IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
'phantom_root' flag in the search_options control
- Add in support for LDB controls to the js layer
- Test the behaviour
- Implement support for the 'phantom_root' flag in the partitions module
- Make the LDAP server set the 'phantom_root' flag in the search_options control
- This replaces the global_catalog flag passed down as an opaque pointer
- Rework the string-format control parsing function into
ldb_parse_control_strings(), returning errors by ldb_errorstring()
method, rather than with printf to stderr
- Rework some of the ldb_control handling logic
Andrew Bartlett
(This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
We were returning just true/false and discarding error number and string.
This checking probably breaks swat, will fix it in next round as swat
is what made me look into this as I had no way to get back error messages
to show to the users.
Simo.
(This used to be commit 35886b4ae68be475b0fc8b2689ca04d766661261)
- use ${SCHEMADN} instead of CN=Schema,CN=Configuration,${BASEDN}
- do not include autogenerated values: instanceType, cn and name in the ldif output
- take care of the systemOnly attribute and a resulting NO-USER-MODIFICATION
metze
(This used to be commit 30a0e8b26e4b49927d733ac05e6032350fe22e9f)
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
(This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
Jelmer, we need to fix pidl to be able to handle the double pointers
in the ejs generated code
(This used to be commit 63760acbb7ef6bc32e82ac843adf4f0155f0cb0a)
This commit extends the samba3sam test suite, which contains tests for
the samba3sam and ldb_map modules, with a lot of tests for inbound,
i.e. add, modify, rename and delete requests.
The tests each add a single record, modify it, rename it, and then
delete it, at each step checking that the operations were successful
and that the right data went into the right partitions.
They are run for an unmapped record, a mapped record with data only in
the remote partition, a mapped record with remote data that is later
modified to include local data, and a mapped record with data in both
the local and remote partitions.
It also adds a function to the backend objects that makes construction
of DNs for their respective partitions more comfortable.
Cheers,
Martin
(This used to be commit 1ddd06f24d71c606241863cf4fe047833c64a6d2)
this version returns also oMSyntax and oMObjectClass and also
use the right value for the objects CNs
add a nasty hack to ejs' mprLdbMessage() to handle binary blobs situations
(This used to be commit 8dd1c1c05bc592d76d6e34b303048faf05c0fa6e)
suite, which contains tests for the samba3sam and ldb_map modules,
with a lot of tests for search requests.
The tests add a small set of known records to the database, half of
them with only remote data, half of them split across the local and
remote backends, and test searching these records by DN, by attribute
and with a range of parse trees.
This suite should be extensive enough to ensure that behaviour of
search requests doesn't break.
(This used to be commit 120f7891faf241057457db7234ce381bfe3fd847)
<mkhl@samba.org>.
Martin took over the work done last year by Jelmer, in last year's
SoC. This was a substanital task, as the the ldb modules API changed
significantly during the past year, with the addition of async calls.
This changeset reimplements and enables the ldb_map ldb module and
adapts the example module and test case, both named samba3sam, to the
implementation.
The ldb_map module supports splitting an ldb database into two parts
(called the "local" and "remote" part) and storing the data in one of
them (the remote database) in a different format while the other acts
as a fallback.
This allows ldb to e.g. store to and load data from a remote LDAP
server and present it according to the Samba4 schema while still
allowing the LDAP to present and modify its data separately.
A complex example of this is the samba3sam module (by Jelmer
Vernooij), which maps data between the samba3 and samba4 schemas.
A simpler example is given by the entryUUID module (by Andrew
Bartlett), which handles some of the differences between AD and
OpenLDAP in operational attributes. It principally maps objectGUID,
to and from entryUUID elements. This is also an example of a module
that doesn't use the local backend as fallback storage.
This merge also splits the ldb_map.c file into smaller, more
manageable parts.
(This used to be commit af2bece4d343a9f787b2e3628848b266cec2b9f0)
This confirms that records are replicated into the correct databases,
and that the case insensitive flags really work.
Andrew Bartlett
(This used to be commit ad463c1a5243019548bdbeea3070ec2e6cbcfcdf)
Unfortunetly this didn't find the wildcard bug, but at least it tests
something...
Andrew Bartlett
(This used to be commit f763970caf37a9191abd9c40f297c3f413fe9a56)
both fully qualified and in the 'short' form. Now we test and support
this query format.
Andrew Bartlett
(This used to be commit 9ddcfacbcedc5eea2730d4bf902c0fcd02bcfa11)
With this fix, we now correctly detect computers again, and get the
correct objectCategory, which is important for the OSX AD plugin.
Andrew Bartlett
(This used to be commit 4e39d7bb245bc337ac496c7e39a510d1c5611c71)
Add a test to show that we need this, and to prove it works (for add
at least).
Andrew Bartlett
(This used to be commit f72079029abb594677bf8c2b63e40c07e910004f)
This updates the module to handle both SID allocation and nextRid
updating while importing users. (As imported users already have a
SID, so don't go via the allocation step). We also ensure that SIDs
in the database are unquie at create time.
Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.
Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).
We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks. These checks also need to apply to modification, or those
modifications denied outright.
Also update part of the testsuite to validate this.
Andrew Bartlett
(This used to be commit 7a9c8eee4bea88f5f0bb7c62f701476384b7dc84)
Doing this required reworking ejsnet, particularly so it could take a
set of credentials, not just a username and password argument.
This required fixing the ejsnet.js test script, which now adds and
deletes a user, and is run from 'make test'. This should prevent it
being broken again.
Deleting a user from ejsnet required that the matching backend be
added to libnet, hooking fortunetly onto already existing code for the
actual deletion.
The js credentials interface now handles the 'set machine account' flag.
New functions have been added to provision.js to wrap the basic
operations (so we can write a command line version, as well as the web
based version).
Andrew Bartlett
(This used to be commit a5e7c17c348c45e61699cc1626a0d5eae2df4636)
