summaryrefslogtreecommitdiff
path: root/source3/winbindd/winbindd_dual_srv.c
Commit message (Collapse)AuthorAgeFilesLines
* winbind: Remove unused wbint_Gid2SidVolker Lendecke2016-02-221-5/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* winbind: Remove unused wbint_Uid2SidVolker Lendecke2016-02-221-5/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* winbind: Add wbint_UnixIDs2SidsVolker Lendecke2016-02-221-0/+30
| | | | | | | | | The idmap backend function is doing multiple conversions in one run, but this is not used so far. First step in exposing plural xid2sid. This is a fake routine in that it does the one-element calls, but you have to start somewhere. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* winbind: Simplify _wbint_Sids2UnixIDsVolker Lendecke2016-02-221-76/+77
| | | | | | | | Same number of lines, but from my point of view quite a bit simpler now that we only have to handle one domain. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Revert "winbind: Retry after SESSION_EXPIRED error in ping-dc"Christof Schmitt2016-01-131-8/+0
| | | | | | | | | | | | | | This reverts commit a2670f15dea27c10e3827216adf572f9c3894f85. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11670 cm_connect_netlogon now handles the retry for an expired session. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jan 13 03:35:57 CET 2016 on sn-devel-144
* idmap: Remove "domname" from idmap_gid_to_sidVolker Lendecke2015-08-241-2/+1
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
* idmap: Remove "domname" from idmap_uid_to_sidVolker Lendecke2015-08-241-2/+1
| | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
* CID 1311763: Fix incorrect return valueAndreas Schneider2015-07-151-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbindd: implement winbind_GetForestTrustInformation()Stefan Metzmacher2015-07-081-1/+200
| | | | | | | | We use in internal connection to our local LSA server in order to update the local msDS-TrustForestTrustInfo attribute. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc/idl: add winbind_GetForestTrustInformation()Stefan Metzmacher2015-07-081-0/+13
| | | | | | | | This will be used by the netr_DrsGetForestTrustInformation() in order to contact remote domains via winbindd. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: implement _winbind_LogonControl*()Stefan Metzmacher2015-07-081-0/+583
| | | | | | | | | | | This implements NETLOGON_CONTROL_{REDISCOVER,TC_QUERY,TC_VERIFY,CHANGE_PASSWORD}. These are triggered by the netlogon server (currently only as AD DC) via IRPC. While NETLOGON_CONTROL_REDISCOVER ignores an optional '\dcname' at the end of the specified domain name for now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc/idl: add winbind_LogonControl()Stefan Metzmacher2015-07-081-0/+13
| | | | | | | | This will be used by the netr_LogonControl() in order to contact remote domains via winbindd. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: use check dcerpc_binding_handle_is_connected() instead of a ↵Stefan Metzmacher2015-07-031-1/+1
| | | | | | | specific status Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3:winbindd: list local groups for our internal domains too (as AD DC)Stefan Metzmacher2015-05-061-12/+75
| | | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed May 6 04:13:36 CEST 2015 on sn-devel-104
* winbind: Retry after SESSION_EXPIRED error in ping-dcChristof Schmitt2015-01-061-0/+8
| | | | | | | | | | | | | Trying to establish a netlogon connection when the service ticket expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The underlying client code already marks the session as invalid, so retry the netlogon connect in this case. Signed-off-by: Christof Schmit <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 6 02:58:57 CET 2015 on sn-devel-104
* winbind: Retry LogonControl RPC in ping-dc after session expirationChristof Schmitt2014-12-231-0/+10
| | | | | | | | | | | | When the underlying session expires, the LogonControl RPC call used in ping-dc returns NT_STATUS_IO_DEVICE_ERROR. Retry once in this case, instead of returning the error to the caller. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 23 02:46:34 CET 2014 on sn-devel-104
* s3-winbindd: Pass the whole winbindd_domain to invalidate_cm_connection()Andrew Bartlett2014-10-081-2/+2
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Implement SamLogon IRPC callAndrew Bartlett2014-06-111-3/+29
| | | | | | | | | | | | | | We do this by lifting parts of the winbindd_dual_pam_auth_crap() code into a new helper function winbind_dual_SamLogon(). This allows us to implement the semantics we need for IRPC, without the artifacts of the winbindd pipe protocol. Change-Id: Idb169217e6d68d387c99765d0af7ed394cb5b93a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 11 12:43:58 CEST 2014 on sn-devel-104
* librpc/idl: Merge wbint.idl with winbind.idl so we can forward IRPC requests ↵Andrew Bartlett2014-06-111-3/+10
| | | | | | | | to internal winbind calls Change-Id: Iba3913d5a1c7f851b93f37e9beb6dbb20fbf7e55 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbindd: Listen on IRPC and do forwarded DNS updates on an RODCAndrew Bartlett2014-06-111-0/+39
| | | | | | Change-Id: Ib87933c318f510d95f7008e122216d73803ede68 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:winbindd: fix _wbint_LookupSids() on errorGregor Beck2014-02-211-1/+7
| | | | | | | | | | | | | | | We need to make sure that r->out.domains remains valid, otherwise we're not able to marshall the response. Note that wbint_LookupSids() has [out,ref] lsa_RefDomainList *domains, while lsa_LookupSids() has [out,ref] lsa_RefDomainList **domains. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458 Signed-off-by: Gregor Beck <gbeck@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:winbindd: make use of trust_pw_change() in _wbint_ChangeMachineAccount()Stefan Metzmacher2014-01-071-28/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: make use of rpccli_{create,setup}_netlogon_creds()Stefan Metzmacher2014-01-071-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* winbind: Print error code on connection error in ping_dcChristof Schmitt2013-05-251-1/+2
| | | | | | | | | | | | For debugging, it is useful to include the error code in the message. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Sat May 25 23:11:23 CEST 2013 on sn-devel-104
* winbind: Fix no memory check in _wbint_PingDc().Andreas Schneider2013-03-051-1/+1
| | | | Reviewed-by: David Disseldorp <ddiss@samba.org>
* s3:winbindd: remove unused server implementation of wbint_Sid2Gid()Michael Adam2012-12-031-14/+0
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbindd: remove unused server implementation of wbint_Sid2Uid()Michael Adam2012-12-031-14/+0
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbindd: also use idmap_passdb for own sam and builtin in ↵Michael Adam2012-12-031-3/+3
| | | | | | | | | | | wbint_Sids2UnixIDs() This is the way the singular calls work and how they should (currently) work. The two code paths need to give the same results. It is important to use the passdb backend, otherwise groups don't work. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbindd: use struct unixid instead of uint64 in Sids2Xids parent<->childMichael Adam2012-12-031-1/+4
| | | | | | | | | | This implicitly also hands the type of the resulting unix-id that the idmap backend has created back to the caller. This is important for backends that would set a broader type than the requested one, e.g. rid backend returning BOTH instead of UID or GID. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbindd: add an explanatory comment to _wbint_Sids2UnixIDs()Michael Adam2012-12-031-0/+3
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbindd: add an explanatory comment to _wbint_Sids2UnixIDs()Michael Adam2012-12-031-0/+5
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbind: Return the DC name from DC_PINGChristof Schmitt2012-08-151-0/+5
| | | | | | | The DC that was attempted to ping is useful for troubleshooting. Return the DC name in the response to the wbclient. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* Fix bug #8203 - winbindd needs to reset the DC connection if an RPC times out.Jeremy Allison2011-09-081-15/+66
| | | | | | | | Based on Volker's original code. (cherry picked from commit 5b5ef7f20d34f4c6c1d3d02530ac7b13e051c960) Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Sep 8 21:29:53 CEST 2011 on sn-devel-104
* s3: explicitly pass domain_sid to wbint_LookupRids() (bug #7841)Volker Lendecke2011-06-271-2/+3
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jun 27 18:21:30 CEST 2011 on sn-devel-104
* s3-talloc Change TALLOC_REALLOC_ARRAY() to talloc_realloc()Andrew Bartlett2011-06-091-4/+4
| | | | | | | Using the standard macro makes it easier to move code into common, as TALLOC_REALLOC_ARRAY isn't standard talloc. Andrew Bartlett
* s3: include ntdomain.h before including generated srv_ headers.Günther Deschner2011-05-021-1/+1
| | | | Guenther
* s3: Add wbint_Sids2UnixIDs idl & implementationVolker Lendecke2011-04-131-0/+92
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
* s3: Add wbint_LookupSidsVolker Lendecke2011-04-131-0/+18
| | | | | | This will be called from wb_lookupsids to query remote DCs via lsa Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-includes: only include ntdomain.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-winbindd: copy acct_info to wb_acct_info so we dont need passdb for it.Günther Deschner2011-03-301-1/+1
| | | | Guenther
* s3-rpc_client: Move client pipe functions to own header.Andreas Schneider2011-02-281-0/+1
|
* s3-winbind: prefer dcerpc_netr_X functions.Günther Deschner2011-01-131-15/+27
| | | | | | Guenther Signed-off-by: Andreas Schneider <asn@samba.org>
* s3: Fix bug 7842: WINBIND_LOOKUPRIDS does not return the proper domain nameVolker Lendecke2010-12-061-0/+2
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Dec 6 21:18:07 CET 2010 on sn-devel-104
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-0/+1
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s3-idmap: only include idmap headers where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3:winbind: remove the method REMOVE_MAPPING from winbind's APIMichael Adam2010-08-141-23/+0
| | | | Michael
* s3:winbind: remove the method SET_MAPPING from winbind's APIMichael Adam2010-08-141-22/+0
| | | | Michael
* s3:winbind: remove SET_HWM from winbind's API.Michael Adam2010-08-141-23/+0
|
* s3-winbind: Use struct pipes_struct.Andreas Schneider2010-07-281-24/+27
|
* Second part of fix for bug 7578 - 'net idmap restore' fails to set HWM, ↵Jeremy Allison2010-07-271-1/+1
| | | | | | causing duplicates. Jeremy.
View Lorry Controller Status