IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
calculated based on the last change time, policies, and acb flags.
Next step will be to not bother storing them. Right now I'm just trying to
get them reported correctly.
(This used to be commit fd5761c9e5)
password blob, it seems that pw_len is just a uint8 instead of uint16.
This might also be interesting for Samba4's samr.idl.
Volker
(This used to be commit 68ded4ba07)
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
gen_ndr/ndr_security.c in SAMBA_4_0
The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
SetUserInfo level 25 to survive the join method XP uses if the user did not
exist before. For good taste this contains way too much cut&paste, but for a
real fix there is just not enough time.
Up to 3.0.22 we completely ignored that a full level 21 is being sent together
with level 25, but we got away with that because on creation we did not set
the "disabled" flag on the workstation account. Now we correctly follow W2k3
in this regard, and we end up with a disabled workstation after join.
Man, I hate rpc_parse/. The correct fix would be to import PIDL generated samr
parsing, but this is would probably be a bit too much for .23...
Thanks to Tom Bork for finding this one.
Volker
(This used to be commit 5a37aba105)
name eversince instead of the domain name when we are a DC.
Yes, there are applications relying on this call to be correct.
Guenther
(This used to be commit 26dd22c9af)
* Finally fix parsing idmap uid/gid ranges not to break with spaces
surrounding the '-'
* Allow local groups to renamed by adding info level 2 to
_samr_set_aliasinfo()
* Fix parsing bug in _samr_del_dom_alias() reply
* Prevent root from being deleted via Samba
* Prevent builting groups from being renamed or deleted
* Fix bug in pdb_tdb that broke renaming user accounts
* Make sure winbindd is running when trying to create the Administrators
and Users BUILTIN groups automatically from smbd (and not just check the
winbind nexted groups parameter value).
* Have the top level rid allocator verify that the RID it is about to
grant is not already assigned in our own SAM (retries up to 250 times).
This fixes passdb with existing SIDs assigned to users from the RID algorithm
but not monotonically allocating the RIDs from passdb.
(This used to be commit db1162241f)
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24)
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972)
from Samba4 on how to decode the 532 byte password buffers.
Getting closer to passing samba4 RPC-SCHANNEL test.
Jeremy.
(This used to be commit 205db6968a)
Implement 'net rpc shell account' -- An editor for account policies
nt_time_to_unix_abs changed its argument which to me seems wrong, and I could
not find a caller that depends on this. So I changed it. Applied some more
const in time.c.
Volker
(This used to be commit fc73690a70)
Introduces level 9 of getuserinfo and allows to successfully install MS SMS2003
on a member of a Samba domain. Also added support for this level in rpcclient.
The code for infolevel 9 is modelled upon Samba-TNG by Alex Deiter.
Jerry, we need this in 3.0.21b.
(This used to be commit 93461646ce)
client behaviour (ie.:
open pipe/open SAMR handle/enumerate 0 - 1024
close SAMR handle, close pipe.
open pipe/open SAMR handle/enumerate 1024 - 2048...
close SAMR handle, close pipe.
And on ad-nausium. Amazing.... probably object-oriented
client side programming in action yet again.
This change should *massively* improve performance when
enumerating users from an LDAP database.
Jeremy.
(This used to be commit 8ce705d9cc)
if changing to support samr_connect5 might help so quickly coded
it up. No it doesn't :-(. Don't merge this for 3.0.21 please.
Jeremy.
(This used to be commit bff1df678a)
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
using USER_INFO_XX structs and functions where XX was sometimes
in hex and sometimes in decimal. Now it's all in decimal (should
be no functionality change).
Jeremy.
(This used to be commit 84651aca04)
can be taken out of it, so I decided to commit this in one lump. It changes
the passdb enumerating functions to use ldap paged results where possible. In
particular the samr calls querydispinfo, enumdomusers and friends have
undergone significant internal changes. I have tested this extensively with
rpcclient and a bit with usrmgr.exe. More tests and the merge to trunk will
follow later.
The code is based on a first implementation by Günther Deschner, but has
evolved quite a bit since then.
Volker
(This used to be commit f0bb44ac58)
referencing unknown_6 from sam, because it's just fixed at 1260, the max
len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb.
(This used to be commit ffac752875)
set the value "forcibly disconnect remote users from server when logon
hours expire" to "no", instead take the value from our account-policy
storage.
Guenther
(This used to be commit e3bd2a22a5)
based on samba4-idl.
This saves us an enormous amount of totally unnecessary ldap-traffic
when several hundreds of winbind-daemons query a Samba3 DC just to get
the fake SAM-sequence-number (time(NULL)) by enumerating all users, all
groups and all aliases when query-dom-info level 2 is used.
Note that we apparently never get the sequence number right (we parse a
uint32, although it's a uint64, at least in samba4 idl). For the time
being, I would propose to stay with that behaviour.
Guenther
(This used to be commit f9ab15a986)
comment string and not an unknown 12 byte structure...
Found after abartlet's smbtorture extended this string to
"Tortured by Samba4: Fri Nov 26 15:40:18 2004 CET"
;-))
Volker
(This used to be commit b41d94d818)
