Andrew Tridgell [Sun, 9 May 2004 00:41:32 +0000 (00:41 +0000)]
r594: - make sure all users in the domain have the same base sid!
- added proper ldap time construction to provisioning
Andrew Tridgell [Sun, 9 May 2004 00:40:45 +0000 (00:40 +0000)]
r593: add a constant for the records size multiplier for max_size in samr_EnumDomainUsers
Andrew Tridgell [Sun, 9 May 2004 00:39:39 +0000 (00:39 +0000)]
r591: don't need to init non-ref out ptrs (thanks to abartlet for spotting this)
Tim Potter [Sat, 8 May 2004 23:51:23 +0000 (23:51 +0000)]
r589: Fix IDL dump module so --dump and --diff options to pidl.pl work
again. Still a few problems left though.
Andrew Tridgell [Sat, 8 May 2004 14:42:45 +0000 (14:42 +0000)]
r587: added server code for samr_EnumDomainUsers, and started adding
samr_SetUserInfo and samr_QueryUserInfo
Andrew Tridgell [Sat, 8 May 2004 07:12:04 +0000 (07:12 +0000)]
r586: removed --clientfns from build_idl.sh (tim removed that code from pidl)
Andrew Tridgell [Sat, 8 May 2004 03:44:47 +0000 (03:44 +0000)]
r583: fixed two bugs in the handling of index entry deletion
Andrew Tridgell [Sat, 8 May 2004 02:48:24 +0000 (02:48 +0000)]
r582: added the LMSessKey in SamInfo and SamInfo2, thanks to work by abartlet
added test code for SamLogon validation level 2 and 3, so we test both
SamInfo and SamInfo2
Andrew Tridgell [Sat, 8 May 2004 00:02:31 +0000 (00:02 +0000)]
r578: initial server side implementation of samr_CreateUser(),
samr_CreateUser2(), samr_LookupNames(), samr_OpenUser(),
and samr_DeleteUser()
this uses a user template in the SAM db, of objectclass "userTemplate"
and dn CN=TemplateUser,CN=Templates,$BASEDN. Using a template allows
an admin to add any default user attributes that they might want to
the user template and all new users will receive those attributes.
Andrew Tridgell [Fri, 7 May 2004 23:57:35 +0000 (23:57 +0000)]
r577: extended the LookupNames test to check for correct handling of unmapped names
Andrew Tridgell [Fri, 7 May 2004 23:56:57 +0000 (23:56 +0000)]
r576: added a ldap_timestring() function (needed for fields like whenChanged in SAM db)
Andrew Tridgell [Fri, 7 May 2004 23:55:52 +0000 (23:55 +0000)]
r575: moved the SID_NAME_USE enum into samr.idl
Andrew Tridgell [Fri, 7 May 2004 23:54:41 +0000 (23:54 +0000)]
r574: - another attempt at const cleanliness in ldb
- fixed a problem with searching for values containing an '=' sign
- fixed the semantics of attempting an attribute deletion on an attribute that doesn't exist.
- added some more ldb_msg_*() utilities
Tim Potter [Fri, 7 May 2004 11:57:31 +0000 (11:57 +0000)]
r550: Remove clientfns.pm module - it was a bad idea.
Start to resurrect eparser.pm for auto-generating ethereal dissectors
for rpc.
Andrew Tridgell [Fri, 7 May 2004 11:56:13 +0000 (11:56 +0000)]
r549: added support for DOS error codes in NTSTATUS returns. This uses a
range of NTSTATUS codes that are normally invalid to prevent conflicts
with real error codes.
use the new DOS facility to fix the ERRbaduid return that volker found
Andrew Tridgell [Thu, 6 May 2004 12:42:42 +0000 (12:42 +0000)]
r514: added a context pointer to the samdb interface, as suggested by
metze. Also added a reference count so that a client can close the
connection handle and still used a derived domain handle.
Andrew Tridgell [Thu, 6 May 2004 09:55:05 +0000 (09:55 +0000)]
r513: added a generic ldb debug system to allow the Samba debug functions to
be cleanly interfaced to ldb
Andrew Tridgell [Thu, 6 May 2004 07:33:28 +0000 (07:33 +0000)]
r511: fix some const handling
Andrew Tridgell [Thu, 6 May 2004 07:32:51 +0000 (07:32 +0000)]
r510: converted the samdb code to give ldb a talloc context rather than letting ldb use malloc
Andrew Tridgell [Thu, 6 May 2004 07:30:51 +0000 (07:30 +0000)]
r509: fixed a memory handling bug that affects ldb with memory pools that
change with each request
Andrew Tridgell [Thu, 6 May 2004 05:57:33 +0000 (05:57 +0000)]
r508: fixed a place where we used free() on memory from a talloc(). The new
talloc code catches errors like this.
Andrew Tridgell [Thu, 6 May 2004 05:53:35 +0000 (05:53 +0000)]
r507: the new ldb code will use talloc_free() a lot, so I have made
talloc_free() O(1) in preparation. This also halves the number of
malloc() calls and increases our internal consistency checking,
without breaking valgrind testing.
Andrew Tridgell [Thu, 6 May 2004 05:51:51 +0000 (05:51 +0000)]
r506: got rid of unused function secrets_get_trusted_domains()
Andrew Tridgell [Thu, 6 May 2004 04:45:29 +0000 (04:45 +0000)]
r504: fixed a bad call to list_union()
Andrew Tridgell [Thu, 6 May 2004 04:41:28 +0000 (04:41 +0000)]
r503: we don't need to include ldb_parse.h any more
Andrew Tridgell [Thu, 6 May 2004 04:40:15 +0000 (04:40 +0000)]
r502: modified ldb to allow the use of an external pool memory
allocator. The way to use this is to call ldb_set_alloc() with a
function pointer to whatever memory allocator you like. It includes a
context pointer to allow for pool based allocators.
Stefan Metzmacher [Wed, 5 May 2004 10:29:25 +0000 (10:29 +0000)]
r491: regtree and gregedit also depend on LIBCMDLINE (popt stuff)
metze
Andrew Tridgell [Wed, 5 May 2004 04:27:29 +0000 (04:27 +0000)]
r490: - expanded the test suite to test modify and delete operations
- made yet another attempt to make ldb const clean.
- "make test" now runs both the tdb and ldap backend tests, and run the ldbtest utility
with and without indexing
- added prototypes in ldb.h for ldb_msg_*() public functions
Andrew Tridgell [Tue, 4 May 2004 22:53:47 +0000 (22:53 +0000)]
r476: i forgot the argument to get_time_zone()
Andrew Tridgell [Tue, 4 May 2004 13:42:32 +0000 (13:42 +0000)]
r469: considerably improved the ChangePasswordUser3() IDL thanks to an idea from abartlet
Andrew Tridgell [Tue, 4 May 2004 13:41:08 +0000 (13:41 +0000)]
r468: fixed timegm() on broken systems
Stefan Metzmacher [Tue, 4 May 2004 13:18:29 +0000 (13:18 +0000)]
r467: hopefully get the buildfarm compiling fine now...
metze
Andrew Tridgell [Tue, 4 May 2004 07:53:06 +0000 (07:53 +0000)]
r466: implemented samr_OpenDomain() and samr_GetDomPwInfo() server side calls
if you take a look at samr_GetDomPwInfo() then you will get a fairly good idea
of what I am planning for the database oriented SAMR server implementation.
Andrew Tridgell [Tue, 4 May 2004 06:11:47 +0000 (06:11 +0000)]
r465: we need common.h in two more rpc server pipes
Andrew Tridgell [Tue, 4 May 2004 06:07:52 +0000 (06:07 +0000)]
r464: a big improvement to the API for writing server-side RPC
servers. Previously the server pipe code needed to return the RPC
level status (nearly always "OK") and separately set the function call
return using r->out.result. All the programmers writing servers
(metze, jelmer and me) were often getting this wrong, by doing things
like "return NT_STATUS_NO_MEMORY" which was really quite meaningless
as there is no code like that at the dcerpc level.
I have now modified pidl to generate the necessary boilerplate so that
just returning the status you want from the function will work. So for
a NTSTATUS function you return NT_STATUS_XXX and from a WERROR
function you return WERR_XXX. If you really want to generate a DCERPC
level fault rather than just a return value in your function then you
should use the DCESRV_FAULT() macro which will correctly generate a
fault for you.
As a side effect, this also adds automatic type checking of all of our
server side rpc functions, which was impossible with the old API. When
I changed the API I found and fixed quite a few functions with the
wrong type information, so this is definately useful.
I have also changed the server side template generation to generate a
DCERPC "operation range error" by default when you have not yet filled
in a server side function. This allows us to correctly implement
functions in any order in our rpc pipe servers and give the client the
right information about the fault.
Andrew Tridgell [Tue, 4 May 2004 05:58:52 +0000 (05:58 +0000)]
r463: build ldb with debugging when standalone
Andrew Tridgell [Tue, 4 May 2004 05:58:22 +0000 (05:58 +0000)]
r462: added an explanation about the rather complex ltdb_key() function
Andrew Tridgell [Mon, 3 May 2004 14:59:23 +0000 (14:59 +0000)]
r459: added an initial provision.ldif - this is temporary, and needs to be
replaced with a more sophisticated provisioning system
Andrew Tridgell [Mon, 3 May 2004 14:58:08 +0000 (14:58 +0000)]
r458: this is the (very primitive) beginnings of a SAMR server for
Samba4. I'm committing this now so I can get comments on the approach.
Note that you need to do something like this to initialise the SAM db:
edit script/provision.pl
script/provision.pl > provision.ldif.out
bin/ldbadd /path/to/private/sam.ldb provision.ldif.out
Andrew Tridgell [Mon, 3 May 2004 14:54:47 +0000 (14:54 +0000)]
r457: added some more samr tests to help me work out the right error codes
in our new samr server
Andrew Tridgell [Mon, 3 May 2004 14:51:26 +0000 (14:51 +0000)]
r456: - added -i option to ldbsearch
- fixed sorting bug in ldb index handing
Andrew Tridgell [Mon, 3 May 2004 09:34:18 +0000 (09:34 +0000)]
r454: allow a non-URL form of a filename to be used in ldb_connect(). This
makes it a little easier to work with the ldb tools
Andrew Tridgell [Mon, 3 May 2004 04:25:48 +0000 (04:25 +0000)]
r453: added a comment about indexing on objectclass
(its usually a bad idea)
Andrew Tridgell [Mon, 3 May 2004 04:24:30 +0000 (04:24 +0000)]
r452: move from first-fit to best-fit in tdb record allocation. For a
situation where we are continually increasing the size of a record
(such as ldb index records) this reduces the resulting tdb size by a
factor of over 100x, due to reductions in fragmentation. It appears to
have no noticable effect on the speed in other cases.
Andrew Bartlett [Sun, 2 May 2004 12:42:01 +0000 (12:42 +0000)]
r451: More NTLMSSP work.
The work here is trying to get the LM_KEY option for NLTMSSP
operating, however until that functions properly, it is now controlled
by some new smb.conf options, defaulting off.
Andrew Bartlett
Andrew Bartlett [Sun, 2 May 2004 11:45:01 +0000 (11:45 +0000)]
r448: Fix 'auth' in Samba4, by making 'auth methods' a normal smb.conf
paramter, without special links to other variables.
When we get 'server role' ideas back into Samba4, we can fix this properly.
The default is:
guest, sam_ignoredomain
which is the expected behaviour for a stand-alone server.
Andrew Bartlett
Andrew Tridgell [Sun, 2 May 2004 10:07:25 +0000 (10:07 +0000)]
r445: fixed the bind_nak code
Andrew Tridgell [Sun, 2 May 2004 10:06:45 +0000 (10:06 +0000)]
r444: - added the beginnings of a ldb test suite and benchmark
- updated the test slapd config to use bdb and indexing
Andrew Bartlett [Sun, 2 May 2004 08:45:00 +0000 (08:45 +0000)]
r443: Update Samba4 to the auth and NTLMSSP code from Samba3.
Not all the auth code is merged - only those parts that are actually
being used in Samba4.
There is a lot more work to do in the NTLMSSP area, and I hope to
develop that work here. There is a start on this here - splitting
NTLMSSP into two parts that my operate in an async fashion (before and
after the actual authentication)
Andrew Bartlett
Andrew Tridgell [Sun, 2 May 2004 05:16:15 +0000 (05:16 +0000)]
r442: fixed some uninitialised variables pointed out by gcc -O3
Andrew Tridgell [Sun, 2 May 2004 05:10:40 +0000 (05:10 +0000)]
r441: added an example of how to use the remote rpc interface
Andrew Tridgell [Sat, 1 May 2004 14:04:33 +0000 (14:04 +0000)]
r437: fixed handling of a corner case with multi-valued indexing
Andrew Tridgell [Sat, 1 May 2004 10:39:32 +0000 (10:39 +0000)]
r436: fixed indexing of objectclass with subclasses
Andrew Tridgell [Sat, 1 May 2004 09:45:56 +0000 (09:45 +0000)]
r435: a major upgrade for ldb
- added the ability to mark record attributes as being CASE_INSENSITIVE, WILDCARD or INTEGER.
- added the ability to support objectclass subclasses, and to search by a parent class
- added internal support for case insensitive versus case sensitive
indexing (not UTF8 compliant yet)
- cleaned up a number of const warnings
- added a number of helper functions for fetching integers, strings and doubles
- added a in-memory cache for important database properties, supported by a
database sequence number
- changed some variable names to avoid conflicts with C++
Stefan Metzmacher [Fri, 30 Apr 2004 15:33:30 +0000 (15:33 +0000)]
r432: fix the linking of the reg* tools
metze
Stefan Metzmacher [Fri, 30 Apr 2004 12:52:58 +0000 (12:52 +0000)]
r425: add some comments to ugly code parts
we should take care of 'char *' and 'const char *' and DO NOT mix them!
Jelmer: please fix this
metze
Stefan Metzmacher [Fri, 30 Apr 2004 12:40:48 +0000 (12:40 +0000)]
r424: let this code compile on every machine hopefully
metze
Andrew Tridgell [Fri, 30 Apr 2004 03:57:48 +0000 (03:57 +0000)]
r420: added nicer names for the field bits in userinfo21
added tests for the level 23 and 25 password change methods
Stefan Metzmacher [Fri, 30 Apr 2004 03:12:14 +0000 (03:12 +0000)]
r419: Data::Dumper is not portable
use it only for debugging in a local tree
metze
Stefan Metzmacher [Thu, 29 Apr 2004 21:01:13 +0000 (21:01 +0000)]
r412: as we decide to not do 3.0.2a releases anymore,
remove the generation stuff from VERSION and mkversion.sh
metze
Stefan Metzmacher [Thu, 29 Apr 2004 20:57:22 +0000 (20:57 +0000)]
r411: make swig should not be the first make rule...
add make default -> all before
metze
Andrew Tridgell [Wed, 28 Apr 2004 14:38:42 +0000 (14:38 +0000)]
r392: added IDL for 3 more netlogon Delta levels, thanks to a dump from Richard Renard
Andrew Tridgell [Wed, 28 Apr 2004 13:17:28 +0000 (13:17 +0000)]
r390: added my best guess for how session keys are supposed to work when you
use NTLMSSP sign or seal at the RPC layer
It doesn't work yet, but then again neither does the old code (which
just assumed the SMB session key was used, which of course makes no
sense on a ncacn_ip_tcp connection)
Andrew Tridgell [Wed, 28 Apr 2004 13:15:49 +0000 (13:15 +0000)]
r389: added a test for set user info level 26 (set password extended)
thanks to Luke Howard for this test
Andrew Tridgell [Wed, 28 Apr 2004 13:13:26 +0000 (13:13 +0000)]
r388: added IDL for 3 more set user info levels (all of which set the
password). That makes 8 ways to change a password just on the SAMR
pipe!
Thanks to Luke Howard from PADL for this.
Andrew Tridgell [Wed, 28 Apr 2004 13:06:25 +0000 (13:06 +0000)]
r387: more C++ friendly changes
Volker Lendecke [Wed, 28 Apr 2004 12:45:16 +0000 (12:45 +0000)]
r386: Another torture test to survive.
Believe it or not, w2k3 returns ERRSRV:ERRbaduid DOS error code if you pass in
a wrong vuid. We (Samba 3) currently return NT_STATUS_NETWORK_ACCESS_DENIED.
Volker
Tim Potter [Wed, 28 Apr 2004 10:10:52 +0000 (10:10 +0000)]
r383: Scripting extensions using swig. This commit includes only a (LGPL)
python interface to tdb and a rudimentary build system.
Configure with --with-python and make swig to build and append
$(builddir)/scripting/swig/python to PYTHONPATH.
Tim Potter [Wed, 28 Apr 2004 07:32:37 +0000 (07:32 +0000)]
r382: More C++ friendliness fixes.
Andrew Tridgell [Wed, 28 Apr 2004 07:05:28 +0000 (07:05 +0000)]
r381: make the code more C++ friendly
Andrew Tridgell [Wed, 28 Apr 2004 06:43:35 +0000 (06:43 +0000)]
r380: make sure that ldbedit -a works with all tdb and LDAP backends
Andrew Tridgell [Tue, 27 Apr 2004 07:12:10 +0000 (07:12 +0000)]
r374: allow for a policy_handle fetch using a handle type of
DCESRV_HANDLE_ANY. This is needed for operations like samr_Close()
that take any handle type.
Andrew Tridgell [Tue, 27 Apr 2004 07:10:16 +0000 (07:10 +0000)]
r373: use a much larger default tdb hash size in ldb
Andrew Tridgell [Tue, 27 Apr 2004 06:36:39 +0000 (06:36 +0000)]
r372: automatically create a fake BDC machine account and delete it
afterwards for the RPC-NETLOGON test. This makes it much simpler to
run the test and also means that it doesn't distrurb any existing
domain join you might have.
Andrew Tridgell [Mon, 26 Apr 2004 03:52:44 +0000 (03:52 +0000)]
r365: improved the IDL for samr_Connect5()
Andrew Tridgell [Mon, 26 Apr 2004 03:07:46 +0000 (03:07 +0000)]
r364: finally worked out the ancient samr_ChangePasswordUser() interface
yay!
Andrew Tridgell [Mon, 26 Apr 2004 02:05:48 +0000 (02:05 +0000)]
r363: nicer error handling in pidl
Andrew Tridgell [Mon, 26 Apr 2004 02:04:48 +0000 (02:04 +0000)]
r362: after setting domain info query it again so we can see what attributes stick
Andrew Tridgell [Mon, 26 Apr 2004 00:43:23 +0000 (00:43 +0000)]
r361: allow anonymous browsing
Andrew Tridgell [Mon, 26 Apr 2004 00:33:17 +0000 (00:33 +0000)]
r360: use the STYPE_* definitions from srvsvc.idl
Andrew Tridgell [Mon, 26 Apr 2004 00:32:29 +0000 (00:32 +0000)]
r359: moved the share type definitions to srvsvc.idl
I'd like to see more protocol defininitions in the IDL files and less
in smb.h where possible.
Andrew Tridgell [Mon, 26 Apr 2004 00:31:31 +0000 (00:31 +0000)]
r358: added some more annotation on the samr unknown attributes
Andrew Tridgell [Mon, 26 Apr 2004 00:27:01 +0000 (00:27 +0000)]
r357: added share browsing to smbclient using the SRVSVC MSRPC pipe
Tim Potter [Sun, 25 Apr 2004 22:58:18 +0000 (22:58 +0000)]
r356: Start of auto-generated client functions. Tridge can you take a look
and tell me what you think? Output does not compile yet.
Tim Potter [Sun, 25 Apr 2004 22:15:48 +0000 (22:15 +0000)]
r355: Fix a bunch of compiler warnings in the registry code.
Tim Potter [Sun, 25 Apr 2004 22:05:05 +0000 (22:05 +0000)]
r354: Tridge convinced me that writing some wrapper functions by hand was a
bad idea.
Andrew Tridgell [Fri, 23 Apr 2004 13:09:53 +0000 (13:09 +0000)]
r344: fixed deletion of index records
Andrew Tridgell [Fri, 23 Apr 2004 13:05:27 +0000 (13:05 +0000)]
r343: added automatic reindexing of the database when the index list changes
Andrew Tridgell [Fri, 23 Apr 2004 05:40:18 +0000 (05:40 +0000)]
r336: added a -X command line option to smbtorture to enable dangerous or
possibly destructive tests. Use with care!
Added IDL and test code for samr_Shutdown() and samr_SetDsrmPassword()
Andrew Tridgell [Fri, 23 Apr 2004 04:21:22 +0000 (04:21 +0000)]
r335: added much better handling of servers that die unexpectedly during a
request (a dead socket). I discovered this when testing against Sun's
PC-NetLink.
cleaned up the naming of some of the samr requests
add IDL and test code for samr_QueryGroupMember(),
samr_SetMemberAttributesOfGroup() and samr_Shutdown(). (actually, I
didn't leave the samr_Shutdown() test in, as its fatal to windows
servers due to doing exactly what it says it does).
Andrew Tridgell [Thu, 22 Apr 2004 07:45:00 +0000 (07:45 +0000)]
r327: fixed an uninitialised variable found by valgrind
Andrew Tridgell [Thu, 22 Apr 2004 07:28:18 +0000 (07:28 +0000)]
r326: tweaks to the RPC-SAMR test code to allow win2003 to pass the test (for example, not filling in extra
fields in level21 setuserinfo)
Andrew Tridgell [Thu, 22 Apr 2004 06:19:48 +0000 (06:19 +0000)]
r325: added IDL and test code for samr_ChangePasswordUser3().
Also added much better handling of random password generation in the
password change test code
Andrew Tridgell [Thu, 22 Apr 2004 06:18:40 +0000 (06:18 +0000)]
r324: - don't reseed on every password generate
- check for overflow (very unlikely) in random buffer generation
Andrew Tridgell [Thu, 22 Apr 2004 06:17:50 +0000 (06:17 +0000)]
r323: added rough password quality checking in generate_random_str(), so we generate passwords
that are likely to be accepted by the win2003 quality checks
Andrew Tridgell [Thu, 22 Apr 2004 06:16:01 +0000 (06:16 +0000)]
r322: use the -C option to configure for developers (makes a huge speed difference)
Stefan Metzmacher [Wed, 21 Apr 2004 14:28:06 +0000 (14:28 +0000)]
r313: add the warning about fileaccess as user 'root'
to a README file and DEBUG(0,()) it on each tree connect
metze
Stefan Metzmacher [Wed, 21 Apr 2004 14:19:03 +0000 (14:19 +0000)]
r312: let ntvfs posix backend return NT_STATUS_ACCESS_DENIED in the connect hook
and print out an error message to the debug log which say:
use 'cifs' or 'simple' as ntvfs handler
this also warns about 'root' fileaccess in the 'simple' module
the 'default' ntvfs handler is now registered by the posix backend
metze
Stefan Metzmacher [Wed, 21 Apr 2004 14:13:55 +0000 (14:13 +0000)]
r311: add srvsvc and wkssvc rpc pipes to the default pipes
metze
Stefan Metzmacher [Wed, 21 Apr 2004 14:13:03 +0000 (14:13 +0000)]
r310: add missing ','
metze