IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
when we are a RODC, don't respond with the writable bit in the server
type response of netlogon requests
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.
CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
To make it compatible by the use of the "dcesrv_netr_DsRGetDCName*" calls.
Some result checks were redundant so I removed them. In other cases I added
debug outputs. Sometimes the debug messages were misleading.
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.
Andrew Bartlett
I've studied now the netlogon attribute from the CLDAP request and
have compared them with the table presented in the WSPP docs
(http://msdn.microsoft.com/en-us/library/cc201036.aspx). The first two
bytes seem to be correct, but that the third and fourth one is
completely clear with SAMBA 4.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 3024a43c25e3ec9821d94a27d5cf738890b1b8f3)
This now handles checking if the user exists, including validating the
ACB mask on the user.
This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...
Andrew Bartlett
(This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e)
This commit also fixes a number of issues found by the NBT-DGRAM and
LDAP-CLDAP tests.
Andrew Bartlett
(This used to be commit 8f99a4b94e95f8bde0f80f92d4e57020c62cfaab)
This also makes the CLDAP server the place where we create the
NETLOGON SAMLOGON replies, regardless of protocol (NBT mailslots or
CLDAP).
Andrew Bartlett
(This used to be commit 8b00a9429470c9ad3646255c340e6a963bd226bd)
