Age | Commit message (Collapse) | Author | Files | Lines |
|
Andrew Bartlett
(This used to be commit 8844f4796c76c103ce4eaff477c615e74c655e68)
|
|
to prove it is correct.
This should fix bug #4824: User Manager for Domains - Account Expires.
Thanks!
Andrew Bartlett
(This used to be commit e5f0744d627ccfcc2e301fc38d139742f0ea5934)
|
|
machine accounts are not subject to password policy in Win2k3 R2 (at
least in terms of password quality).
In testing this, I found that Win2k3 R2 has changed the way the old
ChangePassword RPC call is handled - the 'cross-checks' between new LM
and NT passwords are not required.
Andrew Bartlett
(This used to be commit 417ea885b41cc097a0bb3a10ffbffb31f234f25d)
|
|
metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
|
|
create the user in the first place.
Andrew Bartlett
(This used to be commit db0f81734d39b228dbfcf53b911edf83a2a2fd8c)
|
|
Andrew Bartlett
(This used to be commit 3e332ff77120003da2a23df8e0d30a330847f0f1)
|
|
SAMR. This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.
As noted in bug #4829.
Andrew Bartlett
(This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
|
|
Any SAMR client (usrmgr.exe in this case) that attempted to set a
property to a zero length string found instead the the old value was
kept.
In fixing this, rework the macros to be cleaner (add the
always-present .string) to every macro, and remove the use of the
samdb_modify() and samdb_replace() wrappers where possible.
Andrew Bartlett
(This used to be commit b05fe693047c09b85c7fc0e1ea8d931c99910375)
|
|
Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by mwallnoefer@yahoo.de.
Andrew Bartlett
(This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
|
|
- The icons in usermgr were incorrect, because the acct_flags were
not filled in (due to missing attribute in ldb query)
- The Full name was missing, and the description used as the full
name (due to missing attributes in ldb query and incorrect IDL)
To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.
This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...
Getting this right is important, because Samba3's RPC winbind methods
uses these queries.
Andrew Bartlett
(This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
wants to check for an existing domain join account, and fails. This
test shows that we need to return NT_STATUS_NONE_MAPPED when nothing
matches. (not yet tested if this helps vista).
Andrew Bartlett
(This used to be commit 7f3671bf11cab36a5c795d7db86f85081b73bc71)
|
|
Andrew
(This used to be commit c1ee06703ac09708a8ff10a641b593362f1bd309)
|
|
Don't just exit the test with 'return True', actually process the result.
Turn off password complexity checking for the password length test.
Andrew Bartlett
(This used to be commit 1a7635baa701c6268eebd84dd0dc187379c44e6e)
|
|
Andrew Bartlett
(This used to be commit 33cfe1ca221de9ef9dec264772fb299125c39447)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
(This used to be commit 38067c1adf0f9c3974302a8481e23b6a63eb6d42)
|
|
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
|
|
rafal
(This used to be commit 732c22071e78f16fd0731635ca4b3e093d49078a)
|
|
rafal
(This used to be commit 4dfd1d50274bc1ff539782e9bfdb2b7b20275d06)
|
|
Thanks Herb for finding this:-)
This was my bug, I typed it in on gd's laptop and he just run 'svn ci'
metze
(This used to be commit 3c08e29f4fdde586084bdcf1b36eaf92ae944750)
|
|
interesting new password set tests), make sure to send valid characters.
Guenther
(This used to be commit f193c5347cf5ef019becbc98965b83c6b249483c)
|
|
Thanks metze.
Guenther
(This used to be commit ea313d55655626cd4c8058cf5e89c0baa1cdcd6d)
|
|
Guenther
(This used to be commit 8f9ab07e78a3c89085754c9f6447c2b56292980c)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
to be created as foreign, even if they are in a local domain.
Also we do need the user to exist for the life of the test, as we add
it to a group.
Andrew Bartlett
(This used to be commit ae470ff7014e52b55d88e9fe12e2322e069daf9d)
|
|
of this test.
Andrew Bartlett
(This used to be commit b4d75f01d9cb2d1c9d5facfd5eb39c8a062886d4)
|
|
I still need to figure out what causes the rest to fail...
Andrew Bartlett
(This used to be commit aa34bd46cb1446b9fb6fd8f1b8ffca5f81b3c052)
|
|
in RPC-SAMR test.
Andrew Bartlett
(This used to be commit 08ec74d620ffe613655f28d002e60ca8201fadd9)
|
|
still a couple of unimplemented functions, but this is far better than
not testing this at all. In particular, this exercises the
password_hash module.
Specific changes:
- Add support for SetDomainInfo
- Add many more info levels to QueryDomainInfo
- Set a domain comment in RPC-SAMR, and verify it is kept
- Refactor QueryUserInfo not to always serach for all attributes
- Add QueryDiplayInfo3 and QueryDomainInfo2 as aliased calls
- Make OemChangePassword2 search under the samdb_base_dn(), so it
finds the user when partitions are active.
- Skip SetSecurity, DisplayIndex, MemberAttributesOfGroup and
'Multiple' alias operations in RPC-SAMR for Samba4
- Add RPC-SAMR as a 'slow' RPC test (it is quite slow)
Andrew Bartlett
(This used to be commit 01d25c9d6ca8d036d40040e5ee87a330e5b84d55)
|
|
skipping some checks.
These should be removed, and the code fixed, but currently we are
loosing quality because the test isn't run by default.
Andrew Bartlett
(This used to be commit 1306f60c97562a71ae15f0ab257ddcd5e0af36d4)
|
|
test suite tree, looks a bit more like other unit testing API's,
fixes some memory responsibility issues, introduces testcases,
and removes the need for tests to call torture_ok().
(This used to be commit 0445b1a56a02552f895f400960b9ced39244a144)
|
|
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
|
|
ldb module to handle which flags can be set under what circumstances.
Andrew Bartlett
(This used to be commit 1d1ff501f2d2b952a4dd80c374c857be0456173c)
|
|
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
|
|
functions for rpc out of torture/torture.c
(This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
sure about.
This finds a new ACB_PW_EXPIRED attribute.
Andrew Bartlett
(This used to be commit 54caf949425cb9a3437bd7051930384167b5e07d)
|
|
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
|
|
torture prototypes in seperate header
(This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
|
|
(This used to be commit ce77c0e8bf4127027edd6291d2ae5d868e3372a1)
|
|
dcerpc_interface_table struct rather then a tuple of interface
name, UUID and version.
This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).
This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.
I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
|
|
password age), and test for the incorrect password error case.
Andrew Bartlett
(This used to be commit 85b7e3c493c65a9e1ea88325cbeaeb9bffceb9e2)
|
|
really as simple as it looks.
Andrew Bartlett
(This used to be commit a7e4062547470620b5b69dc295d5ac7dcec93116)
|
|
(This used to be commit f177c223e6b881a65ed49ceacf9106e42d2a7d0a)
|