IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When the client tells us the highest_usn they have is N, then we want
to send them objects with usn>N, not>=N, as otherwise we end up
sending them the same object (the one with the highest uSN) again and
again.
uSNChanged>=N is good enough, and offers a possibility of a simple
optimisation where the partition module could look for that expression
and check the partitions sequence number, then avoid searching a
partition that doesn't have any records with a larger uSN.
We were relying on the uSNChanged>=n search always finding the DN of
the root of the partition, but this now doesn't happen very often as
we are now restricting when we change uSNChanged. This means we need
to always load the replUpToDateVector attribute from the NC root and
use it to populate the cursors in the return.
Our vampire code sends a zero GUID in the updaterefs calls. Windows
seems to ignore the GUID and use the DN in the naming context instead,
so I have changed our UpdateRefs server implementation to do the same.
With this change we can now vampire from s4<->s4 successfully! Now to
see if all the attributes came across correctly.
This patch implements DsReplicaSync by passing the call via irpc to
the repl server task. The repl server then triggers an immediate
replication of the specified partition.
This means we no longer need to set a small value for
dreplsrv:periodic_interval to force frequent DRS replication. We can
now wait for the DC to send us a ReplicaSync msg for any partition
that changes, and we immediately sync that partition.
Metze pointed out what the windows tool ldp.exe will examine repsTo
attributes on remote DCs, so we do in fact need to use the same format
that windows uses. This patch changes the server side implementation
of UpdateRefs to use the windows format
So far it returns the ctr6 responce without proper linked attributes
support and metadata. A couple of improvements are the filter in the search
uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes
are excluded from the result.
Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules. This moves them to a seperate templates.ldb.
In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search. This
returns far more useful errors, which we now handle and report better.
The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain. This function also returns better errors.
dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()
Andrew Bartlett
(This used to be commit f1ab90c88c)
some issues in the NBT server (this was a false positive, but easily
worked around) and DRSUAPI server.
We should take care not to use the ldb_context as a talloc pool, and
to always ensure that any results from ldb_search() are moved off that
pool with talloc_steal or talloc_free().
To work around the issue in provision, for which I can find no fault
(other than a lot of work being done in provision), I've moved the
detector trigger to 400 additional blocks.
This fixes Bug #4810 by <mwallnoefer@yahoo.de>
Andrew Bartlett
(This used to be commit 42bcf85620)
- fill in our on bind_info struct correctly
- remember the local and remote DsBindInfo28 struct
- remember the remote bind_buid
w2k3 now tries replicate using DsGetNCChanges() from us,
after the NET-API-BECOME-DC test created the domain controller
and replicated all data.
(But we still give a DCERPC fault in DsGetNCChanges()...)
metze
(This used to be commit 33550c063d)
for NT4 DC's in mixed mode domains.
This call is triggered by tranferring the PDC FSMO Role to another DC
the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl
metze
(This used to be commit d883815c8d)
usual things are more complex than they appear.
Also remove the incorrect server-side implementation, which blindly
assumed some sense of consistancy across the API switch levels.
Andrew Bartlett
(This used to be commit 79941adbff)
