summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r12943: Generate a SID for the domain join account using the modules, ratherAndrew Bartlett3-4/+1
than a hardcoded SID. Fix the samldb module to return the what *was* the nextrid, rather than the new nextrid (that is for next time). Andrew Bartlett (This used to be commit ffe9042e15cebbc7ff1bac90ec39835753d6caa7)
2007-10-10r12942: this way is betterSimo Sorce1-2/+1
(This used to be commit 982576d2489c9ac3f7d854f598a64a8c4d91a485)
2007-10-10r12941: Add Attribute Scoped Search controlSimo Sorce5-1/+236
want to see what it does ? do aq make test and try: ./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*' have fun. simo. (This used to be commit 900f4fd3435aacc3351f30afb77d3488d2cb4804)
2007-10-10r12934: do somemore debugging of the received browse packets,Stefan Metzmacher1-2/+46
(so I may learn about the protocol, while watching the debug output) metze (This used to be commit 40d7033a1472e5f6b7760984b7d2b6b7db2db860)
2007-10-10r12933: fix parsing of browse packets based on the infos on ↵Stefan Metzmacher2-44/+75
http://ubiqx.org/cifs/Browsing.html metze (This used to be commit 811683e5561a70c8f97f325a8a786d4aac17a564)
2007-10-10r12932: export function prototypesStefan Metzmacher2-6/+26
metze (This used to be commit 8208a4abf0cacb9ee3496611f121c095b5d1bcca)
2007-10-10r12931: Remove some prefixes. We have:Andrew Bartlett1-2/+1
Login failed: Login Failed: Logon failure - please try again In SWAT currently... Andrew Bartlett (This used to be commit 51eded818093320e7d6b9e95ad11fa21a81c3f93)
2007-10-10r12930: Fix ADS join: I wasn't filling in the flag 'realm' variable any more.Andrew Bartlett1-3/+1
Andrew Bartlett (This used to be commit 5c5a2974c94ae6b929ada7aaa2cd12a15b7468b8)
2007-10-10r12929: Fix more implict global and shadowing variables.Andrew Bartlett1-5/+5
Andrew Bartlett (This used to be commit def31956181833db4c8e5079b745ca60fdf35136)
2007-10-10r12928: This patch improves the interaction between the vampire and provsion ↵Andrew Bartlett5-19/+62
code. Previously, we had to know (or guess) the host and domain guid at the provision stage. Now we query the database post-provision, to extract the values and fill in the zone file. This allows us to generate a correct zone file in the Windows migration case. In an effort to make SWAT easier to use, I have removed and renamed some of the provision options. I have also fixed a nasty issue in my js code. I had implictly declared a global variable of the name 'join', with disasterious results for any subsequent user of the string utility function: esp exception - ASSERT at lib/appweb/ejs/ejsParser.c:2064, 0 Backtrace: [ 0] substitute_var:20 -> list[i] = join("", list2) [ 1] setup_file:9 -> data = substitute_var(data, subobj) Andrew Bartlett (This used to be commit a38ceefd11f8b748f30383ef36a4752f178bfca1)
2007-10-10r12927: Fix typo.Andrew Bartlett1-1/+1
(This used to be commit 01e98966ca955e86ec46f8bce3892899e2717df9)
2007-10-10r12926: Syncronsise GUIDs on users and domains from the server. These alsoAndrew Bartlett5-67/+114
appear in DNS, so need to match. Andrew Bartlett (This used to be commit d092b0493d7c61112ef132c8fb259c15f189c5f6)
2007-10-10r12925: implement client side of ASQ controlSimo Sorce3-0/+153
(This used to be commit dd386bdc6ca6fe0b25705d5a375d29e6940b437f)
2007-10-10r12919: Ensure we never 'extend' the session key length, or fill in past theAndrew Bartlett1-1/+5
length of the (possibly null) pointer. In reality this should come to us either 16 or 0 bytes in length, but this is the safest test. This is bug 3401 in Samba3, thanks to Yau Lam Yiu <yiuext at cs.ust.hk> Andrew Bartlett (This used to be commit f3aa702944ed7086d93bf05075f910e7e4617d9c)
2007-10-10r12918: Don't tell the user the difference between 'no such user' and 'wrongAndrew Bartlett1-0/+5
password'. Andrew Bartlett (This used to be commit e13cb0ab175069eb670c8b2f57379ababacfcce3)
2007-10-10r12917: fix decoding of ldap controlsSimo Sorce3-2/+26
some more work on timeouts (This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)
2007-10-10r12911: try to fix bug #3365Stefan Metzmacher2-4/+12
metze (This used to be commit e70ca698cea901a66f7201c16bb3ba1faa7e7289)
2007-10-10r12910: fix bug #3069Stefan Metzmacher1-2/+5
metze (This used to be commit 1768a698a461bfb8aeaa8f28efaab4ad300823a2)
2007-10-10r12909: add an ldb module for the wins.ldb,Stefan Metzmacher7-6/+242
it currently doesn't do much, but it's later prevent adding corrupted records via ldbedit, and will take care of the versionID counter metze (This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
2007-10-10r12908: use '_' also for indication we want to ask for the localmaster browser,Stefan Metzmacher1-1/+1
as '-' make problems with popt metze (This used to be commit d300d56fb724642887c9b43058ef858298846288)
2007-10-10r12907: skip some tests for make quicktest in NBT-WINSREPLICATIONStefan Metzmacher1-0/+3
metze (This used to be commit b206c5e87c791ac8f2ecf5b7ef6b2622ad735f54)
2007-10-10r12906: return the correct nb_flagsStefan Metzmacher1-1/+8
metze (This used to be commit c52436108d1628feb50c9bf720ae30c4dc469b34)
2007-10-10r12905: add some ldap policiesSimo Sorce2-7/+132
not yet enforced except for the initial connection timeout (This used to be commit fa1ae9a44b0321b8e458bcb7fd1dcc9475b9bad3)
2007-10-10r12903: Factor out a new routine libnet_RpcConnectDCInfo, to both connect toAndrew Bartlett9-251/+440
the remote sever, and to query it for domain information. Provide and use this information in the SamSync/Vampire callbacks, to allow a parallel connection to LDAP, if we are talking to AD. This allows us to get at some important attributes not exposed in the old protocol. With this, we are able to do a all-GUI vampire of a AD domain from SWAT, including getting all the SIDs, servicePrincipalNames and the like correct. Andrew Bartlett (This used to be commit 918358cee0b4a1b2c9bc9e68d9d53428a634281e)
2007-10-10r12902: Fix 'make quicktest'.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit c2eca05074ee7af6e3ddffc25dac5a939bdd7e9a)
2007-10-10r12899: - fix warnings on AIXStefan Metzmacher2-1/+5
- fix compilation of auth/kerberos/krb5_init_context.c on AIX metze (This used to be commit 0e1ad08a8515056f4ed0923889bef04d85b84964)
2007-10-10r12898: prepare the 'wins hook' feature, but we only debug out a 'TODO: run ↵Stefan Metzmacher5-1/+65
script ...' metze (This used to be commit d28c8ce66db61cff193ac06e8e5d7d6aa5059e9e)
2007-10-10r12897: make it possible to use nosync transaction to speed things up,Stefan Metzmacher1-1/+6
(just for testing) metze (This used to be commit 677c1aa4663e9e5f0729a312152565a6740dbab2)
2007-10-10r12896: IRIX make will fallback to gmake with this,Stefan Metzmacher1-0/+1
as normal IRIX make doesn't support shell commands or functions in $(FOO) variables metze (This used to be commit de7b0b2dc9616c007916cce9d69051f76d4fd559)
2007-10-10r12895: Error strings save lives.Andrew Bartlett1-10/+16
err, they save time at least. The correct use of an error string in this case quickly pinpoited an overzealous check, and saved me hours of painful debugging. Andrew Bartlett (This used to be commit 26946c90e87a94453a5ad3e9e26ef19b36656237)
2007-10-10r12894: Add more detail to error messages.Andrew Bartlett1-4/+12
Andrew Bartlett (This used to be commit 31fd39f356c9bc40827b22c0cdb622044d896a85)
2007-10-10r12893: Filling in *error_string is critical for SWAT, as the errors otherwiseAndrew Bartlett1-182/+215
do not propogate back to the user, they just end up in the logfile. Andrew Bartlett (This used to be commit 7c9f8e524bf7f030c56ed42ee7e3a25563a34db4)
2007-10-10r12892: Add a 'Migrate from Windows' page to our installation section in SWAT.Andrew Bartlett9-51/+337
Doing this required reworking ejsnet, particularly so it could take a set of credentials, not just a username and password argument. This required fixing the ejsnet.js test script, which now adds and deletes a user, and is run from 'make test'. This should prevent it being broken again. Deleting a user from ejsnet required that the matching backend be added to libnet, hooking fortunetly onto already existing code for the actual deletion. The js credentials interface now handles the 'set machine account' flag. New functions have been added to provision.js to wrap the basic operations (so we can write a command line version, as well as the web based version). Andrew Bartlett (This used to be commit a5e7c17c348c45e61699cc1626a0d5eae2df4636)
2007-10-10r12891: We no longer manually set the 'name' attribute.Andrew Bartlett1-2/+1
Andrew Bartlett (This used to be commit 7b169aad3f94f1695b1f99cc91ff928cb2ca0389)
2007-10-10r12886: Rename 'secure_channel_type' parameter to domain join as 'join_type'.Andrew Bartlett3-8/+8
Andrew Bartlett (This used to be commit a3b3e09a9acc66dff7baf1a4ba0ea913bccdbd7d)
2007-10-10r12883: Fix the build...Andrew Bartlett1-3/+1
Andrew Bartlett (This used to be commit 8f7d14048fe29fd2c8b3e3c7aa73b4a854615016)
2007-10-10r12882: Allow the netbios name to be specified at all times.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit f4f4dcf217314980aa114d61a1546d2c18b55baa)
2007-10-10r12881: Hard-coded defaults are silly. We have smb.conf for a reason.Andrew Bartlett1-4/+1
Andrew Bartlett (This used to be commit c9402f9227a02ff0ee77f264f79ef47207ad50ef)
2007-10-10r12880: Remove ldap partitions useless now and probably weSimo Sorce6-785/+604
will not use it anyway as we plan to support partitions in ldb directly like with rootdse Merge ldap_simple_ldb into ldap_backend, it is not simple anymore and makes no sense to have it separated now that ldap partitions are gone Initial attempt at working to some limit to avoid DOSs for the ldap server. Simo. (This used to be commit 97bff3e049eba48019f2b0f3eb5a19e32fef2e23)
2007-10-10r12874: Try to give the startup a few more seconds, so that hosts withAndrew Bartlett1-0/+3
gnutls-devel installed do not miss the first test. Andrew Bartlett (This used to be commit 6e17864c5d2ffc6b4e532e693426574fc57741bf)
2007-10-10r12873: Fix valgrind-found uninitialised value.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 38e8a6477a112faa78e0791d20ce9bd2e68fd619)
2007-10-10r12872: Add some more detail to debug message.Andrew Bartlett1-3/+9
Andrew Bartlett (This used to be commit cefba10bd5ed1f6d10a071e4239088d91f661a36)
2007-10-10r12868: Remove unused code. This has moved to libcli/finddcs.c.Andrew Bartlett2-140/+0
Andrew Bartlett (This used to be commit a30a359c45c3dac4b910ec130b73cc01324b399a)
2007-10-10r12867: Remove deleted header.Andrew Bartlett1-1/+0
(This used to be commit a6833db4e6ab8046c8e7f808dfff90bb0529d2d7)
2007-10-10r12866: This removes the abstraction layer in winbindd intended to deal withAndrew Bartlett5-309/+165
multiple protocols, replacing it with the packet handling subsystem. We don't have multiple protocols at present, and the abstraction layer only serves to confuse matters. Also, the new packet subsystem removes the need to handle partial reads. We can easily add new protocols from the socket up instead, becaue the difficult bits are done by the packet layer. Andrew Bartlett (This used to be commit acf9dc8fe9e66f1dd3f18c0245375f502f03a24c)
2007-10-10r12865: Upgrade the librpc and libnet code.Andrew Bartlett19-247/+242
In librpc, always try SMB level authentication, even if trying schannel, but allow fallback to anonymous. This should better function with servers that set restrict anonymous. There are too many parts of Samba that get, parse and modify the binding parameters. Avoid the extra work, and add a binding element to the struct dcerpc_pipe The libnet vampire code has been refactored, to reduce extra layers and to better conform with the standard argument pattern. Also, take advantage of the new libnet_Lookup code, so we don't require the silly 'password server' smb.conf parameter. To better support forcing traffic to be sealed for the vampire operation, the dcerpc_bind_auth() function now takes an auth level parameter. Andrew Bartlett (This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
2007-10-10r12864: Fix valgrind errors in NET-API-LOOKUP* tests.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 21f87f87a9b79da4463bddc993df502beae50a16)
2007-10-10r12863: As lha suggested to me a while back, it appears that theAndrew Bartlett5-60/+9
gsskrb5_get_initiator_subkey() routine is bougs. We can indeed use gss_krb5_get_subkey(). This is fortunate, as there was a segfault bug in 'initiator' version. Andrew Bartlett (This used to be commit ec11870ca1f9231dd3eeae792fc3268b31477e11)
2007-10-10r12862: Need to trim spaces off the end of the node status reply.Andrew Bartlett1-1/+10
Andrew Bartlett (This used to be commit 3e90e7edfa7d343a6b6bf073b8f4d018e3b463d0)
2007-10-10r12861: Cope when we are not supplied the messaging context. This is justAndrew Bartlett2-6/+9
another case where we have to fallback to the node status request. Andrew Bartlett (This used to be commit 181064dbcf102de80937fc30b3d3ba5114194a72)