Andrew Tridgell
5c51560d43
s4-cldap: return domainFunctionality from SAM
2009-09-23 13:57:59 -07:00
Jelmer Vernooij
adf66e75c0
Check for PyString_FromString being NULL.
2009-09-23 15:24:10 +02:00
Jelmer Vernooij
c5615211d4
provision: Avoid linking in multiple copies of security python module.
2009-09-23 15:24:10 +02:00
Andrew Tridgell
ee4f7f1209
s4-drsserver: sort by DN to give tree order
...
This might help the windows client with ordered requests. Later we
need to support the "ancestors" mode flag.
2009-09-22 17:10:06 -07:00
Andrew Tridgell
83bef7d047
s4-ldb: server side sort args are const char *
2009-09-22 17:10:06 -07:00
Andrew Tridgell
1dfcd4c22c
s4-ldb: fixed call argument order for ldb_dn_from_ldb_val
...
This caused _lots_ of problems, especially in server side sort
2009-09-22 17:10:06 -07:00
Andrew Tridgell
bb3bdb3a62
s4-ldb: added a bunch more debug for DC join
...
These additional debug messages were added to help us track down
w2k8->s4 domain join
2009-09-22 17:10:06 -07:00
Andrew Tridgell
4a74b28397
s4-ldb: when tracing, show ldb_set_debug messages
2009-09-22 17:10:06 -07:00
Andrew Tridgell
9b752399c1
s4-ldbmodules: allow instanceType to be specified by clients
...
This is needed for the WSPP ADS testsuite
2009-09-22 17:10:05 -07:00
Andrew Tridgell
430ee62e0c
s4-torture: add some debug info to RPC-HANDLES
2009-09-22 17:10:05 -07:00
Andrew Tridgell
8a090265b7
s4-rpcserver: added support for shared handles
...
This supports shared RPC handles across connections on all RPC
interfaces.
It turns out that w2k3 and w2k8 don't actually support this on all
pipes. We need to test which pipes we should enable this on.
2009-09-22 17:10:05 -07:00
Andrew Tridgell
a971b87a9e
s4-lsa: added support for QuerySecurity on LSA
...
This follows the sd pattern from samba3
2009-09-22 17:10:05 -07:00
Andrew Tridgell
69cb91a2eb
s4-rpcserver: added shared association groups
...
This patch allows us to share association groups and their rpc handles
between connections. This is needed for some DRSUAPI behaviour when
recent windows clients connect.
2009-09-22 17:10:05 -07:00
Andrew Tridgell
a30d613086
s4-rpcserver: run all RPC operations in a single task
...
This will make it much easier to implement shared handles with
association groups. It also means we can shared the ldb between RPC
connections.
2009-09-22 17:10:05 -07:00
Andrew Tridgell
5d16b9c1bf
s4-rpc: remove two unused functions
2009-09-22 17:10:05 -07:00
Andrew Tridgell
2e98ee0907
s4-ldb: only show the outer level of ldb ops when tracing
2009-09-22 17:10:05 -07:00
Andrew Tridgell
ec5d01278a
s4-ldb: don't show timestamps on every line of ldb traces
...
This adds ldb_debug_add() and ldb_debug_end() to format multiline
messages
2009-09-22 17:10:05 -07:00
Anatoliy Atanasov
68f33428c7
Move the check above the talloc
2009-09-22 14:46:18 -07:00
Nadezhda Ivanova
f54ef5f20f
s4:dsdb Fix of double addition of SD-s
...
Also add error strings in descriptor module
2009-09-21 20:50:34 -07:00
Andrew Bartlett
399c7160d5
s4:ldb Add 'single-value' support to LDB.
...
This is currently only triggered via Samba4's schema code.
2009-09-21 20:50:26 -07:00
Nadezhda Ivanova
9e85192e64
Merge branch 'master' of git://git.samba.org/samba
2009-09-21 17:29:28 -07:00
Nadezhda Ivanova
10c6f3f71a
Initial Implementation of the DS objects access checks.
...
Currently disabled. The search will be greatly modified,
also the object tree stuff will be simplified.
2009-09-21 17:27:50 -07:00
Anatoliy Atanasov
b850d7fb08
Add support in the ldb_dn.c code for MS-ADTS:3.1.1.5.1.2 Naming Constraints
2009-09-21 17:18:10 -07:00
Anatoliy Atanasov
6033ce2403
Add tests for MS-ADTS:3.1.1.5.1.2 Naming Constraints
2009-09-21 17:18:10 -07:00
Andrew Bartlett
bc53052d38
s4:dsdb Run the new 'descriptor' module by default.
...
This code was derived from the objectclass module, and we need the new
code in the default provision, or else no ACL is set on each object.
Andrew Bartlett
2009-09-21 16:33:47 -07:00
Andrew Tridgell
1fa643bdd7
s4-ldb: bit prettier output
2009-09-21 16:31:06 -07:00
Andrew Tridgell
4d984d0c05
s4-ldb: fixed O(n^2) string handling in ldif debug print
2009-09-21 16:31:01 -07:00
Andrew Tridgell
a5cdf36c3f
s4-samdb: enable ldb tracing when log level >= 10
2009-09-21 15:27:05 -07:00
Andrew Tridgell
ac56fed2f4
s4-schema: don't trace the schema load (too verbose)
2009-09-21 15:27:05 -07:00
Andrew Tridgell
b23294e407
s4-ldb: add --trace command line option to ldb tools
...
This enabled LDB_FLG_ENABLE_TRACING
2009-09-21 15:27:05 -07:00
Andrew Tridgell
97ffb912c1
s4-ldb: add a LDB_FLG_ENABLE_TRACING for full ldb tracing
...
When LDB_FLG_ENABLE_TRACING is set ldb will send full traces
of all operations and results
2009-09-21 15:27:05 -07:00
Andrew Tridgell
5b684bbfd7
s4-ldap: default edn type is 0
2009-09-21 15:26:32 -07:00
Andrew Tridgell
2fda203230
s4-ldb: add support for extended DNs in the rootDSE
...
W2K8 join as a DC relies on being able to ask for the sid component of
extended DNs from the rootDSE DNs
2009-09-21 15:26:32 -07:00
Andrew Tridgell
dd7f94a9e2
s4-dsdb: fixed a printf format warning
2009-09-21 15:26:31 -07:00
Nadezhda Ivanova
13b979b03d
Merge branch 'master' of git://git.samba.org/samba
2009-09-21 14:26:15 -07:00
Andrew Bartlett
1afc7c453c
s4:kerberos Fix the salt to match Windows 2008.
...
The previous commit changed the wrong end - we must fix our server,
not our client.
Andrew Bartlett
2009-09-21 12:28:38 -07:00
Andrew Bartlett
8738b83a44
s4:provision Make our default salt match our server behaviour
...
We need to look into salting algorithms further.
Andrew Bartlett
2009-09-21 11:59:33 -07:00
Matthias Dieter Wallnöfer
63f280cfef
s4:provision - Fix up ProvisioningError class as suggested by Jelmer
2009-09-21 17:20:49 +02:00
Matthias Dieter Wallnöfer
7373bb79d4
s4:samdb/tools - That should fix now the last failures
2009-09-21 13:53:47 +02:00
Matthias Dieter Wallnöfer
32f4afd617
s4:libnet_become_dc - bump down the level requested by abartlet
2009-09-21 11:59:07 +02:00
Matthias Dieter Wallnöfer
f0c080a484
s4:scripts - Reintroduce "-H" parameter
...
I removed it since on some scripts it was present, on others not - so I thought
it wouldn't be really needed. This was a bad decision (pointed out by abartlet).
So I reintroduce it on all scripts (to have consistent parameters).
2009-09-21 11:53:19 +02:00
Andrew Bartlett
23ffccd5d7
s4:provision Make us Windows 2008 level by defualt again
...
Also add a note to clarify that this should not be changed without
discussion and consensus. We don't want this bouncing around.
Paramater support to allow optional selection of Win2003 mode welcomed.
Andrew Bartlett
2009-09-20 23:05:30 -07:00
Stefan Metzmacher
f917044ec0
s4:dsdb/resolve_oids: add fast pathes for the common operations without oids
...
metze
2009-09-21 05:52:32 +02:00
Stefan Metzmacher
5656c22bea
s4:dsdb/resolve_oids: check return values in recursion
...
metze
2009-09-21 05:51:58 +02:00
Andrew Bartlett
9d9bd31bf9
s4:py_security Add missing header
2009-09-20 20:32:47 -07:00
Nadezhda Ivanova
025590e7a4
Merge branch 'master' of git://git.samba.org/samba
2009-09-20 17:43:46 -07:00
Andrew Bartlett
bfddb6816f
s4:provision Use code to store domain join in 'net join' as well
...
This ensures we only have one codepath to store the secret, and
therefore that we have a single choke point for setting the
saltPrincipal, which we were previously skipping.
Andrew Bartlett
2009-09-20 16:29:38 -07:00
Andrew Bartlett
1d4a16acd7
s4:ldb print out which LDB the transaction is still active on.
2009-09-20 16:29:37 -07:00
Andrew Bartlett
509a2bb97c
s4:provision split provision of DNS zone and self join keytab
2009-09-20 16:29:37 -07:00
Andrew Tridgell
11bfbc5160
s4-selftest: disable RAP-SCAN test
...
also pointless now we have docs
2009-09-20 15:27:09 -07:00