IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
added ldbedit, a _really_ useful command
added ldbadd, ldbdel, ldbsearch and ldbmodify to build
solved lots of timezone issues, we now pass the torture tests with
client and server in different zones
fixed several build issues
I know this breaks the no-LDAP build. Wait till I arrive in San Jose for that
fix.
e.g.
ncacn_np:myserver:[samr,sign,print]
will now enable the packet debugging
and the debugging is not bound anymore to the debuglevel >= 2
in the torture tests
- also the dcesrv_remote module now supports debugging of the packets
use the 'dcerpc_remote:binding' smb.conf parameter.
metze
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
don't cause fragmented pdus (I'll add fragments shortly)
* change data_blob_talloc() to not zero memory when the 2nd argument
is NULL. The zeroing just masks bugs, and can't even allow a DOS
attack
* modified pidl to ensure that [ref] arguments to the out side of
functions are allocated when parsing the in side. This allows rpc
backends to assume that [ref] variables are all setup. Doesn't work
correctly for [ref] arrays yet
* changed DLIST_ADD_END() to take the type instead of a tmp
variable. This means you don't need to declare a silly tmp variable in
the caller
machine account password.
* neater handling on value() options in IDL. The auto-print code
will now display the right value so you don't need to initialise
it in your C code
* moved ntlmssp code into libcli/auth/, and updated to latest ntlmssp
code from samba3 (thanks Andrew! the new interface is great)
* added signing/ntlmssp support in the dcerpc code
* added a dcerpc_auth.c module for the various dcerpc auth mechanisms
according to the current IDL taking the data from a file. In
combination with a little hack to ethereal to extract data this is a
quite powerful IDL development tool.
I have recoded the core dcerpc packet structures (all the PDUs etc) in
terms of IDL, which means we now use pidl to generate all the code for
handling the most basic dcerpc packets. This is not normally possible
as it isn't completely valid NDR, but pidl has a number of extensions
that make it quite easy.
This also means we get the server side dcerpc
marshalling/unmarshalling code for free.
* don't consider not doing lsa_QueryInfoPolicy level 11 a failure
(w2k3 doesn't have this level, w2k does)
* on a NDR validation failure dump the failed data at level 3
* added a NDR validator. The way it works is that when the
DCERPC_DEBUG_VALIDATE_* flags are set the dcerpc system will
perform NDR buffer validation. On sending a request the packet is
first marshalled, then unmarahslled, then marshalled again, and it is
confirmed that the two marshalling results are idential. This
ensures that our pull and push routines are absolutely in sync, so
that we can be very confident that if a routine works in the client
then the corresponding routine must work on the server side. A
similar validation is performed on all replies.
* a result of this change is that pidl is fussier about the [ref]
tag. You can only use it on pointers (which is the only place it
makes sense)
* fixed a basic alignment bug in the push side of the NDR code
* added server side pull/push support. Our dcerpc system is now fully
ready to be used on the server side.
* fixed the relative offset pointer list. It must be traversed in
reverse order on push
* added automatic value setting for the size parameter in outgoing
SdBuf structures.
* expanded the ndr debugging code to always give a message on any
failure
* fixed the subcontext push code
* fixed some memory leaks in smbtorture RPC tests
interface. We now support an arbitrary set of flags to each parser,
and these can be used to control the string types. I have provided
some common IDL string types in librpc/idl/idl_types.h which needs to
be included in every IDL file.
* added IDL for the endpoint mapper. Added a test suite that enumerates
all endpoints on the server.
