Andrew Tridgell
a31c711ba7
s4-drs: allow getncchanges requests to non WRIT_REP partitions for extended ops
...
Needed for RID allocation
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-26 19:06:07 +10:00
Andrew Tridgell
159de40b0b
s4-drepl: don't send an UpdateRefs unless its a plain replication
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-26 19:06:06 +10:00
Andrew Tridgell
267e0b3616
s4-drs: make links to foreign partitions non-fatal
...
DN links outside the set of partitions we are replication should be
allowed.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-26 19:06:06 +10:00
Matthieu Patou
c88b83b7c1
s4 dns: Allow to specify static grant entries to be added to the dynamicaly generated named.conf.update
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-04-24 14:09:10 +02:00
Andrew Tridgell
bb1ba4ff76
s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level
...
This is used for allowing operations by RODCs, and denying them
operations that should only be allowed for a full DC
This required a new domain_sid argument to
security_session_user_level()
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-22 19:36:16 +10:00
Andrew Tridgell
1f92df90fd
s4-drs: removed dsdb_validate_client_flags()
...
This test is in the wrong place. We end up validating our own flags.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22 19:36:16 +10:00
Andrew Tridgell
0d3823b152
s4-dsdb: removed an unused variable
2010-04-22 19:36:16 +10:00
Andrew Tridgell
a06b537cc3
s4-dsdb: added dsdb_validate_invocation_id()
...
this validates that a invocationID matches an account sid
This will be used to ensure that we don't allow DRS replication
from someone a non-DC or administrator
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22 19:36:16 +10:00
Andrew Tridgell
1ecefd74a2
s4-dsdb: added dsdb_get_extended_dn_sid()
...
This will be used by the RODC code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22 19:36:15 +10:00
Andrew Tridgell
70cc9fd5c6
s4-dsdb: moved rodc schema validation to samldb.c
...
This means we are only doing the checks for schema changes
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22 19:36:15 +10:00
Fernando J V da Silva
73513fb7e7
s4-drs: Use new samdb_rodc() function in s4 code
...
This patch fits the calling to the new samdb_rodc() function and
fix a little bug in this function.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22 19:36:15 +10:00
Fernando J V da Silva
59aa0a07d2
s40-drs: Do not send GetNCChanges messages to RODCs
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22 19:36:15 +10:00
Fernando J V da Silva
fbdbd67c76
s4-drs: dsdb_validate_client_flags() function
...
This function is intended to check if some client is not lying about
his flags. At this moment, it only checks for RODC flags.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22 19:36:15 +10:00
Fernando J V da Silva
57bcdf008f
s4-drs: samdb_is_rodc() function and new samdb_rodc() function
...
This patch creates the samdb_is_rodc() function, which looks for
the NTDSDSA object for a DC that has a specific invocationId
and if msDS-isRODC is present on such object and it is TRUE, then
consider the DC as a RODC.
The new samdb_rodc() function uses the samdb_is_rodc() function
for the local server.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22 19:36:15 +10:00
Fernando J V da Silva
c023fc217e
s4-drs: Do not allow system-critical attributes to be RODC filtered
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22 19:36:14 +10:00
Andrew Bartlett
47e7e48746
s4:ldap-backend Fix LSA test failures with OpenLDAP backend - convert SIDs
...
The SIDs in some queries were not being passed as binary, but as
strings in comparison with the securityIdentifer object. We need to
recognise that these are SIDs in the simple_ldap_map.
Andrew Bartlett
2010-04-22 18:37:19 +10:00
Andrew Bartlett
cbb818222a
s4:OpenLDAP-backend Use the new rdnval module in OpenLDAP
...
This is rather than rdn_name, which tries to do the job on the client
side. We need to leave this module in the stack for Fedora DS (and of
course the LDB backend).
Andrew Bartlett
2010-04-22 18:37:18 +10:00
Andrew Bartlett
9eacde808e
s4:dsdb Revert accidentilly commited change for LDAP backends
...
In the future, LDAP backends will be resposible for maintaining the
'name' attributes.
Andrew Bartlett
2010-04-22 18:37:18 +10:00
Andrew Tridgell
2dcc84432e
s4-schema: allow revision numbers of zero
...
w2k8r2 sends a revision of zero in the initial schema replication
during a net vampire
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-21 13:35:56 +10:00
Andrew Bartlett
ea5cf7ce05
s4:provision Pass in the invoication ID and NTDS Settings DN to Schema()
...
By putting these values into the cache on the LDB, this reduces some
of the noise in provision, particularly with the LDAP backend.
Andrew Bartlett
2010-04-20 12:11:18 +10:00
Matthias Dieter Wallnöfer
e0d6f1a6da
s4:dsdb/dns/dns_update.c - fix a typo
2010-04-17 20:42:37 +02:00
Nadezhda Ivanova
eef184301a
s4:Replaced dsdb_get_dom_sid_from_ldb_message() with samdb_result_dom_sid()
2010-04-16 14:28:35 +03:00
Stefan Metzmacher
a7f8c197ad
s4:rootdse: only return "tokenGroups", when the client asked for them
...
metze
2010-04-15 19:02:26 +02:00
Jelmer Vernooij
13bbfa3fca
pydsdb: Fix memory leak on invalid parameters, formatting, trivial
...
typos.
2010-04-15 18:45:41 +02:00
Matthieu Patou
d784ecec55
s4 python: Add a function to get the oid of an attribute when the attid is known
...
This function is mainly to help decoding replPropertyMetaData in python
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-04-15 18:45:41 +02:00
Matthias Dieter Wallnöfer
34ff1c6944
s4:samdb_server_site_name - fix indentation
2010-04-13 15:40:43 +02:00
Matthias Dieter Wallnöfer
a894d6cc37
s4:acl/descriptor LDB module - distinguish between root and default basedn
...
The first is the forest base DN, the second the domain base DN. At the moment
we assume that they are both the same but it hasn't to be so.
Nadia, I would invite you to fix the outstanding parts regarding this (I added
comments).
2010-04-13 09:32:34 +02:00
Matthias Dieter Wallnöfer
719a46913b
s4:dsdb/common/util.c - add a call which determines centrally the forest DNS domainname
2010-04-13 09:32:33 +02:00
Matthias Dieter Wallnöfer
c116d80053
s4:remove "samdb_root_dn", "samdb_base_dn", "samdb_config_dn" and "samdb_schema_dn"
...
They aren't needed anymore.
2010-04-13 08:57:07 +02:00
Matthias Dieter Wallnöfer
ad9e407357
Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"
...
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
2010-04-13 08:55:15 +02:00
Matthias Dieter Wallnöfer
8e4c34880a
s4:objectclass LDB module - remove a unneeded newline
2010-04-13 08:24:09 +02:00
Matthias Dieter Wallnöfer
98ce053efd
s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions
...
Purely cosmetic change.
2010-04-12 18:49:01 +02:00
Jelmer Vernooij
3a34b5f35e
subunit: Remove more test output that could be interpreted by subunit.
2010-04-11 20:57:33 +02:00
Jelmer Vernooij
7da94cc4a6
subunit: Support formatting compatible with upstream subunit, for consistency.
...
Upstream subunit makes a ":" after commands optional, so I've fixed any
places where we might trigger commands accidently. I've filed a bug
about this in subunit.
2010-04-11 20:57:33 +02:00
Matthias Dieter Wallnöfer
568ca2433d
s4:samdb_server_site_dn - free unused DNs in the right way
2010-04-11 13:20:44 +02:00
Andrew Bartlett
77267733ed
s4:dsdb Don't use the permissive modify control on schemaInfo updates
...
The use of 'replace' is enough to wipe out the old value, whatever it
is, we don't need to set 'permissive modify' too.
Additionally, this seems to be causing trouble for the OpenLDAP backend
Andrew Bartlett
2010-04-10 21:41:57 +10:00
Andrew Bartlett
5ebeab3794
s4:dsdb Don't return operational attributes on special DNs
2010-04-10 21:41:02 +10:00
Andrew Bartlett
6ef167c37b
s4:rootdse Implement "tokenGroups" in the rootDSE
...
This returns the currently connected user's full token. This is very
useful for debugging, and should be used in ACL tests.
Andrew Bartlett
2010-04-10 21:41:02 +10:00
Andrew Bartlett
944dc2cb0b
s4:dsdb Improve error message in extended_dn_in
...
This error occours when an extended DN cannot be resolved, so it's
most helpful to print the problematic extended DN.
Andrew Bartlett
2010-04-10 21:41:01 +10:00
Andrew Bartlett
4074739fe7
s4:schema Try to fix OpenLDAP backend after schema reload support.
...
If we can't get @REPLCHANGED, default to a value of 0.
Andrew Bartlett
2010-04-10 21:40:59 +10:00
Kamen Mazdrashki
8149094edd
s4/dsdb: Set schemaInfo attribute value during provisioning
...
After provisioning new Forest, schemaInfo should be set
to a value with revision=1 and current invocation_id
2010-04-09 12:21:34 +03:00
Kamen Mazdrashki
4ba2ac073d
s4/dsdb: split writing of schemaInfo blob in two parts
...
ldb_msg preparation is moved into separate function
so that it can be used for implementing schemaInfo
updates both on module stack (dsdb_module_... functions)
and directly on ldb_context
2010-04-09 12:21:33 +03:00
Kamen Mazdrashki
fbef33fb73
s4/dsdb: Let caller to control if valid invocationId is critical or zero-guid is acceptable
2010-04-09 12:21:33 +03:00
Kamen Mazdrashki
5363b6e68b
s4/dsdb: Use dsdb_schema_info object to create default schemaInfo values
2010-04-09 12:21:32 +03:00
Kamen Mazdrashki
c3d7798991
s4/dsdb: Use dsdb_schema_info object to verify schema_info blobs
2010-04-09 12:21:31 +03:00
Kamen Mazdrashki
15921b669e
s4/waf: add new files to WAF build
2010-04-09 12:21:31 +03:00
Kamen Mazdrashki
6d439afbf7
s4/samldb: schemaInfo attribute must be updated when adding new Schema object
2010-04-09 12:21:30 +03:00
Kamen Mazdrashki
9d1f8bcca9
s4/dsdb: dsdb_schema_info object implementation
2010-04-09 12:21:26 +03:00
Kamen Mazdrashki
37a6b66344
s4/dsdb: Define dsdb representation for schemaInfo attribute
2010-04-09 12:21:25 +03:00
Jelmer Vernooij
57ac0a6042
s4-python: Move load_partition_usn to dsdb module.
2010-04-08 23:20:36 +02:00
Endi S. Dewata
5d5fc92c69
s4:dsdb - Handle INVALID_DN_SYNTAX from OpenLDAP in dsdb_module_load_partition_usn().
...
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-04-08 22:59:10 +02:00
Jelmer Vernooij
2578072541
s4-python: Move set_global_schema to pydsdb.
2010-04-08 12:21:35 +02:00
Jelmer Vernooij
21ab06f8a2
s4-python: Move samdb_ntds_objectGUID to pydsdb.
2010-04-07 17:39:59 +02:00
Jelmer Vernooij
ae97613499
s4-python: Move set_opaque_integer to pyldb.
2010-04-06 13:12:43 +02:00
Andrew Tridgell
7d34210772
s4-waf: added python_dsdb from merge with master
2010-04-06 20:27:26 +10:00
Andrew Tridgell
553324bc10
s4-waf: move to a universal method of recursing into subdirs
...
This works with both standalone lib builds and bundled builds
2010-04-06 20:27:25 +10:00
Andrew Tridgell
b690fedef5
s4-waf: removed the AUTOGENERATED markers
...
we won't be using the mk -> wscript generator again
2010-04-06 20:27:16 +10:00
Andrew Tridgell
01682f797f
s4-waf: fixed some deps now we don't auto-include tevent and replace
...
this is preparation for being able to use system versions of these
libraries
2010-04-06 20:27:12 +10:00
Andrew Tridgell
f9eae32f4b
s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them
2010-04-06 20:27:11 +10:00
Andrew Tridgell
844acb2260
build: waf quicktest nearly works
...
Rewrote wafsamba using a new dependency handling system, and started
adding the waf test code
2010-04-06 20:26:48 +10:00
Andrew Tridgell
845e0cbe6f
build: commit all the waf build files in the tree
2010-04-06 20:26:48 +10:00
Andrew Tridgell
8f1b809d2c
build: nearly there on samba4 build
2010-04-06 20:26:47 +10:00
Andrew Tridgell
9129c3b3b6
build: fixes from ita
2010-04-06 20:26:40 +10:00
Andrew Tridgell
c7ea3e6fbf
build: source= is clearer for source lists
2010-04-06 20:26:39 +10:00
Andrew Tridgell
07eeed33f6
build: heimdal_build waf support
...
heimdal now mostly builds
2010-04-06 20:26:38 +10:00
Jelmer Vernooij
55aeb682ba
s4-python: Move dsdb_convert_schema_to_openldap to dsdb.
2010-04-04 00:42:52 +02:00
Jelmer Vernooij
2a67eda98f
s4-python: Move set_opaque_integer -> dsdb.
2010-04-04 00:40:01 +02:00
Jelmer Vernooij
8afd52a641
s4-python: Move samdb_server_site_name to dsdb module.
2010-04-04 00:21:09 +02:00
Jelmer Vernooij
31a517e172
s4-python: Move dsdb constants to a separate python module.
2010-04-04 00:14:23 +02:00
Eduardo Lima
af807758e8
s4-drs: replmd_delete with the 3 stage deletion recycle bin
2010-03-26 16:50:48 +11:00
Fernando J V da Silva
8e1d947787
s4-drs: If we are a RODC then do not send DSReplicaSync messages
2010-03-25 15:02:19 +11:00
Matthias Dieter Wallnöfer
6a63c38c12
s4:ldb_modules/util.c - fix two counter variables to be "unsigned"
2010-03-23 00:16:18 +01:00
Andrew Bartlett
f8019ff793
s4:dsdb Add a shortcut sequence number for schema reloads
...
This uses the ldb sequence number, in a hope to detect an unchanged
schema quicker.
Andrew Bartlett
2010-03-22 20:24:41 +11:00
Andrew Bartlett
fe3e1af901
s4:dsdb Rework schema loading and add schema reloading
...
This commit reworks Samba4's schema loading code to detect when it
needs to reload the schema. This is done by watching the @REPLCHANGED
special DN.
The reload happens by means of a callback, which is only set when the
schema is loaded from the ldb - not when loaded from an LDIF file or
DRS.
We also rework the global schema handling - instead of storing the
pointer to the global schema in each ldb, we store a flag indicating
that the global schema should be returned at run time. This makes it
much easier to switch to a new global schema.
Andrew Bartlett
2010-03-22 20:24:41 +11:00
Andrew Bartlett
d0b54476fc
s4:dsdb Move dsdb_save_partition_usn() to be a module helper function
...
This function should not traverse the module stack again, but instead
run from this point. Also add a matching
dsdb_module_load_partition_usn() and change repl_meta_data to match.
Andrew Bartlett
2010-03-22 20:24:41 +11:00
Andrew Bartlett
639728a298
s4:schema Expand the schema structure
...
We now store the location of the schema in the schema, and provide
hooks for a future schema reloading mechanism.
Andrew Bartlett
2010-03-22 20:24:41 +11:00
Andrew Bartlett
7fc94eb9a7
s4:dsdb Add 'const' to some struct dsdb_schema variables
...
We don't currently require this, but we may move this way in future.
2010-03-22 20:24:40 +11:00
Andrew Bartlett
fc5a507a86
s4:dsdb Don't load the schema unconditionally
...
Schema loads now come at a price, so avoid doing them if we don't have
to (such as when doing an @REPLCHANGED or other special DN based
search).
Andrew Bartlett
2010-03-22 20:24:40 +11:00
Andrew Bartlett
6de83ef627
s4:dsdb Move rdn_name down the stack
...
This is done so that it can be (in future) removed when the OpenLDAP
backend is in use and the rdn_val module is used, while keeping as
similar semantics as possible between the module stacks.
Andrew Bartlett
2010-03-18 22:05:38 +11:00
Matthias Dieter Wallnöfer
c3509d88a4
s4:resolve_oids LDB module - not really a change but a nicer method to call "talloc_reference"
2010-03-16 15:01:45 +01:00
Matthias Dieter Wallnöfer
d7de3fa799
s4:dsdb - fix up warnings
2010-03-16 09:50:39 +01:00
Andrew Bartlett
e3cb626c61
s4:dsdb Show more detail in failure to compute the aggregate DN.
...
Andrew Bartlett
2010-03-16 19:26:09 +11:00
Andrew Bartlett
2de07761e0
s4:dsdb Change dsdb_get_schema() callers to use new talloc argument
...
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.
Andrew Bartlett
2010-03-16 19:26:03 +11:00
Andrew Bartlett
bf0b4d7ee3
s4:dsdb Fix warnings in DEBUG() by casting to unsigned long int
2010-03-16 19:26:02 +11:00
Andrew Bartlett
a7ec946ced
s4:dsdb/acl Reduce calls to dsdb_get_schema() and add memory context
...
dsdb_get_schema() isn't a very cheap call, due to the use of LDB
opaque pointers. We need to call it less, and instead pass it as a
parameter where possible.
This also changes to the new API with a talloc context.
Andrew Bartlett
2010-03-16 19:25:55 +11:00
Andrew Bartlett
1e6fee4185
s4:dsdb Add a memory context for dsdb_get_schema()
...
When specified, we talloc_reference onto this context to ensure that
pointers found in it are valid for the life of the objects they are
placed into. (Such as the string form of LDAP attributes).
Andrew Bartlett
2010-03-16 19:25:14 +11:00
Andrew Bartlett
c874b9f42e
s4:dsdb Don't error out if we can't get the Aggregate schema DN yet
...
It's easier to just set it up when we can, then to deal with the
ordering issues in ldb startup. As long as we have it ready if a real
client ever asks for it, then we should be happy.
Andrew Bartlett
2010-03-16 19:25:14 +11:00
Matthias Dieter Wallnöfer
559575fe40
s4:dsdb/kcc/*.c - fix up wrong typed counters
2010-03-16 08:49:22 +01:00
Erick Nogueira do Nascimento
81932f9148
s4-drs: DsGetReplInfo(), infoType = DS_REPL_INFO_METADATA_2_FOR_OBJ
...
Implementation of the DS_REPL_INFO_METADATA_2_FOR_OBJ infoType for DsGetReplInfo()
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-03-16 13:31:08 +11:00
Matthias Dieter Wallnöfer
b3f727e6a5
s4:util.c - "dsdb_check_optional_feature" - counter should be "unsigned"
2010-03-12 18:56:44 +01:00
Stefan Metzmacher
77fb700e20
s4:dsdb/repl: make use of use tevent_req based dcerpc_binding_handle stubs
...
metze
2010-03-12 15:25:41 +01:00
Crístian Deives
a0527dd790
use unsigned instead of uint32_t for LDB counters.
...
the attribute num_values of the struct ldb_message_element is defined as
an unsigned int, so the counters of that variable should be of the same
type.
2010-03-12 16:31:20 +11:00
Crístian Deives
208e2801b4
nTDSConnection creation
...
create nTDSConnection objects to "imply" the minimum-cost spanning tree edges
for which no nTDSConnection objects yet exist. it also adds a test function in
kcc_connection so the kcctpl functions can be called. this patch is in accord
with the sections [MS-ADTS] 7.2.2.3.4.2 and 7.2.2.3.4.5.
2010-03-12 16:31:20 +11:00
Crístian Deives
6e20906f42
spanning tree computation
...
calculate the spanning tree for the intersite connection. this patch is in
accord with the section [MS-ADTS] 7.2.2.3.4.4.
2010-03-12 16:31:20 +11:00
Crístian Deives
b70df94f62
new function kcctpl_color_vertices
...
besides the new function implemented, some minor bugs were also fixed. this
patch is in accord with the section [MS-ADTS] 7.2.2.3.4.3.
2010-03-12 16:31:20 +11:00
Eduardo Lima
7b20ad99d6
s4-drs: check if an optional feature is enabled
2010-03-12 16:31:20 +11:00
Nadezhda Ivanova
be79f572ed
Split the dsdb_access_check_on_dn.
...
Split the dsdb_access_check_on_dn so it can be reused for checks
from both within the module stack and outside it.
2010-03-12 03:13:51 +02:00
Nadezhda Ivanova
4b256c6d8e
Fixed ACL module to use dsdb_module_* API.
2010-03-12 02:21:16 +02:00
Nadezhda Ivanova
222b955237
Moved access_check_on_dn from acl module as an utility.
...
Made this an utility function so it can be used for access checking
outside of the acl ldb module, such as checking validated writes and
control access rights in other protocols (e. g drs)
2010-03-12 00:20:15 +02:00
Kamen Mazdrashki
9f21787131
s4/drs: DsGetNCChanges - Propagating IDL changes to source code
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-10 17:11:57 +01:00
Nadezhda Ivanova
deebbe7cfa
A helper function to get the Infrastructure DN.
2010-03-09 14:56:46 +02:00
Nadezhda Ivanova
f742623b7b
Added a check for permissions to modify the RDN attribute on rename.
...
Necessary because rdn module will be moved lower than acl in the stack.
2010-03-09 13:07:18 +02:00
Stefan Metzmacher
ec53a0ca5a
s4:dsdb/dns: change callers of samba_runcmd()
...
metze
2010-03-09 21:49:45 +11:00
Matthias Dieter Wallnöfer
85598be1f9
s4:extended_dn_out LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 20:18:10 +01:00
Matthias Dieter Wallnöfer
632adf7328
s4:repl_meta_data LDB module - change counter variables to "unsigned" where appropriate
...
I used "unsigned int" counters where we count LDB objects (LDB specification
prescribes to use "unsigned" index variables).
But on DSDB replication object counters I used "uint32_t" typed variables as it
is suggested.
If a counter variable counts both types of objects I used "unsigned int" since
size(unsigned int) >= size(uint32_t), but on most platforms equal.
2010-03-07 20:18:10 +01:00
Matthias Dieter Wallnöfer
3bb3667b43
s4:local_password LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 20:18:10 +01:00
Matthias Dieter Wallnöfer
6997185e36
s4:ranged_results LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:20:05 +01:00
Matthias Dieter Wallnöfer
a973d9eedb
s4:objectguid LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:20:04 +01:00
Matthias Dieter Wallnöfer
cd43dd04af
s4:objectclass LDB module - change counter variabls to "unsigned" where appropriate
2010-03-07 19:20:03 +01:00
Matthias Dieter Wallnöfer
2932df57ae
s4:anr LDB module - change counter variable to "unsigned"
2010-03-07 19:20:03 +01:00
Matthias Dieter Wallnöfer
77e1497a7b
s4:acl LDB module - change counter variable to "unsigned"
2010-03-07 19:20:02 +01:00
Matthias Dieter Wallnöfer
f9f7199250
s4:linked_attributes LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:20:01 +01:00
Matthias Dieter Wallnöfer
049f9d3c1a
s4:kludge_acl LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:19:50 +01:00
Matthias Dieter Wallnöfer
4ad912d2da
s4:proxy LDB module - Change counter variables to "unsigned" where appropriate
...
Use "size_t" when counting string index positions.
2010-03-07 19:19:26 +01:00
Matthias Dieter Wallnöfer
90e236544f
s4:schema_data LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:12:30 +01:00
Matthias Dieter Wallnöfer
ad7dd1cf71
s4:resolve_oids LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:11:48 +01:00
Matthias Dieter Wallnöfer
b85b9b364f
s4:rootdse LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:11:03 +01:00
Matthias Dieter Wallnöfer
d1dd0a560c
s4:partition LDB module - change counter variables to "unsigned" where appropriate
2010-03-07 19:10:00 +01:00
Matthias Dieter Wallnöfer
5a54b204c3
s4:schema - Change also here counters to "unsigned" where needed
...
Counters which are used in the way "for (i = 0; array[i] != NULL; i++)" I
modified to "unsigned" since for sure we don't want to have negative array
indexes there.
2010-03-07 19:01:15 +01:00
Matthias Dieter Wallnöfer
bd5f08f3d1
s4:schema_syntax.c - Change also here counters to "unsigned" where needed
...
Counters which are used in the way "for (i = 0; array[i] != NULL; i++)" I
modified to "unsigned" since for sure we don't want to have negative array
indexes there.
There were many counter variables typed "uint32_t". This isn't fully correct
since those count LDB objects. The amount is saved in a "num_*" variable which
is "unsigned" without a bitlength specification. Therefore change also these
counters to be plain "unsigned".
2010-03-07 19:00:32 +01:00
Matthias Dieter Wallnöfer
61ae4be256
s4:dsdb/util - Change also here counters to "unsigned"
...
No need to have "signed" counters at those places.
2010-03-05 18:30:08 +01:00
Matthias Dieter Wallnöfer
3ec4c643a4
s4:repl - change also here the counter variables to "unsigned"
...
I changed also some "uint32_t" to "unsigned" since the LDB interface doesn't
specify the bitlength of the unsigned type.
2010-03-05 18:28:35 +01:00
Matthias Dieter Wallnöfer
6f11818923
s4:kcc - Change some counter variables to be unsigned
...
The upper limits are unsigned variables therefore also the counter variables
need to be like that.
2010-03-05 13:38:01 +01:00
Matthias Dieter Wallnöfer
82c2448573
s4:samdb_privilege.c - Change two counter variables to unsigned
...
Also here in both cases the unsigned counter fits better than the signed one.
2010-03-05 13:38:00 +01:00
Matthias Dieter Wallnöfer
c695ce729b
s4:cracknames - Change two counter variables to unsigned
...
In both cases the unsigned counter fits better:
- in the first one since we are counting LDB objects starting from 0
- in the second since we are counting an array starting from 0
2010-03-05 13:38:00 +01:00
Matthias Dieter Wallnöfer
8297302e98
s4:operational LDB - don't accidentally "ate" search helper attributes if we need them for more constructed attributes
...
With this patch we delete the helper attributes at the end where all constructed
attributes have already been computed.
2010-03-04 18:16:24 +01:00
Matthias Dieter Wallnöfer
ffa03820f1
s4:operational LDB module - make the counters unsigned
...
No need to have signed counters here.
2010-03-04 18:16:23 +01:00
Matthias Dieter Wallnöfer
bf94d68df8
s4:operational LDB - implement the "tokenGroups" constructed attribute
...
It contains the transitive SID closure (expand member/memberOf attributes) of a
certain SAM object. The "tokenGroups" attribute never contains the SID of the
object itself.
References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx ,
http://support.microsoft.com/kb/301916 ,
MS-ADTS 3.1.1.4.5.19.
2010-03-04 18:16:23 +01:00
Matthias Dieter Wallnöfer
e34ee26169
s4:operational LDB module - use right memory context int "construct_primary_group_token"
...
Use the "msg" as temporary context and not "ldb" which lives much longer.
2010-03-04 18:16:21 +01:00
Matthias Dieter Wallnöfer
fd00867e85
s4:samdb.c - Make it signed-safe
...
Use an unsigned argument for the numbers of groups and the counter "i" since
the function is called only by "auth_generate_session_info" with an unsigned
number of groups argument.
2010-03-03 20:15:25 +01:00
Stefan Metzmacher
0547af244a
s4:drepl_out_helpers: don't look at the internals of 'struct rpc_request'
...
metze
2010-03-01 16:11:56 +01:00
Stefan Metzmacher
1955cde46c
s4:drepl_notify: don't look at the internals of 'struct rpc_request'
...
metze
2010-03-01 16:11:56 +01:00
Stefan Metzmacher
c4e72add67
s4:dsdb/repl: make use of explicit dcerpc_*_recv functions
...
metze
2010-03-01 16:11:54 +01:00
Anatoliy Atanasov
b73437fbaa
s4/rodc: Implement samdb_rodc with ldb context
2010-03-01 14:17:32 +02:00
Stefan Metzmacher
4bad696f9e
s4:dsdb/schema: fix validation of DNs
...
ldb_dn_extended_filter() removes all but the listed components,
I didn't noticed that when writting the code.
Doing a ldb_dn_remove_extended_components(dn2) is wrong.
This was hidden by some bugs in the ldb_dn code.
metze
2010-02-26 23:26:32 +01:00
Andrew Tridgell
b0b857d6ca
s4-dns: use a loadparm list for samba_runcmd() commands
...
This allows commands with multiple arguments and quoting to be used,
while still avoiding running a shell (and this having shell expansion
problems)
2010-02-26 18:19:27 +11:00
Andrew Tridgell
64911507a0
s4-dsdb: fixed the fetch of the server site name
...
when the ntds objects were moved by a recent change it broke the
calculation of the server site
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26 13:22:12 +11:00
Matthias Dieter Wallnöfer
fc4c839bc8
s4:DNS update - change "i" to be unsigned
...
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25 08:17:12 +11:00
Matthias Dieter Wallnöfer
0be57c7478
s4:partition DSDB module - Generate basic referrals
...
This is a first, very basic implementation of the referrals (more informations
at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12).
To have the full referral support (and to always point to the right host) the
full implementation using DNS will be needed (at the moment we always point to
the main DC which is referenceable through the DNS domainname).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25 08:17:06 +11:00
Matthias Dieter Wallnöfer
cd5b542878
s4:partition DSDB module - change the search and domain scope control handling
...
The domain scope control is always removed, from the search one only the two
interesting flags (which are handled) and it is marked as non-critical.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25 08:17:00 +11:00
Matthias Dieter Wallnöfer
0efa8f4fbb
s4:SAMLDB module - ignore referrals
...
They don't cause any harm to our functionality - so ignore them were not needed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25 08:16:46 +11:00
Matthieu Patou
00aeca7d7f
dsdb: Add a more explicit error message for constructed attributes
...
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-24 14:50:30 +01:00
Kamen Mazdrashki
30ac3caade
s4/drs: Propagate drsuapi_DsReplicaGetInfoRequest... changes into source code
2010-02-24 14:14:08 +02:00
Kamen Mazdrashki
99db858b15
s4/drs: Propagate drsuapi_DsReplicaSync changes in source base
2010-02-24 14:14:07 +02:00
Kamen Mazdrashki
fffdce62fc
s4/schema: Move msDS-IntId implementation to samldb.c module
...
msDS-IntId attribute should be replicated, so it must be
implemented in a module that is before repl_meta_data module
(thanks abartlet for pointing this out).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-24 12:01:51 +11:00
Andrew Tridgell
7593b6d03b
s4-dns: improved logging, and run name check at startup
2010-02-23 13:48:21 +01:00
Andrew Tridgell
61af327e5d
s4-dns: call out to the dns update command every 10 minutes
...
This periodically calls samba_dnsupdate to update our DNS entries if
needed
2010-02-23 13:48:20 +01:00
Matthias Dieter Wallnöfer
280a8a70fd
s4:operational LDB module - enable support for passing referrals through it
2010-02-21 21:44:39 +01:00
Matthias Dieter Wallnöfer
c16d4fb76d
s4:partition DSDB module - Cosmetic fixups
2010-02-21 21:44:24 +01:00
Matthias Dieter Wallnöfer
461987bc26
s4:password_hash - Fix up request message pointers
...
For add requests we need the add request messages, for modify requests we need
the modify request messages.
2010-02-21 21:43:48 +01:00
Matthias Dieter Wallnöfer
eca8697d61
s4:dsdb/util.c - Use LDB result constants in some more helper functions
...
Always better to rely on the standards rather than on custom results.
2010-02-21 21:43:47 +01:00
Andrew Bartlett
a9d9447d5a
s4:credentials Add hooks to extract a named Kerberos credentials cache
...
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.
The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.
Andrew Bartlett
2010-02-20 17:58:07 +11:00
Anatoliy Atanasov
0e8fe821c9
s4/drs:kccdrs_replica_get_info_obj_metadata implementation
...
Fix the names of the drsuapi_DsReplicaInfoType enum and rebuild the .idl
The get_info_obj_metadata implementation is ported from implementation
i developed and tested at the samba io lab 2009
2010-02-17 18:03:31 +02:00
Andrew Tridgell
fd2556317f
s4-dnsupdate: use samba_runcmd() in the dns update task
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-17 19:43:32 +11:00
Andrew Tridgell
eda16f2410
s4-kcc: remove a qsort() that snuck into the new topology code
2010-02-16 22:42:59 +11:00
Andrew Tridgell
018fb2d1ae
s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1
...
In a single record search, LDB_ERR_CONSTRAINT_VIOLATION is more useful
than the generic LDB_ERR_OPERATIONS_ERROR
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:52 +11:00
Andrew Tridgell
86f8ddf754
s4-samdb: use dsdb_search() in cracknames
...
greatly simplifies some of the cracknames code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:52 +11:00
Andrew Tridgell
6d65f4c647
s4-kcc: remove search_onelevel_with_deleted() in kcc
...
Use dsdb_search() instead
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:51 +11:00
Andrew Tridgell
b630530730
s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()
...
dsdb_find_dn_by_guid() now takes a struct GUID instead of a
guid_string. All the callers in fact wanted a struct GUID, so we now
avoid the extra conversion.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:51 +11:00
Andrew Tridgell
8f4a34272e
s4-dsdb: replace dsdb_find_dn_by_guid() with a dsdb_search() call
...
much simpler code by using dsdb_flags
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:51 +11:00
Andrew Tridgell
e9be1fc41d
s4-dsdb: change dsdb_search_dn_with_deleted() to dsdb_search_dn() with dsdb_flags
...
Allows for arbitrary controls
2010-02-16 21:10:51 +11:00
Andrew Tridgell
90203f87e7
s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags
...
This allows for controls to be added easily where they are needed.
2010-02-16 21:10:50 +11:00
Andrew Tridgell
c6d85d67f9
s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flags
2010-02-16 21:10:50 +11:00
Andrew Tridgell
67950c27e4
s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.c
...
This will be used to allow the flag based ldb functions to work on
both a ldb or a module, thus saving a lot of specialist functions.
2010-02-16 21:10:50 +11:00
Erick Nogueira do Nascimento
23d1dd5189
s4-drs: DsGetReplInfo() refactoring
2010-02-16 08:34:28 +11:00
Erick Nogueira do Nascimento
3e2a8676c3
s4-drs: DsReplGetInfo() for DS_REPL_INFO_REPSTO infoType
...
Implements the DS_REPL_INFO_REPSTO infoType of DsReplGetInfo().
2010-02-16 08:34:28 +11:00
Andrew Tridgell
595982a475
s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE here
2010-02-16 00:12:09 +11:00
Eduardo Lima
9c46f425a2
s4-drs: enable the recyclebin optional feature
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-16 00:12:09 +11:00
Andrew Tridgell
aba73767c0
s4-kcc: remove C++ comment
2010-02-15 23:22:48 +11:00
Crístian Deives
0cf4e8aae6
s4-kcc: initial code for the topology algorithm
...
this patch contains the data structures declarations and the functions to
setup the graph.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15 23:22:48 +11:00
Andrew Tridgell
4edbb25599
s4-dsdb: don't change replPropertyMetaData if the value hasn't changed
...
When updating replPropertyMetaData, check if the value being stored is
the same as the current value, and skip the update if it is.
This is based on a patch by Fernando J V da Silva <fernandojvsilva@yahoo.com.br>
2010-02-15 23:22:48 +11:00
Fernando J V da Silva
5aa42f8010
s4-drs: Fixes bugs regarding Urgent Replication on wrong situations
...
It fixes the bug which causes an urgent replication to be enabled
incorrectly when an object is modified, but it should happen only
when it was created. This patch also fixes the bug that enable an
urgent replication when an object is deleted, but it should happen
only when it was modified and fixes the bug that does not enable
an urgent replication when an object is deleted and it should happen
only when it is deleted (not when it is modified).
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15 21:57:07 +11:00
Andrew Tridgell
4694b4677a
s4-dsdb: added dsdb_modify_permissive()
...
This will be used in the drsuapi server
2010-02-15 18:58:40 +11:00
Matthias Dieter Wallnöfer
415c615dbf
s4:util.c - Corrected the location of the "Directory Service" object
...
I wonder why nobody noticed this since for sure this "tombstone" functionality
was broken till now.
2010-02-13 18:24:45 +01:00
Andrew Tridgell
3ae75a4248
s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort()
2010-02-13 22:36:12 +11:00
Andrew Tridgell
5549190b37
s4-dsdb: use TYPESAFE_QSORT() in dsdb code
2010-02-13 22:36:12 +11:00
Andrew Tridgell
2cf97c403f
s4-dns: don't leave behind a tmp file
...
If the dns update file doesn't need updating we need to delete the tmp
file
2010-02-11 21:04:16 +11:00
Andrew Tridgell
89b6a80e72
s4-dns: added a dns update task
...
This task watches for changes in the list of DCs, and creates a bind9
formatted file that grants update permission to all DCs, plus to the
administration, and machines update for their own names.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-11 21:04:14 +11:00
Andrew Tridgell
32809bd8c1
util: rewrite dlinklist.h so that DLIST_ADD_END() is O(1)
...
This changes the meaning of the ->prev pointer in our doubly linked
lists to point at the end of the list from the front of the list. That
allows us to implement DLIST_ADD_END() and related functions in O(1)
time, which can be a huge saving in many places in Samba.
This also means that the 'type' argument to various DLIST_*() macros
is no longer needed, but I have left it in for now to keep the
patchset small, which will make it easier to revert if any problems
are found. In the future we should remove the 'type' arguments.
(jra. Move the one use of DLIST_TAIL over to the new macros).
2010-02-10 15:53:58 -08:00
Jeremy Allison
f017edc59f
s4-dsdb: update repl_meta_data.c to use new DLIST_ macros
2010-02-10 15:35:38 -08:00
Matthias Dieter Wallnöfer
a8d6549ccc
s4:subtree_delete - "NULL" as format string isn't allowed on FreeBSD
...
I changed the format string into "(objectClass=*)" which should be an
equivalent expression for choosing all available objects.
Consider bug 7115 for the issue.
2010-02-08 12:08:36 +01:00
Kamen Mazdrashki
8823a549ca
s4/drs: propagate DRS_ extension flags in code base
2010-02-05 10:51:57 +01:00
Matthias Dieter Wallnöfer
259ba3ab87
s4:mark the SYSTEM control always as non-critical
...
It is needed to not break the various LDAP backends. For reference look at
bug #7040 .
2010-02-04 11:08:58 +01:00
Matt Kraai
d8071e7ed7
Change uint_t to unsigned int in source4
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-02 07:18:18 +01:00
Fernando J V da Silva
28420fe68a
s4-drs: Reads uSNUrgent and sets Urgent Replication Bit for DS_ReplicaSync when necessary
...
If an urgent replication is necessary, so the uSNUrgent stored is equal to the
uSNHighest stored, then when sending the DS_ReplicaSync message it sets the
DRSUAPI_DRS_SYNC_URGENT bit on DRS_OPTIONS.
Signed-off-by: Fernando J V da Silva <fernandojvsilva@yahoo.com.br>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-28 17:21:41 +11:00
Andrew Tridgell
f461a72ec3
idl: switched to using the WSPP names for the 'neighbour' DRS options
...
The documentation shows that all these functions in fact use the same
flags variable type. To be consistent between functions, and to allow
easy reference to the WSPP docs, it is better for us to also use this
generic DrsOptions bitfield rather than one per operations.
2010-01-18 07:25:18 +11:00
Andrew Tridgell
2985aeb8c9
s4-dsdb: isGlobalCatalogReady should be shown by default
...
This caused repadmin.exe to crash. Thanks to Hongwei for tracking this
down for us.
2010-01-17 10:52:31 +11:00
Andrew Tridgell
ee736083c0
s4-kcc: added DsReplicaGetInfo pending ops call
...
Just return 0 pending ops for now
2010-01-16 14:10:45 +11:00
Andrew Tridgell
473345f800
s4-kcc: added DsReplicaGetInfo CURSORS2 level
2010-01-16 14:10:44 +11:00
Andrew Tridgell
93531a52f0
s4-idl: in DsReplicaGetInfo unknown2 is actually an enumeration_context
2010-01-16 14:10:44 +11:00
Andrew Tridgell
c22973d88d
s4-kcc: added support for CURSORS info level in DsReplicaGetInfo
2010-01-16 14:10:44 +11:00
Andrew Tridgell
8342d08f5c
s4-dsdb: take advantage of local cursor and sort
...
in getncchanges and repl task we don't need the extra load and sort
any more.
2010-01-16 14:10:43 +11:00
Andrew Tridgell
db7eba7080
s4-dsdb: add our local cursor and sort in dsdb_load_udv_*()
...
This makes things much simpler for the callers
2010-01-16 14:10:43 +11:00
Andrew Tridgell
09d947f77c
s4-dsdb: use dsdb_load_udv_v2() in repl task
2010-01-16 14:10:43 +11:00
Andrew Tridgell
4cef7427ec
s4-dsdb: added dsdb_load_udv_v2() and dsdb_load_udv_v1()
2010-01-16 14:10:43 +11:00
Andrew Tridgell
3ff3612e29
s4-kcc: simplify the ReplicaGetInfo implementation a bit
2010-01-16 14:10:43 +11:00
Andrew Tridgell
900fea322c
s4-kcc: squash a warning
2010-01-16 14:10:42 +11:00
Andrew Tridgell
5bfeed89da
s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS infoType.
...
This patch includes the framework for the implementation of all infoTypes of
the DsGetReplInfo() call, and includes the implementation for the first one,
the DS_REPL_INFO_NEIGHBORS.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-16 14:10:42 +11:00
Andrew Tridgell
51bf383c26
s4-dsdb: added isGlobalCatalogReady
...
needed for dcdiag.exe
2010-01-16 14:10:41 +11:00
Andrew Tridgell
88ec10b757
s4-drepl: switch drepl over to using the generic DRS options flags
...
WSPP uses a single set of flags for all these DRS operations.
2010-01-14 15:37:59 +11:00
Fernando J V da Silva
6f806b7079
s4-drs: Uses dsdb_load_partition_usn() with urgent_uSN in s4 code
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-14 15:37:59 +11:00
Fernando J V da Silva
e30d009965
s4-drs: Store uSNUrgent for Urgent Replication
...
When a object or attribute is created/updated/deleted, according
to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED
for the partitions that it belongs.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-14 15:37:58 +11:00
Stefan Metzmacher
204e4b26ae
s4:dsdb: use validate_update module
...
metze
2010-01-13 16:06:41 +01:00
Stefan Metzmacher
1f2efef214
s4:dsdb/schema: add dsdb_syntax_OID_validate_ldb()
...
This is a very heavy weight way of checking this syntax,
but it's very complex and using the existing function
should be ok for now. We can optimize it later.
metze
2010-01-13 16:06:41 +01:00
Stefan Metzmacher
f0fed6cadd
s4:dsdb/schema: add dsdb_syntax_DN_STRING_validate_ldb()
...
metze
2010-01-13 16:06:40 +01:00
Stefan Metzmacher
83baa44c67
s4:dsdb/schema: add dsdb_syntax_DN_BINARY_validate_ldb()
...
metze
2010-01-13 16:06:40 +01:00
Stefan Metzmacher
39dda462cd
s4:dsdb/schema: add dsdb_syntax_DN_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
4fa2bf8184
s4:dsdb/schema: add dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
ba8a930d0e
s4:dsdb/schema: add dsdb_syntax_UNICODE_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
674e8350b6
s4:dsdb/schema: add dsdb_syntax_DATA_BLOB_validate_ldb()
...
metze
2010-01-13 16:06:38 +01:00
Stefan Metzmacher
e2b9454d36
s4:dsdb/schema: add dsdb_syntax_NTTIME_validate_ldb()
...
metze
2010-01-13 16:06:38 +01:00
Stefan Metzmacher
eb261a9fda
s4:dsdb/schema: add dsdb_syntax_NTTIME_UTC_validate_ldb()
...
metze
2010-01-13 16:06:37 +01:00
Stefan Metzmacher
5f13a16295
s4:dsdb/schema: add dsdb_syntax_INT64_validate_ldb()
...
metze
2010-01-13 16:03:55 +01:00
Stefan Metzmacher
ece3defd15
s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
a0f2a49b8a
s4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
bf1f067b0c
s4:dsdb: add validate_update module
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
b20707c11a
s4:dsdb/schema: add inftrastructure for dsdb_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
61589085c4
s4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappers
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
24ecd19b30
s4:dsdb/resolve_oids: also resolve oid in search attribute list
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
f715414afa
s4:dsdb/schema_load: add a TODO about schema reloading
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
92b87eb474
s4:dsdb/repl: reorder dreplsrv_op_notify* functions
...
This make the whole async dreplsrv_op_notify_send/recv()
readable.
metze
2010-01-13 16:00:20 +01:00
Stefan Metzmacher
e886b6e240
s4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_req
...
metze
2010-01-13 14:52:00 +01:00
Stefan Metzmacher
232197e9ab
s4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation.
...
In lsa_BinaryString length and size are byte counts!
TODO: we may need to do byte order conversion in this functions too...
metze
2010-01-13 14:52:00 +01:00
Stefan Metzmacher
5d08309204
s4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int()
...
This is important as LDAP servers always play with int32 values
and we have to encode 0x80000000 as "-2147483648" instead of "2147483648".
metze
2010-01-13 14:51:59 +01:00
Stefan Metzmacher
2d7ad938d0
s4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64()
...
This is important as LDAP servers always play with int64 values
and we have to encode 0x8000000000000000LL as "-9223372036854775808"
instead of "9223372036854775808".
metze
2010-01-13 14:51:59 +01:00
Matthias Dieter Wallnöfer
601ea3a442
s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
2010-01-10 22:48:05 +01:00
Andrew Tridgell
d5091a1dd9
s4-dsdb: added samdb_domain_sid_cache_only()
2010-01-10 13:23:37 +11:00
Andrew Tridgell
c03a101e6d
s4-drs: instanceType is always sent, regardless of UDV values
2010-01-09 22:08:36 +11:00
Andrew Tridgell
93fefefea8
s4-samldb: fixed primaryGroupID when promoting a machine to a DC
...
The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done
without changing the member attributes of its groups.
2010-01-09 21:59:33 +11:00
Andrew Tridgell
45f49d0a58
s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
...
This allows us to filter correctly for a NC that we have created but
not pulled from anyone.
2010-01-09 21:59:33 +11:00
Andrew Tridgell
b37bec8e06
s4-drs: give DN of failed replication partition
2010-01-09 21:59:32 +11:00
Andrew Tridgell
8c2d7ae19e
s4-dsdb: added samdb_ldb_val_case_cmp()
2010-01-09 18:56:29 +11:00
Andrew Tridgell
7010fad4ea
s4-drs: calculate and send a uptodateness_vector with replication requests
...
This stops us getting objects changes twice if they came via an
indirect path.
2010-01-09 18:56:29 +11:00
Andrew Tridgell
349f7ba09c
s4-drs: added filtering by udv in getncchanges
...
When a client supplied an uptodateness_vector, we can use it to filter
what objects we return. This greatly reduces the amount of replication
traffic between DCs.
2010-01-09 13:11:27 +11:00
Andrew Tridgell
c93a182a0d
s4-schema: added some debug for bad attributes
2010-01-08 18:24:53 +11:00
Andrew Tridgell
5ccf8ae373
s4-samba3samtest: we need to force netbios name as well
...
needed for when run in CLIENT context
2010-01-08 13:03:08 +11:00
Andrew Tridgell
dde2b66341
s4-samba3sid: fixed error returns when res->count != 1 and oom
2010-01-08 13:03:08 +11:00
Andrew Tridgell
9aed099362
s4-samba3samtest: force workgroup so the domain is right
...
the samba3sid backend looks at lp_sam_name() which is based on the
workgroup
2010-01-08 13:03:07 +11:00
Andrew Tridgell
f68c43e803
s4-samba3sid: the sambaNextRid attribute is actually the previous RID
...
Not well named .... though same mistake that MS made with rIDNextRid
2010-01-08 13:03:07 +11:00
Andrew Tridgell
d6f92db456
s4-samba3sam: use samba3sid module
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:07 +11:00
Andrew Tridgell
dd61336165
s4-dsdb: added a samba3sid module
...
This module allocates SIDs using the Samba3 algorithm, for use with
the samba3sam module.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:07 +11:00
Andrew Tridgell
43a815c67a
s4-samba3samtest: use system credentials for creating users
2010-01-08 13:03:07 +11:00
Andrew Tridgell
8b8bb15a54
s4-dsdb: fixed const misuse in acl module
2010-01-08 13:03:06 +11:00
Andrew Tridgell
baa8793a94
s4-dsdb: use dsdb_module_am_system() in acl module
2010-01-08 13:03:06 +11:00
Andrew Tridgell
595fad2b34
s4-dsdb: allow specification of a SID if we are system
...
needed for samba3sam test
2010-01-08 13:03:06 +11:00
Andrew Tridgell
f118f54ee7
s4-dsdb: added dsdb_module_am_system()
...
better than each module inventing their own
2010-01-08 13:03:06 +11:00
Andrew Tridgell
d22a9e5d3b
s4-dsdb: squash some unknown structure warnings
2010-01-08 13:03:06 +11:00
Andrew Tridgell
5d6032eb4b
s4-partition: fixed selection of partitions on exact match
...
When a search is on the root of a partition on the global catalog,
don't search partitions above that one.
2010-01-08 13:03:06 +11:00
Stefan Metzmacher
501dd4a3b5
s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
...
metze
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-08 13:03:05 +11:00
Andrew Tridgell
2d10f3a841
s4-dsdb: poke the RID Manager when completely out of RIDs too
2010-01-08 13:03:05 +11:00