IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Make this available as a shared structure for both source3 and source4
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fold the two 32 bit values logon_id_high and logon_id_low into a single
64 bit logon_id in netr_identity_info. This will be used to tie
together winbind and SamLogon requests in audit logging.
Summary of the of the Query and Response from Microsoft on it's usage.
[REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does
the Reserved field have LogonId meaning?
Questions:
In NetrLogonSamLogonEx does the Reserved field
(of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning?
What is a valid LogonID, and does have any audit usage?
Samba is sending a constant "deadbeef" in hex and would like to
understand any usage of this field.
Response:
The NRPC spec is accurate in defining the field as Reserved, and without
protocol significance. In the header file in our source code, it is
defined as LogonId and commented as such, but it’s effectively not used.
This is probably why the API structure has that field name. It may have
been intended as such but it’s not used.
Samba will send a random value in this field.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
See [MS-NRPC] 3.5.4.5.1 NetrLogonSamLogonEx (Opnum 39).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows you to forward bad password count resets to 0. Currently,
there is a missing access check for the RODC to ensure it only applies
to cached users (msDS-Allowed-Password-Replication-Group).
(further patches still need to address forcing a RWDC contact)
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This difference is the reason why we can't fully (ndr)validate some
PAC blobs.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This will be used by the netr_LogonControl()
in order to contact remote domains via winbindd.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These are the same.
We keep the old defines arround in order to avoid a lot of changes
in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This structure is used by the netr_LogonGetDomainInfo call as the input.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This flag indicates the DC runs Windows 2012 or above.
See MS-NRPC 2.2.1.2.1 for details.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
This must be done in winbindd as it already has the schannel connection
and the credential chain. If we re-established that elsewhere, we
would break the chain in winbindd.
Andrew Bartlett
Signed-Off-By: Andrew Tridgell <tridge@samba.org>
The DS_ bits had got a bit ahead of the NBT_ bits.
Ideally we'd make these a single set of bits at some point.
This also removes NBT_SERVER_DNS_FOREST as this bit doesn't exist. I
think it came from someone mis-reading the docs, which show the bits
in reverse order within bytes (one of the worst bit table
representations I have ever seen!)
CDSVersion field contains one utf16 string and then garbage which pertubated the parsing.
We use subcontext to clearly define the size of the whole blob and then let the parser to find
the real length of the string.
This is a fix for bug 6706, many thanks to Gunter for the PIDL guidelines.
Vista and upper version use this value to check wether they should ask the DC
to change the msDS-SupportedEncryptionTypes attribute or not.
Declare the different value as a bitmap in Netlogon idl
