15 years agor4462: - enable DSSETUP on ncalrpc
Andrew Tridgell [Sat, 1 Jan 2005 01:40:45 +0000 (01:40 +0000)]
r4462: - enable DSSETUP on ncalrpc

- add DSSETUP to the list of tests run in
(This used to be commit 73c3cdc8ed8dafd544ce4dcac9141124d2b85670)

15 years agor4461: finished the remaining information levels in the DSSETUP pipe. The pipe is...
Andrew Tridgell [Sat, 1 Jan 2005 01:32:01 +0000 (01:32 +0000)]
r4461: finished the remaining information levels in the DSSETUP pipe. The pipe is now complete!

The only glitch is that I am returning DS_ROLE_MEMBER_SERVER when I
should be returning DS_ROLE_PRIMARY_DC. This is needed for the moment
or ACL editing doesn't work from w2k3. Once we have some more ADS
calls we should be able to fix this.
(This used to be commit 6566dc2805a9f6473ebab70b0dbd381c4dbd42c8)

15 years agor4460: Add a new GENSEC module: gensec_gssapi
Andrew Bartlett [Sat, 1 Jan 2005 00:19:08 +0000 (00:19 +0000)]
r4460: Add a new GENSEC module: gensec_gssapi
(disabled by default, set parametric option: gensec:gssapi=yes to enable).

This module backs directly onto GSSAPI, and allows us to sign and seal
GSSAPI/Krb5 connections in particular.  This avoids me reinventing the
entire GSSAPI wheel.

Currently a lot of things are left as default - we will soon start
specifiying OIDs as well as passwords (it uses the keytab only at the
moment).  Tested with our LDAP-* torture tests against Win2k3.

My hope is to use this module to access the new SPNEGO implementation
in Heimdal, to avoid having to standards-verify our own.

Andrew Bartlett
(This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)

15 years agor4459: GENSEC refinements:
Andrew Bartlett [Fri, 31 Dec 2004 22:45:11 +0000 (22:45 +0000)]
r4459: GENSEC refinements:

In developing a GSSAPI plugin for GENSEC, it became clear that the API
needed to change:
 - GSSAPI exposes only a wrap() and unwrap() interface, and determines
   the location of the signature itself.
 - The 'have feature' API did not correctly function in the recursive
   SPNEGO environment.

As such, NTLMSSP has been updated to support these methods.

The LDAP client and server have been updated to use the new wrap() and
unwrap() methods, and now pass the LDAP-* tests in our smbtorture.
(Unfortunely I still get valgrind warnings, in the code that was
previously unreachable).

Andrew Bartlett
(This used to be commit 9923c3bc1b5a6e93a5996aadb039bd229e888ac6)

15 years agor4458: Create ncalrpc directory with 0755 rather then 0700 so non-root users
Jelmer Vernooij [Fri, 31 Dec 2004 22:38:00 +0000 (22:38 +0000)]
r4458: Create ncalrpc directory with 0755 rather then 0700 so non-root users
can use ncalrpc as well.
(This used to be commit 02340bb6eec394576d23f2c51956f4c47f475452)

15 years agor4457: Fix IDL + add torture test for InqObject
Jelmer Vernooij [Fri, 31 Dec 2004 22:12:44 +0000 (22:12 +0000)]
r4457: Fix IDL + add torture test for InqObject
(This used to be commit dbcaff7c71c9b7ee984a2ed458b6c3ce27772740)

15 years agor4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.
Volker Lendecke [Fri, 31 Dec 2004 17:56:05 +0000 (17:56 +0000)]
r4456: NT4 usrmgr.exe asks for 4096 accounts, allow twice that.

(This used to be commit f8588a769c185f871fdcd5db35428ad587bdfad3)

15 years agor4455: LSADS was a duplicate of DSSETUP, and is now gone
Andrew Tridgell [Fri, 31 Dec 2004 13:28:31 +0000 (13:28 +0000)]
r4455: LSADS was a duplicate of DSSETUP, and is now gone
(This used to be commit 05c8fd81ddec969ed5280e2fe9f838ac4399f1c9)

15 years agor4454: This is the patch I use to Samba3 nmbd to allow a WinXP box
Andrew Tridgell [Fri, 31 Dec 2004 13:23:37 +0000 (13:23 +0000)]
r4454: This is the patch I use to Samba3 nmbd to allow a WinXP box
to join a Samba4 domain. It is hard-coded for my GUID, so
you will need to edit it to suit.

I'm committing this so others can experiment. Obviously
what we really need is a new nmbd in Samba4.
(This used to be commit a30be712e5abe81b57f8b1b75ebf152018df0eea)

15 years agor4453: use lp_server_role(), which currently returns 3, for the dssetup
Andrew Tridgell [Fri, 31 Dec 2004 12:10:35 +0000 (12:10 +0000)]
r4453: use lp_server_role(), which currently returns 3, for the dssetup
role. The value '5', which is what my w2k3 DC returns, doesn't
work. I'm not sure why this is.

with this change the GUI ACL editor from w2k3 works properly, with
either server role in the HKLM registry.
(This used to be commit 27a8b270bdd029a850c5ec3d10c1ac42468169cb)

15 years agor4452: the beginnings of a dssetup rpc server.
Andrew Tridgell [Fri, 31 Dec 2004 11:37:26 +0000 (11:37 +0000)]
r4452: the beginnings of a dssetup rpc server.
(This used to be commit 1c2170ae21d60c22ee3053fbf249dba59de576ba)

15 years agor4451: added initial RPC-DSSETUP torture test. It works for level1 of
Andrew Tridgell [Fri, 31 Dec 2004 10:49:35 +0000 (10:49 +0000)]
r4451: added initial RPC-DSSETUP torture test. It works for level1 of
(This used to be commit 7aec3dac6fd5165cfca5c650aaa29234e278d95d)

15 years agor4450: the beginnings of IDL for the dssetup pipe. I need this pipe for ACL editing...
Andrew Tridgell [Fri, 31 Dec 2004 10:47:04 +0000 (10:47 +0000)]
r4450: the beginnings of IDL for the dssetup pipe. I need this pipe for ACL editing from w2k3
when we present ourselves as a DC in the registry
(This used to be commit 9651901791e0553f106ab957c5787c109098248b)

15 years agor4449: fixed the helpstring for LSA IDL
Andrew Tridgell [Fri, 31 Dec 2004 10:45:48 +0000 (10:45 +0000)]
r4449: fixed the helpstring for LSA IDL
(This used to be commit 40a68a160e43b2e5d018e393ddecdfc50bad5360)

15 years agor4448: - fixed access_mask checking on acl set
Andrew Tridgell [Fri, 31 Dec 2004 08:56:32 +0000 (08:56 +0000)]
r4448: - fixed access_mask checking on acl set

- honor the change ownership requests of acl set, changing the underlying
  unix owner/group

- fix the access mask on file create with SEC_FLAG_MAXIMUM_ALLOWED
(This used to be commit 5761fa35ab727b51ef1b52459911bafbdd788755)

15 years agor4447: implement server side of lsa_LookupSids3() and lsa_LookupNames3()
Andrew Tridgell [Fri, 31 Dec 2004 08:54:59 +0000 (08:54 +0000)]
r4447: implement server side of lsa_LookupSids3() and lsa_LookupNames3()
(This used to be commit e535f84504b07a912c2f5dd6eca4c9893c1843db)

15 years agor4446: attempt to fix the build - andrew, can you check I've done this right?
Andrew Tridgell [Fri, 31 Dec 2004 08:54:07 +0000 (08:54 +0000)]
r4446: attempt to fix the build - andrew, can you check I've done this right?
(This used to be commit 9f0bf657aeee86d859742fb4da3a0f806e7060b6)

15 years agor4445: put the unlink test in a subdirectory, and ensure it cleans up
Andrew Tridgell [Fri, 31 Dec 2004 08:44:08 +0000 (08:44 +0000)]
r4445: put the unlink test in a subdirectory, and ensure it cleans up
(This used to be commit 382231ca365eccec8024af9420b1ebe41953bdb5)

15 years agor4444: - initialise registry:HKEY_LOCAL_MACHINE to a reasonable default (where
Andrew Tridgell [Fri, 31 Dec 2004 08:43:34 +0000 (08:43 +0000)]
r4444: - initialise registry:HKEY_LOCAL_MACHINE to a reasonable default (where suggests hklm.ldb be put)

- fix the globals init not to wipe parametic values after initialising
  them (this bug prevented default values for parametric parameters)
(This used to be commit 6a360c52c1723b4c3485a97ebcfeb907f840a051)

15 years agor4443: test lsa_LookupNames3() even when lsa_LookupSids3() fails
Andrew Tridgell [Fri, 31 Dec 2004 07:53:42 +0000 (07:53 +0000)]
r4443: test lsa_LookupNames3() even when lsa_LookupSids3() fails
(This used to be commit d37f556258ba12479e4e9acc5cdb5535ebf41d7f)

15 years agor4442: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid)
Andrew Tridgell [Fri, 31 Dec 2004 07:52:54 +0000 (07:52 +0000)]
r4442: fix lsa_TranslatedSid3 (its a dom_sid2 not a dom_sid)
(This used to be commit 0dd258709554265efaa0d25ad5bc86b559139c2e)

15 years agor4441: gensec_krb5 update:
Andrew Bartlett [Fri, 31 Dec 2004 07:43:08 +0000 (07:43 +0000)]
r4441: gensec_krb5 update:

 - Use more of the clikrb5.c wrapper calls

 - Don't use the session keytab if we kinit for the user.

Andrew Bartlett
(This used to be commit e15dbee00628475d5e1c1f329a7f9b199bc36360)

15 years agor4440: - add a start of srvsvc_NetShareCheck() server code
Stefan Metzmacher [Fri, 31 Dec 2004 07:42:57 +0000 (07:42 +0000)]
r4440: - add a start of srvsvc_NetShareCheck() server code

- filterout hidden shares in NetShareEnum()

- get max_connections right

(This used to be commit c685823c5d75f22177549566866301523a64a1dd)

15 years agor4439: unlimited connections is -1
Stefan Metzmacher [Fri, 31 Dec 2004 07:40:14 +0000 (07:40 +0000)]
r4439: unlimited connections is -1

(This used to be commit e62b36bef193f6a58ee035d581ef0f574f1e2910)

15 years agor4438: the ADMIN$ share is a diskshare but hidden
Stefan Metzmacher [Fri, 31 Dec 2004 07:35:14 +0000 (07:35 +0000)]
r4438: the ADMIN$ share is a diskshare but hidden

(This used to be commit 33a185ec3b211f6137abd6367ccc81d5102e5f4f)

15 years agor4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3().
Andrew Tridgell [Fri, 31 Dec 2004 07:26:26 +0000 (07:26 +0000)]
r4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3().

For some reason I am getting ACCESS_DENIED from w2k3 on
lsa_LookupSids3(). I will investigate.
(This used to be commit c759fa0000e37c3e93a7529a7701998af6727612)

15 years agor4436: add one more flag
Stefan Metzmacher [Fri, 31 Dec 2004 07:22:10 +0000 (07:22 +0000)]
r4436: add one more flag

(This used to be commit 7886000e031622795fecb6ec37990c133b1e66f7)

15 years agor4435: add another error code
Stefan Metzmacher [Fri, 31 Dec 2004 07:21:31 +0000 (07:21 +0000)]
r4435: add another error code

(This used to be commit 02861f63052c48fc85c6694ad8164cc6cc5443d4)

15 years agor4434: - fix some NetShare* idl functions
Stefan Metzmacher [Fri, 31 Dec 2004 06:19:05 +0000 (06:19 +0000)]
r4434: - fix some NetShare* idl functions

- add torture test for NetShareCheck()

(This used to be commit 96000a2261ed56fda613a45e3aa460eb3c87082a)

15 years agor4433: added the boilerplate for the new w2k3 LSA functions in preparation
Andrew Tridgell [Fri, 31 Dec 2004 06:08:43 +0000 (06:08 +0000)]
r4433: added the boilerplate for the new w2k3 LSA functions in preparation
for adding LookupSids3 (needed for ACL editing from w2k3)
(This used to be commit 745bbc0e1717c1e0068be00cff36071dbdc451a6)

15 years agor4432: - add srvsvc_NetShareInfo level 1006 and 1501 idl
Stefan Metzmacher [Fri, 31 Dec 2004 05:34:31 +0000 (05:34 +0000)]
r4432: - add srvsvc_NetShareInfo level 1006 and 1501 idl

- implement srvsvc_NetGetShareInfo()

- add more error checks

- bring the rest of the code in the same layout

(This used to be commit 0dd14d9fc611a33dad4e559321d6c50d82efb5d1)

15 years agor4431: add WERR_NET_NAME_NOT_FOUND
Stefan Metzmacher [Fri, 31 Dec 2004 04:45:13 +0000 (04:45 +0000)]

(This used to be commit 74e65680fa9a6b8f04c6ae62ec1da49659879fb5)

15 years agor4430: - fixed the BASE-LOCK* tests to use a subdirectory, and properly setup the...
Andrew Tridgell [Fri, 31 Dec 2004 04:17:03 +0000 (04:17 +0000)]
r4430: - fixed the BASE-LOCK* tests to use a subdirectory, and properly setup the directory before each test,
  thus avoiding errors due to previous failures
(This used to be commit a44fa5319d87e57f4b904334d9ea65cc6807b789)

15 years agor4429: the owner of a file always gets SEC_STD_DELETE
Andrew Tridgell [Fri, 31 Dec 2004 03:55:37 +0000 (03:55 +0000)]
r4429: the owner of a file always gets SEC_STD_DELETE
(This used to be commit 81630d3014c8cbd970bc917e3e9aef337fa211cd)

15 years agor4428: use minimum open permissions in the 'acl' command in smbclient, so the user is
Andrew Tridgell [Fri, 31 Dec 2004 03:54:49 +0000 (03:54 +0000)]
r4428: use minimum open permissions in the 'acl' command in smbclient, so the user is
not prevented from viewing the acl by other access bits
(This used to be commit 61e71782f573d0fa5b88237299df516c67405e30)

15 years agor4427: - added ldb_msg_*() functions for sorting, comparing and copying messages
Andrew Tridgell [Fri, 31 Dec 2004 03:51:42 +0000 (03:51 +0000)]
r4427: - added ldb_msg_*() functions for sorting, comparing and copying messages

- added a ldb_msg_canonicalize() function that fixes a record to not have any duplicate

- changed ldbedit to use ldb_msg_canonicalize(). This fixes a bug when you rename multiple
  elements in a record in one edit
(This used to be commit f006e724400843419c8b6155cbeae1876983855e)

15 years agor4426: fix same names
Stefan Metzmacher [Fri, 31 Dec 2004 03:32:36 +0000 (03:32 +0000)]
r4426: fix same names

(This used to be commit 18bbe40fe1e400546ff3750213f6c0505895e357)

15 years agor4425: - move srvsvc and wkssvc server code to the new W_ERROR_HAVE_NO_MEMORY() macro
Stefan Metzmacher [Fri, 31 Dec 2004 02:48:11 +0000 (02:48 +0000)]
r4425: - move srvsvc and wkssvc server code to the new W_ERROR_HAVE_NO_MEMORY() macro

- add parameters for
  server_info:platform_id = 500 /* this is PLATFORM_ID_NT */
  server_info:version_major = 5
  server_info:version_minor = 2

- implmented srvsvc_NetSrvGetInfo level 101

- make dcesrv_common_get_server_name() match w2k3

(This used to be commit 16f43207704397c6e3c0132e9f17c8a1a846ddca)

15 years agor4424: fixed a simple bug in the '|' handling in indexed ldb searches. I'm
Andrew Tridgell [Fri, 31 Dec 2004 02:18:14 +0000 (02:18 +0000)]
r4424: fixed a simple bug in the '|' handling in indexed ldb searches. I'm
amazed we got along for so long with this bug!
(This used to be commit 937159cf2c6ae08808bd10946fcdbd8741e1a560)

15 years agor4423: give lp_parm_int() and lp_parm_ulong() default values
Stefan Metzmacher [Fri, 31 Dec 2004 01:03:57 +0000 (01:03 +0000)]
r4423: give lp_parm_int() and lp_parm_ulong() default values

(This used to be commit c44f4d44b51789916e50c9da93046d0a15245edc)

15 years agor4422: make lp_set_cmdline("torture:dangerous", "Yes") a bool parameter
Stefan Metzmacher [Fri, 31 Dec 2004 01:02:22 +0000 (01:02 +0000)]
r4422: make lp_set_cmdline("torture:dangerous", "Yes") a bool parameter

(This used to be commit 19482a2245abbf9154423ca8997957b56333fba2)

15 years agor4421: fix typo
Stefan Metzmacher [Fri, 31 Dec 2004 00:07:37 +0000 (00:07 +0000)]
r4421: fix typo

(This used to be commit 222abd4171ce69c65a13b52675d4d75009056bca)

15 years agor4420: - add usefull helper macros for allocation failures,
Stefan Metzmacher [Thu, 30 Dec 2004 23:51:18 +0000 (23:51 +0000)]
r4420: - add usefull helper macros for allocation failures,
  they should be used in mostly all our code after
  calling a talloc_* function

  should be replaced by this new macros

(This used to be commit b6376590f4b2409b2237809d378d9425fe1ce07e)

15 years agor4419: move security_token stuff to the libcli/security/
Stefan Metzmacher [Thu, 30 Dec 2004 20:34:20 +0000 (20:34 +0000)]
r4419: move security_token stuff to the libcli/security/
and debug privileges

(This used to be commit c981808ed4cfa63c7ba7c4f9190b6b14f74bab40)

15 years agor4418: fix compiler warning and remove unused typedef
Stefan Metzmacher [Thu, 30 Dec 2004 19:55:23 +0000 (19:55 +0000)]
r4418: fix compiler warning and remove unused typedef

(This used to be commit 5861657fd12aae026c06ab8c6ae1f1656d06d0a1)

15 years agor4417: Reply to samr_QueryDomainInfo with the same static value as level2 does.
Volker Lendecke [Thu, 30 Dec 2004 19:11:25 +0000 (19:11 +0000)]
r4417: Reply to samr_QueryDomainInfo with the same static value as level2 does.

(This used to be commit 04cf580ef30ac38f3f312184a7b18551195a17ce)

15 years agor4416: [in,out] variables do have an r->out component...
Volker Lendecke [Thu, 30 Dec 2004 19:08:32 +0000 (19:08 +0000)]
r4416: [in,out] variables do have an r->out component...

(This used to be commit 97247c902962b7c0ac69691ae8d7300321de41d5)

15 years agor4415: Implement samr_RemoveMemberFromForeignDomain. This is needed to delete a user
Volker Lendecke [Thu, 30 Dec 2004 18:50:15 +0000 (18:50 +0000)]
r4415: Implement samr_RemoveMemberFromForeignDomain. This is needed to delete a user
with usrmgr.exe.

To fix: Remove domain group membership attrib values when a user is deleted.

(This used to be commit 83d180c732ba73cf50072ef73ccdd60e72bc9910)

15 years agor4414: Various bits&pieces:
Volker Lendecke [Thu, 30 Dec 2004 17:01:49 +0000 (17:01 +0000)]
r4414: Various bits&pieces:

* Implement samr_search_domain, filter out all elements with no "objectSid"
  attribute and all objects outside a specified domain sid.

* Minor cleanups in dcerpc_samr.c due to that.

* Implement srvsvc_NetSrvGetInfo level 100. A quick hack to get usrmgr.exe
  one step further.

* Same for samr_info_DomInfo1.

(This used to be commit cdec89611355fb75d253ecf5b658d0e23de8e440)

15 years agor4413: login failure doesn't warrant a level 1 debug (its filling my logs during...
Andrew Tridgell [Thu, 30 Dec 2004 11:24:49 +0000 (11:24 +0000)]
r4413: login failure doesn't warrant a level 1 debug (its filling my logs during torture tests)
(This used to be commit b9284c16dc37bf14fceeaa694e82f36a38b0dd93)

15 years agor4412: SEC_FILE_READ_ATTRIBUTE is always granted, even if not requested. This was...
Andrew Tridgell [Thu, 30 Dec 2004 07:10:31 +0000 (07:10 +0000)]
r4412: SEC_FILE_READ_ATTRIBUTE is always granted, even if not requested. This was being done
in the full ACL code, but not in the unix access check code, which meant that qfileinfo
was failing for some parameters
(This used to be commit 96d017e521f5a996a7a274682838855d077834bc)

15 years agor4411: when checking for create permissions, we need to check the parent, not the...
Andrew Tridgell [Thu, 30 Dec 2004 06:51:13 +0000 (06:51 +0000)]
r4411: when checking for create permissions, we need to check the parent, not the child!
(This used to be commit 30b4c20b1c9aea94dd2a0611b58860797d244e5a)

15 years agor4410: pvfs_rename_one() should not check for create permissions, as the rename
Andrew Tridgell [Thu, 30 Dec 2004 06:37:37 +0000 (06:37 +0000)]
r4410: pvfs_rename_one() should not check for create permissions, as the rename
is always in the same directory
(This used to be commit babf3480a4c29ce28d9a4525c4174a3d765dcbab)

15 years agor4409: fixed handling of zero access masks for the POSITION_INFORMATION query/set...
Andrew Tridgell [Thu, 30 Dec 2004 06:02:54 +0000 (06:02 +0000)]
r4409: fixed handling of zero access masks for the POSITION_INFORMATION query/set levels
(This used to be commit 75e7229476e1af6ab78fa5b41a7bb67df8e3d2dd)

15 years agor4408: added the remaining access check hooks into pvfs. All calls should now have...
Andrew Tridgell [Thu, 30 Dec 2004 05:50:23 +0000 (05:50 +0000)]
r4408: added the remaining access check hooks into pvfs. All calls should now have acl checking,
and obey the various inheritance rules.
(This used to be commit 5fe51807d6b97e68b65f152c0f405e5c5a025d21)

15 years agor4407: stricter checking of parameters on hard link creation in the RAW-RENAME test
Andrew Tridgell [Thu, 30 Dec 2004 05:48:32 +0000 (05:48 +0000)]
r4407: stricter checking of parameters on hard link creation in the RAW-RENAME test
(This used to be commit b239589b00e673ae2d6254083cd324bc3b54bcdf)

15 years agor4406: - don't call the xattr unlink hook on unlink unless the link count is 1, otherwise
Andrew Tridgell [Thu, 30 Dec 2004 03:19:27 +0000 (03:19 +0000)]
r4406: - don't call the xattr unlink hook on unlink unless the link count is 1, otherwise
  the xattrs of the remaining link are removed

- fix the handling of attribute set on directories
(This used to be commit fa44e3cce00b75656c85378c7825960540d2f282)

15 years agor4405: added acl inheritance to the mkdir and t2mkdir backends.
Andrew Tridgell [Thu, 30 Dec 2004 02:38:44 +0000 (02:38 +0000)]
r4405: added acl inheritance to the mkdir and t2mkdir backends.
(This used to be commit b44d4d17df8af4941740e5d5e0842ca01d8f403c)

15 years agor4404: check for SEC_ACE_FLAG_INHERIT_ONLY in the "maximum allowed" logic
Andrew Tridgell [Thu, 30 Dec 2004 02:27:16 +0000 (02:27 +0000)]
r4404: check for SEC_ACE_FLAG_INHERIT_ONLY in the "maximum allowed" logic
(This used to be commit e4ee8b776ba164a89afca43de20c166ccbfddb99)

15 years agor4403: - added ACL inheritance in the pvfs backend. ACLs are now inherited on
Andrew Tridgell [Thu, 30 Dec 2004 02:25:20 +0000 (02:25 +0000)]
r4403: - added ACL inheritance in the pvfs backend. ACLs are now inherited on
  file and directory creation via ntcreatex. pvfs now passes the
  inheritance test in RAW-ACLS

- cleaned up the error handling a bit in pvfs_open()
(This used to be commit f4dfb63d5395a365961a21388639809fcd3112d0)

15 years agor4402: use __location__ instead of __LINE__ in the RAW-RENAME test
Andrew Tridgell [Thu, 30 Dec 2004 02:22:29 +0000 (02:22 +0000)]
r4402: use __location__ instead of __LINE__ in the RAW-RENAME test
(This used to be commit 09ac1338209b0d0878173cfef3dca5603271b1a8)

15 years agor4401: stricter test for correct ACL inheritance in RAW-ACLS
Andrew Tridgell [Thu, 30 Dec 2004 02:22:03 +0000 (02:22 +0000)]
r4401: stricter test for correct ACL inheritance in RAW-ACLS
(This used to be commit 1bb769196377772326151210309ff12362eb0f2f)

15 years agor4400: Pass rootdse.ldif past the subst code.
Andrew Bartlett [Wed, 29 Dec 2004 22:59:28 +0000 (22:59 +0000)]
r4400: Pass rootdse.ldif past the subst code.

Andrew Bartlett
(This used to be commit d901c8fb64440fd8f966cc3d8929bb63551019fd)

15 years agor4399: Implement samr_GetAliasMembership and samr_GetGroupsForUser. With these two,
Volker Lendecke [Wed, 29 Dec 2004 22:57:20 +0000 (22:57 +0000)]
r4399: Implement samr_GetAliasMembership and samr_GetGroupsForUser. With these two,
usrmgr.exe seems to become usable. Some quirks, but it's worth a try.

(This used to be commit 9c62a239cd609092654ad653972153a3a71e7279)

15 years agor4398: Make usrmgr.exe believe we're a DC. Otherwise it will not show global groups.
Volker Lendecke [Wed, 29 Dec 2004 22:54:24 +0000 (22:54 +0000)]
r4398: Make usrmgr.exe believe we're a DC. Otherwise it will not show global groups.

Index on "key" attribute.

(This used to be commit 9c23d73ec213c3ef6e0afd671570b431a66f55c0)

15 years agor4397: Fix a bug where '(&(objectclass=domain)(!(objectclass=builtindomain)))' fell
Volker Lendecke [Wed, 29 Dec 2004 22:25:46 +0000 (22:25 +0000)]
r4397: Fix a bug where '(&(objectclass=domain)(!(objectclass=builtindomain)))' fell
back to a full search.

(This used to be commit 55c9fbd4f4afdde30a0d92bfd31f5c9ebb98c59b)

15 years agor4396: Generate newrootdse.ldb in as well
Jelmer Vernooij [Wed, 29 Dec 2004 21:41:17 +0000 (21:41 +0000)]
r4396: Generate newrootdse.ldb in as well
(This used to be commit 3ebaec6edb68e9dce90981d96516fcf541c3c670)

15 years agor4395: Generate "newhklm.ldb" using
Jelmer Vernooij [Wed, 29 Dec 2004 21:21:14 +0000 (21:21 +0000)]
r4395: Generate "newhklm.ldb" using
(This used to be commit fa53c56236ddc7f86cdab85f95f6be6fcfb0909b)

15 years agor4394: Use 'raw' protocol towers in the lists in the endpoint rather then
Jelmer Vernooij [Wed, 29 Dec 2004 15:36:45 +0000 (15:36 +0000)]
r4394: Use 'raw' protocol towers in the lists in the endpoint rather then
dcerpc_binding structs.
(This used to be commit 9175b729724fb7b747e7e4072dda733277f0f414)

15 years agor4393: Trivial bugfix for a silly bug
Volker Lendecke [Wed, 29 Dec 2004 13:22:00 +0000 (13:22 +0000)]
r4393: Trivial bugfix for a silly bug
(This used to be commit ae3c329e9d718cdc011f8f291ccc68abad6b9cc7)

15 years agor4392: Fix samr_GetAliasMembership idl
Volker Lendecke [Wed, 29 Dec 2004 13:20:17 +0000 (13:20 +0000)]
r4392: Fix samr_GetAliasMembership idl
(This used to be commit b0b9332519ab6461967a5fe10698dcf4e9950834)

15 years agor4391: bring the default ACL inline with what w2k3 uses
Andrew Tridgell [Wed, 29 Dec 2004 12:41:27 +0000 (12:41 +0000)]
r4391: bring the default ACL inline with what w2k3 uses
(This used to be commit 16967f7502ea6d2efa0fc08decc955a1516c3a02)

15 years agor4390: Registry value and key names are case-insensitive
Jelmer Vernooij [Wed, 29 Dec 2004 12:28:35 +0000 (12:28 +0000)]
r4390: Registry value and key names are case-insensitive
Nicer menu layout in gregedit
(This used to be commit 2948b9750d756880c3af7fb352f0a684a1fae9c9)

15 years agor4389: added checking for the default inherited ACL, which is used when no ACEs
Andrew Tridgell [Wed, 29 Dec 2004 07:28:03 +0000 (07:28 +0000)]
r4389: added checking for the default inherited ACL, which is used when no ACEs
are inheritable
(This used to be commit e30b8d5783e073a31f738a36400fe866c970464b)

15 years agor4388: - allow ACE flags to be specified in security_descriptor_create()
Andrew Tridgell [Wed, 29 Dec 2004 06:53:15 +0000 (06:53 +0000)]
r4388: - allow ACE flags to be specified in security_descriptor_create()

- added a test for all combinations of the inheritance ACE flags and how
  they are propogated to child directories and files
(This used to be commit fdb38c8e4b6279137892402b21d2d52e1921e456)

15 years agor4387: added a TODO about the NTCREATEX_FLAGS_OPEN_DIRECTORY flag - it seems to open
Andrew Tridgell [Wed, 29 Dec 2004 06:52:06 +0000 (06:52 +0000)]
r4387: added a TODO about the NTCREATEX_FLAGS_OPEN_DIRECTORY flag - it seems to open
the parent of the specified directory ?!
(This used to be commit a012d1c978a478fe8debf0c546ed770047dbfbcf)

15 years agor4386: Grr, fix copy-and-paste bug.
Andrew Bartlett [Wed, 29 Dec 2004 00:03:34 +0000 (00:03 +0000)]
r4386: Grr, fix copy-and-paste bug.

Andrew Bartlett
(This used to be commit 13aa88ed65a8914000cccbecf80929db3df65037)

15 years agor4385: Set the correct target service.
Andrew Bartlett [Tue, 28 Dec 2004 23:59:22 +0000 (23:59 +0000)]
r4385: Set the correct target service.

Andrew Bartlett
(This used to be commit 722f59c7c8d09f548d9325c6051d6687d7aa16c2)

15 years agor4384: Try again to fix compiling against a specified KRB5 library.
Andrew Bartlett [Tue, 28 Dec 2004 23:55:58 +0000 (23:55 +0000)]
r4384: Try again to fix compiling against a specified KRB5 library.

The strong feeling I get is that this is just not possible, if as
Fedora has, the MIT installation is in /usr/lib, but this is one step
closer anyway.

Andrew Bartlett
(This used to be commit da4cf53767ca567497c4c7f341795246bb306892)

15 years agor4383: in order to cope with overfilled buffers on trans2 findfirst we need to use...
Andrew Tridgell [Tue, 28 Dec 2004 23:28:02 +0000 (23:28 +0000)]
r4383: in order to cope with overfilled buffers on trans2 findfirst we need to use 32 bit offsets and lengths
in trans2 fill code, even though the packets themselves can only use 16 bit lengths. This prevents
the overflow detection code from failing due to 16 bit length wrap.
(This used to be commit 5cd74c22e99bc78e1f3ddf3f098790c4b4b87b4f)

15 years agor4382: check for bad tid in SMBtdis
Andrew Tridgell [Tue, 28 Dec 2004 23:26:29 +0000 (23:26 +0000)]
r4382: check for bad tid in SMBtdis
(This used to be commit 44ca3f41cc835e22e6adca48ddfd84f246b22bfb)

15 years agor4381: Add my copyright
Volker Lendecke [Tue, 28 Dec 2004 23:05:48 +0000 (23:05 +0000)]
r4381: Add my copyright
(This used to be commit 9e27a83ac3b1470ba52df01743d9a64fcbecc64b)

15 years agor4380: Implement samr_QueryDisplayInfo. This probably needs some polishing (Do we
Volker Lendecke [Tue, 28 Dec 2004 23:01:34 +0000 (23:01 +0000)]
r4380: Implement samr_QueryDisplayInfo. This probably needs some polishing (Do we
have to sort the entries?)

(This used to be commit 26d21bb5cc26964f2d790aa83149ba399ac50db2)

15 years agor4379: Merge more Kerberos related configure checks (by jra, gd and Lars
Andrew Bartlett [Tue, 28 Dec 2004 22:29:48 +0000 (22:29 +0000)]
r4379: Merge more Kerberos related configure checks (by jra, gd and Lars
Mueller <>) from 3.0 to Samba4.

Andrew Bartlett
(This used to be commit 9c74e04098d50427f93219a6a451c44a2373db46)

15 years agor4378: Implement samr_EnumDomainGroups and samr_EnumDomainAliases.
Volker Lendecke [Tue, 28 Dec 2004 07:57:31 +0000 (07:57 +0000)]
r4378: Implement samr_EnumDomainGroups and samr_EnumDomainAliases.

Hmmm. How do I tell ldb not to descend into cn=Builtin?

(This used to be commit c95d20cd7c18fbfb5e6e9a5efac07354117610c5)

15 years agor4377: Fix default groupType attributes.
Volker Lendecke [Tue, 28 Dec 2004 07:54:30 +0000 (07:54 +0000)]
r4377: Fix default groupType attributes.

(This used to be commit 15d50350b596068643fb8e28d2a8cb45ac4d6204)

15 years agor4376: Implement samr_AddAliasMember, samr_DeleteAliasMember and
Volker Lendecke [Mon, 27 Dec 2004 22:20:17 +0000 (22:20 +0000)]
r4376: Implement samr_AddAliasMember, samr_DeleteAliasMember and

(This used to be commit 78802720ae922cf8ad19bf2e8be23a64435c4673)

15 years agor4375: Implement samr_OpenAlias, samr_QueryAliasInfo and samr_SetAliasInfo. Fix IDL
Volker Lendecke [Mon, 27 Dec 2004 11:27:30 +0000 (11:27 +0000)]
r4375: Implement samr_OpenAlias, samr_QueryAliasInfo and samr_SetAliasInfo. Fix IDL
for samr_SetAliasInfo.

(This used to be commit d70e2371903fb21e24ab2e23d04ee4b0b2ef55e5)

15 years agor4374: Follow metzes hint, change LookupRids a bit
Volker Lendecke [Mon, 27 Dec 2004 09:48:49 +0000 (09:48 +0000)]
r4374: Follow metzes hint, change LookupRids a bit
(This used to be commit b8fa5b9419c6397a4266bfdce3a31b1e016d7faa)

15 years agor4373: Support setting values and fix a segfault
Jelmer Vernooij [Mon, 27 Dec 2004 00:32:13 +0000 (00:32 +0000)]
r4373: Support setting values and fix a segfault
(This used to be commit cdb6980cdcf4b093e98b3b025f784333d46ac957)

15 years agor4372: Implement samr_LookupRids
Volker Lendecke [Sun, 26 Dec 2004 23:31:19 +0000 (23:31 +0000)]
r4372: Implement samr_LookupRids
(This used to be commit 1bab3254f6a27144c6f76edf66573f7fa25b3173)

15 years agor4371: Add "Create Key", "Delete Key" and "Delete Value" buttons.
Jelmer Vernooij [Sun, 26 Dec 2004 22:41:38 +0000 (22:41 +0000)]
r4371: Add "Create Key", "Delete Key" and "Delete Value" buttons.
gregedit now can do the same things as regedt32 except for finding
data and setting values. (and a few segfaults...)
(This used to be commit ada16f31e4da919731767ce31000aa270f22ffd5)

15 years agor4367: Implement samr_AddGroupMember, samr_DeleteGroupMember and
Volker Lendecke [Sun, 26 Dec 2004 18:02:18 +0000 (18:02 +0000)]
r4367: Implement samr_AddGroupMember, samr_DeleteGroupMember and

(This used to be commit 43581c3711d2eeb901094acebea294a3b87d4c0b)

15 years agor4366: Fix ldb_modify_internal: Adding values to an existing attribute you could end
Volker Lendecke [Sun, 26 Dec 2004 17:30:27 +0000 (17:30 +0000)]
r4366: Fix ldb_modify_internal: Adding values to an existing attribute you could end
up with a corrupt data structure on disk, namely with two attribute structures
for the same attribute name.

(This used to be commit 284044b5b20102894a8128f84ab41d59cfcc9285)

15 years agor4365: added command 'eainfo' to smbclient for displaying binary EA contents
Andrew Tridgell [Sun, 26 Dec 2004 08:41:11 +0000 (08:41 +0000)]
r4365: added command 'eainfo' to smbclient for displaying binary EA contents
(This used to be commit 268edcdb4a95240662102faef4126449f286d49d)

15 years agor4364: - added support for testing of chained SMB operations in smbtorture
Andrew Tridgell [Sun, 26 Dec 2004 08:13:01 +0000 (08:13 +0000)]
r4364: - added support for testing of chained SMB operations in smbtorture

- added test for chained OpenX/ReadX, simulating the OS/2 workplace shell

- fixed a bug in handling chained fnum in openx and ntcreatex in the server

(yes, I'm on holiday, but this bug was annoying me ....)
(This used to be commit b3b8958a18e302b815d98c0e3879e404bced6a08)

15 years agor4363: value "none required" is set if no library is needed (autoconf does this the...
Jelmer Vernooij [Sat, 25 Dec 2004 22:18:12 +0000 (22:18 +0000)]
r4363: value "none required" is set if no library is needed (autoconf does this the same way)
(This used to be commit 8cf15704101e5957e15a0401e4832faf1346f12e)

15 years agor4362: dlopen() doesn't imply -ldl
Jelmer Vernooij [Sat, 25 Dec 2004 21:49:21 +0000 (21:49 +0000)]
r4362: dlopen() doesn't imply -ldl
Should fix the build on several *BSD systems that have dlopen() in libc
(This used to be commit 6d2b8e71c177d1d35a8b975cd5f24089aaa2bb49)

15 years agor4361: fix the build
Stefan Metzmacher [Sat, 25 Dec 2004 14:12:31 +0000 (14:12 +0000)]
r4361: fix the build

(This used to be commit 78b2af77e9e4b97c698d6d9e680207b1df289cb4)

15 years agor4360: destroy the gensec context
Stefan Metzmacher [Sat, 25 Dec 2004 14:06:55 +0000 (14:06 +0000)]
r4360: destroy the gensec context

(This used to be commit a25770983b34bac5bd7dcce69241716386dc8509)