1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

343 Commits

Author SHA1 Message Date
Andrew Bartlett
4d7dad1315 s4-dsdb: Remove unused variables
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep  1 05:10:47 CEST 2012 on sn-devel-104
2012-09-01 05:10:47 +02:00
Andrew Bartlett
01ade93c7c s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_context
This was found based on a log provided by Ricky Nance
<ricky.nance@weaubleau.k12.mo.us>.  Thanks Ricky!

Andrew Bartlett
2012-09-01 03:33:20 +02:00
Andrew Bartlett
108c8b758a s4-dsdb: Use samdb_dn_is_our_ntdsa()
This uses a GUID based comparison, and avoids re-fetching the
samdb_ntds_settings_dn each time.

Andrew Bartlett
2012-08-14 15:37:22 +02:00
Andrew Bartlett
d582e1bef6 s4-dsdb: Add samdb_dn_is_our_ntdsa()
This is like samdb_reference_dn_is_our_ntdsa but without the attribute de-reference.

Andrew Bartlett
2012-08-14 15:37:22 +02:00
Andrew Bartlett
773d0367a6 s4-dsdb: Use samdb_reference_dn_is_our_ntdsa() 2012-08-14 15:37:22 +02:00
Andrew Bartlett
1e127b270c s4-dsdb: Add helper function samdb_reference_dn_is_our_ntdsa()
We often want to know if we own an FSMO role (for example).  This tries to be more
efficient by comparing the GUID, rather than the string DN, as this does not need
to be re-fetched each time.

Andrew Bartlett
2012-08-14 15:37:22 +02:00
Andrew Bartlett
3c8d8f206b s4-dsdb: Use ldb_dn_copy() rather than talloc_reference()
As the normal case (outside provision) uses a copy, this avoids a case
where a caller might modify a global variable accidentily.

As suggested by metze.

Andrew Bartlett
2012-08-14 15:37:22 +02:00
Andrew Bartlett
fd0394d85d s4-libnet: Improve debugging of libnet_BecomeDC LDAP errors 2012-08-14 15:37:22 +02:00
Andrew Bartlett
9566786853 s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dn
As this value is calculated new each time, we need to give it a context to live on.

If the value is the forced value during provision, a reference is taken.

This was responsible for the memory leak in the replication process.  In the
example I was given, this DN appeared in memory 13596 times!

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
2012-08-14 10:05:14 +02:00
Andrew Bartlett
f74e7b5606 s4-dsdb: Add const 2012-08-14 08:27:19 +02:00
Andrew Bartlett
6f71878263 s4-dsdb when setting DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID make it non-critical 2012-06-27 11:29:17 +02:00
Matthias Dieter Wallnöfer
cd5d282a46 s4:dsdb/common/util.c - samdb_is_pdc() - fail if the "fSMORoleOwner" attribute has not been set 2012-04-29 19:06:52 +02:00
Jelmer Vernooij
d875327b10 Move NS_GUID_string and NS_GUID_from_string to dsdb-common. 2012-03-20 13:54:07 +01:00
Ricky Nance
2f7e715302 s4-lib: Remove unused samdb_msg_set_value()
Found by callcatcher.

Ricky Nance
2012-02-25 03:51:37 +01:00
Ricky Nance
8a22ccadd5 s4-lib: Remove unused samdb_msg_set_string()
Found by callcatcher.

Ricky Nance
2012-02-25 03:51:37 +01:00
Ricky Nance
b136687d1f s4-lib: Remove unused samdb_msg_set_int()
Found by callcatcher

Ricky Nance
2012-02-25 03:51:37 +01:00
Andrew Bartlett
1a9ee7cbd5 dsdb: Allow DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID to be specified as a flag 2012-01-24 18:36:49 +11:00
Matthias Dieter Wallnöfer
1b741b2bcc s4:dsdb/common/util.c - test LDB result against LDB_SUCCESS as we are always doing
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Dec  9 12:00:03 CET 2011 on sn-devel-104
2011-12-09 12:00:03 +01:00
Amitay Isaacs
9318e00a1f dsdb: Fix the password expiry calculation
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if

  pwdLastSet = null, or
  pwdLastSet = 0, or
  (maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
2011-11-18 14:38:28 +11:00
Amitay Isaacs
a6ed9071b9 dsdb: Handle the case when extended rights string is NULL
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>

Signed-off-by: Andrew Tridgell <tridge@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov  2 07:03:40 CET 2011 on sn-devel-104
2011-11-02 07:03:40 +01:00
Andrew Tridgell
8905344bad s4-dsdb: fixed re-join of subdomain
if we repeat the join of a subdomain then we try to re-create the NC
for the subdomain during a DsAddEntry(). This allows that re-creation
to succeed if the NC already exists
2011-10-04 15:08:58 +11:00
Andrew Tridgell
278e44cf9f s4-dsdb: simplify samdb_is_gc()
we already have a function for returning the NTDS options
2011-10-04 15:08:57 +11:00
Andrew Tridgell
60cbc98051 s4-dsdb: added new control DSDB_MODIFY_PARTIAL_REPLICA
this control tells the partition module that the DN being created is a
partial replica, so it should modify the @PARTITION object to add the
partialReplica attribute

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-10-04 15:08:57 +11:00
Andrew Tridgell
00ef18f19c s4-dsdb: added NO_GLOBAL_CATALOG control
this control is used to ask samdb to not return searches with a basedn
in partial repica partitions, which is needed to support the
difference between a search on the 3268 GC ldap port and the non-GC
389 port
2011-09-22 10:00:48 +10:00
Andrew Tridgell
677600fb7f s4-dsdb: failing to find the object is not an error in dsdb_loadreps()
we may not have replicated the partition yet, so this should be
considered the same as having no repsFrom/repsTo
2011-09-22 10:00:48 +10:00
Andrew Tridgell
1e9573fe4d s4-dsdb: fixed compiler warning
sid can be const

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-08 03:35:27 +02:00
Andrew Bartlett
fe754cc7ac s4-dsdb Print clearer error messages when invalid account flags are specified on add 2011-09-05 11:25:38 +10:00
Andrew Bartlett
f81bb8df67 s4-dsdb Return ACL errors as ldb_errstring()
This string is reported to the caller, which makes debugging much easier.

Andrew Bartlett
2011-08-26 14:06:07 +02:00
Andrew Tridgell
9784fbc378 s4-dsdb: added samdb_ntds_msdcs_dns_name()
this gets the DNS name for a NTDS GUID, based on the forest DNS name

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-25 07:39:38 +10:00
Andrew Tridgell
9f404b3dea s4-dsdb: added samdb_dn_to_dns_domain()
this converts a DC into the equivalent DNS domain. It is used when
forming t_msdcs NTDS DNS names

Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-25 07:39:38 +10:00
Andrew Tridgell
bcbb35b088 s4-dsdb: assert that base DNs are used correctly
this will catch future programmer errors with incorrect base DNs

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-25 07:39:38 +10:00
Andrew Bartlett
2d6e98e5c8 s4-dsdb Give a less worrying error message on failure to get a transaction 2011-08-13 12:30:49 +10:00
Andrew Bartlett
2993113a56 s4-dsdb Add ability to force a particular SID in the upgrade case 2011-08-13 12:30:49 +10:00
Andrew Bartlett
c5e41a21dd s4-dsdb Add flag to set DSDB_BYPASS_PASSWORD_HASH control 2011-08-13 12:30:48 +10:00
Andrew Tridgell
fb490d88c1 s4-dsdb: don't cache the NTDS settings DN
this DN can change due to a server rename, so we cannot cache it. It
is set by provision, but not anywhere else.

This seems to not have a large performance impact

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-12 04:00:07 +02:00
Andrew Tridgell
d4a1f6a42b s4-dsdb: added dn_format attribute of a dsdb_attribute
this is faster than string comparisons during searches at runtime

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-04 16:17:25 +10:00
Andrew Tridgell
fc40769b64 s4-dsdb: fixed a warning on dsdb_delete()
struct ldb_dn is never const

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-04 16:17:24 +10:00
Andrew Tridgell
d10553a51c s4-dsdb: make requests for STORAGE_FORMAT control non-critical
this allows us to use dsdb_module_dn_by_guid() from levels below the
extended_dn_out module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-04 16:17:24 +10:00
Andrew Tridgell
114377a91f s4-dsdb: added dsdb_delete() function
this gives us a delete function that takes the standard set of dsdb
flags

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-21 11:44:36 +10:00
Dave Craft
0d1c54ecaf Standalone samdb_ntds_site_settings_options() helper
A helper function for retrieving the ntds site settings
via standalone function call.  Used within KCC

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-14 07:05:09 +10:00
Andrew Tridgell
3e4c08096d s4-drs: cope with missing RMD_ADDTIME in linked attributes
upgraded links can be missing the RMD_ADDTIME field
2011-06-10 10:14:56 +10:00
Andrew Bartlett
5d2ce400d2 s4-dsdb Add transactions to dsdb modify helpers 2011-05-08 17:36:26 +02:00
Andrew Tridgell
b96389d3e1 s4-socket: rename allow_access() to socket_allow_access()
this prevents a symbol collision with s3

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-05-03 07:37:07 +02:00
Andrew Tridgell
81f2dda626 s4-dsdb: added a ldb err -> NTSTATUS mapping
this is not perfect, but its better than always giving
NT_STATUS_UNSUCCESSFUL in our RPC servers

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-04-04 10:30:30 +10:00
Matthias Dieter Wallnöfer
ea12adf544 s4/ldb - remove now superflous "ldb_dn_validate" checks
If we immediately afterwards perform an LDB base operation then we don't
need an explicit "ldb_dn_validate" check anymore (only OOM makes sense).

Reviewed by: Tridge
2011-03-04 22:07:24 +01:00
Matthias Dieter Wallnöfer
0e68867b26 s4:dsdb - always handle the attribute "options" as 32bit unsigned integer
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as
64-bit integer.

Reviewed by: Kamenim and Metze

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Mar  1 12:46:15 CET 2011 on sn-devel-104
2011-03-01 12:46:15 +01:00
Matthias Dieter Wallnöfer
47369370a1 s4:dsdb/common/util.c - remove "samdb_find_or_add_value"
This isn't used anymore.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01 06:29:03 +01:00
Matthias Dieter Wallnöfer
c807911bf7 s4:dsdb/common/util.c - fully remove "samdb_msg_add_string"
This isn't needed anymore and will be substituted by
"ldb_msg_add_string".

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01 06:29:03 +01:00
Matthias Dieter Wallnöfer
c66780332b s4:remove many invocations of "samdb_msg_add_string"
This call can be substituted by "ldb_msg_add_string". We only need to be
careful on local objects or talloc'ed ones which live shorter than the message.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01 06:29:03 +01:00
Jelmer Vernooij
59a077d8f5 Fix some types
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
2011-02-28 23:30:06 +01:00