IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Reuse the search done for dsdb_find_nc_root() to normalise the DN.
This will allow a GUID-input DN to be compared safely with a RID Manager DN
or Naming Context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This allows lookup of a DN with a GUID only or GUID and string,
possibly not yet in the database, yet still getting the correct result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This avoids a talloc_strdup() and so a failure path.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This follows the same with 'attrs' in the previous commit.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This now local and static const list was otherwise a duplicate symbol
shadowing with the global user_attrs.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
All of its callers, where necessary, take out a transaction covering the
entire password set or change operation, so a transaction is no longer
needed here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is more specific than NT_STATUS_UNSUCCESSFUL, and for the SAMR
password change, matches the result the call to samdb_result_passwords()
would give.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
samdb_result_msds_LockoutObservationWindow() is split out of
samdb_result_effective_badPwdCount()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Passing this control will grant the right to set validated values for
dNSHostName and servicePrincipalName, and non-validated values for other
attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14833
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This aims to minimise usage of the error-prone pattern of searching for
a just-added message element in order to make modifications to it (and
potentially finding the wrong element).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Using the newly added ldb flag, we can now detect when a message has
been shallow-copied so that its elements share their values with the
original message elements. Then when adding values to the copied
message, we now make a copy of the shared values array first.
This should prevent a use-after-free that occurred in LDB modules when
new values were added to a shallow copy of a message by calling
talloc_realloc() on the original values array, invalidating the 'values'
pointer in the original message element. The original values pointer can
later be used in the database audit logging module which logs database
requests, and potentially cause a crash.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15009
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This fixes the rpc.samr test because we no longer specify an LM hash
to the DSDB layer only to have it rejected by password_hash.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This means Samba will essentially ignore this attribute, not even attempting
to read it from the AD DC sam.ldb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This makes it clearer that the purpose of this control is to indicate that the password
was already checked (by an out-of-band mechanism, eg kpasswd) and so can safely be changed
subject to ACLs etc.
This essentially reverts bbb9dc806e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This returns the API for password changes via (eg) kpasswd to the
previous design as at 7eebcebbab
where a control but no partiuclar values were specified.
This avoids the issues that were attempted to be addressed between
7eebcebbab and 786c41b095
by still keeping the ACL check from 23bd3a7417.
The purpose of this change is to move away from the NT hash (unicodePwd) being
the primary password in Samba, to allow installations to operate without this
unsalted hash.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Validate Writes and Control Access Rights only grant access if the
object is of the type listed in the Right's appliesTo attribute. For
example, even though a Validated-SPN access may be granted to a user
object in the SD, it should only pass if the object is of class
computer This patch enforces the appliesTo attribute classes for
access checks from within the ldb stack.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14832
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Move of strcasecmp redefine to lib/util/safe_string.h in
https://gitlab.com/samba-team/samba/-/merge_requests/1507 broke build on
Fedora 33 with GCC 10.2.1 for those compilation units that use
ldb_att_cmp().
The reason for that is that ldb_attr_cmp() defined as
#define ldb_attr_cmp(a, b) strcasecmp(a, b)
because attribute names restricted to be ASCII by RFC2251 (LDAPv3 spec).
A solution is to add
#undef strcasecmp
to all source code files which use ldb_attr_cmp().
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 1 22:45:29 UTC 2020 on sn-devel-184
lib/util/safe_string.h is similar to source3/include/safe_string.h, but
the former has fewer checks. It is missing bcopy, strcasecmp, and
strncasecmp.
Add the missing elements to lib/util/safe_string.h remove the other
safe_string.h which is in the source3-specific path. To accomodate
existing uses of str(n?)casecmp, add #undef lines to source files where
they are used.
Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 3 22:21:04 UTC 2020 on sn-devel-184
A simple write() might be interrupted or do short writes. Highly
unlikely, but if it happens, it will be impossible to diagnose.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
This is all strictly unnecessary, as ret is always != LDB_SUCCESS when
res is NULL, but we want to make peace between clang and converity.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Fixes:
source4/dsdb/common/util.c:3131:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^
/source4/dsdb/common/util.c:3207:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^~~~~~~~~~
source4/dsdb/common/util.c:4004:39: warning: Dereference of undefined pointer value <--[clang]
(*wkguid_dn) = talloc_steal(mem_ctx, res->msgs[0]->dn);
^
source4/dsdb/common/util.c:4191:35: warning: Dereference of undefined pointer value <--[clang]
ouv_value = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector");
source4/dsdb/common/util.c:5757:13: warning: 1st function call argument is an uninitialized value <--[clang]
same_nc = (ldb_dn_compare(source_nc, target_nc) == 0);
^
This fix also fixes the associated 'Access to field 'xyx' results in a
dereference of a null pointer' warnings that also will happen when this
is fixed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jul 24 05:49:14 UTC 2019 on sn-devel-184
Fixes:
source4/dsdb/common/util.c:2125:4: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
^ ~~
source4/dsdb/common/util.c:2132:3: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:2000:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1) {
^~~
source4/dsdb/common/util.c:3281:28: warning: Access to field 'msgs' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
el = ldb_msg_find_element(res->msgs[0], attr);
^~~
source4/dsdb/common/util.c:3568:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1 || ret != LDB_SUCCESS) {
^~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:1964:18: warning: The left operand of '&' is a garbage value <--[clang]
return (options & DS_NTDSDSA_OPT_IS_GC) != 0;
~~~~~~~ ^
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:1804:8: warning: 3rd function call argument is an uninitialized value <--[clang]
ret = samdb_reference_dn(ldb, mem_ctx, server_ref_dn, "rIDSetReferences", dn);
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Use a temporary struct as a return value to make the compiler catch all
callers. If we just changed bool->ssize_t, this would just generate a
warning. struct sid_parse_ret will go away in the next commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The new unified versions have better debugging and ensure
that both functions continue to have the same control flow.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
* Initialise pointers to NULL
* replace talloc_free with TALLOC_FREE
* add goto exit to ensure memory deallocated correctly
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 14 06:53:14 CET 2019 on sn-devel-144
All the uses have been replaced with calls to dsdb_domain_count, so it
is no longer needed.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Replace the call to samdb_search_count with dsdb_domain_count. As this
is the only remaining caller of samdb_search_count, replacing it will
allow the removal of samdb_search_count.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This counts the number of objects that are in the domain,
provided a domain SID was supplied (otherwise it just
counts all the objects).
This routine avoids allocating memory for the full
result set by using a callback.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This allows the check password script to reject the username and other
things.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Clearly the lockOutObservationWindow value is important, and using a
default value of zero doesn't work very well.
This patch adds a better default value (the domain default setting of 30
minutes).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Nov 28 11:31:14 CET 2018 on sn-devel-144
Fix a remaining place where we were trying to read the
msDS-LockoutObservationWindow as an int instead of an int64.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Commit 442a38c918 refactored some code into a new
get_lockout_observation_window() function. However, in moving the code,
an ldb_msg_find_attr_as_int64() inadvertently got converted to a
ldb_msg_find_attr_as_int().
ldb_msg_find_attr_as_int() will only work for values up to -2147483648
(about 3.5 minutes in MS timestamp form). Unfortunately, the automated
tests used a low enough timeout that they still worked, however,
password lockout would not work with the Samba default settings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13683
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Avoid an "else" where we have the early return
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Most of the DSDB modules only want to check the existence of a control,
rather than access the control itself. Adding a helper function allows
the code to ask more natural-sounding yes/no questions, and tidies up
an ugly-looking long-line in extended_dn_out.c.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Oct 12 07:23:26 CEST 2018 on sn-devel-144
The lockOutObservationWindow is used to calculate the badPwdCount. When
a PSO applies to a user, we want to use the PSO's lockout-observation
window rather the the default domain setting.
This is finally enough to get some of the PSO password_lockout tests
to pass.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
If a PSO applies to a user, use its lockOutThreshold/Duration settings
instead of the domain setting. When we lookup a user, we now include the
msDS-ResultantPSO attribute. If the attribute is present for a user,
then we lookup the corresponding PSO object to get the lockOutThreshold/
Duration settings.
Note: This is not quite enough to make the PSO lockout tests pass, as
msDS-User-Account-Control-Computed is still constructed based on the
domain lockoutDuration setting rather than the PSO.
Updating the password_hash.c code properly will be done in a subsequent
commit.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
A usage in GetDCNameEx2 could return the wrong result. This may need to
be fixed in other places.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Mourik Jan C Heupink <heupink@merit.unu.edu>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This adds basic DRS_GET_TGT support. If the GET_TGT flag is specified
then the server will use the object cache to store the objects it sends
back. If the target object for a linked attribute is not in the cache
(i.e. it has not been sent already), then it is added to the response
message.
Note that large numbers of linked attributes will not be handled well
yet - the server could potentially try to send more than will fit in a
single repsonse message.
Also note that the client can sometimes set the GET_TGT flag even if the
server is still sending the links last. In this case, we know the client
supports GET_TGT so it's safe to send the links interleaved with the
source objects (the alternative of fetching the target objects but not
sending the links until last doesn't really make any sense).
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This looks like a footnote, but is actually where the default password rules are applied.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This caused failures against vampire_dc (on large-dc), likely due to
more frequent replication propagating the record before it was renamed.
The DC ran out of RIDs and RID allocation causes schema replication,
which failed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12841
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12419
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 16 16:35:12 CET 2016 on sn-devel-144
The msg has already been free'd at this point so we need to print the
user_dn which gets assigned to msg->dn.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Normally linked attributes are deleted by marking them as with RMD flags,
but sometimes we want them to vanish without trace. At those times we
set the DSDB_CONTROL_REPLMD_VANISH_LINKS control.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
accountExpires gets a different value, logonHours is not updated,
operatorCount and adminCount are added.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
When a user object is created it gets a metadata stamp for logonHours,
while the logonHours attribute has no value.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
In contrast to source3, this is run as root and without substitution.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The logic is incomplete and the correct logic is already available
via the constructed "msDS-UserPasswordExpiryTimeComputed" attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
When trying to change the password with kpasswd, the KDC returns
"Unspecified password quality failure". Because we do not get the ldb
error which is e.g.: password is too young to change!
This way at least the admin can find out what is going on.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 2 11:49:51 CET 2016 on sn-devel-144
We also need to update trustAuthIncoming of the trustedDomain object.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
For trust account we need to store version number provided by the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: Iaa32af4225219a4c5c42c663022e8be429b8a1d2
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
At the moment current implementation does not check if group RID
is existing group RID - this responsibility is left to the caller.
Change-Id: I8c58dd23a7185d63fa2117be0617884eb78d13c1
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Change-Id: I4480e7d1ed0c754e960028e0be9a90ee56935e94
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Change-Id: I1e291bcf0a5c9b2fca11323dc7f8be29f5145d42
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
At the moment no flags are set and it works fine, since this function
is solely used in samldb during ADD requests handling.
Pre-setting a flag make it usefull for other modules and request
handlers too
Change-Id: I7e43dcbe2a8f34e3b0ec16ae2db80ef436df8bfe
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: If6bc90305a1e9a5a92562a01ba7e44330de91cc1
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
