1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

790 Commits

Author SHA1 Message Date
Stefan Metzmacher
7473ca2d33 s4:libnet: use generate_random_password()
metze
2010-02-26 08:57:28 +01:00
Stefan Metzmacher
b6737c1a7c s4:libnet: use a connected CLDAP socket.
This is needed because we don't (want) to specify an explicit
local address. And the socket family (ipv4 vs. ipv6) needs to
be autodetected based on the remote address before the
socket() syscall.

Otherwise we would try to connect to a ipv4 address through an
ipv6only socket.

metze
2010-02-26 13:22:12 +11:00
Brad Hards
1e986c1cb3 More spelling fixes across source4/
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22 21:45:38 +01:00
Anatoliy Atanasov
968bd16b49 s4/rodc: change the libnet_become_dc code to do RODC join 2010-02-17 18:03:32 +02:00
Andrew Tridgell
90203f87e7 s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags
This allows for controls to be added easily where they are needed.
2010-02-16 21:10:50 +11:00
Kamen Mazdrashki
8823a549ca s4/drs: propagate DRS_ extension flags in code base 2010-02-05 10:51:57 +01:00
Simo Sorce
3ce54a4a97 s4:kdc move db functions in their own file
Keep all heimdal related plugin code within hdb_samba4.c
Move interfaces needed by multiple plugins in db-glue.c

Move sequence context in main db context so that we do
not depend on db->hdb_dbc in the common code.

Remove unnecessary paremeters from function prototypes
2010-01-28 19:33:34 -05:00
Simo Sorce
c6865af445 s4:kdc Use better db context structure
This allows to use a common structure not tied to hdb_samba4
Also allows to avoid many casts within hdb_samba4 functions

This is the first step to abstract samba kdc databse functions
so they can be used by the MIT forthcoming plugin.
2010-01-28 19:33:34 -05:00
Andrew Tridgell
f461a72ec3 idl: switched to using the WSPP names for the 'neighbour' DRS options
The documentation shows that all these functions in fact use the same
flags variable type. To be consistent between functions, and to allow
easy reference to the WSPP docs, it is better for us to also use this
generic DrsOptions bitfield rather than one per operations.
2010-01-18 07:25:18 +11:00
Andrew Tridgell
a5d6117065 s4-torture: switch to generic DRS options flags 2010-01-14 15:37:59 +11:00
Andrew Tridgell
8ccedc3ac7 s4-libnet: dsdb_wellknown_dn() in vampire code 2010-01-09 18:56:29 +11:00
Andrew Tridgell
73838b353a s4-libnet: better error messages in libnet_vampire.c 2010-01-08 13:03:04 +11:00
Jelmer Vernooij
ef453c63af py_net/libnet: Remove C++-style comments, add more error checking, move
initialization of dcerpc subsystem to libnet.
2009-12-25 14:48:45 +01:00
Kamen Mazdrashki
20c7c27322 s4-libnet: Python binding for libnet_SetPassword()
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-25 14:15:42 +01:00
Kamen Mazdrashki
f03e88fa4b s4-net: Fix 'talloc_free with references ...' error
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-25 14:15:31 +01:00
Matthias Dieter Wallnöfer
31321ac868 s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
We shouldn't use the now uninitialised "status" variable anymore.
2009-12-11 11:19:32 +01:00
Andrew Tridgell
982228605f s4-libnet: use GUID_to_ndr_blob() 2009-12-10 17:51:28 +11:00
Matthias Dieter Wallnöfer
e77c0f1b50 s4:libnet_become_dc - fix typo 2009-11-24 19:17:08 +01:00
Andrew Bartlett
39b8f31d66 s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schema
The load of defaultObjectCategory as an extended DN means we need to
use the common parsing functions I just split out, rather than the
GET_DS_DN macro.

The objectGUIDs are loaded so that we can create the extended DN when
we load from LDIF (and are loaded for the other cases for
consistency).

Also adapt callers to API changes needed for common parsing code

Andrew Bartlett
2009-11-17 10:38:02 +11:00
Andrew Bartlett
df7546ac16 s4:dsdb/repl Split the 'convert' or 'commit' stages in the DRS import
This will allow us in future to do tests on the LDB values we generate
from the DRS replication.

Andrew Bartlett
2009-11-12 16:34:10 +11:00
Andrew Bartlett
d053584443 s4:vampire Print error message when we fail on the CLDAP ping
Andrew Bartlett
2009-11-12 16:34:08 +11:00
Matthias Dieter Wallnöfer
dae1258acd s4:libnet_passwd - fix pointer type 2009-11-06 22:05:12 +01:00
Kamen Mazdrashki
ba4d87f817 s4/drs: dsdb_map_int2oid() replaced by dsdb_schema_pfm_oid_from_attid()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:43 +01:00
Kamen Mazdrashki
ddab9d1fe7 s4/drs: dsdb_verify_oid_mappings_drsuapi() replaced by dsdb_schema_pfm_contains_drsuapi_pfm()
dsdb_schema_pfm_contains_drsuapi_pfm() is part of reimplemented
prefixMap interface.

This name was choosen to clearly show, that this a week verification
in case we want to determine if remote schema is changed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:42 +01:00
Kamen Mazdrashki
a83385303b s4/drs: dsdb_load_oid_mappings_drsuapi() -> dsdb_load_prefixmap_from_drsuapi()
Also, dsdb_load_oid_mappings_drsuapi() was reimplemented to use
dsdb_schema_pfm_from_drsuapi_pfm() function to load
drsuapi_prefixMap into schema->prefixmap

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06 14:05:41 +01:00
Andrew Tridgell
3050f83288 s4-python: we need to include Python.h first
If we don't include Python.h first then we get a pile of warnings due
to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23 16:23:01 +11:00
Andrew Tridgell
4ad0397d8a s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()
This allows us to reuse a ldb context if it is open twice, instead
of going through the expensive process of a full ldb open. We can
reuse it if all of the parameters are the same.

The change relies on callers using talloc_unlink() or free of a parent
to close a ldb context.
2009-10-23 14:52:17 +11:00
Andrew Tridgell
89ba043c7d s4-libnet: fixed privilege handling in samsync to use the right db
I only noticed this one because of Karolins spelling fix :-)
2009-10-19 20:03:12 +11:00
Karolin Seeger
fa08d0b44b Fix typo.
privilage -> privilege

Karolin
2009-10-19 09:47:33 +02:00
Matthias Dieter Wallnöfer
44df2488e3 s4: fix various warnings (not "const" related ones) 2009-10-02 15:33:48 +02:00
Andrew Tridgell
5c07c7eac2 s4-libnet: give sane error messages when functional levels don't match
It is nice to tell the user why their command failed :-)
2009-10-02 15:09:59 +10:00
Matthias Dieter Wallnöfer
45a237ce88 s4:libnet_become_dc - add checks for valid domain/forest function levels
Add checks to make sure that we join only supported AD domains (we agreed that
those are >= (Windows) 2003 Native per default - this is changeable with the
"ads:function level" option).
Add also checks to make sure that we cannot join domains which have a bigger
function level than our DC capable function level (e.g. a (Windows) 2008 DC
cannot join a (Windows) 2008 R2 domain).
2009-10-02 14:22:01 +10:00
Andrew Tridgell
808585b4fe s4-libnet: fixed debug formatting 2009-09-28 10:25:31 +10:00
Andrew Tridgell
a9188f7e10 s4-libnet: allow the functional level of becomeDC to be specified
Use
   ads:functional level = 4
for DS_DC_FUNCTION_2008_R2

See libds/common/flags.h
2009-09-24 10:34:53 -07:00
Andrew Tridgell
3cd0f9e264 s4-libnet: avoid a steal with references error 2009-09-24 10:33:36 -07:00
Matthias Dieter Wallnöfer
32f4afd617 s4:libnet_become_dc - bump down the level requested by abartlet 2009-09-21 11:59:07 +02:00
Andrew Bartlett
bfddb6816f s4:provision Use code to store domain join in 'net join' as well
This ensures we only have one codepath to store the secret, and
therefore that we have a single choke point for setting the
saltPrincipal, which we were previously skipping.

Andrew Bartlett
2009-09-20 16:29:38 -07:00
Andrew Tridgell
92786aebf1 s4-resolve: fixed a crash bug on timeout
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
2009-09-19 08:23:03 -07:00
Matthias Dieter Wallnöfer
4445cdfad2 s4:libnet_become_dc - Fix some uninitialised variables 2009-09-17 18:27:31 +02:00
Matthias Dieter Wallnöfer
0c202e403f s4/domain behaviour flags: Fix them up in various locations
Additional notes:
- Bump the level to Windows Server 2008 R2 (we should support always the latest
  version - if we provision ourself)
- In "descriptor.c" the check for the "domainFunctionality" level shouldn't be
  needed: ACL owner groups (not owner user) are supported since Windows 2000
  Server (first AD edition)
  - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-17 12:40:33 +02:00
Andrew Tridgell
458dda1f15 s4-repl: don't do double replication
When we replicate from a remote DC, we need to note the new uSN that
the local changes have resulted in, and modify the uSN that the notify
task uses to determine if it should send a ReplicaSync message back to
the remote DC. Otherwise we end up always triggering a ReplicaSync
every time we replicate from another DC
2009-09-15 18:45:43 -07:00
Andrew Tridgell
557cc460f2 s4/vampire: fixed i/j index mixup in vampire code 2009-09-10 01:26:34 +10:00
Andrew Tridgell
3cb1caf0ef s4: allow repl:RODC=true/false to set ourselves as a RODC
I think this is what windows DCs use to see that we are read-only, but
I am not sure. Needs more testing.
2009-09-09 12:36:51 +10:00
Andrew Tridgell
9a3db7e331 s4: fixed updaterefs options bitmap 2009-09-08 11:52:45 +10:00
Andrew Tridgell
86f3a2ea09 s4: fixed the secrets.ldb construction in libnet
on a vampire join we were not putting the right attributes and
objectclass on the secrets.ldb record
2009-09-07 10:33:47 +10:00
Andrew Tridgell
7dbe0797b1 show more reasonable object counts during a vampire
We now show the total number of objects we have processed, which gives
the user a better idea of how much has been done. A vampire on a large
domain can take an hour or more (which needs to be fixed btw, it is a
problem with the lack of scalability of the ltdb index code). Watching
the same msg for an hour makes you wonder if any progress is being
made!
2009-09-03 18:36:09 +10:00
Andrew Tridgell
69802b3a3b wrap the entire vampire operation in a transaction
We want to grab the whole database, or none of it.
This is also needed to get linked attributes right
2009-09-02 18:19:55 +10:00
Stefan Metzmacher
ff37d6631c s4:libnet: use talloc_strdup() instead of talloc_reference()
metze
2009-07-31 14:42:03 +02:00
Andrew Bartlett
4e049b0a1c Fix compile of py_net.c 2009-07-28 18:00:46 +10:00
Andrew Bartlett
058cd95c88 s4:libnet Add in a 'credentials' parameter for python libnet_Join 2009-07-28 16:06:05 +10:00
Andrew Bartlett
47a7a2e442 s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
2009-07-28 08:52:43 +10:00
Stefan Metzmacher
b7c003c09c Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"
This reverts commit a40ce5d0d9.

This breaks the build...

Andrew, please repush it, when it's fixed:-)

metze
2009-07-27 17:41:11 +02:00
Andrew Bartlett
a40ce5d0d9 s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
2009-07-27 22:41:42 +10:00
Jelmer Vernooij
28d155499a Add missing includes. 2009-07-19 13:39:38 +02:00
Stefan Metzmacher
722765213b s4:libnet: rename uint => uint32_t because uint is not portable
metze
2009-07-15 20:47:00 +02:00
Günther Deschner
8db45607f8 libds: share UF_ flags between samba3 and 4.
Guenther
2009-07-13 15:36:06 +02:00
Andrew Tridgell
865ca9be64 the settings structure needs to be initialised 2009-07-02 14:55:38 +10:00
Andrew Tridgell
27620c85e7 use a talloc_reparent in a very ugly way
this works around some terrible use of talloc in the libnet code
2009-07-01 15:15:37 +10:00
Andrew Tridgell
0534ae012b use the new talloc_reparent in two places 2009-07-01 15:15:37 +10:00
Andrew Bartlett
58e8db912d s4:libnet Allow 'net password change' to work on expired passwords
We need to pass down flags to the DCE/RPC layer to allow fallback to
anonymous connections, as we can't log in with an expired password.

The anonymous connection can then change the password with SAMR.

Andrew Bartlett
2009-06-18 13:49:30 +10:00
Andrew Tridgell
4dcc058ea1 fixed the client side password change code
The client side code was not falling back to older routines correctly
as it didn't check for the operation range error appropriately. It
also used the old rpc semantics.
2009-05-25 13:40:52 +10:00
Andrew Bartlett
aa5cee2288 s4:libnet Use str_list_make_single() in resolv code 2009-05-14 05:56:59 +10:00
Andrew Bartlett
5095d7b1c8 Rework Samba4 to use the new common libcli/auth code
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.

Andrew Bartlett
2009-04-14 16:23:44 +10:00
Andrew Bartlett
df8e1908ef Use common samsync delta decryption functions in libnet_samsync.c
Andrew Bartlett
2009-04-14 16:23:43 +10:00
Andrew Tridgell
9539e2b508 major upgrade to the ldb attribute handling
This is all working towards supporting the full WSPP schema without a
major performance penalty.

We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema. 

Also added support for a few more key attribute syntaxes, as needed
for the full schema.
2009-04-02 16:42:21 +11:00
Stefan Metzmacher
c600e8ef42 s4:cldap: rewrite the cldap library based on tsocket
metze
2009-03-19 16:25:59 +01:00
Jelmer Vernooij
94069bd274 s4: Use same function signature for convert_* as s3. 2009-03-01 19:55:46 +01:00
Jelmer Vernooij
9ffb6d2d9e Add allow_badcharcnv argument to all conversion function, for
consistency with Samba 3.
2009-03-01 06:33:40 +01:00
Stefan Metzmacher
aa9c6b58f5 s4:libnet: s/new/n
metze
2009-02-02 13:09:17 +01:00
Stefan Metzmacher
1bb0104070 s4:cldap: s/private/private_data
metze
2009-02-02 13:08:42 +01:00
Stefan Metzmacher
c005bbddb7 s4:libnet/: s/private/private_data
metze
2009-02-02 13:08:29 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Kai Blin
855d2a927e s4 libnet: Add support for groupinfo by sid lookup 2008-12-29 12:52:27 +01:00
Kai Blin
181d4fd31a s4 libnet: Add group_name member to struct libnet_GroupInfo's out struct. 2008-12-29 12:52:26 +01:00
Stefan Metzmacher
37b6950961 s4:libnet_samdump_keytab: pass down event_context explicit
metze
2008-12-29 09:46:38 +01:00
Jelmer Vernooij
ff26cb4b1c Fix compiler warnings in libnet. 2008-12-23 22:11:21 +01:00
Günther Deschner
4bcf8edcf8 s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.
Guenther
2008-12-05 14:27:03 +01:00
Günther Deschner
296fae7561 s4-samr: fix samr passwdord_expired callers.
Guenther
2008-11-28 13:55:49 +01:00
Günther Deschner
09998ab89d s4-samr: merge samr_QueryUserInfo{2} from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:31 +01:00
Günther Deschner
15e011564a s4-samr: merge samr_QueryGroupInfo from s3 idl. (fixme python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
99c2fac6b2 s4-samr: merge samr_EnumDomainGroups from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
1ea97d76ed s4-samr: merge samr_EnumDomainUsers from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
d4d9a73ad1 s4-samr: merge samr_EnumDomains from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
bb1d7684d2 s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
61391d0ade s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:30 +01:00
Günther Deschner
f42f1ae5a8 s4-samr: merge samr_GetUserPwInfo from s3 idl. (fixme: python)
Guenther
2008-11-10 21:46:27 +01:00
Günther Deschner
e0a6e3b23b s4-samr: merge samr_ChangePasswordUser3 from s3 idl.
Guenther
2008-11-10 21:46:26 +01:00
Günther Deschner
e004307000 s4-netlogon: change parameters string to lsa_BinaryString.
Guenther
2008-11-10 21:46:25 +01:00
Jelmer Vernooij
cb77fca1cd Remove use of global loadparm in python modules. 2008-11-02 16:50:11 +01:00
Günther Deschner
7204deac82 s4-srvsvc: merge srvsvc_NetShareEnumAll from s3 idl.
Guenther
2008-10-31 02:44:34 +01:00
Günther Deschner
3206f35527 s4-srvsvc: merge srvsvc_NetShareAdd from s3 idl.
Guenther
2008-10-31 02:44:31 +01:00
Günther Deschner
9fd82703d1 s4-srvsvc: merge srvsvc_NetRemoteTOD from s3 idl.
Guenther
2008-10-31 02:44:30 +01:00
Günther Deschner
cbc0b63a77 s4-netlogon: merge netr_DatabaseSync from s3 idl.
Guenther
2008-10-29 08:57:51 +01:00
Günther Deschner
a4ad265850 s4-libnet: fix user and group enumeration functions after lsa changes.
Guenther
2008-10-27 21:46:50 +01:00
Günther Deschner
95231eae39 s4-lsa: merge lsa_QueryInfoPolicy/{2} from s3 lsa idl.
Guenther
2008-10-27 19:33:23 +01:00
Günther Deschner
92f1c0d156 s4-lsa: merge lsa_LookupNames/{2,3,4} from s3 lsa idl.
Guenther
2008-10-27 19:33:23 +01:00
Jelmer Vernooij
0b0b11e3d9 Fix the build. 2008-10-24 16:52:25 +02:00
Jelmer Vernooij
23302413b3 Remove unused include param/param.h. 2008-10-24 16:37:56 +02:00
Jelmer Vernooij
37d885c51a Remove iconv_convenience argument from convert_string{,talloc}() but
make them wrappers around convert_string{,talloc}_convenience().
2008-10-24 14:26:46 +02:00
Jelmer Vernooij
7ec58471df Split up codepoints code, use consistent _m suffix. 2008-10-24 02:51:03 +02:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
Günther Deschner
dd49f7483b s4-drsuapi: merge drsuapi_DsGetNCChanges from s3 drsuapi idl.
Guenther
2008-10-18 23:06:39 +02:00
Günther Deschner
6ddaf5f160 s4-drsuapi: merge drsuapi_DsCrackNames from s3 drsuapi idl.
Guenther
2008-10-18 23:06:31 +02:00
Günther Deschner
b684efacf5 s4-drsuapi: merge drsuapi_DsRemoveDSServer from s3 drsuapi idl.
Guenther
2008-10-18 23:06:07 +02:00
Günther Deschner
bc1d39483c s4-drsuapi: merge drsuapi_DsAddEntry from s3 drsuapi idl.
Guenther
2008-10-18 23:05:59 +02:00
Jelmer Vernooij
218f482fbf Use common strlist implementation in Samba 3 and Samba 4. 2008-10-12 00:56:56 +02:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Stefan Metzmacher
3c9f3c32d1 s4:drsuapi.idl: fix some fields in drsuapi_DsRemoveDSServer()
metze
2008-10-02 12:20:59 +02:00
Volker Lendecke
af1c802791 The IRIX compiler does not like embedded unnamed unions 2008-10-02 08:09:25 +02:00
Jelmer Vernooij
cef80957c4 Remove global_loadparm instance, discard_const_p. 2008-09-30 02:19:15 +02:00
Jelmer Vernooij
43d944e6d6 Remove global_loadparm instance. 2008-09-30 01:59:10 +02:00
Jelmer Vernooij
6925202bde Move source4/lib/crypto to lib/crypto. 2008-09-24 15:30:23 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
2008-09-23 18:17:46 -04:00
Stefan Metzmacher
75f594b285 drsuapi: fix samba4 callers after drsuapi.idl changes
metze
(This used to be commit 4b054cee51)
2008-08-20 15:22:05 +02:00
Stefan Metzmacher
8275d511bc drsuapi: fix callers after idl change
metze
(This used to be commit 7dee6fb62d)
2008-08-07 19:15:58 +02:00
Michael Adam
db36f37b8f libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntry
instead of version 2 (win2k3).
This makes the NET-API-BECOME-DC test work against windows 2003 and 2008.

Michael
(This used to be commit a7bfa1fb1b)
2008-07-23 18:02:44 +02:00
Michael Adam
c71030bd04 libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 auth.
This allows controlling whether krb5 auth is forced for the rpc bind in
libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges
only krb5 auth works due to a bug in Windows (it returns garbage - a
positive object count is returned along with first object == NULL).
For Windows 2008, on the other hand, krb5 auth does not work currently
due to the lack of support for AES keys. (Metze is working on that.)

Michael
(This used to be commit af85aad814)
2008-07-23 18:01:02 +02:00
Michael Adam
1f20ca14cc drsuapi: always set the pid field of the outgoing DsBindInfo to 0.
This is for debugging and informational purposes only.
The assignment is implementation specific.
(WSPP docs, sec. 5.35).

Michael
(This used to be commit 1f5704e2de)
2008-07-23 15:36:13 +02:00
Michael Adam
e269804b04 libnet_unbecome_dc: teach unbecomeDC_drsuapi_bind_recv() DsBindInfo48.
..to work agains w2k8.

Michael
(This used to be commit 97e8d5813d)
2008-07-23 15:36:13 +02:00
Michael Adam
46bb8aa357 libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.
To work with w2k8.

Michael
(This used to be commit 7d80fab912)
2008-07-23 15:36:13 +02:00
Stefan Metzmacher
945eedc4c1 libnet/become_dc: add a comment and explain why it's important to specify krb5
metze
(This used to be commit 26d1f9366d)
2008-07-23 11:56:55 +02:00
Michael Adam
7fba6c649b Change occurrences of the u1 member of DsBindInfo* to pid after idl change.
Michael
(This used to be commit b91bbc5fe4)
2008-07-22 15:35:23 +02:00
Andrew Bartlett
d626a26374 Rename structures to better match the names in the WSPP IDL.
The 'comment' element in a number of domain structures is called
oem_information.  This was picked up actually because with OpenLDAP
doing the schema checking, it noticed that 'comment' was not a valid
attribute.

The rename tries to keep this consistant in both the LDB mappings and
IDL, so we don't make the same mistake in future.

This has no real schema impact, as this value isn't actually used for
anything, as 'comment' was not used in the provision.

Andrew Bartlett
(This used to be commit 65dc0d5365)
2008-07-21 13:42:07 +10:00
Stefan Metzmacher
29049aa670 drsuapi: print out the number of linked attribute values we got
metze
(This used to be commit 34f8b2abdd)
2008-07-16 14:42:12 +02:00
Stefan Metzmacher
f0e44c35af drsuapi: make use of the 'more_data' field in DsGetNCChangesCtr[1|6]
metze
(This used to be commit 35c7fa470a)
2008-07-16 14:42:11 +02:00
Stefan Metzmacher
f3fae86549 drsuapi: check ctr6->drs_error
metze
(This used to be commit 511847f5f5)
2008-07-16 14:42:11 +02:00
Stefan Metzmacher
a24fb2b537 drsuapi: get ctr6 out of xpress compressed level
metze
(This used to be commit 4e0708148a)
2008-07-16 14:42:06 +02:00
Stefan Metzmacher
c6ea7f0221 drsuapi: total_object_count was the wrong guess
The total_object_count member of DsGetNCChangesCtr[1|6] was wrong
it's the error code of an extended operation.

DsGetNCChangesCtr6 has a nc_object_count value which contains
the estimated amount of objects in the naming_context.

W2k seems to have a bug and sends this number of objects
in the extended_ret field. Maybe it's just a bug and
not a feature:-)

metze
(This used to be commit 6793109212)
2008-07-16 12:16:58 +02:00
Stefan Metzmacher
ddce2beba8 libnet/become_dc: an unknown field in drsuapi.idl changed to object_flags
metze
(This used to be commit a6198ab6cb)
2008-07-16 12:15:50 +02:00
Stefan Metzmacher
c8a1254db8 become_dc: we need to replicate using krb5 auth to work against w2k
With NTLMSSP we just get strange responses with a random object count
and a NULL object list. On the domain partition where we try to replicate
the password fields.

metze
(This used to be commit ce12a91051)
2008-07-16 12:12:29 +02:00
Andrew Bartlett
532899386b Use secrets.ldb to store credentials to contact LDAP backend.
This makes Samba4 behave much like Samba3 did, and use a single set of
administrative credentials for it's connection to LDAP.

Andrew Bartlett
(This used to be commit e396a59788)
2008-07-15 15:07:13 +10:00
Andrew Bartlett
44ea6a26fd rename sambaPassword -> userPassword.
This attribute is used in a very similar way (virtual attribute
updating the password) in AD on Win2003, so eliminate the difference.

This should not cause a problem for on-disk passwords, as by default
we do not store the plaintext at all.

Andrew Bartlett
(This used to be commit 1cf0d75149)
2008-07-12 15:26:42 +10:00
Michael Adam
24caf1178a libnet_domain: eliminate "discards qualifier" warning (const).
Michael
(This used to be commit ea99590046)
2008-07-09 16:00:24 +02:00
Stefan Metzmacher
c88ec856bd drsuapi.idl: remove some unknows from DsGetNCChanges() (update samba4 callers)
metze
(This used to be commit d41b3dd6ff)
2008-06-30 17:40:01 +02:00
Simo Sorce
2daf2897d5 Use a custom init function for samba4 that sets a samba4
specific debug function.
By default do not debug, this is the most appropriate action for a library
as we cannot assume what stderr is use for in the main app.
The main app is responsible to set ev_debug_stderr if they so desire.
(This used to be commit e566a2f308)
2008-06-14 13:00:53 -04:00
Simo Sorce
929adc9efa Make up the right dependencies now that ldb depends on libevents
(This used to be commit 3b8eec7ca3)
2008-06-14 11:59:19 -04:00
Andrew Bartlett
be14efbdf9 Revert Jelmer's CFLAGS commit e2b71a0ecb
This commit broke the build, because not all files (libreplace, popt)
were updated.

Andrew Bartlett
(This used to be commit 3faacf4351)
2008-05-31 08:35:55 +10:00
Jelmer Vernooij
39f50afc57 Move CFLAGS handling out of smb_build.
(This used to be commit e2b71a0ecb)
2008-05-30 02:07:28 +02:00
Jelmer Vernooij
b8310221c6 Add docstring for samba.net.Join
(This used to be commit 382de54553)
2008-05-23 00:37:30 +02:00
Jelmer Vernooij
49706ab19b Move more modules inside of the samba package.
(This used to be commit 9b39e99f48)
2008-05-21 23:59:34 +02:00
Andrew Bartlett
343fea32cc Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
Fix config.mk due to changing syntax.

Conflicts:

	source/libcli/config.mk
	source/nbt_server/config.mk
(This used to be commit 6a1c76f29f)
2008-05-20 08:03:35 +10:00
Jelmer Vernooij
4c70cda986 Fix a couple (well, little more than that..) of typos.
(This used to be commit a6b5211994)
2008-05-18 23:02:47 +02:00
Jelmer Vernooij
4c8756f147 Create prototype headers from Makefile directory, without smb_build in the middle.
(This used to be commit f4a77b96f9)
2008-05-18 22:30:08 +02:00
Jelmer Vernooij
100d3967d3 Use src dir.
(This used to be commit 63f2b66f0e)
2008-05-18 19:10:37 +02:00
Jelmer Vernooij
4d2f44163e Use variables for source path in libnet/ and scripting/python.
(This used to be commit fb10a81b94)
2008-05-18 19:07:07 +02:00
Andrew Bartlett
58e7f253ea Rework the CLDAP and NBT netlogon requests and responses.
This now matches section 7.3.3 of the MS-ATDS specification, and all
our current tests pass against windows.  There is still more testing
to do, and the server implementation to complete.

Andrew Bartlett
(This used to be commit 431d0c0396)
2008-05-16 13:03:01 +10:00
Kai Blin
240d959005 libnet: Make UserInfo accept a SID as input as well, fix wb_cmd_getpwuid
(This used to be commit 5f3a70f285)
2008-04-24 11:17:23 +02:00
Simo Sorce
4e83011f72 Remove more event_context_init() uses from function calls within deep down the code.
Make sure we pass around the event_context where we need it instead.
All test but a few python ones fail. Jelmer promised to fix them.
(This used to be commit 3045d39162)
2008-04-21 18:12:33 -04:00
Jelmer Vernooij
21fc767378 Specify event_context to ldb_wrap_connect explicitly.
(This used to be commit b4e1ae07a2)
2008-04-17 12:23:44 +02:00
Jelmer Vernooij
1efbd5fbf6 Remove event context tracking from the credentials struct.
(This used to be commit 4d7fc946b2)
2008-04-17 01:03:18 +02:00