Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-15 | s4-cldap: don't set the writable bit when we are a RODC | Andrew Tridgell | 1 | -2/+6 | |
when we are a RODC, don't respond with the writable bit in the server type response of netlogon requests Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-finddcs: added finddcs_cldap() | Andrew Tridgell | 3 | -3/+284 | |
this finds DCs with a specified set of server_type bit using SRV lookups and CLDAP Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-secrets: fixed shadowed variable warning | Andrew Tridgell | 1 | -4/+4 | |
we already have a 'v' in scope | |||||
2010-09-15 | s4-resolve: added resolve_name_multiple_recv() | Andrew Tridgell | 1 | -0/+34 | |
this allows for multiple replies to a SRV lookup Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-dns: fixed lookup of SRV records using dns_ex | Andrew Tridgell | 1 | -2/+2 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4: fixed some printf format errors | Andrew Tridgell | 3 | -3/+3 | |
2010-09-15 | s4-libnet: converted finddcs call to tevent_req | Andrew Tridgell | 4 | -89/+128 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-secrets: fetch secure channel type with domain SID | Andrew Tridgell | 4 | -4/+27 | |
The secure channel type is needed to work out what DC to connect to Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-auth: when we are a DC enable winbind auth | Andrew Tridgell | 1 | -1/+3 | |
As a RODC we need to forward some auth requests to a writable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-auth: set the RODC bit for RODC schannel | Andrew Tridgell | 1 | -1/+4 | |
When we are using SEC_CHAN_RODC we need to set the NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in ServerAuthenticate2 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-schannel: fixed reference to context after free | Andrew Tridgell | 1 | -2/+3 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-auth: allow multiple active auth backends | Andrew Tridgell | 1 | -35/+43 | |
when we are an RODC we need to be able to allow multiple auth backends to process a single auth request. First the sam backend will try to authenticate, using locally stored passwords. If this backend can't find local passwords then it will try the winbind backend and authenticate via a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-smb: serialise session setup operations | Andrew Tridgell | 2 | -0/+16 | |
the mixture of async and sync code in gensec makes a EOF on a socket during a session setup cause a crash. The simplest solution is to stop processing events on the socket until the session setup is complete. | |||||
2010-09-15 | s4-rodc: add a trigger message for REPL_SECRET to auth_sam | Andrew Tridgell | 3 | -0/+73 | |
when an RODC tries to authenticate against an account and the account has no password information it needs to send a message to the drepl server to tell it to try and replicate the secret information from a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-messaging: add support for no_reply in irpc messages | Andrew Tridgell | 2 | -0/+8 | |
It can be useful for a irpc message to be one-way, where the client sends a messages and the server does not reply. This will be used for things like a triger message from an auth context to the drepl server to tell it to try a REPL_SECRET on a user in a RODC. Previously we've used raw messaging for messages that have no reply, but that doesn't allow us to use messages described by IDL Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-15 | s4-kcc: removed redundent loop check | Andrew Tridgell | 1 | -1/+1 | |
el has already been checked for NULL | |||||
2010-09-15 | s4-smb: smbsrv_blob_push_string() can return -1 | Andrew Tridgell | 1 | -8/+11 | |
need to use ssize_t, not size_t for error handling | |||||
2010-09-15 | s4-dsdb: check for invalid backend type | Andrew Tridgell | 1 | -0/+2 | |
2010-09-15 | s4-rootdse: setup length after NULL check | Andrew Tridgell | 1 | -2/+2 | |
2010-09-15 | s4-dsdb: fixed use after free for RODC | Andrew Tridgell | 1 | -2/+1 | |
2010-09-15 | s4-dsdb: free right context on failure | Andrew Tridgell | 1 | -1/+1 | |
down_req is not initialised yet | |||||
2010-09-15 | s4-dsdb: defer ac->msg after check for NULL ac | Andrew Tridgell | 1 | -1/+3 | |
2010-09-15 | s4-anr: check for allocation failure before use | Andrew Tridgell | 1 | -1/+1 | |
2010-09-14 | s4: Fix two typos | Volker Lendecke | 1 | -2/+2 | |
2010-09-14 | rpc_server: Remove unnecessary dependency on server modules, build | Jelmer Vernooij | 1 | -1/+1 | |
system will take care of that. | |||||
2010-09-14 | waf: work around circular dependency finder erroneously removing dependency ↵ | Jelmer Vernooij | 1 | -1/+4 | |
of gensec on dcerpc. | |||||
2010-09-14 | s4-smbtorture: try to fix spoolss winreg Form tests on bigendian machines. | Günther Deschner | 1 | -15/+36 | |
Guenther | |||||
2010-09-14 | param: Add prototype for lpcfg_private_dir(), used by openchange. | Jelmer Vernooij | 1 | -0/+1 | |
2010-09-13 | s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for ↵ | Matthias Dieter Wallnöfer | 4 | -12/+16 | |
LDAP filters This makes also lookups through special backends as "samba3sam" work. | |||||
2010-09-13 | s4:cosmetic - the SID attribute is called objectSid - not objectSID | Matthias Dieter Wallnöfer | 6 | -17/+17 | |
2010-09-13 | param: Only include param_proto.h for Samba builds, provide those | Jelmer Vernooij | 2 | -1/+7 | |
prototypes necessary for external users (OpenChange) manually. | |||||
2010-09-13 | Revert "s4:samldb LDB module - simplify the message handling on add and ↵ | Matthias Dieter Wallnöfer | 1 | -26/+33 | |
modify operations" This reverts commit 1d94bb3ad4d9c6de3b77ed4690a54ebf2399cc0d. This commit causes unconditional behaviour (sometimes it works, sometimes not) -sorry for introducing this. I will rework this further. | |||||
2010-09-12 | s4:samldb LDB module - remove a disastrous "talloc_free" | Matthias Dieter Wallnöfer | 1 | -2/+0 | |
This completely destroys the program logic (async callbacks). Sorry for introducing this. | |||||
2010-09-12 | Revert "s4:util_samr.c - also here we've now the default primaryGroupID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
detection working" This reverts commit 7e9e35db4126f953e8a2579d992c63b274011119. Sorry, the logic is working differently here. We do still need this. | |||||
2010-09-12 | s4:torture/rpc/samr.c - fix typos in outputs | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
2010-09-12 | s4:util_samr.c - also here we've now the default primaryGroupID detection ↵ | Matthias Dieter Wallnöfer | 1 | -4/+1 | |
working | |||||
2010-09-12 | s4:ldap.py - tests the primary group detection by the "userAccountControl" | Matthias Dieter Wallnöfer | 1 | -2/+47 | |
2010-09-12 | s4:setup/provision_self_join.ldif - now the samldb LDB module detects ↵ | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
automatically that this is a DC account | |||||
2010-09-12 | s4:samldb LDB module - "samldb_check_primaryGroupID" - support RID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
derivation from "userAccountControl" Specified in MS-SAMR 3.1.1.8.1 and probably fixes also bug #7441. | |||||
2010-09-12 | s4:samldb LDB module - free the "ac" context after the delete checks | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
2010-09-12 | s4:samldb LDB module - simplify the message handling on add and modify ↵ | Matthias Dieter Wallnöfer | 1 | -33/+28 | |
operations We perform always only one shallow copy operation of the message on the "req" context. This allows to free the "ac" context when we've prepared all our changes. | |||||
2010-09-12 | s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see ↵ | Matthias Dieter Wallnöfer | 1 | -41/+41 | |
that it is only in use by the delete operation add and modify helpers will stay on the top of the add and modify operation since they will likely be shared as much as possible. | |||||
2010-09-12 | s4:samldb LDB module - add a comment to mark the beginning of the extended ↵ | Matthias Dieter Wallnöfer | 1 | -0/+2 | |
operation handler | |||||
2010-09-12 | s4:samldb LDB module - refactor "samldb_find_for_defaultObjectCategory" to ↵ | Matthias Dieter Wallnöfer | 1 | -94/+22 | |
be again synchronous Also to make it easier to comprehend | |||||
2010-09-12 | s4:samldb LDB module - refactor the "primaryGroupID" check on user creation | Matthias Dieter Wallnöfer | 1 | -137/+39 | |
This looks more straight-forward now. | |||||
2010-09-12 | s4:samldb LDB module - get rid of the SID context variable | Matthias Dieter Wallnöfer | 1 | -20/+17 | |
Since we get more and more rid of async stuff we don't need this in the context anymore. | |||||
2010-09-12 | s4:samldb LDB module - use also here the real attribute denomination ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"sAMAccountName" Purely cosmetic - but nicer to read | |||||
2010-09-12 | s4:samldb LDB module - rename "check_SamAccountType" into "check_sAMAccountType" | Matthias Dieter Wallnöfer | 1 | -5/+4 | |
And a small cosmetic change. I like to have the real attribute names in the function denominations | |||||
2010-09-12 | s4:samldb LDB module - make "samldb_check_sAMAccountName" synchronous again | Matthias Dieter Wallnöfer | 1 | -71/+19 | |
To make it more understandable | |||||
2010-09-12 | s4:fsmo.py - fix an obvious typo | Matthias Dieter Wallnöfer | 1 | -1/+1 | |