IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
- Use templates for Secrets and the new trusted domains
- Auto-add modifiedTime, createdTime and objectGUID to records in the
samdb layer.
Andrew Bartlett
This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.
Some small changes to come, but the bulk of the work is now done.
A re-provision is required after this change.
Andrew Bartlett
This call uses a new IDL type, NTTIME_hyper. This is 8-byte aligned,
as the name suggests.
Expand the QuerySecret LSA calls in RPC-SAMLOGON and RPC-LSA, to
validate the behaviour of times, and of the old secrets.
Thanks to tridge for spotting the use of HYPER!
Andrew Bartlett
NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED (as longhorn does) to be an error.
fixed the CreateTrustedDomain test to cope with the "torturedomain" being left over
from a previous aborted run
why does samba3 return domain_name as in the unknown_name field in the code
and on the wire it returns DCERPC_FAULT_OP_RNG_ERROR?
all of my test machines NT4,W2K,W2K3,XP returned NULL
and if I file the string in the .in.* the server echos the strings back
and returns NT_STATUS_INVALID_PARAMETER
metze
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
names and other assistance from the ethereal sources.
More work needs to be done to validate some of the levels, which do
not appear in the query - perhaps they are modification levels.
Andrew Bartlett
* Add new tests for ACCOUNTs in SamSync
* Clean up names in NETLOGON and LSA
* Verify Security Descriptors against LSA, as well as SamR
Andrew Bartlett
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.
This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
encryption on ncacn_ip_tcp is a fixed buffer! I don't yet know what
the buffer is, but this code proves its the same buffer for different
w2k3 servers and different user passwords, plus it is independent of
the negotiated NTLMSSP session key.
w2k3 can handle in a single request. With the samba3 client rpc libs I can do
about 21000 SIDs in a single request. test_many_LookupSIDs with 10000 SIDs
fails on the subsequent request with a NET_WRITE_FAULT. Maybe the Samba4 DCE
people want to take a look at this -- I don't see the problem.
Bug fix: SID components should be treated as unsigned when parsing
Volker
- added lsa_OpenPolicy2() to server
- added guid handling in samdb
- added a couple more info policy levels in lsa server
- added some DNS info in the provisioning template and script
With the above changes WinXP professional can join a Samba4 domain
Now that all session keys are DATA_BLOBs, fix the callers.
This assumes some things about the behaviour of certain crypto
algorithms, without the ability to test it on session keys != 16 bytes
in length. We will just need to retest when we get the KRB5 support
in (DES keys are 8 bytes).
Andrew Bartlett
