IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
It does not depend on READ_PROPERTY, but on SECURITY_PRIVILEGE and READ_CONTROL
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Oct 27 13:18:50 UTC 2010 on sn-devel-104
The aclread module used to use a control to make sure the request comes from the ldap server,
but now the rootdse filters out any unregistered controls comming from ldap, so the control is
lost. Using the LDB_HANDLE_FLAG_UNTRUSTED is a much more elegant solution.
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Oct 27 11:55:11 UTC 2010 on sn-devel-104
dsdb_schema_pfm_attid_from_oid() instead of
dsdb_schema_pfm_make_attid() as those functions are
supposed to return ATTIDs only for OIDs we already know about
(i.e. are in prefixMap)
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Oct 26 22:44:36 UTC 2010 on sn-devel-104
read-write functions.
dsdb_schema_make_attid() may change prefixMap implicitly
and this is not always desired behavior.
The problem was that
(1) callers had no control on this behavior
(2) callers had no way to know wheter prefixMap has been
changed which can lead to hard to find bugs like
prefixMap is changed in read operation
- Also multi-valued "member" attributes are allowed
- When you try to delete a member from a group which has it primary group set
exactly to this group you get "UNWILLING_TO_PERFORM"
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't?
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104
They can be substituted by "ldb_msg_add_string" if the string was already
talloc'ed.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 24 20:03:27 UTC 2010 on sn-devel-104
In both the "objectguid" and the "repl_meta_data" DSDB module.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 24 18:39:43 UTC 2010 on sn-devel-104
Only link to nss_wrapper when it is enabled.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
This control is exactly thought for the actions which previously were performed
using the RELAX one.
We agreed that the RELAX control will only remain for interactions with OpenLDAP.
Currently it is mapped to Octet String LDAP syntax
for comparison purposes.
According to LDAP rfc we should be using same comparison
as Directory String (LDB_SYNTAX_DIRECTORY_STRING), but case sensitive.
But according to ms docs binary compare should do the job:
http://msdn.microsoft.com/en-us/library/cc223200(v=PROT.10).aspx
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Fri Oct 22 22:19:50 UTC 2010 on sn-devel-104
This implementation doesn't use prefixMap/Schema to validate
numericoid OIDs. We may not have this OID yet, so I see no point
checking schema for if we have it.
Side effect of using prefixMap/Schema for validating numericoids
is that we mistakenly add the OID to the prefixMap.
This led to a corrupted prefixMap in LDB.
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Thu Oct 21 23:32:26 UTC 2010 on sn-devel-104
We didn't seem to get the control created by the time we do searches here.
Andrew Bartlett
Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org>
Autobuild-Date: Thu Oct 21 12:29:54 UTC 2010 on sn-devel-104
these functions operate on ldb_modules, so they should be in the
ldb_modules directory. They also should return ldb errors codes, not
WERROR codes, as otherwise the error can be hidden from the ldap
caller
This re-arrangement fixes a dependency loop in the schema/samdb code.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Kamen Mazdrashki <kamenim@samba.org>
This helps ensure that we don't get confusing error strings in the
logs on other error cases.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 19 12:16:07 UTC 2010 on sn-devel-104
If we send the full extended DN, then we risk standards-complient LDAP
servers rejecting it as invalid. Only the DN portion is needed to
resolve the record in any case, and any SID or GUID componenets have
already been evaluated into the DN.
Andrew Bartlett
