sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-03 04:23:50 +03:00
Code Activity
12,053 Commits 64 Branches 1,179 Tags
03b06398a405e491ce4e2bc91513a57e0d59466f
Commit Graph

447 Commits

Author SHA1 Message Date
Stefan Metzmacher
e96aa89800 r21364: cosmetic change: it's nicer to use the KEYTYPE_ macro 
for the keytype field...

metze
 2007-10-10 14:48:20 -05:00
Stefan Metzmacher
dc4242c09c r21362: rename: 
"ntPwdHash" => "unicodePwd"
"lmPwdHash" => "dBCSPwd"
"sambaLMPwdHistory" => "lmPwdHistory"
"sambaNTPwdHistory" => "ntPwdHistory"

Note: you need to reprovision after this change!

metze
 2007-10-10 14:48:20 -05:00
Stefan Metzmacher
ff13b21102 r21359: remove the rid encryption before storing the password hashes 
We decided to store them plain in our ldb

metze
 2007-10-10 14:48:19 -05:00
Stefan Metzmacher
cdfd4ee8e5 r21355: work in child domains, CN=Configuration isn't always under the domain dn 
metze
 2007-10-10 14:48:18 -05:00
Stefan Metzmacher
23adca4e34 r21315: ldb now supports filters like (&(dn=%s)(&(objectClass=kerberosSecret)(privateKeytab=*))) again 
we can use such a filter:-)

we should only update the keytab for records matching this filter,
that means we need to do a search before calling cli_credentials_set_secrets()

metze
 2007-10-10 14:48:09 -05:00
Stefan Metzmacher
608d24f001 r21306: fix the RPC-LSA tests the admin couldn't no longer get the 'currentValue' 
attribute...

this needs more works, but make it work again for now

metze
 2007-10-10 14:48:07 -05:00
Stefan Metzmacher
7146e265a4 r21296: remove the session specific encryption from the attributes 
before storing them.

metze
 2007-10-10 14:48:04 -05:00
Stefan Metzmacher
181b3a031f r21282: we only need one for loop... 
metze
 2007-10-10 14:44:59 -05:00
Stefan Metzmacher
f2af44d204 r21281: move constinancy checks to the beginning of the function 
metze
 2007-10-10 14:44:58 -05:00
Andrew Bartlett
c3977b4bae r21179: Anything more complex than this causes the keytab never to be updated... 
Andrew Bartlett
 2007-10-10 14:44:43 -05:00
Andrew Bartlett
6ce557a1af r21135: Instead of having hooks to update keytabs as an explicit thing, update 
them as a hook on ldb modify, via a module.

This should allow the secrets.ldb to be edited by the admin, and to
have things update in the on-disk keytab just as an in-memory keytab
would.

This isn't really a dsdb plugin, but I don't have any other good ideas
about where to put it.

Andrew Bartlett
 2007-10-10 14:44:31 -05:00
Stefan Metzmacher
4d6629c683 r20978: 300 seconds as interval is ok, when we do nothing 
metze
 2007-10-10 14:44:16 -05:00
Stefan Metzmacher
f7e82a0c94 r20977: start the 'drepl' service, which currently does nothing by default, 
but make it less verbose

metze
 2007-10-10 14:44:16 -05:00
Stefan Metzmacher
fde0aabd9a r20975: - implement handling of meta data an on originating add 
there're a few things TODO, but it's a good start

we need to research if an originating change causes the replUpToDateVector
attribute to change...(I assume it, but needs testing)

metze
 2007-10-10 14:44:06 -05:00
Stefan Metzmacher
15eae968b8 r20974: add basic infrastructure for a DSDB replication service 
not activated yet...

it will handle inbound pull replication and outbound change notification

metze
 2007-10-10 14:44:06 -05:00
Stefan Metzmacher
4c8b717092 r20973: add functions to create the autocreated subSchema Attributes: 
attributeTypes, objectClasses and dITContentRules

this is just a start and doesn't create anything useful yet...

metze
 2007-10-10 14:44:06 -05:00
Stefan Metzmacher
b7d48274a7 r20971: we don't need this check twice:-) 
metze
 2007-10-10 14:44:05 -05:00
Stefan Metzmacher
a5200ef0ca r20968: - add functions to sort the meta data and attribute arrays 
- we should use them before we store records to disk

metze
 2007-10-10 14:44:04 -05:00
Stefan Metzmacher
cd32613407 r20957: a value of FF0000000000000000000000000000000000000000 isn't stored as schemaInfo 
so we need to use it as value if nothing is stored

metze
 2007-10-10 14:44:02 -05:00
Stefan Metzmacher
f062f09fbf r20923: only allow extended operations for SYSTEM or administrators for now 
metze
 2007-10-10 14:43:53 -05:00
Stefan Metzmacher
fc5319e927 r20921: - only give password attributes to the SYSTEM account 
- but SYSTEM and administrators can change them

metze
 2007-10-10 14:43:52 -05:00
Stefan Metzmacher
7108d62cb0 r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control 
it hides objects with isDeleted=TRUE by default, and let them through
if the control is present

metze
 2007-10-10 14:43:51 -05:00
Stefan Metzmacher
40c27ef88d r20906: allow LDAP simple binds using the following syntaxes in the DN field: 
CN=Administrator,CN=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base
Administrator@W2K3
W2K3\Administrator
w2k3.vmnet1.vm.base/Users/Administrator

w2k3 also allows this (and maybe more...?)

metze
 2007-10-10 14:43:50 -05:00
Stefan Metzmacher
4588e2522b r20902: don't crash if the object isn't there yet 
metze
 2007-10-10 14:43:50 -05:00
Stefan Metzmacher
308f9cf822 r20871: implement the validFSMOs constructed attribute on the rootdse 
for the schema, domain naming and pdc fsmo roles

infrastructure and rid manager will be added later,
when we have module for them

metze
 2007-10-10 14:43:43 -05:00
Stefan Metzmacher
7862fcdbb5 r20870: implement the constructed attributes dsSchemaAttrCount, 
dsSchemaClassCount and dsSchemaPrefixCount on the rootdse

having a loaded dsdb_schema make things so easy...:-)

metze
 2007-10-10 14:43:43 -05:00
Stefan Metzmacher
341fae8e84 r20867: add modules to handle the domain naming and the pdc FSMO Roles 
metze
 2007-10-10 14:43:42 -05:00
Stefan Metzmacher
63f4634443 r20866: - fix debug messages missing new lines 
- use LDB_DEBUG_WARNING in some places
- debug if we're the schema master

metze
 2007-10-10 14:43:42 -05:00
Stefan Metzmacher
3f441741a6 r20864: move common stuff into an extra function 
metze
 2007-10-10 14:43:41 -05:00
Stefan Metzmacher
b1377a2e24 r20863: check that there's a current partition control attached to the request 
metze
 2007-10-10 14:43:41 -05:00
Stefan Metzmacher
b3fce383d3 r20855: pass the DSDB_CONTROL_CURRENT_PARTITION_OID control also for the 
send_all case

metze
 2007-10-10 14:43:40 -05:00
Stefan Metzmacher
06a46b1db4 r20853: attach the DSDB_CONTROL_CURRENT_PARTITION_OID control when requests 
are passed to a specific partition

metze
 2007-10-10 14:43:40 -05:00
Stefan Metzmacher
0d75cca6f3 r20849: first step to move away from using find_backend() and use find_partition() 
instead

metze
 2007-10-10 14:43:39 -05:00
Stefan Metzmacher
3d313f08c7 r20847: - split some code out into a new function find_partition() 
- make all functions static

metze
 2007-10-10 14:43:39 -05:00
Stefan Metzmacher
684eee52e8 r20826: make the dsdb_control_current_partition struct public and allocate an oid for the 
control

metze
 2007-10-10 14:43:37 -05:00
Stefan Metzmacher
e5de40f8c2 r20809: rename struct partition into struct dsdb_control_current_partition 
we'll soon pass this down as DSDB_CONTROL_CURRENT_PARTITION_OID control
so that the repl_meta_data module knows where to update the replUpToDateVector
attribute

metze
 2007-10-10 14:43:34 -05:00
Stefan Metzmacher
c42dab21fb r20780: keep a dsdb_schema_fsmo struct as private data 
and remember if we're the schema master

metze
 2007-10-10 14:40:53 -05:00
Stefan Metzmacher
0b98f11d3e r20779: fix compiler warnings 
metze
 2007-10-10 14:40:53 -05:00
Stefan Metzmacher
0ef90769b4 r20778: we don't need a talloc_steal here 
metze
 2007-10-10 14:40:53 -05:00
Stefan Metzmacher
fc1a836ecc r20776: require a loaded dsdb_schema for originating add and modify operations 
(later we'll require it for all originating changes...)

metze
 2007-10-10 14:40:52 -05:00
Stefan Metzmacher
d78de0fb68 r20771: add an ldb module which will force the Schema FSMO Role Owner 
constraints and it also loads the dsdb_schema at startup.

currently it only loads the dsdb_schema

metze
 2007-10-10 14:40:51 -05:00
Stefan Metzmacher
efa31bbc37 r20767: don't pass a dsdb_schema to dsdb_extended_replicated_objects_commit() 
anymore it should use the dsdb_schema attached to the ldb_context
via dsdb_get_schema()

metze
 2007-10-10 14:40:49 -05:00
Stefan Metzmacher
6ecd1342de r20766: when creating dsdb_attribute or dsdb_class structs from ldb, try the oid mapping 
if the dsdb_schema has mappings attached

metze
 2007-10-10 14:40:49 -05:00
Stefan Metzmacher
1c3d1723e9 r20764: fix some little bugs 
metze
 2007-10-10 14:40:48 -05:00
Stefan Metzmacher
cab3acb9bb r20763: add function to get the oid mappings in drsuapi or ldb form 
metze
 2007-10-10 14:40:48 -05:00
Stefan Metzmacher
a934da4dcf r20762: load the default dn's after the rootdse module is initialized, 
so that following module can access the default dn's.

metze
 2007-10-10 14:40:47 -05:00
Stefan Metzmacher
c8f5aad40a r20760: also handle the case where no private data is attached to the module 
metze
 2007-10-10 14:40:46 -05:00
Stefan Metzmacher
b7f681a8a1 r20733: add a function to load the oid mappings from ldb_val's 
metze
 2007-10-10 14:40:34 -05:00
Stefan Metzmacher
2e79863d54 r20729: add a version number to struct dsdb_extended_replicated_objects 
metze
 2007-10-10 14:40:33 -05:00
Stefan Metzmacher
4380cc9ed6 r20728: the DSDB_CONTROL_REPLICATED_OBJECT_OID control isn't used anymore 
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation

metze
 2007-10-10 14:40:32 -05:00