on *any* call... :-)), the rpc client strictly
sequences calls to an rpc pipe. Might need some more work on the exact
sequencing semantics when a pipe with both sync and async calls is actually
deployed, but I want it in for winbind simplification.
Volker
(This used to be commit b8f324e4f000971b7dafc263c16dd4af958ee7f9)
|
|
volker's urging on the use of -O1.
Andrew Bartlett
(This used to be commit 6a7bb391ba62a4f90f57aa76c5dcc0d35fca54a4)
|
|
Win2k3 SP1.
Only a few operations are supported (LookupSids3 and LookupNames4),
and these are only supported under schannel. This appears to be the
operations Win2k3 SP1 uses to verify part of the PAC back to the
server.
The test is setup to pass, but not enforce (so far) this new
behaviour.
Andrew Bartlett
(This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
|
|
Guenther
(This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
|