1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

343 Commits

Author SHA1 Message Date
Kamen Mazdrashki
561205b016 s4/dsdb-util: Use DS_NTDSDSA_OPT_IS_GC flag definition
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sun Feb 27 00:10:45 CET 2011 on sn-devel-104
2011-02-27 00:10:44 +01:00
Andrew Tridgell
94c04b10db build: moved libds/common/flag_mapping.c into a common subsystem
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-24 11:57:48 +11:00
Andrew Tridgell
8dc92c8f71 ldb: use #include <ldb.h> for ldb
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10 06:51:07 +01:00
Andrew Bartlett
fbe6d155bf s4-auth Remove special case for account_sid from auth_serversupplied_info
This makes everything reference a server_info->sids list, which is now
a struct dom_sid *, not a struct dom_sid **.  This is in keeping with
the other sid lists in the security_token etc.

In the process, I also tidy up the talloc tree (move more structures
under their logical parents) and check for some possible overflows in
situations with a pathological number of sids.

Andrew Bartlett
2011-01-20 23:44:05 +01:00
Matthias Dieter Wallnöfer
93d96414be s4:dsdb_find_nc_root - fix it up to let the provisioning work correctly
Use the temporary list unless we have at least the three main
"namingContexts" from the rootDSE available (Default, Configuration, Schema -
these are mandatory on all AD deployments!).

This bug has been discovered by Nadya in relation with her SD work.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Jan 15 19:01:11 CET 2011 on sn-devel-104
2011-01-15 19:01:11 +01:00
Andrew Tridgell
a38854f74b s4-dsdb: minimise the DN in group expansion
this DN we have came from an extended DN search, which means it may
have multiple extended components. We need to minimise the DN before
AD will accept it

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-14 16:39:33 +11:00
Andrew Bartlett
cbffc51313 s4-dsdb Implement tokenGroups expansion directly in ldb operational module
This removes a silly cross-dependency between the ldb moudle stack and auth/

Andrew Bartlett
2011-01-14 16:39:32 +11:00
Nadezhda Ivanova
9aaacee6cd s4-dsdb: Added a helper function to get the default dns domain as string. 2010-12-22 12:29:14 +02:00
Matthias Dieter Wallnöfer
32bae10512 s4:dsdb/common/util.c - remove unused variable "ndr_err" 2010-12-21 15:10:37 +11:00
Andrew Bartlett
eda1972b68 s4-dsdb Use sid_blob_parse() 2010-12-16 15:54:36 +11:00
Jelmer Vernooij
35fbc7bbda s4-smbtorture: Make test names lowercase and dot-separated.
This is consistent with the test names used by selftest, should
make the names less confusing and easier to integrate with other tools.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
2010-12-11 04:16:13 +01:00
Matthias Dieter Wallnöfer
93d85ca5fd s4:fix some shadowed declaration warnings on Solaris by renaming the symbols 2010-12-06 11:28:58 +01:00
Matthias Dieter Wallnöfer
f92055f298 s4:dsdb/common/util_samr.c and auth/sam.c - fix error message 2010-12-04 14:27:40 +01:00
Matthias Dieter Wallnöfer
b6750eee28 s4:dsdb/common/util_samr.c - "dsdb_enum_group_mem" - fix it up regarding non SAM members
For example contacts.
2010-12-04 11:24:44 +01:00
Matthias Dieter Wallnöfer
8742faf19f s4:dsdb/common/util.c - "samdb_msg_add_add/delval" - introduce also here the better memory context
"msg->elements" fits better than "msg".
2010-12-01 16:30:08 +01:00
Matthias Dieter Wallnöfer
7cc2f98038 s4:"dsdb_find_nc_root" - let it work also when the "namingContexts" attribute isn't available yet
This is needed on provisioning when the modules aren't set up yet.
2010-11-16 15:25:13 +01:00
Matthias Dieter Wallnöfer
feb00fe7cc s4:dsdb - proof against empty RDN values where expected
This should prevent crashes as pointed out on the mailing list.
2010-11-11 10:03:40 +01:00
Matthias Dieter Wallnöfer
d6c78fbd3a s4:password_hash LDB module - move "samdb_msg_find_old_and_new_ldb_val" into the password_hash LDB module
It's only used there and so I think it doesn't really belong in
"dsdb/common/util.c" (I first thought that it could be useful for ACL checking
but obviously it wasn't).
2010-11-11 10:03:39 +01:00
Stefan Metzmacher
dedc9e32e5 s4:dsdb/common: add DSDB_SECRET_ATTRIBUTES_EX()
metze
2010-11-09 23:01:25 +01:00
Stefan Metzmacher
0e3a13f8cc s4:dsdb/common: create a DSDB_SECRET_ATTRIBUTES define with all secret attributes
We should have them just in one place, so that we don't forget some of them.

metze
2010-11-09 22:25:51 +01:00
Matthias Dieter Wallnöfer
9154d4dcfc s4:samdb_msg_find_old_and_new_ldb_val - rework
- don't crash when no values where specified
- return ERR_CONSTRAINT_VIOLATION on malformed messages
- only check for flags when we are involved in a LDB modify operation
2010-11-08 11:27:03 +00:00
Stefan Metzmacher
a94fbb9ed5 s4:dsdb/common: fix memory leak in samdb_ntds_settings_dn()
fetch and set should use the same name!

metze
2010-11-04 17:13:01 +01:00
Matthias Dieter Wallnöfer
45cd2e445d s4:samr RPC server - remove wrong implementation of ReplicaSourceNodeName
This should represent a replication partner - never the DC iself
2010-10-29 09:55:18 +00:00
Matthias Dieter Wallnöfer
6fb64b9c7a s4:"samdb_search_count" - introduce a "mem_ctx" parameter
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't?

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104
2010-10-25 17:42:33 +00:00
Matthias Dieter Wallnöfer
fd7943bc80 ldb:gendb_* calls: support a "NULL" resultset parameter
This is useful for "samdb_search_count" where only the amount of entries
matters.
2010-10-25 18:58:20 +02:00
Matthias Dieter Wallnöfer
f9a6ff482c s4/ldb:introduce the LDB_CONTROL_PROVISION_OID control
This control is exactly thought for the actions which previously were performed
using the RELAX one.

We agreed that the RELAX control will only remain for interactions with OpenLDAP.
2010-10-23 16:37:29 +02:00
Andrew Bartlett
5650e8558e s4-dsdb Allow LDB_ERR_INVALID_DN_SYNTAX in dsdb_load_partition_usn
This will happen on an OpenLDAP backend, because @ records are invalid in LDAP.

We don't have these sequence numbers in this case.

Andrew Bartlett
2010-10-19 22:34:58 +11:00
Matthias Dieter Wallnöfer
a3f61dea40 Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c""
This reverts commit 8a2ce5c47c.

Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17 13:37:16 +00:00
Matthias Dieter Wallnöfer
8a2ce5c47c s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c"
They're only in use by SAMDB code.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-17 09:40:13 +00:00
Matthias Dieter Wallnöfer
a72ffb0d01 s4:dsdb/common/util.c - describe the behaviour of the functions "samdb_msg_add_uint", "samdb_msg_add_uint64" and "samdb_msg_set_uint" a bit more
Unsigned int data in AD is a bit problematic to handle. Problem described by
abartlet.
2010-10-16 10:42:21 +02:00
Matthias Dieter Wallnöfer
10e1de3e06 s4:samdb_msg_add_int* - use "ldb_msg_add_string" rather than "samdb_msg_add_string"
"ldb_msg_add_string" is safe here since the integer has already been converted
to a string which is "talloc"ed on "mem_ctx".

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Oct 15 09:11:49 UTC 2010 on sn-devel-104
2010-10-15 09:11:49 +00:00
Matthias Dieter Wallnöfer
9310da1e2b s4:samdb_create_foreign_security_principal - proof error code of "samdb_msg_add_string" 2010-10-15 08:45:14 +02:00
Matthias Dieter Wallnöfer
9e69b22e70 s4:dsdb/common/util.c - samdb_msg_add_* calls - proof for more OOM conditions 2010-10-15 08:45:14 +02:00
Matthias Dieter Wallnöfer
06ec5d0177 s4:dsdb/common/util.c - samdb_msg_add_string - the attribute name doesn't need to be duplicated
This is done internally by the LDB library - look at "ldb_msg_add_empty".
2010-10-15 08:45:01 +02:00
Matthias Dieter Wallnöfer
9bc57e19e6 s4:dsdb - remove "samdb_msg_add_value"
This can be substituted by "ldb_msg_add_value".

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Oct 15 00:21:53 UTC 2010 on sn-devel-104
2010-10-15 00:21:53 +00:00
Matthias Dieter Wallnöfer
a0e9814c0d s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", "samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-15 08:36:01 +11:00
Andrew Bartlett
5742f5115c libcli/security Use common security.h
This includes dom_sid.h and security_token.h and will be moved
to the top level shortly.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-12 03:35:36 +00:00
Jelmer Vernooij
3b19993561 dsdb/schema: Move some dsdb_dn functions that are schema-specific. 2010-10-11 01:06:35 +02:00
Jelmer Vernooij
33c4b85058 dsdb: Move attr_in_list to SAMDB_COMMON to avoid circular dependency between SAMDB_COMMON and DSDB_MODULE_HELPERS. 2010-10-10 23:39:47 +02:00
Matthias Dieter Wallnöfer
ea36245ebe s4:dsdb/common/util_samr.c - use an LDB constant for result checking
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Oct  7 07:40:31 UTC 2010 on sn-devel-104
2010-10-07 07:40:31 +00:00
Matthias Dieter Wallnöfer
c9da3122c8 s4:dsdb/common/util.c - provide message set functions for integer types
They will be used by the samldb LDB module
2010-10-07 08:59:28 +02:00
Matthias Dieter Wallnöfer
6320cface9 s4:dsdb/common/util.c - change the usage of the RECYCLED control
Use it only in conjunction with the DELETE one to allow the functions to work
also against Windows < 2008R2. This is really important for the vampire
operation.

Also mark the RECYCLED control as non-critical (so that it's simply ignored by
older Windows'es).

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct  4 16:10:11 UTC 2010 on sn-devel-104
2010-10-04 16:10:11 +00:00
Matthias Dieter Wallnöfer
e3081b92c1 s4:dsdb - substitute the "show_deleted" with the "show_recycled" control
We intend to see always all objects with the "show_deleted" control specified.
To see also recycled objects (beginning with 2008_R2 function level) we need to
use the new "show_recycled" control.

As far as I see this is only internal code and therefore we don't run into
problems if we do substitute it.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-03 15:23:18 +00:00
Matthias Dieter Wallnöfer
46282da011 s4:dsdb/common/util.c - introduce "DSDB_SEARCH_SHOW_RECYCLED" flag
This is needed since starting with 2008_R2 function level we get another type
of hidden objects which aren't seen by the "show_deleted" control: recycled
objects.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-03 15:23:18 +00:00
Matthias Dieter Wallnöfer
64be07bc70 s4:dsdb_dn_val_rmd_flags - memmem - scan the whole string for occourences
Do this as in "dsdb_dn_is_upgraded_link_val". There is really no reason to
truncate before search.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct  3 10:45:39 UTC 2010 on sn-devel-104
2010-10-03 10:45:39 +00:00
Andrew Tridgell
ee15dc9692 s4-dsdb: added dsdb_search_by_dn_guid()
this is more efficient than first searching for the DN, then doing a
search. We should look at using this in lots of existing code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-01 21:09:51 -07:00
Andrew Tridgell
57f67701a6 s4-dsdb: silence the domainFunctionality not setup warning 2010-09-30 14:36:11 -07:00
Andrew Tridgell
d4939ce4fc s4-drs: moved the drs_ObjectIdentifier handling to dsdb_dn.c
this will be used outside of the drs server.

This also fixes the handling of the ndr_size elements of the
drs_ObjectIdentifier
2010-09-28 11:36:40 -07:00
Nadezhda Ivanova
6caa512815 s4-dsdb: adapted check_access_on_dn for use in drs. 2010-09-28 11:36:40 -07:00
Andrew Bartlett
88abf441d0 s4-dsdb Add ldb_reset_err_string() when we set error codes.
If we don't we could show an old, incrorrect error
2010-09-29 04:23:07 +10:00
Andrew Bartlett
063b61289d s4-dsdb Make samdb_reference_dn() use dsdb_search() and DSDB_SEARCH_ONE_ONLY
This simplifies the function.  While doing so, also change the error
string setting to set a really clear error string for the failure to find
and failure to parse cases.

Andrew Bartlett
2010-09-29 04:23:07 +10:00
Andrew Tridgell
e313667983 s4-dsdb: added samdb_find_site_for_computer() and samdb_find_ntdsguid_for_computer()
these will be used by the new RODC dns update code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-27 22:55:04 -07:00
Nadezhda Ivanova
4d3f528411 s4-dsdb: A helper to determine if an attribute is part of the search filter 2010-09-26 15:36:09 -07:00
Matthias Dieter Wallnöfer
2e913994f2 s4:dsdb/common/util_samr.c - remove the primary group specifications
Now also the primary group detection/change on modify operations does work

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24 09:25:42 +10:00
Anatoliy Atanasov
b4eba4268d s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test 2010-09-20 09:46:10 -07:00
Anatoliy Atanasov
7250cb3e73 s4/fsmo: Create separate function for retrieving fsmo role dn and owner dn.
This functionality is needed for DsCrackNames ListRoles command also.
2010-09-20 09:44:19 -07:00
Matthias Dieter Wallnöfer
6e720ecd25 s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for LDAP filters
This makes also lookups through special backends as "samba3sam" work.
2010-09-13 22:41:06 +02:00
Matthias Dieter Wallnöfer
a4b7fac86d s4:cosmetic - the SID attribute is called objectSid - not objectSID 2010-09-13 22:39:50 +02:00
Matthias Dieter Wallnöfer
0939ba4488 Revert "s4:util_samr.c - also here we've now the default primaryGroupID detection working"
This reverts commit 7e9e35db41.

Sorry, the logic is working differently here. We do still need this.
2010-09-12 22:25:37 +02:00
Matthias Dieter Wallnöfer
7e9e35db41 s4:util_samr.c - also here we've now the default primaryGroupID detection working 2010-09-12 21:19:27 +02:00
Matthias Dieter Wallnöfer
c0a863b6f3 s4:ldb_register_samba_handlers - fix up and convert result codes to LDB/LDAP results 2010-09-11 17:41:38 +02:00
Matthieu Patou
42dfa71ef5 dsdb: make the ATTRIBUTE NOT FOUND more clear 2010-09-05 12:29:20 +04:00
Andrew Tridgell
6eb34e6907 s4-dsdb: fixed dsdb_get_extended_dn_sid()
it should honor the component_name

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-20 20:34:11 +10:00
Andrew Tridgell
c122939919 s4-drs: implement RODC attribute filtering override
When a RODC uses extended getncchanges operation
DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to
replicate the secret attributes.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-20 20:34:11 +10:00
Kamen Mazdrashki
c5ec1f3d92 s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functions 2010-08-19 03:34:02 +03:00
Kamen Mazdrashki
b5af7b9a1e s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functions 2010-08-19 03:34:01 +03:00
Matthias Dieter Wallnöfer
eb345ebedf s4:samdb_set_password/samdb_set_password_sid - make more arguments "const" 2010-08-17 18:45:33 +02:00
Matthias Dieter Wallnöfer
d72d7f9c5f s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support the password change control
And introduce parameters to pass the old password hashes.
2010-08-17 18:45:33 +02:00
Matthias Dieter Wallnöfer
bbb9dc806e s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID"
Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards
contain a record with the specified old password as NT and/or LM hash.
2010-08-17 18:45:32 +02:00
Andrew Tridgell
6baa834ebe s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages
The flags field of message elements is part of a set of flags. We had
LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely
being used (only 1 call used it correctly). This adds
LDB_FLAG_MOD_MASK() to make it more obvious what is going on.

This will allow us to use some of the other flags bits for internal
markers on elements

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17 21:21:50 +10:00
Matthias Dieter Wallnöfer
dadcc84009 s4:samdb_set_password_sid - fix comment
Add more possible result NTSTATUS codes
2010-08-16 18:45:26 +02:00
Matthias Dieter Wallnöfer
1fc3676974 s4:samdb_set_password - fix formatting
(Sorry, I've overseen this)
2010-08-15 19:45:29 +02:00
Matthias Dieter Wallnöfer
3fcd76237d s4:samdb_set_password - implement the extended LDAP error code detection 2010-08-15 19:42:40 +02:00
Matthias Dieter Wallnöfer
07af3f289e s4:samdb_set_password - return "NT_STATUS_WRONG_PASSWORD" when a user account doesn't exist
This is for the (SAMR) account detection protection mechanism.
2010-08-14 18:48:20 +02:00
Matthias Dieter Wallnöfer
303089f5b8 s4:dsdb/common/util.c - provide a call which returns the forest function level
Sooner or later we'll need this too since not all operations depend only on the
current's domain function level (see the MS-ADTS docs).
2010-08-10 19:08:56 +02:00
Matthias Dieter Wallnöfer
e53fc1228f s4:dsdb/common/util.c - use LDB constants whenever possible 2010-08-10 19:08:56 +02:00
Matthias Dieter Wallnöfer
25e973d5db s4:dsdb/common/util.c - add a function "dsdb_add" 2010-08-07 14:22:41 +02:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Andrew Tridgell
87df785a68 s4-dsdb: use ldb_operr() in the dsdb code
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
2010-07-07 20:14:55 +10:00
Matthias Dieter Wallnöfer
9c8135785a s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
This value is set by the ADUC console.
2010-07-06 21:54:20 +02:00
Nadezhda Ivanova
5a18fc2b2a Implementation of self membership validated right.
When this right is granted, the user can add or remove themselves from a group even
if they dont have write property right.
2010-06-28 10:43:50 +03:00
Matthias Dieter Wallnöfer
c38f94ed9b s4:dsdb_load_partition_usn - free the right memory context (tmp_ctx) 2010-06-21 11:10:02 +02:00
Matthias Dieter Wallnöfer
87d0f63632 s4:dsdb - add a new dsdb delete function which understands the tree delete control 2010-06-20 18:52:29 +02:00
Andrew Bartlett
ecfce7365c s4:dsdb Add control for signaling between repl_meta_data and linked_attributes
This control will allow the linked_attributes module to know if
repl_meta_data has already handled the creation of forward and back
links.

Andrew Bartlett
2010-06-16 09:57:51 +10:00
Andrew Bartlett
8ea4118472 s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val.
Andrew Bartlett
2010-06-15 10:53:50 +10:00
Matthias Dieter Wallnöfer
cadf774f8b s4:dsdb/common/util.c - provide a better implementation of the "samdb_msg_add_(add/del)val" calls
This supports now also coexisting add and delete message elements with the
same attribute name.
2010-06-06 20:47:10 +02:00
Matthias Dieter Wallnöfer
0fce829de4 s4:dsdb_load_udv_v1 - "uint32_t" counter type fits better than "unsigned int" 2010-05-31 22:43:28 +02:00
Matthias Dieter Wallnöfer
f927881028 s4:dsdb/common/util.c - fix a counter variable 2010-05-30 20:52:10 +02:00
Matthias Dieter Wallnöfer
189950ce06 s4:dsdb_enum_group_mem - use "unsigned" counters
"size_t" counters aren't really needed here (we don't check data lengths).
And we save the result in a certain "num_sids" variable which is of type
"unsigned".
2010-05-24 22:01:36 +02:00
Matthias Dieter Wallnöfer
4d76c0aa80 s4:dsdb_lookup_rids - "unsigned" counters fit better than "signed" in this case 2010-05-24 22:01:20 +02:00
Matthias Dieter Wallnöfer
9696bba1d7 s4:dsdb_add_user - check the "cn"/"account_name" length (should be >= 1)
This needed by the "cn_name_len"-1 accesses.

And use a "size_t"-typed variable for storing it (length specificators should
always be stored using "size_t" variables).
2010-05-24 21:55:11 +02:00
Andrew Bartlett
f6aa090202 s4:samr Push most of samr_LookupRids into a helper function
This is a rewrite of the lookup_rids code, using a query based on the
extended DN for a clearer interface.

By splitting this out, the logic is able to be shared, rather than
copied, into a passdb wrapper.

Andrew Bartlett
2010-05-24 23:08:56 +10:00
Andrew Bartlett
c6ffd884d9 s4:samr Push most of samr_QueryGroupMember into a helper function
This is a rewrite of the group membership lookup code, using the
stored extended DNs to avoid doing the lookup into each member to find
the SID

By splitting this out, the logic is able to be shared, rather than
copied, into a passdb wrapper.

Andrew Bartlett
2010-05-24 23:08:49 +10:00
Andrew Bartlett
20d2847492 s4:samr Move most of samr_CreateDomAlias into a helper function
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
2010-05-24 23:08:11 +10:00
Andrew Bartlett
fc04e565b0 s4:samr Split most of samr_CreateDomainGroup into a helper function
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
2010-05-24 23:08:11 +10:00
Andrew Bartlett
43c931b2d4 s4:samr Split the guts of samr_CreateUser2 into a helper function
This allows this logic to be shared, rather than copied, into a passdb
wrapper.

Andrew Bartlett
2010-05-24 23:08:11 +10:00
Andrew Bartlett
e0d141bd46 s4:dsdb Allow a NULL search expression in dsdb_search()
The NULL search expression expands to (objectClass=*), but %s expands
NULL to (NULL) which doesn't parse...

Andrew Bartlett
2010-05-24 23:08:11 +10:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Anatoliy Atanasov
26d41c23f6 s4-rodc: Cache am_rodc flag 2010-05-17 13:30:27 +03:00
Stefan Metzmacher
11730520a7 s4:dsdb: fix samdb_result_logon_hours() and don't hardcode units_per_week
metze
2010-05-13 19:12:42 +02:00