IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
This is really important, because copying a file will both ignore
locks held by another process and break any locks we hold (due to
POSIX brain-damage regarding multiple fds on one file in a process).
By leaving this to tdbbackup in a child, both of these issues are avoided.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104
This update was only a total oblitoration of the existing database
and not a merge, and the shutil.copy would both disregard and break
locks on the database that are held at this point.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
samba-tool ntacl sysvolreset handles this better, and makes this tool
much less confusing internally.
Andrew Bartlett
Reviewed-by: Matthieu Patou <mat@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 19 06:06:41 CET 2013 on sn-devel-104
If we have a DomainDnsZone partition, we use BIND9_DLZ as backend
and fix errors in the ForestDnsZone and DomainDnsZone partitions.
Note: this should work fine also for SAMBA_INTERNAL.
If the current setup doesn't use dns specific partitions (e.g. alpha13 setups)
we pass dns_backend=BIND9_FLATFILE.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Without this schema_data_modify() will reject updates to schema objects
by default.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This allows the script to be used to create/remove the samba-specific dns-SERVER account
when we do not need to create the in-directory partition.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
Let nslookup use krb5.conf, which is set in our KRB5_CONFIG.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The sd_flags:1:15 control together with an empty security_descriptor
has the same effect as the recalculate_sd:0 control (which is samba only).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
The issue here is that if we set S-1-5-32-544 (administrators) to a
GID only, then users cannot force a mandetory profile to be owned by
administrators (which is a requirement).
There is no particularly useful reason for us to enforce this matching
a system group.
Andrew Bartlett
This avoids unlocked writes to the dns_hosts_file, and may fix some of our
issues on the build farm where large numbers of tests fail due to failed name resolution.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 26 05:48:25 CEST 2012 on sn-devel-104
Override the SIGINT handler in a few select cases only, rather than
doing so in one of the samba Python modules. I've done this where it
matters most; we can add this code to other scripts too if necessary.
This means that importing the 'samba' module from a third party
application does not have side-effects on the state of the signal
handlers.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9068
We need to check if we have hasMasterNCs. If we are RODC we have
hasFullReplicaNCs instead of hasMasterNCs.
TODO: maybe check for hasFullReplicaNCs, too?
Signed-off-by: Stefan Metzmacher <metze@samba.org>
System MIT krb5 build also enabled by specifying --without-ad-dc
When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.
Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
* Samba 4 client libraries and their Python bindings
* Samba 3 server (smbd, nmbd, winbindd from source3/)
* Samba 3 client libraries
In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
This replaces "bin/python" with the correct path for python libraries. The
pattern requires double quotes (") instead of single quotes (').
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue May 15 05:19:46 CEST 2012 on sn-devel-104
This fixes the issue of ldb 'Operations Error' when trying to modify
hasPartialReplicaNCs attribute.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue May 1 05:28:04 CEST 2012 on sn-devel-104
For RW DC the impact is pretty small but for RODC the whole SPN set is
rejected by the target DC as RODC hasn't the right to register DNS SPN
if it is not mastering this NC.
Make it AD-compatible using "(distinguishedName=...)".
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This change allows samba_upgradedns script to be run even on existing
dns provision (DLZ_BIND9 or SAMBA_INTERNAL) without any side effects.
This allows to "fix" dns provision after samba-tool domain join for
running BIND with DLZ plugin.
