sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-27 08:23:49 +03:00
Code Activity
11,991 Commits 64 Branches 1,179 Tags
5c779b3767b47c140fc658fb9aed0ebfd5d956f0
Commit Graph

182 Commits

Author SHA1 Message Date
Stefan Metzmacher
5c779b3767 r21298: protect windows password attributes too 
metze
 2007-10-10 14:48:04 -05:00
Andrew Bartlett
6ce557a1af r21135: Instead of having hooks to update keytabs as an explicit thing, update 
them as a hook on ldb modify, via a module.

This should allow the secrets.ldb to be edited by the admin, and to
have things update in the on-disk keytab just as an in-memory keytab
would.

This isn't really a dsdb plugin, but I don't have any other good ideas
about where to put it.

Andrew Bartlett
 2007-10-10 14:44:31 -05:00
Stefan Metzmacher
7510b9ca4a r20956: cn and instanceType are autogenerated values, later we need to remove them from all 
ldif files, but for now only the ones used by the NET-API-BECOME-DC test

metze
 2007-10-10 14:44:02 -05:00
Stefan Metzmacher
ba6ee1a098 r20859: fix typo 
metze
 2007-10-10 14:43:40 -05:00
Stefan Metzmacher
684eee52e8 r20826: make the dsdb_control_current_partition struct public and allocate an oid for the 
control

metze
 2007-10-10 14:43:37 -05:00
Stefan Metzmacher
c78e345fea r20805: don't use hardcoded values for secrects.keytab and sam.ldb 
metze
 2007-10-10 14:43:32 -05:00
Stefan Metzmacher
4380cc9ed6 r20728: the DSDB_CONTROL_REPLICATED_OBJECT_OID control isn't used anymore 
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation

metze
 2007-10-10 14:40:32 -05:00
Stefan Metzmacher
e967b37017 r20678: add index for objectGUID 
metze
 2007-10-10 14:40:20 -05:00
Stefan Metzmacher
6397f01448 r20586: - allocate an OID range for LDB/LDAP extended operations 
- allocate an OID for DSDB_EXTENDED_REPLICATED_OBJECTS_OID which
  will replace the DSDB_CONTROL_REPLICATED_OBJECT_OID soon

metze
 2007-10-10 14:37:08 -05:00
Stefan Metzmacher
2660c5ab21 r20577: - allocate an OID range for samba4 LDB/LDAP Controls 
- allocate an OID for LDB Control that hold meta data when applying
  replicated objects

metze
 2007-10-10 14:37:06 -05:00
Stefan Metzmacher
5875ce1ac6 r20568: split out the rootdse ldif 
and set the isSyncronized = TRUE when we done

metze
 2007-10-10 14:37:02 -05:00
Stefan Metzmacher
cbebe559a2 r20565: configure the list of global ldb modules also in js code 
metze
 2007-10-10 14:36:59 -05:00
Stefan Metzmacher
3e337ec276 r20560: make it possible to configure the backend and modules 
for all partitions and make it not use LDAP in the variable names
because it isn't specific to the ldap backend case.

metze
 2007-10-10 14:36:57 -05:00
Stefan Metzmacher
2a6e6a2695 r20557: use ${DOMAINDN} instead of ${BASEDN} 
metze
 2007-10-10 14:36:56 -05:00
Stefan Metzmacher
ebbd8a83c9 r20554: - use ${ROOTDN} for the rootDomainNamingContext 
- the ${CONFIGDN} is a child of the ${ROOTDN}

metze
 2007-10-10 14:36:55 -05:00
Stefan Metzmacher
09ca6aae12 r20553: add ${CONFIGDN} and ${SCHEMADN} instead of using hardcoded paths 
under ${BASEDN}

metze
 2007-10-10 14:36:54 -05:00
Stefan Metzmacher
21f433018a r20551: use variable instead of hardcoded value for the default site 
metze
 2007-10-10 14:36:53 -05:00
Andrew Bartlett
f45504e271 r20495: Further notes on joining with fedora DS. 
Add in a hook for adding an ACI, needed to allow anonymous access
until we hook across a SYSTEM token to the LDAP server.

Andrew Bartlett
 2007-10-10 14:36:00 -05:00
Andrew Bartlett
600c7f1a68 r20492: Add in instructions/sample LDIF to setup Fedora DS as a backend. 
Add a new module entrypoint to handle the new, interesting and
different mappings required for Fedora DS.

Andrew Bartlett
 2007-10-10 14:35:59 -05:00
Andrew Bartlett
99faff0ad8 r20468: Patch from Martin Kuehl <kuehl@univention.de> to make it easier to load 
into an exsting LDAP server.  (Allow some parts to pre-exist, and try
to blow away less data).

Andrew Bartlett
 2007-10-10 14:35:54 -05:00
Stefan Metzmacher
6d43c19638 r20332: add mastered-By and msDs-mastered-By attributes to the domain object 
the config and schema head objects already have them

metze
 2007-10-10 14:29:42 -05:00
Andrew Bartlett
dc9eee7cb3 r20152: Commit missing files from last night's commit. We no longer maintain 
a distinction between PDC and BDC in the configuration files, only as
an entry in the ldb.

Andrew Bartlett
 2007-10-10 14:29:15 -05:00
Andrew Bartlett
ac5abff4b6 r19336: Merge from release branch: new Mapped OIDs, in own subtree. 
Andrew Bartlett
 2007-10-10 14:21:12 -05:00
Andrew Bartlett
0ceffb52eb r19315: Record some OID allocations. 
Andrew Bartlett
 2007-10-10 14:21:07 -05:00
Andrew Bartlett
a1f14d10fd r19311: Try to keep the schema map files fairly similar (hope for less weird bugs). 
Andrew Bartlett
 2007-10-10 14:21:06 -05:00
Andrew Bartlett
942d7ad0c3 r19310: Add another conflicting oid 
Cope with there being no attributes to skip in the ad2oLscheam tool

Andrew Bartlett
 2007-10-10 14:21:06 -05:00
Andrew Bartlett
962219df7d r19258: Don't delete the contents of the partitions twice, and in particular 
don't delete their contents until we have specified the new partition
locations.

However, preserve the important part of tridge's change, that is to
ensure that no database index is present when the mass delete occours.
In my testing, it is best to leave the index until the provision is
compleated.

Andrew Bartlett
 2007-10-10 14:20:58 -05:00
Andrew Tridgell
3d3144cc06 r19253: its not so useful to index on objectclass. Much better to search on 
objectCategory

provision now takes 2.4 secs, down from 24s on my laptop
 2007-10-10 14:20:58 -05:00
Andrew Bartlett
a4aafe307d r19216: Merge from SAMBA_4_0_RELEASE: 
Move default for subobj.LDAPMODULES into scripting/libjs/provision.js
so that SWAT can provision again.

Andrew Bartlett
 2007-10-10 14:20:54 -05:00
Andrew Bartlett
bdeb10de2e r19115: Add the mapping required between Samba4's AD schema OIDs and what 
Fedora DS can support.

Andrew Bartlett
 2007-10-10 14:20:36 -05:00
Andrew Bartlett
5b3c8cc036 r18979: With these extra indexes (also added for the normal case) and a 
DB_CONFIG file, we now get reasonable enought performance to pass
'make test' against OpenLDAP.

We do have to double the maximum runtime for the torture client however.

Andrew Bartlett
 2007-10-10 14:20:26 -05:00
Andrew Bartlett
5fd53ea6a3 r18933: Add helpful emacs marker 2007-10-10 14:20:22 -05:00
Simo Sorce
b34646f202 r18440: "builtinDomain" is not a child of "domain" 2007-10-10 14:18:30 -05:00
Simo Sorce
1fcf725bc0 r18316: Build the parent too 2007-10-10 14:18:07 -05:00
Andrew Bartlett
befac43f59 r17982: One final hack... 
When against a real, schema-checking LDAP backend, we need
extensibleObject on the baseDN entry (as entryUUID isn't run for
creating this basic ldif) output.
 2007-10-10 14:17:01 -05:00
Simo Sorce
43e95f4572 r17926: add trustedDomain class 2007-10-10 14:16:54 -05:00
Andrew Bartlett
32996ca9d6 r17876: Require one less patch for the LDAP backend to work. 
This lets the modules or backend generate the host and domain GUID,
rather than the randguid() function.  These can still be specified
from the command line.

Andrew Bartlett
 2007-10-10 14:16:50 -05:00
Simo Sorce
4975659fd7 r17839: do not reference possibleInferiors we have not extracted 
trim duplicate may attributes
 2007-10-10 14:16:47 -05:00
Andrew Bartlett
3bb0a0d91e r17705: Use the paged_searches module by default against the LDAP backend, if 
selected.

Andrew Bartlett
 2007-10-10 14:16:28 -05:00
Andrew Bartlett
0e97b71386 r17682: Add newline to end of file 2007-10-10 14:16:23 -05:00
Simo Sorce
74c40719f2 r17662: some more enhancements to our schema extraction tool, 
with a nasty hack in minschema.js that I really hate
 2007-10-10 14:16:21 -05:00
Simo Sorce
aca800bdcc r17653: fix typo 2007-10-10 14:16:20 -05:00
Simo Sorce
425fda84e2 r17652: add oMSyntax to these attributes 2007-10-10 14:16:20 -05:00
Simo Sorce
09a3272611 r17651: Commit the set of classess used to generate our schema 
and update the schema with the latest additions
 2007-10-10 14:16:20 -05:00
Andrew Bartlett
cb2b9d800d r17600: Finish the schema conversion tool, and add a mapping file, used to map 
OIDs and skip built-in attributes.

Andrew Bartlett
 2007-10-10 14:16:16 -05:00
Andrew Bartlett
dec2b6961a r17528: This is an additional item of schema we require. 
Where is the script we used to create this schema file in the first
place?

Andrew Bartlett
 2007-10-10 14:15:33 -05:00
Andrew Bartlett
af02b4d7c6 r17526: Move timestamp generation into the objectGUID module. It probably 
needs to be renamed (operation_add?).

This allows me to match the behaviour and substitute with the
entryUUID module for remote LDAP connections.

Andrew Bartlett
 2007-10-10 14:15:33 -05:00
Simo Sorce
d57b521aad r17504: Do not use the invented unixID but use the rfc2307 uidNumber and gidNumber attributes instead 
Do not change unixName right now, we don't have an attribute to use in the posixGroup class,
and I think we should remove its usage altogether and look up users and groups by their uid/gid only.

Simo.
 2007-10-10 14:15:30 -05:00
Andrew Bartlett
009d090594 r17499: Open the main database only the minimum times during a provision. 
This causes things to operate as just one transaction (locally), and
to make a minimum of TCP connections when connecting to a remote LDAP
server.

Taking advantage of this, create another file to handle loading the
Samba4 specific schema extensions.  Also comment out 'middleName' and
reassign the OID to one in the Samba4 range, as it is 'stolen' from a
netscape range that is used in OpenLDAP and interenet standards for
'ref'.

Andrew Bartlett
 2007-10-10 14:15:30 -05:00
Andrew Bartlett
d942a8b2b6 r17377: This attribute is maintained by the modules, don't override it. 
Andrew Bartlett
 2007-10-10 14:15:20 -05:00