Michael Adam [Wed, 29 Jul 2009 12:16:11 +0000 (14:16 +0200)]
s3:dbwrap: change dbwrap_change_uint32_atomic() to return NTSTATUS not uint32_t.
Michael
Michael Adam [Wed, 29 Jul 2009 11:43:29 +0000 (13:43 +0200)]
s3:winbind: in idmap_tdb2_sid_to_id(), use transaction wrapped stores.
When a mapping is not found, then the idmap script is called (if defined).
When this gives a reply for the desired sid, this reply is stored in the db.
This patch wraps theses two store operations into a transaction by re-using
the idmap_tdb2_set_mapping_action() function previously defined
for idmap_tdb2_set_mapping().
Michael
Michael Adam [Wed, 29 Jul 2009 11:36:18 +0000 (13:36 +0200)]
s3:winbind: in idmap_tdb2_id_to_sid(), use transaction wrapped stores.
When a mapping is not found, then the idmap script is called (if defined).
When this gives a reply for the desired id, this reply is stored in the db.
This patch wraps theses two store operations into a transaction by re-using
the idmap_tdb2_set_mapping_action() function previously defined
for idmap_tdb2_set_mapping().
Michael
Michael Adam [Tue, 28 Jul 2009 14:53:37 +0000 (16:53 +0200)]
s3:winbind: use transaction wrapper in idmap_tdb2_allocate_id()
Michael
Michael Adam [Tue, 28 Jul 2009 11:31:09 +0000 (13:31 +0200)]
s3:winbind: use transaction wrapper in idmap_tdb2_set_mapping()
Michael
Volker Lendecke [Tue, 30 Jun 2009 12:26:32 +0000 (14:26 +0200)]
shadow_copy2: The system getrealfilename() can't deal with a 0-length fname
This fixes viewing the content of snapshots in the share root directory. We
have to treat the filename that *just* consists of "@GMT-YYYY.MM.DD-HH.MM.SS"
like the share root, which is the current working directory.
Volker Lendecke [Wed, 29 Jul 2009 08:30:52 +0000 (04:30 -0400)]
Fix unqualified "net join"
Kai, please check!
Thanks,
Volker
Jeremy Allison [Wed, 29 Jul 2009 01:02:10 +0000 (18:02 -0700)]
(Hopefully) fix the problem Kai reported with
net ads leave and IPv6. Ensure all DC lookups
prefer IPv4.
Jeremy.
Andrew Bartlett [Tue, 28 Jul 2009 23:29:50 +0000 (09:29 +1000)]
s4:samba3sam Remove extra newlines that broke samba3sam test
The python ldif parser was changed to be stricter (perhaps too
strict), and the extra newlines broke it.
The problem was masked earlier because errors parsing the LDIF were
considered to be 'end of file', and so no error was raised.
Andrew Bartlett
Andrew Bartlett [Tue, 28 Jul 2009 23:07:49 +0000 (09:07 +1000)]
s4:provision We no longer add krbtgt or kpasswd account into secrets.ldb
Volker Lendecke [Tue, 28 Jul 2009 21:17:07 +0000 (17:17 -0400)]
Remove a duplicate prototype
Jeremy Allison [Tue, 28 Jul 2009 18:51:58 +0000 (11:51 -0700)]
Added prefer_ipv4 bool parameter to resolve_name().
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
Karolin Seeger [Tue, 28 Jul 2009 11:22:35 +0000 (13:22 +0200)]
release-scripts: Remove RFCs in source4/.
Remove RFCs as they are non-free content (with a strict interpretation of
the DFSG). Addresse Debian bug #538034.
Karolin
Ronnie Sahlberg [Tue, 28 Jul 2009 08:24:27 +0000 (18:24 +1000)]
pidl: import a patch to pidl made in the wireshark reporitory.
Original commit message in wireshark SVN (rev 28961):
====
From Kovarththanan Rajaratnam:
More "Cleanup header_field_info definitions"
====
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 28 Jul 2009 06:17:25 +0000 (08:17 +0200)]
s4:gensec/spnego: only generate the mechListMic when the server expects it
This fixes the ntvfs.cifs tests.
metze
Andrew Bartlett [Tue, 28 Jul 2009 08:00:13 +0000 (18:00 +1000)]
Fix compile of py_net.c
Andrew Bartlett [Tue, 28 Jul 2009 06:01:31 +0000 (16:01 +1000)]
s4:libnet Add in a 'credentials' parameter for python libnet_Join
Andrew Bartlett [Tue, 28 Jul 2009 00:55:28 +0000 (10:55 +1000)]
s4:tls Enable GnuTLS back to version 1.4 (an into the future)
We think we have the bug fixed.
Andrew Bartlett
Andrew Bartlett [Tue, 28 Jul 2009 04:05:19 +0000 (14:05 +1000)]
s4:kerberos Add support for user principal names in certificates
This extends the PKINIT code in Heimdal to ask the HDB layer if the
User Principal Name name in the certificate is an alias (perhaps just
by case change) of the name given in the AS-REQ. (This was a TODO in
the Heimdal KDC)
The testsuite is extended to test this behaviour, and the other PKINIT
certficate (using the standard method to specify a principal name in a
certificate) is updated to use a Administrator (not administrator).
(This fixes the kinit test).
Andrew Bartlett
Andrew Bartlett [Mon, 27 Jul 2009 12:04:26 +0000 (22:04 +1000)]
s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain. Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.
(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).
Andrew Bartlett
Jeremy Allison [Mon, 27 Jul 2009 19:09:40 +0000 (12:09 -0700)]
Fix the build breakage by #including modules/vfs_acl_common.c
into acl_tdb and acl_xattr. Duplicates the code size, but keeps
the code in common so I don't have to do bug fixes in two places
(which is what I really cared about).
Jeremy.
Kai Blin [Mon, 27 Jul 2009 15:37:22 +0000 (17:37 +0200)]
s3: net ads user info should print primary group as well (bug #2658)
Thanks to Pavel V. Rochnyack <rpv@muma.tusur.ru> for reporting this and
offering an initial patch.
Shirish Pargaonkar [Mon, 27 Jul 2009 16:02:35 +0000 (12:02 -0400)]
umount.cifs: do not attempt to update /etc/mtab if it is symbolic link
If /etc/mtab is a symbolic link to e.g. /proc/mounts, do not update it.
This is a fix for a bug reported in 4675 on samba bugzilla
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Stefan Metzmacher [Mon, 27 Jul 2009 14:03:03 +0000 (16:03 +0200)]
frstrans.idl: add definition of frstrans_InitializeFileTransferAsync()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 14:02:09 +0000 (16:02 +0200)]
frstrans.idl: add definition of frstrans_AsyncPoll()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 14:01:11 +0000 (16:01 +0200)]
frstrans.idl: add definition of frstrans_RequestVersionVector()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 14:00:00 +0000 (16:00 +0200)]
frstrans.idl: add definition of frstrans_RequestUpdates()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 13:57:32 +0000 (15:57 +0200)]
frstrans.idl: add definition of frstrans_EstablishSession
metze
Stefan Metzmacher [Mon, 27 Jul 2009 13:56:13 +0000 (15:56 +0200)]
frstrans.idl: add definition of frstrans_EstablishConnection()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 13:55:37 +0000 (15:55 +0200)]
frstrans.idl: add definition of frstrans_CheckConnectivity()
metze
Stefan Metzmacher [Mon, 27 Jul 2009 15:35:54 +0000 (17:35 +0200)]
librpc: rerun "make idl_full"
metze
Stefan Metzmacher [Mon, 27 Jul 2009 15:34:37 +0000 (17:34 +0200)]
pidl: allow foo being on the wire after [length_is(foo)] uint8 *buffer
metze
Stefan Metzmacher [Mon, 27 Jul 2009 13:52:16 +0000 (15:52 +0200)]
pidl: add support for [string] on fixed size arrays.
midl also supports this:
struct {
long l1;
[string] wchar_t str[16];
long l2;
};
Where the wire size of str is encoded like a length_is() header:
4-byte offset == 0;
4-byte array length;
The strings are zero terminated.
metze
Stefan Metzmacher [Mon, 27 Jul 2009 15:25:12 +0000 (17:25 +0200)]
Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"
This reverts commit
a40ce5d0d9d06f592a8885162bbaf644006b9f0f.
This breaks the build...
Andrew, please repush it, when it's fixed:-)
metze
Volker Lendecke [Mon, 27 Jul 2009 12:28:52 +0000 (14:28 +0200)]
Lift the event loop in rpc_api_pipe_req() one level into cli_do_rpc_ndr
Volker Lendecke [Mon, 27 Jul 2009 12:47:41 +0000 (14:47 +0200)]
Fix a valgrind error in chain_reply
construct_reply() references the request after chain_reply has freed it.
Volker Lendecke [Sun, 26 Jul 2009 18:56:58 +0000 (20:56 +0200)]
Fix a typo
Volker Lendecke [Sun, 26 Jul 2009 18:20:50 +0000 (20:20 +0200)]
Fix a valgrind error in winbind
When looking for idle clients, we dereferenced state->response. As this is
dynamically allocated now, the proper test is whether state->response exists at
all. This is the case when an async operation is in process at that moment.
Andrew Bartlett [Mon, 27 Jul 2009 12:39:10 +0000 (22:39 +1000)]
s4:kerberos Add test to show that we actually export the keytab
While it is hard to prove it is correct, at least the new
'nettestuser' principal and the Administrator principal are correct.
We had to fix the case of 'Administrator' in the selftest code to
match the DB, as the keytab lookup is case sensitive.
Andrew Bartlett
Andrew Bartlett [Mon, 27 Jul 2009 12:04:26 +0000 (22:04 +1000)]
s4:kerberos Add 'net export keytab' command for wireshark decryption
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain. Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.
(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).
Andrew Bartlett
Andrew Bartlett [Mon, 27 Jul 2009 06:09:25 +0000 (16:09 +1000)]
s4:kdc Push context to hdb_samba4 by way of the 'name' of the DB
This overloads the 'name' part of the keytab name to supply a context
pointer, and so avoids 3 global variables!
To do this, we had to stop putting the entry for kpasswd into the
secrets.ldb. (I don't consider this a big loss, and any entry left
there by an upgrade will be harmless).
Andrew Bartlett
Andrew Bartlett [Mon, 27 Jul 2009 06:07:04 +0000 (16:07 +1000)]
s4:setup add 'cn' attribute to Samba4 local schema
(We recently made the ms_schema.py script also add this attribute)
Andrew Bartlett [Mon, 27 Jul 2009 03:50:50 +0000 (13:50 +1000)]
s4:heimdal Extend the 'hdb as a keytab' code
This extends the hdb_keytab code to allow enumeration of all the keys.
The plan is to allow ktutil's copy command to copy from Samba4's
hdb_samba4 into a file-based keytab used in wireshark.
One day, with a few more hacks, we might even make this a loadable
module that can be used directly...
Andrew Bartlett
Andrew Bartlett [Mon, 27 Jul 2009 03:48:45 +0000 (13:48 +1000)]
s4:kdc Tidy up hdb_samba4 some more
This removes the last use of the prefix hdb_ldb and makes it clear
that we pass in 3 global variables to get state information into
hdb_samba4 when used as a keytab. (And that they belong to
hdb_samba4, not to the KDC)
Andrew Bartlett
Michael Adam [Mon, 27 Jul 2009 11:33:38 +0000 (13:33 +0200)]
docs: fix typos in the net man page.
Noted by Oota Toshiya <t-oota@dh.jp.nec.com> .
Michael
Volker Lendecke [Sun, 26 Jul 2009 21:20:54 +0000 (17:20 -0400)]
Fix some nonempty blank lines
Volker Lendecke [Mon, 27 Jul 2009 10:36:31 +0000 (12:36 +0200)]
Fix a valgrind error in cli_ctemp_done
For performance reasons cli_smb_recv does not make copies of the buffers we
received from the client, so both "vwv" and "bytes" vanish with
TALLOC_FREE(subreq). I know this is a bit counter-intuitive, but I think in
this case it's justified not to make copies.
Comments?
Volker Lendecke [Sun, 26 Jul 2009 20:04:59 +0000 (22:04 +0200)]
Fix valgrind errors in DeleteDomainGroup and DeleteDomAlias
Volker Lendecke [Sun, 26 Jul 2009 13:38:10 +0000 (15:38 +0200)]
Fix a valgrind error in _samr_DeleteUser
The close_handle invalidates uinfo
Volker Lendecke [Sat, 25 Jul 2009 17:21:57 +0000 (13:21 -0400)]
Fix a 32/64bit stack corruption bug
Volker Lendecke [Sat, 25 Jul 2009 17:11:08 +0000 (13:11 -0400)]
Cleanup patch after "new VFS"
Volker Lendecke [Sat, 25 Jul 2009 17:10:55 +0000 (13:10 -0400)]
Cleanup patch after "struct stat_ex"
Volker Lendecke [Sat, 25 Jul 2009 16:57:46 +0000 (12:57 -0400)]
Remove a pointless static fstring
Volker Lendecke [Sat, 25 Jul 2009 16:56:06 +0000 (12:56 -0400)]
No explicit initialization necessary for a zero blob
Volker Lendecke [Fri, 24 Jul 2009 23:47:39 +0000 (19:47 -0400)]
Move 16 bytes from data to r/o text segment
Volker Lendecke [Fri, 24 Jul 2009 23:03:45 +0000 (19:03 -0400)]
Fix a winbind memleak
Volker Lendecke [Fri, 24 Jul 2009 18:58:36 +0000 (14:58 -0400)]
Use a switch statement in charset_name()
Volker Lendecke [Fri, 24 Jul 2009 17:28:48 +0000 (13:28 -0400)]
Fix some nonempty blank lines
Volker Lendecke [Sat, 25 Jul 2009 16:33:11 +0000 (12:33 -0400)]
First patch for "new VFS" portability
Tim Prouty [Sat, 25 Jul 2009 01:38:40 +0000 (18:38 -0700)]
s3: Convert a few callers of unix_convert() over to filename_convert()
This patch also changes the unix convert flags to make sure the
correct semantics are preservered for allowing/disallowing wildcards
in the last component of the path.
Tim Prouty [Fri, 24 Jul 2009 23:05:44 +0000 (16:05 -0700)]
s3: Remove a few callers of get_full_smb_filename()
Tim Prouty [Sat, 25 Jul 2009 00:09:42 +0000 (17:09 -0700)]
s3 onefs: Fix the onefs modules after the big refactoring
Jeremy Allison [Sat, 25 Jul 2009 00:06:41 +0000 (17:06 -0700)]
Factor out common code into vfs_acl_common.c.
Jeremy.
Tim Prouty [Fri, 24 Jul 2009 18:39:56 +0000 (11:39 -0700)]
s3: Simplify rename_internals() by passing in smb_filename structs
Tim Prouty [Fri, 24 Jul 2009 19:13:07 +0000 (12:13 -0700)]
s3: Allow filename_convert() to pass through unix_convert_flags and let the caller know if the path has a wildcard
This also eliminates the need for resolve_dfspath().
Jeremy Allison [Fri, 24 Jul 2009 21:47:52 +0000 (14:47 -0700)]
Make acl_tdb match acl_xattr. Large duplication of
code here needs tidying up. Compiles but not yet tested.
Jeremy.
Jeremy Allison [Fri, 24 Jul 2009 21:13:42 +0000 (14:13 -0700)]
For some strange reason using :
uint8 hash[XATTR_SD_HASH_SIZE];
doesn't have the same effect as :
uint8 hash[64];
Jeremy.
Jeremy Allison [Fri, 24 Jul 2009 21:09:42 +0000 (14:09 -0700)]
Fix hash function in acl_xattr to be SHA256, make
the hash function selectable. Upgrade version.
Compiles but not fully tested yet (coming). Make
vfs_acl_tdb.c compile - this needs updating to
match acl_xattr (also coming soon).
Jeremy.
Volker Lendecke [Fri, 24 Jul 2009 17:21:45 +0000 (13:21 -0400)]
add my copyright after the VFS rewrite
Volker Lendecke [Fri, 24 Jul 2009 14:43:02 +0000 (10:43 -0400)]
Move the "enum _vfs_op_type" to full_audit
It's only used there now. Someone should now go in and simplify full_audit...
:-)
Volker Lendecke [Fri, 24 Jul 2009 00:28:58 +0000 (20:28 -0400)]
Make the smbd VFS typesafe
Volker Lendecke [Sun, 19 Jul 2009 18:53:11 +0000 (14:53 -0400)]
Fix the chain2 test
Volker Lendecke [Sun, 19 Jul 2009 18:52:07 +0000 (14:52 -0400)]
In chain_reply, copy the subrequests' error to the main request
Volker Lendecke [Fri, 24 Jul 2009 14:21:07 +0000 (10:21 -0400)]
Fix a few uninitialized variable warnings
I know those warnings are bogus, but both Coverity and gcc don't get it.
Stefan Metzmacher [Fri, 24 Jul 2009 07:37:12 +0000 (09:37 +0200)]
s4:gensec_gssapi: pass the correct oid to the gssapi layer.
metze
Stefan Metzmacher [Fri, 24 Jul 2009 07:33:06 +0000 (09:33 +0200)]
s4:gensec/spengo: make sure we send the blob with the micListMech signature to the peer
We should even do this if the submech has no more data to send.
metze
Volker Lendecke [Sun, 19 Jul 2009 01:29:15 +0000 (21:29 -0400)]
Some more VFS type errors
Volker Lendecke [Sat, 18 Jul 2009 16:27:28 +0000 (18:27 +0200)]
Fix some nonempty blank lines
Volker Lendecke [Sun, 19 Jul 2009 01:28:54 +0000 (21:28 -0400)]
Fix some C++ warnings
Stefan Metzmacher [Thu, 23 Jul 2009 15:54:02 +0000 (17:54 +0200)]
s4:ldb: add support for the new Recycle Bin Feature LDAP controls
LDB_CONTROL_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064
LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065
metze
Stefan Metzmacher [Thu, 23 Jul 2009 15:52:23 +0000 (17:52 +0200)]
s4:libcli/ldap: add support for new Recycle Bin Feature LDAP Controls
LDAP_SERVER_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064
LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065
metze
Stefan Metzmacher [Thu, 23 Jul 2009 11:02:56 +0000 (13:02 +0200)]
frsrpc.idl: add definition of frsrpc_FrsNOP()
metze
Stefan Metzmacher [Thu, 23 Jul 2009 11:01:42 +0000 (13:01 +0200)]
frsrpc.idl: add idl for frsrpc_FrsVerifyPromotionParent()
metze
John H Terpstra [Thu, 23 Jul 2009 14:50:04 +0000 (09:50 -0500)]
Fix typos reported by OPC Oota.
John H Terpstra [Thu, 23 Jul 2009 14:33:06 +0000 (09:33 -0500)]
Merge branch 'master' of ssh://jht@git.samba.org/data/git/samba
Matthias Dieter Wallnöfer [Wed, 22 Jul 2009 18:15:58 +0000 (20:15 +0200)]
[SAMBA 4 / NETLOGON] Modify type of SAM contexts
In the SAMBA 4 DCE/RPC NETLOGON server the SAM context references have generally
the type "void *". But we know that those context objects are based on the "struct
ldb_context" type. We've always to cast for using a SAM/LDB call.
This I didn't find very appealing and so I assigned the right (detailed) type to each "sam_ctx".
Therefore, the casts could disappear.
Also this change is only cosmetic.
Stefan Metzmacher [Wed, 22 Jul 2009 08:55:39 +0000 (10:55 +0200)]
frstrans.idl: add new DFS-R FrsTransport interface with dummy functions
metze
Stefan Metzmacher [Wed, 22 Jul 2009 13:48:32 +0000 (15:48 +0200)]
frsrpc.idl: add definition for frsrpc_FrsStartPromotionParent()
metze
Tim Prouty [Wed, 22 Jul 2009 16:52:09 +0000 (09:52 -0700)]
s3: Change unix_convert to use an smb_filename struct internally
This allows SMB_VFS_[L]STAT to be called directly. Additionally, I
changed NTSTATUS result to be named status for consistency.
I also removed the stat_cache_add() from build_stream_path() because
stat_cache_lookup() is never actually called on a file with a stream.
There is no reason why the stat cache couldn't be consulted for
streams in the future.
Jeremy/Volker, please take a look at this one when you get a chance.
Tim Prouty [Tue, 21 Jul 2009 22:55:25 +0000 (15:55 -0700)]
s3: Convert some callers of vfs_lstat_smb_fname to SMB_VFS_LSTAT()
Tim Prouty [Tue, 21 Jul 2009 20:57:56 +0000 (13:57 -0700)]
s3: Convert some callers of vfs_stat_smb_fname to SMB_VFS_STAT()
Stefan Metzmacher [Wed, 22 Jul 2009 09:05:21 +0000 (11:05 +0200)]
librpc: fix the merged build of ndr_frsrpc.c
metze
Kai Blin [Sun, 5 Jul 2009 07:21:07 +0000 (09:21 +0200)]
Revert "net: Use samba default command line arguments."
This reverts commit
fb262f79fab00374023e59476e8d05a1015a7041
and related commits
c36031778e1983ddb11d3e1fcab35e738dbf94bc
72fd5fa6bb78a054fad5e5ebe19a0c0387a7d45b and
38cd0e086f50ce54d88a19aa5a6803469af90489
This change caused more trouble than it solved. We need to do this differently.
Reverting so we don't accidently release this.
Andrew Bartlett [Wed, 22 Jul 2009 08:04:58 +0000 (18:04 +1000)]
s4:provision Fix provision on FreeBSD
We were missing the 'cn' attribute, which we then prepare a sorted
list based on. On Linux, strcmp(NULL, NULL) does not segfault, where
it does on FreeBSD.
Reported by Timur I. Bakeyev <timur@com.bat.ru>
Andrew Bartlett
Tim Prouty [Tue, 21 Jul 2009 18:37:51 +0000 (11:37 -0700)]
s3: plumb smb_filename through some of the trans2 posix_* functions
Tim Prouty [Tue, 21 Jul 2009 18:35:17 +0000 (11:35 -0700)]
s3: Remove unnecessary callers of get_full_smb_filename
This often times means explicitly denying certain operations on a stream
as they are not supported or don't make sense at a particular level. At
some point in the future these can be enabled, but for now it's better to
remove ambiguity
Tim Prouty [Tue, 21 Jul 2009 17:28:28 +0000 (10:28 -0700)]
s3: Remove the now unused fname parameter from filename_convert()
Tim Prouty [Tue, 21 Jul 2009 17:19:00 +0000 (10:19 -0700)]
s3: Fix RENAME_FLAG_RENAME path to stop calling unix_convert twice
Tim Prouty [Tue, 21 Jul 2009 17:18:10 +0000 (10:18 -0700)]
s3: Remove unnecessary fname argument from callers of filename_convert
Tim Prouty [Tue, 21 Jul 2009 16:29:59 +0000 (09:29 -0700)]
s3: Plumb smb_filename through map_open_params_to_ntcreate