| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
convenience API to create an anonymous credential. Don't clobber
cmdline_credentials in the UNIX-WHOAMI test.
(This used to be commit 73cea4e0c66f57057ed12b07bbb94b4e783ba6bf)
|
|
assoc_groups are shared between idl-interfaces and connections.
But you can't close a samr policy handle on a lsa pipe.
add RPC-HANDLES-RANDOM-ASSOC test, which shows that
you can't bind with an invalid assoc_group_id
metze
(This used to be commit 26b0e03a776fbac4e93fef585dcfec5962f40387)
|
|
policy handles can be shared between connections
metze
(This used to be commit 874cb393666b950b379d07e6af5bcf41f2bf4746)
|
|
are not shared between connections. It tests three types of policy
handles, on lsa, samr and drsuapi. You need to run on ncacn_ip_tcp
with seal for drsuapi.
Metze, can you have a look and see how this tallies with what you've
seen?
(This used to be commit c1f41ac045f6023da06c3dbd0a37f39edd8a62f8)
|
|
using the pattern in the clilsa code, it didn't fill in the p->binding
structure. This affects nearly all users of dcerpc_pipe_open_smb(), so
the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises
the binding if its not already there.
- re-enable the RAW-ACLS test
(This used to be commit d8875c286d2be49c01703d8fd58bbc1842054bd9)
|
|
RPC-CRACKNAMES test.
Andrew Bartlett
(This used to be commit 7773f23e89340c459a0028a4c36b869d95ed8eb1)
|
|
always bring it back if we need to. This code was getting in the way while
refactoring.
Add some tests for TDR.
Get rid of typedef in lib/registry/tdr_regf.idl and fix the
TDR code to be able to deal with it.
(This used to be commit 1ad0f99a439f0d52a735b391bf9900d50171aca5)
|
|
Samba3's IDL.
(This used to be commit 15a4b81ba0b5eeb25126a0b1a7bea7d3bf921ab2)
|
|
metze
(This used to be commit 66c8499e5f2f139995be8cb5770d238f383059d6)
|
|
in files for inspection with ndrdump
metze
(This used to be commit 54748ef5860ee59b5f84855965c84aa8787fb4b6)
|
|
metze
(This used to be commit 922cfacde4dcf27829040e12c7fae083bd5b44c2)
|
|
checksum over the remaining bytes
metze
(This used to be commit c9fe6a867c7e23a60e0f9200b04c31e48ccc11a2)
|
|
I wonder what the first 4 bytes are, but the last 16 bytes of the 20 bytes
are the rid crypted hash. The lmhash and the history fields are not verified
yet. But I get the administrators nthash in plain.
metze
(This used to be commit 7726d4a0272b29a4eade26c9ae3d929df50897da)
|
|
successful!!!!!!!!!!!!!!!!!!!!!!!!!!
we now support the session depended password attribute encryption
used in DsGetNCChanges()
the static encryption (something like sam_rid_crypt() is assumed for some attributes
and the format of the attribute values isn't known yet, but some contain
some unicode strings...
metze
(This used to be commit daee739ebba38e54fbdbd7e53d16fd30bc0dd54e)
|
|
I was wondering why I got allways 4 times the same decrypted buffer...
metze
(This used to be commit ba168479d5c5710de4252d9b8970ab41b7979411)
|
|
to solve the drsuapi password encryption automaticly.
metze
(This used to be commit 7b331b95bf43384e571ecc88ac827f46acd8c20c)
|
|
metze
(This used to be commit 65a55c8fdecbc212ba2fc2a01c580f30dcc7b54a)
|
|
nthash
values for each drsuapi connection in RPC-DSSYNC
metze
(This used to be commit df74c4a88108bd4387d9be4f64619c46c23493e6)
|
|
metze
(This used to be commit 29c44957a0ea16af3e5e3717d2cb0c9180d394c2)
|
|
please test patches, even if they look trivial!
(This used to be commit 8134a628f06f0df2ee94612854e0fb3e2efc2eb8)
|
|
Trivial patch from "Lunar Child <luch@etersoft.ru>"
(This used to be commit 1b75a9ff2d7f91f13fbdfd136b40eca14867bf6f)
|
|
(This used to be commit 38b688fd15a9103e5ef5c86e01b594169d6b6b9c)
|
|
Andrew Bartlett
(This used to be commit 5e907ae795b49d6c120ddedee3ba6d11c06bfab4)
|
|
(This used to be commit 1c562d9f8311c4038fcff067ac6bb8364b606573)
|
|
(This used to be commit 3cc299dbbe278936281f8e7071e6de8ec1bb219c)
|
|
(This used to be commit 2ba225ee12180d40a957e4e9a824a544c803a265)
|
|
(This used to be commit 1afcf850679b6752935455a8f9198679649922b8)
|
|
for NT4 DC's in mixed mode domains.
This call is triggered by tranferring the PDC FSMO Role to another DC
the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl
metze
(This used to be commit d883815c8d64429e4dac26a93a15e67d31dc263e)
|
|
metze
(This used to be commit 58066e2252001b7689705d296a16438733cfdfc4)
|
|
don't need the union with the attribute id as switch anymore
metze
(This used to be commit d47c81923d0731edd314215c6f0b2eb3d1ee252d)
|
|
Andrew Bartlett
(This used to be commit a7c83eb7b8e000c51790a9eae67c59c04a4a877c)
|
|
Try to pass more of the CrackNames test. Make the test quieter.
Andrew Bartlett
(This used to be commit a6bbfebf52f53f99b0edf52d3c23b72785b97469)
|
|
Andrew Bartlett
(This used to be commit 4bd8dbcf41f04be28e2f5d6e15a22f08ba80b948)
|
|
of all active connections to the Directory Service Agent (DSA)
(This can be LDAP or DRSUAPI connections)
abartlet: you had just luck by using flag(BIG_ENDIAN) as BIG_ENDIAN is
defined in <endian.h>, it should be flag(NDR_BIG_ENDIAN)...
metze
(This used to be commit c7e639763de1f8ddccfb954227feeaddb7386edc)
|
|
usual things are more complex than they appear.
Also remove the incorrect server-side implementation, which blindly
assumed some sense of consistancy across the API switch levels.
Andrew Bartlett
(This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
test against my win2k3 domain. I have a child domain, and as such the
BUILTIN domain SID appears multiple times in the tree, and is
therefore not unique.
Andrew Bartlett
(This used to be commit 41e42843be783dd88785ba8d3a9bccacc68053a8)
|
|
(This used to be commit 115ed29fd8fcfd0ad3ebbabbe01fbc6259ce84bc)
|
|
transferred
in replication replies, but I don't know the exact encoding.
for example the oids are transferred as:
2.5.4 => uint8_t v[] = { 0x55, 0x04 };
2.5.5 => uint8_t v[] = { 0x55, 0x05 };
2.5.6 => uint8_t v[] = { 0x55, 0x06 };
2.5.18 => uint8_t v[] = { 0x55, 0x12 };
2.5.20 => uint8_t v[] = { 0x55, 0x14 };
2.5.21 => uint8_t v[] = { 0x55, 0x15 };
1.2.840.113556.1.2 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x02 };
1.2.840.113556.1.3 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x03 };
1.2.840.113556.1.4 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x04 };
1.2.840.113556.1.5 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05 };
1.2.840.113556.1.5.7000 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05, 0xb6, 0x58 };
1.2.840.113549.1.9 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09 };
2.16.840.1.113730.3 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03 };
2.16.840.1.113730.3.1 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x01 };
2.16.840.1.113730.3.2 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x02 };
0.9.2342.19200300.100.1 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01 };
0.9.2342.19200300.100.4 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04 };
1.3.6.1.4.1.250.1 => uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x7a, 0x01 };
1.3.6.1.4.1.1466.101.119=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x65, 0x77 };
if someone knows how the encoding works, please tell me:-)
I assume some ASN.1 encoding...
metze
(This used to be commit aa720a15319392fee5c532959192d0df5bf4c718)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
metze
(This used to be commit d2d9842914bb049189f9349ff96b32c088cd02a8)
|
|
Here is a patch that adds a torture:dc_binding parametric option to
torture_create_testuser in testjoin.c. This patch is used in OpenChange
torture tests when the AD is different from the Exchange Server. This generic
option could also be used for later 'member server' tests in Samba4.
metze
(This used to be commit 9ddabfc60e1a4f5e471991253141ce458c9a683d)
|
|
particular to verify more expected results.
Also return more details from the join process. Now we also return
the machine account's GUID.
Andrew Bartlett
(This used to be commit 5b32f102af1fc7acb56bf7eaa40068d60a1ee396)
|
|
metze
(This used to be commit 314308c0bf8eeb168d59dab2a867e6bf5f51266b)
|
|
this wasn't noticed because on the 1st dc in the forest both have the
same value
metze
(This used to be commit 527bd9a0a361e19606e25e885b92da316e740bf9)
|
|
of the join account
metze
(This used to be commit 45da80888f18f0fe10d1aeb9089a695125b184e1)
|
|
metze
(This used to be commit 73f7e2d5b3b3ae767644b96ff9783642aac153d0)
|
|
metze
(This used to be commit da6415363b2694961a59385437d34d16a932e77b)
|
|
metze
(This used to be commit c5efd061c5457fb4d344daa2e40dada9c0c37e79)
|
|
metze
(This used to be commit a3202714a34d49af30435dc3d2935e053e141853)
|
