summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-07-31s4: Correct renamed constantsMatthias Dieter Wallnöfer2-6/+6
2009-07-31s4: Adds a small test for the new enhanced error messages from the AD LDAP ↵Matthias Dieter Wallnöfer1-4/+183
server
2009-07-31s4: Enhances the LDAP server to display error messages like Windows ServerMatthias Dieter Wallnöfer1-27/+178
Those error messages also include the WERROR code of the failed operation(s) in this manner: <error code eight chars in HEX>: <further error message> This also addresses bug #4949
2009-07-31Adds new error codes (needed for enhancing error messages for SAMBA 4 AD ↵Matthias Dieter Wallnöfer1-1/+1
LDAP server)
2009-07-31s4:libcli/ldap: the tls code steals the original socket on its own nowStefan Metzmacher1-3/+0
metze
2009-07-31s4:ldap_server: the tls code steals the original socket on its own nowStefan Metzmacher2-2/+2
metze
2009-07-31s4:tls: avoid using talloc_reference() in tls_init_client()Stefan Metzmacher1-6/+2
metze
2009-07-31s4:tls: avoid using talloc_reference() in tls_init_server()Stefan Metzmacher1-8/+1
metze
2009-07-31s4:libnet: use talloc_strdup() instead of talloc_reference()Stefan Metzmacher2-2/+2
metze
2009-07-31s4:build: make sure that we regenerate proto headers when source files changeStefan Metzmacher1-0/+2
metze
2009-07-31s4:auth: make sure we have elements returned at all in ↵Stefan Metzmacher1-0/+6
authsam_expand_nested_groups() metze
2009-07-31s4: Patch to implement nested group and privilegesMatthias Dieter Wallnöfer1-34/+100
This patch adds a function "authsam_expand_nested_groups" (calculation of rights through expanding groups of a certain SID) which basically collects all memberships through "memberOf" attributes. It works with either user or group SIDs. For avoiding loops it tests on each call if the SID hasn't been added yet (through the helper function "sids_contains_sid"). The function itself is called by "authsam_make_server_info".
2009-07-31winsif.idl: add definition of winsif_WinsDoScanvengingNew()Stefan Metzmacher1-1/+14
metze
2009-07-31winsif.idl: add definition of winsif_WinsStatusWHdl()Stefan Metzmacher1-1/+5
metze
2009-07-31winsif.idl: add definition of winsif_WinsStatusNew()Stefan Metzmacher1-1/+17
metze
2009-07-31winsif.idl: add definition of winsif_WinsGetDbRecsByName()Stefan Metzmacher1-2/+9
metze
2009-07-31winsif.idl: add definition of winsif_WinsGetBrowserNames()Stefan Metzmacher1-1/+10
metze
2009-07-31winsif.idl: add definition of winsif_WinsSetFlags()Stefan Metzmacher1-1/+3
metze
2009-07-31winsif.idl: add definition of winsif_WinsDeleteWins()Stefan Metzmacher1-1/+3
metze
2009-07-31winsif.idl: add definition of winsif_WinsGetBrowserNames_Old()Stefan Metzmacher1-1/+13
metze
2009-07-31winsif.idl: add definition of winsif_WinsGetNameAndAdd()Stefan Metzmacher1-1/+9
metze
2009-07-31winsif.idl: add definition of winsif_WinsWorkerThreadUpdate()Stefan Metzmacher1-1/+3
metze
2009-07-31winsif.idl: add definition of winsif_WinsResetCounters()Stefan Metzmacher1-1/+1
metze
2009-07-31winsif.idl: add definition of winsif_WinsSetPriorityClass()Stefan Metzmacher1-1/+3
metze
2009-07-31winsif.idl: add definition of winsif_WinsPullRange()Stefan Metzmacher1-1/+6
metze
2009-07-31winsif.idl: add definition of winsif_WinsDelDbRecs()Stefan Metzmacher1-1/+5
metze
2009-07-31winsif.idl: add definition of winsif_WinsBackup()Stefan Metzmacher1-1/+4
metze
2009-07-31winsif.idl: add definition of winsif_WinsTerm()Stefan Metzmacher1-1/+3
metze
2009-07-31winsif.idl: add definition of winsif_WinsGetDbRecs()Stefan Metzmacher1-1/+13
metze
2009-07-31winsif.idl: add definition of winsif_WinsDoScavenging()Stefan Metzmacher1-1/+1
metze
2009-07-31winsif.idl: add definition of winsif_WinsDoStaticInit()Stefan Metzmacher1-1/+4
metze
2009-07-31winsif.idl: add definition of winsif_WinsTrigger()Stefan Metzmacher1-1/+10
metze
2009-07-31winsif.idl: add definition of winsif_WinsStatus()Stefan Metzmacher1-1/+76
metze
2009-07-31winsif.idl: add definition of WinsRecordAction()Stefan Metzmacher1-1/+53
metze
2009-07-31winsif.idl: add missing function callsStefan Metzmacher1-1/+74
metze
2009-07-31s4:librpc: rename wins.idl => winsif.idlStefan Metzmacher2-8/+8
metze
2009-07-30python: Cope with the dom_sid2 alias in pidl's python generating code.Jelmer Vernooij1-2/+2
This fixes some problems in the samr Python bindings that pidl was (correctly) warning about.
2009-07-30DCE/RPC(Python): Rename py_talloc_import to py_talloc_steal.Jelmer Vernooij3-12/+12
Use py_talloc_reference in DCE/RPC code, fixes access to SAMR pipe.
2009-07-30Remove RFC's from the release tarballs to make the lives of the DebianJelmer Vernooij1-0/+3
maintainers of Samba4 a bit easier.
2009-07-29s4:provision We no longer add krbtgt or kpasswd account into secrets.ldbAndrew Bartlett1-1/+1
2009-07-28s4:gensec/spnego: only generate the mechListMic when the server expects itStefan Metzmacher1-1/+2
This fixes the ntvfs.cifs tests. metze
2009-07-28Fix compile of py_net.cAndrew Bartlett1-1/+3
2009-07-28s4:libnet Add in a 'credentials' parameter for python libnet_JoinAndrew Bartlett1-7/+20
2009-07-28s4:tls Enable GnuTLS back to version 1.4 (an into the future)Andrew Bartlett1-1/+1
We think we have the bug fixed. Andrew Bartlett
2009-07-28s4:kerberos Add support for user principal names in certificatesAndrew Bartlett6-34/+123
This extends the PKINIT code in Heimdal to ask the HDB layer if the User Principal Name name in the certificate is an alias (perhaps just by case change) of the name given in the AS-REQ. (This was a TODO in the Heimdal KDC) The testsuite is extended to test this behaviour, and the other PKINIT certficate (using the standard method to specify a principal name in a certificate) is updated to use a Administrator (not administrator). (This fixes the kinit test). Andrew Bartlett
2009-07-28s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett15-38/+418
It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
2009-07-27Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"Stefan Metzmacher10-361/+8
This reverts commit a40ce5d0d9d06f592a8885162bbaf644006b9f0f. This breaks the build... Andrew, please repush it, when it's fixed:-) metze
2009-07-27s4:kerberos Add test to show that we actually export the keytabAndrew Bartlett1-0/+1
While it is hard to prove it is correct, at least the new 'nettestuser' principal and the Administrator principal are correct. We had to fix the case of 'Administrator' in the selftest code to match the DB, as the keytab lookup is case sensitive. Andrew Bartlett
2009-07-27s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett10-8/+361
It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
2009-07-27s4:kdc Push context to hdb_samba4 by way of the 'name' of the DBAndrew Bartlett6-29/+39
This overloads the 'name' part of the keytab name to supply a context pointer, and so avoids 3 global variables! To do this, we had to stop putting the entry for kpasswd into the secrets.ldb. (I don't consider this a big loss, and any entry left there by an upgrade will be harmless). Andrew Bartlett