IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
not specific for NTLMSSP
- it's possible that the server sends a mechOID and authdata
if negResult != SPNEGO_NEG_RESULT_INCOMPLETE, but we still
force the mechOID to be present if negResult == SPNEGO_NEG_RESULT_INCOMPLETE
metze
(This used to be commit e9f2aa22f9)
Jeremy, I'm afraid you removed the "domain->initialized" from the
set_dc_types_and_flags() call when the connect to PI_LSARPC_DS failed
(with rev. 19148).
This causes now that init_dc_connection_network is called again and
again which in turn rescans the DC each time (which of course fails each
time with NT_STATUS_BUFFER_TOO_SMALL). Just continue with the
non-PI_LSARPC_DS scan so that the domain is initialized properly.
Guenther
(This used to be commit c6f63a08f5)
For the winbind cached ADS LDAP connection handling
(ads_cached_connection()) we were (incorrectly) assuming that the
service ticket lifetime equaled the tgt lifetime. For setups where the
service ticket just lives 10 minutes, we were leaving hundreds of LDAP
connections in CLOSE_WAIT state, until we fail to service entirely with
"Too many open files".
Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP
connection after the ads_do_search_retry() has failed to submit the
search request (although the bind succeeded (returning an expired
service ticket that we cannot delete from the memory cred cache - this
will get fixed later)).
Guenther
(This used to be commit 7e1a84b722)
gives just any DC), also make sure to set timeouts in rpcclient
accordingly so that we actually get the DC's reply.
Guenther
(This used to be commit 6091c8152a)
items in cac_winreg.c
* Get 'net rpc registry enumerate' to list values again
* Fix winreg.idl QueryInfoKey(). The max_subkeysize is the
max_classlen (we previously had this correct in Samba3")
* fix valgrind error about uninitialized memory and use-before-set
on size value inmemset() call
* Fix key enumeration in 'net rpc registry enumerate'
* regenerate gen_dir files based on local pidl patches
Please note that the generated ndr files are from my local
copy of pidl. If you need to regenerate, please apply the
patch that I posted to the samba-technical list earlier today.
(This used to be commit 5d843612a1)
in,out ref pointer
* Clarify variable names in EnumValue IDL
* Fix server code for _winreg_EnumValue() and _winreg_QueryInfoKe()
(This used to be commit f520a9d0fb)
This has had some basic testing. I'll do more during the next couple of days and hopefully also
make RPC-SRVSVC from Samba4 pass against it.
(This used to be commit ef10672399)
* Remove the old wkssvc server, client, & parsing code.
* Update srv_wkssvc_nt.c with stubs for the remaining
stubs
(This used to be commit 0cb79ee13f)
* rpccli_reg_abort_shutdown()
* rpccli_reg_flush_key()
Remove the cmd_reg.c from rpcclient since the entire file
was unused
(This used to be commit c4788f0c13)
make rpccli_lsa_close() a real one line wrapper for
rpccli_lsa_Close().
I'm still keeping the wrapper for now because I'm not sure
what we will do about a usable client API. I don't think
calling the autogenerated client code directly is a good idea
as the IDL is still evolving.
(This used to be commit 47f0c71218)
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
initial work. I'm including the librpc/gen_ndr directory
in svn temporarily just to get some compile issues straightened
out.
(This used to be commit cf271aa433)
* Remove "unknown" from dfs_Enum (samba4 dfs IDL updates to follow).
* When encountering an unsupported infolevel the rpc server must reply
with a dfs_info_0 structure and WERR_OK (observed from w2k3 when talking
to nt4).
Guenther
(This used to be commit f9bef1f08f)
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
(This used to be commit 967292b713)
in smb.conf. This did work before the join rewrite.
Samba will have problems if you try to run any of the daemons
with an incorrect workgroup but it should not fail to join.
The summary is that a member server should always use it's
own machine name when setting up schannel since that is
the only account it has. Thanks to Volker for the discussion.
(This used to be commit 95763b94f7)
