IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Why? It moves these structs from the data into the text segment, so they
will never been copy-on-write copied. Not much, but as in German you say
"Kleinvieh macht auch Mist...."
This was only affecting the newer versions of usrmgr.exe, because they
use a user_info_25 struct. The password is getting set separately
inside that code, so the password last set time was getting set from the
password change logic.
We also were not parsing a number of fields (like logon hours) from the
user_info_25. That should also be fixed.
Allows authorized users (e.g. BUILTIN\Administrators members) to
set attributes on an account, particularly "user cannot change
password".
add become_root() around updating attributes, after checking that
access has been granted.
them. It just does not make sense to do a querydispinfo on an alias handle...
This fixes a memleak: Every samr_connect*() call leaked a DISP_INFO for the
(NULL) sid.
More cleanup pending: Essentially, we only need the DISP_INFO cache for the
get_global_sam_sid() domain. BUILTIN is fixed and small enough, and there are
no other domains around where enumerations could happen.
This also removes the explicit builtin_domain flags. I don't think this is
worth it. If this makes a significant difference, then we have a *VERY* tuned
RPC layer...
Jeremy, please check this. If it's ok, we might want to merge it across.
Volker
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
