summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4050: make sure we add objectClass and sAMAccountNameAndrew Tridgell1-7/+6
(This used to be commit 57d0079bb91b8edc625027e1f28203794e018afc)
2007-10-10r4049: a simple perl script to add a new user to Samba4 ldbAndrew Tridgell1-0/+146
(This used to be commit 76f2ae32040fe494e703abb54dd7ad09d7110408)
2007-10-10r4046: add more servicePrincipalName's for the dc accountStefan Metzmacher1-0/+5
metze (This used to be commit 659a0b26e2fa466169078bab6dd4af1e5fffb48b)
2007-10-10r4045: readd krb5 support defaulted to disableStefan Metzmacher8-5/+22
use: gensec:krb5=yes gensec:ms_krb5=yes to enable it or -k on the client tools on the command line metze (This used to be commit 0ae5794cf44933d2554e0356baaca24c7a784f71)
2007-10-10r4044: only send supportedMech when we also send other dataStefan Metzmacher1-5/+8
metze (This used to be commit 1e0483a8482574fa0f8d7ad31cc4bf4a6155ec52)
2007-10-10r4042: fix segfault on server schannel connectionsStefan Metzmacher1-1/+4
metze (This used to be commit 57bd26f9c528687ca2ca9bbaa56f7f36efd2231f)
2007-10-10r4041: fix cut-n-paste typoStefan Metzmacher1-1/+1
metze (This used to be commit 54398aa889b5954c7c387b252dd1a9173eac36f0)
2007-10-10r4040: sorry today is not my day...Stefan Metzmacher1-2/+2
uint32 != uint8_t ... metze (This used to be commit a8a3b8ee341fda041383df225ea2b7f9b589fc04)
2007-10-10r4039: added a test for an element > 128 bytes in length, to ensure we testAndrew Tridgell1-0/+3
for sign extending errors in element length (This used to be commit 07378fca6c12ffffcd3fe5e91f4d70ef838a45d5)
2007-10-10r4038: fix sign/unsign bug I introduced in -r 4022Stefan Metzmacher1-2/+2
this caused new ldb record to be corrupt if the length was > 12b byte thanks tridge for finding this metze (This used to be commit 6998c37b473d8efeb2ed5285f10f469a29ad787a)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell22-48/+50
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
2007-10-10r4036: expanded the RAW-ACLS torture test to include tests for theAndrew Tridgell1-2/+427
generic->specific access mask mappings, and tests of the behaviour of SID_CREATOR_OWNER and SEC_FLAG_MAXIMUM_ALLOWED (This used to be commit f572fe6d29d5a318b24d71a2ebfa2baca2b79a10)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell32-104/+116
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r4034: add a function security_descriptor_create() which can be used toAndrew Tridgell1-0/+79
easily create complex security descriptors for testing. This greatly simplifies the smbtorture code I am writing for testing our new access_check code. (This used to be commit 891a8bc16af3c6ce5800e793ce4ec8b0078e444f)
2007-10-10r4033: removed a pointless commentAndrew Tridgell1-1/+1
(This used to be commit 1f3f9f829444cb889c6782c4fe52773fd6867b55)
2007-10-10r4027: add a useful function for debuggingStefan Metzmacher1-0/+18
metze (This used to be commit 41b1ba53fc201b7b9f9d806dccef6258b2a1d157)
2007-10-10r4026: added NT ACL checking on pvfs_open() for existing files. I need toAndrew Tridgell2-16/+90
work out some way to do a decent test suite for this. (This used to be commit 9a9a0d0e791e4b64f0a35c921729e623b977af47)
2007-10-10r4025: added a sec_access_check() function for checking security descriptorsAndrew Tridgell3-39/+163
against a users security token and access_mask (This used to be commit c4d21cd4b1ccffd5aaa70a551c57f6eab1ca9c6d)
2007-10-10r4022: fix compiler warningsStefan Metzmacher4-6/+7
metze (This used to be commit 79d0eb2f677f9e985ba476a9680f68537d41be6f)
2007-10-10r4015: correct copyright attributionsAndrew Tridgell1-3/+2
(This used to be commit 078d9ab05bffc79e4f329ea18fe3dafd144d989c)
2007-10-10r4014: removed unused MacExtension.h headerAndrew Tridgell1-246/+0
(This used to be commit 5ffffdd79f23c461e30bc91e983b12939f063d2d)
2007-10-10r4013: got rid of a bunch of unused or unmaintained codeAndrew Tridgell12-2676/+80
- removed the clitar code. It is unmaintained, and a horribly badly done hack - removed client.h as it contained mostly unused definitions - removed the unused clidfs.c code (This used to be commit 31a7bddbb3815b4d625e993dbce4805dae1c18f8)
2007-10-10r4012: split out the lsa lookup single name logic into a separate functionAndrew Tridgell1-24/+34
(This used to be commit 44d97619623830cc24905a5f4df941d45ebd41c3)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell41-646/+450
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r4010: fixed parsing of null attributes in the ldb ldif parserAndrew Tridgell2-2/+7
(This used to be commit b4fd76f78eadd8648ceed508766235e80702aa8f)
2007-10-10r4003: run successful against a nt4 sp6 pdc with one nt4 sp6 trust and a ↵Stefan Metzmacher2-10/+23
w2k3 trust metze (This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
2007-10-10r4002: NT 4.0 sp6a can't do schannel 128Stefan Metzmacher1-2/+2
metze (This used to be commit c04a77ed6945db0292434fb5461a884708a9ebf2)
2007-10-10r4001: fix segfault fix auth failedStefan Metzmacher2-0/+4
metze (This used to be commit 6a7eee1d9917e0884072354dddae568645798da5)
2007-10-10r4000: DATA_BLOB.data is uint8_t * not void * :-)Stefan Metzmacher5-5/+5
(thanks abartlet for telling me) metze (This used to be commit 2783bf393f6310f9d827538329d619dad5b02dd0)
2007-10-10r3999: - reply with the same DsBindInfo blob as w2k3 in the server functionStefan Metzmacher2-6/+54
- add idl for drsuapi_DsReplicaSync() not yet complete - just return WERR_OK for the drsuapi_DsReplicaSync() server function metze (This used to be commit e896925ac0b58bd48b5b9cc2d675682409d09ae1)
2007-10-10r3998: allow const arrays (see next commit to drsuapi.idl)Stefan Metzmacher3-469/+626
metze (This used to be commit 7264a2227d7a1881db01964d0d713c144eb77152)
2007-10-10r3997: fix STR_CHARLEN pull caseStefan Metzmacher1-21/+25
metze (This used to be commit 623411f74ee766dee2170949b118216387779929)
2007-10-10r3996: add some commentsStefan Metzmacher1-5/+5
metze (This used to be commit 87a92d3d5c7c2ab0bc07a9fb101022b3db1d637b)
2007-10-10r3995: improved the default ACL mapping from unix permsAndrew Tridgell1-7/+11
(This used to be commit 01e89697fe837ee76fedda149e1e2b389a7d3889)
2007-10-10r3994: - removed the unused reference count code in lsa serverAndrew Tridgell1-37/+39
- fixed the sid_index field in lsa LookupSids and LookupNames (This used to be commit 677f701e71609d82376b1ea2fa9ebc3521896671)
2007-10-10r3993: use distinctive fnums in the ipc backend, to make monitoring sniffs ↵Andrew Tridgell1-1/+3
easier (This used to be commit 54209ed05686a442156f7927c58d8656aa5e4900)
2007-10-10r3992: provide hooks for lsa to lookup sids allocated using the linear ↵Andrew Tridgell2-17/+104
id->sid mapping (This used to be commit e61140510905b6bbe57ad35dad8e4dd68d1f6bd8)
2007-10-10r3991: for uid->sid and gid->sid to be efficient we need to index on unixIDAndrew Tridgell1-0/+2
and unixName in samdb. (This used to be commit 5c966821e2eced9a1b34a5274cc317eab1a44eaf)
2007-10-10r3990: take advantage of the uid->sid and gid->sid code to create a muchAndrew Tridgell3-14/+97
better default NT ACL in pvfs (This used to be commit 9ff6ecbdb6c08528193f7958d7ea7d9a8df6defd)
2007-10-10r3989: added a linear algorithmic mapping for uid->sid and gid->sid withinAndrew Tridgell1-21/+351
our local domain. Note that this linear mapping does not suffer from the "foreign sid" problems of the linear mappings we have previously rejected for the sid->uid problem. the mapping allows for 1 billion automatically allocated users or groups for the local domain. (This used to be commit 8f573439753e2a425305936107442c85cffb9369)
2007-10-10r3988: made dom_sid_add_rid() allocate the new sid with proper parent/child ↵Andrew Tridgell1-3/+5
talloc relationship (This used to be commit 5db0eb1fe3abb5150bef27bfed4b7da723e4a287)
2007-10-10r3984: success full parse the repsFrom/repsTo LDAP fieldsStefan Metzmacher2-28/+36
metze (This used to be commit 56c66f4a090b1efca011fc2fc9880c4d93da164c)
2007-10-10r3983: posix:fakeoplocks should default to False, not True !Andrew Tridgell1-1/+1
(This used to be commit 052d91c59f177851b5e0e53c8a033bdd28702f64)
2007-10-10r3982: split out the sid -> uid/gid mapping routines into a ntvfs_sidmapAndrew Tridgell5-160/+237
subsystem. This is in preparation for adding better default ACL generation in pvfs, which will require uid/gid -> sid mapping. (This used to be commit b31108e49247495d98cf7c12ee303b12a9e44e92)
2007-10-10r3981: Use correct access-mask when querying aliases.Günther Deschner1-2/+2
Guenther (This used to be commit 5dde59be0995b9893ef476b06c259776c1115ae7)
2007-10-10r3980: added server side support for lsa_LookupNames() and lsa_LookupNames2()Andrew Tridgell1-36/+179
(This used to be commit da12780bd98e566af13fe97ce5e84fe829a0fbd5)
2007-10-10r3979: added server side code for lsa_LookupSids2() and fixed authority_nameAndrew Tridgell2-33/+136
return code to include our own domain. editing of ACLs via the w2k3 GUI works nicely (and faster) with these changes (This used to be commit a3f7f34b3965ddbd89b06334e03d2e1bb6aa364b)
2007-10-10r3978: added IDL and test code for lsa_LookupSids2() and lsa_LookupNames2()Andrew Tridgell2-2/+140
(This used to be commit 9da455ed56ebc167f295b231c2730e3ff9c94617)
2007-10-10r3977: fixed the lmPwdHash change in the rpc server (we were not fetching theAndrew Tridgell2-3/+3
lm hash from the samdb, and thus not checking the verifier) fixed the client side to calculate the lm verifier based on the nt hash, not the lm hash (confirmed using w2k3) (This used to be commit 27e7fb3bafe4649359e2e68169b6f10fd4d2cc70)
2007-10-10r3976: changed NBENCH to use the same recording method as the latest dbench,Andrew Tridgell3-68/+91
where the warmup phase continues until all clients have done some file IO. This gives more repeatable results when under high load (This used to be commit aca0658f6dfe8b7c90afcac87e8cc68965a4288d)