IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This should already be the case given the current logic, but let’s make
it explicit.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
As dsdb_search_dn() ignores this flag, passing it in doesn’t achieve
anything.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr 16 05:02:30 UTC 2024 on atb-devel-224
Modifications to unicodePwd require an encrypted connection. This change
allows unicodePwd to be modified over an ldapi connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15634
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Once we have a gMSA server side the impact of deleting root keys becomes real
and so we must do this in a quiet place where it can not impact on other things.
Likewise, we want the samba.tests.dsdb_quiet_provision_tests tests to run
somewhere that is not doing other things, so we can see what a bare provision
will do. We must not allow test ordering inside the file to cause tests that
create root keys to run before checking if provision created a usable root key.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
This shouldn't have been DBG_ERR, and it might as well say something
about the tombstone.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15630
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 12 15:18:05 UTC 2024 on atb-devel-224
expire_time is time_t, which is at least int-sized, so overflow is
possible (if this code ever runs).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
dnsp_DnssrvRpcRecord.dwTimeStamp is uint32_t, making overflow possible.
dnsp_DnssrvRpcRecord.wType is an enum, which has the size of an int,
though it may be hard to set it to overflowing values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
SamEntry.idx is uint32_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
prec_{1,2} are uint32_t, and if one is not set we are defaulting to
0xffffffff (a.k.a UINT32_MAX), so an overflow when cast to int seems
extremely likely.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We need to do this when the dn is on a message from another ldb.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will help avoid use-after-free of the internally cached ldb within
struct ldb_dn by ensuring that it lives as long.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This also removes dcesrv_lsa_CreateTrustedDomain_base() as it is unused with
this commit. We need to do it here or the compiler will complain about an unused
function.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is needed in order to let nbt_getdc() work against
another AD DC and get back a modern response with
DNS based names. Instead of falling back to
the ugly name_status_find() that simulates just
an NETLOGON_SAM_LOGON_RESPONSE_NT40 response.
This way dsgetdcname() can work with just the netbios
domain name given and still return an active directory
response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15620
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
