Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-12 | s4:samldb LDB module - "samldb_check_primaryGroupID" - support RID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
derivation from "userAccountControl" Specified in MS-SAMR 3.1.1.8.1 and probably fixes also bug #7441. | |||||
2010-09-12 | s4:samldb LDB module - free the "ac" context after the delete checks | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
2010-09-12 | s4:samldb LDB module - simplify the message handling on add and modify ↵ | Matthias Dieter Wallnöfer | 1 | -33/+28 | |
operations We perform always only one shallow copy operation of the message on the "req" context. This allows to free the "ac" context when we've prepared all our changes. | |||||
2010-09-12 | s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see ↵ | Matthias Dieter Wallnöfer | 1 | -41/+41 | |
that it is only in use by the delete operation add and modify helpers will stay on the top of the add and modify operation since they will likely be shared as much as possible. | |||||
2010-09-12 | s4:samldb LDB module - add a comment to mark the beginning of the extended ↵ | Matthias Dieter Wallnöfer | 1 | -0/+2 | |
operation handler | |||||
2010-09-12 | s4:samldb LDB module - refactor "samldb_find_for_defaultObjectCategory" to ↵ | Matthias Dieter Wallnöfer | 1 | -94/+22 | |
be again synchronous Also to make it easier to comprehend | |||||
2010-09-12 | s4:samldb LDB module - refactor the "primaryGroupID" check on user creation | Matthias Dieter Wallnöfer | 1 | -137/+39 | |
This looks more straight-forward now. | |||||
2010-09-12 | s4:samldb LDB module - get rid of the SID context variable | Matthias Dieter Wallnöfer | 1 | -20/+17 | |
Since we get more and more rid of async stuff we don't need this in the context anymore. | |||||
2010-09-12 | s4:samldb LDB module - use also here the real attribute denomination ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"sAMAccountName" Purely cosmetic - but nicer to read | |||||
2010-09-12 | s4:samldb LDB module - rename "check_SamAccountType" into "check_sAMAccountType" | Matthias Dieter Wallnöfer | 1 | -5/+4 | |
And a small cosmetic change. I like to have the real attribute names in the function denominations | |||||
2010-09-12 | s4:samldb LDB module - make "samldb_check_sAMAccountName" synchronous again | Matthias Dieter Wallnöfer | 1 | -71/+19 | |
To make it more understandable | |||||
2010-09-12 | s4:fsmo.py - fix an obvious typo | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-09-11 | ldb:tools/cmdline.c - reorganise imports | Matthias Dieter Wallnöfer | 1 | -6/+2 | |
2010-09-11 | s4:param/secrets.c - reorganise imports | Matthias Dieter Wallnöfer | 1 | -4/+0 | |
2010-09-11 | s4:rpc_server/common/common.h - introduce two forward declarations to ↵ | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
suppress parameter declaration warnings Always Tru64 in file "param/loadparm.c" and possibly others. | |||||
2010-09-11 | ldb:tools/cmdline.c - make a counter unsigned where appropriate | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-09-11 | s4:ldb_register_samba_handlers - fix up and convert result codes to LDB/LDAP ↵ | Matthias Dieter Wallnöfer | 6 | -12/+12 | |
results | |||||
2010-09-11 | s4:dcesrv_samr_GetGroupsForUser - also universal group memberships are ↵ | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
returned here Tested using User Manager for Domains against Windows Server 2008. MS-SAMR 3.1.5.9.1 is wrong in this case therefore I've informed the dochelp team. | |||||
2010-09-11 | s4-privs Fix enum privileges in LSARPC server | Andrew Bartlett | 1 | -1/+1 | |
We were returning the index, not the LUID value Andrew Bartlett | |||||
2010-09-11 | s4:gensec Put the "NTLM" string for NTLMSSP's SASL name in a header | Andrew Bartlett | 2 | -1/+3 | |
2010-09-11 | s4-param: removed the lp_ varients of the functions | Andrew Tridgell | 1 | -18/+9 | |
these made debugging much harder. We should replace these with generated macros | |||||
2010-09-11 | s4-param: move back to auto-generation of loadparm prototypes | Andrew Tridgell | 3 | -161/+7 | |
2010-09-11 | s4-credentials: get all attributes in cli_credentials_set_secrets() | Andrew Tridgell | 1 | -17/+1 | |
This ensures we get whenChanged, which is needed by the s3 winbind code to ensure we don't repeatedly try to change the password | |||||
2010-09-11 | libcli/security Use talloc_zero when making a struct security_token | Andrew Bartlett | 2 | -7/+1 | |
2010-09-11 | s4-privs Seperate rights and privileges | Andrew Bartlett | 2 | -39/+55 | |
These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett | |||||
2010-09-11 | s4-rpc_server Put all 'logon failure' messages at the same debug level 4 | Andrew Bartlett | 1 | -4/+6 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s4-lsa: privilege IDs should use the enum, not an int | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-11 | libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on ↵ | Andrew Bartlett | 1 | -1/+1 | |
failure This is clearer and more consistent than using a magic -1 return Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. | Andrew Bartlett | 2 | -6/+6 | |
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | libcli/security Move source4/ privileges code into the common libcli/security | Andrew Bartlett | 3 | -310/+2 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s4-privs Add a lookup by index of privilages | Andrew Bartlett | 2 | -3/+14 | |
Now that privileges are no longer given luid values sequentially, we need another way to look them up for enumeration. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | privs Add my Copyright | Andrew Bartlett | 1 | -0/+1 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s4-privs Remove link between enum sec_privilege and the privilege bitmap | Andrew Bartlett | 1 | -17/+69 | |
This allows us to set the enum sec_privilege constants to the LUID values that are seen from windows, which we need to match, in order to preserve the support for the NT Print Migrator tool after a merge with the source3/ privileges code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-10 | s4/pvfs: use monotonic time for this timeout | Björn Jacke | 2 | -4/+4 | |
2010-09-10 | s4/ldap: use time_mono for reconnect timeout | Björn Jacke | 1 | -2/+2 | |
2010-09-10 | s4/torture: use time_mono for timeouts | Björn Jacke | 1 | -2/+2 | |
2010-09-10 | s4/torture: use time_mono for delta time | Björn Jacke | 1 | -2/+2 | |
2010-09-10 | s4:client/client.c - fix wrong return codes in "do_connect" | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
Detected by the Solaris cc compiler. | |||||
2010-09-10 | s4:lib/policy/gp_filesys.c - remove dead code | Matthias Dieter Wallnöfer | 1 | -2/+0 | |
Found out by Solaris cc | |||||
2010-09-10 | s4:torture/locktest.c - add a cast in order to quiet a warning on Solaris cc | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-09-10 | s4:libcli/wrepl/winsrepl.c - add more "char *" casts in order to suppress ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Solaris warnings | |||||
2010-09-10 | s4:torture/ntp/ntp_signd.c - add more "char *" casts in order to suppress ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
Solaris warnings | |||||
2010-09-10 | s4:torture/rpc/winreg.c - hopefully this attempt fixes Solaris "cc" on the ↵ | Matthias Dieter Wallnöfer | 1 | -27/+10 | |
buildfarm The Solaris "cc" incompatiblity on this codepart seems to be harder to fix than it looks like. | |||||
2010-09-10 | s4:getncchanges_change_master - also in this call "i" needs to be unsigned | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-09-10 | s4-errormap: map ERRSRV/ERRbaduid to NT_STATUS_USER_SESSION_DELETED | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2010-09-10 | s4:provision: remember the setup directory if it wasn't the default | Stefan Metzmacher | 4 | -0/+11 | |
This fixes make test without a make install. metze | |||||
2010-09-10 | s4/fsmo: Change return type from NTSTATUS to WERROR for drepl_takeFSMOrole | Anatoliy Atanasov | 3 | -4/+5 | |
This removed an unnecessary conversion of the return type in drepl_take_FSMO_role. | |||||
2010-09-10 | s4/fsmo: Fix callback declaration | Anatoliy Atanasov | 1 | -1/+2 | |
2010-09-10 | s4-drs: return DRSUAPI_EXOP_ERR_SUCCESS in extended_ret | Kamen Mazdrashki | 1 | -0/+1 | |
in case we are handling extended operation. It seems that windows accept both DRSUAPI_EXOP_ERR_SUCCESS and DRSUAPI_EXOP_ERR_NONE, but Samba is a little bit more picky on this. | |||||
2010-09-10 | s4-drs: Hanlde extended operations only once | Kamen Mazdrashki | 1 | -40/+45 | |
Most of extended operations I know of work like: 1. do extended operation 2. collect a set of objects to return and start replication cycle 3. continue returning object as we have no more to give This way we ensure we are doing 1. only once |