IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We already do that for objects in dsdb_convert_object_ex().
We need to be consistent and do the same for linked attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12128
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
dsdb_create_prefix_mapping() should be the only place that calls
dsdb_schema_pfm_make_attid().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12128
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We may not have a prefix mapping for the new attribute definition,
it will be added later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12128
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We should create the working_schema prefix map before we try to
resolve the schema. This allows getting the same mapping (if there's not already
a conflict) and allows us to remove the implicit prefix mapping creation
in the prefix mapping lookup functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12128
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We allow a hint for the id from the remote prefix map.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12128
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This avoids confusion when reading the talloc dump from a ldb context that has
been the target of replication, as the dsdb_schema_copy_shallow() memory was
still around, if unused.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12115
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This attempts to make it clear what memory is short term and what memory is long term
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12115
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
It's perfectly valid to replicate from a partner with an older schema
version, otherwise schema changes would block any other replication
until every dc in the forest has the schema changes.
The avoids an endless loop trying to get schema in sync with the partner.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12115
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will simplify the schema checking in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12115
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Otherwise dreplsrv_op_pull_source_get_changes_trigger() could infinitely recurse.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 6 01:24:05 CEST 2016 on sn-devel-144
There were no users of the data, and it added additional complexity
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should propagate resolved conflicts immediately.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jul 23 03:18:58 CEST 2016 on sn-devel-144
The caller needs to know about them in order to decide about possible
notifications.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
When UF_SMARTCARD_REQUIRED is set to an account we need to remove
the current password and add random NT and LM hashes (without updating
the pwdLastSet field.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 22 19:51:09 CEST 2016 on sn-devel-144
It's important that Primary:SambaGPG is added as the last element.
This is the indication that it matches the current password.
When a password change happens on a Windows DC,
it will keep the old Primary:SambaGPG value, but as the first element.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This will be used to store the cleartext utf16 password
GPG encrypted as 'Primary:SambaGPG' in the
supplementalCredentials attribute.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
For any reasonably large domain, the old KCC is impractical as the dense
mesh topology causes replication pulses.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Typically this is automatically set in ndr_push_supplementalCredentialsBlob(),
but we need to change that behavior in order to handle strange formated
values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 19 17:22:51 CEST 2016 on sn-devel-144
These tests add a few deleted users and ensure they are VLV-able.
In a `make test` context there will be other deleted users lying
around, so we can't assert the expected results of the search without
looking first.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The first search in each round of VLV performs the search then saves
the results in the form of an array of GUIDs, which subsequent calls
refer to to get different ranges from the same search. These
subsequent calls make an individual search for each GUID. If the
original search had the show_deleted control, the array may contain
GUIDs for deleted items, which would not be seen on the later
searches without the same control.
So we save all controls except the VLV itself and the sort control
(which won't affect the search for a single GUID) and reuse them on
the subsequent VLV searches.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This makes before/after lattice sparser for the slower tests. While
we're doing that, some of the tests are changed to traverse the
lattice in a different order just in case that matters.
There is very little chance that any particular combination of before
and after parameters will behave uniquely wrongly.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This ensures we and sync from a server with DISABLE_OUTBOUND_REPL set
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We find that Windows 2012R2 sends a NULL parent_guid here, probably when no change to name is replicated.
That is, if there has not been a rename, this is not required information, as we
can just merge with the existing object, not matter where it is
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Tested against Win2012R2. The deactivated link control has no effect on either
one way links or pseudo ones (only two-way ones presumably).
Signed-off-by: Garming Sam <garming@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Note that this test will not work properly across ldap as the
marked-deleted linked attributes will not appear.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Normally linked attributes are deleted by marking them as with RMD flags,
but sometimes we want them to vanish without trace. At those times we
set the DSDB_CONTROL_REPLMD_VANISH_LINKS control.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
The if-condition explicitly tests for new_schema==NULL, so this seems to be a
valid error case. The DEBUG statement would segfault in this case.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 13 06:34:33 CEST 2016 on sn-devel-144
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Jul 13 02:59:25 CEST 2016 on sn-devel-144
A search on * can be quite expensive if we have to post-process any of the results
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
