IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
samr_CreateUser2(), samr_LookupNames(), samr_OpenUser(),
and samr_DeleteUser()
this uses a user template in the SAM db, of objectclass "userTemplate"
and dn CN=TemplateUser,CN=Templates,$BASEDN. Using a template allows
an admin to add any default user attributes that they might want to
the user template and all new users will receive those attributes.
(This used to be commit 10b6e0011b5952c98432dc2d4b2058ac89a9cc2d)
metze. Also added a reference count so that a client can close the
connection handle and still used a derived domain handle.
(This used to be commit b1cd98188d6f1f8236f5dbc7a3605a39ae27fb73)
if you take a look at samr_GetDomPwInfo() then you will get a fairly good idea
of what I am planning for the database oriented SAMR server implementation.
(This used to be commit bba0044a514cf86cbcf14bc82dd6c49808c22dab)
servers. Previously the server pipe code needed to return the RPC
level status (nearly always "OK") and separately set the function call
return using r->out.result. All the programmers writing servers
(metze, jelmer and me) were often getting this wrong, by doing things
like "return NT_STATUS_NO_MEMORY" which was really quite meaningless
as there is no code like that at the dcerpc level.
I have now modified pidl to generate the necessary boilerplate so that
just returning the status you want from the function will work. So for
a NTSTATUS function you return NT_STATUS_XXX and from a WERROR
function you return WERR_XXX. If you really want to generate a DCERPC
level fault rather than just a return value in your function then you
should use the DCESRV_FAULT() macro which will correctly generate a
fault for you.
As a side effect, this also adds automatic type checking of all of our
server side rpc functions, which was impossible with the old API. When
I changed the API I found and fixed quite a few functions with the
wrong type information, so this is definately useful.
I have also changed the server side template generation to generate a
DCERPC "operation range error" by default when you have not yet filled
in a server side function. This allows us to correctly implement
functions in any order in our rpc pipe servers and give the client the
right information about the fault.
(This used to be commit a4df5c7cf88891a78d82c8d6d7f058d8485e73f0)
Samba4. I'm committing this now so I can get comments on the approach.
Note that you need to do something like this to initialise the SAM db:
edit script/provision.pl
script/provision.pl > provision.ldif.out
bin/ldbadd /path/to/private/sam.ldb provision.ldif.out
(This used to be commit e2002e40a5abe0cd33a2056b1da8ba5732f9021f)
DCESRV_HANDLE_ANY. This is needed for operations like samr_Close()
that take any handle type.
(This used to be commit 6fbbfc4462388c4c86f9f0ddd3cdd99225512ef2)
add some more WERR_NOT_SUPPORTED stubs to pass our torture tests
(wkssvc and srvsvc)
metze
(This used to be commit f8605b39ab58f8db22358122eafccc8a1cc60004)
- Start with the LDB backend
- The API is now more windows-like, which should make it easier to use
in rpc_server
- Added a GTK+ front-end
- Added some more IDL
More updates will follow, especially in the RPC field..
(This used to be commit 3adffa021779b26047a20f16a3c0b53d74751560)
and return WERR_ACCESS_DENIED for level 102, 502 so does my winXP box
for a non-admin user
metze
(This used to be commit 975bf13f17e0bd95ec37af3534e5209c1de99252)
- we know can browse the server via the Windows Explorer
- some little fixes to the winreg server pipe
metze
(This used to be commit 6f213a3494d3b5ab629944394b20a84075a04438)
- Add some initial implementation of the ldb backend
- More checks in the winreg torture test
(This used to be commit ae2b63b6f1821bc4f693cb8e2a5f78718c483c24)
e.g.
ncacn_np:myserver:[samr,sign,print]
will now enable the packet debugging
and the debugging is not bound anymore to the debuglevel >= 2
in the torture tests
- also the dcesrv_remote module now supports debugging of the packets
use the 'dcerpc_remote:binding' smb.conf parameter.
metze
(This used to be commit 40abf3c584efed7f977ddd688ea064540e5a5b13)
I plan to convert all objectfile group to use SMB_SUBSYSTEM
later I'll add a SMB_BINARY() and SMB_LIBRARY(), then there will be no more need
to touch Makefile.in, because all make rules will be autogenerated by configure
- convert the PROCESS_MODEL subsystem to this new scheme
and move the pthread test to smbd/process_model.m4
- convert the CHARSET subsystem to this new scheme
and move the iconv test to lib/iconv.m4
(This used to be commit 2e57ee884ebea194ee79ac20e84e385481b56aa2)
lib/util_smbd.c is not used anymore
reorder the SMB_MODULE() parameters the goal is to autogenerate the
make rules for shared modules:
dnl SMB_MODULE(1:name,2:subsystem,3:default_build,
4:object_files,5:shared_object,6:libs
7:whatif-static,8:whatif-shared,9:whatif-not)
and generate <SUBSYSTEM>_LIBS and MODULE_<name>_LIBS with the SMB_MODULE() macro
metze
(This used to be commit 904ce91ed9e3b26d591278984ae32fa99bac01fd)
(which were already removed in revision 1.37 and
readded by mistake in revision 1.39)
- change the SMB_MODULE() macro a bit
Now we have:
dnl Specify the default build method of this module
dnl SMB_MODULE_DEFAULT(name,default_build)
AC_DEFUN(SMB_MODULE_DEFAULT,...
dnl Mark specified module as shared
dnl SMB_MODULE(name,default_build,static_files,shared_files,subsystem,whatif-static,whatif-shared,whatif-not)
this let us specify the default build method inside of the included config.m4
files
metze
(This used to be commit 92a3eb83d4bb07a7f1f87232e26831d05ab42915)
common case of there being no pending partial data and a full dcerpc
packet being received.
We should use this same model for the smb server. It gives us
efficient memory usage while allowing for completely async socket
operations.
(This used to be commit 9aab321fb6e2f3499efd8ca5bc88ce2cb8e68219)
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
uint32 followed by a GUID. I needed to fix this to support running in
mixed-mode rpc (where smbtorture is bigendian and w2k3 is
little-endian). Otherwise when you send back a policy handle the
server doesn't recognise it.
(This used to be commit 9b1c76a8e9e953e051072441f8938ee17a674d35)
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
pipe.
The server side code gets generated as librpc/gen_ndr/ndr_NAME_s.c and
gets included in the pipe module
(This used to be commit bd3dcfe5820489a838e19b244266bd9126af5eb4)
I needed to hack the ntlmssp code a little, as the auth code in samba4
is out of date relative to the samba3 auth code. I need to do a merge :)
(This used to be commit 6ee0935afe9444bf9bb24eed4e02e8377dc746b7)
time in the rpc server.
started on the framework for the dcerpc authentication server code
(This used to be commit 74041b6a0a60d792e1b220496d66ec27b9ee6c25)
server endpoints. We can now successfully setup listening endpoints on
high ports, then use our endpoint mapper redirect incoming clients to
the right port.
also greatly cleanup the rpc over tcp session handling.
(This used to be commit 593bc29bbe0e46d356d001160e8a3332a88f2fa8)
