Volker Lendecke [Sun, 24 Jan 2010 17:50:31 +0000 (18:50 +0100)]
s3: add libnetapi_set_use_ccache()
Volker Lendecke [Sun, 24 Jan 2010 17:51:58 +0000 (18:51 +0100)]
s3: Fix a bug in net's use of popt
In order to add --use-ccache to net, I added another "bool opt_ccache;" to
struct net_context. popt did not like this, it took a while to figure out why.
Popt has the lines
/* XXX Check alignment, may fail on funky platforms. */
if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
return POPT_ERROR_NULLARG;
The "bool opt_ccache;" was not aligned anymore...
Volker Lendecke [Sun, 24 Jan 2010 16:35:04 +0000 (17:35 +0100)]
s3: Enable -C in rpcclient
Volker Lendecke [Sun, 24 Jan 2010 16:34:13 +0000 (17:34 +0100)]
s3: Add CLI_FULL_CONNECTION_USE_CCACHE
Volker Lendecke [Sun, 24 Jan 2010 16:08:56 +0000 (17:08 +0100)]
s3: Use -C in smbclient
$ bin/wbinfo --ccache-save=w2k3ad\\vl%Password
saving creds succeeded
$ bin/smbclient //192.168.42.160/tmp -Uvl -N -C -W w2k3ad
OS=[Windows Server 2003 R2 3790 Service Pack 2] Server=[Windows Server 2003 R2 5.2]
smb: \>
$ bin/wbinfo --ccache-save=w2k3ad\\vl%WrongPassword
saving creds succeeded
$ bin/smbclient //192.168.42.160/tmp -Uvl -N -C -W w2k3ad
Anonymous login successful
Domain=[W2K3AD] OS=[Windows Server 2003 R2 3790 Service Pack 2] Server=[Windows Server 2003 R2 5.2]
tree connect failed: NT_STATUS_ACCESS_DENIED
$
Volker Lendecke [Sun, 24 Jan 2010 16:07:24 +0000 (17:07 +0100)]
s3: Add -C (--use-ccache) to popt_common_credentials
Volker Lendecke [Sun, 24 Jan 2010 15:50:46 +0000 (16:50 +0100)]
s3: Add ccache use to cli_session_setup_ntlmssp
Volker Lendecke [Sun, 24 Jan 2010 15:47:24 +0000 (16:47 +0100)]
s3: Add NTLMSSP_FEATURE_CCACHE
Uses the winbind ccache to do authentication if asked to do so
Volker Lendecke [Sun, 24 Jan 2010 15:44:15 +0000 (16:44 +0100)]
libwbclient: Actually implement wbcCredentialCache()
Volker Lendecke [Sun, 24 Jan 2010 15:41:30 +0000 (16:41 +0100)]
s3: Add the session key to the ccache_ntlm_auth response
Volker Lendecke [Sat, 9 Jan 2010 19:20:36 +0000 (20:20 +0100)]
s3: Add wbinfo --ccache-save
With this command you can give winbind your password for later use by
the automatic ntlm_auth
Volker Lendecke [Sun, 24 Jan 2010 12:46:59 +0000 (13:46 +0100)]
s3: Remove some calls to memset -- reduces text size by some bytes for me
Volker Lendecke [Sat, 23 Jan 2010 18:38:28 +0000 (19:38 +0100)]
libwbclient: Use winbindd_free_response()
Volker Lendecke [Sat, 23 Jan 2010 18:26:51 +0000 (19:26 +0100)]
libwbclient: Remove a pointless talloc_strdup
Endi S. Dewata [Tue, 19 Jan 2010 03:47:24 +0000 (21:47 -0600)]
s4-provision: Added msDS-NcType into samba4Top object class
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Endi S. Dewata [Tue, 19 Jan 2010 03:01:08 +0000 (21:01 -0600)]
s4-provision: Fixed typos and redundant code
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Endi S. Dewata [Wed, 20 Jan 2010 05:10:19 +0000 (23:10 -0600)]
s4-provision: Disable populating FDS during instance creation.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Volker Lendecke [Sat, 23 Jan 2010 17:20:36 +0000 (18:20 +0100)]
nsswitch: Move nss_err_str to its only caller
Volker Lendecke [Sat, 23 Jan 2010 17:06:53 +0000 (18:06 +0100)]
nsswitch: Make some functions static
Volker Lendecke [Sat, 23 Jan 2010 14:24:20 +0000 (15:24 +0100)]
s3: Make string_to_sid a wrapper around dom_sid_parse
Volker Lendecke [Sat, 23 Jan 2010 13:55:11 +0000 (14:55 +0100)]
s3: Add a little torture test for dom_sid_parse
Volker Lendecke [Sat, 23 Jan 2010 13:53:54 +0000 (14:53 +0100)]
libcli/security: Prohibit SID formats like S-1-5-32-+545
Volker Lendecke [Sat, 23 Jan 2010 12:53:48 +0000 (13:53 +0100)]
libcli/security: Fix a valgrind error in dom_sid_parse
Volker Lendecke [Sat, 23 Jan 2010 12:50:59 +0000 (13:50 +0100)]
libcli/security: Convert some strtol calls to strtoul
This tightens the dom_sid_parse syntax check a bit: "--" would have been
allowed in sid string
Volker Lendecke [Sat, 23 Jan 2010 12:48:49 +0000 (13:48 +0100)]
libcli/security: Remove a call to strncasecmp
Volker Lendecke [Sun, 3 Jan 2010 17:46:21 +0000 (18:46 +0100)]
libreplace: Fix a C++ warning
Volker Lendecke [Sat, 23 Jan 2010 12:31:27 +0000 (13:31 +0100)]
s3: Remove string_sid_talloc
All but one call were pointless, so I think this API should go
Volker Lendecke [Sat, 23 Jan 2010 12:30:04 +0000 (13:30 +0100)]
s3: Remove a call to string_sid_talloc
Volker Lendecke [Sat, 23 Jan 2010 12:26:55 +0000 (13:26 +0100)]
s3: Fix sending NULL sids to lookupsids3
Volker Lendecke [Sat, 23 Jan 2010 12:18:00 +0000 (13:18 +0100)]
s3: Remove some pointless uses of string_sid_talloc
Volker Lendecke [Sat, 23 Jan 2010 12:17:28 +0000 (13:17 +0100)]
s3: Use global_sid_Builtin in net_groupmap_memberships
Volker Lendecke [Sat, 23 Jan 2010 12:33:10 +0000 (13:33 +0100)]
s3: Fix some nonempty blank lines
Simo Sorce [Thu, 21 Jan 2010 14:57:41 +0000 (09:57 -0500)]
s4:kdc Simplify header files
Volker Lendecke [Fri, 22 Jan 2010 12:31:44 +0000 (13:31 +0100)]
s3: Fix some nonempty blank lines
Volker Lendecke [Fri, 22 Jan 2010 12:31:30 +0000 (13:31 +0100)]
s3: Fix a typo in a comment
Volker Lendecke [Mon, 18 May 2009 14:04:04 +0000 (16:04 +0200)]
s3:pdb_ldap: Fix large paged search.
Fix bug #6981 (Paged Search with DirX LDAP server broken).
(cherry picked from commit
0a3b576c0a4298cbe600ad8943e401e3a0639359)
William Jojo [Thu, 21 Jan 2010 13:21:03 +0000 (14:21 +0100)]
s3: Fix bug 7052: "DFS broken on AIX (maybe others)"
Volker Lendecke [Thu, 21 Jan 2010 13:05:04 +0000 (14:05 +0100)]
s3: Initialize the seqnum in "init_smb_request"
This makes it a bit more obvious for me that the signing sequence number is
tied to the SMB request.
Volker Lendecke [Thu, 21 Jan 2010 12:58:39 +0000 (13:58 +0100)]
s3: Make "init_smb_request" static to process.c
Michael Adam [Wed, 20 Jan 2010 16:54:40 +0000 (17:54 +0100)]
s4:rpc-server:samr: fix setting of lockout duration < lockout window
This should return NT_STATUS_INVALID_PARAMETER.
This makes samba pass the first part of the samr-lockout test.
This constraint is documented here for the samr server:
http://msdn.microsoft.com/en-us/library/
cc245667%28PROT.10%29.aspx
MS-SAMR 3.1.1.6 Attribute Constraints for Originating Updates
and here for the ldap backend:
http://msdn.microsoft.com/en-us/library/
cc223462(PROT.10).aspx
MS-ADTS 3.1.1.5.3.2 Constraints
So the check should actually be moved down into the backend,
i.e. under dsdb/samdb/ldb_modules - TODO..
Michael
Volker Lendecke [Thu, 21 Jan 2010 11:57:07 +0000 (12:57 +0100)]
s3: Move "yesno" to the only place where it is used: client.c
Björn Jacke [Thu, 21 Jan 2010 08:25:43 +0000 (09:25 +0100)]
s3/doc: update vfs_shadow_copy2 man page according to new options
Ed Plese [Mon, 7 Dec 2009 03:03:06 +0000 (21:03 -0600)]
Add localtime parameter to shadow_copy2.
Ed Plese [Thu, 21 Jan 2010 07:30:01 +0000 (08:30 +0100)]
Add format parameter to shadow_copy2.
Ed Plese [Mon, 7 Dec 2009 03:00:00 +0000 (21:00 -0600)]
Add sort parameter to shadow_copy2.
Jelmer Vernooij [Thu, 21 Jan 2010 04:17:02 +0000 (17:17 +1300)]
pyxattr: Factor out helper functions.
Jelmer Vernooij [Thu, 21 Jan 2010 04:16:19 +0000 (17:16 +1300)]
selftest: Cope with 'multipart' support in subunit.
Jelmer Vernooij [Thu, 21 Jan 2010 03:56:23 +0000 (16:56 +1300)]
pyxattr: Simplify tests.
Jelmer Vernooij [Thu, 21 Jan 2010 03:45:06 +0000 (16:45 +1300)]
pyxattr: Fix tests by not opening tdb files multiple times.
Jelmer Vernooij [Thu, 21 Jan 2010 03:44:20 +0000 (16:44 +1300)]
pyxattr: Fix tests by avoiding opening tdb files multiple times.
Jelmer Vernooij [Thu, 21 Jan 2010 03:44:12 +0000 (16:44 +1300)]
pyxattr: Fix memory leaks.
Jelmer Vernooij [Thu, 21 Jan 2010 03:41:30 +0000 (16:41 +1300)]
pyxattr: Simplify tests.
Jelmer Vernooij [Thu, 21 Jan 2010 03:29:15 +0000 (16:29 +1300)]
pyxattr: Fix return value, raise exception, fix memory leak.
Jelmer Vernooij [Thu, 21 Jan 2010 03:28:24 +0000 (16:28 +1300)]
pyxattr: Use standard functions for error handling.
Jelmer Vernooij [Thu, 21 Jan 2010 03:18:19 +0000 (16:18 +1300)]
pyxattr: Remove unnecessary hacks.
Jelmer Vernooij [Wed, 20 Jan 2010 03:27:38 +0000 (16:27 +1300)]
s4: Fix a few warnings.
Jelmer Vernooij [Wed, 20 Jan 2010 03:27:15 +0000 (16:27 +1300)]
pidl: Include Python.h first, to avoid warnings.
Jelmer Vernooij [Wed, 20 Jan 2010 02:07:09 +0000 (15:07 +1300)]
s4: Include Python.h early to avoid double definition errors.
Björn Jacke [Thu, 21 Jan 2010 00:08:07 +0000 (01:08 +0100)]
s3: fix dnsupdate configure check
Andreas Schneider [Sun, 17 Jan 2010 09:21:21 +0000 (10:21 +0100)]
s4-winbind: Migrated winbind connection to tsocket.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Fri, 15 Jan 2010 11:08:26 +0000 (14:08 +0300)]
selftest-s4: set the posix:eadb at the global level
Matthieu Patou [Tue, 12 Jan 2010 16:49:49 +0000 (19:49 +0300)]
s4-python: add some helper for converting ldb_flag to text
Matthieu Patou [Fri, 15 Jan 2010 11:09:06 +0000 (14:09 +0300)]
upgradeprovision: forbid running upgradeprovision when there is more than 1 DC
Matthieu Patou [Mon, 18 Jan 2010 22:53:01 +0000 (01:53 +0300)]
upgradeprovision: mark rIDAvailablePool never upgraded
handle properly the fact that missing object might depend on some other in order to be correctly created
debug change also if we are in debugall mode
Matthieu Patou [Tue, 12 Jan 2010 12:43:39 +0000 (15:43 +0300)]
upgradeprovision: reformat + add groupType as possibly overwritten
Matthieu Patou [Tue, 12 Jan 2010 16:53:38 +0000 (19:53 +0300)]
upgradeprovision: improve info messages
Matthieu Patou [Tue, 12 Jan 2010 17:13:33 +0000 (20:13 +0300)]
Revert "s4:upgradeprovision - fix up the script regarding linked attributes"
This reverts commit
2cedefabc93c8a1fcb49d65a3f78a344e814f826.
Matthieu Patou [Mon, 18 Jan 2010 22:56:30 +0000 (01:56 +0300)]
upgradeprovision: never use xattr it's pointless in this usecase
Matthieu Patou [Mon, 11 Jan 2010 23:23:13 +0000 (02:23 +0300)]
Add a comment to tdb_wrap to explain why it should be used instead of directly using tdb
Matthieu Patou [Sat, 24 Oct 2009 11:34:31 +0000 (15:34 +0400)]
s4: utils recreate in python setntacl and getntacl
setntacl is able to set NTACL attribute from command line
getntacl now use getopt for parsing command line option and is also able to
dump the acl in the SDDL format.
Matthieu Patou [Sun, 10 Jan 2010 23:19:22 +0000 (02:19 +0300)]
s4: allow python code to dump NTACL object as well
Matthieu Patou [Sun, 17 Jan 2010 19:50:31 +0000 (22:50 +0300)]
provision: use message and do not display warning if the user choosed delibarately posix:eadb
Matthieu Patou [Fri, 8 Jan 2010 14:00:54 +0000 (17:00 +0300)]
provision: introduce use-xattr parameter for defining where to store attributes
This option allow simple user (non root) to invoke provision without facing an error
while insuring that ACL on shared files will always be set
Matthieu Patou [Fri, 8 Jan 2010 10:13:02 +0000 (13:13 +0300)]
s4-tests: register new unit tests
make unit test emit a visible warning
Matthieu Patou [Fri, 8 Jan 2010 10:12:11 +0000 (13:12 +0300)]
s4-python: add unit test for ntacls manipulation in python
Matthieu Patou [Fri, 8 Jan 2010 10:10:30 +0000 (13:10 +0300)]
s4-python: add more unit tests for xattr manipulation in python
Matthieu Patou [Fri, 8 Jan 2010 10:06:47 +0000 (13:06 +0300)]
s4: update setntacl and getntacl to select the adaquate backend (fs/tdb) for storing xattr
Matthieu Patou [Fri, 8 Jan 2010 09:57:59 +0000 (12:57 +0300)]
s4: ntvfs, create push_xattr_blob_tdb_raw and pull_xattr_blob_tdb_raw that do not depend on pvfs objects
Following a talk with tridge on IRC, this patch allow (pull|push)_xattr_blob to be called without
having a pvfs object. It's handy for programs that wants to manipulate xattr directly.
Matthieu Patou [Sun, 22 Nov 2009 17:50:30 +0000 (20:50 +0300)]
s4: Set acls correctly on all sysvol and scripts shares
Matthieu Patou [Sun, 22 Nov 2009 16:50:31 +0000 (19:50 +0300)]
s4: Make unixid optional
Make unixid optional, if value not supplied next id from id pool will be used.
Create a function to get next id in id pool.
Matthieu Patou [Wed, 18 Nov 2009 18:07:25 +0000 (21:07 +0300)]
s4: regroup gpo modification in one function, set acl on files accordingly with ACL in LDAP
Matthieu Patou [Mon, 7 Dec 2009 16:13:00 +0000 (19:13 +0300)]
s4: Create unit tests for python "samba.xattr" module
Matthieu Patou [Mon, 9 Nov 2009 17:53:34 +0000 (20:53 +0300)]
s4: add python bindings for wrap_(s|g)etxattr
Michael Adam [Wed, 20 Jan 2010 15:38:00 +0000 (16:38 +0100)]
s4:selftest: add the samr-passwords-lockout test to knownfail
This is not implemented completely yet.
Needs fixing in the future.
Michael
Michael Adam [Fri, 15 Jan 2010 17:08:57 +0000 (18:08 +0100)]
torture: add new test RPC-SAMR-PASSWORDS-LOCKOUT
This tests account lockout features.
Windows 2003r2 and Windows 2008r2 survice this test.
Note: Windows does not set the ACB_AUTOLOCK account flag when it
locks out an account.
One thing that could/should be added to this test is a check of
the lockout time property.
Michael
Karolin Seeger [Wed, 20 Jan 2010 12:34:50 +0000 (13:34 +0100)]
s3-docs: Fix typos.
Thanks to the Debian samba package maintainers
<pkg-samba-maint@lists.alioth.debian.org> for providing the patch!
Fix bug #7017 (Typos and spelling errors in manpages).
Karolin
Lars Müller [Wed, 20 Jan 2010 11:41:43 +0000 (12:41 +0100)]
Add cross option to samba_cv_linux_getgrouplist_ok
"cross" as an option got removed accidentl with commit
e5a95132 while
moving in direction of 3.2.
Patch proposed by Richard Sharpe <realrichardsharpe@gmail.com>.
Björn Jacke [Tue, 19 Jan 2010 23:09:38 +0000 (00:09 +0100)]
s3: build with dnsupdate support when possible
Jelmer Vernooij [Tue, 19 Jan 2010 22:05:04 +0000 (11:05 +1300)]
selftest: Use SUBUNIT_FORMATTER command, if set in the environment.
Wilco Baan Hofman [Tue, 19 Jan 2010 11:06:01 +0000 (12:06 +0100)]
Fix unintentional free of the last value when adding a new value to a key.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Günther Deschner [Tue, 19 Jan 2010 16:15:05 +0000 (17:15 +0100)]
s4-smbtorture: remove unneeded ncaclrpc dir setup from RPC-SPOOLSS-NOTIFY.
Guenther
Volker Lendecke [Tue, 19 Jan 2010 15:51:33 +0000 (16:51 +0100)]
s3: Fix a typo
Günther Deschner [Tue, 19 Jan 2010 15:22:45 +0000 (16:22 +0100)]
s4-smbtorture: also configure check smbc_setOptionCaseSensitive for LIBSMBCLIENT testsuite.
Guenther
Kai Blin [Tue, 19 Jan 2010 13:48:12 +0000 (14:48 +0100)]
s3 net/i18n: Update .po files
Kai Blin [Tue, 19 Jan 2010 10:43:54 +0000 (11:43 +0100)]
s3 net: Fix compile warnings
Volker Lendecke [Tue, 19 Jan 2010 13:18:53 +0000 (14:18 +0100)]
s3: Remove a comment from ancient times that no longer applies
Günther Deschner [Mon, 18 Jan 2010 23:31:54 +0000 (00:31 +0100)]
s3-selftest: finally enable RPC-SPOOLSS-NOTIFY against s3.
Guenther
Günther Deschner [Mon, 18 Jan 2010 23:33:57 +0000 (00:33 +0100)]
s3-spoolss: stricter name checks when opening back-channel notify connection.
Make sure to always check if the name the client passed in
spoolss_RemoteFindFirstPrinterChangeNotifyEx is not one of our names.
Guenther
Günther Deschner [Mon, 18 Jan 2010 23:55:48 +0000 (00:55 +0100)]
s3-selftest: use absolute path when setting SOCKET_WRAPPER_DIR.
Guenther
Günther Deschner [Mon, 18 Jan 2010 23:27:50 +0000 (00:27 +0100)]
s4-smbtorture: support spoolss_ReplyClosePrinter server call in RPC-SPOOLSS-NOTIFY.
A handle obtained with spoolss_ReplyOpenPrinter will be closed with
spoolss_ReplyClosePrinter when we call spoolss_ClosePrinter on the remote side.
Guenther