summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2012-07-17s4-librpc: Add capabilities check for AES encrypted connections.Andreas Schneider1-1/+110
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4-torture: Improve samlogon test.Andreas Schneider1-0/+8
2012-07-17s4-torture: Add DCERPC_SCHANNEL_AES tests.Andreas Schneider1-1/+5
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: add support for AES based netlogon schannelStefan Metzmacher1-0/+4
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc: add DCERPC_SCHANNEL_AES supportStefan Metzmacher1-2/+15
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: only return STRONG_KEYS if the client asked for itStefan Metzmacher1-26/+31
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:rpc_server/netlogon: implement netr_LogonGetCapabilitiesStefan Metzmacher1-2/+20
This is also needed to support AES. metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc/dcerpc_schannel: just append NETLOGON_NEG_RODC_PASSTHROUGH as rodcStefan Metzmacher1-4/+5
The RODC stuff doesn't depend on the schannel algorithm. metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc/dcerpc_schannel: rework downgrade logicStefan Metzmacher1-5/+38
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-15s4-param: Use a unique header nameAndrew Bartlett1-3/+3
2012-07-13s4-provision: Provide YP/NIS subtree to allow ADUC to see and set rfc2307 attrsGeza Gemes3-2/+536
When provisioning with --use_rfc2307=yes populate the subtree: CN=ypServ30,CN=RpcServices,CN=System,${DOMAINDN} This makes it possible to manipulate the posix attributes via ADUC (commit message adjusted by abartlet) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-13s4:registry:regdiff: use existing talloc context for the event contextMichael Adam1-1/+1
Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Jul 13 02:51:44 CEST 2012 on sn-devel-104
2012-07-13s4:registry:regdiff: add TALLOC_CTX * argument to open_backend()Michael Adam1-6/+7
2012-07-13s4:registry: add a TALLOC_CTX argument to reg_open_remote()Michael Adam4-5/+7
2012-07-06s4-torture: add ntprinting ndr operations testsuite.Günther Deschner3-1/+442
Guenther Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jul 6 20:55:26 CEST 2012 on sn-devel-104
2012-07-06s4-selftest: do a dbcheck on our two vampire DCsAndrew Bartlett1-1/+1
However, due to using --domain-critical-only we have to knownfail the vampire DC here, as we do not fill in the backlinks on non-critical objects correctly. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 6 16:54:10 CEST 2012 on sn-devel-104
2012-07-06s4-dbcheck: Check for an object without a parentAndrew Bartlett1-0/+44
Such objects are then moved to the appropriate LostAndFound container, just as they would be if replicated. Andrew Bartlett
2012-07-06s4-dsdb: Remove unused variables in py_dsdb_get_partitions_dnAndrew Bartlett1-3/+0
2012-07-06pydsdb: Add bindings for dsdb_wellknown_dn()Andrew Bartlett2-0/+38
2012-07-06s4-pydsdb: Add bindings for dsdb_find_nc_root()Andrew Bartlett2-0/+26
2012-07-06s4-pydsdb: Improve PyErr_LDB_{DN,}_OR_RAISE to use py_check_dcerpc_typeAndrew Bartlett1-2/+9
This checks the type rather than just dereferencing the pointer. Andrew Bartlett
2012-07-06auth: Common function for retrieving PAC_LOGIN_INFO from PACChristof Schmitt2-45/+0
Several functions use the same logic as kerberos_pac_logon_info. Move kerberos_pac_logon_info to common code and reuse it to remove the code duplication. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-06s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for tcpAndreas Schneider1-0/+10
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 6 11:50:40 CEST 2012 on sn-devel-104
2012-07-06s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for npAndreas Schneider3-0/+45
2012-07-06s4-lsarpc: Restrict LookupSids3 to crypto connections only.Andreas Schneider1-0/+10
2012-07-06s4-lsarpc: Restrict LookupNames4 to crypto connections only.Andreas Schneider1-0/+10
2012-07-06s4-lsarpc: Don't call lsa_OpenPolicy2 in lsa_LookupSids3.Andreas Schneider1-46/+48
2012-07-06s4-lsaprc: Don't call lsa_OpenPolicy2 in lsa_LookupNames4.Andreas Schneider1-49/+53
2012-07-06s4-selftest: Don't run lsarpc requiring a named pipe over tcpip.Andreas Schneider1-1/+1
2012-07-06s4-selftest: Don't plan lsa.secrets tests over tcpip.Andreas Schneider1-4/+4
These will only work over a named pipe or ncalrpc.
2012-07-06s4-libnet: Skip calling lsarpc functions over a wrong pipe.Andreas Schneider1-0/+9
2012-07-06s4-torture: Call lsarpc tests over the correct pipe.Andreas Schneider1-0/+6
2012-07-06s4-torture: Don't consider NONE_MAPPED an error in LookupSids3.Andreas Schneider1-3/+19
2012-07-06s4-torture: Don't consider NONE_MAPPED an error in LookupNames4.Andreas Schneider1-3/+15
2012-07-06s4-torture: Add a lsarpc test_GetUserName_fail function.Andreas Schneider1-0/+59
2012-07-06s4-torture: Add a lsarpc test_OpenPolicy2_fail function.Andreas Schneider2-21/+74
2012-07-06s4-torture: Add a lsarpc test_OpenPolicy_fail function.Andreas Schneider1-17/+74
2012-07-06s4-torture: Add a lsarpc test_LookupNames4_fail function.Andreas Schneider1-23/+74
2012-07-06s4-torture: Add a lsarpc test_LookupSids3_fail function.Andreas Schneider1-15/+68
2012-07-06s4-torture: Test LookupSids3/LookupNames4 over np and tcpip.Andreas Schneider1-8/+26
2012-07-06s4-torture: Make sure lsa_OpenPolicy2 fails over TCP/IP.Andreas Schneider2-8/+16
2012-07-06s4-torture: Make sure lsa_OpenPolicy fails over TCP/IP.Andreas Schneider1-9/+20
2012-07-06s4-torture: Make sure ncacn_np tests are only called over the a pipe.Andreas Schneider2-1/+43
2012-07-06s4-torture: Test LookupSids3 and LookupNames4 only over tcpip.Andreas Schneider1-13/+36
LookupSids3 and LookupNames4 are only available over tcpip and MUST fail over named pipes.
2012-07-06s4-torture: Use test_LookupSids3 function.Andreas Schneider1-32/+1
2012-07-06s4-torture: Fix build warnings in lsa test.Andreas Schneider1-10/+2
2012-07-06s4-classicupgrade: Demote any other 'BDC' accounts back to a member server ↵Andrew Bartlett1-2/+12
during upgrade This makes it clear that they cannot be a DC until they are upgraded with samba-tool domain dcpromo. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 6 09:59:13 CEST 2012 on sn-devel-104
2012-07-06s4-selftest: Test samba-tool domain dcpromoAndrew Bartlett1-1/+2
This needs a new environment to test it properly. This requires a raise in the number of socket wrapper interfaces. Andrew Bartlett
2012-07-06s4-samba-tool: Provide a samba-tool domain dcpromo that upgrades a member to ↵Andrew Bartlett2-10/+121
a DC This command is like dcpromo in that it upgrades the existing workstation account to be a domain controller. The SID (and therefore any file ownerships) is preserved. Andrew Bartlett
2012-07-06s4-dsdb: Give a much better error message when parentGUID generation failsAndrew Bartlett1-3/+3