sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-08 05:57:51 +03:00
Code
73,183 Commits 62 Branches 1,150 Tags
Commit Graph

26773 Commits

Author SHA1 Message Date
Matthieu Patou
850cca3996 add a demo script for dirsync 
Signed-off-by: Andrew Tridgell <tridge@samba.org>

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat May 21 15:40:26 CEST 2011 on sn-devel-104
 2011-05-21 15:40:26 +02:00
Matthieu Patou
c2fa348831 s4-dsdb: add unit tests for dirsync control 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 16:25:19 +04:00
Matthieu Patou
fa400af18b s4-dsdb: implementation of the dirsync control 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 16:25:19 +04:00
Matthieu Patou
7b4e1e78be s4-dsdb: introduce dsdb_module_search_tree 
With this function your own search tree can be specified

This function is similar to ldb_build_search_req_ex as it allows to
pass a parse tree structure.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 14:39:12 +04:00
Matthieu Patou
37b1662a38 s4-dsdb: relax a bit the checks on read acl when dirsync control is specified 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 14:39:12 +04:00
Matthieu Patou
1d0fc445fa s4-dsdb: create flag for requesting ACL relax in case of DIRSYNC request 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 14:39:12 +04:00
Matthieu Patou
df83e9c15e s4: do not change the critical flag when it's on a dirsync control 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-05-21 14:39:12 +04:00
Matthieu Patou
49c99d0515 s4: add blackbox test for rename 
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat May 21 09:50:34 CEST 2011 on sn-devel-104
 2011-05-21 09:50:34 +02:00
Matthieu Patou
f1873382da upgradeprovision: add hostname in the blackbox tests 2011-05-21 08:41:07 +02:00
Matthieu Patou
535a9b3133 Make the purge first so that the provision can reused during tests 2011-05-21 08:41:07 +02:00
Matthieu Patou
a0db60d3ea Add a script for renaming a DC 2011-05-21 08:41:07 +02:00
Matthieu Patou
22a638b616 s4-python: Remove not used imports 2011-05-21 08:41:07 +02:00
Matthieu Patou
6071ed67bf s4-python: move function find_provision_key_parameters to provision namespace as it can be used not only for upgradeprovision 2011-05-21 08:41:07 +02:00
Matthieu Patou
a2f4309112 torture-dfs: fix a typo that was causing the test to be flacky 
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Fri May 20 09:39:12 CEST 2011 on sn-devel-104
 2011-05-20 09:39:12 +02:00
Andrew Bartlett
fa3e2fc8bb selftest: Re-enable strings.py from source3/stf as a python subunit test 2011-05-18 16:12:08 +02:00
Andrew Bartlett
c6cc22adc0 s4-libnet: Remove libnet_Join and create libnet_Join_member 
libnet_Join conflicts with a function in the source3 netapi of the
same name, and the ability to join as a DC via this particular method
is unused.

Andrew Bartlett
 2011-05-18 16:12:08 +02:00
Andrew Bartlett
30979f3ea1 build: Expand dcerpc-samba grouping library 
This is possible in common now because the generated RPC code does not
rely on a particular dcerpc layer.

Andrew Bartlett
 2011-05-18 16:12:07 +02:00
Andrew Bartlett
2fc342c20a waf-build: Add more libraries to avoid duplicate symbols 
The new source of duplicates is calling libnetapi from inside smbtorture.

Andrew Bartlett
 2011-05-18 16:12:07 +02:00
Andrew Bartlett
d13fb8ddd0 s4-selftest: gensec test is finished, don't skip 2011-05-18 16:12:07 +02:00
Andrew Bartlett
3dd76f2f56 selftest: Don't skip Samba3 tests in the top level build 
The regular expressions here were not specific enough, they matched
the samba3. names from the source3/selftest/tests.py

Found by Andreas Schneider

Andrew Bartlett
 2011-05-18 16:12:07 +02:00
Matthieu Patou
b25f7d4020 torture: desactivate the level 4 tests for DFS referral 
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed May 18 13:04:00 CEST 2011 on sn-devel-104
 2011-05-18 13:04:00 +02:00
Matthieu Patou
29a03cdbc2 s4-dfs: Add workaround so that XP really works well 
XP seems to have problems working at a correct speed (or even
working at all if we return referral of level 4).
 2011-05-18 12:00:05 +02:00
Stefan Metzmacher
902b1d9a19 s4:ntvfs/cifs: return NT_STATUS_INTERNAL_ERROR if no credentials are available 
This is a configuration problem on the server, no invalid parameter
from the client.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed May 18 08:49:00 CEST 2011 on sn-devel-104
 2011-05-18 08:49:00 +02:00
Stefan Metzmacher
a7b8593f9c s4:kdc: split s4u2self and s4u2proxy checks 
metze
 2011-05-18 07:46:44 +02:00
Stefan Metzmacher
5f48c5df51 s4:kdc: UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION => flags.trusted_for_delegation 
metze
 2011-05-18 07:46:43 +02:00
Stefan Metzmacher
053ef0f605 s4:auth/credentials: S4U2Self should force CRED_MUST_USE_KERBEROS 
Otherwise we would not impersonate the desired principal.
This still doesn't work for plaintext auth, but should
avoid ntlmssp.

metze
 2011-05-18 07:46:41 +02:00
Stefan Metzmacher
a41efe6802 s4:auth/credentials: pass 'self_service' to cli_credentials_set_impersonate_principal() 
This also adds a cli_credentials_get_self_service() helper function.

In order to support S4U2Proxy we need to be able to set
the service principal for the S4U2Self step independent of the
target principal.

metze
 2011-05-18 07:46:39 +02:00
Stefan Metzmacher
c6836c8ede s4:gensec_gssapi: avoid delegation if s4u2self/proxy is used 
metze
 2011-05-18 07:46:38 +02:00
Stefan Metzmacher
2c46585a42 HEIMDAL:kdc: check and regenerate the PAC in the s4u2proxy case 
TODO: we need to add a S4U_DELEGATION_INFO to the PAC later.

metze
 2011-05-18 07:46:36 +02:00
Stefan Metzmacher
3797e46543 HEIMDAL:kdc: pass the correct principal name for the resulting service ticket 
Depending on S4U2Proxy the principal name for the resulting
ticket is not the principal of the client ticket.

metze
 2011-05-18 07:46:34 +02:00
Stefan Metzmacher
cc0ff48f28 HEIMDAL:kdc: let check_PAC() to verify the incoming server and krbtgt cheksums 
For a normal TGS-REQ they're both signed with krbtgt key.
But for S4U2Proxy requests which ask for contrained delegation,
the keys differ.

metze
 2011-05-18 07:46:33 +02:00
Matthieu Patou
28598e7933 s4-dfs: Use a workaround for ndr relative pointer bug/limitation 
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue May 17 01:33:27 CEST 2011 on sn-devel-104
 2011-05-17 01:33:27 +02:00
Matthieu Patou
0d2019dcba s4-torture: Add more tests to DFS referral suite 2011-05-17 00:31:09 +02:00
root
6553940c01 torture: adapt to idl evolution 2011-05-17 00:31:09 +02:00
Matthieu Patou
c590c3a47c s4-dfs: clean the code 2011-05-17 00:31:09 +02:00
Matthieu Patou
3478e3add3 s4-dfs: fix bugs in idl and adapt code accordingly 2011-05-17 00:31:09 +02:00
Matthieu Patou
d24a22fe9a s4-python: add an option for just fixing gpo folders 2011-05-17 00:31:09 +02:00
Matthieu Patou
2a5ff1513f s4-python: keep wheel_gid as an integer 2011-05-17 00:31:09 +02:00
Matthieu Patou
c2ac7473f3 s4-python: raise an error if unable to bind remote ldap while joining 2011-05-17 00:31:09 +02:00
Andreas Schneider
a2115b5626 waf: Enable Samba3 torture tests in top level build. 
Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 16 13:57:01 CEST 2011 on sn-devel-104
 2011-05-16 13:57:01 +02:00
Günther Deschner
74d82faa78 s4-smbtorture: add test_netremotetod. 
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 16 12:45:52 CEST 2011 on sn-devel-104
 2011-05-16 12:45:52 +02:00
Günther Deschner
b1948659ad s4-libcli/rap: add smbcli_rap_netremotetod(). 
Guenther
 2011-05-16 11:43:26 +02:00
Luke Howard
c31f95f66d do an explicit A record search for SRV entries 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2011-05-13 18:50:23 +02:00
Kamen Mazdrashki
99df3f6cbb s4/test/getnc_exop: Tune the the test to work against windows 
It turns out that sometimes, w2k8-r2 returns objects
even when FSMO extended request has failed.

Also verify that target DC returns source_dsa_guid and
source_dsa_invocation_id correctly

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Fri May 13 02:26:04 CEST 2011 on sn-devel-104
 2011-05-13 02:26:04 +02:00
Kamen Mazdrashki
a8798d8bce s4/drepl_fsmo: Add an CR so that message is visible in the logs 
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Wed May 11 21:03:59 CEST 2011 on sn-devel-104
 2011-05-11 21:03:59 +02:00
Kamen Mazdrashki
d4481be95c s4/getnc_exop: Initial implementation of a testsuite for GetNCChanges extended opeartion handling 2011-05-11 21:10:54 +03:00
Kamen Mazdrashki
647827d09c s4/getncchanges: Pre-mark extended requests as success in case a sub-function "forget" to do this 2011-05-11 21:10:53 +03:00
Kamen Mazdrashki
55916e273f s4/getncchanges: Implement placeholder for handling ex-op collection of objects 
Right now it is solely based on function that handles objects
in normal DsGetNCChanges calls.
 2011-05-11 21:10:53 +03:00
Kamen Mazdrashki
88a9f793aa s4/getncchanges: Move the code that collects objects into separate function 2011-05-11 21:10:52 +03:00
Kamen Mazdrashki
41496e782d s4/getncchanges: Don't mask Extended operation result - callers need it 2011-05-11 21:10:52 +03:00