mirror of
https://github.com/samba-team/samba.git
synced 2025-01-17 02:05:21 +03:00
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit fa03d750e4577a610dc410d45d49789110b1b4f1)
This commit is contained in:
Andrew Bartlett
commit
489525a639
@ -1236,12 +1236,16 @@ static NTSTATUS gensec_gssapi_session_key(struct gensec_security *gensec_securit
|
||||
return NT_STATUS_NO_USER_SESSION_KEY;
|
||||
}
|
||||
|
||||
DEBUG(10, ("Got KRB5 session key of length %d\n",
|
||||
(int)KRB5_KEY_LENGTH(subkey)));
|
||||
gensec_gssapi_state->session_key = data_blob_talloc(gensec_gssapi_state,
|
||||
DEBUG(10, ("Got KRB5 session key of length %d%s\n",
|
||||
(int)KRB5_KEY_LENGTH(subkey),
|
||||
(gensec_gssapi_state->sasl_state == STAGE_DONE)?" (done)":""));
|
||||
*session_key = data_blob_talloc(gensec_gssapi_state,
|
||||
KRB5_KEY_DATA(subkey), KRB5_KEY_LENGTH(subkey));
|
||||
krb5_free_keyblock(gensec_gssapi_state->smb_krb5_context->krb5_context, subkey);
|
||||
*session_key = gensec_gssapi_state->session_key;
|
||||
if (gensec_gssapi_state->sasl_state == STAGE_DONE) {
|
||||
/* only cache in the done stage */
|
||||
gensec_gssapi_state->session_key = *session_key;
|
||||
}
|
||||
dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
|
||||
|
||||
return NT_STATUS_OK;
|
||||
|
||||
@ -35,7 +35,8 @@ PRIVATE_DEPENDENCIES = SAMDB_COMMON NDR_DRSUAPI NDR_DRSBLOBS
|
||||
SAMDB_SCHEMA_OBJ_FILES = $(addprefix $(dsdbsrcdir)/schema/, \
|
||||
schema_init.o \
|
||||
schema_syntax.o \
|
||||
schema_constructed.o)
|
||||
schema_description.o \
|
||||
schema_convert.o)
|
||||
|
||||
$(eval $(call proto_header_template,$(dsdbsrcdir)/schema/proto.h,$(SAMDB_SCHEMA_OBJ_FILES:.o=.c)))
|
||||
# PUBLIC_HEADERS += dsdb/schema/schema.h
|
||||
|
||||
@ -32,6 +32,40 @@
|
||||
#include "lib/util/dlinklist.h"
|
||||
#include "param/param.h"
|
||||
|
||||
static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema);
|
||||
static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema);
|
||||
static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema);
|
||||
|
||||
static const struct {
|
||||
const char *attr;
|
||||
int (*fn)(struct ldb_context *, struct ldb_message *, const struct dsdb_schema *);
|
||||
} generated_attrs[] = {
|
||||
{
|
||||
.attr = "objectClasses",
|
||||
.fn = generate_objectClasses
|
||||
},
|
||||
{
|
||||
.attr = "attributeTypes",
|
||||
.fn = generate_attributeTypes
|
||||
},
|
||||
{
|
||||
.attr = "dITContentRules",
|
||||
.fn = generate_dITContentRules
|
||||
}
|
||||
};
|
||||
|
||||
struct schema_fsmo_private_data {
|
||||
struct ldb_dn *aggregate_dn;
|
||||
};
|
||||
|
||||
struct schema_fsmo_search_data {
|
||||
struct schema_fsmo_private_data *module_context;
|
||||
struct ldb_request *orig_req;
|
||||
};
|
||||
|
||||
static int schema_fsmo_init(struct ldb_module *module)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
@ -39,10 +73,7 @@ static int schema_fsmo_init(struct ldb_module *module)
|
||||
struct dsdb_schema *schema;
|
||||
char *error_string = NULL;
|
||||
int ret;
|
||||
|
||||
if (dsdb_get_schema(module->ldb)) {
|
||||
return ldb_next_init(module);
|
||||
}
|
||||
struct schema_fsmo_private_data *data;
|
||||
|
||||
schema_dn = samdb_schema_dn(module->ldb);
|
||||
if (!schema_dn) {
|
||||
@ -52,6 +83,25 @@ static int schema_fsmo_init(struct ldb_module *module)
|
||||
return ldb_next_init(module);
|
||||
}
|
||||
|
||||
data = talloc(module, struct schema_fsmo_private_data);
|
||||
if (data == NULL) {
|
||||
ldb_oom(module->ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
/* Check to see if this is a result on the CN=Aggregate schema */
|
||||
data->aggregate_dn = ldb_dn_copy(data, schema_dn);
|
||||
if (!ldb_dn_add_child_fmt(data->aggregate_dn, "CN=Aggregate")) {
|
||||
ldb_oom(module->ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
module->private_data = data;
|
||||
|
||||
if (dsdb_get_schema(module->ldb)) {
|
||||
return ldb_next_init(module);
|
||||
}
|
||||
|
||||
mem_ctx = talloc_new(module);
|
||||
if (!mem_ctx) {
|
||||
ldb_oom(module->ldb);
|
||||
@ -208,9 +258,155 @@ static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *r
|
||||
return LDB_SUCCESS;
|
||||
}
|
||||
|
||||
static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema)
|
||||
{
|
||||
const struct dsdb_class *class;
|
||||
int ret;
|
||||
|
||||
for (class = schema->classes; class; class = class->next) {
|
||||
ret = ldb_msg_add_string(msg, "objectClasses", schema_class_to_description(msg, class));
|
||||
if (ret != LDB_SUCCESS) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
return LDB_SUCCESS;
|
||||
}
|
||||
static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema)
|
||||
{
|
||||
const struct dsdb_attribute *attribute;
|
||||
int ret;
|
||||
|
||||
for (attribute = schema->attributes; attribute; attribute = attribute->next) {
|
||||
ret = ldb_msg_add_string(msg, "attributeTypes", schema_attribute_to_description(msg, attribute));
|
||||
if (ret != LDB_SUCCESS) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
return LDB_SUCCESS;
|
||||
}
|
||||
|
||||
static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
|
||||
const struct dsdb_schema *schema)
|
||||
{
|
||||
const struct dsdb_class *class;
|
||||
int ret;
|
||||
|
||||
for (class = schema->classes; class; class = class->next) {
|
||||
if (class->auxiliaryClass || class->systemAuxiliaryClass) {
|
||||
char *ditcontentrule = schema_class_to_dITContentRule(msg, class, schema);
|
||||
if (!ditcontentrule) {
|
||||
ldb_oom(ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
ret = ldb_msg_add_steal_string(msg, "dITContentRules", ditcontentrule);
|
||||
if (ret != LDB_SUCCESS) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* Add objectClasses, attributeTypes and dITContentRules from the
|
||||
schema object (they are not stored in the database)
|
||||
*/
|
||||
static int schema_fsmo_search_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares)
|
||||
{
|
||||
const struct dsdb_schema *schema = dsdb_get_schema(ldb);
|
||||
struct schema_fsmo_search_data *search_data = talloc_get_type(context, struct schema_fsmo_search_data);
|
||||
struct ldb_request *orig_req = search_data->orig_req;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
int i, ret;
|
||||
|
||||
/* Only entries are interesting, and we handle the case of the parent seperatly */
|
||||
if (ares->type != LDB_REPLY_ENTRY) {
|
||||
return orig_req->callback(ldb, orig_req->context, ares);
|
||||
}
|
||||
|
||||
if (ldb_dn_compare(ares->message->dn, search_data->module_context->aggregate_dn) != 0) {
|
||||
talloc_free(mem_ctx);
|
||||
return orig_req->callback(ldb, orig_req->context, ares);
|
||||
}
|
||||
|
||||
mem_ctx = talloc_new(ares);
|
||||
if (!mem_ctx) {
|
||||
ldb_oom(ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
|
||||
if (ldb_attr_in_list(orig_req->op.search.attrs, generated_attrs[i].attr)) {
|
||||
ret = generated_attrs[i].fn(ldb, ares->message, schema);
|
||||
if (ret != LDB_SUCCESS) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
talloc_free(mem_ctx);
|
||||
return orig_req->callback(ldb, orig_req->context, ares);
|
||||
}
|
||||
|
||||
/* search */
|
||||
static int schema_fsmo_search(struct ldb_module *module, struct ldb_request *req)
|
||||
{
|
||||
int i, ret;
|
||||
struct schema_fsmo_search_data *search_context;
|
||||
struct ldb_request *down_req;
|
||||
struct dsdb_schema *schema = dsdb_get_schema(module->ldb);
|
||||
|
||||
if (!schema || !module->private_data) {
|
||||
/* If there is no schema, there is little we can do */
|
||||
return ldb_next_request(module, req);
|
||||
}
|
||||
for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
|
||||
if (ldb_attr_in_list(req->op.search.attrs, generated_attrs[i].attr)) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (i == ARRAY_SIZE(generated_attrs)) {
|
||||
/* No request for a generated attr found, nothing to
|
||||
* see here, move along... */
|
||||
return ldb_next_request(module, req);
|
||||
}
|
||||
|
||||
search_context = talloc(req, struct schema_fsmo_search_data);
|
||||
if (!search_context) {
|
||||
ldb_oom(module->ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
down_req = talloc(req, struct ldb_request);
|
||||
if (!down_req) {
|
||||
ldb_oom(module->ldb);
|
||||
return LDB_ERR_OPERATIONS_ERROR;
|
||||
}
|
||||
|
||||
*down_req = *req;
|
||||
search_context->orig_req = req;
|
||||
search_context->module_context = talloc_get_type(module->private_data, struct schema_fsmo_private_data);
|
||||
down_req->context = search_context;
|
||||
|
||||
down_req->callback = schema_fsmo_search_callback;
|
||||
|
||||
ret = ldb_next_request(module, down_req);
|
||||
|
||||
/* do not free down_req as the call results may be linked to it,
|
||||
* it will be freed when the upper level request get freed */
|
||||
if (ret == LDB_SUCCESS) {
|
||||
req->handle = down_req->handle;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
_PUBLIC_ const struct ldb_module_ops ldb_schema_fsmo_module_ops = {
|
||||
.name = "schema_fsmo",
|
||||
.init_context = schema_fsmo_init,
|
||||
.add = schema_fsmo_add,
|
||||
.extended = schema_fsmo_extended
|
||||
.extended = schema_fsmo_extended,
|
||||
.search = schema_fsmo_search
|
||||
};
|
||||
|
||||
@ -168,6 +168,20 @@ enum dsdb_attr_list_query {
|
||||
DSDB_SCHEMA_ALL
|
||||
};
|
||||
|
||||
enum dsdb_schema_convert_target {
|
||||
TARGET_OPENLDAP,
|
||||
TARGET_FEDORA_DS,
|
||||
TARGET_AD_SCHEMA_SUBENTRY
|
||||
};
|
||||
|
||||
struct dsdb_syntax_map {
|
||||
const char *Standard_OID;
|
||||
const char *AD_OID;
|
||||
const char *equality;
|
||||
const char *substring;
|
||||
const char *comment;
|
||||
};
|
||||
|
||||
#include "dsdb/schema/proto.h"
|
||||
|
||||
#endif /* _DSDB_SCHEMA_H */
|
||||
|
||||
@ -1,186 +0,0 @@
|
||||
/*
|
||||
Unix SMB/CIFS mplementation.
|
||||
DSDB schema constructed attributes
|
||||
attributeTypes, objectClasses, dITContentRules...
|
||||
|
||||
Copyright (C) Stefan Metzmacher 2006
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
*/
|
||||
#include "includes.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
#include "librpc/gen_ndr/ndr_drsuapi.h"
|
||||
#include "lib/ldb/include/ldb.h"
|
||||
#include "system/time.h"
|
||||
#include "lib/charset/charset.h"
|
||||
#include "librpc/ndr/libndr.h"
|
||||
|
||||
static char *dsdb_subSchema_list_append(char *v, const char *list_name)
|
||||
{
|
||||
bool first = true;
|
||||
uint32_t i;
|
||||
const char *attrs[] = {
|
||||
"attr1",
|
||||
"attr2",
|
||||
"attr3",
|
||||
NULL
|
||||
};
|
||||
|
||||
v = talloc_asprintf_append(v, "%s ( ", list_name);
|
||||
if (!v) return NULL;
|
||||
|
||||
for (i=0; attrs[i]; i++) {
|
||||
v = talloc_asprintf_append(v, "%s%s ",
|
||||
(!first ? "$ " : ""),
|
||||
attrs[i]);
|
||||
if (!v) return NULL;
|
||||
first = false;
|
||||
}
|
||||
|
||||
v = talloc_asprintf_append(v, ") ");
|
||||
if (!v) return NULL;
|
||||
|
||||
return v;
|
||||
}
|
||||
|
||||
WERROR dsdb_subSchema_attributeTypes(const struct dsdb_schema *schema,
|
||||
TALLOC_CTX *mem_ctx)
|
||||
{
|
||||
struct ldb_message_element *e;
|
||||
struct dsdb_attribute *a;
|
||||
|
||||
e = talloc_zero(mem_ctx, struct ldb_message_element);
|
||||
W_ERROR_HAVE_NO_MEMORY(e);
|
||||
|
||||
for (a = schema->attributes; a; a = a->next) {
|
||||
char *v;
|
||||
|
||||
v = talloc_asprintf(e, "( %s NAME '%s' SYNTAX '%s' ",
|
||||
a->attributeID_oid, a->lDAPDisplayName,
|
||||
a->syntax->ldap_oid);
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
if (a->isSingleValued) {
|
||||
v = talloc_asprintf_append(v, "SINGLE-VALUE ");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
}
|
||||
|
||||
if (a->systemOnly) {
|
||||
v = talloc_asprintf_append(v, "NO-USER-MODIFICATION ");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
}
|
||||
|
||||
v = talloc_asprintf_append(v, ")");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
DEBUG(0,("%s\n", v));
|
||||
}
|
||||
|
||||
return WERR_FOOBAR;
|
||||
}
|
||||
|
||||
WERROR dsdb_subSchema_objectClasses(const struct dsdb_schema *schema,
|
||||
TALLOC_CTX *mem_ctx)
|
||||
{
|
||||
struct ldb_message_element *e;
|
||||
struct dsdb_class *c;
|
||||
|
||||
e = talloc_zero(mem_ctx, struct ldb_message_element);
|
||||
W_ERROR_HAVE_NO_MEMORY(e);
|
||||
|
||||
for (c = schema->classes; c; c = c->next) {
|
||||
const char *class_type;
|
||||
char *v;
|
||||
|
||||
switch (c->objectClassCategory) {
|
||||
case 0:
|
||||
/*
|
||||
* NOTE: this is an type 88 class
|
||||
* e.g. 2.5.6.6 NAME 'person'
|
||||
* but w2k3 gives STRUCTURAL here!
|
||||
*/
|
||||
class_type = "STRUCTURAL";
|
||||
break;
|
||||
case 1:
|
||||
class_type = "STRUCTURAL";
|
||||
break;
|
||||
case 2:
|
||||
class_type = "ABSTRACT";
|
||||
break;
|
||||
case 3:
|
||||
class_type = "AUXILIARY";
|
||||
break;
|
||||
default:
|
||||
class_type = "UNKNOWN";
|
||||
break;
|
||||
}
|
||||
|
||||
v = talloc_asprintf(e, "( %s NAME '%s' SUB %s %s ",
|
||||
c->governsID_oid, c->lDAPDisplayName,
|
||||
c->subClassOf, class_type);
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = dsdb_subSchema_list_append(v, "MUST");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = dsdb_subSchema_list_append(v, "MAY");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = talloc_asprintf_append(v, ")");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
DEBUG(0,("%s\n", v));
|
||||
}
|
||||
|
||||
return WERR_FOOBAR;
|
||||
}
|
||||
|
||||
WERROR dsdb_subSchema_dITContentRules(const struct dsdb_schema *schema,
|
||||
TALLOC_CTX *mem_ctx)
|
||||
{
|
||||
struct ldb_message_element *e;
|
||||
struct dsdb_class *c;
|
||||
|
||||
e = talloc_zero(mem_ctx, struct ldb_message_element);
|
||||
W_ERROR_HAVE_NO_MEMORY(e);
|
||||
|
||||
for (c = schema->classes; c; c = c->next) {
|
||||
char *v;
|
||||
|
||||
/*
|
||||
* TODO: filter out classes without auxiliary classes
|
||||
*/
|
||||
|
||||
v = talloc_asprintf(e, "( %s NAME '%s' ",
|
||||
c->governsID_oid, c->lDAPDisplayName);
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = dsdb_subSchema_list_append(v, "AUX");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = dsdb_subSchema_list_append(v, "MUST");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = dsdb_subSchema_list_append(v, "MAY");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
v = talloc_asprintf_append(v, ")");
|
||||
W_ERROR_HAVE_NO_MEMORY(v);
|
||||
|
||||
DEBUG(0,("%s\n", v));
|
||||
}
|
||||
|
||||
return WERR_FOOBAR;
|
||||
}
|
||||
@ -3,50 +3,37 @@
|
||||
|
||||
Copyright (C) Simo Sorce 2005
|
||||
|
||||
** NOTE! The following LGPL license applies to the ldb
|
||||
** library. This does NOT imply that all of Samba is released
|
||||
** under the LGPL
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This library is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU Lesser General Public
|
||||
License as published by the Free Software Foundation; either
|
||||
version 3 of the License, or (at your option) any later version.
|
||||
|
||||
This library is distributed in the hope that it will be useful,
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Lesser General Public License for more details.
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public
|
||||
License along with this library; if not, see <http://www.gnu.org/licenses/>.
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "schema_convert.h"
|
||||
#include "ldb_includes.h"
|
||||
#include "includes.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
|
||||
/* Shared map for converting syntax between formats */
|
||||
static const struct syntax_map syntax_map[] = {
|
||||
static const struct dsdb_syntax_map syntax_map[] = {
|
||||
{
|
||||
.Standard_OID = "1.3.6.1.4.1.1466.115.121.1.12",
|
||||
.AD_OID = "2.5.5.1",
|
||||
.equality = "distinguishedNameMatch",
|
||||
.comment = "Object(DS-DN) == a DN"
|
||||
},
|
||||
#if 0
|
||||
{
|
||||
.Standard_OID = "1.3.6.1.4.1.1466.115.121.1.38",
|
||||
.AD_OID = "2.5.5.2",
|
||||
.equality = "objectIdentifierMatch",
|
||||
.comment = "OID String"
|
||||
},
|
||||
#else
|
||||
{
|
||||
.Standard_OID = "1.2.840.113556.1.4.905",
|
||||
.AD_OID = "2.5.5.2",
|
||||
.equality = "caseIgnoreMatch",
|
||||
.comment = "OID as a Case Insensitive String"
|
||||
},
|
||||
#endif
|
||||
{
|
||||
.Standard_OID = "1.2.840.113556.1.4.905",
|
||||
.AD_OID = "2.5.5.4",
|
||||
@ -150,7 +137,7 @@ static const struct syntax_map syntax_map[] = {
|
||||
};
|
||||
|
||||
|
||||
const struct syntax_map *find_syntax_map_by_ad_oid(const char *ad_oid)
|
||||
const struct dsdb_syntax_map *find_syntax_map_by_ad_oid(const char *ad_oid)
|
||||
{
|
||||
int i;
|
||||
for (i=0; syntax_map[i].Standard_OID; i++) {
|
||||
@ -161,7 +148,7 @@ const struct syntax_map *find_syntax_map_by_ad_oid(const char *ad_oid)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const struct syntax_map *find_syntax_map_by_standard_oid(const char *standard_oid)
|
||||
const struct dsdb_syntax_map *find_syntax_map_by_standard_oid(const char *standard_oid)
|
||||
{
|
||||
int i;
|
||||
for (i=0; syntax_map[i].Standard_OID; i++) {
|
||||
316
source4/dsdb/schema/schema_description.c
Normal file
316
source4/dsdb/schema/schema_description.c
Normal file
@ -0,0 +1,316 @@
|
||||
/*
|
||||
Unix SMB/CIFS mplementation.
|
||||
Print schema info into string format
|
||||
|
||||
Copyright (C) Andrew Bartlett 2006-2008
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
*/
|
||||
#include "includes.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
|
||||
#define IF_NULL_FAIL_RET(x) do { \
|
||||
if (!x) { \
|
||||
return NULL; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
|
||||
char *schema_attribute_description(TALLOC_CTX *mem_ctx,
|
||||
enum dsdb_schema_convert_target target,
|
||||
const char *seperator,
|
||||
const char *oid,
|
||||
const char *name,
|
||||
const char *description,
|
||||
const char *equality,
|
||||
const char *substring,
|
||||
const char *syntax,
|
||||
bool single_value, bool operational)
|
||||
{
|
||||
char *schema_entry = talloc_asprintf(mem_ctx,
|
||||
"(%s%s%s", seperator, oid, seperator);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"NAME '%s'%s", name, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
if (description) {
|
||||
#if 0
|
||||
/* Need a way to escape ' characters from the description */
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"DESC '%s'%s", description, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
#endif
|
||||
}
|
||||
|
||||
if (equality) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"EQUALITY %s%s", equality, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
if (substring) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"SUBSTR %s%s", substring, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"SYNTAX %s%s", syntax, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
if (single_value) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"SINGLE-VALUE%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (operational) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"NO-USER-MODIFICATION%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
")");
|
||||
return schema_entry;
|
||||
}
|
||||
|
||||
char *schema_attribute_to_description(TALLOC_CTX *mem_ctx, const struct dsdb_attribute *attribute)
|
||||
{
|
||||
char *schema_description;
|
||||
const struct dsdb_syntax_map *map = find_syntax_map_by_ad_oid(attribute->attributeSyntax_oid);
|
||||
const char *syntax = map ? map->Standard_OID : attribute->attributeSyntax_oid;
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
|
||||
if (!tmp_ctx) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
schema_description
|
||||
= schema_attribute_description(mem_ctx,
|
||||
TARGET_AD_SCHEMA_SUBENTRY,
|
||||
" ",
|
||||
attribute->attributeID_oid,
|
||||
attribute->lDAPDisplayName,
|
||||
NULL, NULL, NULL, talloc_asprintf(tmp_ctx, "'%s'", syntax),
|
||||
attribute->isSingleValued,
|
||||
attribute->systemOnly);
|
||||
talloc_free(tmp_ctx);
|
||||
return schema_description;
|
||||
}
|
||||
|
||||
#define APPEND_ATTRS(attributes) \
|
||||
do { \
|
||||
int k; \
|
||||
for (k=0; attributes && attributes[k]; k++) { \
|
||||
const char *attr_name = attributes[k]; \
|
||||
\
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
"%s ", \
|
||||
attr_name); \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
if (attributes[k+1]) { \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
if (target == TARGET_OPENLDAP && ((k+1)%5 == 0)) { \
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
"$%s ", seperator); \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
} else { \
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
"$ "); \
|
||||
} \
|
||||
} \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
|
||||
/* Print a schema class or dITContentRule as a string.
|
||||
*
|
||||
* To print a scheam class, specify objectClassCategory but not auxillary_classes
|
||||
* To print a dITContentRule, specify auxillary_classes but set objectClassCategory == -1
|
||||
*
|
||||
*/
|
||||
|
||||
char *schema_class_description(TALLOC_CTX *mem_ctx,
|
||||
enum dsdb_schema_convert_target target,
|
||||
const char *seperator,
|
||||
const char *oid,
|
||||
const char *name,
|
||||
const char **auxillary_classes,
|
||||
const char *description,
|
||||
const char *subClassOf,
|
||||
int objectClassCategory,
|
||||
char **must,
|
||||
char **may)
|
||||
{
|
||||
char *schema_entry = talloc_asprintf(mem_ctx,
|
||||
"(%s%s%s", seperator, oid, seperator);
|
||||
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"NAME '%s'%s", name, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
if (description) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"DESC '%s'%s", description, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (auxillary_classes) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"AUX ( ");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
APPEND_ATTRS(auxillary_classes);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
")%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (subClassOf) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"SUP %s%s", subClassOf, seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
switch (objectClassCategory) {
|
||||
case -1:
|
||||
break;
|
||||
/* Dummy case for when used for printing ditContentRules */
|
||||
case 0:
|
||||
/*
|
||||
* NOTE: this is an type 88 class
|
||||
* e.g. 2.5.6.6 NAME 'person'
|
||||
* but w2k3 gives STRUCTURAL here!
|
||||
*/
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"STRUCTURAL%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
case 1:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"STRUCTURAL%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
case 2:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"ABSTRACT%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
case 3:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"AUXILIARY%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
}
|
||||
|
||||
if (must) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"MUST ( ");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
APPEND_ATTRS(must);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
")%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (may) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
"MAY ( ");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
APPEND_ATTRS(may);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
")%s", seperator);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
")");
|
||||
return schema_entry;
|
||||
}
|
||||
|
||||
char *schema_class_to_description(TALLOC_CTX *mem_ctx, const struct dsdb_class *class)
|
||||
{
|
||||
char *schema_description;
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
|
||||
if (!tmp_ctx) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
schema_description
|
||||
= schema_class_description(mem_ctx,
|
||||
TARGET_AD_SCHEMA_SUBENTRY,
|
||||
" ",
|
||||
class->governsID_oid,
|
||||
class->lDAPDisplayName,
|
||||
NULL,
|
||||
NULL,
|
||||
class->subClassOf,
|
||||
class->objectClassCategory,
|
||||
dsdb_attribute_list(tmp_ctx,
|
||||
class, DSDB_SCHEMA_ALL_MUST),
|
||||
dsdb_attribute_list(tmp_ctx,
|
||||
class, DSDB_SCHEMA_ALL_MAY));
|
||||
talloc_free(tmp_ctx);
|
||||
return schema_description;
|
||||
}
|
||||
char *schema_class_to_dITContentRule(TALLOC_CTX *mem_ctx, const struct dsdb_class *class,
|
||||
const struct dsdb_schema *schema)
|
||||
{
|
||||
int i;
|
||||
char *schema_description;
|
||||
char **aux_class_list = NULL;
|
||||
char **attrs;
|
||||
char **must_attr_list = NULL;
|
||||
char **may_attr_list = NULL;
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
|
||||
const struct dsdb_class *aux_class;
|
||||
if (!tmp_ctx) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
aux_class_list = merge_attr_list(tmp_ctx, aux_class_list, class->systemAuxiliaryClass);
|
||||
aux_class_list = merge_attr_list(tmp_ctx, aux_class_list, class->auxiliaryClass);
|
||||
|
||||
for (i=0; aux_class_list && aux_class_list[i]; i++) {
|
||||
aux_class = dsdb_class_by_lDAPDisplayName(schema, aux_class_list[i]);
|
||||
|
||||
attrs = dsdb_attribute_list(mem_ctx, aux_class, DSDB_SCHEMA_ALL_MUST);
|
||||
must_attr_list = merge_attr_list(mem_ctx, must_attr_list, attrs);
|
||||
|
||||
attrs = dsdb_attribute_list(mem_ctx, aux_class, DSDB_SCHEMA_ALL_MAY);
|
||||
may_attr_list = merge_attr_list(mem_ctx, may_attr_list, attrs);
|
||||
}
|
||||
|
||||
schema_description
|
||||
= schema_class_description(mem_ctx,
|
||||
TARGET_AD_SCHEMA_SUBENTRY,
|
||||
" ",
|
||||
class->governsID_oid,
|
||||
class->lDAPDisplayName,
|
||||
(const char **)aux_class_list,
|
||||
NULL,
|
||||
class->subClassOf,
|
||||
-1, must_attr_list, may_attr_list);
|
||||
talloc_free(tmp_ctx);
|
||||
return schema_description;
|
||||
}
|
||||
@ -1599,7 +1599,7 @@ WERROR dsdb_linked_attribute_lDAPDisplayName_list(const struct dsdb_schema *sche
|
||||
return WERR_OK;
|
||||
}
|
||||
|
||||
static char **merge_attr_list(TALLOC_CTX *mem_ctx,
|
||||
char **merge_attr_list(TALLOC_CTX *mem_ctx,
|
||||
char **attrs, const char **new_attrs)
|
||||
{
|
||||
char **ret_attrs;
|
||||
@ -1618,26 +1618,19 @@ static char **merge_attr_list(TALLOC_CTX *mem_ctx,
|
||||
new_len = orig_len + str_list_length(new_attrs);
|
||||
|
||||
ret_attrs[new_len] = NULL;
|
||||
|
||||
}
|
||||
|
||||
return ret_attrs;
|
||||
}
|
||||
|
||||
char **dsdb_full_attribute_list_internal(TALLOC_CTX *mem_ctx,
|
||||
const struct dsdb_schema *schema,
|
||||
const char **class_list,
|
||||
enum dsdb_attr_list_query query)
|
||||
/*
|
||||
Return a merged list of the attributes of exactly one class (not
|
||||
considering subclasses, auxillary classes etc)
|
||||
*/
|
||||
|
||||
char **dsdb_attribute_list(TALLOC_CTX *mem_ctx, const struct dsdb_class *class, enum dsdb_attr_list_query query)
|
||||
{
|
||||
int i;
|
||||
const struct dsdb_class *class;
|
||||
|
||||
char **attr_list = NULL;
|
||||
char **recursive_list;
|
||||
|
||||
for (i=0; class_list && class_list[i]; i++) {
|
||||
class = dsdb_class_by_lDAPDisplayName(schema, class_list[i]);
|
||||
|
||||
switch (query) {
|
||||
case DSDB_SCHEMA_ALL_MAY:
|
||||
attr_list = merge_attr_list(mem_ctx, attr_list, class->mayContain);
|
||||
@ -1672,6 +1665,26 @@ char **dsdb_full_attribute_list_internal(TALLOC_CTX *mem_ctx,
|
||||
attr_list = merge_attr_list(mem_ctx, attr_list, class->systemMustContain);
|
||||
break;
|
||||
}
|
||||
return attr_list;
|
||||
}
|
||||
|
||||
static char **dsdb_full_attribute_list_internal(TALLOC_CTX *mem_ctx,
|
||||
const struct dsdb_schema *schema,
|
||||
const char **class_list,
|
||||
enum dsdb_attr_list_query query)
|
||||
{
|
||||
int i;
|
||||
const struct dsdb_class *class;
|
||||
|
||||
char **attr_list = NULL;
|
||||
char **this_class_list;
|
||||
char **recursive_list;
|
||||
|
||||
for (i=0; class_list && class_list[i]; i++) {
|
||||
class = dsdb_class_by_lDAPDisplayName(schema, class_list[i]);
|
||||
|
||||
this_class_list = dsdb_attribute_list(mem_ctx, class, query);
|
||||
attr_list = merge_attr_list(mem_ctx, attr_list, (const char **)this_class_list);
|
||||
|
||||
recursive_list = dsdb_full_attribute_list_internal(mem_ctx, schema,
|
||||
class->systemAuxiliaryClass,
|
||||
|
||||
@ -520,16 +520,30 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
||||
|
||||
if(ctx->flags & GSS_C_MUTUAL_FLAG) {
|
||||
krb5_data outbuf;
|
||||
int use_subkey = 0;
|
||||
|
||||
_gsskrb5i_is_cfx(ctx, &is_cfx);
|
||||
|
||||
if (is_cfx != 0
|
||||
|| (ap_options & AP_OPTS_USE_SUBKEY)) {
|
||||
kret = krb5_auth_con_addflags(context,
|
||||
use_subkey = 1;
|
||||
} else {
|
||||
krb5_keyblock *rkey;
|
||||
kret = krb5_auth_con_getremotesubkey(context, ctx->auth_context, &rkey);
|
||||
if (kret == 0) {
|
||||
kret = krb5_auth_con_setlocalsubkey(context, ctx->auth_context, rkey);
|
||||
if (kret == 0) {
|
||||
use_subkey = 1;
|
||||
}
|
||||
krb5_free_keyblock(context, rkey);
|
||||
}
|
||||
}
|
||||
if (use_subkey) {
|
||||
ctx->more_flags |= ACCEPTOR_SUBKEY;
|
||||
krb5_auth_con_addflags(context,
|
||||
ctx->auth_context,
|
||||
KRB5_AUTH_CONTEXT_USE_SUBKEY,
|
||||
NULL);
|
||||
ctx->more_flags |= ACCEPTOR_SUBKEY;
|
||||
}
|
||||
|
||||
kret = krb5_mk_rep(context,
|
||||
|
||||
@ -463,8 +463,6 @@ krb5_verify_ap_req2(krb5_context context,
|
||||
|
||||
ac->keytype = ETYPE_NULL;
|
||||
|
||||
#if 0
|
||||
/* it's bad to use a different enctype as the client */
|
||||
if (etypes.val) {
|
||||
int i;
|
||||
|
||||
@ -475,7 +473,6 @@ krb5_verify_ap_req2(krb5_context context,
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* save key */
|
||||
ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock);
|
||||
|
||||
@ -970,6 +970,34 @@ class BaseDnTests(unittest.TestCase):
|
||||
attrs=["netlogon", "highestCommittedUSN"])
|
||||
self.assertEquals(len(res), 0)
|
||||
|
||||
class SchemaTests(unittest.TestCase):
|
||||
def find_schemadn(self, ldb):
|
||||
res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
|
||||
self.assertEquals(len(res), 1)
|
||||
return res[0]["schemaNamingContext"][0]
|
||||
|
||||
def setUp(self):
|
||||
self.ldb = ldb
|
||||
self.schema_dn = self.find_schemadn(ldb)
|
||||
|
||||
def test_generated_schema(self):
|
||||
"""Testing we can read the generated schema via LDAP"""
|
||||
res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
|
||||
attrs=["objectClasses", "attributeTypes", "dITContentRules"])
|
||||
self.assertEquals(len(res), 1)
|
||||
self.assertTrue("dITContentRules" in res[0])
|
||||
self.assertTrue("objectClasses" in res[0])
|
||||
self.assertTrue("attributeTypes" in res[0])
|
||||
|
||||
def test_generated_schema_is_operational(self):
|
||||
"""Testing we don't get the generated schema via LDAP by default"""
|
||||
res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
|
||||
attrs=["*"])
|
||||
self.assertEquals(len(res), 1)
|
||||
self.assertFalse("dITContentRules" in res[0])
|
||||
self.assertFalse("objectClasses" in res[0])
|
||||
self.assertFalse("attributeTypes" in res[0])
|
||||
|
||||
if not "://" in host:
|
||||
host = "ldap://%s" % host
|
||||
|
||||
@ -983,4 +1011,6 @@ if not runner.run(unittest.makeSuite(BaseDnTests)).wasSuccessful():
|
||||
rc = 1
|
||||
if not runner.run(unittest.makeSuite(BasicTests)).wasSuccessful():
|
||||
rc = 1
|
||||
if not runner.run(unittest.makeSuite(SchemaTests)).wasSuccessful():
|
||||
rc = 1
|
||||
sys.exit(rc)
|
||||
|
||||
@ -167,17 +167,30 @@
|
||||
#define NTCREATEX_OPTIONS_NO_RECALL 0x00400000
|
||||
/* Must be ignored by the server, per MS-SMB 2.2.8 */
|
||||
#define NTCREATEX_OPTIONS_FREE_SPACE_QUERY 0x00800000
|
||||
/* create options these bits are for private use by backends, they are
|
||||
not valid on the wire */
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_MASK 0xFF000000
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x01000000
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x02000000
|
||||
|
||||
#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK ( NTCREATEX_OPTIONS_TREE_CONNECTION | NTCREATEX_OPTIONS_COMPLETE_IF_OPLOCKED | NTCREATEX_OPTIONS_OPEN_FOR_RECOVERY | NTCREATEX_OPTIONS_FREE_SPACE_QUERY | NTCREATEX_OPTIONS_OPFILTER )
|
||||
#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK (NTCREATEX_OPTIONS_TREE_CONNECTION | \
|
||||
NTCREATEX_OPTIONS_OPEN_FOR_RECOVERY | \
|
||||
NTCREATEX_OPTIONS_FREE_SPACE_QUERY | \
|
||||
0x000F0000)
|
||||
|
||||
#define NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK (0x000F0000 | NTCREATEX_OPTIONS_OPEN_BY_FILE_ID)
|
||||
#define NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK (NTCREATEX_OPTIONS_OPEN_BY_FILE_ID)
|
||||
|
||||
#define NTCREATEX_OPTIONS_INVALID_PARAM_MASK (NTCREATEX_OPTIONS_OPFILTER | \
|
||||
NTCREATEX_OPTIONS_SYNC_ALERT | \
|
||||
NTCREATEX_OPTIONS_ASYNC_ALERT | \
|
||||
NTCREATEX_OPTIONS_OPFILTER | \
|
||||
0xFF000000)
|
||||
|
||||
/*
|
||||
* We reuse some ignored flags for private use.
|
||||
* This values have different meaning for some ntvfs backends.
|
||||
*
|
||||
* TODO: use values that are ignore for sure...
|
||||
*/
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x00010000
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x00020000
|
||||
#define NTCREATEX_OPTIONS_PRIVATE_MASK (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | \
|
||||
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)
|
||||
|
||||
/* ntcreatex impersonation field */
|
||||
#define NTCREATEX_IMPERSONATION_ANONYMOUS 0
|
||||
|
||||
@ -115,13 +115,19 @@ static void continue_negprot(struct smb2_request *req)
|
||||
transport->signing_required = false;
|
||||
break;
|
||||
case SMB_SIGNING_SUPPORTED:
|
||||
case SMB_SIGNING_AUTO:
|
||||
if (transport->negotiate.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
|
||||
transport->signing_required = true;
|
||||
} else {
|
||||
transport->signing_required = false;
|
||||
}
|
||||
break;
|
||||
case SMB_SIGNING_AUTO:
|
||||
if (transport->negotiate.security_mode & SMB2_NEGOTIATE_SIGNING_ENABLED) {
|
||||
transport->signing_required = true;
|
||||
} else {
|
||||
transport->signing_required = false;
|
||||
}
|
||||
break;
|
||||
case SMB_SIGNING_REQUIRED:
|
||||
if (transport->negotiate.security_mode & SMB2_NEGOTIATE_SIGNING_ENABLED) {
|
||||
transport->signing_required = true;
|
||||
|
||||
@ -94,12 +94,6 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
if (session_key.length == 0) {
|
||||
DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
|
||||
(unsigned)session_key.length));
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
memcpy(sig, buf->hdr+SMB2_HDR_SIGNATURE, 16);
|
||||
|
||||
memset(buf->hdr + SMB2_HDR_SIGNATURE, 0, 16);
|
||||
|
||||
@ -276,7 +276,9 @@ struct smb2_request {
|
||||
#define SMB2_CREATE_TAG_TWRP "TWrp"
|
||||
#define SMB2_CREATE_TAG_QFID "QFid"
|
||||
|
||||
|
||||
/* SMB2 Create ignore some more create_options */
|
||||
#define SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK (NTCREATEX_OPTIONS_TREE_CONNECTION | \
|
||||
NTCREATEX_OPTIONS_OPFILTER)
|
||||
|
||||
/*
|
||||
check that a body has the expected size
|
||||
|
||||
@ -235,6 +235,17 @@ static NTSTATUS smb2_transport_finish_recv(void *private, DATA_BLOB blob)
|
||||
req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE);
|
||||
req->status = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS));
|
||||
|
||||
if ((flags & SMB2_HDR_FLAG_ASYNC) &&
|
||||
NT_STATUS_EQUAL(req->status, STATUS_PENDING)) {
|
||||
req->cancel.can_cancel = true;
|
||||
req->cancel.pending_id = IVAL(hdr, SMB2_HDR_PID);
|
||||
for (i=0; i< req->cancel.do_cancel; i++) {
|
||||
smb2_cancel(req);
|
||||
}
|
||||
talloc_free(buffer);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
if (req->session && req->session->signing_active) {
|
||||
status = smb2_check_signature(&req->in,
|
||||
req->session->session_key);
|
||||
@ -245,19 +256,6 @@ static NTSTATUS smb2_transport_finish_recv(void *private, DATA_BLOB blob)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (NT_STATUS_EQUAL(req->status, STATUS_PENDING)) {
|
||||
if (flags & 0x00000002) {
|
||||
req->cancel.can_cancel = true;
|
||||
req->cancel.pending_id = IVAL(hdr, SMB2_HDR_PID);
|
||||
for (i=0; i< req->cancel.do_cancel; i++) {
|
||||
smb2_cancel(req);
|
||||
}
|
||||
}
|
||||
talloc_free(buffer);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
buffer_code = SVAL(req->in.body, 0);
|
||||
req->in.body_fixed = (buffer_code & ~1);
|
||||
req->in.dynamic = NULL;
|
||||
|
||||
@ -70,7 +70,11 @@ interface krb5pac
|
||||
[case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum;
|
||||
[case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum;
|
||||
[case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name;
|
||||
[case(PAC_TYPE_UNKNOWN_12)] [subcontext(0)] DATA_BLOB_REM unknown;
|
||||
/* when new PAC info types are added they are supposed to be done
|
||||
in such a way that they are backwards compatible with existing
|
||||
servers. This makes it safe to just use a [default] for
|
||||
unknown types, which lets us ignore the data */
|
||||
[default] [subcontext(0)] DATA_BLOB_REM unknown;
|
||||
/* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */
|
||||
} PAC_INFO;
|
||||
|
||||
|
||||
@ -532,16 +532,14 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
|
||||
}
|
||||
|
||||
/* we need to check these bits before we check the private mask */
|
||||
if (io2->generic.in.create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
|
||||
if (io2->generic.in.create_options & SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK) {
|
||||
status = NT_STATUS_NOT_SUPPORTED;
|
||||
break;
|
||||
}
|
||||
|
||||
/* we use a couple of bits of the create options internally */
|
||||
if (io2->generic.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
|
||||
status = NT_STATUS_INVALID_PARAMETER;
|
||||
break;
|
||||
}
|
||||
/* TODO: find out why only SMB2 ignores these */
|
||||
io2->generic.in.create_options &= ~NTCREATEX_OPTIONS_SYNC_ALERT;
|
||||
io2->generic.in.create_options &= ~NTCREATEX_OPTIONS_ASYNC_ALERT;
|
||||
|
||||
status = ntvfs->ops->open(ntvfs, req, io2);
|
||||
break;
|
||||
|
||||
@ -1181,6 +1181,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
|
||||
int fd;
|
||||
struct odb_lock *lck;
|
||||
uint32_t create_options;
|
||||
uint32_t create_options_must_ignore_mask;
|
||||
uint32_t share_access;
|
||||
uint32_t access_mask;
|
||||
uint32_t create_action = NTCREATEX_ACTION_EXISTED;
|
||||
@ -1206,13 +1207,22 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
/* These options are ignored */
|
||||
create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
|
||||
/*
|
||||
* These options are ignored,
|
||||
* but we reuse some of them as private values for the generic mapping
|
||||
*/
|
||||
create_options_must_ignore_mask = NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
|
||||
create_options_must_ignore_mask &= ~NTCREATEX_OPTIONS_PRIVATE_MASK;
|
||||
create_options &= ~create_options_must_ignore_mask;
|
||||
|
||||
if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
|
||||
return NT_STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
/* TODO: When we implement HSM, add a hook here not to pull
|
||||
* the actual file off tape, when this option is passed from
|
||||
* the client */
|
||||
|
||||
@ -44,7 +44,6 @@ is($x->{res},
|
||||
|
||||
status = cli_do_rpc_ndr(cli,
|
||||
mem_ctx,
|
||||
PI_FOO,
|
||||
&ndr_table_foo,
|
||||
NDR_BAR,
|
||||
&r);
|
||||
@ -89,7 +88,6 @@ is($x->{res},
|
||||
|
||||
status = cli_do_rpc_ndr(cli,
|
||||
mem_ctx,
|
||||
PI_FOO,
|
||||
&ndr_table_foo,
|
||||
NDR_BAR,
|
||||
&r);
|
||||
|
||||
@ -10376,552 +10376,3 @@ defaultObjectCategory: CN=Group-Policy-Container,${SCHEMADN}
|
||||
dn: CN=Aggregate,${SCHEMADN}
|
||||
objectClass: top
|
||||
objectClass: subSchema
|
||||
objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT MUST ( objectClass $ objectCategory $ nTSecurityDescriptor $ instanceType ) MAY ( url $ wWWHomePage $ whenCreated $ whenChanged $ wellKnownObjects $ wbemPath $ uSNSource $ uSNLastObjRem $ USNIntersite $ uSNDSALastObjRemoved $ uSNCreated $ uSNChanged $ systemFlags $ subSchemaSubEntry $ subRefs $ structuralObjectClass $ siteObjectBL $ serverReferenceBL $ sDRightsEffective $ revision $ repsTo $ repsFrom $ directReports $ replUpToDateVector $ replPropertyMetaData $ name $ queryPolicyBL $ proxyAddresses $ proxiedObjectName $ possibleInferiors $ partialAttributeSet $ partialAttributeDeletionList $ otherWellKnownObjects $ objectVersion $ objectGUID $ distinguishedName $ nonSecurityMemberBL $ netbootSCPBL $ ownerBL $ msDS-ReplValueMetaData $ msDS-ReplAttributeMetaData $ msDS-NonMembersBL $ msDS-NCReplOutboundNeighbors $ msDS-NCReplInboundNeighbors $ msDS-NCReplCursors $ msDS-TasksForAzRoleBL $ msDS-TasksForAzTaskBL $ msDS-OperationsForAzRoleBL $ msDS-OperationsForAzTaskBL $ msDS-MembersForAzRoleBL $ msDs-masteredBy $ mS-DS-ConsistencyGuid $ mS-DS-ConsistencyChildCount $ msDS-Approx-Immed-Subordinates $ msCOM-PartitionSetLink $ msCOM-UserLink $ modifyTimeStamp $ masteredBy $ managedObjects $ lastKnownParent $ isPrivilegeHolder $ memberOf $ isDeleted $ isCriticalSystemObject $ showInAdvancedViewOnly $ fSMORoleOwner $ fRSMemberReferenceBL $ frsComputerReferenceBL $ fromEntry $ flags $ extensionName $ dSASignature $ dSCorePropagationData $ displayNamePrintable $ displayName $ description $ createTimeStamp $ cn $ canonicalName $ bridgeheadServerListBL $ allowedChildClassesEffective $ allowedChildClasses $ allowedAttributesEffective $ allowedAttributes $ adminDisplayName $ adminDescription $ msDS-ObjectReferenceBL ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.120 NAME 'ipsecISAKMPPolicy' SUP ipsecBase STRUCTURAL )
|
||||
objectClasses: ( 1.2.840.113556.1.5.67 NAME 'domainDNS' SUP domain STRUCTURAL MAY ( msDS-Behavior-Version $ msDS-AllowedDNSSuffixes $ managedBy ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.235 NAME 'msDS-AzApplication' SUP top STRUCTURAL MAY ( msDS-AzApplicationData $ msDS-AzGenerateAudits $ msDS-AzApplicationVersion $ msDS-AzClassId $ msDS-AzApplicationName $ description ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.4 NAME 'builtinDomain' SUP top STRUCTURAL )
|
||||
objectClasses: ( 1.2.840.113556.1.5.175 NAME 'infrastructureUpdate' SUP top STRUCTURAL MAY ( dNReferenceUpdate ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.12 NAME 'configuration' SUP top STRUCTURAL MUST ( cn ) MAY ( gPOptions $ gPLink ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.11 NAME 'crossRef' SUP top STRUCTURAL MUST ( nCName $ dnsRoot $ cn ) MAY ( trustParent $ superiorDNSRoot $ rootTrust $ nTMixedDomain $ nETBIOSName $ Enabled $ msDS-SDReferenceDomain $ msDS-Replication-Notify-Subsequent-DSA-Delay $ msDS-Replication-Notify-First-DSA-Delay $ msDS-NC-Replica-Locations $ msDS-DnsRootAlias $ msDS-Behavior-Version ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.83 NAME 'rIDManager' SUP top STRUCTURAL MUST ( rIDAvailablePool ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.84 NAME 'displaySpecifier' SUP top STRUCTURAL MAY ( treatAsLeaf $ shellPropertyPages $ shellContextMenu $ scopeFlags $ queryFilter $ iconPath $ extraColumns $ creationWizard $ createWizardExt $ createDialog $ contextMenu $ classDisplayName $ attributeDisplayNames $ adminPropertyPages $ adminMultiselectPropertyPages $ adminContextMenu ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.7000.56 NAME 'ipsecBase' SUP top ABSTRACT MAY ( ipsecOwnersReference $ ipsecName $ ipsecID $ ipsecDataType $ ipsecData ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.237 NAME 'msDS-AzScope' SUP top STRUCTURAL MUST ( msDS-AzScopeName ) MAY ( msDS-AzApplicationData $ description ) )
|
||||
objectClasses: ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL MUST ( l ) MAY ( street $ st $ seeAlso $ searchGuide ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.7000.53 NAME 'crossRefContainer' SUP top STRUCTURAL MAY ( msDS-SPNSuffixes $ uPNSuffixes $ msDS-UpdateScript $ msDS-ExecuteScriptPassword $ msDS-Behavior-Version ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.106 NAME 'queryPolicy' SUP top STRUCTURAL MAY ( lDAPIPDenyList $ lDAPAdminLimits ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.95 NAME 'subnetContainer' SUP top STRUCTURAL )
|
||||
objectClasses: ( 1.2.840.113556.1.5.7000.47 NAME 'nTDSDSA' SUP applicationSettings STRUCTURAL MAY ( serverReference $ msDS-RetiredReplNCSignatures $ retiredReplDSASignatures $ queryPolicyObject $ options $ networkAddress $ msDS-ReplicationEpoch $ msDS-HasInstantiatedNCs $ msDS-hasMasterNCs $ msDS-HasDomainNCs $ msDS-Behavior-Version $ managedBy $ lastBackupRestorationTime $ invocationId $ hasPartialReplicaNCs $ hasMasterNCs $ fRSRootPath $ dMDLocation ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.3 NAME 'samDomain' SUP top AUXILIARY MAY ( treeName $ rIDManagerReference $ replicaSource $ pwdProperties $ pwdHistoryLength $ privateKey $ pekList $ pekKeyChangeInterval $ nTMixedDomain $ nextRid $ nETBIOSName $ msDS-PerUserTrustTombstonesQuota $ msDS-PerUserTrustQuota $ ms-DS-MachineAccountQuota $ msDS-LogonTimeSyncInterval $ msDS-AllUsersTrustQuota $ modifiedCountAtLastProm $ minPwdLength $ minPwdAge $ maxPwdAge $ lSAModifiedCount $ lSACreationTime $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ gPOptions $ gPLink $ eFSPolicy $ domainPolicyObject $ desktopProfile $ description $ defaultLocalPolicyObject $ creationTime $ controlAccessRights $ cACertificate $ builtinModifiedCount $ builtinCreationTime $ auditingPolicy ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.2 NAME 'samDomainBase' SUP top AUXILIARY MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) )
|
||||
objectClasses: ( 2.5.6.2 NAME 'country' SUP top MUST ( c ) MAY ( co $ searchGuide ) )
|
||||
objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL MUST ( ou ) MAY ( x121Address $ userPassword $ uPNSuffixes $ co $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ street $ st $ seeAlso $ searchGuide $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ physicalDeliveryOfficeName $ msCOM-UserPartitionSetLink $ managedBy $ thumbnailLogo $ l $ internationalISDNNumber $ gPOptions $ gPLink $ facsimileTelephoneNumber $ destinationIndicator $ desktopProfile $ defaultGroup $ countryCode $ c $ businessCategory ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.121 NAME 'ipsecNFA' SUP ipsecBase STRUCTURAL MAY ( ipsecNegotiationPolicyReference $ ipsecFilterReference ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.139 NAME 'lostAndFound' SUP top STRUCTURAL MAY ( moveTreeState ) )
|
||||
objectClasses: ( 2.5.6.7 NAME 'organizationalPerson' SUP person MAY ( x121Address $ comment $ title $ co $ primaryTelexNumber $ telexNumber $ teletexTerminalIdentifier $ street $ st $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ thumbnailPhoto $ physicalDeliveryOfficeName $ pager $ otherPager $ otherTelephone $ mobile $ otherMobile $ primaryInternationalISDNNumber $ ipPhone $ otherIpPhone $ otherHomePhone $ homePhone $ otherFacsimileTelephoneNumber $ personalTitle $ middleName $ otherMailbox $ ou $ o $ mhsORAddress $ msDS-AllowedToDelegateTo $ manager $ thumbnailLogo $ l $ internationalISDNNumber $ initials $ givenName $ generationQualifier $ facsimileTelephoneNumber $ employeeID $ mail $ division $ destinationIndicator $ department $ c $ countryCode $ company $ assistant $ streetAddress $ houseIdentifier $ msExchHouseIdentifier $ homePostalAddress ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.14 NAME 'attributeSchema' SUP top STRUCTURAL MUST ( schemaIDGUID $ oMSyntax $ lDAPDisplayName $ isSingleValued $ cn $ attributeSyntax $ attributeID ) MAY ( systemOnly $ searchFlags $ schemaFlagsEx $ rangeUpper $ rangeLower $ oMObjectClass $ msDs-Schema-Extensions $ msDS-IntId $ mAPIID $ linkID $ isMemberOfPartialAttributeSet $ isEphemeral $ isDefunct $ extendedCharsAllowed $ classDisplayName $ attributeSecurityGUID ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.72 NAME 'nTDSService' SUP top STRUCTURAL MAY ( tombstoneLifetime $ sPNMappings $ replTopologyStayOfExecution $ msDS-Other-Settings $ garbageCollPeriod $ dSHeuristics ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.7000.48 NAME 'serversContainer' SUP top STRUCTURAL )
|
||||
objectClasses: ( 1.2.840.113556.1.3.30 NAME 'computer' SUP user STRUCTURAL MAY ( volumeCount $ siteGUID $ rIDSetReferences $ policyReplicationFlags $ physicalLocationObject $ operatingSystemVersion $ operatingSystemServicePack $ operatingSystemHotfix $ operatingSystem $ networkAddress $ netbootSIFFile $ netbootMirrorDataFile $ netbootMachineFilePath $ netbootInitialization $ netbootGUID $ msDS-AdditionalSamAccountName $ msDS-AdditionalDnsHostName $ managedBy $ machineRole $ location $ localPolicyFlags $ dNSHostName $ defaultLocalPolicyObject $ cn $ catalogs ) )
|
||||
objectClasses: ( 2.5.6.6 NAME 'person' SUP top MUST ( cn ) MAY ( userPassword $ telephoneNumber $ sn $ serialNumber $ seeAlso $ attributeCertificateAttribute ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.98 NAME 'ipsecPolicy' SUP ipsecBase STRUCTURAL MAY ( ipsecNFAReference $ ipsecISAKMPReference ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.23 NAME 'container' SUP top STRUCTURAL MUST ( cn ) MAY ( schemaVersion $ defaultClassStore $ msDS-ObjectReference ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.31 NAME 'site' SUP top STRUCTURAL MAY ( notificationList $ mSMQSiteID $ mSMQSiteForeign $ mSMQNt4Stub $ mSMQInterval2 $ mSMQInterval1 $ managedBy $ location $ gPOptions $ gPLink ) )
|
||||
objectClasses: ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL MUST ( o ) MAY ( x121Address $ userPassword $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ street $ st $ seeAlso $ searchGuide $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ physicalDeliveryOfficeName $ l $ internationalISDNNumber $ facsimileTelephoneNumber $ destinationIndicator $ businessCategory ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.234 NAME 'msDS-AzAdminManager' SUP top STRUCTURAL MAY ( msDS-AzMinorVersion $ msDS-AzMajorVersion $ msDS-AzApplicationData $ msDS-AzGenerateAudits $ msDS-AzScriptTimeout $ msDS-AzScriptEngineCacheMax $ msDS-AzDomainTimeout $ description ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.6 NAME 'securityPrincipal' SUP top AUXILIARY MUST ( sAMAccountName $ objectSid ) MAY ( supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.7000.49 NAME 'applicationSettings' SUP top ABSTRACT MAY ( notificationList $ msDS-Settings $ applicationName ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.13 NAME 'classSchema' SUP top STRUCTURAL MUST ( subClassOf $ schemaIDGUID $ objectClassCategory $ governsID $ defaultObjectCategory $ cn ) MAY ( systemPossSuperiors $ systemOnly $ systemMustContain $ systemMayContain $ systemAuxiliaryClass $ schemaFlagsEx $ rDNAttID $ possSuperiors $ mustContain $ msDs-Schema-Extensions $ msDS-IntId $ mayContain $ lDAPDisplayName $ isDefunct $ defaultSecurityDescriptor $ defaultHidingValue $ classDisplayName $ auxiliaryClass ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.9 NAME 'user' SUP organizationalPerson STRUCTURAL MAY ( pager $ o $ mobile $ manager $ mail $ initials $ homePhone $ businessCategory $ userCertificate $ userWorkstations $ userSharedFolderOther $ userSharedFolder $ userPrincipalName $ userParameters $ userAccountControl $ unicodePwd $ terminalServer $ servicePrincipalName $ scriptPath $ pwdLastSet $ profilePath $ primaryGroupID $ preferredOU $ otherLoginWorkstations $ operatorCount $ ntPwdHistory $ networkAddress $ msRASSavedFramedRoute $ msRASSavedFramedIPAddress $ msRASSavedCallbackNumber $ msRADIUSServiceType $ msRADIUSFramedRoute $ msRADIUSFramedIPAddress $ msRADIUSCallbackNumber $ msNPSavedCallingStationID $ msNPCallingStationID $ msNPAllowDialin $ mSMQSignCertificatesMig $ mSMQSignCertificates $ mSMQDigestsMig $ mSMQDigests $ msIIS-FTPRoot $ msIIS-FTPDir $ msDS-User-Account-Control-Computed $ msDS-Site-Affinity $ mS-DS-CreatorSID $ msDS-Cached-Membership-Time-Stamp $ msDS-Cached-Membership $ msDRM-IdentityCertificate $ msCOM-UserPartitionSetLink $ maxStorage $ logonWorkstation $ logonHours $ logonCount $ lockoutTime $ localeID $ lmPwdHistory $ lastLogonTimestamp $ lastLogon $ lastLogoff $ homeDrive $ homeDirectory $ groupsToIgnore $ groupPriority $ groupMembershipSAM $ dynamicLDAPServer $ desktopProfile $ defaultClassStore $ dBCSPwd $ controlAccessRights $ codePage $ badPwdCount $ badPasswordTime $ adminCount $ aCSPolicyName $ accountExpires $ x500uniqueIdentifier $ userSMIMECertificate $ userPKCS12 $ uid $ secretary $ roomNumber $ preferredLanguage $ photo $ labeledURI $ jpegPhoto $ homePostalAddress $ givenName $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ audio ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.9 NAME 'dMD' SUP top STRUCTURAL MUST ( cn ) MAY ( schemaUpdate $ schemaInfo $ prefixMap $ msDs-Schema-Extensions $ msDS-IntId $ dmdName ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.20 NAME 'leaf' SUP top ABSTRACT )
|
||||
objectClasses: ( 1.2.840.113556.1.5.28 NAME 'secret' SUP leaf STRUCTURAL MAY ( priorValue $ priorSetTime $ lastSetTime $ currentValue ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.107 NAME 'sitesContainer' SUP top STRUCTURAL )
|
||||
objectClasses: ( 1.2.840.113556.1.5.17 NAME 'server' SUP top STRUCTURAL MAY ( mailAddress $ serverReference $ serialNumber $ managedBy $ dNSHostName $ bridgeheadTransportList ) )
|
||||
objectClasses: ( 2.5.20.1 NAME 'subSchema' SUP top STRUCTURAL MAY ( objectClasses $ modifyTimeStamp $ extendedClassInfo $ extendedAttributeInfo $ dITContentRules $ attributeTypes ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.34 NAME 'trustedDomain' SUP leaf STRUCTURAL MAY ( trustType $ trustPosixOffset $ trustPartner $ trustDirection $ trustAuthOutgoing $ trustAuthIncoming $ trustAttributes $ securityIdentifier $ msDS-TrustForestTrustInfo $ mS-DS-CreatorSID $ initialAuthOutgoing $ initialAuthIncoming $ flatName $ domainIdentifier $ domainCrossRef $ additionalTrustedServiceNames ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.66 NAME 'domain' SUP top ABSTRACT MUST ( dc ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.76 NAME 'foreignSecurityPrincipal' SUP top STRUCTURAL MUST ( objectSid ) MAY ( foreignIdentifier ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.96 NAME 'subnet' SUP top STRUCTURAL MAY ( siteObject $ physicalLocationObject $ location ) )
|
||||
objectClasses: ( 1.2.840.113556.1.3.46 NAME 'mailRecipient' SUP top AUXILIARY MUST ( cn ) MAY ( userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.8 NAME 'group' SUP top STRUCTURAL MUST ( groupType ) MAY ( primaryGroupToken $ operatorCount $ nTGroupMembers $ nonSecurityMember $ msDS-NonMembers $ msDS-AzLDAPQuery $ member $ managedBy $ groupMembershipSAM $ groupAttributes $ mail $ desktopProfile $ controlAccessRights $ adminCount ) )
|
||||
objectClasses: ( 1.2.840.113556.1.5.157 NAME 'groupPolicyContainer' SUP container STRUCTURAL MAY ( versionNumber $ gPCWQLFilter $ gPCUserExtensionNames $ gPCMachineExtensionNames $ gPCFunctionalityVersion $ gPCFileSysPath $ flags ) )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1304 NAME 'sDRightsEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.104 NAME 'ownerBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.14 NAME 'searchGuide' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1720 NAME 'msDS-ReplicationEpoch' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.202 NAME 'auditingPolicy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.646 NAME 'otherFacsimileTelephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.256 NAME 'streetAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.121 NAME 'securityIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1782 NAME 'msDS-KeyVersionNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1307 NAME 'accountNameHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.752 NAME 'userSharedFolderOther' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.751 NAME 'userSharedFolder' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.966 NAME 'mSMQDigestsMig' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.755 NAME 'domainIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.655 NAME 'legacyExchangeDN' SYNTAX '1.2.840.113556.1.4.905' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.618 NAME 'wellKnownObjects' SYNTAX '1.2.840.113556.1.4.903' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1 NAME 'name' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.531 NAME 'nonSecurityMemberBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1707 NAME 'msDS-ReplAttributeMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1242 NAME 'dNReferenceUpdate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.892 NAME 'gPOptions' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1790 NAME 'msDS-PerUserTrustTombstonesQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.42 NAME 'pager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.362 NAME 'siteGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1796 NAME 'msDS-AzScriptEngineCacheMax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1303 NAME 'tokenGroupsNoGCAcceptable' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1418 NAME 'tokenGroupsGlobalAndUniversal' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.867 NAME 'altSecurityIdentities' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.96 NAME 'pwdLastSet' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.21.6 NAME 'objectClasses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.470 NAME 'trustAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1702 NAME 'msDS-TrustForestTrustInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.512 NAME 'siteObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.638 NAME 'isPrivilegeHolder' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.28 NAME 'dnsRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.168 NAME 'modifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.25 NAME 'internationalISDNNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.36' )
|
||||
attributeTypes: ( 2.5.4.15 NAME 'businessCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'middleName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.30 NAME 'attributeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.677 NAME 'replTopologyStayOfExecution' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.359 NAME 'netbootGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.26 NAME 'rDNAttID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.25 NAME 'mayContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.135 NAME 'trustAuthOutgoing' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1694 NAME 'gPCWQLFilter' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.516 NAME 'serverReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.18.1 NAME 'createTimeStamp' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.748 NAME 'attributeDisplayNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.614 NAME 'adminContextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.67 NAME 'lSAModifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.66 NAME 'lSACreationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.154 NAME 'serverState' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.460 NAME 'lDAPDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.125 NAME 'supplementalCredentials' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1130 NAME 'msNPSavedCallingStationID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.38 NAME 'flags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.812 NAME 'createWizardExt' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.36 NAME 'dMDLocation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.596 NAME 'msExchHouseIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.647 NAME 'otherMobile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.44 NAME 'generationQualifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.32 NAME 'attributeSyntax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.149 NAME 'attributeSecurityGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.212 NAME 'dSHeuristics' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.5 NAME 'serialNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1697 NAME 'msDS-Settings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.144 NAME 'operatorCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1153 NAME 'msRADIUSFramedIPAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.45 NAME 'homeDrive' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.21.5 NAME 'attributeTypes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.540 NAME 'initialAuthOutgoing' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.141 NAME 'versionNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.0 NAME 'objectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.915 NAME 'possibleInferiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1669 NAME 'msDS-Approx-Immed-Subordinates' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1664 NAME 'msDS-Replication-Notify-Subsequent-DSA-Delay' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.810 NAME 'createDialog' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.607 NAME 'queryPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.487 NAME 'fRSRootPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.11 NAME 'ou' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.21 NAME 'telexNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.617 NAME 'homePostalAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.652 NAME 'assistant' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.361 NAME 'netbootMachineFilePath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.45 NAME 'x500uniqueIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.55 NAME 'dBCSPwd' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.538 NAME 'prefixMap' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1807 NAME 'msDS-MembersForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.781 NAME 'lastKnownParent' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.369 NAME 'fSMORoleOwner' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.673 NAME 'retiredReplDSASignatures' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.459 NAME 'networkAddress' SYNTAX '1.2.840.113556.1.4.905' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.471 NAME 'schemaVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.8 NAME 'possSuperiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.224 NAME 'defaultSecurityDescriptor' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.140 NAME 'userSMIMECertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.8 NAME 'userAccountControl' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.885 NAME 'terminalServer' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.159 NAME 'accountExpires' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.750 NAME 'groupType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.89 NAME 'nTGroupMembers' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.749 NAME 'url' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.145 NAME 'revision' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.76 NAME 'objectVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1705 NAME 'msDS-NCReplInboundNeighbors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1425 NAME 'msCOM-UserLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1409 NAME 'masteredBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.916 NAME 'canonicalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1661 NAME 'msDS-NC-Replica-Locations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1721 NAME 'msDS-UpdateScript' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.88 NAME 'nextRid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.24 NAME 'x121Address' SYNTAX '1.3.6.1.4.1.1466.115.121.1.36' )
|
||||
attributeTypes: ( 2.5.4.35 NAME 'userPassword' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.141 NAME 'department' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.639 NAME 'isMemberOfPartialAttributeSet' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.633 NAME 'policyReplicationFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.626 NAME 'ipsecISAKMPReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.218 NAME 'applicationName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.196 NAME 'systemMayContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1191 NAME 'msRASSavedFramedRoute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1189 NAME 'msRASSavedCallbackNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.136 NAME 'trustType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.158 NAME 'domainReplica' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.615 NAME 'personalTitle' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.651 NAME 'otherMailbox' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.3 NAME 'mail' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.231 NAME 'oMSyntax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.661 NAME 'isDefunct' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1621 NAME 'msDS-Other-Settings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.71 NAME 'machineRole' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1795 NAME 'msDS-AzDomainTimeout' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.198 NAME 'systemAuxiliaryClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.98 NAME 'primaryGroupID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.160 NAME 'lmPwdHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.166 NAME 'groupMembershipSAM' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.133 NAME 'trustPartner' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.1 NAME 'instanceType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.806 NAME 'treatAsLeaf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.562 NAME 'adminPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1799 NAME 'msDS-AzScopeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.34 NAME 'seeAlso' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.844 NAME 'lDAPIPDenyList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1826 NAME 'msDS-RetiredReplNCSignatures' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.14 NAME 'hasMasterNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.81 NAME 'modifiedCountAtLastProm' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.78 NAME 'minPwdAge' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.39 NAME 'forceLogoff' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1305 NAME 'moveTreeState' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1787 NAME 'msDS-AllowedToDelegateTo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.170 NAME 'systemOnly' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1716 NAME 'msDS-IntId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.619 NAME 'dNSHostName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1825 NAME 'msDS-AzMinorVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.49 NAME 'badPasswordTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1412 NAME 'primaryGroupToken' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.469 NAME 'USNIntersite' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.876 NAME 'fRSMemberReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1711 NAME 'msDS-SDReferenceDomain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.621 NAME 'ipsecID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.843 NAME 'lDAPAdminLimits' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.519 NAME 'lastBackupRestorationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.660 NAME 'treeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.151 NAME 'oEMInformation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.42 NAME 'givenName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1347 NAME 'sPNMappings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.364 NAME 'operatingSystemVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.303 NAME 'notificationList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1301 NAME 'tokenGroups' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.97 NAME 'preferredOU' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1410 NAME 'mS-DS-CreatorSID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1793 NAME 'msDS-NonMembers' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1815 NAME 'msDS-TasksForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.227 NAME 'extensionName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1663 NAME 'msDS-Replication-Notify-First-DSA-Delay' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.74 NAME 'maxPwdAge' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.722 NAME 'otherIpPhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.627 NAME 'ipsecNFAReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.138 NAME 'userParameters' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.134 NAME 'trustPosixOffset' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.820 NAME 'bridgeheadServerListBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1819 NAME 'msDS-AzApplicationData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.866 NAME 'pekKeyChangeInterval' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.6 NAME 'c' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.25 NAME 'countryCode' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.41 NAME 'mobile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.148 NAME 'schemaIDGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.669 NAME 'rIDSetReferences' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.351 NAME 'auxiliaryClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.1 NAME 'uid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.889 NAME 'additionalTrustedServiceNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.464 NAME 'wWWHomePage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.896 NAME 'uSNSource' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1360 NAME 'mS-DS-ConsistencyGuid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.870 NAME 'frsComputerReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.913 NAME 'allowedAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1798 NAME 'msDS-AzApplicationName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.890 NAME 'uPNSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1788 NAME 'msDS-PerUserTrustQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1411 NAME 'ms-DS-MachineAccountQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.157 NAME 'serverRole' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.20 NAME 'homePhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.34 NAME 'rangeLower' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.415 NAME 'operatingSystemHotfix' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1717 NAME 'msDS-AdditionalDnsHostName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1797 NAME 'msDS-AzScriptTimeout' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.24 NAME 'mustContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' )
|
||||
attributeTypes: ( 2.5.4.36 NAME 'userCertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1124 NAME 'msNPCallingStationID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1460 NAME 'msDS-User-Account-Control-Computed' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.44 NAME 'homeDirectory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1792 NAME 'msDS-AzLDAPQuery' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.663 NAME 'partialAttributeDeletionList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.868 NAME 'isCriticalSystemObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.891 NAME 'gPLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1354 NAME 'scopeFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.60 NAME 'lockoutDuration' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1426 NAME 'msCOM-UserPartitionSetLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.36 NAME 'thumbnailLogo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.16.840.1.113730.3.1.35 NAME 'thumbnailPhoto' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.222 NAME 'location' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.86 NAME 'userWorkstations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.65 NAME 'logonWorkstation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1696 NAME 'lastLogonTimestamp' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.100 NAME 'priorValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.53 NAME 'lastSetTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.2 NAME 'objectGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1811 NAME 'msDS-TasksForAzTaskBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.653 NAME 'managedBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.93 NAME 'pwdProperties' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.13 NAME 'builtinCreationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.146 NAME 'company' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.675 NAME 'catalogs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.783 NAME 'defaultObjectCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1158 NAME 'msRADIUSFramedRoute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.99 NAME 'priorSetTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.645 NAME 'userCert' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.530 NAME 'nonSecurityMember' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 2.5.4.31 NAME 'member' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.152 NAME 'groupAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.375 NAME 'systemFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1249 NAME 'proxiedObjectName' SYNTAX '1.2.840.113556.1.4.903' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1708 NAME 'msDS-ReplValueMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.912 NAME 'allowedChildClassesEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1805 NAME 'msDS-AzGenerateAudits' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1817 NAME 'msDS-AzApplicationVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.219 NAME 'iconPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.9 NAME 'street' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1783 NAME 'msDS-ExecuteScriptPassword' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1784 NAME 'msDS-LogonTimeSyncInterval' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.301 NAME 'garbageCollPeriod' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.967 NAME 'mSMQSignCertificatesMig' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1442 NAME 'msDS-Cached-Membership-Time-Stamp' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.169 NAME 'logonCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.58 NAME 'localeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.12 NAME 'badPwdCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.129 NAME 'trustAuthIncoming' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.18.10 NAME 'subSchemaSubEntry' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.48 NAME 'isDeleted' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1687 NAME 'extraColumns' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1690 NAME 'adminMultiselectPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.307 NAME 'options' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.61 NAME 'lockOutObservationWindow' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.57 NAME 'defaultLocalPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.26 NAME 'creationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.26 NAME 'registeredAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 2.5.4.16 NAME 'postalAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.43 NAME 'initials' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.33 NAME 'isSingleValued' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1240 NAME 'netbootSIFFile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1718 NAME 'msDS-AdditionalSamAccountName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.195 NAME 'systemPossSuperiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.610 NAME 'employeeNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.662 NAME 'lockoutTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.537 NAME 'dynamicLDAPServer' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.909 NAME 'extendedAttributeInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.444 NAME 'msExchAssistantName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1349 NAME 'gPCUserExtensionNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1794 NAME 'msDS-NonMembersBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.194 NAME 'adminDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.499 NAME 'contextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.50 NAME 'linkID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.58 NAME 'attributeCertificateAttribute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 2.5.4.4 NAME 'sn' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.22 NAME 'governsID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.947 NAME 'mSMQSignCertificates' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.539 NAME 'initialAuthIncoming' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.472 NAME 'domainCrossRef' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.893 NAME 'gPCFunctionalityVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.267 NAME 'uSNDSALastObjRemoved' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1813 NAME 'msDS-OperationsForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1361 NAME 'mS-DS-ConsistencyChildCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.74 NAME 'dSASignature' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.911 NAME 'allowedChildClasses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.914 NAME 'allowedAttributesEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.357 NAME 'nTMixedDomain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1709 NAME 'msDS-HasInstantiatedNCs' SYNTAX '1.2.840.113556.1.4.903' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.79 NAME 'minPwdLength' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.32 NAME 'domainPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.507 NAME 'volumeCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1171 NAME 'msRADIUSServiceType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.52 NAME 'lastLogon' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.344 NAME 'groupsToIgnore' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1358 NAME 'schemaInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME 'dc' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.782 NAME 'objectCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.18.2 NAME 'modifyTimeStamp' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.13 NAME 'displayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.226 NAME 'adminDescription' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1719 NAME 'msDS-DnsRootAlias' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.498 NAME 'creationWizard' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.15 NAME 'hasPartialReplicaNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.200 NAME 'controlAccessRights' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.155 NAME 'uASCompat' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.146 NAME 'objectSid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.12 NAME 'title' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.118 NAME 'otherPager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.261 NAME 'division' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.35 NAME 'rangeUpper' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.218 NAME 'oMObjectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.49 NAME 'mAPIID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.302 NAME 'sAMAccountType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.370 NAME 'objectClassCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.518 NAME 'defaultHidingValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1119 NAME 'msNPAllowDialin' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.16 NAME 'codePage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.150 NAME 'adminCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.481 NAME 'schemaUpdate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.132 NAME 'trustDirection' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.557 NAME 'Enabled' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.7 NAME 'l' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.268 NAME 'eFSPolicy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.14 NAME 'builtinModifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.18 NAME 'otherTelephone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.649 NAME 'primaryInternationalISDNNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.35 NAME 'employeeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.54 NAME 'tombstoneLifetime' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.365 NAME 'operatingSystemServicePack' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.358 NAME 'netbootInitialization' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.656 NAME 'userPrincipalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.771 NAME 'servicePrincipalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.91 NAME 'otherLoginWorkstations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1786 NAME 'msIIS-FTPDir' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1443 NAME 'msDS-Site-Affinity' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.76 NAME 'maxStorage' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.281 NAME 'nTSecurityDescriptor' SYNTAX '1.2.840.113556.1.4.907' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.513 NAME 'siteObjectBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.608 NAME 'queryPolicyBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.640 NAME 'partialAttributeSet' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.49 NAME 'distinguishedName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.13 NAME 'description' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1816 NAME 'msDS-AzClassId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.370 NAME 'rIDAvailablePool' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.563 NAME 'shellPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1715 NAME 'msDS-SPNSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.101 NAME 'privateKey' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.23 NAME 'facsimileTelephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.334 NAME 'searchFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.120 NAME 'schemaFlagsEx' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1212 NAME 'isEphemeral' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.960 NAME 'mSMQNt4Stub' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1785 NAME 'msIIS-FTPRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.345 NAME 'groupPriority' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.819 NAME 'bridgeheadTransportList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.908 NAME 'extendedClassInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.511 NAME 'flatName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.301 NAME 'wbemPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1706 NAME 'msDS-NCReplOutboundNeighbors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1809 NAME 'msDS-OperationsForAzTaskBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.169 NAME 'showInAdvancedViewOnly' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1459 NAME 'msDS-Behavior-Version' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1836 NAME 'msDS-hasMasterNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.95 NAME 'pwdHistoryLength' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.865 NAME 'pekList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.17 NAME 'postalCode' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1241 NAME 'netbootMirrorDataFile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.213 NAME 'defaultClassStore' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.953 NAME 'mSMQSiteID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.644 NAME 'showInAddressBook' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.2 NAME 'whenCreated' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1357 NAME 'dSCorePropagationData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.353 NAME 'displayNamePrintable' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.624 NAME 'ipsecOwnersReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 2.5.4.8 NAME 'st' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.515 NAME 'serverReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1820 NAME 'msDS-HasDomainNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.115 NAME 'invocationId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.109 NAME 'replicaSource' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.721 NAME 'ipPhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.277 NAME 'otherHomePhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 2.5.4.10 NAME 'o' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.380 NAME 'extendedCharsAllowed' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.363 NAME 'operatingSystem' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1840 NAME 'msDS-ObjectReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1308 NAME 'mSMQInterval1' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.153 NAME 'rid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.139 NAME 'profilePath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1145 NAME 'msRADIUSCallbackNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.772 NAME 'aCSPolicyName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.81 NAME 'info' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1841 NAME 'msDS-ObjectReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.3 NAME 'whenChanged' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.121 NAME 'uSNLastObjRem' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.83 NAME 'repsTo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.4 NAME 'replUpToDateVector' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.864 NAME 'netbootSCPBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1837 NAME 'msDs-masteredBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1424 NAME 'msCOM-PartitionSetLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 2.5.4.3 NAME 'cn' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1789 NAME 'msDS-AllUsersTrustQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.480 NAME 'defaultGroup' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.629 NAME 'ipsecFilterReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.156 NAME 'comment' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1440 NAME 'msDs-Schema-Extensions' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.56 NAME 'localPolicyFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1309 NAME 'mSMQInterval2' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.609 NAME 'sIDHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.90 NAME 'unicodePwd' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1190 NAME 'msRASSavedFramedIPAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1843 NAME 'msDRM-IdentityCertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.51 NAME 'lastLogoff' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.598 NAME 'dmdName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.593 NAME 'msExchLabeledURI' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.436 NAME 'directReports' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.3 NAME 'replPropertyMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.910 NAME 'fromEntry' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.471 NAME 'trustParent' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.622 NAME 'ipsecDataType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.623 NAME 'ipsecData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.368 NAME 'rIDManagerReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.73 NAME 'lockoutThreshold' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.346 NAME 'desktopProfile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.131 NAME 'co' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.648 NAME 'primaryTelexNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.514 NAME 'physicalLocationObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1824 NAME 'msDS-AzMajorVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.21 NAME 'subClassOf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.197 NAME 'systemMustContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.613 NAME 'employeeType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.27 NAME 'currentValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.21.2 NAME 'dITContentRules' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1348 NAME 'gPCMachineExtensionNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.19 NAME 'uSNCreated' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.7 NAME 'subRefs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.210 NAME 'proxyAddresses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.532 NAME 'superiorDNSRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.674 NAME 'rootTrust' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.615 NAME 'shellContextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.610 NAME 'classDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.620 NAME 'ipsecName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.37 NAME 'cACertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.628 NAME 'ipsecNegotiationPolicyReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.650 NAME 'mhsORAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.94 NAME 'ntPwdHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.786 NAME 'mailAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.356 NAME 'foreignIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.120 NAME 'uSNChanged' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.91 NAME 'repsFrom' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1359 NAME 'otherWellKnownObjects' SYNTAX '1.2.840.113556.1.4.903' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1704 NAME 'msDS-NCReplCursors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.654 NAME 'managedObjects' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1710 NAME 'msDS-AllowedDNSSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
|
||||
attributeTypes: ( 1.2.840.113556.1.2.16 NAME 'nCName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.87 NAME 'nETBIOSName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1355 NAME 'queryFilter' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.961 NAME 'mSMQSiteForeign' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' )
|
||||
attributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.62 NAME 'scriptPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.948 NAME 'mSMQDigests' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.1441 NAME 'msDS-Cached-Membership' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.64 NAME 'logonHours' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE )
|
||||
attributeTypes: ( 1.2.840.113556.1.4.894 NAME 'gPCFileSysPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
|
||||
dITContentRules: ( 1.2.840.113556.1.5.67 NAME 'domainDNS' AUX ( samDomain ) MAY ( treeName $ rIDManagerReference $ replicaSource $ pwdProperties $ pwdHistoryLength $ privateKey $ pekList $ pekKeyChangeInterval $ nTMixedDomain $ nextRid $ nETBIOSName $ msDS-PerUserTrustTombstonesQuota $ msDS-PerUserTrustQuota $ ms-DS-MachineAccountQuota $ msDS-LogonTimeSyncInterval $ msDS-AllUsersTrustQuota $ modifiedCountAtLastProm $ minPwdLength $ minPwdAge $ maxPwdAge $ lSAModifiedCount $ lSACreationTime $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ gPOptions $ gPLink $ eFSPolicy $ domainPolicyObject $ desktopProfile $ description $ defaultLocalPolicyObject $ creationTime $ controlAccessRights $ cACertificate $ builtinModifiedCount $ builtinCreationTime $ auditingPolicy ) )
|
||||
dITContentRules: ( 1.2.840.113556.1.5.4 NAME 'builtinDomain' AUX ( samDomainBase ) MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) )
|
||||
dITContentRules: ( 1.2.840.113556.1.5.3 NAME 'samDomain' AUX ( samDomainBase ) MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) )
|
||||
dITContentRules: ( 1.2.840.113556.1.5.9 NAME 'user' AUX ( securityPrincipal $ mailRecipient ) MUST ( sAMAccountName $ objectSid $ cn ) MAY ( supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) )
|
||||
dITContentRules: ( 1.2.840.113556.1.5.8 NAME 'group' AUX ( mailRecipient $ securityPrincipal ) MUST ( cn $ sAMAccountName $ objectSid $ cn ) MAY ( userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) )
|
||||
|
||||
@ -79,12 +79,12 @@ struct smb2srv_request *smb2srv_init_request(struct smbsrv_connection *smb_conn)
|
||||
NTSTATUS smb2srv_setup_reply(struct smb2srv_request *req, uint16_t body_fixed_size,
|
||||
bool body_dynamic_present, uint32_t body_dynamic_size)
|
||||
{
|
||||
uint32_t flags = 0x00000001;
|
||||
uint32_t flags = SMB2_HDR_FLAG_REDIRECT;
|
||||
uint32_t pid = IVAL(req->in.hdr, SMB2_HDR_PID);
|
||||
uint32_t tid = IVAL(req->in.hdr, SMB2_HDR_TID);
|
||||
|
||||
if (req->pending_id) {
|
||||
flags |= 0x00000002;
|
||||
flags |= SMB2_HDR_FLAG_ASYNC;
|
||||
pid = req->pending_id;
|
||||
tid = 0;
|
||||
}
|
||||
@ -236,7 +236,7 @@ void smb2srv_send_reply(struct smb2srv_request *req)
|
||||
}
|
||||
|
||||
/* if signing is active on the session then sign the packet */
|
||||
if (req->session && req->session->smb2_signing.active) {
|
||||
if (req->is_signed) {
|
||||
status = smb2_sign_message(&req->out,
|
||||
req->session->session_info->session_key);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -310,12 +310,7 @@ static NTSTATUS smb2srv_reply(struct smb2srv_request *req)
|
||||
|
||||
if (!req->session) goto nosession;
|
||||
|
||||
if (!req->session->smb2_signing.active) {
|
||||
/* TODO: workout the correct error code */
|
||||
smb2srv_send_error(req, NT_STATUS_FOOBAR);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
req->is_signed = true;
|
||||
status = smb2_check_signature(&req->in,
|
||||
req->session->session_info->session_key);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -511,6 +506,8 @@ static NTSTATUS smb2srv_init_pending(struct smbsrv_connection *smb_conn)
|
||||
|
||||
NTSTATUS smb2srv_queue_pending(struct smb2srv_request *req)
|
||||
{
|
||||
NTSTATUS status;
|
||||
bool signing_used = false;
|
||||
int id;
|
||||
|
||||
if (req->pending_id) {
|
||||
@ -526,10 +523,35 @@ NTSTATUS smb2srv_queue_pending(struct smb2srv_request *req)
|
||||
DLIST_ADD_END(req->smb_conn->requests2.list, req, struct smb2srv_request *);
|
||||
req->pending_id = id;
|
||||
|
||||
talloc_set_destructor(req, smb2srv_request_deny_destructor);
|
||||
smb2srv_send_error(req, STATUS_PENDING);
|
||||
talloc_set_destructor(req, smb2srv_request_destructor);
|
||||
if (req->smb_conn->connection->event.fde == NULL) {
|
||||
/* the socket has been destroyed - no point trying to send an error! */
|
||||
return NT_STATUS_REMOTE_DISCONNECT;
|
||||
}
|
||||
|
||||
talloc_set_destructor(req, smb2srv_request_deny_destructor);
|
||||
|
||||
status = smb2srv_setup_reply(req, 8, true, 0);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
|
||||
SIVAL(req->out.hdr, SMB2_HDR_STATUS, NT_STATUS_V(STATUS_PENDING));
|
||||
|
||||
SSVAL(req->out.body, 0x02, 0);
|
||||
SIVAL(req->out.body, 0x04, 0);
|
||||
|
||||
/* if the real reply will be signed set the signed flags, but don't sign */
|
||||
if (req->is_signed) {
|
||||
SIVAL(req->out.hdr, SMB2_HDR_FLAGS, IVAL(req->out.hdr, SMB2_HDR_FLAGS) | SMB2_HDR_FLAG_SIGNED);
|
||||
signing_used = req->is_signed;
|
||||
req->is_signed = false;
|
||||
}
|
||||
|
||||
smb2srv_send_reply(req);
|
||||
|
||||
req->is_signed = signing_used;
|
||||
|
||||
talloc_set_destructor(req, smb2srv_request_destructor);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
@ -545,7 +567,7 @@ void smb2srv_cancel_recv(struct smb2srv_request *req)
|
||||
flags = IVAL(req->in.hdr, SMB2_HDR_FLAGS);
|
||||
pending_id = IVAL(req->in.hdr, SMB2_HDR_PID);
|
||||
|
||||
if (!(flags & 0x00000002)) {
|
||||
if (!(flags & SMB2_HDR_FLAG_ASYNC)) {
|
||||
/* TODO: what to do here? */
|
||||
goto done;
|
||||
}
|
||||
|
||||
@ -62,6 +62,8 @@ struct smb2srv_request {
|
||||
uint8_t _chained_file_handle[16];
|
||||
uint8_t *chained_file_handle;
|
||||
|
||||
bool is_signed;
|
||||
|
||||
struct smb2_request_buffer in;
|
||||
struct smb2_request_buffer out;
|
||||
};
|
||||
|
||||
@ -279,7 +279,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
struct auth_serversupplied_info *server_info_out;
|
||||
|
||||
krb5_keyblock server_keyblock;
|
||||
krb5_keyblock krbtgt_keyblock;
|
||||
krb5_keyblock krbtgt_keyblock, *krbtgt_keyblock_p;
|
||||
struct samr_Password *krbtgt_bytes, *krbsrv_bytes;
|
||||
|
||||
krb5_error_code ret;
|
||||
@ -309,10 +309,14 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
/* The krbtgt key in use when the above PAC was generated.
|
||||
* This is an arcfour-hmac-md5 key, extracted with our 'net
|
||||
* samdump' tool. */
|
||||
if (*pac_kdc_key == 0) {
|
||||
krbtgt_bytes = NULL;
|
||||
} else {
|
||||
krbtgt_bytes = smbpasswd_gethexpwd(mem_ctx, pac_kdc_key);
|
||||
if (!krbtgt_bytes) {
|
||||
torture_fail(tctx, "(saved test) Could not interpret krbtgt key");
|
||||
}
|
||||
}
|
||||
|
||||
krbsrv_bytes = smbpasswd_gethexpwd(mem_ctx, pac_member_key);
|
||||
if (!krbsrv_bytes) {
|
||||
@ -329,6 +333,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
smb_get_krb5_error_message(smb_krb5_context->krb5_context,
|
||||
ret, mem_ctx)));
|
||||
|
||||
if (krbtgt_bytes) {
|
||||
ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
|
||||
ENCTYPE_ARCFOUR_HMAC,
|
||||
krbtgt_bytes->hash, sizeof(krbtgt_bytes->hash),
|
||||
@ -342,6 +347,10 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
smb_get_krb5_error_message(smb_krb5_context->krb5_context,
|
||||
ret, mem_ctx)));
|
||||
}
|
||||
krbtgt_keyblock_p = &krbtgt_keyblock;
|
||||
} else {
|
||||
krbtgt_keyblock_p = NULL;
|
||||
}
|
||||
|
||||
pac_file = torture_setting_string(tctx, "pac_file", NULL);
|
||||
if (pac_file) {
|
||||
@ -363,7 +372,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&client_principal);
|
||||
if (ret) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
torture_fail(tctx,
|
||||
@ -379,12 +388,12 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&pac_data,
|
||||
tmp_blob,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal, authtime, NULL);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -400,13 +409,13 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&logon_info,
|
||||
tmp_blob,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal, authtime, NULL);
|
||||
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -424,7 +433,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&server_info_out);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -440,7 +449,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
"S-1-5-21-3048156945-3961193616-3706469200-1005"),
|
||||
server_info_out->account_sid)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -452,17 +461,25 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
dom_sid_string(mem_ctx, server_info_out->account_sid)));
|
||||
}
|
||||
|
||||
if (krbtgt_bytes == NULL) {
|
||||
torture_comment(tctx, "skipping PAC encoding tests as non kdc key\n");
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
return true;
|
||||
}
|
||||
|
||||
ret = kerberos_encode_pac(mem_ctx,
|
||||
lp_iconv_convenience(tctx->lp_ctx),
|
||||
pac_data,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
&validate_blob);
|
||||
|
||||
if (ret != 0) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -478,7 +495,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
*/
|
||||
if (tmp_blob.length != validate_blob.length) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -491,7 +508,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
|
||||
if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -508,14 +525,14 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
lp_iconv_convenience(tctx->lp_ctx),
|
||||
server_info_out,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal, authtime,
|
||||
&validate_blob);
|
||||
|
||||
if (ret != 0) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -541,7 +558,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);
|
||||
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -563,7 +580,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);
|
||||
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -583,14 +600,14 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&pac_data,
|
||||
tmp_blob,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal,
|
||||
authtime + 1, NULL);
|
||||
if (NT_STATUS_IS_OK(nt_status)) {
|
||||
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
|
||||
@ -608,7 +625,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
if (ret) {
|
||||
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
torture_fail(tctx, talloc_asprintf(tctx,
|
||||
@ -621,13 +638,13 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&pac_data,
|
||||
tmp_blob,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal,
|
||||
authtime, NULL);
|
||||
if (NT_STATUS_IS_OK(nt_status)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on modified principal");
|
||||
@ -641,20 +658,20 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
|
||||
&pac_data,
|
||||
tmp_blob,
|
||||
smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock,
|
||||
krbtgt_keyblock_p,
|
||||
&server_keyblock,
|
||||
client_principal,
|
||||
authtime, NULL);
|
||||
if (NT_STATUS_IS_OK(nt_status)) {
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken checksum");
|
||||
}
|
||||
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&krbtgt_keyblock);
|
||||
krbtgt_keyblock_p);
|
||||
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
|
||||
&server_keyblock);
|
||||
return true;
|
||||
@ -666,9 +683,7 @@ struct torture_suite *torture_pac(TALLOC_CTX *mem_ctx)
|
||||
|
||||
torture_suite_add_simple_test(suite, "self check",
|
||||
torture_pac_self_check);
|
||||
|
||||
torture_suite_add_simple_test(suite, "saved check",
|
||||
torture_pac_saved_check);
|
||||
|
||||
return suite;
|
||||
}
|
||||
|
||||
@ -6701,7 +6701,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
|
||||
/*
|
||||
* unique vs. unique section
|
||||
*/
|
||||
#if METZE_NEEDS_TO_LOOK_AT_THIS_ONE
|
||||
/*
|
||||
* unique,active vs. unique,active with same ip(s), unchecked
|
||||
*/
|
||||
@ -6728,7 +6727,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
|
||||
.apply_expected = true
|
||||
},
|
||||
},
|
||||
#endif
|
||||
/*
|
||||
* unique,active vs. unique,active with different ip(s), positive response
|
||||
*/
|
||||
@ -8967,7 +8965,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
|
||||
.sgroup_merge = true
|
||||
},
|
||||
},
|
||||
#if 0
|
||||
/*
|
||||
* sgroup,active vs. sgroup,active with same ip(s)
|
||||
*/
|
||||
@ -9157,7 +9154,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
|
||||
.apply_expected = false
|
||||
},
|
||||
},
|
||||
#endif
|
||||
};
|
||||
|
||||
if (!ctx->nbtsock_srv) {
|
||||
@ -9543,7 +9539,9 @@ static void test_conflict_owned_active_vs_replica_handler_query(struct nbt_name_
|
||||
talloc_free(rep_packet);
|
||||
|
||||
/* make sure we push the reply to the wire */
|
||||
while (nbtsock->send_queue) {
|
||||
event_loop_once(nbtsock->event_ctx);
|
||||
}
|
||||
msleep(1000);
|
||||
|
||||
rec->defend.timeout = 0;
|
||||
@ -9598,7 +9596,9 @@ static void test_conflict_owned_active_vs_replica_handler_release(
|
||||
talloc_free(rep_packet);
|
||||
|
||||
/* make sure we push the reply to the wire */
|
||||
while (nbtsock->send_queue) {
|
||||
event_loop_once(nbtsock->event_ctx);
|
||||
}
|
||||
msleep(1000);
|
||||
|
||||
rec->defend.timeout = 0;
|
||||
|
||||
@ -844,6 +844,8 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
|
||||
int fnum = -1;
|
||||
bool ret = true;
|
||||
int i;
|
||||
uint32_t ok_mask, not_supported_mask, invalid_parameter_mask;
|
||||
uint32_t not_a_directory_mask, unexpected_mask;
|
||||
struct {
|
||||
uint32_t open_disp;
|
||||
bool with_file;
|
||||
@ -982,6 +984,10 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
|
||||
}
|
||||
io.ntcreatex.in.create_options = create_option;
|
||||
status = smb_raw_open(cli->tree, tctx, &io);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("ntcreatex create option 0x%08x gave %s - should give NT_STATUS_OK\n",
|
||||
create_option, nt_errstr(status));
|
||||
}
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
fnum = io.ntcreatex.out.file.fnum;
|
||||
|
||||
@ -999,6 +1005,44 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
|
||||
smbcli_close(cli->tree, fnum);
|
||||
}
|
||||
|
||||
io.ntcreatex.in.file_attr = 0;
|
||||
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
|
||||
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
|
||||
/* Check for options that should return NOT_SUPPORTED, OK or INVALID_PARAMETER */
|
||||
ok_mask = 0;
|
||||
not_supported_mask = 0;
|
||||
invalid_parameter_mask = 0;
|
||||
not_a_directory_mask = 0;
|
||||
unexpected_mask = 0;
|
||||
for (i=0; i < 32; i++) {
|
||||
uint32_t create_option = 1<<i;
|
||||
if (create_option & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) {
|
||||
continue;
|
||||
}
|
||||
io.ntcreatex.in.create_options = create_option;
|
||||
status = smb_raw_open(cli->tree, tctx, &io);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
|
||||
not_supported_mask |= create_option;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
|
||||
ok_mask |= create_option;
|
||||
smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
|
||||
invalid_parameter_mask |= create_option;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
|
||||
not_a_directory_mask |= 1<<i;
|
||||
} else {
|
||||
unexpected_mask |= 1<<i;
|
||||
printf("create option 0x%08x returned %s\n", create_option, nt_errstr(status));
|
||||
}
|
||||
}
|
||||
|
||||
CHECK_VAL(ok_mask, 0x00efcfce);
|
||||
CHECK_VAL(not_a_directory_mask, 0x00000001);
|
||||
CHECK_VAL(not_supported_mask, 0x00002000);
|
||||
CHECK_VAL(invalid_parameter_mask, 0xff100030);
|
||||
CHECK_VAL(unexpected_mask, 0x00000000);
|
||||
|
||||
smbcli_unlink(cli->tree, fname);
|
||||
|
||||
|
||||
|
||||
@ -65,7 +65,8 @@ static bool test_JobEnum(struct torture_context *tctx, struct dcerpc_pipe *p)
|
||||
NTSTATUS status;
|
||||
struct atsvc_JobEnum r;
|
||||
struct atsvc_enum_ctr ctr;
|
||||
uint32_t resume_handle = 0, i;
|
||||
uint32_t resume_handle = 0, i, total_entries = 0;
|
||||
|
||||
bool ret = true;
|
||||
|
||||
r.in.servername = dcerpc_server_name(p);
|
||||
@ -74,6 +75,7 @@ static bool test_JobEnum(struct torture_context *tctx, struct dcerpc_pipe *p)
|
||||
r.in.ctr = r.out.ctr = &ctr;
|
||||
r.in.preferred_max_len = 0xffffffff;
|
||||
r.in.resume_handle = r.out.resume_handle = &resume_handle;
|
||||
r.out.total_entries = &total_entries;
|
||||
|
||||
status = dcerpc_atsvc_JobEnum(p, tctx, &r);
|
||||
|
||||
|
||||
@ -52,7 +52,9 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
|
||||
struct smb2_create io;
|
||||
NTSTATUS status;
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(tree);
|
||||
uint32_t access_mask, file_attributes, file_attributes_set, denied_mask;
|
||||
uint32_t access_mask, file_attributes_set;
|
||||
uint32_t ok_mask, not_supported_mask, invalid_parameter_mask;
|
||||
uint32_t not_a_directory_mask, unexpected_mask;
|
||||
union smb_fileinfo q;
|
||||
|
||||
ZERO_STRUCT(io);
|
||||
@ -76,14 +78,6 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
CHECK_STATUS(status, NT_STATUS_INVALID_PARAMETER);
|
||||
|
||||
io.in.create_options = 0x00100000;
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
CHECK_STATUS(status, NT_STATUS_NOT_SUPPORTED);
|
||||
|
||||
io.in.create_options = 0xF0100000;
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
CHECK_STATUS(status, NT_STATUS_NOT_SUPPORTED);
|
||||
|
||||
io.in.create_options = 0;
|
||||
|
||||
io.in.file_attributes = FILE_ATTRIBUTE_DEVICE;
|
||||
@ -108,6 +102,46 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
|
||||
|
||||
io.in.file_attributes = 0;
|
||||
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
|
||||
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
ok_mask = 0;
|
||||
not_supported_mask = 0;
|
||||
invalid_parameter_mask = 0;
|
||||
not_a_directory_mask = 0;
|
||||
unexpected_mask = 0;
|
||||
{
|
||||
int i;
|
||||
for (i=0;i<32;i++) {
|
||||
io.in.create_options = 1<<i;
|
||||
if (io.in.create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) {
|
||||
continue;
|
||||
}
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
|
||||
not_supported_mask |= 1<<i;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
|
||||
invalid_parameter_mask |= 1<<i;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
|
||||
not_a_directory_mask |= 1<<i;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
|
||||
ok_mask |= 1<<i;
|
||||
status = smb2_util_close(tree, io.out.file.handle);
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
} else {
|
||||
unexpected_mask |= 1<<i;
|
||||
printf("create option 0x%08x returned %s\n", 1<<i, nt_errstr(status));
|
||||
}
|
||||
}
|
||||
}
|
||||
io.in.create_options = 0;
|
||||
|
||||
CHECK_EQUAL(ok_mask, 0x00efcf7e);
|
||||
CHECK_EQUAL(not_a_directory_mask, 0x00000001);
|
||||
CHECK_EQUAL(not_supported_mask, 0x00102080);
|
||||
CHECK_EQUAL(invalid_parameter_mask, 0xff000000);
|
||||
CHECK_EQUAL(unexpected_mask, 0x00000000);
|
||||
|
||||
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
|
||||
io.in.file_attributes = 0;
|
||||
access_mask = 0;
|
||||
@ -132,34 +166,61 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
|
||||
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
|
||||
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
io.in.file_attributes = 0;
|
||||
file_attributes = 0;
|
||||
ok_mask = 0;
|
||||
invalid_parameter_mask = 0;
|
||||
unexpected_mask = 0;
|
||||
file_attributes_set = 0;
|
||||
denied_mask = 0;
|
||||
{
|
||||
int i;
|
||||
for (i=0;i<32;i++) {
|
||||
io.in.file_attributes = 1<<i;
|
||||
if (io.in.file_attributes & FILE_ATTRIBUTE_ENCRYPTED) {
|
||||
continue;
|
||||
}
|
||||
smb2_deltree(tree, FNAME);
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
|
||||
file_attributes |= io.in.file_attributes;
|
||||
} else if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
|
||||
denied_mask |= io.in.file_attributes;
|
||||
} else {
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
invalid_parameter_mask |= 1<<i;
|
||||
} else if (NT_STATUS_IS_OK(status)) {
|
||||
uint32_t expected;
|
||||
ok_mask |= 1<<i;
|
||||
|
||||
expected = (io.in.file_attributes | FILE_ATTRIBUTE_ARCHIVE) & 0x00005127;
|
||||
CHECK_EQUAL(io.out.file_attr, expected);
|
||||
file_attributes_set |= io.out.file_attr;
|
||||
|
||||
status = smb2_util_close(tree, io.out.file.handle);
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
file_attributes_set |= io.out.file_attr;
|
||||
} else {
|
||||
unexpected_mask |= 1<<i;
|
||||
printf("file attribute 0x%08x returned %s\n", 1<<i, nt_errstr(status));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
CHECK_EQUAL(file_attributes, 0xffff8048);
|
||||
CHECK_EQUAL(denied_mask, 0x4000);
|
||||
CHECK_EQUAL(ok_mask, 0x00003fb7);
|
||||
CHECK_EQUAL(invalid_parameter_mask, 0xffff8048);
|
||||
CHECK_EQUAL(unexpected_mask, 0x00000000);
|
||||
CHECK_EQUAL(file_attributes_set, 0x00001127);
|
||||
|
||||
smb2_deltree(tree, FNAME);
|
||||
|
||||
/*
|
||||
* Standalone servers doesn't support encryption
|
||||
*/
|
||||
io.in.file_attributes = FILE_ATTRIBUTE_ENCRYPTED;
|
||||
status = smb2_create(tree, tmp_ctx, &io);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
|
||||
printf("FILE_ATTRIBUTE_ENCRYPTED returned %s\n", nt_errstr(status));
|
||||
} else {
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
CHECK_EQUAL(io.out.file_attr, (FILE_ATTRIBUTE_ENCRYPTED | FILE_ATTRIBUTE_ARCHIVE));
|
||||
status = smb2_util_close(tree, io.out.file.handle);
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
}
|
||||
|
||||
smb2_deltree(tree, FNAME);
|
||||
|
||||
ZERO_STRUCT(io);
|
||||
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
io.in.file_attributes = 0;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
ldb database library
|
||||
|
||||
Copyright (C) Andrew Bartlett 2006
|
||||
Copyright (C) Andrew Bartlett 2006-2008
|
||||
|
||||
** NOTE! The following LGPL license applies to the ldb
|
||||
** library. This does NOT imply that all of Samba is released
|
||||
@ -35,7 +35,6 @@
|
||||
#include "ldb_includes.h"
|
||||
#include "system/locale.h"
|
||||
#include "lib/ldb/tools/cmdline.h"
|
||||
#include "utils/schema_convert.h"
|
||||
#include "param/param.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
@ -46,11 +45,6 @@ struct schema_conv {
|
||||
int failures;
|
||||
};
|
||||
|
||||
enum convert_target {
|
||||
TARGET_OPENLDAP,
|
||||
TARGET_FEDORA_DS
|
||||
};
|
||||
|
||||
|
||||
static void usage(void)
|
||||
{
|
||||
@ -122,15 +116,7 @@ static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ct
|
||||
}
|
||||
|
||||
|
||||
#define IF_NULL_FAIL_RET(x) do { \
|
||||
if (!x) { \
|
||||
ret.failures++; \
|
||||
return ret; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
|
||||
static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_target target, FILE *in, FILE *out)
|
||||
static struct schema_conv process_convert(struct ldb_context *ldb, enum dsdb_schema_convert_target target, FILE *in, FILE *out)
|
||||
{
|
||||
/* Read list of attributes to skip, OIDs to map */
|
||||
TALLOC_CTX *mem_ctx = talloc_new(ldb);
|
||||
@ -152,6 +138,7 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
struct ldb_dn *schemadn;
|
||||
struct schema_conv ret;
|
||||
struct dsdb_schema *schema;
|
||||
const char *seperator;
|
||||
char *error_string;
|
||||
|
||||
int ldb_ret;
|
||||
@ -171,7 +158,10 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
}
|
||||
if (isdigit(line[0])) {
|
||||
char *p = strchr(line, ':');
|
||||
IF_NULL_FAIL_RET(p);
|
||||
if (!p) {
|
||||
ret.failures++;
|
||||
return ret;
|
||||
}
|
||||
p[0] = '\0';
|
||||
p++;
|
||||
oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_oid_maps + 2);
|
||||
@ -223,8 +213,10 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
|
||||
switch (target) {
|
||||
case TARGET_OPENLDAP:
|
||||
seperator = "\n ";
|
||||
break;
|
||||
case TARGET_FEDORA_DS:
|
||||
seperator = "\n ";
|
||||
fprintf(out, "dn: cn=schema\n");
|
||||
break;
|
||||
}
|
||||
@ -234,9 +226,10 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
const char *description = attribute->adminDescription;
|
||||
const char *oid = attribute->attributeID_oid;
|
||||
const char *syntax = attribute->attributeSyntax_oid;
|
||||
const char *equality = NULL, *substring = NULL;
|
||||
bool single_value = attribute->isSingleValued;
|
||||
|
||||
const struct syntax_map *map = find_syntax_map_by_ad_oid(syntax);
|
||||
const struct dsdb_syntax_map *map = find_syntax_map_by_ad_oid(syntax);
|
||||
char *schema_entry = NULL;
|
||||
int j;
|
||||
|
||||
@ -254,19 +247,22 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
}
|
||||
}
|
||||
|
||||
switch (target) {
|
||||
case TARGET_OPENLDAP:
|
||||
schema_entry = talloc_asprintf(mem_ctx,
|
||||
"attributetype (\n"
|
||||
" %s\n", oid);
|
||||
break;
|
||||
case TARGET_FEDORA_DS:
|
||||
schema_entry = talloc_asprintf(mem_ctx,
|
||||
"attributeTypes: (\n"
|
||||
" %s\n", oid);
|
||||
if (map) {
|
||||
/* We might have been asked to remap this oid,
|
||||
* due to a conflict, or lack of
|
||||
* implementation */
|
||||
syntax = map->Standard_OID;
|
||||
/* We might have been asked to remap this oid, due to a conflict */
|
||||
for (j=0; syntax && oid_map && oid_map[j].old_oid; j++) {
|
||||
if (strcasecmp(syntax, oid_map[j].old_oid) == 0) {
|
||||
syntax = oid_map[j].new_oid;
|
||||
break;
|
||||
}
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
equality = map->equality;
|
||||
substring = map->substring;
|
||||
}
|
||||
|
||||
/* We might have been asked to remap this name, due to a conflict */
|
||||
for (j=0; name && attr_map && attr_map[j].old_attr; j++) {
|
||||
@ -276,60 +272,19 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
}
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" NAME '%s'\n", name);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
schema_entry = schema_attribute_description(mem_ctx, target, seperator, oid, name, description, equality, substring, syntax, single_value, false);
|
||||
|
||||
if (description) {
|
||||
#if 0 /* If you want to re-enable this, you must first figure out a sane escaping of ' in the description */
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" DESC '%s'\n", description);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
#endif
|
||||
if (schema_entry == NULL) {
|
||||
ret.failures++;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (map) {
|
||||
const char *syntax_oid;
|
||||
if (map->equality) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" EQUALITY %s\n", map->equality);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
if (map->substring) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" SUBSTR %s\n", map->substring);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
syntax_oid = map->Standard_OID;
|
||||
/* We might have been asked to remap this oid,
|
||||
* due to a conflict, or lack of
|
||||
* implementation */
|
||||
for (j=0; syntax_oid && oid_map && oid_map[j].old_oid; j++) {
|
||||
if (strcasecmp(syntax_oid, oid_map[j].old_oid) == 0) {
|
||||
syntax_oid = oid_map[j].new_oid;
|
||||
break;
|
||||
}
|
||||
}
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" SYNTAX %s\n", syntax_oid);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (single_value) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" SINGLE-VALUE\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" )");
|
||||
|
||||
switch (target) {
|
||||
case TARGET_OPENLDAP:
|
||||
fprintf(out, "%s\n\n", schema_entry);
|
||||
fprintf(out, "attributetype %s\n\n", schema_entry);
|
||||
break;
|
||||
case TARGET_FEDORA_DS:
|
||||
fprintf(out, "%s\n", schema_entry);
|
||||
fprintf(out, "attributeTypes: %s\n", schema_entry);
|
||||
break;
|
||||
}
|
||||
ret.count++;
|
||||
@ -350,6 +305,7 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
NULL
|
||||
};
|
||||
int j;
|
||||
int attr_idx;
|
||||
|
||||
/* We have been asked to skip some attributes/objectClasses */
|
||||
if (attrs_skip && str_list_check_ci(attrs_skip, name)) {
|
||||
@ -357,10 +313,6 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
continue;
|
||||
}
|
||||
|
||||
may = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MAY);
|
||||
|
||||
must = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MUST);
|
||||
|
||||
/* We might have been asked to remap this oid, due to a conflict */
|
||||
for (j=0; oid_map && oid_map[j].old_oid; j++) {
|
||||
if (strcasecmp(oid, oid_map[j].old_oid) == 0) {
|
||||
@ -369,24 +321,6 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
}
|
||||
}
|
||||
|
||||
switch (target) {
|
||||
case TARGET_OPENLDAP:
|
||||
schema_entry = talloc_asprintf(mem_ctx,
|
||||
"objectclass (\n"
|
||||
" %s\n", oid);
|
||||
break;
|
||||
case TARGET_FEDORA_DS:
|
||||
schema_entry = talloc_asprintf(mem_ctx,
|
||||
"objectClasses: (\n"
|
||||
" %s\n", oid);
|
||||
break;
|
||||
}
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
if (!schema_entry) {
|
||||
ret.failures++;
|
||||
break;
|
||||
}
|
||||
|
||||
/* We might have been asked to remap this name, due to a conflict */
|
||||
for (j=0; name && attr_map && attr_map[j].old_attr; j++) {
|
||||
if (strcasecmp(name, attr_map[j].old_attr) == 0) {
|
||||
@ -395,106 +329,51 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
}
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" NAME '%s'\n", name);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
may = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MAY);
|
||||
|
||||
if (!schema_entry) return ret;
|
||||
|
||||
if (description) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" DESC '%s'\n", description);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
if (subClassOf) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" SUP %s\n", subClassOf);
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
|
||||
switch (objectClassCategory) {
|
||||
case 1:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" STRUCTURAL\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
case 2:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" ABSTRACT\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
break;
|
||||
case 3:
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" AUXILIARY\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
for (j=0; may && may[j]; j++) {
|
||||
/* We might have been asked to remap this name, due to a conflict */
|
||||
for (attr_idx=0; attr_map && attr_map[attr_idx].old_attr; attr_idx++) {
|
||||
if (strcasecmp(may[j], attr_map[attr_idx].old_attr) == 0) {
|
||||
may[j] = attr_map[attr_idx].new_attr;
|
||||
break;
|
||||
}
|
||||
|
||||
#define APPEND_ATTRS(attributes) \
|
||||
do { \
|
||||
int k; \
|
||||
for (k=0; attributes && attributes[k]; k++) { \
|
||||
int attr_idx; \
|
||||
const char *attr_name = attributes[k]; \
|
||||
/* We might have been asked to remap this name, due to a conflict */ \
|
||||
for (attr_idx=0; attr_name && attr_map && attr_map[attr_idx].old_attr; attr_idx++) { \
|
||||
if (strcasecmp(attr_name, attr_map[attr_idx].old_attr) == 0) { \
|
||||
attr_name = attr_map[attr_idx].new_attr; \
|
||||
break; \
|
||||
} \
|
||||
} \
|
||||
\
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
" %s", \
|
||||
attr_name); \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
if (attributes[k+1]) { \
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
" $"); \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
if (target == TARGET_OPENLDAP && ((k+1)%5 == 0)) { \
|
||||
schema_entry = talloc_asprintf_append(schema_entry, \
|
||||
"\n "); \
|
||||
IF_NULL_FAIL_RET(schema_entry); \
|
||||
} \
|
||||
} \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
if (must) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" MUST (");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
|
||||
APPEND_ATTRS(must);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" )\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
}
|
||||
}
|
||||
|
||||
if (may) {
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" MAY (");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
must = dsdb_full_attribute_list(mem_ctx, schema, objectclass_name_as_list, DSDB_SCHEMA_ALL_MUST);
|
||||
|
||||
APPEND_ATTRS(may);
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" )\n");
|
||||
IF_NULL_FAIL_RET(schema_entry);
|
||||
for (j=0; must && must[j]; j++) {
|
||||
/* We might have been asked to remap this name, due to a conflict */
|
||||
for (attr_idx=0; attr_map && attr_map[attr_idx].old_attr; attr_idx++) {
|
||||
if (strcasecmp(must[j], attr_map[attr_idx].old_attr) == 0) {
|
||||
must[j] = attr_map[attr_idx].new_attr;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
schema_entry = talloc_asprintf_append(schema_entry,
|
||||
" )");
|
||||
schema_entry = schema_class_description(mem_ctx, target,
|
||||
seperator,
|
||||
oid,
|
||||
name,
|
||||
NULL,
|
||||
description,
|
||||
subClassOf,
|
||||
objectClassCategory,
|
||||
must,
|
||||
may);
|
||||
if (schema_entry == NULL) {
|
||||
ret.failures++;
|
||||
return ret;
|
||||
}
|
||||
|
||||
switch (target) {
|
||||
case TARGET_OPENLDAP:
|
||||
fprintf(out, "%s\n\n", schema_entry);
|
||||
fprintf(out, "objectclass %s\n\n", schema_entry);
|
||||
break;
|
||||
case TARGET_FEDORA_DS:
|
||||
fprintf(out, "%s\n", schema_entry);
|
||||
fprintf(out, "objectClasses: %s\n", schema_entry);
|
||||
break;
|
||||
}
|
||||
ret.count++;
|
||||
@ -512,7 +391,7 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_
|
||||
struct ldb_context *ldb;
|
||||
struct schema_conv ret;
|
||||
const char *target_str;
|
||||
enum convert_target target;
|
||||
enum dsdb_schema_convert_target target;
|
||||
|
||||
ctx = talloc_new(NULL);
|
||||
ldb = ldb_init(ctx, NULL);
|
||||
|
||||
@ -100,12 +100,12 @@ testparm_OBJ_FILES = $(utilssrcdir)/testparm.o
|
||||
[BINARY::oLschema2ldif]
|
||||
INSTALLDIR = BINDIR
|
||||
PRIVATE_DEPENDENCIES = \
|
||||
LIBLDB_CMDLINE
|
||||
LIBLDB_CMDLINE SAMDB
|
||||
# End BINARY oLschema2ldif
|
||||
################################################
|
||||
|
||||
|
||||
oLschema2ldif_OBJ_FILES = $(addprefix $(utilssrcdir)/, schema_convert.o oLschema2ldif.o)
|
||||
oLschema2ldif_OBJ_FILES = $(addprefix $(utilssrcdir)/, oLschema2ldif.o)
|
||||
|
||||
MANPAGES += $(utilssrcdir)/man/oLschema2ldif.1
|
||||
|
||||
@ -118,7 +118,7 @@ PRIVATE_DEPENDENCIES = \
|
||||
# End BINARY ad2oLschema
|
||||
################################################
|
||||
|
||||
ad2oLschema_OBJ_FILES = $(addprefix $(utilssrcdir)/, schema_convert.o ad2oLschema.o)
|
||||
ad2oLschema_OBJ_FILES = $(addprefix $(utilssrcdir)/, ad2oLschema.o)
|
||||
|
||||
MANPAGES += $(utilssrcdir)/man/ad2oLschema.1
|
||||
|
||||
|
||||
@ -14,9 +14,7 @@ var options = GetOptions(ARGV,
|
||||
"POPT_COMMON_CREDENTIALS",
|
||||
"verbose",
|
||||
"classes",
|
||||
"attributes",
|
||||
"subschema",
|
||||
"subschema-auto");
|
||||
"attributes");
|
||||
if (options == undefined) {
|
||||
println("Failed to parse options");
|
||||
return -1;
|
||||
@ -25,8 +23,6 @@ verbose = options["verbose"];
|
||||
dump_all = "yes";
|
||||
dump_classes = options["classes"];
|
||||
dump_attributes = options["attributes"];
|
||||
dump_subschema = options["subschema"];
|
||||
dump_subschema_auto = options["subschema-auto"];
|
||||
|
||||
if (dump_classes != undefined) {
|
||||
dump_all = undefined;
|
||||
@ -34,18 +30,9 @@ if (dump_classes != undefined) {
|
||||
if (dump_attributes != undefined) {
|
||||
dump_all = undefined;
|
||||
}
|
||||
if (dump_subschema != undefined) {
|
||||
dump_all = undefined;
|
||||
}
|
||||
if (dump_subschema_auto != undefined) {
|
||||
dump_all = undefined;
|
||||
dump_subschema = "yes";
|
||||
}
|
||||
if (dump_all != undefined) {
|
||||
dump_classes = "yes";
|
||||
dump_attributes = "yes";
|
||||
dump_subschema = "yes";
|
||||
dump_subschema_auto = "yes";
|
||||
}
|
||||
|
||||
if (options.ARGV.length != 2) {
|
||||
@ -697,28 +684,6 @@ function write_aggregate_attribute(attrib) {
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
write the aggregate record
|
||||
*/
|
||||
function write_aggregate() {
|
||||
printf("dn: CN=Aggregate,${SCHEMADN}\n");
|
||||
print("objectClass: top
|
||||
objectClass: subSchema
|
||||
");
|
||||
if (dump_subschema_auto == undefined) {
|
||||
return;
|
||||
}
|
||||
|
||||
for (i in objectclasses) {
|
||||
write_aggregate_objectclass(objectclasses[i]);
|
||||
}
|
||||
for (i in attributes) {
|
||||
write_aggregate_attribute(attributes[i]);
|
||||
}
|
||||
for (i in objectclasses) {
|
||||
write_aggregate_ditcontentrule(objectclasses[i]);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
load a list from a file
|
||||
@ -813,10 +778,6 @@ if (dump_attributes != undefined) {
|
||||
if (dump_classes != undefined) {
|
||||
write_ldif(objectclasses, class_attrs);
|
||||
}
|
||||
if (dump_subschema != undefined) {
|
||||
write_aggregate();
|
||||
}
|
||||
|
||||
if (verbose == undefined) {
|
||||
exit(0);
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user