IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.
This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases.
In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC. This matches windows behavour. We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).
This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.
Andrew Bartlett
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
Always set the krb5key from the ntPwdHash, even if we don't have the
cleartext password in sambaPassword. This fixes kerberos after a
vampire.
Andrew Bartlett
This moves these attributes from objectguid into an optional backend
(objectguid), used by ltdb. For OpenLDAP, the entryUUID module
converts entryCSN into usnChanged.
This also changes the sequence number API, and uses 'time based'
sequence numbers, when an LDAP or similar backend is detected.
To assist this, we also store the last modified time in the TDB,
whenever we change a value.
Andrew Bartlett
reject reason code while password changing: SAMR_REJECT_IN_HISTORY which
is different from SAMR_REJECT_COMPLEXITY.
torture test to follow as well.
Guenther
to mess with the values in these cases.
Where we do convert the values, try and convert substrings. This
isn't going to be perfect, but we should try rather than segfault.
This also avoids using the wrong arm of the union for the attribute
name
The change in the entryUUID module is to correct the case of
sAMAccountName, due to the case sensitive ldap.js test.
Andrew Bartlett
This adds a list of attributes that are in our wildcard seaches, but
the remote server requires to be explicitly listed. This also cleans
up the handling of wildcards in ldb_map to be more consistant.
Also fix the partitions module to rebase the search, if on the GC
port, we do a subtree search. (Otherwise backends can rightly
complain that the search is not in their scope).
Andrew Bartlett
asks for them as large integers, rather than a negative integer.
Due to an OpenLDAP bug, this only works reliably against OpenLDAP CVS
as of today. (but mostly works in older versions, depending on a
thread-specific value fo errno in the server).
Andrew Bartlett
emacs compile mode (hint, paste to a file, and compile as "cat
filename").
This allowed me to fix nearly all the warnings for a IA_64 SuSE build
very quickly.
At the moment it is able to validate an object has no conflicting
objectlasses that it meets the criteria to be inserted as child of
the parent and also sorts and create the objectclass hierarchy so
that the objectclass .c module can be obsoleted.
Not activated by default as we have to completely rework the
current provisioning method. (In my tests I could not activate
it before all other ldif except for the one that create users
were loaded, make test seem to be happy anyway if it is activated
after provisioning).
Next steps will be attribute and attribute syntax checking on add operation.
And then the modify operation will follow.
Simo.
OID mappings.
The key point is to 'enable' the partitions in the partitions module
before the init is complete. That way, the modules can perform
searches that use partitions.
Andrew Bartlett
