summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/acl.c
Commit message (Expand)AuthorAgeFilesLines
* dsdb acl: Copy dsdb_control_password_acl_validation into replyGary Lockyer2018-05-311-10/+177
* dsdb: Check for userPassword support after loading the databasesAndrew Bartlett2018-04-121-3/+15
* CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a controlRalph Boehme2018-03-131-1/+10
* CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OIDRalph Boehme2018-03-131-3/+38
* CVE-2018-1057: s4:dsdb/acl: run password checking only onceRalph Boehme2018-03-131-0/+5
* CVE-2018-1057: s4/dsdb: correctly detect password resetsRalph Boehme2018-03-131-1/+17
* CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_pa...Ralph Boehme2018-03-131-0/+4
* CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_O...Ralph Boehme2018-03-131-0/+20
* CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checksRalph Boehme2018-03-131-14/+23
* CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password...Ralph Boehme2018-03-131-2/+12
* CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl ...Ralph Boehme2018-03-131-0/+8
* dsdb: Remove 120 second delay and USN from schema refresh checkAndrew Bartlett2016-07-061-2/+0
* dsdb: Simplify acl_validate_spn_valueVolker Lendecke2016-06-011-3/+7
* samdb: Improve debugging in acl_validate_spn_value()Volker Lendecke2016-05-251-2/+20
* dsdb: Only re-query dSHeuristics for userPassword support on modifiesAndrew Bartlett2016-04-191-2/+6
* s4:acl LDB module - fix error messageMatthias Dieter Wallnöfer2016-01-141-1/+1
* s4-dsdb: Implementation of access checks on a undelete operationNadezhda Ivanova2015-02-031-18/+79
* acl: Fix typo: structrual -> structuralJelmer Vernooij2014-09-271-1/+1
* dsdb: Change acl module to look for instanceType flag rather than list of NCsAndrew Bartlett2014-09-011-15/+82
* s4-dsdb/samdb: use smb_krb5_principal_get_comp_string in ldb ACL module.Günther Deschner2014-08-081-5/+8
* dsdb-acl: the SEC_ADS_DELETE_CHILD checks need objectclass->schemaIDGUIDStefan Metzmacher2013-01-211-2/+7
* dsdb-acl: make use of acl_check_access_on_objectclass() for the object in acl...Stefan Metzmacher2013-01-211-6/+50
* dsdb-acl: make use of acl_check_access_on_{attribute,objectclass} in acl_rena...Stefan Metzmacher2013-01-211-47/+43
* dsdb-acl: make use of acl_check_access_on_attribute() in acl_modify()Stefan Metzmacher2013-01-211-44/+16
* dsdb-acl: remove unused acl_check_access_on_class()Stefan Metzmacher2013-01-211-46/+0
* dsdb-acl: use acl_check_access_on_objectclass() instead of acl_check_access_o...Stefan Metzmacher2013-01-211-8/+13
* dsdb-acl: Pass the structural objectClass into acl_check_access_on_attributeAndrew Bartlett2013-01-211-18/+41
* dsdb-acl: Remove unused get_oc_guid_from_message()Andrew Bartlett2013-01-211-19/+0
* dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than class_schemaid_gu...Andrew Bartlett2013-01-211-8/+7
* dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename()Andrew Bartlett2013-01-211-12/+14
* dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_modify()Andrew Bartlett2013-01-211-8/+10
* dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for all attributesStefan Metzmacher2013-01-211-16/+18
* dsdb-acl: introduce a 'el' helper variable to acl_modify()Stefan Metzmacher2013-01-211-12/+11
* dsdb-acl: introduce a 'msg' helper variable to acl_modify()Stefan Metzmacher2013-01-211-20/+20
* dsdb-acl: calculate sDRightsEffective based on "nTSecurityDescriptor"Stefan Metzmacher2013-01-171-3/+11
* dsdb-acl: add helper variable 'ldb' in acl_sDRightsEffectiveStefan Metzmacher2013-01-171-1/+2
* dsdb-acl: fix the order of special and system checksStefan Metzmacher2013-01-171-22/+61
* dsdb-acl: Do not apply ACL on special DNs to hide attributes that the user sh...Matthieu Patou2013-01-171-0/+4
* dsdb-acl: talloc_free the private context when we pass to the next moduleStefan Metzmacher2013-01-171-0/+1
* dsdb-acl: don't call dsdb_user_password_support() if we don't use the resultStefan Metzmacher2013-01-171-2/+8
* dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #...Andrew Bartlett2013-01-151-28/+27
* dsdb-acl: give error string if we can not obtain the schemaAndrew Bartlett2013-01-101-2/+3
* s4:dsdb/acl: require SEC_ADS_DELETE_TREE if the TREE_DELETE control is given ...Stefan Metzmacher2012-11-301-0/+12
* s4:dsdb/acl: also add DSDB_SECRET_ATTRIBUTES into the password attributesStefan Metzmacher2012-11-301-5/+36
* s4:dsdb/acl_read: enable acl checking on search by default (bug #8620)Stefan Metzmacher2012-11-301-1/+1
* s4:dsdb/acl: calculate the correct access_mask when modifying nTSecurityDescr...Stefan Metzmacher2012-11-301-1/+14
* s4:dsdb/acl: don't protect confidential attributes when "acl:search = yes" is...Stefan Metzmacher2012-11-301-0/+11
* s4:dsdb/acl: remove unused "acl:perform" optionStefan Metzmacher2012-11-301-3/+0
* s4:dsdb/acl: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher2012-11-301-5/+15
* s4:dsdb/acl: only give administrators access to attributes marked as confiden...Stefan Metzmacher2012-11-121-0/+87
View Lorry Controller Status