| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
msDS-IntId attribute should be replicated, so it must be
implemented in a module that is before repl_meta_data module
(thanks abartlet for pointing this out).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
These tests server behavior when a client compounds both synchronous
and asynchronous requests.
|
|
|
|
After looking at the s4 side of the (s)channel :) I found out that it makes
more sense to simply make it use the tdb based code than redo the same changes
done to s3 to simplify the interface.
Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet
that does not solve the lookup speed, with ldb it is always going to be slower.
Looking through the history it is evident that the schannel database doesn't
really need greate expanadability. And lookups are always done with a single
Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated.
The schannel database is not really a persistent one. It can be discared during
an upgrade without causing any real issue. all it contains is temproary session
data.
|
|
Make the initial schannel check logic more understandable.
Make it easy to define different policies depending on the caller's
security requirements (Integrity/Privacy/Both/None)
This is the same change applied to s3
|
|
|
|
|
|
This allows a python script to query the internal network interface
lists from Samba
|
|
This periodically calls samba_dnsupdate to update our DNS entries if
needed
|
|
defaults to SBINDIR/samba_dnsupdate
This command will do periodic dynamic DNS updates using TSIG-GSS
|
|
|
|
|
|
Simo, I'm not really sure that those checks are valid. I read MS-NRPC section
3.5.4.1 about LOGONSRV_HANDLEs ("server_name" is of this type). There isn't
stated that the server name has necessarily to be in the DNS form and should
also be valid when it's NULL (if DCE server and client are the same - I don't
know if me make use of it in s4).
|
|
start implementing calls related to trusted domain information
|
|
|
|
|
|
Otherwise we get a "talloc_free with references" warning.
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
The comment for USER_INFO_INTERACTIVE_LOGON looks like a cut-n-paste from the line above.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
In addition I removed a "talloc_free(req)" since we never free elsewhere the
requests explicitly and do it only indirectly with freeing the "conn" object
when the testsuite terminates.
|
|
Actually return trust relationships by searching the appropriate
entries in the SAM database.
Add checks and return the correct flags, type and attributes.
|
|
|
|
|
|
For add requests we need the add request messages, for modify requests we need
the modify request messages.
|
|
Always better to rely on the standards rather than on custom results.
|
|
On production systems a user for sure strongly disagrees to use local IP
addresses (how should the server be accessible?). Therefore if the user didn't
specify an IP as provision option and in the "/etc/hosts" file we have at
least one not-local IP which resolves to our hostname use this or one of them.
Notice: if a host has more public IP addresses with the same name assigned the
behaviour is non-deterministic (well, okay - by the entries order it is). But
then the user is invited to specify the host IP manually.
This should address bug #5484.
|
|
|
|
|
|
Those replace the FRS ones.
|
|
remove trailing spaces, tabs and blank lines
|
|
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.
The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.
Andrew Bartlett
|
|
When searching for a trusted domain object to open, search also the DNS Name
attributes for a match. W2K8R2 uses the DNS domain if available.
|
|
|
|
stop this function from maiking my eyes bleed
|
|
This allows the interface version to be forwarded to the remote server
in the RPC proxy, both in the endpoint lookup and the subsequent bind.
Andrew Bartlett
|
|
Guenther
|
|
little more.
Guenther
|
|
This disables the size calculation comparison by default.
Guenther
|
|
RPC-SPOOLSS-PRINTER.
Guenther
|
|
|
|
By recording the association group the remote server assigned to our
proxied RPC connection, we can ensure we use the same value when the
client wishes to use it.
This isn't stored in a private pointer, as mapiproxy will want to use
this feature too.
Andrew Bartlett
|
|
Now we give the user a clue as to what may be wrong, and the file path
that we could not find the domain SID in.
Andrew Bartlett
|
|
cope with this. Jeremy"
This reverts commit 38c50c7027d2a2a9a3df060b74b2a2efce4d9e6f.
As tridge requested, we need this to work with older S3
servers, not just for smbtorture4.
Jeremy.
|
|
Not even w2k8r2 passes them atm.
Guenther
|
|
test_EnumPrinters_findname().
Also take a note of servers returning full UNC printer paths although we did not
set the servername.
Guenther
|
|
Guenther
|
