Age | Commit message (Collapse) | Author | Files | Lines |
|
for NT4 DC's in mixed mode domains.
This call is triggered by tranferring the PDC FSMO Role to another DC
the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl
metze
(This used to be commit d883815c8d64429e4dac26a93a15e67d31dc263e)
|
|
metze
(This used to be commit 58066e2252001b7689705d296a16438733cfdfc4)
|
|
don't need the union with the attribute id as switch anymore
metze
(This used to be commit d47c81923d0731edd314215c6f0b2eb3d1ee252d)
|
|
Andrew Bartlett
(This used to be commit a7c83eb7b8e000c51790a9eae67c59c04a4a877c)
|
|
Try to pass more of the CrackNames test. Make the test quieter.
Andrew Bartlett
(This used to be commit a6bbfebf52f53f99b0edf52d3c23b72785b97469)
|
|
Andrew Bartlett
(This used to be commit 4bd8dbcf41f04be28e2f5d6e15a22f08ba80b948)
|
|
of all active connections to the Directory Service Agent (DSA)
(This can be LDAP or DRSUAPI connections)
abartlet: you had just luck by using flag(BIG_ENDIAN) as BIG_ENDIAN is
defined in <endian.h>, it should be flag(NDR_BIG_ENDIAN)...
metze
(This used to be commit c7e639763de1f8ddccfb954227feeaddb7386edc)
|
|
usual things are more complex than they appear.
Also remove the incorrect server-side implementation, which blindly
assumed some sense of consistancy across the API switch levels.
Andrew Bartlett
(This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
test against my win2k3 domain. I have a child domain, and as such the
BUILTIN domain SID appears multiple times in the tree, and is
therefore not unique.
Andrew Bartlett
(This used to be commit 41e42843be783dd88785ba8d3a9bccacc68053a8)
|
|
(This used to be commit 115ed29fd8fcfd0ad3ebbabbe01fbc6259ce84bc)
|
|
transferred
in replication replies, but I don't know the exact encoding.
for example the oids are transferred as:
2.5.4 => uint8_t v[] = { 0x55, 0x04 };
2.5.5 => uint8_t v[] = { 0x55, 0x05 };
2.5.6 => uint8_t v[] = { 0x55, 0x06 };
2.5.18 => uint8_t v[] = { 0x55, 0x12 };
2.5.20 => uint8_t v[] = { 0x55, 0x14 };
2.5.21 => uint8_t v[] = { 0x55, 0x15 };
1.2.840.113556.1.2 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x02 };
1.2.840.113556.1.3 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x03 };
1.2.840.113556.1.4 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x04 };
1.2.840.113556.1.5 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05 };
1.2.840.113556.1.5.7000 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05, 0xb6, 0x58 };
1.2.840.113549.1.9 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09 };
2.16.840.1.113730.3 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03 };
2.16.840.1.113730.3.1 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x01 };
2.16.840.1.113730.3.2 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x02 };
0.9.2342.19200300.100.1 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01 };
0.9.2342.19200300.100.4 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04 };
1.3.6.1.4.1.250.1 => uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x7a, 0x01 };
1.3.6.1.4.1.1466.101.119=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x65, 0x77 };
if someone knows how the encoding works, please tell me:-)
I assume some ASN.1 encoding...
metze
(This used to be commit aa720a15319392fee5c532959192d0df5bf4c718)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
metze
(This used to be commit d2d9842914bb049189f9349ff96b32c088cd02a8)
|
|
Here is a patch that adds a torture:dc_binding parametric option to
torture_create_testuser in testjoin.c. This patch is used in OpenChange
torture tests when the AD is different from the Exchange Server. This generic
option could also be used for later 'member server' tests in Samba4.
metze
(This used to be commit 9ddabfc60e1a4f5e471991253141ce458c9a683d)
|
|
particular to verify more expected results.
Also return more details from the join process. Now we also return
the machine account's GUID.
Andrew Bartlett
(This used to be commit 5b32f102af1fc7acb56bf7eaa40068d60a1ee396)
|
|
metze
(This used to be commit 314308c0bf8eeb168d59dab2a867e6bf5f51266b)
|
|
this wasn't noticed because on the 1st dc in the forest both have the
same value
metze
(This used to be commit 527bd9a0a361e19606e25e885b92da316e740bf9)
|
|
of the join account
metze
(This used to be commit 45da80888f18f0fe10d1aeb9089a695125b184e1)
|
|
metze
(This used to be commit 73f7e2d5b3b3ae767644b96ff9783642aac153d0)
|
|
metze
(This used to be commit da6415363b2694961a59385437d34d16a932e77b)
|
|
metze
(This used to be commit c5efd061c5457fb4d344daa2e40dada9c0c37e79)
|
|
metze
(This used to be commit a3202714a34d49af30435dc3d2935e053e141853)
|
|
metze
(This used to be commit f2db31f41dc1727375a560fdc6eaad2c037bf5da)
|
|
metze
(This used to be commit cd534dc93646a5981c4d2f0bc27ba9d3259024eb)
|
|
metze
(This used to be commit 757ed019c219fd215cae23d80281d0b221e495e1)
|
|
metze
(This used to be commit 500113ca5756933de15537b44ccc834ea32307b3)
|
|
metze
(This used to be commit ce671ff6c13e71c5b54ba8f14d81af45a3e796a9)
|
|
Infrastructure fSMORoleOwner
metze
(This used to be commit adbff0d696237efac27f260c115678169b8646d8)
|
|
metze
(This used to be commit 2e355f84888ebea1376151bcba4013980da08c15)
|
|
the strange thing is the DsGetNCChanges() calls are on their on DRSUAPI
connection, but use a bind_handle (policy handle from another connection)
metze
(This used to be commit a9c7d6e7f353e85234b93f26973969b157b1e7f1)
|
|
metze
(This used to be commit 88818b3c0822cfb71b08c8f06c48443b26116a07)
|
|
metze
(This used to be commit 09b492c450596b18a12cefa99c56f62504a519d7)
|
|
metze
(This used to be commit 3e6264d872e4fc39a8e0712293492ad413345de9)
|
|
workstation
and dc credentials
I noticed w2k3 has gets NT_STATUS_LOGON_FAILURE after a it has joined a samba4 domain
metze
(This used to be commit 5da2762b620139f9c332d78abfc084f333538ab8)
|
|
(This used to be commit 92b8bde561277a6b83048ce003cc29ff1b380255)
|
|
(This used to be commit 48e6df59444a78dc268b84c5f94787de09d41908)
|
|
(This used to be commit 0221d5b6c4250a3a2c86c623c534996d7decb1f6)
|
|
(This used to be commit 38067c1adf0f9c3974302a8481e23b6a63eb6d42)
|
|
(This used to be commit bd48f78b1d6dba73e44630ad930fd6089d2076b2)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
choosing an existing DC.
Allow to skip some tests under Samba4.
Andrew Bartlett
(This used to be commit 705fbae325267fd0ed11f463f954f8e45802d6d5)
|
|
- use the client_site when creating the server object
metze
(This used to be commit b02d0e1be343c7d609715237dc842702b6fbe231)
|
|
to the ildap backend
metze
(This used to be commit a996d2633600d32b2c2c04edebd0b901c627f00b)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
(This used to be commit ea1e4685d914c09d615bb7c4a5678b5de00da5f4)
|
|
libraries
works again now, by specifying --enable-dso to configure.
(This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
|
|
smb_composite_sesssetup() doesn't set session->vuid any more...
(I changed that yesterday, because it was inconsistently only done
for spnego session setups, as it was needed internaly for the 2nd
session setup call, but know session->vuid is only touched (reset to 0)
for the wrong password case)
metze
(This used to be commit bf2a7dd2180c9a025b99b87831960827baf75f16)
|
|
Andrew Bartlett
(This used to be commit 12765db714de9e0fed61e6616b3671d525ee3bef)
|
|
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
|