IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
I think we may still need to look at our server enumeration code, but
other than that, its much better in the tree than out.
Andrew Bartlett
(This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
information when one or more of the names/sids being queried were not
resolvable. We now return a list the same length as the parameters passed
instead of an array of just the resolvable names/sids.
(This used to be commit 245468dbabb7c849ce423cc3cb586fa913d0adfe)
winbind default domains, particulary now I understand whats going on a lot
better. This ensures that the RPC client code does as little 'magic' as
possible - this is up to the application/user. (Where - for to name->sid code
- it was all along). This leaves the change that allows the sid->name code to
return domains and usernames in seperate paramaters.
Andrew Bartlett
(This used to be commit 5dfba2cf536f761b0aee314ed9e30dc53900b691)
to the function. This fixes a nice little segfault the brute-force-casting
created. :-)
Andrew Bartlett
(This used to be commit c84fa7f5fd62940e397d3353fb688f283349393e)
smbd, and also makes it much cleaner inside winbindd.
It is mostly my code, with a few changes and testing performed by Alexander
Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and
security=ads, but more testing is always appricatiated.
The idea is that we no longer cart around a 'domain\user' string, we keep them
seperate until the last moment - when we push that string into a pwent on onto
the socket.
This removes the need to be constantly parsing that string - the domain prefix
is almost always already provided, (only a couple of functions actually changed
arguments in all this).
Some consequential changes to the RPC client code, to stop it concatonating the
two strings (it now passes them both back as params).
I havn't changed the cache code, however the usernames will no longer have a
double domain prefix in the key string. The actual structures are unchanged
- but the meaning of 'username' in the 'rid' will have changed. (The cache is
invalidated at startup, so on-disk formats are not an issue here).
Andrew Bartlett
(This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
- added lsaquerysecobj to rpcclient
- renamed querysecobj to samquerysecobj
- removed duplicated display_sec_acl() code from cmd_spoolss.c and
cmd_samr.c and moved it into display_sec.c
(This used to be commit 59b2e3f408a5ff22f2d81a927d010a7df5f19f7f)
fixed lsa_enum_rpivs server code. This time it works as W2K.
fixed smbgroupedit to compile and work.
J.F.
(This used to be commit 646651018a2736833e49e76f6ca735a4647d9746)
rpcclient code. Refactored cmd_* functions to move common mem_ctx and pipe
opening stuff up one level. Moved rpcclient.h into rpcclient directory and
out of includes/smb.h
(This used to be commit a40facba9651f9fb1dcc9e143f92ca298a324312)
- ported two rpc back from TNG (WINREG: shutdown and abort shutdown)
- some optimizations and changed some DEBUG statement in loadparm.c
- changed rpcclient a bit moved from non reentrant next_token_nr to next_token
- in cmd_reg.c not sure if getopt will work ok on all platforms only setting optind=0
(This used to be commit fd54412ce9c3504a547e232602d6129e08dd9d4d)
back to working order. The main change is that the cli_*() RPC
functions from libsmb/*.c now should accept a struct cli_state*.
The reason for this is that rpcclient should establish the
connection to the server at startup so that it is not necessary
to keep the clear test or password hash in memory for each command.
enumports and enumprinters now works as well. lsa* functions
have been tested. SAMR calls may or may not work (one of the core
dumps I know), but it compiles :-)
jerry
(This used to be commit d98ac8852ae6b39b6fcff92c346ba56d9e63c518)
Currently there are a small selection of lsa, samr and spoolss functions
implemented. More to follow...
(This used to be commit 9a953514f2a2cfd3c43105dd6203bc3e36aff1b1)
TNG branch.
Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient.
This requires most samba binaries to link in another handful of object
files due to uncessary coupling between modules. )-:
(This used to be commit 817819d0cc3ecf642be5a1656be3b71bed260ee4)
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
msrpc client code. the intent is to hide / abstract / associate
connection info behind policy handles.
this makes the msrpc functions look more and more like their nt equivalents.
who-hou!
(This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
means that some commands need more work, as they still use next_token(),
the use of which i wish to avoid.
plus, i was getting fed up of the poor command-line processing in some
of these commands. i'm starting to need getopt() in them, especially
in samsetuser.
WARNING: only cmd_samr has been modded to use getopt() so far! reg
commands won't work, esp.
(This used to be commit 9a1efa03c8bb86c9b7e73f102a9d48fb6a57a523)
attempting to get blood out of a stone^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H
querysecret to work, it keeps returning access denied.
(This used to be commit 953fe6ba9454fa4b8e69426527eca37b011f76ac)
- cleanup
- #defined report to sprintf as it's #defined to another function in
other uses of cmd_lsarpc.c
(This used to be commit 8fb2ff247a2fe0ec5ce0c232d8a3da9774f7e6ae)
remember: only close handles that you've previously opened. if the
lsa_open_secret() succeeds then and only then can you close it.
if the lsa_open_policy2() succeeds then and only then can you close it.
(This used to be commit 60da0a12555a2e12e27ff2af24e1068a515469c0)
(-> LsarQuerySecret) on client side, including rpcclient command
"querysecret" for others to play with.
The major obstacle is working out the encryption algorithm used
for the secret value. It definitely uses the NT hash as part of the
key, and it seems the block size is 64 bits - probably DES based -
but I can't work out what's done in between. Help required.
(This used to be commit 365fa3b5fbf551670acc91f593138a7e91a5f7fa)