1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-14 12:59:07 +03:00
Commit Graph

378 Commits

Author SHA1 Message Date
21702bfcde Cope with slight changes in tdb API. 2008-12-18 20:43:05 +00:00
61a2d5c878 Use plain Python C API for registry module, rather than SWIG. 2008-12-18 16:49:33 +00:00
7a5b6a2ea1 Handle different failure modes when we wipe the db in provision
We didn't handle the mode where we can't load the main sam.ldb due to
the modules being 'wrong', and when we did remove the file, we didn't
wipe the partitions.
2008-12-18 17:17:56 +11:00
ebe1e923c8 s4:provision: use extended_dn_out_ldb or extended_dn_out_dereference depending on the backend
This just changes the existing stratagy of loading different modules
for the OpenLDAP backend to also include extended_dn_out_*

When we provision the OpenLDAP backend, we make sure to include the
'deref' overlay (which must be made available by the OpenLDAP build)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17 12:29:28 +11:00
1f28541a24 s4:dsdb: split extended_dn into extended_dn_in, extended_dn_out and extended_dn_store.
By splitting the module, the extended_dn_in and extended_dn_store
moudles can use extended_dn_out to actually get the extended DN.  This
avoids code duplication.

The extended_dn_out module also contains a client implementation of
the OpenLDAP dereference control (draft-masarati-ldap-deref-00).

This also introduces a new control
'DSDB_CONTROL_DN_STORAGE_FORMAT_OID' to ask the extended_dn_out module
to return whatever the 'storage format' is.  This allows us to work
with both OpenLDAP (which performs a dereference at run time) and LDB
(which stores the GUID and SID on disk).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17 12:29:28 +11:00
c9f69f1436 Fix installation of Samba 4 during merged build. 2008-10-30 23:19:51 +01:00
8b06312f7e Eliminate another instance of global_loadparm. 2008-10-24 13:13:27 +02:00
0f043c197c Move pytalloc to talloc directory. 2008-10-24 02:52:51 +02:00
6069407ed1 Fix rpcecho test. 2008-10-21 14:23:42 +02:00
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
e549759efe Fix blackbox tests on IPv6-only hosts. 2008-10-20 10:18:02 +02:00
fc54ca014b Move the password_hash module up the module stack.
This makes it operate in all partitions (minor), but more importantly
places it above some other modules that implement some extra schema
checks.  (The linked_attributes module objects to unknown attributes,
which inclues clearTextPassword, which we need internally but is not
in the schema).

Andrew Bartlett
2008-10-16 12:31:19 +11:00
79f1ba8754 Make check_*.m4 m4 library files just contain functions that can be
executed from other m4 files.
2008-10-14 22:37:10 +02:00
436346e3ad Move tests for Python inside function. 2008-10-14 22:26:39 +02:00
f9facb5120 Move all subunit files to lib directory. 2008-10-08 02:22:39 +02:00
3ecde315d3 Import tests for subunit python module. 2008-10-08 02:19:59 +02:00
7f1c02cd7a Enable winreg Python tests - authentication works now. 2008-09-30 15:24:46 +02:00
fae2fce47e s4:provision: don't do the full provision in the become_dc
metze
2008-09-27 02:12:22 +02:00
db6bd2a3d6 Fix DNs - only one more samba3sam test failing now. 2008-09-21 03:42:27 +02:00
6f6e42ce60 Generate with 1.3.36. 2008-09-18 23:55:50 +02:00
3b5330e909 Fix check. 2008-09-17 17:00:36 +02:00
4f266dff13 Only try with -LPYTHONDIR/lib when python-config output didn't work.
(This used to be commit 62d76356c1)
2008-09-09 23:49:07 +02:00
1d8973a82e Attempt to correctly find python on host sunx
(This used to be commit 59b62280d2)
2008-09-09 23:35:17 +02:00
ef9169bfa6 Make it clear that the MMR password can differ from the admin passsword
In the future, we might simply randomly generate this, or allow the
admin to specify it seperate to the admin password.  However, both are
highly sensitive, as they imply read access to the krbtgt.

Andrew Bartlett
(This used to be commit 57d19ad002)
2008-09-08 15:09:06 +10:00
b76f383eef Use DIGEST-MD5 authentication for OpenLDAP replication
This avoids passing rootdn passwords or replicated data in cleartext
across the network.

Signed-of-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 67373c143a)
2008-09-08 14:39:54 +10:00
1929b2fb51 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
(This used to be commit c273d63f94)
2008-09-04 12:49:29 +10:00
fbbe799e4e Regenerate SWIG file.
(This used to be commit e8ba65c4db)
2008-09-03 22:55:24 +02:00
24a9181f25 Avoid using version call for version string.
(This used to be commit 1897cef508)
2008-09-03 22:29:53 +02:00
9817f3d785 Add a setexpiry operation in samdb.py
This makes it easy to set the expiry (or no expiry) for a samdb user
(This used to be commit 25171f18a4)
2008-08-30 07:32:44 +10:00
8237c0ba83 The index handling is now configured from the schema load, not by a
template.

Andrew Bartlett
(This used to be commit b36c6a21ad)
2008-08-21 12:59:16 +10:00
41493cbe68 Update OpenLDAP MMR configuration per comments by Oliver Liebel
<oliver@itc.li>

This changes the RIDs to be <serverID><DBID>, to ease later debugging.

The need to specify the port on the MMR URLs is now included in the
help.

Andrew Bartlett
(This used to be commit a5cbe8c09c)
2008-08-20 12:21:36 +10:00
b33f4541f6 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet
(This used to be commit fc6b4f03eb)
2008-08-19 14:11:51 +10:00
7ef21658fb Fix up new OpenLDAP MMR code.
This changes the MMR password from hard-coded value of 'linux',
adds tests and fixes the Fedora DS backend.

Currently the MMR password matches the admin password, but we can
change this to be another random value if required.

Also require the port to be specified on the command line, so we don't
hard-code a port of 9000.

Andrew Bartlett
(This used to be commit 08257c6d6c)
2008-08-19 14:10:14 +10:00
805dd85291 Generate Multi-Master Replication configuration for OpenLDAP
This patches provision-backend and the related scripts to generate the
correct configuration blobs for N-way multi-master replication using
OpenLDAP.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 6ed0b3f247)
2008-08-19 12:03:04 +10:00
47d80366be Fix templates.ldb reprovision handling.
This sets the attributes in a seperate transaction, and allows a
forced delete of the whole file.

Andrew Bartlett
(This used to be commit 423db2468b)
2008-08-19 11:43:41 +10:00
47124efe42 Add helper object Hostconfig to make it easier to get to e.g. the
SAM database.
(This used to be commit be75b2a36e)
2008-08-01 21:12:37 +02:00
1c94f3e95d Use new style python classes.
(This used to be commit 2a39aae0ce)
2008-08-01 21:00:09 +02:00
fff006bd84 Move domain DN determination out of newuser function.
(This used to be commit cbac27e6fa)
2008-08-01 20:47:22 +02:00
3b4ff07ded Actually fix missing substitution variables.
(This used to be commit 783412ecb2)
2008-08-01 20:47:03 +02:00
2fbe25b39d Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
(This used to be commit c87a8ba1fe)
2008-08-01 20:17:56 +02:00
3573420d7d Fix some forgotten substitute variables in provision, add check to prevent this sort of regression in the future.
(This used to be commit a461118f3b)
2008-08-01 20:17:29 +02:00
e80115deb9 We don't use EXTENSIBLEOBJECT any more.
(This used to be commit 4b137085c8)
2008-07-28 20:51:02 +10:00
08795db6d6 Make it even clearer what to do next in the LDAP backend setup
(This used to be commit bace931ad6)
2008-07-28 20:26:14 +10:00
45d60f5bd9 Always print the slapd startup command
(This used to be commit b1d05e7d14)
2008-07-28 20:18:17 +10:00
cff30c6da6 Remove unused function and make sensitive directories private.
(This used to be commit e23333d163)
2008-07-28 08:04:15 +10:00
1f285560bc Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
(This used to be commit b12dd8ee54)
2008-07-25 11:58:51 +10:00
11798902dc Complain if we are told to use an ldap backend, without the type
(This used to be commit e9c3c9ad82)
2008-07-25 08:45:16 +10:00
c9c296b6bb Install'named.txt' to private/ as documentation.
This document is much more use when subbed with all the right things.

Andrew Bartlett
(This used to be commit 136a855998)
2008-07-22 11:09:18 +10:00
fb3e663678 Improve DNS and Group poicy configurations.
- fixes bug #4813 (simplify DNS setup)
  - This reworks the named.conf to be a fully fledged include
  - This also moves the documentation into named.txt
 - improves bug #4900 (Group policy support in Samba)
   - by creating an empty GPT.INI
 - fixes bug #5582 (DNS: Enhanced zone file)
   - This is now closer to the zone file AD creates

committed by Andrew Bartlett
(This used to be commit 74d684f6b3)
2008-07-22 11:06:47 +10:00
3408a2d18f Make a seperate template for the refint configuration too
(This used to be commit d2a527acc5)
2008-07-18 18:58:56 +10:00