Matthieu Patou
10995d9256
s4-python: add unit test for ntacls manipulation in python
2010-01-21 07:11:16 +13:00
Matthieu Patou
3789ba2654
s4-python: add more unit tests for xattr manipulation in python
2010-01-21 07:11:16 +13:00
Matthieu Patou
f0954c7372
s4: update setntacl and getntacl to select the adaquate backend (fs/tdb) for storing xattr
2010-01-21 07:11:15 +13:00
Matthieu Patou
c442b2534f
s4: ntvfs, create push_xattr_blob_tdb_raw and pull_xattr_blob_tdb_raw that do not depend on pvfs objects
...
Following a talk with tridge on IRC, this patch allow (pull|push)_xattr_blob to be called without
having a pvfs object. It's handy for programs that wants to manipulate xattr directly.
2010-01-21 07:11:15 +13:00
Matthieu Patou
e78626dc2e
s4: Set acls correctly on all sysvol and scripts shares
2010-01-21 07:11:15 +13:00
Matthieu Patou
9b70979bc9
s4: Make unixid optional
...
Make unixid optional, if value not supplied next id from id pool will be used.
Create a function to get next id in id pool.
2010-01-21 07:11:15 +13:00
Matthieu Patou
028c9b1c15
s4: regroup gpo modification in one function, set acl on files accordingly with ACL in LDAP
2010-01-21 07:11:14 +13:00
Matthieu Patou
08c59c38a2
s4: Create unit tests for python "samba.xattr" module
2010-01-21 07:11:14 +13:00
Matthieu Patou
c80ecd9964
s4: add python bindings for wrap_(s|g)etxattr
2010-01-21 07:11:13 +13:00
Michael Adam
45465cb7da
s4:selftest: add the samr-passwords-lockout test to knownfail
...
This is not implemented completely yet.
Needs fixing in the future.
Michael
2010-01-20 17:32:58 +01:00
Michael Adam
9764db806f
torture: add new test RPC-SAMR-PASSWORDS-LOCKOUT
...
This tests account lockout features.
Windows 2003r2 and Windows 2008r2 survice this test.
Note: Windows does not set the ACB_AUTOLOCK account flag when it
locks out an account.
One thing that could/should be added to this test is a check of
the lockout time property.
Michael
2010-01-20 17:32:58 +01:00
Jelmer Vernooij
18943bba9c
selftest: Use SUBUNIT_FORMATTER command, if set in the environment.
2010-01-20 11:05:04 +13:00
Wilco Baan Hofman
8067bf629c
Fix unintentional free of the last value when adding a new value to a key.
...
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-01-20 09:59:18 +13:00
Günther Deschner
f8314c27b3
s4-smbtorture: remove unneeded ncaclrpc dir setup from RPC-SPOOLSS-NOTIFY.
...
Guenther
2010-01-19 17:17:29 +01:00
Günther Deschner
40d3408dd3
s4-smbtorture: also configure check smbc_setOptionCaseSensitive for LIBSMBCLIENT testsuite.
...
Guenther
2010-01-19 16:24:35 +01:00
Günther Deschner
f5bba4034b
s4-smbtorture: support spoolss_ReplyClosePrinter server call in RPC-SPOOLSS-NOTIFY.
...
A handle obtained with spoolss_ReplyOpenPrinter will be closed with
spoolss_ReplyClosePrinter when we call spoolss_ClosePrinter on the remote side.
Guenther
2010-01-19 14:14:30 +01:00
Günther Deschner
2b68215a22
s4-smbtorture: restructure spoolss server implementations in RPC-SPOOLSS-NOTIFY.
...
Guenther
2010-01-19 14:14:30 +01:00
Günther Deschner
e0660ed1bc
s4-smbtorture: skip ReplyOpenPrinter test in RPC-SPOOLSS-NOTIFY while testing s3.
...
Guenther
2010-01-19 14:14:30 +01:00
Günther Deschner
7d1c1e0083
s4-smbtorture: strip trailing whitespace.
...
Guenther
2010-01-19 14:14:30 +01:00
Andrew Tridgell
f461a72ec3
idl: switched to using the WSPP names for the 'neighbour' DRS options
...
The documentation shows that all these functions in fact use the same
flags variable type. To be consistent between functions, and to allow
easy reference to the WSPP docs, it is better for us to also use this
generic DrsOptions bitfield rather than one per operations.
2010-01-18 07:25:18 +11:00
Andrew Tridgell
dde836adbd
s4-drs: allow for security bypass for DsReplicaGetInfo
...
Use --option=drs:disable_sec_check=true until the group membership bug
with the PAC is fixed.
2010-01-17 10:52:31 +11:00
Andrew Tridgell
2985aeb8c9
s4-dsdb: isGlobalCatalogReady should be shown by default
...
This caused repadmin.exe to crash. Thanks to Hongwei for tracking this
down for us.
2010-01-17 10:52:31 +11:00
Jelmer Vernooij
aa1fce645a
ldap: Fix test failure that seemed to go unreported previously.
2010-01-17 12:35:26 +13:00
Jelmer Vernooij
a18889fd77
ldap.py: Remove unused imports.
2010-01-17 12:26:53 +13:00
Kai Blin
791a2df656
s4 selftest: Fix and reenable WINBIND-STRUCT.NETBIOS_NAME test
2010-01-16 12:38:12 +01:00
Andrew Tridgell
29d08bfe26
s4-kerberos: raise the general kerberos debug level to 3
...
level 2 for every krb request is a bit much
2010-01-16 18:30:22 +11:00
Jelmer Vernooij
28577aae92
Import testtools as well, required for subunit.
2010-01-16 19:53:49 +13:00
Jelmer Vernooij
b6b46b4978
subunit: Import new version.
2010-01-16 19:53:49 +13:00
Jelmer Vernooij
53d7c4c7a2
Fix permissions - net subcommand modules don't need to be executable.
2010-01-16 19:53:48 +13:00
Andrew Tridgell
4e0090c917
s4-torture: fixed DsReplicaGetInfo elements
2010-01-16 14:45:33 +11:00
Andrew Tridgell
ee736083c0
s4-kcc: added DsReplicaGetInfo pending ops call
...
Just return 0 pending ops for now
2010-01-16 14:10:45 +11:00
Andrew Tridgell
84b47d3334
s4-provision: added w2k8r2 ldap capabilities
2010-01-16 14:10:44 +11:00
Andrew Tridgell
637d50b5d0
s4-devel: added rebuild_zone.sh
...
This rebuilds a DNS zone file, including all DCs from sam.ldb
2010-01-16 14:10:44 +11:00
Andrew Tridgell
a9808ae83d
s4-provision: added "check-names ignore;" to allow for _msdcs A records
2010-01-16 14:10:44 +11:00
Andrew Tridgell
473345f800
s4-kcc: added DsReplicaGetInfo CURSORS2 level
2010-01-16 14:10:44 +11:00
Andrew Tridgell
93531a52f0
s4-idl: in DsReplicaGetInfo unknown2 is actually an enumeration_context
2010-01-16 14:10:44 +11:00
Andrew Tridgell
c22973d88d
s4-kcc: added support for CURSORS info level in DsReplicaGetInfo
2010-01-16 14:10:44 +11:00
Andrew Tridgell
8342d08f5c
s4-dsdb: take advantage of local cursor and sort
...
in getncchanges and repl task we don't need the extra load and sort
any more.
2010-01-16 14:10:43 +11:00
Andrew Tridgell
db7eba7080
s4-dsdb: add our local cursor and sort in dsdb_load_udv_*()
...
This makes things much simpler for the callers
2010-01-16 14:10:43 +11:00
Andrew Tridgell
0bba44094a
s4-drs: use dsdb_load_udv_v2() in getncchanges code
2010-01-16 14:10:43 +11:00
Andrew Tridgell
09d947f77c
s4-dsdb: use dsdb_load_udv_v2() in repl task
2010-01-16 14:10:43 +11:00
Andrew Tridgell
4cef7427ec
s4-dsdb: added dsdb_load_udv_v2() and dsdb_load_udv_v1()
2010-01-16 14:10:43 +11:00
Andrew Tridgell
3ff3612e29
s4-kcc: simplify the ReplicaGetInfo implementation a bit
2010-01-16 14:10:43 +11:00
Andrew Tridgell
900fea322c
s4-kcc: squash a warning
2010-01-16 14:10:42 +11:00
Andrew Tridgell
3a9b33b487
s4-drs: better debug info when security checks fail
...
show the security token of the user at debug level 2
2010-01-16 14:10:42 +11:00
Andrew Tridgell
5efff3ad6a
s4-dsdb: require admin access for DsReplicaGetInfo
2010-01-16 14:10:42 +11:00
Andrew Tridgell
5bfeed89da
s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS infoType.
...
This patch includes the framework for the implementation of all infoTypes of
the DsGetReplInfo() call, and includes the implementation for the first one,
the DS_REPL_INFO_NEIGHBORS.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-16 14:10:42 +11:00
Andrew Tridgell
22d92157e3
s4-drs: give better debug info on unsupported DRS calls
2010-01-16 14:10:41 +11:00
Erick Nogueira do Nascimento
48bdf3e608
s4-drs: torture test for DsGetReplInfo() (RPC-DSGETINFO test).
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-16 14:10:41 +11:00
Andrew Tridgell
51bf383c26
s4-dsdb: added isGlobalCatalogReady
...
needed for dcdiag.exe
2010-01-16 14:10:41 +11:00
Andrew Tridgell
a56ede9027
s4-ldb: cope with bad ptr alignment in ldb_index.c
...
We can't assume that a rec_ptr will come back from a tdb traverse with
alignment sufficient for a pointer.
2010-01-16 09:34:27 +11:00
Kai Blin
5c016ad88e
s4 selftest: Ignore more winbind test known to fail
2010-01-15 02:09:05 +01:00
Günther Deschner
9d881f4cfb
s4-smbtorture: add setup_schannel_netlogon_pipe() function.
...
Guenther
2010-01-15 00:53:16 +01:00
Andreas Schneider
33a4739090
s4-torture: Migrate ntp_signd test to tsocket.
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-14 21:37:48 +01:00
Günther Deschner
d95ad11bc5
s4-smbtorture: add rather simple libsmbclient torture testsuite.
...
Guenther
2010-01-14 19:48:29 +01:00
Kai Blin
cf38a1f850
s3 test: Fix WINBINDD-STRUCT tests
...
The struct-based tests are working in make selftest, make them work in plain
"make test" as well.
2010-01-14 15:18:35 +01:00
Kai Blin
89e6eac290
s3 selftest: Fix LOOKUP_SID test.
...
WINBINDD_LIST_USERS does not give a domain name if we're a DC and the user is
from our domain.
2010-01-14 15:18:35 +01:00
Kai Blin
e95c04f0f1
s3 selftest: Fix WINBINDD_LIST_GROUPS test
...
If there's no groups in the database, there are no entries in extra_data. This
caused WINBINDD_LIST_GROUPS test to fail. Use the fact that
WINBINDD_LIST_GROUPS now reports the number of groups in data.num_entries to
identify the "no groups" case.
2010-01-14 15:18:35 +01:00
Kai Blin
a4f21d5dc8
s3 selftest: Allow the enumeration of users and groups
...
This fixes the WINBINDD_GETPWENT test.
2010-01-14 15:18:34 +01:00
Kai Blin
a6015a858d
s3 selftest: Fix the WINBINDD_GETDCNAMEe test.
...
The WINBINDD_GETDCNAME test expected an NSS_STATUS_SUCCESS return from all
calls. However, this does not apply for BUILTIN and the DC's own domain.
Make the test work again by skipping those two.
2010-01-14 15:18:34 +01:00
Matthias Dieter Wallnöfer
b1d2bb3e51
s4:provision_users.ldif - Add a comment that some objects under "Users" are now located elsewhere
...
This is needed due to the new RID/SID distribution system
2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
face5d3030
s4:provision_users.ldif - Add objects for IIS
...
Some WSPP locations point out that beginning with Windows Server 2008 they're
also per default present.
Compared against Windows Server 2008
2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
9ac39b659f
s4:provision_users.ldif - Add additional BUILTIN objects
...
Compared against Windows Server 2008
2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
2a05dd6fcc
s4:provision_users.ldif - add the restant part of the objects needing for RODC support
...
RODC = Read Only Domain Controllers
Compared against Windows Server 2008
2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
71357053bb
s4:provision_users.ldif - Fix up errors on existing entries
...
Compared against Windows Server 2008
2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
81053e9124
s4:provision_users.ldif - Simple reordering
...
Sorted according the SID - easier for later enhancements.
2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
a0d7f3e344
s4:provision_users.ldif - Remove system objects from the wrong place
...
Objects like the "Cryptographic Operators", "Event Log Readers" don't belong
here but into the builtin domain.
2010-01-14 10:58:06 +01:00
Matthias Dieter Wallnöfer
40bc48dfa9
s4:SAMR RPC - Fix the criteria for group searches
...
This should match the MS-SAMR documentation (section 3.1.5.5.1.1)
2010-01-14 10:58:06 +01:00
Andrew Tridgell
74a5719614
s4-torture: switch smbtorture to the generic DRS options
2010-01-14 15:37:59 +11:00
Andrew Tridgell
2008d24e91
s4-drs: switch the DRS server to the generic DRS options flags
2010-01-14 15:37:59 +11:00
Andrew Tridgell
a5d6117065
s4-torture: switch to generic DRS options flags
2010-01-14 15:37:59 +11:00
Andrew Tridgell
88ec10b757
s4-drepl: switch drepl over to using the generic DRS options flags
...
WSPP uses a single set of flags for all these DRS operations.
2010-01-14 15:37:59 +11:00
Fernando J V da Silva
6f806b7079
s4-drs: Uses dsdb_load_partition_usn() with urgent_uSN in s4 code
...
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-14 15:37:59 +11:00
Fernando J V da Silva
e30d009965
s4-drs: Store uSNUrgent for Urgent Replication
...
When a object or attribute is created/updated/deleted, according
to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED
for the partitions that it belongs.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-14 15:37:58 +11:00
Stefan Metzmacher
204e4b26ae
s4:dsdb: use validate_update module
...
metze
2010-01-13 16:06:41 +01:00
Stefan Metzmacher
1f2efef214
s4:dsdb/schema: add dsdb_syntax_OID_validate_ldb()
...
This is a very heavy weight way of checking this syntax,
but it's very complex and using the existing function
should be ok for now. We can optimize it later.
metze
2010-01-13 16:06:41 +01:00
Stefan Metzmacher
f0fed6cadd
s4:dsdb/schema: add dsdb_syntax_DN_STRING_validate_ldb()
...
metze
2010-01-13 16:06:40 +01:00
Stefan Metzmacher
83baa44c67
s4:dsdb/schema: add dsdb_syntax_DN_BINARY_validate_ldb()
...
metze
2010-01-13 16:06:40 +01:00
Stefan Metzmacher
39dda462cd
s4:dsdb/schema: add dsdb_syntax_DN_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
4fa2bf8184
s4:dsdb/schema: add dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
ba8a930d0e
s4:dsdb/schema: add dsdb_syntax_UNICODE_validate_ldb()
...
metze
2010-01-13 16:06:39 +01:00
Stefan Metzmacher
674e8350b6
s4:dsdb/schema: add dsdb_syntax_DATA_BLOB_validate_ldb()
...
metze
2010-01-13 16:06:38 +01:00
Stefan Metzmacher
e2b9454d36
s4:dsdb/schema: add dsdb_syntax_NTTIME_validate_ldb()
...
metze
2010-01-13 16:06:38 +01:00
Stefan Metzmacher
eb261a9fda
s4:dsdb/schema: add dsdb_syntax_NTTIME_UTC_validate_ldb()
...
metze
2010-01-13 16:06:37 +01:00
Stefan Metzmacher
5f13a16295
s4:dsdb/schema: add dsdb_syntax_INT64_validate_ldb()
...
metze
2010-01-13 16:03:55 +01:00
Stefan Metzmacher
ece3defd15
s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
a0f2a49b8a
s4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
bf1f067b0c
s4:dsdb: add validate_update module
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
b20707c11a
s4:dsdb/schema: add inftrastructure for dsdb_validate_ldb()
...
metze
2010-01-13 16:03:54 +01:00
Stefan Metzmacher
61589085c4
s4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappers
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
24ecd19b30
s4:dsdb/resolve_oids: also resolve oid in search attribute list
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
f715414afa
s4:dsdb/schema_load: add a TODO about schema reloading
...
metze
2010-01-13 16:03:53 +01:00
Stefan Metzmacher
7d41afece7
s4:ldb/tests: do a "schemaUpdateNow" after creating a new attribute in ldap_schema.py
...
It seems that windows doesn't need that.
And we should think about a check for reloading the schema
at the start of each "write" operation.
metze
2010-01-13 16:03:52 +01:00
Stefan Metzmacher
92b87eb474
s4:dsdb/repl: reorder dreplsrv_op_notify* functions
...
This make the whole async dreplsrv_op_notify_send/recv()
readable.
metze
2010-01-13 16:00:20 +01:00
Stefan Metzmacher
e886b6e240
s4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_req
...
metze
2010-01-13 14:52:00 +01:00
Stefan Metzmacher
232197e9ab
s4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation.
...
In lsa_BinaryString length and size are byte counts!
TODO: we may need to do byte order conversion in this functions too...
metze
2010-01-13 14:52:00 +01:00
Stefan Metzmacher
ca9bc96b96
s4:ldb_msg: first try to decode integers as signed and then fallback to unsigned
...
LDAP only knowns about signed integers, so let
ldb_msg_find_attr_as_uint() and ldb_msg_find_attr_as_uint64() cope
with it.
metze
2010-01-13 14:52:00 +01:00
Stefan Metzmacher
5d08309204
s4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int()
...
This is important as LDAP servers always play with int32 values
and we have to encode 0x80000000 as "-2147483648" instead of "2147483648".
metze
2010-01-13 14:51:59 +01:00
Stefan Metzmacher
2d7ad938d0
s4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64()
...
This is important as LDAP servers always play with int64 values
and we have to encode 0x8000000000000000LL as "-9223372036854775808"
instead of "9223372036854775808".
metze
2010-01-13 14:51:59 +01:00
Stefan Metzmacher
8d4b913ce2
s4:ldb: be more strict in parsing ldb time strings
...
metze
2010-01-13 14:51:59 +01:00
Andreas Schneider
129c15c083
s4-ntp_signd: Migrate to tsocket.
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-13 14:51:58 +01:00
Nadezhda Ivanova
a4eaa11134
Fixed a problem with incorrect default SD owner/group.
2010-01-13 15:16:38 +02:00
Zahari Zahariev
5d1aa4c5b7
Comparison tool for LDAP servers (using Ldb)
...
This tool is integrated with Samba4 Ldb. It provides a useful output
where you can find easy differences in objects or attributes within
naming context (Domain, Configuration or Schema).
Added functionality for two sets of credentials.
2010-01-13 12:06:17 +02:00
Simo Sorce
3d184399a5
Strip trailing spaces
2010-01-12 13:50:24 -05:00
Günther Deschner
3b82254903
s4-selftest: RPC-SAMR-PASSWORDS-BADPWDCOUNT fails against s4.
...
Seems like account lockout is not implemented at all yet.
Guenther
2010-01-12 12:34:55 +01:00
Günther Deschner
13dad38930
s4-smbtorture: fix GetAliasMembership test in RPC-SAMR.
...
Guenther
2010-01-12 12:12:05 +01:00
Günther Deschner
a744dbcf2b
s4-smbtorture: add RPC-SAMR-PASSWORDS-BADPWDCOUNT torture test.
...
This test checks the behavior (since w2k3 sp1) of the badPwdCount samr attribute
in relation to password history and successfull and unsucessful netlogon
samlogons.
Michael, please check. This should help verifiying Bug #4347 .
Guenther
2010-01-12 12:09:47 +01:00
Günther Deschner
c9e84ad397
s4-smbtorture: allow test_SamLogon to test interactive samlogon in RPC-SAMR family of tests.
...
Guenther
2010-01-12 12:09:25 +01:00
Simo Sorce
e0e255fb24
Fix comment/debug messages
2010-01-11 11:55:28 -05:00
Andrew Bartlett
c32b0b6b02
Merge remote branch 'origin/master' into alpha11release
2010-01-11 17:10:32 +11:00
Andrew Bartlett
f6b10596ca
and we move on towards Samba4 alpha12!
2010-01-11 17:05:06 +11:00
Andrew Bartlett
1a76c80466
This is Samba4 alpha11!
2010-01-11 14:58:11 +11:00
Steven Danneman
5323fe99c3
s4/torture: Parameterize output in LOCK tests based off server support
...
Two new torture parameters:
* smbexit_pdu_support: if the Server supports the Exit command
* range_not_locked_on_file_close: whether the server returns the
NT_STATUS_RANGE_NOT_LOCKED error when a file is closed which has a
pending lock request. Windows returns this error, though per the
spec, this error should only be returned to an unlock request.
2010-01-10 16:12:44 -08:00
Andrew Tridgell
73422e7dd8
Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode"
...
This reverts commit 5c174c68cc
.
This series of commits broke 'make test'.
Matthias, please make sure you run a _full_ make test before every
push.
2010-01-11 10:08:30 +11:00
Andrew Tridgell
3af84c1cde
Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now"
...
This reverts commit 61dfd3dc1d
.
This series of commits broke 'make test'.
Matthias, please make sure you run a _full_ make test before every
push.
2010-01-11 10:07:53 +11:00
Andrew Tridgell
306de3051d
Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group"
...
This reverts commit 9ee895fcf6
.
This series of commits broke 'make test'.
Matthias, please make sure you run a _full_ make test before every
push.
2010-01-11 10:06:58 +11:00
Andrew Tridgell
aa4501538a
Revert "s4:provision_users.ldif - Add objects for IIS"
...
This reverts commit 91e2100287
.
This series of commits broke 'make test'.
Matthias, please make sure you run a _full_ make test before every
push.
2010-01-11 10:05:50 +11:00
Matthias Dieter Wallnöfer
2cedefabc9
s4:upgradeprovision - fix up the script regarding linked attributes
...
We have to try to add new objects until between two iterations we didn't make
any progress. Either we are then done (no objects remaining) or we are
incapable to do this fully automatically.
The latter can happen if important system objects (builtin groups, users...)
moved (e.g. consider one of my recent comments). Then the new object can't be
added if it contains the same "sAMAccountName" attribute as the old one. We
have to let the user delete the old one (also to give him a chance to backup
personal changes - if needed) and only then the script is capable to add the
new one onto the right place. Make this clear with an exhaustive error output.
I personally don't see a good way how to do this better for now so I would leave
this as a manual step.
2010-01-10 22:48:06 +01:00
Matthias Dieter Wallnöfer
e0d6b0977e
s4:upgradeprovision - Reformat comments
...
Make them break at line 80 (better readability).
2010-01-10 22:48:05 +01:00
Matthias Dieter Wallnöfer
601ea3a442
s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
2010-01-10 22:48:05 +01:00
Matthias Dieter Wallnöfer
91e2100287
s4:provision_users.ldif - Add objects for IIS
...
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too.
2010-01-10 22:48:05 +01:00
Matthias Dieter Wallnöfer
e72787f0af
s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
2010-01-10 22:48:04 +01:00
Matthias Dieter Wallnöfer
9ee895fcf6
s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group
2010-01-10 22:48:04 +01:00
Matthias Dieter Wallnöfer
61dfd3dc1d
s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
...
This belongs to the AD IIS stuff where I don't know yet if we should import it.
2010-01-10 11:07:16 +01:00
Matthias Dieter Wallnöfer
5c174c68cc
s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
...
Additionally I had to fix some bugs (especially wrong "groupTypes") and
reordered the objects using the SID (this is easier when enhancing the file).
2010-01-10 10:50:46 +01:00
Andrew Tridgell
a3e089db19
s4-ldb: display security descriptors with correct SDL for known SIDs
...
This makes it much easier to compare SDs
2010-01-10 13:23:38 +11:00
Andrew Tridgell
d5091a1dd9
s4-dsdb: added samdb_domain_sid_cache_only()
2010-01-10 13:23:37 +11:00
Andrew Tridgell
c03a101e6d
s4-drs: instanceType is always sent, regardless of UDV values
2010-01-09 22:08:36 +11:00
Andrew Tridgell
a894eeab77
s4-debug: lower the verbosity of a couple of common log messages
2010-01-09 21:59:34 +11:00
Andrew Tridgell
93fefefea8
s4-samldb: fixed primaryGroupID when promoting a machine to a DC
...
The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done
without changing the member attributes of its groups.
2010-01-09 21:59:33 +11:00
Andrew Tridgell
8a09dc1266
s4-schema: fixed the SDDL for the schema root security descriptor
...
This was preventing a DCPROMO client from allowing outgoing
replication
2010-01-09 21:59:33 +11:00
Andrew Tridgell
45f49d0a58
s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
...
This allows us to filter correctly for a NC that we have created but
not pulled from anyone.
2010-01-09 21:59:33 +11:00
Andrew Tridgell
b37bec8e06
s4-drs: give DN of failed replication partition
2010-01-09 21:59:32 +11:00
Andrew Tridgell
04e82370db
s4-drs: base is_nc_prefix on instanceType
...
for extended operations comparing to the ncRoot_dn is not correct
2010-01-09 18:56:30 +11:00
Andrew Tridgell
67d8518f2c
s4-drs: having no SPNs to change is not an error
2010-01-09 18:56:30 +11:00
Andrew Tridgell
ba745a4356
s4-drs: fixed writespn to ignore add/delete errors
...
When a SPN is added and already exists, it is ignored. Similarly, when
a SPN is deleted and doesn't exist, it is ignored.
2010-01-09 18:56:30 +11:00
Andrew Tridgell
8c2d7ae19e
s4-dsdb: added samdb_ldb_val_case_cmp()
2010-01-09 18:56:29 +11:00
Andrew Tridgell
acf33e0d58
s4-drs: moved the DsWriteAccountSpn call to its own file
2010-01-09 18:56:29 +11:00
Andrew Tridgell
8ccedc3ac7
s4-libnet: dsdb_wellknown_dn() in vampire code
2010-01-09 18:56:29 +11:00
Andrew Tridgell
1158c13861
s4-drs: need to set the getncchanges extended_ret on success too
2010-01-09 18:56:29 +11:00
Andrew Tridgell
7010fad4ea
s4-drs: calculate and send a uptodateness_vector with replication requests
...
This stops us getting objects changes twice if they came via an
indirect path.
2010-01-09 18:56:29 +11:00
Andrew Tridgell
39730ac302
s4-drs: be less verbose when we filter objects by UDV
2010-01-09 18:56:28 +11:00
Andrew Tridgell
349f7ba09c
s4-drs: added filtering by udv in getncchanges
...
When a client supplied an uptodateness_vector, we can use it to filter
what objects we return. This greatly reduces the amount of replication
traffic between DCs.
2010-01-09 13:11:27 +11:00
Andrew Tridgell
9e6eb22f7f
s4-drs: fixed the NC in the getncchanges RID alloc reply
...
the search happens on a different DN to the NC of the request, but the
reply is with the original NC
2010-01-09 10:15:14 +11:00
Andrew Tridgell
651ddb720a
s4-messaging: remove only usage of debug_ctx()
2010-01-09 10:15:13 +11:00
Andrew Tridgell
6a36799d30
s4-messaging: fixed a memory leak in messaging_path()
...
It is a bit convoluted to fix, as cluster_id_string() may return a
const string.
2010-01-09 10:15:12 +11:00
Andrew Tridgell
196cb6b359
s4-drs: fixed usage of ldb_dn_new()
2010-01-09 10:15:12 +11:00
Andrew Tridgell
39a4e2a38d
s4-ldb: validate the type of the ldb argument to ldb_dn_new()
...
It has been a common bug to get the first two arguments the wrong way
around
2010-01-09 10:15:12 +11:00
Simo Sorce
7eee8e053b
Fix comment
2010-01-08 17:01:02 -05:00
Matthias Dieter Wallnöfer
fca0c4de2a
s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
2010-01-08 18:18:21 +01:00
Andreas Schneider
0588f34467
s4-kdc: Migrate tcp connections to tsocket.
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-08 14:38:35 +01:00
Stefan Metzmacher
42c34cdafa
s4:kdc: use LIBSAMBA_TSOCKET
...
metze
2010-01-08 14:36:49 +01:00
Stefan Metzmacher
d97562b382
s4:kdc: the ->process function returns "bool"
...
metze
2010-01-08 14:36:49 +01:00
Stefan Metzmacher
bbaec01b37
libcli/util: add tstream_read_pdu_blob_send/recv
...
This will take the some full_request callback function
as the Samba4 packet code.
metze
2010-01-08 14:36:43 +01:00
Andrew Tridgell
8d87c0a0c3
s4-drs: added two more SPNs in addentry
...
w2k8r2 wants these after a DCPROMO
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:54 +11:00
Andrew Tridgell
ad11deb9bd
s4-schema: fixes for W2K8-R2 schema
...
The schema from WSPP had a number of typos that prevented it from
working. These changes allow it to work with Samba, and allow w2k8r2
to run DCPROMO against Samba successfully
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:54 +11:00
Andrew Tridgell
ebec49965b
s4-schema: added msDS-NcType to schema container
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:53 +11:00
Andrew Tridgell
ce21151d22
s4-schema: fixed attributes of aggregate schema
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:53 +11:00
Andrew Tridgell
38909a4ae5
s4-schema: switch to W2K8-R2 schema
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:53 +11:00
Andrew Tridgell
d371b0eabe
s4-schema: added adminDisplayName and adminDescription
...
These are missing from the WSPP schemas
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 18:24:53 +11:00
Andrew Tridgell
c93a182a0d
s4-schema: added some debug for bad attributes
2010-01-08 18:24:53 +11:00
Andrew Tridgell
9d296e6776
s4-provision: added W2K8-R2 schema as provided by WSPP
2010-01-08 18:24:52 +11:00
Andrew Tridgell
5ccf8ae373
s4-samba3samtest: we need to force netbios name as well
...
needed for when run in CLIENT context
2010-01-08 13:03:08 +11:00
Andrew Tridgell
dde2b66341
s4-samba3sid: fixed error returns when res->count != 1 and oom
2010-01-08 13:03:08 +11:00
Andrew Tridgell
9aed099362
s4-samba3samtest: force workgroup so the domain is right
...
the samba3sid backend looks at lp_sam_name() which is based on the
workgroup
2010-01-08 13:03:07 +11:00
Andrew Tridgell
f68c43e803
s4-samba3sid: the sambaNextRid attribute is actually the previous RID
...
Not well named .... though same mistake that MS made with rIDNextRid
2010-01-08 13:03:07 +11:00
Andrew Tridgell
d6f92db456
s4-samba3sam: use samba3sid module
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:07 +11:00
Andrew Tridgell
dd61336165
s4-dsdb: added a samba3sid module
...
This module allocates SIDs using the Samba3 algorithm, for use with
the samba3sam module.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:07 +11:00
Andrew Tridgell
66f161dee1
s4-acl: fixed acl.py test to use correct ldif
...
same problem as sec_descriptor.py
2010-01-08 13:03:07 +11:00
Andrew Tridgell
81c0b01585
s4-secdesc: fixed the sec_descriptor.py test
...
The test was using a "changetype: add" to try and add a member to a
group, where it should use a "changetype: modify" with a "add: member"
Also fixed the recovery when the test fails part way through (delete
the test users at the start as well as the end)
Nadya, please check!
2010-01-08 13:03:07 +11:00
Andrew Tridgell
43a815c67a
s4-samba3samtest: use system credentials for creating users
2010-01-08 13:03:07 +11:00
Andrew Tridgell
8b8bb15a54
s4-dsdb: fixed const misuse in acl module
2010-01-08 13:03:06 +11:00
Andrew Tridgell
baa8793a94
s4-dsdb: use dsdb_module_am_system() in acl module
2010-01-08 13:03:06 +11:00
Andrew Tridgell
595fad2b34
s4-dsdb: allow specification of a SID if we are system
...
needed for samba3sam test
2010-01-08 13:03:06 +11:00
Andrew Tridgell
f118f54ee7
s4-dsdb: added dsdb_module_am_system()
...
better than each module inventing their own
2010-01-08 13:03:06 +11:00
Andrew Tridgell
d22a9e5d3b
s4-dsdb: squash some unknown structure warnings
2010-01-08 13:03:06 +11:00
Andrew Tridgell
5d6032eb4b
s4-partition: fixed selection of partitions on exact match
...
When a search is on the root of a partition on the global catalog,
don't search partitions above that one.
2010-01-08 13:03:06 +11:00
Andrew Tridgell
59f314d321
s4-scripting: we need to use a base search for the NTDS GUID
...
now we have nTDSConnections structures we can get more than 1 reply
2010-01-08 13:03:06 +11:00
Stefan Metzmacher
501dd4a3b5
s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
...
metze
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-08 13:03:05 +11:00
Andrew Tridgell
278d2f75ba
s4-smbd: setup the default event contexts for other process models
2010-01-08 13:03:05 +11:00
Andrew Tridgell
5803253362
s4-drs: we need to wrap extended operations in transactions
2010-01-08 13:03:05 +11:00
Andrew Tridgell
2d10f3a841
s4-dsdb: poke the RID Manager when completely out of RIDs too
2010-01-08 13:03:05 +11:00
Andrew Tridgell
a65823e33c
s4-dsdb: ensure we will in all the attributes for RID Set
...
We need to go to the top of the module stack so that all the extra
attributes get filled in
2010-01-08 13:03:05 +11:00
Andrew Tridgell
308a4798b8
s4-dsdb: added DSDB_FLAG_TOP_MODULE
...
This is used when you want the dsdb_module_*() functions to go to the
top of the stack.
2010-01-08 13:03:05 +11:00
Andrew Tridgell
5f36f0352e
s4-dsdb: no longer need special invocationID handling for standalone servers
...
They now work the same way as a DC
2010-01-08 13:03:05 +11:00
Andrew Tridgell
a7fffe8da0
s4-provision: do a self join for all server types
...
We need a machine account so the RID allocation code can work. It
seems better to use the same code paths for a domain controller and
standalone server to avoid testing headaches with little used code.
2010-01-08 13:03:05 +11:00
Andrew Tridgell
f6cf895951
s4-schema: added generic attributeID conversion functions
...
When we get one we haven't seen before, we can work out the right type
automatically in most cases.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:04 +11:00
Andrew Tridgell
f7517e6256
s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:04 +11:00
Andrew Tridgell
cd65ce8a18
s4-schema: make ldb_val to string comparison safer with nul termination
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:04 +11:00
Kamen Mazdrashki
3352e5d7ba
s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB
...
This way we have consistent behavior when loading from DRSUAPI
and from LDB.
2010-01-08 13:03:04 +11:00
Kamen Mazdrashki
25238110df
Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
...
This reverts commit 4e8ad284f5
.
2010-01-08 13:03:04 +11:00
Kamen Mazdrashki
6247a135c6
s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
...
This way msDS-IntId should not be assigned during provisioning,
which is how Windows works
2010-01-08 13:03:04 +11:00
Andrew Tridgell
73838b353a
s4-libnet: better error messages in libnet_vampire.c
2010-01-08 13:03:04 +11:00
Kamen Mazdrashki
9871f52bd3
s4/dsdb_schema: use msDS-IntId value for attribute look-up
2010-01-08 13:03:03 +11:00
Kamen Mazdrashki
a44ae10c77
s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
2010-01-08 13:03:03 +11:00
Kamen Mazdrashki
a7b3891fb5
s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
2010-01-08 13:03:03 +11:00
Andrew Tridgell
f7756c87bb
s4-partition: don't ignore errors from other modules
...
if we get an error code from a lower module, we don't want to ignore
it just because something also succeeded
2010-01-08 13:03:03 +11:00
Andrew Tridgell
9672a3d1cc
s4-devel: a useful script to setup bin/ and st/ as tmpfs filesystems
...
this makes building and testing s4 as a developer much faster, if you
have enough memory!
2010-01-08 13:03:03 +11:00
Andrew Tridgell
1f25d0a5ad
s4-provision: re-open sam.ldb after creating the schema
...
This enables the full schema during the rest of the provision, which
means indexing is enabled (along with index error checking, such as
duplicate SIDs)
2010-01-08 13:03:03 +11:00
Andrew Tridgell
42f0bdae69
s4-provision: RID 1000 is consumed by the machine account
2010-01-08 13:03:03 +11:00
Andrew Tridgell
fdf12a607d
s4-ldb: improve error handling in indexing code
...
When we get an indexing failure we want a clear error message
2010-01-08 13:03:03 +11:00
Andrew Tridgell
c4fa4d1162
s4-dsdb: improve error messages in schema and pdc_fsmo modules
...
We want to incorporate the error messages from the modules further
down the stack.
2010-01-08 13:03:03 +11:00
Andrew Tridgell
ac5d426062
s4-drs: added some debug messages
...
It is nice to see when a RID Alloc is successful
2010-01-08 13:03:02 +11:00
Andrew Tridgell
dcbba583d9
s4-event: added s4_event_context_set_default()
...
we're still not weaned off event_context_find()
2010-01-08 13:03:02 +11:00
Andrew Tridgell
f254091957
s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOC
...
This allocates a RID pool for the client DC when we are the RID Manager
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:02 +11:00
Andrew Tridgell
b1f97b7e60
s4-dsdb: added an extended operation for allocating a new RID pool
...
This will be called by getncchanges when a client asks for a
DRSUAPI_EXOP_FSMO_RID_ALLOC operation
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:02 +11:00
Andrew Tridgell
2590b7795d
s4-repl: implement MSG_DREPL_ALLOCATE_RID
...
When the repl server gets MSG_DREPL_ALLOCATE_RID it contacts the RID
Manager to ask for another RID pool. We use a callback on completion
of the operation to make sure that we don't have two RID allocation
requests in flight at once
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:01 +11:00
Andrew Tridgell
cc7967b1c0
s4-repl: allow for callbacks when a repl operation completes
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:01 +11:00
Andrew Tridgell
7a40cacbde
s4-dsdb: the dsdb ldb modules now need messagiing
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:01 +11:00
Andrew Tridgell
dc11414f98
s4-dsdb: send a message to the drepl task when we need another RID pool
...
We send the message when the current pool is half gone. We don't wait
for a reply.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:01 +11:00
Andrew Tridgell
805ab0ef15
s4-messaging: added a new msg type MSG_DREPL_ALLOCATE_RID
...
This will be used to ask the drepl task for a new RID pool
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:01 +11:00
Andrew Tridgell
19e515aac7
s4-repl: added request for RID allocation in drepl task
...
The drepl task now checks to see if our rIDAllocationPool is
exhausted, and if it is then we queue a extended operation
DsGetNCChanges call to ask the RID Manager to give us a new allocation
pool.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
8cd2bedee7
s4-dsdb: added dsdb_find_guid_attr_by_dn()
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
37340d5a2e
s4-ridalloc: copy with missing rIDNextRid and rIDAllocationPool
...
The attributes rIDNextRid and rIDAllocationPool are not replicated, so
their initial value when we first get a RID Set from the RID Manager
is blank.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
45550f83f0
s4-dsdb: added dsdb_module_set_integer()
...
This will be used by ridalloc.c
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
c12b9ab2f2
s4-dsdb: clarify who is responsible for each attribute
...
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
dd8cb3c7ed
s4-dsdb: fixed usage of rIDAllocationPool and rIDPreviousAllocationPool
...
These are very badly named attributes! See the comments in ridalloc.c
for a explanation of what they really seem to mean
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
5136438ad6
s4-dsdb: implement refresh of RID Set pool for a local RID Manager
...
when we run out of RIDs in our RID Set pool then grab a new one from
the RID Manager object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
53d10d139e
s4-provision: don't hard wire the creation of the RID Set object
...
We now create it automatically in the samldb module when the first
user is created.
The creation of the dns user also had to move to the _modify.ldif as
it now relies on the fSMO role being setup for the RID Manager
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:03:00 +11:00
Andrew Tridgell
1053ce529d
s4-dsdb: implement creation of the RID Set object
...
when we are the RID Manager we can create our own RID Set object when
the first user is created
2010-01-08 13:02:59 +11:00
Andrew Tridgell
439ee5aaae
s4-dsdb: use dsdb_next_callback()
...
We can't just use the callers callback directly otherwise the
ldb_module_done() is never called on the parent request, as the child
request is passed to the callback.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:59 +11:00
Andrew Tridgell
d0bd6e7ea5
s4-dsdb: added dsdb_next_callback()
...
This should be used when you create a sub request and just want the
parent requests callback to be called when done.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:59 +11:00
Andrew Tridgell
e6f14ac2c4
s4-dsdb: added dsdb_module_constrainted_update_integer()
...
This provides a convenient way to update a integer attribute with a
constrained delete/add
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:59 +11:00
Andrew Tridgell
f24011059b
s4-dsdb: added dsdb_module_reference_dn()
...
This adds a module callable version of samdb_reference_dn(), which
finds a DN via a reference link
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:59 +11:00
Andrew Tridgell
f137f93e09
s4-dsdb: added dsdb_module_add()
...
added a ldb add function for modules
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:59 +11:00
Andrew Tridgell
fcfb5d7b63
s4-provision: allow provision modifies to add records
...
we need to recognise a changetype of 'add'
2010-01-08 13:02:59 +11:00
Andrew Tridgell
226460d543
s4-dsdb: move the RID allocation logic into ridalloc.c
...
This will end up having the RID Manager logic as well, so all the RID
pool allocation logic is in one spot
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:58 +11:00
Andrew Tridgell
7f90a05c66
s4-samldb: use RID Set to allocate user/group RIDs
...
This is the first step towards DRS-friendly RID allocation. We now get
the next rid from the RID Set object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:58 +11:00
Andrew Tridgell
5eb3b919c5
s4-provision: the DC object itself needs a fixed objectSID
...
We can't allocate a objectSID until we have rIDSetReferences, but that
is in the DC object, so we have to force the objectSID of the DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:58 +11:00
Andrew Tridgell
2bad107aa1
s4-dsdb: added samdb_rid_set_dn()
...
This returns the DN of our RID Set object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:58 +11:00
Andrew Tridgell
a1362492ab
s4-provision: added an initial RID Set
...
We will allocate RIDs from this set
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08 13:02:58 +11:00
Andrew Tridgell
bd6d0e9379
s4-ldb: added nice ldif display of 64 bit ranges for RIDs
2010-01-08 13:02:58 +11:00
Andrew Tridgell
fbc3a0fe62
s4-dsdb: added samdb_reference_dn()
...
This returns a 'reference' DN, which is a link to a DN, from the
specified object. It is then used by samdb_server_reference_dn() which
returns the serverReference DN, and samdb_rid_manager_dn() which
returns the rIDManagerReference DN.
2010-01-08 13:02:58 +11:00
Jelmer Vernooij
c915bd8718
linked_attributes: Fix missing dependency on util.
2010-01-08 01:31:21 +01:00
Tim Prouty
57be1d07af
s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files
2010-01-07 15:32:27 -08:00
Steven Danneman
71a40d7e2c
s4/torture: fix small bug in lock test
...
Cleanup path should unlock, not cancel existing locked range.
2010-01-06 18:48:10 -08:00
Steven Danneman
655bdb19bd
s4/torture: add more lock cancellation tests
...
* Test the SMB1 behavior when multiple lock ranges are requested, pend,
and then are cancelled. The entire LockingAndX request fails.
2010-01-06 18:48:10 -08:00
Günther Deschner
3dbe8603d9
s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.
...
This tests ChangeID consistency between spoolss_GetPrinterData,
spoolss_GetPrinterDataEx and spoolss_GetPrinter (level 0).
Guenther
2010-01-06 22:09:37 +01:00
Günther Deschner
7568f49134
s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.
...
Guenther
2010-01-06 22:09:36 +01:00
Günther Deschner
0457cf915b
s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.
...
Guenther
2010-01-06 22:09:36 +01:00
Kamen Mazdrashki
a2044b9a61
s4: Fix result check for getaddrinfo()
...
I think this completes commit 50feca550e
.
Now result should be handled correctly both for systems that
support EAI_NODATA but returns EAI_NONAME (as my Ubuntu 9.x)
and systems that doesn't support EAI_NODATA at all.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-06 14:26:32 +01:00
Matthias Dieter Wallnöfer
a08a0ffd37
s4:SAMLDB LDB module - Fix trailing whitespaces
2010-01-05 20:55:47 +01:00
Matthias Dieter Wallnöfer
77ce33c419
s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes
...
This allows a stricter check for "defaultObjectCategory" attributes which is
performed when the "relax" control isn't specified.
Additional note: As the added comment points out this isn't complete.
And I personally think that moving this at some point to the "objectclass"
module is a better idea to make this fully work (since there we have direct
access to the schema). If someone has a good idea how to do this please inform
me.
Anyway, the SAMLDB module does require some restructure since at the moment it's
very overloaded and therefore a bit a mess. In the meantime I started to work
on a new approach to realise it in a better way.
2010-01-05 20:55:47 +01:00
Matthias Dieter Wallnöfer
c051008540
s4:schema_load.c - Typo
2010-01-05 20:55:46 +01:00
Matthias Dieter Wallnöfer
bbf9885013
s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory"
2010-01-05 20:55:45 +01:00
Matthias Dieter Wallnöfer
d8ca002a8c
s4:ldap_schema.py - Move generated attributes check
...
Make more clear that they're created before the "schemaUpdateNow".
2010-01-05 20:55:32 +01:00
Jeremy Allison
2a66db8f93
Fix the merged build. Probably not strictly correct but allows us to "make test".
...
Jeremy.
2010-01-04 13:27:48 -08:00
Stefan Metzmacher
f04e10f4c0
s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req
...
metze
2010-01-04 09:36:25 +01:00
Stefan Metzmacher
a06e5cdb99
s4: Happy New Year 2010
...
metze
2010-01-04 08:42:49 +01:00
Andrew Tridgell
504754856e
s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
...
w2k8-r2 gives a "schema mismatch" error if the revision is not set to
REVISION_ADS and you replicate the ntsecuritydescriptor using DRS.
Nadya, please check this!
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02 17:28:36 +11:00