summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2008-09-08BASE-DELAYWRITE: test more details of the truncate write time update behaviorStefan Metzmacher1-4/+371
metze (This used to be commit 39367ef15fabbb52cd2c05be7ca59b25dc4aff71)
2008-09-08Make it clear that the MMR password can differ from the admin passswordAndrew Bartlett2-7/+9
In the future, we might simply randomly generate this, or allow the admin to specify it seperate to the admin password. However, both are highly sensitive, as they imply read access to the krbtgt. Andrew Bartlett (This used to be commit 57d19ad002c523fb9a09694e6710ab7f588d44ec)
2008-09-08Use DIGEST-MD5 authentication for OpenLDAP replicationOliver Liebel4-6/+31
This avoids passing rootdn passwords or replicated data in cleartext across the network. Signed-of-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 67373c143a1d8a9f310fd116dbf81c1dd123b75f)
2008-09-08Add definition for SYSTEM_FLAG_ATTR_IS_RDNAndrew Bartlett1-0/+1
(This used to be commit 36f727c4a73ffc8634692b0c5645343cb414de93)
2008-09-08Move blackbox.smbclient to test against the member server.Andrew Bartlett3-7/+41
The DC is now using smb signing, so testing for the old SMB versions won't work. Add a new test script to check 'net join' independent of blackbox.smbclient. Andrew Bartlett (This used to be commit 44ff392ffea52e89a3ac096a6d381ae540d3473c)
2008-09-08Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into ↵Andrew Bartlett19-166/+923
trusted-domains (This used to be commit a057c3ed9df2670e5cad5f1807e280d77eb58cb0)
2008-09-08Simplfy SetSecrets behaviour in line with RPC-LSA and Win2008.Andrew Bartlett1-51/+64
(This used to be commit 07cb8db799cc22685af4bb63285fa10115790ce1)
2008-09-08Try to implement the right logic for systemFlagsAndrew Bartlett1-0/+37
The MS-ADTS document has quite detailed instrucitons on how these flags should be processed. This change also causes the correct sign-wrapping to occour, as these are declared as signed integers. Andrew Bartlett (This used to be commit 5c3d237a6d721dc75166bdc5ac0c6e76a4495bf7)
2008-09-08Don't expose passwords, even to the administrator.Andrew Bartlett1-1/+14
This ensures they don't leak over LDAP, but does not prevent access, as ldbsearch locally still bypasses these controls. Andrew Bartlett (This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
2008-09-08More work towards trusted domains support in Samba4's LSAAndrew Bartlett3-54/+327
Make 'lsar_CreateTrustedDomain' consistant with lsar_CreateTrustedDomainEx{,2} by renaming handle -> policy_handle Implement LSA server logic to create the cn=users trust account for incoming trusts. Andrew Bartlett (This used to be commit d87b655e20b7c38756774cec2e5898af38c46786)
2008-09-07ndr_compression: add XPRESS compression supportStefan Metzmacher1-1/+49
metze (This used to be commit 1432a96d37e367d9d97d48b69c6f16351a9ad066)
2008-09-07lzxpress: Import of lzxpress compressionMatthieu Suiche2-0/+179
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit fd84c5a08f7e8d6402e5f68eede546eb092d22aa)
2008-09-07ndr_compression: fix the build after lzxpress_decompress() prototype changeStefan Metzmacher1-1/+11
metze (This used to be commit b36056aac3f55587d2b3e7b66feea8173dbc67f0)
2008-09-07lzxpress: fix for decompression...Matthieu Suiche2-21/+17
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit ee505df3742dac0af8eec8b9b27d1e1f5ef54ca9)
2008-09-06Always free tmp contexts before returningSimo Sorce1-0/+1
(This used to be commit 40b71bbd718f6dee70c0611e527f55c56623dea6)
2008-09-06zlib: we require zlib-1.2.3 or higherStefan Metzmacher1-3/+18
metze (This used to be commit 3f4eb091f0dcc53acbfdc63a8d82a5a0f28954a6)
2008-09-06Revert "zlib: add inflateReset2()..."Stefan Metzmacher3-28/+3
This reverts commit 2a4fb661d7e3d601a5eb9ccecb4d4f2b07073097. (we don't need inflateReset2 anymore) metze (This used to be commit ac43081b93966b545928230f7af8654b942432da)
2008-09-06Revert "zlib: we don't need the inflateReset2 prototype twice"Stefan Metzmacher1-0/+2
This reverts commit 0dbbc287f65a51330c5309df5a96b3acd4d044d5. (we don't need inflateReset2 anymore) metze (This used to be commit 426d129dfff1e2d3750884abb68089ff1850e640)
2008-09-06ndr_compression: change debug levelsStefan Metzmacher1-6/+6
metze (This used to be commit 83446e22dd1eda958ef62bbe998da0a47b9ff8ef)
2008-09-06ndr_compression: use deflateReset() together with defalteSetDictionary()Stefan Metzmacher1-8/+17
metze (This used to be commit dcc57512b030995d9b186c7a6cb3b304d5680867)
2008-09-06ndr_compression: use inflateReset() and inflateSetDictionary() instead of ↵Stefan Metzmacher1-7/+14
inflateReset2() Now we can use an unmodified system zlib-1.2.3 metze (This used to be commit d68e36b485239cbaf99a6dce3f3bf52b4abcd06d)
2008-09-05Don't compare identity, it'll never be different.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 840369b5534eee21818b9d3677404b0fc60a0219)
2008-09-06Remove <tab> in OpenLDAP MMR configOliver Liebel1-1/+0
Signed-of-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 80f31c3272b8bc803629c27357033fd325529db1)
2008-09-06Make SMB signing work with Windows 2008 and kerberos.Andrew Bartlett1-4/+1
Pinched from b53e6387e30010509034835acf88b91b380ff44a by metze. Andrew Bartlett (This used to be commit d55602e23e7947462cb402b20b2d354b96aa7ba3)
2008-09-05Added tests that show that write time update is immediateJeremy Allison1-1/+347
when changing file size using SMBwrite of size zero, SET_END_OF_FILE, or SET_ALLOCATION_SIZE - no 2 second delay in these cases. Jeremy. (This used to be commit 3aa7523d7750fe30d1e6bb5a75ac42b681b9e493)
2008-09-05Add a new error codeAndrew Bartlett2-0/+2
(This used to be commit b52fba5b2c63a24acbfc7e3e989c16b691d98162)
2008-09-05Update copyrightAndrew Bartlett1-1/+1
(This used to be commit edea162a0e11f03b4b6069388abbca099f097386)
2008-09-05Update copyright, I've been working here many long years...Andrew Bartlett1-1/+1
(This used to be commit 842ab594124198453fc88f46ab83b712a7d34dc1)
2008-09-05Move our DC to implement mandetory signing.Andrew Bartlett2-4/+10
(this does not change the file server role, and only really changes what 'server signing = auto' means) Optional signing really isn't any benifit to network security. In doing so, allow anonymous clients (if permitted by policy) to log in without signing, as Samba3 does not sign these connections (which would use an all-zero key, so pointless). Andrew Bartlett (This used to be commit 468bf839c500ed1a26ab9a358ee64a4c0a695797)
2008-09-05With a windows 2008 client, even anonymous requires signing...Andrew Bartlett1-6/+0
Andrew Bartlett (This used to be commit a89f9818180e8fb868975c444c4d0e5aaa8d4e79)
2008-09-04More work to implement LSA CreateTrustedDomainEx2Andrew Bartlett3-11/+63
We still don't get the format inside the encrypted blob correct however. Andrew Bartlett (This used to be commit 99a3abda09716c064b3e9a37c4a79a8f62444eca)
2008-09-04Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell16-95/+474
(This used to be commit c273d63f94c430a4f553085efb0d6e31a99e5853)
2008-09-04Merge commit 'origin/v4-0-test' into trusted-domainsAndrew Bartlett9-63/+62
(This used to be commit b599b83a13db90b50a5422ff73daa63648b1e8cd)
2008-09-03Regenerate SWIG file.Jelmer Vernooij3-12/+32
(This used to be commit e8ba65c4db986fcedf7008d05d8f8846f78a98f1)
2008-09-03Avoid using version call for version string.Jelmer Vernooij3-33/+4
(This used to be commit 1897cef508c8bea817c510bd9023d794cb983864)
2008-09-03Allow overriding shared library policy using environment variable.Jelmer Vernooij1-2/+4
(This used to be commit d5c61f470d7aa6dd0e5a22e8718d53a69cbbc239)
2008-09-03Fix embedding of Samba 4.Jelmer Vernooij3-17/+23
(This used to be commit 3862f3132549332e0a44fad65d7c49a27e1dbd4a)
2008-09-03Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett8-42/+428
(This used to be commit 9590805bcbdd1924eda5a69978ffac7ec7603451)
2008-09-03Implement NETLOGON PAC verfication on the server-sideAndrew Bartlett6-38/+164
This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
2008-09-03Merge krb5_cksumtype_to_enctype from Heimdal svn -r 23719Andrew Bartlett1-32/+70
(This used to be commit cc1df3c002e6af25add3c8ae20e7efc2ab6f2fa8)
2008-09-03Test a few more error cases in RPC-PACAndrew Bartlett1-2/+179
(This used to be commit 50502b3b8faf89cf5ad396102f4fe80eaa213908)
2008-09-02Start testing CreateTrustedDomainEx2Andrew Bartlett1-1/+108
Andrew Bartlett (This used to be commit 91ae8dca254aa8c032daf0c87fa2a47760d32586)
2008-09-02Share IDL between the LSA and drsblob representations of trustsAndrew Bartlett2-41/+51
(This used to be commit e5520706c88911c66b3ce5817e371900212ca083)
2008-09-01Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.Andrew Bartlett2-3/+24
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
2008-08-30Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell540-38311/+51243
(This used to be commit f008c3b6ee324056fd9b63f6151ad6849640c959)
2008-08-30Add a setexpiry operation in samdb.pyAndrew Tridgell9-102/+233
This makes it easy to set the expiry (or no expiry) for a samdb user (This used to be commit 25171f18a4b242b5a731f4ac1eefc51cc82efd74)
2008-08-30added a simple script for setting password expiryAndrew Tridgell1-0/+44
(This used to be commit cf37126ac7b833a3a739b151157c296afc0c979c)
2008-08-29Start implementing the server-sde NETLOGON PAC verification.Andrew Bartlett1-1/+46
(This used to be commit 8741e8fee619cccd84f2f10e00426df1d4f34074)
2008-08-29It turns out that the Netlogon PAC verification is encrypted.Andrew Bartlett3-3/+12
This test now passes against Win2k3, and a implementation in the Samba4 server should follow shortly. Andrew Bartlett (This used to be commit c6b8ba893dd3ed90bca32c0ae89fd33be729c238)
2008-08-28Further rework the RPC-PAC test.Andrew Bartlett2-35/+16
This would seem to match the documentation requirements for the PAC verfication over NETLOGON, but I can't get Win2k3 to accept it so far. Andrew Bartlett (This used to be commit acfa87f3411a61bdd9066fbbba2bcfbe2a60cbbe)