IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
registry values are now passed around in containers
(REGSUBKEY_CTR & REGVAL_CTR) which each possess a TALLOC_CTX.
* removed subkey_specific_fn() from REGISTRY_OPS. Is implemented
in the form of a wrapper
* temporarily broke the printing registry ops.
* implemented inheritence for the data_p of nodes in a SORTED_TREE
* All REGISTRY_KEY instances now store a valid REGISTRY_HOOK since
the default REGOSTRY_OPS structure is stored in the root of the
cache_tree.
* Probably some other change I forgot.... T
(This used to be commit e7b55e8f017e638342d9c8c1a9259000745a0298)
queueid in job number. This means we must have an internal tdb to store
mapping from 16 bit RAP jobid's to 32 bit RPC jobids.
Jeremy.
(This used to be commit 4ff64f69706cc94d5dba7762754d00790c476963)
effective gid which could mean that the user gets group 0 in their
group list for acl interpretation
this is a replacement fix for the one richard did in 2.2 (which didn't
cope wiith variable behaviour depending on which nss module was in
use)
(This used to be commit cfc5ca3416cea5ea5d2ac34f5521cb6367e42cd2)
* DeletePrinterDriverEx() now has the ability to delete
driver files. I need to do some more testing
tro veriofy that we are in fact not deleting a file out from
under another driver, but it looks ok so far.
* DeletePrinterDriver() noiw deletes all versions of the
specified driver (cversion == 0, 1, 2, 3)
(This used to be commit 17bb780e1327663fa2fcd6a3cb25dd461a29c537)
will actually delete driver files ( not yet though I don't think).
Just wanted to get it in since Jeremy and I are both
working on nt_printing.c
(This used to be commit 3fa6c3132950c9ff1c6a532d8264ee34a6b2b0ff)
SPOOLSS_DELETEPRINTERDRIVEREX. Ran them through some testing.
I know I'm off by 2 x uint32's in the former RPC.
(This used to be commit 55fbfd02ba917b74fd4df7a1aa8cc8c5a91e3e07)
SPOOLSS_DELETEPRINTERKEY
* stub funnctions for SPOOLSS_ADDPRINTERDRIVEREX and
SPOOLSS_DELETEPRINTERDRIVEREX
(This used to be commit d675974d0c04a68d48d90492005056d96697c96c)
solaris CC (void* arithmatic) and fixes the other warnings (global variable
shadows) that gcc has with this file.
Andrew Bartlett
(This used to be commit 7ac6517bec0f425f99f419f6efd2a673b4ec0f83)
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a
function to make the SID types appear as text strings in logs/rpcclient.
Also, remove a silly case that would cause 'failure' to be 'success'. (Might
look at this a bit more in future).
Andrew Bartlett
(This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
the 'user cannot change password' button work. Needs help from a future SAM
backend, but at least this parses the data, and returns an error.
Andrew Bartlett
(This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1)
This is not the final solution, I think this will probably changed with the
move to the new SAM subsystem, but it allows some research and gives us
somthing to start with.
It should also help with getting proper NT_TOKEN passing set-up.
Original patch by "Kai Krueger" <kai@kruegernetz.de>, which I have modified to
pass back NTSTATUS returns in more places and to use a little more common code.
Andrew Bartlett
(This used to be commit 43b72493708e74e089989db42a003a3862c793e6)
via regedt32.exe. The regsitry.tdb is only a framework. It is not
intended to store values, only key/subkey structure. The data
will be retrieved from nt*tdb (for printers) creating a virtual view
of the data.
You can currently connect to a Samba box using regedt32.exe (haven't
tried regedit.exe). Some basic keys are created in registry.tdb
for use.
There are two problems....
* something is getting freed in the winreg code that causes heap
corruption later on. As long as you don't play with the winreg
server functionality, I don't think you'll be bitten by this.
* no access controls are currently implemented
* I can't browse HKLM because regedt32 greys out the SYSTEM subkey.
ok so that was three....
(This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54)
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem.
Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the
eventual hope that we might one day support muliple domains off a single
passdb. To extract the RID, we use sid_peek_check_rid(), and supply an
'expected' domain SID.
The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to
srv_samr_util.c, to ease linking in passdb users.
Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in
pdb_compat.c
Andrew Bartlett
(This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
Went through and checked all string_subs I could to ensure they're being
used correctly.
Jeremy.
(This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87)
'NT_STATUS_OK' is not the right answer here. Try NO_MORE_ENTRIES for now.
Andrew Bartlett
(This used to be commit c98b9a965905f1876b4884f932ff2e0237d85b03)
Mostly formatting and s/free/SAFE_FREE/g changes with the two exceptions
being
* John driver init changes
* Tim's printer enumeration bug fix
(This used to be commit f7536762863811f96364e8acd3716bdb7d665bbf)
The aim of this execise is to give the 'security>=user' code a straight paper
path. Security=share will sill call authorise_login(), but otherwise we avoid
that mess.
This allow *much* more accurate error code reporting, beocuse we don't start
pretending that we can use the (nonexistant) password etc.
Also in this patch is code to create the 'homes' share at session setup time
(as we have done in the past - been broken recently) and to record this on
the user's vuser struct for later reference. The changes here should also
allow for much better use of %H (some more changes to come here).
The service.c changes move a lot of code around, but are not as drastric
as they look...
(Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not
'*total_entries' was compared).
This code is needs testing, but passes my basic tests.
I expect we have lost some functionality, but the stuff I had expected
to loose was already broken before I started. In particular, we don't 'fall
back' to guest if the user cannot access a share (for security=user). If you
want this kind of stuff then you really want security=share anyway.
Andrew Bartlett
(This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
like the domain name and SID come from the remote domain, not the local
one. These are filled out by the code from the previous commit (auth_util.c,
the make_server_info_info3() fn) and read back here.
Andrew Bartlett
(This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca)
to using SIDs instead of RIDs.
The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument.
The idea here is to prevent mistakes where the SID is implict, but isn't
the same one that we have in the struct.
Andrew Bartlett
(This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
involving the use of lp_winbind_gid() without checking if they have been
set.
Also revert the 'clashing user' check back to a Get_Pwnam() - I probably should
never have changed it.
Andrew Bartlett
(This used to be commit 1d6ba405589cee4e1582bc91cf659b89564899d4)
initialising function. This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>
This is partly to enable the transition to SIDs in the the passdb.
Andrew Bartlett
(This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
returning access denied for a SAMR_CONNECT by an anonymous user which
seems to be the way 2K does it rather than blocking individual RPC
calls like NT.
Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason
doesn't require a policy handle to return information. No idea what
it's actually used.
(This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
pipe_access_check(). Eventually this can take a security descriptor
as an argument as well.
(This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818)
of files. This was done to better enable net rpc file. Perhaps we can start
giving back real info this way, too.
(This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
