sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Code
57,741 Commits 60 Branches 1,144 Tags 452 MiB
85b6461174
Commit Graph

521 Commits

Author SHA1 Message Date
Günther Deschner
bbff69384e s3-samr: implement _samr_ValidatePassword(). 
Guenther
 2009-11-10 13:08:29 +01:00
Karolin Seeger
fa08d0b44b Fix typo. 
privilage -> privilege

Karolin
 2009-10-19 09:47:33 +02:00
Matthias Dieter Wallnöfer
fef032fac7 s3:srv_samr_nt - another fix for the reject reason 2009-10-16 15:26:14 +02:00
Matthias Dieter Wallnöfer
607ceff234 s3/s4 - Adapt the IDL changes on various locations 2009-10-08 09:50:19 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. 
Guenther
 2009-09-15 17:49:34 +02:00
Günther Deschner
c3da2056ec s3-samr: Fix Coverity #934 UNINIT. 
Guenther
 2009-09-13 21:33:00 +02:00
Volker Lendecke
fb03bbfa09 Fix valgrind errors in DeleteDomainGroup and DeleteDomAlias 2009-07-26 22:05:41 +02:00
Volker Lendecke
1a6aaee050 Fix a valgrind error in _samr_DeleteUser 
The close_handle invalidates uinfo
 2009-07-26 15:47:31 +02:00
Günther Deschner
9f15ef11bd s3-account_policy: add pdb_policy_type enum. 
Guenther
 2009-07-14 12:12:18 +02:00
Günther Deschner
f7ff6bd142 s3-rpc_server: pass down full unix token to map_max_allowed_access(). 
Also use unix_token->uid instead of geteuid() when checking for mapping of the
SEC_FLAG_MAXIMUM_ALLOWED flag.

Guenther
 2009-07-13 15:38:20 +02:00
Günther Deschner
aab9e5509c s3-samr: refactor _samr_SetDomainInfo(). 
Guenther
 2009-06-25 11:02:35 +02:00
Günther Deschner
28d74f96fb s3-samr: refactor _samr_QueryDomainInfo(). 
Guenther
 2009-06-25 11:02:26 +02:00
Volker Lendecke
a51e6ce43c Pass a talloc_ctx to pdb_enum_aliasmem 2009-06-08 21:14:10 +02:00
Günther Deschner
6f4044cae9 s3-samr: fix enum_acb_mask type (uint32 instead of uint16). 
Guenther
 2009-06-08 19:47:43 +02:00
Günther Deschner
89616420d8 s3-samr: support _samr_SetGroupInfo level 2. 
Guenther
 2009-06-08 10:45:20 +02:00
Günther Deschner
a783b1e4da s3-samr: SetGroupInfo level 1 should not return NT_STATUS_INVALID_INFO_CLASS. 
Found by RPC-SAMR torture test.

Guenther
 2009-06-07 02:24:21 +02:00
Günther Deschner
93e7970647 s3-samr: fix _QueryDisplayInformation r->out.returned_size. 
*r->out.returned_size needs to be 0 if nothing was enumerated.

Found by RPC-SAMR torture test.

Guenther
 2009-06-07 00:56:04 +02:00
Günther Deschner
c3f1f6cac9 s3-samr: remove total_data_size variable in _samr_QueryDisplayInfo. 
Guenther
 2009-06-07 00:55:45 +02:00
Günther Deschner
ee059e33d5 s3-samr: let _samr_SetGroupInfo level 3 just pass with success. 
Guenther
 2009-06-07 00:55:16 +02:00
Günther Deschner
6544264ac1 s3-samr: _samr_EnumDomain{Users,Groups} need to return an emtpy array even for builtin domain. 
Found by RPC-SAMR torture test.

Guenther
 2009-06-07 00:55:06 +02:00
Günther Deschner
447fe57584 s3-samr: cosmetic fixes for _samr_QueryDisplayInfo. 
use the variables of the struct samr_QueryDisplayInfo directly to make
it easier to track where variables are defined from.

Guenther
 2009-06-07 00:53:28 +02:00
Stefan Metzmacher
75d03970b7 s3:smbd: move more session specific globals to struct smbd_server_connection 
metze
 2009-06-03 17:54:37 +02:00
Günther Deschner
fca7dce1a9 s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases. 
This is now also verified with the RPC-SAMR-LARGE-DC test.

Guenther
 2009-05-25 14:05:18 +02:00
Jeremy Allison
459dc8f39c Change access_check_samr_object -> access_check_object. 
Make map_max_allowed_access global. Change lsa_get_generic_sd
to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just
LSA_POLICY_EXECUTE.
Jeremy.
 2009-05-18 15:44:03 -07:00
Jeremy Allison
ada1af41ea Fix SAMR server for winbindd access. Ensure we allow 
MAX_ACCESS to be mapped to what we're giving Everyone.
Jeremy.
 2009-05-18 14:26:37 -07:00
Jeremy Allison
8b4e491ab0 Ensure users with SeAddUser privs get full access to 
groups/aliases when opening.
Jeremy.
 2009-05-15 14:20:00 -07:00
Jeremy Allison
5adb3b8841 Add extra abilities for a user with SeAddUsers, so they 
can manipulate groups and aliases.
Jeremy.
 2009-05-15 13:36:43 -07:00
Jeremy Allison
2b784738d7 DeleteUser doesn't need the priv checks, this is done at OpenUser time. 
Jeremy.
 2009-05-15 13:13:01 -07:00
Günther Deschner
4027fde97c s3-samr: Fix samr access checks in _samr_RemoveMemberFromForeignDomain(). 
Guenther
 2009-05-15 21:18:23 +02:00
Günther Deschner
cd421ff2fc s3-samr: Fix samr access checks in _samr_SetUserInfo(). 
Guenther
 2009-05-15 15:38:22 +02:00
Günther Deschner
7dcf5d4bcf s3-samr: Fix samr access checks in _samr_QueryUserInfo(). 
Guenther
 2009-05-15 15:38:13 +02:00
Günther Deschner
59192bf03f s3-samr: in _samr_QueryUserInfo() make sure to not return any info in error case. 
Guenther
 2009-05-15 15:37:50 +02:00
Günther Deschner
0e9f03c727 s3-samr: Fix samr access checks in _samr_SetDomainInfo(). 
Guenther
 2009-05-15 13:55:39 +02:00
Günther Deschner
140d4cabca s3-samr: Fix samr access checks in _samr_QueryDomainInfo(). 
Guenther
 2009-05-15 13:55:32 +02:00
Günther Deschner
7d653ae277 s3-samr: use normal integer in r->in.level switch statements. 
Guenther
 2009-05-15 13:55:15 +02:00
Jeremy Allison
57e03b6a1d Fix the core of the SAMR access functions. This passes make test, but 
usrmgr fails against it. The core of this patch is to move all the
access mask setup into the _samr_OpenXXX functions, and then have
each specific function check the attached access_mask against the
required bits. We can then go through the MS-SAMR doc and match
things up. Signed off by Guenther, and writespace cleanup removal
by Volker.
Jeremy.
 2009-05-14 15:11:50 -07:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types. 
Should make Solaris 10 builds look cleaner.
Jeremy.
 2009-05-11 21:56:57 -07:00
Günther Deschner
0dc1b239eb s3-samr: implement _samr_RidToSid(). 
Guenther
 2009-05-12 00:27:24 +02:00
Günther Deschner
4beb4395eb s3-samr: Let _samr_TestPrivateFunctionsDomain() return NT_STATUS_NOT_SUPPORTED to make RPC-SAMR happy. 
Guenther
 2009-05-12 00:27:24 +02:00
Günther Deschner
6d1e21bd1b s3-samr: Fix Bug #5859, renaming of samr objects failed due to samr setuserinfo access checks. 
Torture test to follow...

Guenther
 2009-05-11 18:48:54 +02:00
Günther Deschner
705f36b804 s3-samr: Fix SetUserInfo level 7 when there has been no name change. 
Found by torture test.

Guenther
 2009-05-09 00:02:00 +02:00
Günther Deschner
b7925cb3f2 s3-samr: more accurateness in _samr_SetDomainInfo(). 
Guenther
 2009-05-08 22:15:31 +02:00
Günther Deschner
266b79e004 s3-samr: implement more info levels in _samr_QueryDomainInfo(). 
Gets us closer to pass RPC-SAMR.

Guenther
 2009-05-08 09:55:10 +02:00
Günther Deschner
d7b32b51f8 s3-samr: Fix potential memory leak in _samr_ChangePasswordUser(). 
Guenther
 2009-05-08 01:24:28 +02:00
Günther Deschner
6f4b5798c9 s3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass. 
Guenther
 2009-05-08 00:46:54 +02:00
Günther Deschner
227b61d7ea s3-samr: Do not leak information whether a user exist or not in pwd change calls. 
Found by torture test.

Guenther
 2009-05-08 00:46:54 +02:00
Günther Deschner
5773d7d102 s3-samr: implement _samr_ChangePasswordUser(). 
This is vastly copied from samba4 samr server.

Guenther
 2009-05-08 00:46:49 +02:00
Günther Deschner
d17c6af57c s3-samr: implement _samr_OemChangePasswordUser2(). 
Guenther
 2009-05-08 00:44:46 +02:00
Günther Deschner
6aca5fca8d s3-samr: Let _samr_TestPrivateFunctionsUser() return not supported. 
This is to get us closer to pass RPC-SAMR-USERS.

Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
b96fdae1f4 s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain. 
Found by torture test.

Guenther
 2009-05-08 00:41:40 +02:00