summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2010-02-25s4:cldap_server - make it "signed-safe"Matthias Dieter Wallnöfer2-2/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:torture/ldap/basic.c - add a basic test for referral returnMatthias Dieter Wallnöfer1-3/+219
I implemented this referral test in C since the LDB python API isn't capable to extract referrals from search result sets (there the result sets are simple lists which contain only the matching entries). First I enhanced the RootDSE test to return all partition base DNs in a new null-terminated list "partitions". Then I used this in my referrals test which I've implemented in the LDB api since I needed some certain DN functions.
2010-02-25s4:partition DSDB module - Generate basic referralsMatthias Dieter Wallnöfer2-47/+144
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:partition DSDB module - change the search and domain scope control handlingMatthias Dieter Wallnöfer1-35/+22
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:LDAP server - Enable support for returning referrals through itMatthias Dieter Wallnöfer1-0/+22
This is needed for my work regarding the referrals when the domain scope control isn't specified. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:SAMLDB module - ignore referralsMatthias Dieter Wallnöfer1-5/+6
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-24s4:netlogon remove wrong ZERO_STRUCT of outputSimo Sorce1-6/+0
This was causing marshalling faults when we returned errors.
2010-02-24python: ntacls, fix a leftover that is not in the try/except branchMatthieu Patou1-1/+0
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-24dsdb: Add a more explicit error message for constructed attributesMatthieu Patou1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-24s4/drs_util: 'net drs showrepl' command implementationKamen Mazdrashki3-1/+613
2010-02-24s4/drs: Propagate drsuapi_DsReplicaGetInfoRequest2 changes in source codeKamen Mazdrashki2-6/+6
2010-02-24s4/drs: Propagate drsuapi_DsReplicaGetInfoRequest... changes into source codeKamen Mazdrashki3-6/+6
2010-02-24s4/drs_util: 'net drs replicate' command implementationKamen Mazdrashki3-4/+254
2010-02-24s4/drs_util: Add public function for binding to a DCKamen Mazdrashki1-0/+48
2010-02-24s4/drs_util: Refactor code to use net_drs_connection object for DRSUAPI ↵Kamen Mazdrashki3-34/+44
connecitons
2010-02-24s4/drs_util: Move DRSUAPI connection data into separate objectKamen Mazdrashki1-8/+18
We need this so we can create independent DRS connections to different DCs.
2010-02-24s4/net_drs: Utility macros for conditions checkingKamen Mazdrashki1-0/+20
2010-02-24s4/drs: Propagate drsuapi_DsReplicaSync changes in source baseKamen Mazdrashki3-9/+16
2010-02-24s4/drs: Propagate drsuapi_DsReplicaSyncRequest1 changes in source baseKamen Mazdrashki1-1/+1
2010-02-24s4-smbtorture: verify that the client cpu architecture has no influence on theGünther Deschner1-0/+72
calculated buffer size in RPC-SPOOLSS. Guenther
2010-02-24s4/schema: Move msDS-IntId implementation to samldb.c moduleKamen Mazdrashki2-149/+87
msDS-IntId attribute should be replicated, so it must be implemented in a module that is before repl_meta_data module (thanks abartlet for pointing this out). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-23s4/torture/smb2: Add two new SMB2 compound testsSteven Danneman1-0/+157
These tests server behavior when a client compounds both synchronous and asynchronous requests.
2010-02-23s4:cleanup remove unused schannel ldb codeSimo Sorce1-67/+0
2010-02-23s4:schannel merge code with s3Simo Sorce5-49/+20
After looking at the s4 side of the (s)channel :) I found out that it makes more sense to simply make it use the tdb based code than redo the same changes done to s3 to simplify the interface. Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet that does not solve the lookup speed, with ldb it is always going to be slower. Looking through the history it is evident that the schannel database doesn't really need greate expanadability. And lookups are always done with a single Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated. The schannel database is not really a persistent one. It can be discared during an upgrade without causing any real issue. all it contains is temproary session data.
2010-02-23s4:schannel more readable check logicSimo Sorce1-12/+44
Make the initial schannel check logic more understandable. Make it easy to define different policies depending on the caller's security requirements (Integrity/Privacy/Both/None) This is the same change applied to s3
2010-02-23s4-smb: Migrate named_pipe_server to tsocket.Andreas Schneider2-211/+279
2010-02-23s4-dns: improved logging, and run name check at startupAndrew Tridgell1-6/+10
2010-02-23s4-pyglue: added interface_ips() callAndrew Tridgell1-0/+43
This allows a python script to query the internal network interface lists from Samba
2010-02-23s4-dns: call out to the dns update command every 10 minutesAndrew Tridgell1-26/+112
This periodically calls samba_dnsupdate to update our DNS entries if needed
2010-02-23s4-param: added "dns update command" smb.conf optionAndrew Tridgell2-0/+5
defaults to SBINDIR/samba_dnsupdate This command will do periodic dynamic DNS updates using TSIG-GSS
2010-02-23s4-config: add dyn_SBINDIRAndrew Tridgell3-0/+5
2010-02-23s4-smbd: Remove obsolete singal type cast from the thread process model.Andreas Schneider1-3/+3
2010-02-23s4:netlogon RPC - fix the indentationMatthias Dieter Wallnöfer1-15/+15
Simo, I'm not really sure that those checks are valid. I read MS-NRPC section 3.5.4.1 about LOGONSRV_HANDLEs ("server_name" is of this type). There isn't stated that the server name has necessarily to be in the DNS form and should also be valid when it's NULL (if DCE server and client are the same - I don't know if me make use of it in s4).
2010-02-22s4:netlogon GetTrustedDomainInformationSimo Sorce1-6/+172
start implementing calls related to trusted domain information
2010-02-22s4:netlogon fix segfaultSimo Sorce1-12/+19
2010-02-22ldb:web Fix typoSimo Sorce1-1/+1
2010-02-22s4:registry/regf.c - specify the context when freeing the "regf" variableMatthias Dieter Wallnöfer1-1/+1
Otherwise we get a "talloc_free with references" warning.
2010-02-22More spelling fixes across source4/Brad Hards7-8/+8
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22Various source4 spelling fixes.Brad Hards4-4/+4
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22Spelling fixes for source4/auth.Brad Hards2-3/+3
The comment for USER_INFO_INTERACTIVE_LOGON looks like a cut-n-paste from the line above. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22Spelling fixes for source4/lib/registry.Brad Hards4-8/+8
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22Typo fix.Brad Hards1-1/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22LDB related spelling fixes.Brad Hards11-11/+11
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22s4:torture/ldap/basic.c - add some "const"Matthias Dieter Wallnöfer1-5/+3
In addition I removed a "talloc_free(req)" since we never free elsewhere the requests explicitly and do it only indirectly with freeing the "conn" object when the testsuite terminates.
2010-02-21s4:netlogon enhance DsrEnumerateDomainTrustsSimo Sorce1-27/+178
Actually return trust relationships by searching the appropriate entries in the SAM database. Add checks and return the correct flags, type and attributes.
2010-02-21s4:operational LDB module - enable support for passing referrals through itMatthias Dieter Wallnöfer1-2/+1
2010-02-21s4:partition DSDB module - Cosmetic fixupsMatthias Dieter Wallnöfer1-16/+23
2010-02-21s4:password_hash - Fix up request message pointersMatthias Dieter Wallnöfer1-7/+7
For add requests we need the add request messages, for modify requests we need the modify request messages.
2010-02-21s4:dsdb/util.c - Use LDB result constants in some more helper functionsMatthias Dieter Wallnöfer1-11/+11
Always better to rely on the standards rather than on custom results.
2010-02-21s4:provision.py - try to use other addresses than "127.0.0.x" and "::1"Matthias Dieter Wallnöfer1-2/+10
On production systems a user for sure strongly disagrees to use local IP addresses (how should the server be accessible?). Therefore if the user didn't specify an IP as provision option and in the "/etc/hosts" file we have at least one not-local IP which resolves to our hostname use this or one of them. Notice: if a host has more public IP addresses with the same name assigned the behaviour is non-deterministic (well, okay - by the entries order it is). But then the user is invited to specify the host IP manually. This should address bug #5484.