summaryrefslogtreecommitdiff
path: root/source4/winbind/wb_init_domain.c
AgeCommit message (Collapse)AuthorFilesLines
2011-12-14s4-librpc: Fix NETLOGON credential chain with Windows 2008.Andreas Schneider1-2/+2
Windows Server 2008 returns NT_STATUS_DOWNGRADE_DETECTED if you call netrServerAuthenticate2 during a domain join without setting the strong keys flag (128bit crypto). Only for NT4 we need to do a downgrade to the returned negotiate flags. See also 0970369ca0cb9ae465cff40e5c75739824daf1d0.
2011-06-22s4:winbind/wb_init_domain: use DCERPC_SCHANNEL_128 in order to work against ↵Stefan Metzmacher1-1/+1
w2k8r2 metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 22 19:40:47 CEST 2011 on sn-devel-104
2010-09-15s4-winbind: use finddcs_cldap() in winbindAndrew Tridgell1-10/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-4/+4
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-03-12s4:winbind/wb_init_domain.c: make use of use tevent_req based ↵Stefan Metzmacher1-18/+25
dcerpc_binding_handle stubs metze
2010-03-01s4:winbind: make use of explicit dcerpc_*_recv functionsStefan Metzmacher1-2/+2
metze
2009-10-20s4: ran minimal_includes.pl on source4/winbindAndrew Tridgell1-5/+0
2009-08-07fixed another ambiguous talloc callAndrew Tridgell1-3/+3
During the creation of the 3 RPC pipes in winbind we try to steal the RPC binding structure to be a child of the pipe once the pipe is established. This fails with a talloc warning as the rpc connection code already holds a reference to the binding. The fix is to use talloc_reparent() instead.
2009-01-06s4 winbind: Silence a "discards const" warningKai Blin1-1/+3
2009-01-02Revert "s4 winbind: Copy SID to avoid "discard const" warning"Stefan Metzmacher1-2/+1
This reverts commit 102028ec722d942d7f91eb92e8da4f1480d140d1. state->ctx is the composite_context, which is a temporary context! metze
2008-12-29s4 winbind: Copy SID to avoid "discard const" warningKai Blin1-1/+2
2008-12-23Fix more compiler warnings in various places.Jelmer Vernooij1-1/+0
2008-12-06s4:winbind: fill in the correct variable...Stefan Metzmacher1-1/+1
metze
2008-10-27s4-lsa: merge lsa_QueryInfoPolicy/{2} from s3 lsa idl.Günther Deschner1-1/+6
Guenther
2008-06-28Fix the wbinfo test on the LDAP backend.Andrew Bartlett1-32/+0
The problem was that we would do a blocking wait for the LDAP server, which was also blocking on us returning (because we were in single process mode). The LDAP connection being made here is useless anyway, and will need to be an async ldb_connect() before anybody reintroucues it (nobody in their right mind would program a winbindd backend on pure LDAP, when the ldb abstraction is available). Andrew Bartlett (This used to be commit 23280b2e6ed5afb968bf0b8c40febb085eed38a1)
2008-04-18fixed a double free in winbind Andrew Tridgell1-1/+0
state->domain->netlogon_binding is a child of ctx, and ctx is freed by the composite_is_ok failure callback (This used to be commit 3c217518ba9a7b64fe6c842187499f1ee5189567)
2008-04-17Remove event context tracking from the credentials struct.Jelmer Vernooij1-2/+0
(This used to be commit 4d7fc946b2ec50e774689c9036423b6feef99b8e)
2007-12-21r26430: require explicit specification of loadparm context.Jelmer Vernooij1-1/+1
(This used to be commit 1b947fe0e6e16318e5a8127bb4932d6b5d20bcf6)
2007-12-21r26355: Eliminate global_loadparm in more places.Jelmer Vernooij1-1/+1
(This used to be commit 5d589a0d94bd76a9b4c9fc748854e8098ea43c4d)
2007-12-21r26353: Remove use of global_loadparm.Jelmer Vernooij1-1/+2
(This used to be commit 17637e4490e42db6cdef619286c4d5a0982e9d1a)
2007-12-21r26327: Explicit loadparm_context for RPC client functions.Jelmer Vernooij1-5/+10
(This used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)
2007-12-21r26268: Avoid more use of global_loadparm - put lp_ctx in smb_server and ↵Jelmer Vernooij1-5/+5
wbsrv_connection. (This used to be commit 7c008664238ed966cb82adf5b25b22157bb50730)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-5/+5
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-7/+7
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r24556: forgot to commit the winbind/ subdir...sorryStefan Metzmacher1-2/+2
metze (This used to be commit 184a7cfc36860e16f9483347ae70a053a5823e83)
2007-10-10r24127: Set the Domain SID into the libnet context, and have libnet_UserInfoAndrew Bartlett1-0/+1
return full SIDs for the user SID and primary group sid. This should help kai with his getpwnam work in winbind. Andrew Bartlett (This used to be commit 078671d5015c63e4bcd96815e150dae918763b83)
2007-10-10r24112: Complete initialistion of the libnet_ctx when setting up the domain.Andrew Bartlett1-0/+4
We need to set the access_mask and the domain name, or else libnet will try to do this itself. This seems to fix the issues Kai was having. Andrew Bartlett (This used to be commit 44c193272b05959c756ee0078d666bcdf1374023)
2007-10-10r23995: Work to allow mimir's libnet code to be called from winbind.Andrew Bartlett1-30/+29
We now setup a libnet_ctx for each domain. We should then be able to replace/merge some more of the winbind code with libnet calls, referencing domain->libnet_ctx. Andrew Bartlett (This used to be commit bad2dc14d704be59300f619c84694c11620559e0)
2007-10-10r23890: Allow wbinfo -a to work against Samba4's winbind.Andrew Bartlett1-7/+15
Add a test for wbinfo -a to test_member.sh Reimplement the server-side 'pam_auth' and 'pam_auth_crap' calls to use the same SamLogon code as auth_winbind uses. In my previous code, we did not bind to the LSA and SAMR pipes, before attempting operations. We now do this (how we passed any tests before is beyond me). This required some rework, particularly to make it easier to setup secondary connections. The new rpc_secondary_auth_connection() function also performs the bind. The dcerpc_connect.c file was getting to big, so things have been merged into dcerpc_secondary.c. Andrew Bartlett (This used to be commit 365778a993b7d76af6d53ba2a598b7e271741dc5)
2007-10-10r23880: Don't crash when we run wbinfo -a against our own winbind when we ↵Andrew Bartlett1-3/+5
are a DC. Next step is to make it work... Andrew Bartlett (This used to be commit a1b6c9ecb9a6f17bcbabf81a8128398df6447490)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23149: Fix up the trusted domain lookup code to use the new structures.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 6ecb3cb0b337260f31abd257e9f900661de4cfd2)
2007-10-10r23141: Use the finddcs() library call rather than a winbind-specific version.Andrew Bartlett1-5/+18
(I created finddcs() from the winbind code a while back, so this finishes that work) Andrew Bartlett (This used to be commit 218b279a46a4ca739597936f0b67573599e6d375)
2007-10-10r23133: I felt pity on Kai, as he starts work on winbind in Samba4, so IAndrew Bartlett1-132/+193
decided to clean it up a little. We now use SPNEGO for authentication if possible, and common routines shared with the rest of the librpc codebase. Rather than make a connection to IPC$, then connect the pipes to it, we instead have the lsa and samr pipes as 'secondary connections'. Andrew Bartlett (This used to be commit 86654056b22245a57396544d572de6401069b9e5)
2007-10-10r22944: fix bug #4618:Stefan Metzmacher1-1/+1
rename private -> private_data metze (This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2)
2007-10-10r22582: Cleanups towards making winbind work again. We still have a long ↵Andrew Bartlett1-4/+1
way to go, as this has bitrotted over the past months. This change in particular catches winbind up with the next composite_create() function. We also needed to remove an unused flags field, and fill in the lm response. Andrew Bartlett (This used to be commit bd26e4ffaf1c060fdc3aae28fd4393e83c5a83ea)
2007-10-10r21535: - fixed a crash in the RAW-ACLS test. When a dcerpc_pipe is createdAndrew Tridgell1-1/+1
using the pattern in the clilsa code, it didn't fill in the p->binding structure. This affects nearly all users of dcerpc_pipe_open_smb(), so the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises the binding if its not already there. - re-enable the RAW-ACLS test (This used to be commit d8875c286d2be49c01703d8fd58bbc1842054bd9)
2007-10-10r18309: FreeBSD 6.1 has a symbol ldap_new_connection() in the system ldapAndrew Tridgell1-1/+1
library. Even though we don't like to that library, it gets loaded via nss-ldap, which means nss-ldap calls into the samba ldap lib with the wrong parameters, and crashes. We really need to use a completely different namespace in libcli/ldap/ (This used to be commit c440e0eed9afae5fe69995a7416971e7c8560779)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+0
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r15328: Move some functions around, remove dependencies.Jelmer Vernooij1-1/+0
Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+1
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+2
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r14205: move smb specific stuff out of includes.h (finally!!!:-)Stefan Metzmacher1-0/+1
all this changes really help ccache to speed up the samba4 build:-) metze (This used to be commit 180a79d1036e54fc0c50572b820818e9aafa28e9)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+3
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r12865: Upgrade the librpc and libnet code.Andrew Bartlett1-1/+2
In librpc, always try SMB level authentication, even if trying schannel, but allow fallback to anonymous. This should better function with servers that set restrict anonymous. There are too many parts of Samba that get, parse and modify the binding parameters. Avoid the extra work, and add a binding element to the struct dcerpc_pipe The libnet vampire code has been refactored, to reduce extra layers and to better conform with the standard argument pattern. Also, take advantage of the new libnet_Lookup code, so we don't require the silly 'password server' smb.conf parameter. To better support forcing traffic to be sealed for the vampire operation, the dcerpc_bind_auth() function now takes an auth level parameter. Andrew Bartlett (This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-12/+1
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)