1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

276 Commits

Author SHA1 Message Date
Stefan Metzmacher
a4d4217dfa s4:rpc_server/netlogon: add dcesrv_netr_LogonSamLogon_check()
We need to check for invalid parameters before we check for
access denied.

metze
2011-02-02 11:58:26 +01:00
Stefan Metzmacher
578e87dbf2 s4:rpc_server/netlogon: set *r->out.authoritative = 1 even on INVALID_PARAMETER/INFO_CLASS
metze
2011-02-02 11:58:26 +01:00
Stefan Metzmacher
97727e1068 s4:rpc_server/netlogon: return INVALID_INFO_CLASS for invalid netr_Validation levels
metze
2011-02-02 11:58:26 +01:00
Matthias Dieter Wallnöfer
d0993e1278 s4:netlogon/LogonGetDomainInfo - handle a NULL "dns_hostname"
- Performs the short computer name check against the sam account name.
- Enhances the LogonGetDomainInfo testsuite which checks the NULL
  "dns_hostname" behaviour

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 19 12:50:33 CET 2010 on sn-devel-104
2010-11-19 12:50:32 +01:00
Matthias Dieter Wallnöfer
229f3cc9e8 s4:netlogon RPC server - "LogonGetDomainInfo" - always check the LDB return codes
Plus some cosmetic indentation fixes

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 31 19:26:45 UTC 2010 on sn-devel-104
2010-10-31 19:26:45 +00:00
Matthias Dieter Wallnöfer
39d40892c6 s4:netlogon RPC server - point out that the "LogonGetDomainInfo" "servicePrincipalName" generation is still needed 2010-10-31 18:44:06 +00:00
Matthias Dieter Wallnöfer
7b3dbbde04 s4:dsdb - remove some calls of "samdb_msg_add_string" when we have talloc'ed strings
They can be substituted by "ldb_msg_add_string" if the string was already
talloc'ed.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 24 20:03:27 UTC 2010 on sn-devel-104
2010-10-24 20:03:27 +00:00
Stefan Metzmacher
821a20221d s4:rpc_server/netlogon: netr_ServerAuthenticate3 should return NO_TRUST_SAM_ACCOUNT
If we can't find the account we should return NT_STATUS_NO_TRUST_SAM_ACCOUNT
instead of NT_STATUS_ACCESS_DENIED.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 23 10:05:35 UTC 2010 on sn-devel-104
2010-10-23 10:05:35 +00:00
Stefan Metzmacher
f0879fc3b2 s4:rpc_server/netlogon: netr_ServerAuthenticate3 should reject invalid sec_channel_types early
metze
2010-10-23 11:02:43 +02:00
Stefan Metzmacher
c2696b2ec3 s4:rpc_server/netlogon: netr_ServerAuthenticate3 should check the challenge after the account
metze
2010-10-23 11:01:43 +02:00
Stefan Metzmacher
5ee49fc1c1 s4:rpc_server/netlogon: fix comment in netr_DsRGetDCName()
metze
2010-10-23 10:58:15 +02:00
Stefan Metzmacher
675c354b6b s4:rpc_server/netlogon: handle DC_RETURN_NETBIOS and DC_RETURN_DNS in netr_DsRGetDCNameEx2()
metze
2010-10-23 10:58:15 +02:00
Stefan Metzmacher
fcc2f6ba4a s4:rpc_server/netlogon: validate flags in netr_DsRGetDCNameEx2() and callers
Thanks to Tarun Chopra for the help of looking up all the bits in
the docs.

metze
2010-10-23 10:58:14 +02:00
Stefan Metzmacher
e297625d96 s4:rpc_server/netlogon: netr_GetDcName should return WERR_DCNOTFOUND for invalid names
Only netbios domain names are allowed.

metze
2010-10-23 10:58:14 +02:00
Matthias Dieter Wallnöfer
a3f61dea40 Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c""
This reverts commit 8a2ce5c47c.

Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17 13:37:16 +00:00
Matthias Dieter Wallnöfer
8a2ce5c47c s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c"
They're only in use by SAMDB code.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-17 09:40:13 +00:00
Matthias Dieter Wallnöfer
a0e9814c0d s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", "samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-15 08:36:01 +11:00
Jelmer Vernooij
93126b3315 samdb: Add flags argument to samdb_connect(). 2010-10-10 23:08:49 +02:00
Stefan Metzmacher
76232a40d8 s4:rpc_server/netlogon: don't use dcerpc_binding_handle_call_send/recv() directly
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct  2 03:11:38 UTC 2010 on sn-devel-104
2010-10-02 03:11:38 +00:00
Andrew Tridgell
c4d2b6fbc2 s4-netlogon: added RODC DNS update call fwded to dnsupdate task
when we get a netlogon RODC DNS update, we send it to the dnsupdate
task
2010-09-27 22:55:05 -07:00
Andrew Tridgell
dc59de5627 s4-netlogon: added IDL for netr_DsrUpdateReadOnlyServerDnsRecords
this is used by a RODC to do DNS updates, as TSIG updates are not
allowed by RODCs

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16 21:09:17 +10:00
Stefan Metzmacher
5c73c84f29 s4:rpc_server/netlogon: use irpc_binding_handle_by_name()
metze
2010-09-03 17:00:20 +02:00
Matthias Dieter Wallnöfer
786c41b095 s4:netlogon RPC server - "ServerPasswordSet" operations - introduce also here the new password change syntax 2010-08-17 19:24:23 +02:00
Andrew Tridgell
2688375ffe s4-netlogon: added SEC_CHAN_RODC
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
2010-08-17 21:21:51 +10:00
Andrew Bartlett
272e49e85c s4:auth Move struct auth_usersupplied_info to a common location
This also changes the calling convention slightly - we should always
allocate this with talloc_zero() to allow some elements to be
optional.  Some elements may only make sense in Samba3, which I hope
will use this common structure.

Andrew Bartlett
2010-08-14 11:58:13 +10:00
Matthias Dieter Wallnöfer
f5f236a4b9 s4:dcesrv_netr_LogonGetDomainInfo - improve the client OS informations update
As ekacnet pointed out on the mailing list we don't need to do a delete if we
(re)set the values afterwards - only if we don't set any new ones.
2010-07-31 20:44:29 +02:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Matthias Dieter Wallnöfer
56e4822566 s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the detection of the address family in a better way
Obviously the last attempt wasn't enough. Now we do really only read the first
byte in the address buffer which on little endian transmission does always
contain the address family (MS-NRPC 2.2.1.2.4.1).
This should now be working platform-independently.
2010-06-18 10:03:08 +02:00
Matthias Dieter Wallnöfer
d9c81e3ea5 s4:dcesrv_netr_DsRAddressToSitenamesExW - fix the read of the IP packet version
This should make it clearer by the use of the standardised "sa_family_t" type
and hopefully fixes the problems on platforms other than Linux (NetBSD in the
buildfarm for example).
2010-06-16 21:47:22 +02:00
Matthias Dieter Wallnöfer
11e2608ba9 s3/s4:netrEnumerateTrustedDomains - this call returns a "NTSTATUS" result
See MS-NRPC 3.5.5.6.3.
2010-05-31 12:08:59 +02:00
Matthias Dieter Wallnöfer
0eec33417e s4:dcesrv_netr_DsrEnumerateDomainTrusts - fix an integer type 2010-05-31 12:08:58 +02:00
Matthias Dieter Wallnöfer
8e1e6b0112 s4:LogonGetDomainInfo - allow to set DNS hostname for the first time
Otherwise it obviously can never be set.
2010-05-24 14:01:06 +02:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Matthias Dieter Wallnöfer
a4e35df3f5 s4:LogonGetDomainInfo - fix a potential crash source 2010-05-03 17:25:03 +02:00
Matthias Dieter Wallnöfer
e8a001c516 s4:LogonGetDomainInfo - fix indentation 2010-05-03 17:25:02 +02:00
Matthias Dieter Wallnöfer
8ed5e8ac9d s4:LogonGetDomainInfo - remove singular "dNSHostName" check - this doesn't belong here
I'm not really sure if this check is really done on Windows Server. And if it
is done, then it's on the LDB level (module).
2010-05-03 17:25:02 +02:00
Andrew Tridgell
91bb4893c4 s4-netlogon: fixed getDcNameEx2 for blank inputs
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.

CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
2010-04-28 00:19:30 +10:00
Stefan Metzmacher
606025f11d s4:rpc_server/netlogon: use tsocket_address in dcesrv_netr_DsRGetDCNameEx2()
metze
2010-04-27 13:00:25 +02:00
Matthias Dieter Wallnöfer
2654e34cf0 s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information
This behaviour should be similar to the one of Windows Server (in my case 2008)
2010-04-27 08:09:12 +02:00
Matthias Dieter Wallnöfer
bb91afe50c Revert "s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information"
This reverts commit 908d982980.

I need to merge the improved version of this commit.
2010-04-27 08:08:42 +02:00
Matthias Dieter Wallnöfer
581f86ba73 Revert "s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch"
This reverts commit e88a54a87e.

This isn't the correct behaviour. See MS-NRPC documentation under the
"GetAnyDCName" section.
2010-04-27 08:07:19 +02:00
Andrew Tridgell
e88a54a87e s4-netlogon: fixed breakage of dcesrv_netr_GetAnyDCName in sites patch
We should respond when we are the PDC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27 15:24:43 +10:00
Matthias Dieter Wallnöfer
cfbd5ef8c4 s4:netlogon RPC server - we don't need "are we DC" proofs
When we aren't a DC we shouldn't have the netlogon pipe available.
[MS-NRPC 1.3] says that we can only have DCs on the server side.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:43 +10:00
Matthias Dieter Wallnöfer
4686305feb s4:dcesrv_netr_DsrGetDcSiteCoverageW - provide a basic implementation
Does for now only return DC's primary site.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:42 +10:00
Matthias Dieter Wallnöfer
3b4137c7be s4:dcesrv_netr_DsRGetSiteName - provide an implementation according to the MS-NRPC docs
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:41 +10:00
Matthias Dieter Wallnöfer
5fc7118675 s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC documentation
This implementation checks if the domainname is valid for us or a trusted domain.

Then I've also added the PDC location functionality. That means that we should
return "WERR_NO_SUCH_DOMAIN"  (MS-NRPC 3.5.5.2.5).

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:41 +10:00
Matthias Dieter Wallnöfer
908d982980 s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the client site information
This behaviour should be similar to the one of Windows Server (in my case 2008)

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-27 15:24:41 +10:00
Matthias Dieter Wallnöfer
3a8b67fd36 s4:netlogon RPC server - fix a counter variable type 2010-04-21 18:06:17 +02:00
Stefan Metzmacher
135208d990 s4:rpc_server/netlogon: add no memory checks
metze
2010-04-20 16:02:14 +02:00
Andrew Tridgell
b4b43fcb4c s4-netlogon: fixed dc_unc and dc_address_type
These are needed for dcpromo from w2k8r2
2010-04-20 23:43:33 +10:00