sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code
67,551 Commits 60 Branches 1,146 Tags
Commit Graph

2264 Commits

Author SHA1 Message Date
Kamen Mazdrashki
395b09c1b6 s4-dsdb-schema_prefixmap: Print debug message when internal failure occurs 2010-09-21 00:15:24 +03:00
Anatoliy Atanasov
b4eba4268d s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test 2010-09-20 09:46:10 -07:00
Anatoliy Atanasov
7250cb3e73 s4/fsmo: Create separate function for retrieving fsmo role dn and owner dn. 
This functionality is needed for DsCrackNames ListRoles command also.
 2010-09-20 09:44:19 -07:00
Anatoliy Atanasov
faeeb5c8e7 s4/drs: use type enum drsuapi_DsNameFormat in DsCrackNames code 2010-09-20 09:41:00 -07:00
Andrew Tridgell
34f47a33df s4-rootdse: mark registered controls as non-critical 
this is needed for clients that may include unnecessary controls in
requests and mark them as non-critical
 2010-09-19 19:20:48 -07:00
Anatoliy Atanasov
5d807107bb s4/fsmo: Naming master support added 
Test suite for fsmo is extended with a test case for naming master too.
 2010-09-19 12:16:04 -07:00
Andrew Tridgell
e72a1e2055 s4-pydsdb: added am_rodc() method on samdb 2010-09-19 11:29:32 -07:00
Kamen Mazdrashki
d76bb4ac40 s4-drs: Check for schema changes only in case we are *not* applying Schema replica 
This fixes the problem when we fail to replicate with
a partner DC that has a newer Schema with attributeSchema
objects with OIDs that we don't have in our local prefixMap.
 2010-09-18 15:09:47 +03:00
Kamen Mazdrashki
9256b5f226 s4-schema: Helper func to compare schemaInfo signitures 2010-09-17 13:53:03 +03:00
Kamen Mazdrashki
1295da92f9 s4-schema: use dsdb_schema_info_blob_is_valid() to verify schemaInfo blob 
instead of parsing it.
 2010-09-17 13:53:03 +03:00
Kamen Mazdrashki
aedefd3e99 s4-prefixMap: use dsdb_schema_info_blob_is_valid() for schemaInfo blob validation 
This fixes a leaking dsdb_schema_info object also.
 2010-09-17 13:53:03 +03:00
Kamen Mazdrashki
e691b1fd27 s4-dsdb: Add dsdb_schema_info_blob_is_valid() to verify schemaInfo blobls 2010-09-17 13:53:03 +03:00
Andrew Tridgell
e5cd023a41 s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls 2010-09-16 16:08:46 +10:00
Andrew Tridgell
3b87e3e951 s4-repl: if we are an RODC don't set WRIT_REP in replication 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
05ec123b3b s4-repl: add partial attribute set to getncchanges calls for RODCs 
when we are a RODC we must supply a partial attribute set in the
getncchanges call

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
520252c8d2 s4-repl: added min_usn to extended replication call 
the repl_secret code needs to set it to avoid too many duplicate
attributes

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
1da147e6fa s4-repl: added repl_secret handling 
initiate a repl secret extended op when requested

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
d5673b5501 s4-repl: cleanup the extended op calls in repl server 
- use generic parameter names
- trigger a run of pending ops on all extended ops
- don't prevent parallel fsmo transfers
- moved extended op code into drepl_extended
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
e18c0030e0 s4-pyjoin: fill in the dns name in the python replication method 
this is needed to get the repsFrom DNS entry right

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:01 +10:00
Andrew Tridgell
f89f3cf30f s4-repl: split out the extended op handling 
this is not part of the rid allocation logic

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:00 +10:00
Andrew Tridgell
54b5370474 s4-repl: cleanup getncchanges extended op calls 
Multiple calls are allowed to run in parallel as long as they don't
conflict.

This also cleans up the variable names in the extended op calls.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-16 07:24:00 +10:00
Anatoliy Atanasov
2eeba94c9c s4/fsmo: Handle infrastructure, pdc and rid extended ops 
With this change we can transfer all roles back and forward, except
for the naming master. Also this commit fixes the naming of
fsmo_role_dn - used to point to the DN from which we read fSMORoleOwner
role_owner_dn - used to point to the NTDSDSA who owns the role
Now we always pass fsmo_role_dn, role_owner_dn to the extended operation
and to drepl_create_role_owner_source_dsa

Conflicts:

	source4/dsdb/repl/drepl_ridalloc.c
 2010-09-15 14:00:28 +03:00
Andrew Tridgell
6c45eeb944 s4-repl: use consistent API calls for getting DN GUID 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:36 +10:00
Andrew Tridgell
ce2004d631 s4: fixed some printf format errors 2010-09-15 15:39:35 +10:00
Andrew Tridgell
13a8745cae s4-rodc: add a trigger message for REPL_SECRET to auth_sam 
when an RODC tries to authenticate against an account and the account
has no password information it needs to send a message to the drepl
server to tell it to try and replicate the secret information from
a writeable DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
b9393e4896 s4-kcc: removed redundent loop check 
el has already been checked for NULL
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
a17da70785 s4-dsdb: check for invalid backend type 2010-09-15 15:39:34 +10:00
Andrew Tridgell
3e88f3cf33 s4-rootdse: setup length after NULL check 2010-09-15 15:39:34 +10:00
Andrew Tridgell
d00cb8b3d3 s4-dsdb: fixed use after free for RODC 2010-09-15 15:39:33 +10:00
Andrew Tridgell
597372df34 s4-dsdb: free right context on failure 
down_req is not initialised yet
 2010-09-15 15:39:33 +10:00
Andrew Tridgell
cbd8297b4d s4-dsdb: defer ac->msg after check for NULL ac 2010-09-15 15:39:33 +10:00
Andrew Tridgell
5a4a11cb98 s4-anr: check for allocation failure before use 2010-09-15 15:39:33 +10:00
Jelmer Vernooij
8209198998 waf: work around circular dependency finder erroneously removing dependency of gensec on dcerpc. 2010-09-14 17:24:05 +02:00
Matthias Dieter Wallnöfer
6e720ecd25 s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for LDAP filters 
This makes also lookups through special backends as "samba3sam" work.
 2010-09-13 22:41:06 +02:00
Matthias Dieter Wallnöfer
a4b7fac86d s4:cosmetic - the SID attribute is called objectSid - not objectSID 2010-09-13 22:39:50 +02:00
Matthias Dieter Wallnöfer
fe958c009b Revert "s4:samldb LDB module - simplify the message handling on add and modify operations" 
This reverts commit 1d94bb3ad4d9c6de3b77ed4690a54ebf2399cc0d.

This commit causes unconditional behaviour (sometimes it works, sometimes not) -sorry for introducing this.

I will rework this further.
 2010-09-13 10:39:39 +02:00
Matthias Dieter Wallnöfer
123712840f s4:samldb LDB module - remove a disastrous "talloc_free" 
This completely destroys the program logic (async callbacks). Sorry for
introducing this.
 2010-09-12 22:26:10 +02:00
Matthias Dieter Wallnöfer
0939ba4488 Revert "s4:util_samr.c - also here we've now the default primaryGroupID detection working" 
This reverts commit 7e9e35db4126f953e8a2579d992c63b274011119.

Sorry, the logic is working differently here. We do still need this.
 2010-09-12 22:25:37 +02:00
Matthias Dieter Wallnöfer
7e9e35db41 s4:util_samr.c - also here we've now the default primaryGroupID detection working 2010-09-12 21:19:27 +02:00
Matthias Dieter Wallnöfer
4a2941535d s4:ldap.py - tests the primary group detection by the "userAccountControl" 2010-09-12 19:23:06 +02:00
Matthias Dieter Wallnöfer
7f424155e6 s4:samldb LDB module - "samldb_check_primaryGroupID" - support RID derivation from "userAccountControl" 
Specified in MS-SAMR 3.1.1.8.1 and probably fixes also bug #7441.
 2010-09-12 19:23:06 +02:00
Matthias Dieter Wallnöfer
22d42432ac s4:samldb LDB module - free the "ac" context after the delete checks 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
1d94bb3ad4 s4:samldb LDB module - simplify the message handling on add and modify operations 
We perform always only one shallow copy operation of the message on the "req"
context. This allows to free the "ac" context when we've prepared all our
changes.
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
79f22e5d70 s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see that it is only in use by the delete operation 
add and modify helpers will stay on the top of the add and modify operation
since they will likely be shared as much as possible.
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
bb1da645ed s4:samldb LDB module - add a comment to mark the beginning of the extended operation handler 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
dad7cdad22 s4:samldb LDB module - refactor "samldb_find_for_defaultObjectCategory" to be again synchronous 
Also to make it easier to comprehend
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
6aca09b0b7 s4:samldb LDB module - refactor the "primaryGroupID" check on user creation 
This looks more straight-forward now.
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
e1de425cb8 s4:samldb LDB module - get rid of the SID context variable 
Since we get more and more rid of async stuff we don't need this in the context
anymore.
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
79a98b893a s4:samldb LDB module - use also here the real attribute denomination "sAMAccountName" 
Purely cosmetic - but nicer to read
 2010-09-12 19:23:05 +02:00
Matthias Dieter Wallnöfer
0eb281d8f2 s4:samldb LDB module - rename "check_SamAccountType" into "check_sAMAccountType" 
And a small cosmetic change.
I like to have the real attribute names in the function denominations
 2010-09-12 19:23:04 +02:00