IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Aug 19 17:30:39 CEST 2016 on sn-devel-144
Found by Garming. Unlikely to affect anyone.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12143
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Aug 12 08:20:31 CEST 2016 on sn-devel-144
This is implicitly replicated, but may diverge on updates of non-replicated
attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12129
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Aug 8 17:34:24 CEST 2016 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This allows us to generate better assert messages and give the
developer some ideas why the command wasn't able to run.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jul 26 05:11:57 CEST 2016 on sn-devel-144
When you modify the replica locations to exclude a DSA, it should be respected.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This get's the cleartext passwords by decrypting
the 'Primary:SambaGPG' value in order to provide the
virtual attributes: virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA
The virtual attribute virtualSambaGPG provides the raw
(encrypted) value of the 'Primary:SambaGPG' value.
See the "password hash gpg key ids" option for the encryption part
of this feature.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This provides an easy way to keep passwords in sync with
another account database, e.g. an OpenLDAP server.
It provides a functionality like the "passwd program"
for the "unix password sync" feature of a standalone, member
and classic (NT4) server, but for an active directory domain
controller.
The provided script is called for each account/password related
change.
Like the 'user getpassword' command it allows virtual attributes like:
virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA
Note that this command should just run on a single domain controller
(typically the PDC-emulator).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This provides an easy way to get the passwords of a user
including the cleartext passwords (if stored) and derived
hashes. This is done by providing virtual attributes like:
virtualClearTextUTF16, virtualClearTextUTF8,
virtualCryptSHA256, virtualCryptSHA512, virtualSSHA
This is much easier than using ldbsearch and manually parsing
the supplementalCredentials attribute.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This fixes any RW DCs with repsFrom without the corresponding link. On
any RODC, this just reports an error (and doesn't fix it).
(the knownfail entry is also now removed)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This makes it so that repsTo are always regenerated on the target DCs.
This also happens elsewhere in drepl_out, but is to be removed.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This should never have done any real work, new code or not. This just removes
the initial KCC calls and bails out in the KCC if we actually ran it.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This in particular helps the docs.py test halve in time (at least on my machine)
NOTE: The removal of enable_null_tracking is required because we are no
longer importing join.py in every single samba-tool invocation. Without
removing this line, memory would be hanging from both the actual NULL
context and the talloc_null_context (causing a segfault at system_exit).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Jul 20 12:47:24 CEST 2016 on sn-devel-144
The removal of enable_null_tracking is required because we will no
longer importing join.py in every single samba-tool invocation. Without
removing this line, memory would be hanging from both the actual NULL
context and the talloc_null_context (causing a segfault at system_exit).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These are not used for anything other than to print in the usage, but
it seems nicer to match normal invocation of these commands
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
In order to do this we need to use the reveal internals control, which
breaks the comparison against extended DNs. So we compare the
components instead.
Because this patch makes our code notice and fix stale one-way-links
(eg, after a rename) now, the renamedc test needs to be adjusted to
match.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This avoids fetching the same same schema things again and again.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
If we have dnsNode objects without dnsRecord attribute values we trigger
the following error triggered by 'samba-tool domain demote --remove-other-dead-server=server2'
ERROR(<type 'exceptions.TypeError'>): uncaught exception - __ndr_unpack__()
argument 1 must be string or read-only buffer, not dnsp.DnssrvRpcRecord
File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175,
in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 720, in
run
remove_dc.remove_dc(samdb, logger, remove_other_dead_server)
File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 423, in
remove_dc
remove_dns_account=True)
File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 351, in
offline_remove_ntds_dc
remove_dns_account=remove_dns_account)
File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 266, in
offline_remove_server
remove_dns_references(samdb, logger, dnsHostName)
File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 186, in
remove_dns_references
for v in values if not to_remove(v) ]
File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 160, in
to_remove
dnsRecord = ndr_unpack(dnsp.DnssrvRpcRecord, value)
File "/usr/lib64/python2.6/site-packages/samba/ndr.py", line 45, in ndr_unpack
object.__ndr_unpack__(data, allow_remaining=allow_remaining)
A transaction is still active in ldb context [0xe1f320] on
tdb:///var/lib/samba/private/sam.ldb
"next" is used in perl not in python!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12018
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 13 10:10:30 CEST 2016 on sn-devel-144
This matches the behaviour in the drsuapi server for DsReplicaSync
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Jul 11 10:58:16 CEST 2016 on sn-devel-144
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 8 13:39:01 CEST 2016 on sn-devel-144
This mode avoids an issue with using -P on an RODC, instead using an IRPC message
to trigger online replication right away
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
During the provision this causes a huge performance hit as these two
attributes are unindexed.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
