IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The DNS entries and SPNs are needed for samba<->samba DRS
replication. This patch adds them for a standalone DC configure. A
separate patch will add them for the vampire configure
This fixes the issue with the original files that they didn't have a
leading # in front of the comments, which caused our parsing scripts
much pain. The files are now exactly as delivered.
Andrew Bartlett
DRSUAPI_DS_NAME_FORMAT_UKNOWN added to 'known-to-fail'
responses as this actually means to ask AD to resolve
a name from FQDN format to Unknown format.
The added tests include basic validation that the script runs and accepts all
custom arguments. The tests also verify changes to the password complexity,
minimum password length, and minimum password length settings.
The testit_expect_failure() function is like the testit() function, with
reversed error detection logic. This reversal only affects the pass/fail logic
and logging - the original return code from the command is still returned to the
calling script.
Validate that each field is within its allowed range. Also validate that the
maximum password age is greater than the minimum password length (if the maximum
password age is set).
I could not find these values documented anywhere in the WSPP docs. I used the
values shown in the W2K8 GPMC, as it appears that the GPMC actuaally performs
the validation of values.
If we cannot retrieve the value, do not assume a particular value. The fact
that we could not retrieve the value indicates a larger problem that we don't
want to make worse bypossibly clearing bit fields in the pwdProperties
attribute.
This ensures that all changes are made, or none are made. It also makes it
possible to do validation as we go and abort in case of an error, while always
leaving things in a consistent state.
This reverts commit fdd62e9699.
abartlet and I agreed that this isn't the right way to enforce the password
policies. Sooner or later we've to control them anyway on the directory level.
We need to be more careful to do the cleanup functions for the right
backend. In future, these perhaps should be provided by the
ProvisionBackend class.
Andrew Bartlett
Our vampire code sends a zero GUID in the updaterefs calls. Windows
seems to ignore the GUID and use the DN in the naming context instead,
so I have changed our UpdateRefs server implementation to do the same.
With this change we can now vampire from s4<->s4 successfully! Now to
see if all the attributes came across correctly.
