Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 329c5ccd74680381b30c4a2235010c766ac46ecc)
|
|
Now that all session keys are DATA_BLOBs, fix the callers.
This assumes some things about the behaviour of certain crypto
algorithms, without the ability to test it on session keys != 16 bytes
in length. We will just need to retest when we get the KRB5 support
in (DES keys are 8 bytes).
Andrew Bartlett
(This used to be commit e4355a7ec1eba92bdecef8cc478272897276dbae)
|
|
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
|
|
ldbsearch. This allows you to edit the description of all users using
something like:
ldbedit 'objectclass=user' description
and not get overwhelmed with fields. It also allows you to edit HIDDEN attributes
by specifying them explicitly
(This used to be commit dd83d39de23cdf8c574005829972dae8dc6bee6a)
|
|
- added samr_GetUserPwInfo() samr server call
(This used to be commit 0250f5d6aaf4f9325ace707c69f5e24bcd7a0ed9)
|
|
some of it tests the .length, other code checks the
.data.
Ensure that we always NULL the .data, so that talloc-based
blobs behave just like their direct malloc equivalents.
Andrew Bartlett
(This used to be commit 64121aa1a9d037d3969f24be62f4521611c89888)
|
|
allows you to mark
an attribute as only appearing in searches that explicitly name it. It will be used
for attributes like nTSecurityDescriptor
(This used to be commit f5cd3d733b71368ea652f8a4d653d87f45ff983f)
|
|
Volker
(This used to be commit 59241c0c9aa2d64d66eb04e81aa5500681604061)
|
|
(This used to be commit 209f5a25a950e8780e9512b71fbb12b1cdbe1a17)
|
|
(This used to be commit 0c1069b56e7c80e2b428f6a6b550eacd5ac3d762)
|
|
samr_QueryUserInfo levels except for the password
set levels.
This means that a large part of the RPC-SAMR torture test now runs correctly against Samba4
(This used to be commit ec0a51898f543578e755207d81ed5c1524861c64)
|
|
(This used to be commit d0383e9a7a0a5bee9a52ddc81d5f89c9f01c269b)
|
|
handle types.
(This used to be commit 1e02ccd94edc87f4107d21f7f778f1a88c9e197d)
|
|
(This used to be commit defaf0d817a7c207da59692245aa65bc30c9bd19)
|
|
(This used to be commit 994baba7ebc267cb3051109aee022d71472aa6b6)
|
|
- added proper ldap time construction to provisioning
(This used to be commit 0f12584b4b1b90aa20c6a4a5199829b5beba2a1d)
|
|
samr_EnumDomainUsers
(This used to be commit 252b11112ce22152de3d53d0ba657879346ff243)
|
|
(This used to be commit 3ac0cff83752b98ee7b8af7f4f9a33ffe9ae05e7)
|
|
again. Still a few problems left though.
(This used to be commit e921a5879f8a5a867dce61e684a0010a5dab9472)
|
|
samr_SetUserInfo and samr_QueryUserInfo
(This used to be commit e0db9659a85b59e52fbe033a94b411d6c64d9f9c)
|
|
(This used to be commit d1dcde1d913803a44b07a1937262ae627680072c)
|
|
(This used to be commit 7b5f3370e6c078bf506ac3eb24fb330d4aee7688)
|
|
added test code for SamLogon validation level 2 and 3, so we test both
SamInfo and SamInfo2
(This used to be commit 321dbb61cc0743379ceb6b8fff6a0ca37f308bc2)
|
|
samr_CreateUser2(), samr_LookupNames(), samr_OpenUser(),
and samr_DeleteUser()
this uses a user template in the SAM db, of objectclass "userTemplate"
and dn CN=TemplateUser,CN=Templates,$BASEDN. Using a template allows
an admin to add any default user attributes that they might want to
the user template and all new users will receive those attributes.
(This used to be commit 10b6e0011b5952c98432dc2d4b2058ac89a9cc2d)
|
|
unmapped names
(This used to be commit e3b31625f476cb1b8a4d5003dee2c574582c9b46)
|
|
in SAM db)
(This used to be commit b2a63555189fea41184a2cac796945bca4e98995)
|
|
(This used to be commit 2cb06b39d91ef18b21c18e9376ccbd8076aeecf8)
|
|
- fixed a problem with searching for values containing an '=' sign
- fixed the semantics of attempting an attribute deletion on an attribute that doesn't exist.
- added some more ldb_msg_*() utilities
(This used to be commit 62b4ec367d170330d837b0f1fe5cd13205a53b59)
|
|
Start to resurrect eparser.pm for auto-generating ethereal dissectors
for rpc.
(This used to be commit 993a18dd35fb0b09c088eb2bb38d3e14ff755130)
|
|
range of NTSTATUS codes that are normally invalid to prevent conflicts
with real error codes.
use the new DOS facility to fix the ERRbaduid return that volker found
(This used to be commit 10fdfb52398857b604fff9684ee65a96d970bdaa)
|
|
metze. Also added a reference count so that a client can close the
connection handle and still used a derived domain handle.
(This used to be commit b1cd98188d6f1f8236f5dbc7a3605a39ae27fb73)
|
|
be cleanly interfaced to ldb
(This used to be commit 74b89d5f960d6b936751e3f057b4540eb80b79cd)
|
|
(This used to be commit be94cc4032b23fd99823902ddcd1472a72314a88)
|
|
letting ldb use malloc
(This used to be commit a3edd4bca8769cd804a5908286c7a18ca5c8fa00)
|
|
change with each request
(This used to be commit 18695cefa16b867427e3ca2fb0d787d850ea25c3)
|
|
talloc code catches errors like this.
(This used to be commit 22aa425c96030f55f6202bca1e1a876b0bc03f03)
|
|
talloc_free() O(1) in preparation. This also halves the number of
malloc() calls and increases our internal consistency checking,
without breaking valgrind testing.
(This used to be commit 2331d4e76e40ff08215853f747f7063213ac92ce)
|
|
(This used to be commit bb74a94e2610620987a44ab7289115a8ee361529)
|
|
(This used to be commit 4404056cd5fd65d72a38ea474fe330281b3ee19e)
|
|
(This used to be commit 85e57684b4dc4edcfd6d4cd1492d63810f8ce211)
|
|
allocator. The way to use this is to call ldb_set_alloc() with a
function pointer to whatever memory allocator you like. It includes a
context pointer to allow for pool based allocators.
(This used to be commit 3955c482e6c2c9e975a4bb809ec8cb6068e48e34)
|
|
metze
(This used to be commit ace939a5882bd35295246b5816a3344f70d20e29)
|
|
- made yet another attempt to make ldb const clean.
- "make test" now runs both the tdb and ldap backend tests, and run the ldbtest utility
with and without indexing
- added prototypes in ldb.h for ldb_msg_*() public functions
(This used to be commit 01e87406768cb5a98ac8530a2f361a4987a36cd3)
|
|
(This used to be commit 34ff18839c97dbb77c76097b4484ebec398da192)
|
|
from abartlet
(This used to be commit 5f30c3b077b59fc7ec40644e3af7236292100c6b)
|
|
(This used to be commit a3d639d04ff25deabd299ea24917adde9192ed38)
|
|
metze
(This used to be commit d15f0e18bb43608c611cfe78fc79db9ee10e1eb2)
|
|
if you take a look at samr_GetDomPwInfo() then you will get a fairly good idea
of what I am planning for the database oriented SAMR server implementation.
(This used to be commit bba0044a514cf86cbcf14bc82dd6c49808c22dab)
|
|
(This used to be commit d96b68169a5ab46cc0550732d4fe94af75e06fd6)
|
|
servers. Previously the server pipe code needed to return the RPC
level status (nearly always "OK") and separately set the function call
return using r->out.result. All the programmers writing servers
(metze, jelmer and me) were often getting this wrong, by doing things
like "return NT_STATUS_NO_MEMORY" which was really quite meaningless
as there is no code like that at the dcerpc level.
I have now modified pidl to generate the necessary boilerplate so that
just returning the status you want from the function will work. So for
a NTSTATUS function you return NT_STATUS_XXX and from a WERROR
function you return WERR_XXX. If you really want to generate a DCERPC
level fault rather than just a return value in your function then you
should use the DCESRV_FAULT() macro which will correctly generate a
fault for you.
As a side effect, this also adds automatic type checking of all of our
server side rpc functions, which was impossible with the old API. When
I changed the API I found and fixed quite a few functions with the
wrong type information, so this is definately useful.
I have also changed the server side template generation to generate a
DCERPC "operation range error" by default when you have not yet filled
in a server side function. This allows us to correctly implement
functions in any order in our rpc pipe servers and give the client the
right information about the fault.
(This used to be commit a4df5c7cf88891a78d82c8d6d7f058d8485e73f0)
|