1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

259 Commits

Author SHA1 Message Date
Günther Deschner
61391d0ade s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
2efec54b8d s4-samr: merge samr_EnumDomainAliases from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
aaca059a35 s4-samr: merge samr_QueryDisplayInfo from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
3a9b42fa75 s4-samr: merge samr_QueryDisplayInfo2 from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
bab255f09b s4-samr: merge samr_QueryDisplayInfo3 from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
68a2ca11dc s4-samr: merge samr_GetGroupsForUser from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
f7dfea32fc s4-samr: merge samr_QueryDomainInfo from s3 idl. (fixme python)
Guenther
2008-11-10 21:46:29 +01:00
Günther Deschner
9774927947 s4-samr: merge samr_QueryGroupMember from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:28 +01:00
Günther Deschner
a2a26da899 s4-samr: merge samr_Connect5 from s3 idl. (fixme python)
Guenther
2008-11-10 21:46:28 +01:00
Günther Deschner
8f1559c350 s4-samr: merge samr_GetDomPwInfo from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:28 +01:00
Günther Deschner
f42f1ae5a8 s4-samr: merge samr_GetUserPwInfo from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:27 +01:00
Günther Deschner
94b7db1fb4 s4-samr: merge samr_RidToSid from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:27 +01:00
Günther Deschner
5ce30d0f4d s4-samr: merge samr_QuerySecurity from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:27 +01:00
Günther Deschner
93c6129c99 s4-samr: merge samr_LookupRids from s3 idl.
Guenther
2008-11-10 21:46:27 +01:00
Günther Deschner
e0a6e3b23b s4-samr: merge samr_ChangePasswordUser3 from s3 idl.
Guenther
2008-11-10 21:46:26 +01:00
Günther Deschner
244dee6275 s4-samr: prepare for Query.*Info calls: change macros.
Guenther
2008-11-10 21:46:26 +01:00
Günther Deschner
9888ed1d9b s4-samr: merge samr_UserInfo20 from s3 idl.
This must not be treated as a normal string (strlen truncates it).

Guenther
2008-11-10 21:46:25 +01:00
Andrew Bartlett
31158c0256 Use ldb_dn_from_ldb_val() to create a DN in the SAMR server
The previous code incorrectly cast an ldb_val into a char *.

Andrew Bartlett
2008-11-04 16:06:57 +11:00
Andrew Bartlett
9381a78c39 Use ldb_dn_from_ldb_val to avoid possible over-run of the value.
The ldb_val is length-limited, and while normally NULL terminated,
this avoids the chance that this particular value might not be, as
well as avoiding a cast.

Andrew Bartlett
2008-11-04 16:06:56 +11:00
Jelmer Vernooij
37d885c51a Remove iconv_convenience argument from convert_string{,talloc}() but
make them wrappers around convert_string{,talloc}_convenience().
2008-10-24 14:26:46 +02:00
Andrew Bartlett
99315a19be Fix errrors in new password handling code found by RPC-SAMR.
I'm very glad we have such a comprehensive testsuite for the SAMR
password change process, as it makes this a much easier task to get
right.

Andrew Bartlett
2008-10-17 12:41:02 +11:00
Andrew Bartlett
7c88ea8aad Create a 'straight paper path' for UTF16 passwords.
This uses a virtual attribute 'clearTextPassword' (name chosen to
match references in MS-SAMR) that contains the length-limited blob
containing an allegidly UTF16 password.  This ensures we do no
validation or filtering of the password before we get a chance to MD4
it.  We can then do the required munging into UTF8, and in future
implement the rules Microsoft has provided us with for invalid inputs.

All layers in the process now deal with the strings as length-limited
inputs, incluing the krb5 string2key calls.

This commit also includes a small change to samdb_result_passwords()
to ensure that LM passwords are not returned to the application logic
if LM authentication is disabled.

The objectClass module has been modified to allow the
clearTextPassword attribute to pass down the stack.

Andrew Bartlett
2008-10-16 12:48:16 +11:00
Günther Deschner
11ecd5acfd s4: merge from s3 samr.idl.
Guenther
2008-10-15 17:42:33 +02:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Jelmer Vernooij
6925202bde Move source4/lib/crypto to lib/crypto. 2008-09-24 15:30:23 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
2008-09-23 18:17:46 -04:00
Andrew Bartlett
c39d1b829b Remove unused parameter from decode_pw_buffer and fail on invalid
UTF-16 input

The input checking is important, as otherwise we could set the wrong
password.

Andrew Bartlett
2008-09-22 17:50:43 -07:00
Andrew Bartlett
d626a26374 Rename structures to better match the names in the WSPP IDL.
The 'comment' element in a number of domain structures is called
oem_information.  This was picked up actually because with OpenLDAP
doing the schema checking, it noticed that 'comment' was not a valid
attribute.

The rename tries to keep this consistant in both the LDB mappings and
IDL, so we don't make the same mistake in future.

This has no real schema impact, as this value isn't actually used for
anything, as 'comment' was not used in the provision.

Andrew Bartlett
(This used to be commit 65dc0d5365)
2008-07-21 13:42:07 +10:00
Jelmer Vernooij
21fc767378 Specify event_context to ldb_wrap_connect explicitly.
(This used to be commit b4e1ae07a2)
2008-04-17 12:23:44 +02:00
Andrew Bartlett
9a6422b695 Rework our SAMR test and SAMR server.
Now that we don't create users/domain groups/aliases in the builtin
domain, we hit some bugs in the server-side implementation of the
enumeration functions.

In essence, it turns out to be: don't treat 0 as a special case.

Also, fix up the PDC name to always be returned.  I'm sure nothing
actually uses it, particularly for BUILTIN...

Andrew Bartlett
(This used to be commit 353bb79f56)
2008-03-14 12:26:03 +11:00
Andrew Bartlett
80f7e9e081 Rework SAMR functions to avoid gendb_search()
The gendb_*() API does not return error codes, and mixes error returns
with the count of returned entries.

Andrew Bartlett
(This used to be commit facbc8dfa5)
2008-03-13 17:26:01 +11:00
Andrew Bartlett
0c88240236 Rework to have member server 'domains' be CN=NETBIOSNAME
This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.

This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema
validation).

Andrew Bartlett
(This used to be commit bda6a38b05)
2008-03-13 11:36:58 +11:00
Andrew Bartlett
227cecadf9 Check for and reject invalid account flags.
(lest we have an account set with 0 flags)

Andrew Bartlett
(This used to be commit 7a46e72f8d)
2008-02-28 10:05:32 +11:00
Andrew Bartlett
5043215f21 Generate ACB_PW_EXPIRED correctly
More correctly handle expired passwords, and do not expire machine accounts.

Test that the behaviour is consistant with windows, using the RPC-SAMR test.

Change NETLOGON to directly query the userAccountControl, just because
we don't want to do the extra expiry processing here.

Andrew Bartlett
(This used to be commit acda1f69bc)
2008-02-28 08:50:00 +11:00
Andrew Bartlett
5df2ac18e7 Print out the reason we can't delete the user in SAMR.
We need to be far more granular bout this - in particular, we need a
decide LDAP -> NTSTATUS conversion.

Andrew Bartlett
(This used to be commit 30fc3752c7)
2008-01-16 15:48:28 +11:00
Jelmer Vernooij
0500b87092 r26540: Revert my previous commit after concerns raised by Andrew.
(This used to be commit 6ac86f8be7)
2007-12-21 05:52:06 +01:00
Jelmer Vernooij
3e75f222bc r26539: Remove unnecessary statics.
(This used to be commit e53e79eebe)
2007-12-21 05:52:05 +01:00
Jelmer Vernooij
6c77f353d3 r26328: remove more uses of global_loadparm.
(This used to be commit 40ae12c086)
2007-12-21 05:48:41 +01:00
Jelmer Vernooij
41db2ab12c r26319: Split encoding functions out of libcli_ldap.
(This used to be commit 95a6ef7fc8)
2007-12-21 05:48:33 +01:00
Jelmer Vernooij
2f5ca872a8 r26313: Fix more uses of static loadparm.
(This used to be commit 6fd0d9d3b7)
2007-12-21 05:48:25 +01:00
Jelmer Vernooij
57f20ccd24 r26296: Store loadparm context in DCE/RPC server context.
(This used to be commit fc1f4d2d65)
2007-12-21 05:48:13 +01:00
Jelmer Vernooij
509e82e402 r26272: Remove global_loadparm in some more places.
(This used to be commit 1ab76ecc53)
2007-12-21 05:47:55 +01:00
Jelmer Vernooij
43696d2752 r26252: Specify loadparm_context explicitly when creating sessions.
(This used to be commit 7280c1e941)
2007-12-21 05:47:29 +01:00
Jelmer Vernooij
f4a1083cf9 r26227: Make loadparm_context part of a server task, move loadparm_contexts further up the call stack.
(This used to be commit 0721a07aad)
2007-12-21 05:47:04 +01:00
Andrew Bartlett
25143a2648 r26135: Remove samdb_add(), samdb_delete() and samdb_modify(), which were just
wrappers to ldb_add() etc.  samdb_replace() remains, as it sets flags on
all entries as 'replace'.

Andrew Bartlett
(This used to be commit 09c0faa5b7)
2007-12-21 05:46:17 +01:00
Jelmer Vernooij
ca0b72a1fd r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.
(This used to be commit 56dfcb4f2f)
2007-12-21 05:45:40 +01:00
Jelmer Vernooij
05e7c48146 r25553: Convert to standard bool type.
(This used to be commit b7371f1a19)
2007-10-10 15:07:54 -05:00
Jelmer Vernooij
37d53832a4 r25398: Parse loadparm context to all lp_*() functions.
(This used to be commit 3fcc960839)
2007-10-10 15:07:25 -05:00
Andrew Bartlett
6a30131b8b r25052: This missing 'break' caused problems on 32 bit platforms only, due to
alignment of the union.

Sorry for the time it took to test and fix this.

Andrew Bartlett
(This used to be commit 5b893fc6f5)
2007-10-10 15:05:51 -05:00
Jelmer Vernooij
ffeee68e4b r25026: Move param/param.h out of includes.h
(This used to be commit abe8349f9b)
2007-10-10 15:05:38 -05:00