Jelmer Vernooij [Sun, 14 Nov 2010 23:45:48 +0000 (00:45 +0100)]
auth/ntlm: Use name consistent with other service names.
Andrew Bartlett [Mon, 15 Nov 2010 01:10:33 +0000 (12:10 +1100)]
auth/gensec Handle incorrect username or password in Kerberos client code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Nov 15 02:09:40 UTC 2010 on sn-devel-104
Andrew Bartlett [Sun, 14 Nov 2010 22:08:43 +0000 (09:08 +1100)]
s4-kdc update startup routines after heimdal update
We should check the errors from krb5_kdc_windc_init and we now need to
additionally run krb5_kdc_pkinit_config()
Andrew Bartlett
Andrew Bartlett [Fri, 12 Nov 2010 04:37:07 +0000 (15:37 +1100)]
s4-kdc Remove use of heimdal private headers in kpasswd server.
This remains an abuse, because it relies on setting into the krb5_principal
structure, but at least it causes less trouble for the server.
Andrew Bartlett
Andrew Bartlett [Fri, 12 Nov 2010 04:27:43 +0000 (15:27 +1100)]
heimdal Extra files required for merge up to current heimdal
Andrew Bartlett [Fri, 12 Nov 2010 02:15:57 +0000 (13:15 +1100)]
heimdal regenate lex and yacc files
Andrew Bartlett [Fri, 12 Nov 2010 02:14:00 +0000 (13:14 +1100)]
Add attribute macros for Heimdal to use
Heimdal uses HEIMDAL_NORETURN_ATTRIBUTE and HEIMDAL_PRINTF_ATTRIBUTE,
and we need to provide a link between these and Samba's function
attribute handling.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Nov 2010 00:27:33 +0000 (11:27 +1100)]
Jelmer Vernooij [Sun, 14 Nov 2010 23:44:30 +0000 (00:44 +0100)]
s4/dns: Build as shared module.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Nov 15 00:57:27 UTC 2010 on sn-devel-104
Andrew Tridgell [Sun, 14 Nov 2010 21:41:16 +0000 (08:41 +1100)]
s4-kdc: if "bind interfaces only" is false, then also listen on wildcard
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 15 00:13:59 UTC 2010 on sn-devel-104
Andrew Tridgell [Sun, 14 Nov 2010 23:12:22 +0000 (10:12 +1100)]
s4-server: make server sockets a child of the task context
We previously allocated sockets as direct children of the event
context. That led to crashes if a service called
task_server_terminate(), as it left the socket open and handling
events for a dead protocol.
Making them a child of the task allows the task to terminate and take
all its sockets with it.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Sun, 14 Nov 2010 21:27:04 +0000 (08:27 +1100)]
samba-tool: fixed crash in "samba-tool drs showrepl"
the source_dsa_obj_dn can be NULL
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Sun, 14 Nov 2010 16:36:51 +0000 (17:36 +0100)]
web_server: Build as module.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 14 17:58:05 UTC 2010 on sn-devel-104
Jelmer Vernooij [Sun, 14 Nov 2010 16:31:26 +0000 (17:31 +0100)]
kcc/drepl: Build as service.
Jelmer Vernooij [Sun, 14 Nov 2010 16:26:29 +0000 (17:26 +0100)]
winbind: Build as shared module.
Jelmer Vernooij [Sun, 14 Nov 2010 16:09:34 +0000 (17:09 +0100)]
Build wrepl server as service by default.
Jelmer Vernooij [Sun, 14 Nov 2010 13:49:03 +0000 (14:49 +0100)]
Add myself as maintainer for pytevent, pytalloc, pytdb and pyldb.
Jelmer Vernooij [Sun, 14 Nov 2010 13:32:13 +0000 (14:32 +0100)]
Re-enable ldb-cmdline for the moment, as it is used by oLschema2ldif.
Jelmer Vernooij [Sun, 14 Nov 2010 12:40:58 +0000 (13:40 +0100)]
Don't build ldb tools when there is a system provided ldb.
Volker Lendecke [Sun, 14 Nov 2010 14:15:52 +0000 (15:15 +0100)]
s3: string_to_sid does thorough syntax checking
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Nov 14 14:07:29 UTC 2010 on sn-devel-104
Volker Lendecke [Sun, 14 Nov 2010 13:11:24 +0000 (14:11 +0100)]
s3: Avoid two calls cli_errstr
Volker Lendecke [Thu, 11 Nov 2010 15:29:33 +0000 (16:29 +0100)]
s3: Convert cli_get_posix_fs_info() to cli_trans()
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Nov 14 10:24:02 UTC 2010 on sn-devel-104
Jeremy Allison [Sun, 14 Nov 2010 04:32:36 +0000 (20:32 -0800)]
Fix the unexpected.tdb database problem. Change nmbd to store the
transaction id of packets it was requested to send via a client, and
only store replies that match these ids. On the client side change
clients to always attempt to ask nmbd first for name_query and
node_status calls, and then fall back to doing socket calls if
we can't talk to nmbd (either nmbd is not running, or we're not
root and cannot open the messaging tdb's). Fix readers of unexpected.tdb
to delete packets they've successfully read.
This should fix a long standing problem of unexpected.tdb
growing out of control in noisy NetBIOS envioronments with
lots of bradcasts, yet still allow unprivileged client apps
to work mostly as well as they already did (nmblookup for
example) in an environment when nmbd isn't running.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
Jeremy Allison [Sun, 14 Nov 2010 04:28:41 +0000 (20:28 -0800)]
Move error reporting of messaging context creation fail into
the daemons themselves. Allows client utilities to silently
fail to create a messaging context due to access denied on the
messaging tdb (which I need for the following patch).
Jeremy.
Andrew Tridgell [Sun, 14 Nov 2010 03:26:06 +0000 (14:26 +1100)]
s4-auth: fixed infinite loop in krb5 auth
we were continually trying the first address returned, instead of
moving to the next address
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sun Nov 14 04:11:28 UTC 2010 on sn-devel-104
Andrew Tridgell [Sun, 14 Nov 2010 02:40:02 +0000 (13:40 +1100)]
s4-auth: fixed crash in krb5 auth
remote_addr was used after free
Björn Jacke [Sat, 13 Nov 2010 15:58:41 +0000 (16:58 +0100)]
s3/doc: add missing documentation for vfs_time_audit
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Sat Nov 13 17:13:24 UTC 2010 on sn-devel-104
Matthias Dieter Wallnöfer [Sat, 13 Nov 2010 11:47:53 +0000 (12:47 +0100)]
s4:password_hash LDB module - return "ERR_CONSTRAINT_VIOLATION" on password conversion errors
This errors can happen also on a regular basis - then we shouldn't return
ERR_OPERATIONS_ERROR (this error code is reserved for very serious failures).
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 13 12:37:36 UTC 2010 on sn-devel-104
Matthias Dieter Wallnöfer [Sat, 13 Nov 2010 11:33:26 +0000 (12:33 +0100)]
s4:upgradeprovision - why not directly use "provision:0"?
Matthias Dieter Wallnöfer [Sat, 13 Nov 2010 11:25:40 +0000 (12:25 +0100)]
s4:objectclass LDB module - multiple "objectClass" change elements are unfortunately still allowed
The test message has been compressed - therefore I've now used "modify_ldif".
Andrew Tridgell [Sat, 13 Nov 2010 08:08:45 +0000 (19:08 +1100)]
s4-drs: fixed a crash in writspn
sam_ctx_system may be NULL for non-privileged users
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 13 08:52:53 UTC 2010 on sn-devel-104
Andrew Tridgell [Sat, 13 Nov 2010 01:18:19 +0000 (12:18 +1100)]
s4-test: we need to import testtools before subunit/python
subunit/python depends on testtools
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 13 02:02:45 UTC 2010 on sn-devel-104
Matthieu Patou [Tue, 19 Oct 2010 13:24:27 +0000 (17:24 +0400)]
ktpass: also use userPrincipalName for locating the principal
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Fri Nov 12 20:24:23 UTC 2010 on sn-devel-104
Matthieu Patou [Tue, 19 Oct 2010 13:23:57 +0000 (17:23 +0400)]
ktpass: fix the search path for when running in samba's source dir
Matthieu Patou [Fri, 12 Nov 2010 17:45:07 +0000 (20:45 +0300)]
python: use the ldbMessage + modify notation instead of modify_ldif that we try to avoid
Matthieu Patou [Mon, 8 Nov 2010 11:09:04 +0000 (14:09 +0300)]
Fix typo
Matthieu Patou [Tue, 26 Oct 2010 12:38:42 +0000 (16:38 +0400)]
unit tests: add testing for dns account password change
Matthieu Patou [Fri, 12 Nov 2010 17:00:57 +0000 (20:00 +0300)]
upgradeprovision: use relaxed control while adding missing object container
Matthieu Patou [Tue, 26 Oct 2010 12:37:50 +0000 (16:37 +0400)]
upgradeprovision: fix pb with dns-hostname, regenerate a correct keytab
Matthieu Patou [Sat, 23 Oct 2010 18:01:30 +0000 (22:01 +0400)]
upgradeprovision: use the relax/(upgrade)provision when modifying object
For certain attribute we use the relax/provision control so that we
try to respect checks as this is not a good idea to always force
unwanted behavior.
Matthieu Patou [Sat, 23 Oct 2010 18:00:04 +0000 (22:00 +0400)]
upgradeprovision: use the (upgrade)provision control also
Matthieu Patou [Sat, 23 Oct 2010 17:57:16 +0000 (21:57 +0400)]
upgradeprovision: update revision for forestupdate and domainupdate objects
Matthieu Patou [Fri, 12 Nov 2010 16:58:09 +0000 (19:58 +0300)]
samldb: relax groupType modification checks
Allow programs with the PROVISION control to bypass groupType checks.
This is needed by upgradeprovision for older alpha (11, 10 ...)
Matthieu Patou [Fri, 22 Oct 2010 09:37:32 +0000 (13:37 +0400)]
Update WHATSNEW4 to add information related to samba_backup
Matthieu Patou [Fri, 22 Oct 2010 09:28:40 +0000 (13:28 +0400)]
Add a script to make backup of samba provision
Matthias Dieter Wallnöfer [Fri, 12 Nov 2010 18:49:47 +0000 (19:49 +0100)]
s4:objectclass LDB module - we should not simply ignore additional "objectClass" attribute changes
There first one we perform all other tentatives are terminated with
ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows).
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104
Matthias Dieter Wallnöfer [Fri, 12 Nov 2010 18:28:48 +0000 (19:28 +0100)]
s4:repl_meta_data LDB module - convert two debug messages into error messages
These regarding "objectGUID".
Matthias Dieter Wallnöfer [Fri, 12 Nov 2010 17:57:57 +0000 (18:57 +0100)]
s4:samldb/objectclass_attrs LDB modules - move "description" logic from "objectclass_attrs" into "samldb"
This according to an answer from dochelp is SAM specific behaviour.
Jelmer Vernooij [Fri, 12 Nov 2010 17:27:46 +0000 (18:27 +0100)]
waf/samba_version: Simplify git show command.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Fri Nov 12 18:38:21 UTC 2010 on sn-devel-104
Jelmer Vernooij [Fri, 12 Nov 2010 17:20:02 +0000 (18:20 +0100)]
samba_version: Make COMMIT_IS_CLEAN an int rather than a string.
Jelmer Vernooij [Fri, 12 Nov 2010 17:19:00 +0000 (18:19 +0100)]
samba_version: Simplify dirty tree detection.
Jelmer Vernooij [Fri, 12 Nov 2010 17:06:43 +0000 (18:06 +0100)]
waf/samba_version: Support integer defines.
Jelmer Vernooij [Fri, 12 Nov 2010 17:06:20 +0000 (18:06 +0100)]
s3: Rename GIT_COMMIT_{TIME,DATE} to COMMIT_{TIME,DATE}.
This avoids some special casing in the waf code.
Jelmer Vernooij [Fri, 12 Nov 2010 16:59:07 +0000 (17:59 +0100)]
s4: Remove obsolete mkversion.sh
Jelmer Vernooij [Fri, 12 Nov 2010 16:54:41 +0000 (17:54 +0100)]
samba_version: When working from git checkout, display git revision SHA1 rather
than Bazaar revision ids.
Jelmer Vernooij [Fri, 12 Nov 2010 16:26:06 +0000 (17:26 +0100)]
samba_version: Support retrieving snapshot identity from bzr.
Jelmer Vernooij [Fri, 12 Nov 2010 16:18:30 +0000 (17:18 +0100)]
samba_version: Cope with building snapshots in directories without git checkout.
Error out when run in a git checkout in which git fails.
Jelmer Vernooij [Fri, 12 Nov 2010 16:13:37 +0000 (17:13 +0100)]
Put git tree finding into a separate function.
Jelmer Vernooij [Fri, 12 Nov 2010 16:08:09 +0000 (17:08 +0100)]
sambaversion.py: Some cleanups, make less git-specific.
Jelmer Vernooij [Fri, 12 Nov 2010 16:00:42 +0000 (17:00 +0100)]
wafsamba: Support make dist from bzr checkout.
Jelmer Vernooij [Fri, 12 Nov 2010 15:23:03 +0000 (16:23 +0100)]
torture: Only add in tests for socket_wrapper/nss_wrapper when they have been enabled.
Jelmer Vernooij [Fri, 12 Nov 2010 15:22:43 +0000 (16:22 +0100)]
unix_privs: Add missing dependency on libreplace.
Jelmer Vernooij [Fri, 12 Nov 2010 15:22:16 +0000 (16:22 +0100)]
socket_wrapper: Only add as global dependency when enabled.
Jelmer Vernooij [Fri, 12 Nov 2010 15:12:14 +0000 (16:12 +0100)]
heimdal_build: Add missing dependency on replace, necessary because replace.h is included.
Jelmer Vernooij [Fri, 12 Nov 2010 11:55:14 +0000 (12:55 +0100)]
s4-waf: Only enable various wrappers if they're actually used.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Fri Nov 12 14:33:34 UTC 2010 on sn-devel-104
Jelmer Vernooij [Fri, 12 Nov 2010 11:17:45 +0000 (12:17 +0100)]
Lowercase DNS_UPDATE_SRV name.
Stefan Metzmacher [Thu, 11 Nov 2010 08:36:25 +0000 (09:36 +0100)]
tdb: set tdb->name early, as it's needed for tdb_name()
tdb_name() might be used within the given log function,
which might be called from within tdb_open_ex().
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov 12 11:22:21 UTC 2010 on sn-devel-104
Andrew Tridgell [Fri, 12 Nov 2010 06:23:34 +0000 (17:23 +1100)]
s4-kdc: added proxying of kdc requests for RODCs
when we are an RODC and we get a request for a principal that we don't
have the right secrets for, we need to proxy the request to a
writeable DC. This happens for both TCP and UDP requests, for both
krb5 and kpasswd
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Nov 12 08:03:20 UTC 2010 on sn-devel-104
Andrew Bartlett [Fri, 12 Nov 2010 01:32:50 +0000 (12:32 +1100)]
s4-kdc Return HDB_ERR_NOT_FOUND_HERE on un-revealed accounts on an RODC
This means that when we are an RODC, and an account does not have the
password attributes, we can now indicate to the kdc code that it
should forward the request to a real DC.
(The proxy code itself is not in this commit).
Andrew Bartlett
Andrew Bartlett [Fri, 12 Nov 2010 01:31:33 +0000 (12:31 +1100)]
heimdal Return HDB_ERR_NOT_FOUND_HERE to the caller
This means that no reply packet should be generated, but that instead
the user of the libkdc API should forward the packet to a real KDC,
that has a full database.
Andrew Bartlett
Andrew Tridgell [Thu, 11 Nov 2010 03:22:40 +0000 (14:22 +1100)]
s4-kdc: split the kdc process return into a tri-state
this is in preparation for doing forwarding of packets for RODCs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 11 Nov 2010 03:13:01 +0000 (14:13 +1100)]
s4-kdc: we don't need the special include handling now
the special handling was to cope with the conflict with the kdc.h
header
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 11 Nov 2010 03:09:41 +0000 (14:09 +1100)]
s4-kdc: rename kdc/kdc.h to kdc/kdc-glue.h
kdc.h conflicts with a heimdal header name
Kamen Mazdrashki [Wed, 10 Nov 2010 04:14:20 +0000 (06:14 +0200)]
s4-tests: Make repl_schema.py test part of Samba4 test suite
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Thu Nov 11 19:38:18 UTC 2010 on sn-devel-104
Kamen Mazdrashki [Wed, 10 Nov 2010 01:45:22 +0000 (03:45 +0200)]
s4-repl: Propagate remote prefixMap in DRSUAPI data conversion functions
Kamen Mazdrashki [Wed, 10 Nov 2010 00:32:29 +0000 (02:32 +0200)]
s4-dsdb_syntax: Warning message that we can't find requested ATTID in Schema Cache
Kamen Mazdrashki [Tue, 9 Nov 2010 02:36:24 +0000 (04:36 +0200)]
s4-prefixMap: dsdb_schema_pfm_oid_from_attid() to use const prefixMap
It is not supposed to change supplied prefixMap
Kamen Mazdrashki [Tue, 9 Nov 2010 02:12:57 +0000 (04:12 +0200)]
s4-dsdb_syntax: Use remote prefixMap to handle generic cases in drsuapi_to_ldb conversions
Kamen Mazdrashki [Tue, 9 Nov 2010 02:12:16 +0000 (04:12 +0200)]
s4-dsdb_syntax: Add remote prefixMap member for dsdb_syntax conversions
Kamen Mazdrashki [Sun, 7 Nov 2010 21:04:33 +0000 (23:04 +0200)]
s4-repl: dsdb_extended_replicated_objects_convert -> dsdb_replicated_objects_convert/
It is part of dsdb_replicated_* family of functions
Kamen Mazdrashki [Sun, 7 Nov 2010 20:51:11 +0000 (22:51 +0200)]
s4-repl: dsdb_extended_replicated_objects_commit -> dsdb_replicated_objects_commit
It is part of dsdb_replicated_* family of functions
Kamen Mazdrashki [Sun, 7 Nov 2010 19:47:39 +0000 (21:47 +0200)]
s4-repl: dsdb_convert_object -> dsdb_origin_object_convert
It is used in dsdb_origin_objects_commit() func,
hence the dsdb_origin_ prefix
Kamen Mazdrashki [Thu, 11 Nov 2010 18:19:47 +0000 (20:19 +0200)]
s4-test: repl_schema - Make sure LdbError and ERR_NO_SUCH_OBJECT are visible
Volker Lendecke [Thu, 11 Nov 2010 18:08:20 +0000 (19:08 +0100)]
s3: Well... Fix a stupid error
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Nov 11 18:54:00 UTC 2010 on sn-devel-104
Volker Lendecke [Thu, 11 Nov 2010 14:58:34 +0000 (15:58 +0100)]
s3: Make cli_set_ea_fnum return NTSTATUS
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Nov 11 16:59:27 UTC 2010 on sn-devel-104
Volker Lendecke [Thu, 11 Nov 2010 14:51:46 +0000 (15:51 +0100)]
s3: Make cli_set_ea_path return NTSTATUS
Volker Lendecke [Thu, 11 Nov 2010 14:51:16 +0000 (15:51 +0100)]
s3: Remove two pointless variables
Volker Lendecke [Thu, 11 Nov 2010 14:40:06 +0000 (15:40 +0100)]
s3: Convert cli_set_ea() to cli_trans()
Volker Lendecke [Thu, 11 Nov 2010 13:54:25 +0000 (14:54 +0100)]
s3: Convert cli_dfs_get_referral to cli_trans
Volker Lendecke [Thu, 11 Nov 2010 13:46:58 +0000 (14:46 +0100)]
s3: cli_dfs_check_error does not need to depend on cli->inbuf
Volker Lendecke [Thu, 11 Nov 2010 13:04:06 +0000 (14:04 +0100)]
s3: Make split_dfs_path return bool
Volker Lendecke [Thu, 11 Nov 2010 12:45:00 +0000 (13:45 +0100)]
s3: Remove some dead code
Volker Lendecke [Thu, 11 Nov 2010 12:44:28 +0000 (13:44 +0100)]
s3: Untangle an if-expression
Anatoliy Atanasov [Mon, 8 Nov 2010 06:11:11 +0000 (08:11 +0200)]
s4/test: Expand BindTest
The test now binds with user@realm, domain\user, user dn, computer dn
Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-Date: Thu Nov 11 16:15:30 UTC 2010 on sn-devel-104
Anatoliy Atanasov [Fri, 5 Nov 2010 07:27:48 +0000 (09:27 +0200)]
s4/test: Add bind.py to make test
bind.py is a place to have tests for ldb binding with different credentials.
For starter we have a simple bind with machine account.
Andrew Bartlett [Thu, 11 Nov 2010 09:44:16 +0000 (20:44 +1100)]
heimdal Don't dereference NULL in error verify_checksum error path
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Nov 11 10:37:03 UTC 2010 on sn-devel-104
Andrew Bartlett [Thu, 11 Nov 2010 08:55:26 +0000 (19:55 +1100)]
s4-provision UTF16 encode the password in sam.ldb, not secrets.ldb
The password in secrets.ldb is UTF8, while clearTextPassword in
sam.ldb is UTF16.
This corrects commit
bd5039546e520b6d6897a658bc0a358f0511f7c7, which
had these the wrong way around.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Nov 2010 07:36:06 +0000 (18:36 +1100)]
s4-dsdb Remove incorrectly declared ** variable used as *.
The cleartext_utf16_str variable was declared char **, but due to the
cast on convert_string_talloc() and the lack of type checking here and
on data_blob_const (due to void *) it was able to be used as if it was
a char *.
The simple solution seems to be to fill in cleartext_utf16 blob directly.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Nov 2010 07:33:14 +0000 (18:33 +1100)]
s4-dsdb Convert new krbtgt_xxx password into UTF16
The new stricter test on clearTextPassword values caught out that
we did not provide a utf16 password here.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Nov 2010 06:59:16 +0000 (17:59 +1100)]
s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8
The UTF16MUNGED helper will map all invalid sequences (except odd
input length) to valid input sequences, per the rules. Therefore if
it fails, we need to bail out, somehing serious is wrong.
Andrew Bartlett