From e0bd9e82eae6dc3623a247b4294659faeb23a20d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jul 2008 13:49:00 +1000 Subject: Explain where some other OIDs are allocated. This is an odd place for an OID registry - we perhaps need a central wiki page. Andrew Bartlett (This used to be commit 1c909973977ae117703c1ccf7589acc4625e76e5) --- source4/setup/schema_samba4.ldif | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source4') diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index 21d17c5caa..3e129e4f6b 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -3,9 +3,15 @@ # ## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema ## 1.3.6.1.4.1.7165.4.1.x - attributetypes + ## 1.3.6.1.4.1.7165.4.2.x - objectclasses + ## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls +### see dsdb/samdb/samdb.h + ## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations +### see dsdb/samdb/samdb.h + ## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track # # -- cgit From d6fdd13dec854c681ad047d104ccfc2bf0ca5de5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jul 2008 16:14:20 +1000 Subject: Remove the 'accoc_group_id' check in the RPC server. This check breaks more than it fixes, and while technically not correct, is the best solution we have at this time. Otherwise, SCHANNEL binds from WinXP fail. Andrew Bartlett (This used to be commit f8628fa330abcd50923d995d5bda1f4811582ea9) --- source4/rpc_server/dcerpc_server.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'source4') diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index d8dafd61f6..91ae5fcd94 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -534,9 +534,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) uint32_t context_id; const struct dcesrv_interface *iface; +#if 0 + /* It is not safe to enable this check - windows clients + * (WinXP in particular) will use it for NETLOGON calls, for + * the subsequent SCHANNEL bind. It turns out that NETLOGON + * calls include no policy handles, so it is safe there. Let + * the failure occour on the attempt to reuse a poilcy handle, + * rather than here */ + + /* Association groups allow policy handles to be shared across + * multiple client connections. We don't implement this yet. */ if (call->pkt.u.bind.assoc_group_id != 0) { return dcesrv_bind_nak(call, 0); } +#endif if (call->pkt.u.bind.num_contexts < 1 || call->pkt.u.bind.ctx_list[0].num_transfer_syntaxes < 1) { -- cgit