samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-02-08 05:57:51 +03:00

54 lines

1.4 KiB

Plaintext

Raw Normal View History

Apply attributes (and their syntax) from the schema into ldb This changes the @ATTRIBUTES record to be for bootstrapping only, before we find the schema. Andrew Bartlett (This used to be commit 358477fcc041d5fb2e6ac5641c2f899cc49cfb69) 2008-08-20 15:46:46 +10:00			`#These attributes are only used as far as the bootstrapping of the`
			`# schema. After that, the attributes from the schema are used.`
			`#`
			`# Therefore, they must strictly match the schema`

r8650: Use the timestamps and a new objectguid module rather than placing boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2) 2005-07-20 11:43:23 +00:00			`dn: @ATTRIBUTES`
			`userPrincipalName: CASE_INSENSITIVE`
			`servicePrincipalName: CASE_INSENSITIVE`
			`dnsDomain: CASE_INSENSITIVE`
			`dnsRoot: CASE_INSENSITIVE`
			`nETBIOSName: CASE_INSENSITIVE`
			`cn: CASE_INSENSITIVE`
			`dc: CASE_INSENSITIVE`
			`name: CASE_INSENSITIVE`
Apply attributes (and their syntax) from the schema into ldb This changes the @ATTRIBUTES record to be for bootstrapping only, before we find the schema. Andrew Bartlett (This used to be commit 358477fcc041d5fb2e6ac5641c2f899cc49cfb69) 2008-08-20 15:46:46 +10:00			`lDAPDisplayName: CASE_INSENSITIVE`
			`subClassOf: CASE_INSENSITIVE`
r8650: Use the timestamps and a new objectguid module rather than placing boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2) 2005-07-20 11:43:23 +00:00			`dn: CASE_INSENSITIVE`
			`sAMAccountName: CASE_INSENSITIVE`
			`objectClass: CASE_INSENSITIVE`
rename sambaPassword -> userPassword. This attribute is used in a very similar way (virtual attribute updating the password) in AD on Win2003, so eliminate the difference. This should not cause a problem for on-disk passwords, as by default we do not store the plaintext at all. Andrew Bartlett (This used to be commit 1cf0d751493b709ef6b2234ec8847a7499f48ab3) 2008-07-12 15:26:42 +10:00			`userPassword: HIDDEN`
r12599: This new LDB module (and associated changes) allows Samba4 to operate using pre-calculated passwords for all kerberos key types. (Previously we could only use these for the NT# type). The module handles all of the hash/string2key tasks for all parts of Samba, which was previously in the rpc_server/samr/samr_password.c code. We also update the msDS-KeyVersionNumber, and the password history. This new module can be called at provision time, which ensures we start with a database that is consistent in this respect. By ensuring that the krb5key attribute is the only one we need to retrieve, this also simplifies the run-time KDC logic. (Each value of the multi-valued attribute is encoded as a 'Key' in ASN.1, using the definition from Heimdal's HDB. This simplfies the KDC code.). It is hoped that this will speed up the KDC enough that it can again operate under valgrind. (This used to be commit e9022743210b59f19f370d772e532e0f08bfebd9) 2005-12-30 08:40:16 +00:00			`krb5Key: HIDDEN`
r8650: Use the timestamps and a new objectguid module rather than placing boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2) 2005-07-20 11:43:23 +00:00			`ntPwdHash: HIDDEN`
r12720: By metze's request, rename the ntPwdHistory attribute to sambaNTPassword. Likewise lmPwdHistory -> sambaLMPwdHistory. The idea here is to avoid having conflicting formats when we get to replication. We know the base data matches, but we may need to use a module to munge formats. Andrew Bartlett (This used to be commit 8e608dd4bf4f108e02274a9977ced04a0a270570) 2006-01-05 09:03:13 +00:00			`sambaNTPwdHistory: HIDDEN`
r8650: Use the timestamps and a new objectguid module rather than placing boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2) 2005-07-20 11:43:23 +00:00			`lmPwdHash: HIDDEN`
r12720: By metze's request, rename the ntPwdHistory attribute to sambaNTPassword. Likewise lmPwdHistory -> sambaLMPwdHistory. The idea here is to avoid having conflicting formats when we get to replication. We know the base data matches, but we may need to use a module to munge formats. Andrew Bartlett (This used to be commit 8e608dd4bf4f108e02274a9977ced04a0a270570) 2006-01-05 09:03:13 +00:00			`sambaLMPwdHistory: HIDDEN`
r8650: Use the timestamps and a new objectguid module rather than placing boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2) 2005-07-20 11:43:23 +00:00			`createTimestamp: HIDDEN`
			`modifyTimestamp: HIDDEN`
			`groupType: INTEGER`
			`sAMAccountType: INTEGER`
			`systemFlags: INTEGER`
			`userAccountControl: INTEGER`

r25960: Enable checks on the validity of the search base on sam.ldb in Samba4. Remove bogus check to return NO_SUCH_ENTRY in ldap_backend.c, as this error is now correctly emited from ldb. Andrew Bartlett (This used to be commit ed57862b90812e5a38ca81935b131338112fb19f) 2007-11-15 02:45:31 +01:00			`dn: @OPTIONS`
			`checkBaseOnSearch: TRUE`

r12762: Simo correctly asked that the policy logic (which attributes contain passwords) be moved into the database, and not be hard-coded in the module source. Andrew Bartlett (This used to be commit 1fbe09ce818ac1603bd747610262865b8698fe04) 2006-01-08 01:46:30 +00:00			`dn: @KLUDGEACL`
rename sambaPassword -> userPassword. This attribute is used in a very similar way (virtual attribute updating the password) in AD on Win2003, so eliminate the difference. This should not cause a problem for on-disk passwords, as by default we do not store the plaintext at all. Andrew Bartlett (This used to be commit 1cf0d751493b709ef6b2234ec8847a7499f48ab3) 2008-07-12 15:26:42 +10:00			`passwordAttribute: userPassword`
r12762: Simo correctly asked that the policy logic (which attributes contain passwords) be moved into the database, and not be hard-coded in the module source. Andrew Bartlett (This used to be commit 1fbe09ce818ac1603bd747610262865b8698fe04) 2006-01-08 01:46:30 +00:00			`passwordAttribute: ntPwdHash`
			`passwordAttribute: sambaNTPwdHistory`
			`passwordAttribute: lmPwdHash`
			`passwordAttribute: sambaLMPwdHistory`
			`passwordAttribute: krb5key`
r21298: protect windows password attributes too metze (This used to be commit 5c779b3767b47c140fc658fb9aed0ebfd5d956f0) 2007-02-12 12:13:00 +00:00			`passwordAttribute: dBCSPwd`
			`passwordAttribute: unicodePwd`
			`passwordAttribute: ntPwdHistory`
			`passwordAttribute: lmPwdHistory`
			`passwordAttribute: supplementalCredentials`
			`passwordAttribute: priorValue`
			`passwordAttribute: currentValue`
			`passwordAttribute: trustAuthOutgoing`
			`passwordAttribute: trustAuthIncoming`
			`passwordAttribute: initialAuthOutgoing`
			`passwordAttribute: initialAuthIncoming`

54 lines 1.4 KiB Plaintext Raw Normal View History Unescape Escape

54 lines

1.4 KiB

Plaintext

Raw Normal View History