Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-10-17 | s4-schema: We should not need Samba4TopExtra now | Andrew Tridgell | 1 | -23/+0 | |
The last attribute this contained was 'privilege' which is now gone | |||||
2009-10-17 | s4-pvfs: don't auto-apply privilege bits in unix acl handling either | Andrew Tridgell | 1 | -7/+11 | |
2009-10-17 | s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks | Andrew Tridgell | 1 | -6/+2 | |
2009-10-17 | s4-torture: the BASE-CREATEX_ACCESS test is broken for non-administrators | Andrew Tridgell | 1 | -0/+1 | |
See my msg to samba-technical about this test and privilege testing. | |||||
2009-10-17 | s4-torture: cleanup after the MAXIMUM_ALLOWED test | Andrew Tridgell | 1 | -0/+1 | |
2009-10-17 | s4-pvfs: use privileges rather than "uid == 0" in unix access check | Andrew Tridgell | 1 | -6/+12 | |
This makes the unix access check much closer to the full ACL check | |||||
2009-10-17 | s4-security: honor more of the privilege access bits | Andrew Tridgell | 1 | -4/+12 | |
2009-10-17 | s4-torture: add a special check for administrators and privileges | Andrew Tridgell | 4 | -18/+57 | |
lsa privileges calls don't expand groups. darn. | |||||
2009-10-17 | s4-lsasrv: make sure only admins can alter privileges | Andrew Tridgell | 1 | -0/+6 | |
2009-10-17 | s4-provision: added the default privileges db | Andrew Tridgell | 2 | -0/+99 | |
privileges are now stored in a separate database | |||||
2009-10-17 | s4-provision: removed the old privilege attributes | Andrew Tridgell | 2 | -53/+14 | |
Our schema is getting a bit cleaner :-) | |||||
2009-10-17 | s4-torture: show the sid we are basing privilege tests on | Andrew Tridgell | 1 | -2/+6 | |
2009-10-17 | s4-privileges: moved privileges to private/privilege.ldb | Andrew Tridgell | 4 | -38/+70 | |
We were storing privileges in the sam, which was OK when we were a standalone DC, but is no good when we replicate with a windows DC. This moves the privileges to a separate (local) database | |||||
2009-10-16 | s4-smbtorture: extend netr_LogonControl test in RPC-NETLOGON. | Günther Deschner | 1 | -3/+109 | |
Guenther | |||||
2009-10-16 | s4:provision - fixed invalid creationTime format | Endi S. Dewata | 1 | -2/+2 | |
2009-10-16 | s4:ldb - fixed dangling pointer in ldb_request_add_control() | Endi S. Dewata | 1 | -2/+7 | |
2009-10-16 | s4:auth - fixed problem reading bind DN from secrets database | Endi S. Dewata | 2 | -0/+8 | |
2009-10-16 | s4:provision - replaced linked_attributes with FDS plugins | Endi S. Dewata | 7 | -3/+100 | |
When FDS is used as a backend, Samba should not use the linked_attributes LDB module, but instead use the built-in DS plugins for attribute linking, indexing, and referential integrity. | |||||
2009-10-16 | s4:auth_sam: Restructure tail in "authsam_get_server_info_principal" and fix ↵ | Matthias Dieter Wallnöfer | 1 | -3/+8 | |
a memory leak | |||||
2009-10-16 | s4:winsdb - Substitute LDB result numbers with constants | Matthias Dieter Wallnöfer | 1 | -19/+20 | |
2009-10-16 | s4/drs(tort): prefixMap unit test initial implementatoin | Kamen Mazdrashki | 3 | -1/+84 | |
2009-10-16 | s4/drs: prefixMap module initial definition | Kamen Mazdrashki | 3 | -1/+69 | |
2009-10-16 | s4/drs(tort): fix compile time warning | Kamen Mazdrashki | 1 | -0/+1 | |
2009-10-16 | s4/drs(tort): _drs_util_verify_attids() to verify ATTIDs in objects received | Kamen Mazdrashki | 1 | -0/+50 | |
2009-10-16 | s4/drs(tort): drs_util_DsAttributeId_to_string() function | Kamen Mazdrashki | 1 | -0/+74 | |
2009-10-16 | s4/drs(tort): _drs_ldap_attr_by_oid() implementation | Kamen Mazdrashki | 1 | -0/+49 | |
Utility function to be used to fetch Attribute name and DN giving attribute OID | |||||
2009-10-16 | s4/drs(tort): oid_from_attid() reference implementation | Kamen Mazdrashki | 2 | -1/+96 | |
Decode Attribute OID using prefixMap and ATTID received during replication Based on MS documentation. See MS-DRSR.pdf - 5.16.4 | |||||
2009-10-16 | s4/drs(tort): TORTURE_DRS torture module - initial implementation | Kamen Mazdrashki | 4 | -0/+95 | |
Drsuapi tests module registers two suites: - DRS-RPC - tests to be executed against remote machine - DRS-UNIT - unit test for internal testing | |||||
2009-10-16 | s4/drs: Propagate redefinition of drsuapi_DsReplicaOID into code base | Kamen Mazdrashki | 2 | -69/+134 | |
The biggest change is that 'oid' field is transmited in binary format. Also the field name is changed to 'binary_oid' so that field format to be clear for callers. After those changes, Samba4 should work the way it works before - i.e. no added value here but we should not fail when partial-oid is part of prefixMap transmited from Win server. Also, thre is a bug in this patch - partial-binary-OIDs are not handled correctly. Partial-binary-OIDs received during replication will be encoded, but not handled correctly. | |||||
2009-10-16 | s4-winsrepl: don't put in attributes with no elements | Andrew Tridgell | 1 | -2/+2 | |
Empty attributes are no longer allowed by ldb. This also fixes the error checking in winsdb_message() This fixes the samba4.nbt.winsreplication test | |||||
2009-10-16 | s4-smbtorture: add very basic libwbclient testsuite. | Günther Deschner | 2 | -2/+3 | |
Guenther | |||||
2009-10-16 | s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWED | Andrew Tridgell | 1 | -2/+2 | |
This matches the sec_access_check() code | |||||
2009-10-16 | s4-torture: take privileges into account in BASE-MAXIMUM_ALLOWED | Andrew Tridgell | 1 | -10/+48 | |
The correct answer depends on the users privileges. | |||||
2009-10-15 | s4:dcerpc_server - Read the generic session key out from ↵ | Matthias Dieter Wallnöfer | 1 | -5/+2 | |
"dcerpc_generic_session_key" I don't think that this code needs to exist identically on the server and on the client side. This patch leaves it on the client side (dcerpc lib) and calls it from the server. | |||||
2009-10-15 | s4:w32err_code.py script - put it under "scripting/bin" | Matthias Dieter Wallnöfer | 1 | -0/+0 | |
I think this is a better location for this script. Since the subdirectory "script" of "source4" contains only scripts for "make install" and "make uninstall". | |||||
2009-10-15 | s4-smb: fill in fnum as well for root_fid | Andrew Tridgell | 2 | -1/+3 | |
This helps with the CIFS NTVFS backend, but doesn't solve all problems | |||||
2009-10-15 | s4-selftest: mark some CIFS backend tests as known fail | Andrew Tridgell | 1 | -0/+4 | |
The CIFS passthru NTVFS doesn't handle some options yet (eg. root_fid) | |||||
2009-10-15 | s4-smbserver: fixed root_fid in nttrans create | Andrew Tridgell | 1 | -1/+1 | |
2009-10-15 | s4-libcli: fixed structure element bug in ntcreatexreadx | Andrew Tridgell | 1 | -1/+1 | |
This one didn't matter until the root_fid changed the alignment of the two structures. | |||||
2009-10-15 | s4-torture: catch bad command line options | Andrew Tridgell | 1 | -0/+3 | |
It is annoying when you mistype a command line option and aren't told. | |||||
2009-10-15 | s4-pvfs: implement root_fid support in posix backend | Andrew Tridgell | 1 | -0/+15 | |
Construct the filename from the old handle and the new name. | |||||
2009-10-15 | s4-smb: declare root_fid as a file handle | Andrew Tridgell | 29 | -139/+139 | |
In order to implement root_fid in the s4 SMB server we need to declare it as a handle type, just as for other fnum values in SMB. This required some extensive (but simple) changes in many bits of code. | |||||
2009-10-15 | s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWED | Andrew Tridgell | 1 | -1/+1 | |
The CREATEX_ACCESS test shows that this is used as a bit test, not a equality test | |||||
2009-10-15 | s4-ldaptest: "testgroup" is a bit too common | Andrew Tridgell | 1 | -2/+2 | |
This failed on one of my test boxes that has a group called "testgroup". using "testgroupXX" should be a bit better. | |||||
2009-10-15 | s4:ntlmssp server - use also here the new "lp_dnsdomain()" call | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2009-10-15 | s4:auth/credentials/credentials - fix uninitalised pointers | Matthias Dieter Wallnöfer | 1 | -7/+35 | |
This should fix bug #6755. | |||||
2009-10-15 | s4-ldap: test the rDN size limit | Andrew Tridgell | 1 | -0/+25 | |
2009-10-15 | s4-dsdb: implement limit on rDN length | Andrew Tridgell | 1 | -3/+11 | |
w2k8 imposes a limit of 64 characters on the rDN | |||||
2009-10-15 | s4-ldb: removed incorrect rDN length test | Andrew Tridgell | 1 | -13/+0 | |
This is a property of AD, not ldb, so should be in our ldb modules. | |||||
2009-10-15 | s4-ldb: removed bugus RDN length check | Andrew Tridgell | 1 | -5/+0 | |
This isn't the rDN ! |