The options in the "Policies" menu (Domain trust...) aren't implemented properly (Reference of bug 4815).
In -r 24118 I've fixed the display of the trusted domains. I still need to look into the other issues, and test actually adding a trusted domain.
In a more recent SVN the "Trust Relationships" option seems to not work again (RPC error).
In relation to the above: when I click first on "Policies/User rights..." I get an RPC error. Then, when I reselect "Policies/Trust Relationships..." the same RPC error is displayed.
I've now analyzed a bit more the cause of the problems. In fact there are caused because some missing implementations in the LSA pipe. - "User Rights" doesn't work, because the call "dcesrv_lsa_GetSystemAccessAccount" isn't filled in. - "Audit" doesn't work, because there are missing options in "dcesrv_lsa_QueryInfoPolicy2". There doesn't exist only the three cases. We need to bring them all up.
Created attachment 3190 [details] A patch to lsa.idl This should now make the lsa api for QueryInformationPolicy2 compatible with Microsoft WSPP docs (http://msdn2.microsoft.com/en-us/library/cc234321.aspx).
Can you please extend the RPC-LSA test to walk over these options, and prove that (at the very least) the marshaling is correct? Thanks,
I'll try to do it. By the way, shouldn't be syncronize the IDL's from SAMBA 3.2 with the ones from SAMBA 4? E.g. the SAMBA 4 lsa.idl seems older than the SAMBA 3.2 one.
Created attachment 3642 [details] LSA Patch for User Manager New (major) patch ================= - Enhances the "lsa.idl" file in the sense that it adds more values to "PolicyInformation" to improve the "lsa_QueryInfoPolicy*" calls. - Adds a minimal implementation for "AuditEvents" (also lsa_QueryInfoPolicy* calls) to enable the "Audit" option in the "User Manager for Domains" (at least readable). - Adds to the "lsa.idl" file the system access mode flags needed for the calls "lsa_*SystemAccessAccount". - Fill in the "lsa_GetSystemAccessAccount" for enabling the "User Rights" option in the "User Manager for Domains" (at least readable). - Merge the two similar torture tests of the "lsa_QueryInfoPolicy*" calls in one using "if"'s for a few separations. - Add a torture test for "lsa_GetSystemAccessAccount". - Some cosmetic-only changes (unifications) in output strings in the "LSA" torture test. The work has been done using the Microsoft WSPP docs.
Created attachment 3648 [details] LSA Patch for User Manager Updated version
Created attachment 3649 [details] LSA Patch for User Manager Updated, because before I've created it in reverse.
I add also Tridge to this bug because he has recently done some work on the LSA pipe.
Created attachment 3657 [details] LSA Patch for User Manager Updated for use after Tridge's patches.
Okay, I'm satisfied. Closing it as "FIXED".