summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-05-29s4: Add additional 2-letter SID/RID mappings.Andrew Kroeger1-0/+23
Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
2009-05-29s4:setup Remove generated attributes from provision_configurationAndrew Bartlett1-195/+0
Incorrectly added in 95eeef91d3ed7daf8e19029eadcc610caf26db63, and found by OpenLDAP backend tests run by Theodor Chirana <office@adaptcom.ro> Andrew Bartlett
2009-05-29s4:torture Don't run QueryDisplayInfo test for SAMR-USERS-PRIVILEGESAndrew Bartlett1-2/+7
2009-05-29s4:torture Clean up users and groups added in RPC-SAMR-LARGE-DCAndrew Bartlett1-11/+37
2009-05-29s4:torture Half the repeditive tests run by RPC-SAMR-PASSWORDS-PWDLASTSETAndrew Bartlett1-1/+6
2009-05-29Explicitly list RPC-SAMR-PASSWORDS-PWDLASTSET and RPC-SAMR-USERS-PRIVILAGES ↵Andrew Bartlett1-1/+1
as slow
2009-05-29s4:client Match Samba3 and remove smbmount from the distributionAndrew Bartlett3-1434/+0
2009-05-29s4:torture Make the RPC-SAMR-PWDLASTET more efficientAndrew Bartlett1-49/+43
By using SamLogonEx we avoid setting up the credentials chain for each request. (Needs to be pushed further up the stack, to only connect to NETLOGON once). Andrew Bartlett
2009-05-27Modified SamDB to accept options like Ldb.Nadezhda Ivanova1-2/+2
2009-05-27Detect missing 'witch' before detecting missing autoconfAndrew Bartlett1-1/+6
2009-05-27Handle the krbtgt special case by looking for RID -514Andrew Bartlett1-26/+52
It turns out (seen in MS-SAMR 3.1.1.7.1 for example) that the primary way the krbtgt account is recognised as special is that RID. This should fix issues such as 'password expired' on the kpasswd service. Andrew Bartlett
2009-05-27s4:tevent: Increase trace debug level to 50.Andrew Kroeger1-1/+1
The sheer volume of messages generated by tevent when the trace level is set to 10 makes it difficult to debug issues in a level 10 log. Increasing this to 50 allows tevent tracing to be enabled if needed, but otherwise keeps the extra chatter out of a level 10 log.
2009-05-26s4:ldb_modules: Correct typos.Andrew Kroeger2-2/+2
2009-05-26s4:ldb:modules: Correct typos.Andrew Kroeger4-6/+4
2009-05-26s4:libcli/smb2: remove old dialect revision constantsStefan Metzmacher1-4/+0
metze
2009-05-26s4:smb2srv: We only support SMB 2.002.Stefan Metzmacher2-6/+12
We need to loop over all given dialects and check if we can find SMB2_DIALECT_REVISION_202. metze
2009-05-26s4:libcli/smb2: use new SMB2_DIVELECT_REVISION constantsStefan Metzmacher1-2/+5
Also send them in the order a windows client would send them (the lowest first). metze
2009-05-26s4:libcli/smb2: add some more SMB2 constantsStefan Metzmacher1-4/+14
metze
2009-05-26Merge branch 'master' of ssh://git.samba.org/data/git/sambaAndrew Tridgell16-615/+253
2009-05-26s4:provision: Added ComPartitionSets entry.Andrew Kroeger1-0/+5
Without this entry, opening the COM+ tab under the properties of an OU within ADUC results in the following error: "Unable to retrieve all user properties, 0x80072030"
2009-05-26s4:Added Extended-Rights and subentries.Andrew Kroeger1-0/+881
Without these entries, using the 'Delegate Control' option in ADUC results in the following error message in the Delegation of Control Wizard: "The templates could not be applied. One or more of the templates is not applicable. Click Back and select different templates, and then try again."
2009-05-26s4:provision: Update DisplaySpecifiers (#5139).Andrew Kroeger1-0/+369
The classDisplayName attribute controls the actual text displayed to the user for the top-level menus, so added it to the existing entries. The attributeDisplayNames attribute contains both the text displayed to the user and a mapping to the internal directory attribute name for the particular field, so added these to the existing entries as well. Added new entries as appropriate to properly complete all menus and labels within ADUC.
2009-05-26Don't use crossRef records to find our own domainAndrew Bartlett16-615/+253
A single AD server can only host a single domain, so don't stuff about with looking up our crossRef record in the cn=Partitions container. We instead trust that lp_realm() and lp_workgroup() works correctly. Andrew Bartlett
2009-05-25source{3,4}/torture/smbiconv.c(main): fixed file descriptor leak.Slava Semushin1-0/+1
File descriptor leaks only when we use file instead of stdout. Found by cppcheck: [./source3/torture/smbiconv.c:219]: (error) Resource leak: out [./source4/torture/smbiconv.c:211]: (error) Resource leak: out
2009-05-25s4-smbtorture: add RPC-SAMR-LARGE-DC test.Günther Deschner2-1/+332
This rather simple test creates 4500 objects on a domain controller and checks the enum calls for the correct number of results. Guenther
2009-05-25s4-smbtorture: rename test_EnumDomain{Users,Groups,Aliases} in RPC-SAMR.Günther Deschner1-11/+12
Guenther
2009-05-25s4-smbtorture: re-work test_Create{User,Group,Alias} a little.Günther Deschner1-14/+38
Guenther
2009-05-25fixed interpretation of ACB_PWNOTREQAndrew Tridgell2-15/+6
This bit actually means that we should ignore the minimum password length field for this user. It doesn't mean that the password should be seen as empty
2009-05-25fixed the client side password change codeAndrew Tridgell1-61/+25
The client side code was not falling back to older routines correctly as it didn't check for the operation range error appropriately. It also used the old rpc semantics.
2009-05-25cope with lanman auth being disabled in old password change codeAndrew Tridgell1-8/+15
When lanman auth is disabled and a user calls a password change method that requires it we should give NT_STATUS_NOT_SUPPORTED
2009-05-21s4-selftest: adding RPC-SAMR-USERS-PRIVILEGES to knownfail list.Günther Deschner1-0/+1
Samba4 cannot pass this test currently as in Samba4 (unlike Samba3) the LSA and SAMR account are stored in the same db. Once you delete a SAMR user the LSA privilege account is deleted at the same time (which is wrong). Guenther
2009-05-20s4:libcli/smb2: fix session setup with raw NTLMSSPStefan Metzmacher1-13/+17
metze
2009-05-20s4:libcli/smb2: use raw ntlmssp if the server didn't provide a sec blobStefan Metzmacher1-1/+8
metze
2009-05-20s4:libcli/smb2: fill in transport->negotiate.secblob with the correct dataStefan Metzmacher1-0/+2
metze
2009-05-20SMB2-LOCK: let the test pass against samba4Stefan Metzmacher1-1/+7
metze
2009-05-20s4: try to fix privileges implementation in order to pass the ↵Günther Deschner1-1/+5
RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-20Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott14-47/+202
This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-05-20s4:smb_server: initialy read the first 4 bytes onlySam Liddicott1-0/+1
Stop packet_recv getting greedy and reading the whole socket and then dispatching te extra packets in a timer loop Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-05-20s4:libcli/raw: initialy read the first 4 bytes onlyStefan Metzmacher1-0/+1
metze
2009-05-18s4 torture: Fix typoTim Prouty1-1/+1
2009-05-19s4-smbtorture: Fix build warning in RPC-SAMR tests.Günther Deschner1-2/+2
Guenther
2009-05-18s4-smbtorture: add RPC-SAMR-USERS-PRIVILEGES test.Günther Deschner2-9/+387
This test demonstrates the independence of the lsa and samr accounts while remove a samr users that still has privileges granted. Guenther
2009-05-16tevent: Remove python module.Jelmer Vernooij2-3/+0
This module didn't have any functionality that we actually used yet, and it was quite small. Tevent is quite low level and perhaps doesn't make much sense to expose directly as a Python module. It was also causing build problems when used with a system-tevent. We can always back later if necessary.
2009-05-16Update copies of config.guess and config.sub.Jelmer Vernooij4-152/+564
2009-05-15errormap: Remove wbc -> NTSTATUS error map for now. It is not used.Jelmer Vernooij1-37/+0
This was breaking the Samba 4 installation since it added dependencies on header files we weren't installing. Confirmed with Kai.
2009-05-14s4:nbtd Use str_list_make_single() to turn iname->wins_server into a listAndrew Bartlett1-1/+1
2009-05-14s4:libnet Use str_list_make_single() in resolv codeAndrew Bartlett1-1/+1
2009-05-14dsdb:schema Use str_list_make_empty() to create an empty listAndrew Bartlett1-5/+5
2009-05-14s4:torture Use str_list_make_single where appropriateAndrew Bartlett1-10/+10
2009-05-13s4-selftest: match new name of RPC-SAMR-ACCESSMASK.Günther Deschner2-2/+2
Guenther