samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-08-17	s4-drs: added domain_sid to DRS security checks	Andrew Tridgell	6	-10/+14
	we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-drs: fixed check for SECURITY_RO_DOMAIN_CONTROLLER	Andrew Tridgell	1	-6/+6
	check more than the user_sid, and also check for the right rid value Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: added support for UF_PARTIAL_SECRETS_ACCOUNT	Andrew Tridgell	1	-2/+9
	when this is in user_account_control the account is a RODC, and we need to set the primaryGroupID to be DOMAIN_RID_READONLY_DCS Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: cope with cracknames of form dnsdomain\account	Andrew Tridgell	1	-2/+8
	this is used by w2k8r2 when doing a RODC dcpromo Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumber	Andrew Tridgell	1	-1/+8
	msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: added LDB_FLAG_INTERNAL_DISABLE_VALIDATION	Andrew Tridgell	2	-7/+15
	When this flag is set on an element in an add/modify request then the normal validate_ldb() call that checks the element against schema constraints is disabled Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: added LDB_FLAG_INTERNAL_MASK	Andrew Tridgell	2	-0/+31
	This ensures that internal bits for the element flags in add/modify requests are not set via the ldb API Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages	Andrew Tridgell	8	-23/+28
	The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: support LDB_CONTROL_RODC_DCPROMO_OID for nTDSDSA add	Andrew Tridgell	1	-1/+24
	this control disables the system only check for nTDSDSA add operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: fixed test for LDB_CONTROL_RODC_DCPROMO_OID	Andrew Tridgell	1	-1/+1
	the ldb_msg_add_fmt() call returns LDB_SUCCESS on success
2010-08-17	s4-ldapserver: support controls on ldap add and rename	Andrew Tridgell	1	-10/+12
	we need to pass the controls down to the add and rename ldb operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: added support for LDB_CONTROL_RODC_DCPROMO_OID	Andrew Tridgell	3	-0/+76
	this control adds a unique msDS-SecondaryKrbTgtNumber attribute to a user object. There is some 'interesting' interaction with the rangeLower and rangeUpper attributes and this add. We don't implementat rangeLower/rangeUpper yet, but when we do we'll need an override for this control (or be careful about module ordering). Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldap: use common functions for ldap flag controls encode/decode	Andrew Tridgell	1	-163/+11
	many controls are simple present/not-present flags, and don't need their own parsers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	build fix	Brad Hards	1	-1/+5

2010-08-17	s4-ldb: test the 'displayName=a,b' bug	Andrew Tridgell	1	-0/+6
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s3-provision: cope with the policy directory already existing	Andrew Tridgell	1	-3/+8
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: fixed the ldb 'displayName=a,b' indexing bug	Andrew Tridgell	1	-2/+4
	the problem was the inconsistency between the key form of DNs between the itdb used for indexing and the on disk form Thanks to Matthieu Patou for finding this bug! Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: add some comments explaining the ltdb_index_idxptr() function	Andrew Tridgell	1	-0/+8
	this function copes with alignment sensitive CPUs Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-08-16	s4:samdb_set_password_sid - fix comment	Matthias Dieter Wallnöfer	1	-1/+2
	Add more possible result NTSTATUS codes
2010-08-16	s3-auth: Remove docs about obsolete 'update encrypted' option.	Andreas Schneider	1	-1/+0

2010-08-16	Revert "s4:RPC-SPOOLSS-NOTIFY: skip test_RFFPCNEx() for now, as the test is ↵	Günther Deschner	1	-9/+0
	broken" This reverts commit 8ca8250443319e0f19f05aab2014118fd03eaa8a.
2010-08-15	s4:samdb_set_password - fix formatting	Matthias Dieter Wallnöfer	1	-1/+2
	(Sorry, I've overseen this)
2010-08-15	s4:passwords.py - proof the most important extended error codes	Matthias Dieter Wallnöfer	1	-8/+17

2010-08-15	s4:samdb_set_password - implement the extended LDAP error code detection	Matthias Dieter Wallnöfer	1	-9/+17

2010-08-15	s4:password_hash LDB module - introduce the extended LDAP error codes on the ↵	Matthias Dieter Wallnöfer	1	-43/+72
	important failure cases
2010-08-15	s4:password_hash LDB module - support this new password set syntax	Matthias Dieter Wallnöfer	1	-2/+10

2010-08-15	s4:passwords.py - another special password test	Matthias Dieter Wallnöfer	1	-3/+23
	This looks like a password change but it's rather a password set operation.
2010-08-15	s4:password_hash LDB module - allow to compare against both NT and LM hashes ↵	Matthias Dieter Wallnöfer	1	-10/+1
	on password change operations This is to match the SAMR password change behaviour.
2010-08-15	s4:ldap_backend.c - Windows returns WERROR codes in majuscule HEX format	Matthias Dieter Wallnöfer	1	-1/+1

2010-08-15	s4:ldap_backend.c - map error codes - add a change which allows custom ↵	Matthias Dieter Wallnöfer	1	-0/+13
	WERROR codes This is strictly needed by my recent passwords work, since I want to remove most of the password change stuff in "samr_password.c". Since AD gives us CONSTRAINT_VIOLATION on all change problems I cannot distinguish on the SAMR level which the real cause was about. Therefore I need the extended WERROR codes here.
2010-08-15	s4:subtree_rename.c - relax the checks when requested	Matthias Dieter Wallnöfer	1	-0/+5
	(Needed by upgradeprovision for example)
2010-08-15	s4-test: Add drs.rpc.msDSIntId test to knownfail tests	Kamen Mazdrashki	1	-0/+1

2010-08-15	s4-test: Run all DRS-RPC.* tests in ncacn_ip_tcp_tests tests group	Kamen Mazdrashki	1	-3/+3
	Andrew, please check.
2010-08-15	s4-drs-test: Make the two DRS test suite a top-level test suites	Kamen Mazdrashki	1	-16/+21
	so that test cases gets visible with "smbtorture --list"
2010-08-14	s4:ldap_backend.c - fix a DS error code after WERROR change	Matthias Dieter Wallnöfer	1	-1/+1

2010-08-14	s4:libnet - free the "c" context also on error conditions	Matthias Dieter Wallnöfer	2	-1/+3
	(and if it's NULL then "talloc_free" does ignore it)
2010-08-14	s4:samdb_set_password - return "NT_STATUS_WRONG_PASSWORD" when a user ↵	Matthias Dieter Wallnöfer	1	-0/+2
	account doesn't exist This is for the (SAMR) account detection protection mechanism.
2010-08-14	s4:password_hash LDB module - improve an error message	Matthias Dieter Wallnöfer	1	-2/+2

2010-08-14	s4:password_hash LDB module - implement the SAMR behaviour when checking old ↵	Matthias Dieter Wallnöfer	1	-5/+16
	passwords Sooner or later this module should take over all password change actions.
2010-08-14	s4:password_hash LDB module - fix wrong error codes	Matthias Dieter Wallnöfer	1	-4/+4
	To match the passwords.py test
2010-08-14	s4:passwords.py - test the error code when there doesn't exist any password yet	Matthias Dieter Wallnöfer	1	-4/+24
	After the creation of a user object we don't have any password yet.
2010-08-14	s4:passwords.py - perform testing of wrong old passwords on change operations	Matthias Dieter Wallnöfer	1	-0/+44

2010-08-14	s4:torture/rpc/samr.c - fix a wrong torture error message	Matthias Dieter Wallnöfer	1	-1/+1

2010-08-14	s4:auth Move struct auth_usersupplied_info to a common location	Andrew Bartlett	6	-54/+9
	This also changes the calling convention slightly - we should always allocate this with talloc_zero() to allow some elements to be optional. Some elements may only make sense in Samba3, which I hope will use this common structure. Andrew Bartlett
2010-08-14	s4-build: fixed library name in dcerpc_server.pc.in	Andrew Tridgell	1	-1/+1
	Thanks to Metze for spotting this
2010-08-14	s4: remove REMOVE_MAPPING from wb_samba3_protocol	Michael Adam	1	-2/+0
	Michael
2010-08-14	s4: remove SET_MAPPING from wb_samba3_protocol	Michael Adam	1	-2/+0
	Michael
2010-08-14	s4: remove SET_HWM and SET_DUAL_HWM from wb_samba3_protocol	Michael Adam	1	-2/+0
	Michael
2010-08-12	s4:librpc/rpc: make struct dcerpc_binding_handle private	Stefan Metzmacher	1	-10/+0
	metze
2010-08-12	s4:librpc/rpc: add dcerpc_binding_handle dcerpc_pipe backend	Stefan Metzmacher	3	-4/+411
	metze