IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Considering http://msdn.microsoft.com/en-us/library/cc220262.aspx they do not
provide any "msDS-Behavior-Version" attributes.
gulikoza <gulikoza@users.sourceforge.net> noticed this correctly.
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
fSMORoleOwner attribute
This will fix bug 11613 where a user got the uncaught exception when trying
to seize an FSMO role that didn't have the required attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11613
Signed-off-by: Rowland Penny <repenny241155@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Sun Dec 6 00:33:10 CET 2015 on sn-devel-104
The netcmd/domain.py module uses os.popen() on user-supplied
parameters. This opens up the way to code injection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11601
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Nov 23 22:19:34 CET 2015 on sn-devel-104
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104
This would help remove a DC that is a conflict record, for example
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This is done primarilly to set the pattern that we should manipulate ldb.Dn values
with the helper routines, not just by concatonation via format strings.
We also restrict our exception hadling to only the expected errors, not
all errors.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
On an RODC the local database cannot be modified, and the flags to remove
are different, we need instead to remove UF_PARTIAL_SECRETS_ACCOUNT.
If we are in a subdomain, then db.get_root_basedn() points to the
forest root, not the root of our domain
If the removeDsServer() fails with WERR_DS_DRA_NO_REPLICA
this may be reasonably considered to be success in this case.
Finally, the remove_dc.remove_sysvol_references() is reused
for objects not under the computer account.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
domain demote
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
The new version of this tool now can remove another DC that is
itself offline. The --remove-other-dead-server removes
as many references to the DC as possible.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This allows the creation of domain clones that have no secrets,
and so make it safer to examine databases that demonstrate issues
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This command makes a clone of an existing AD Domain, but does not
join the domain. This allows us to test if the join would work
without adding objects to the target DC.
The server password will need to be reset for the clone to
be any use, see the source4/scripting/devel/chgtdcpass
(Based on patches written with Garming Sam)
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
We now only build it by default with --enable-sefltest, or otherwise
if requested.
The NTVFS file server still has features not present in the smbd file
server, such as a CIFS/SMB proxy, and a radically different design,
but it is also not undergoing any ongoing development so this keeps it
in a safe state for care and maintaince, with less of a security risk
if such an issue were to come up.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
"it's" is reserved for the contraction of "it is".
This *is* somewhat illogical, which is how you know its proper
English.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Add a new command "getdosinfo" to samba-tool to dump dosinfo xattr from
a file.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 29 06:00:49 CEST 2015 on sn-devel-104
Available subcommands:
create - Create a domain or forest trust.
delete - Delete a domain trust.
list - List domain trusts.
namespaces - Manage forest trust namespaces.
show - Show trusted domain details.
validate - Validate a domain trust.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10734
Signed-off-by: Rowland Penny <repenny241155@gmail.com>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>
Autobuild-User(master): José A. Rivera <jarrpa@samba.org>
Autobuild-Date(master): Thu Jun 18 10:24:48 CEST 2015 on sn-devel-104
This is the environment that represents our supported production
setup of an active directory domain controller.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
In transfer_role() there is an duplicate call to samdb.modify() inside the if statement
where the type of role is being determined (specifically for the naming fsmo). This
call is unnecessary as after the if statement their is a correct call, with a try/catch
block, used by all fsmo transfers that will handle errors - such as the DC with the
fsmo role being offline.
The call to samdb.modify() inside the if statement for naming fsmo has been removed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10924
Signed-off-by: Steve Howells <steve.howells@moscowfirst.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Replaced "--gid" with the correct "--gid-number" in Example 3.
Additionally removed the first comment line in group.py, which
was wrong in that file.
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Allow to create NIS enabled user accounts via 'samba-tool user add'.
To create NIS enabled accounts, the parameters
--uid-number=, --login-shell=, --unix-home=, --gid-number=
are mandatory. Because we didn't had a parameter to set unixHomeDirectory
yet, this patch also adds this feature.
'unixUserPassword: ABCD!efgh12345$67890' is added by default, when you
enable NIS on an account in ADUC. The same we do in samba-tool.
See: https://bugzilla.samba.org/show_bug.cgi?id=10909
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Marc Muehlfeld <mmuehlfeld@samba.org>
Autobuild-Date(master): Tue Feb 3 17:18:32 CET 2015 on sn-devel-104
Signed-Off-By: Daniel Cotton <danielcotton.patches at gmail.com>
Reviewed-By: Michael Adam <obnox@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Tue Dec 2 01:18:53 CET 2014 on sn-devel-104
Avoid hardcoded IP-strings, use standard python IP functions to format
IPv4 and IPv6 addresses correctly.
I have removed the display of the port number.
MS-DNSP 2.2.3.2.2.1 DNS_ADDR: (from May 15, 2014)
Port Number (2bytes): Senders MUST set this to zero, and receivers MUST ignore
it.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
DNS_ZONE_UPDATE_SECURE was used twice, DNS_ZONE_UPDATE_UNSECURE was missing.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
This allows creating RFC2307 enabled groups via samba-tool
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Oct 23 18:19:35 CEST 2014 on sn-devel-104
* rodc.py: destination_dsa_guid parameter was neglected
in drs_Replicate call
* rodc.py: cancel the local_samdb transaction on error
Change-Id: I962315a26ec48dc8774bb41db760387a3469c919
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Oct 23 03:05:00 CEST 2014 on sn-devel-104
Windows 2003 is going out of support shortly, and we want users to have AES by default
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10788
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 2 03:49:49 CEST 2014 on sn-devel-104
This new parameter offers the option to specify a default initial site name.
Otherwise it will be "Default-First-Site-Name".
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Change-Id: I291924785b505b26b91152c0c13b4afd4de068a6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Mon Feb 10 02:26:28 CET 2014 on sn-devel-104
In making this change, it also fixes a bug where attempting to dump a parameter would immediately cause an error
(due to a lack of string conversion).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
DNS query should either be '@' to represent entire zone or a fixed string
and not wildcard search pattern.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Kai Blin <kai@samba.org>
