IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The total_object_count member of DsGetNCChangesCtr[1|6] was wrong
it's the error code of an extended operation.
DsGetNCChangesCtr6 has a nc_object_count value which contains
the estimated amount of objects in the naming_context.
W2k seems to have a bug and sends this number of objects
in the extended_ret field. Maybe it's just a bug and
not a feature:-)
metze
(This used to be commit 67931092128ce89aadf689a54e20d6e4a9d7fe2c)
With NTLMSSP we just get strange responses with a random object count
and a NULL object list. On the domain partition where we try to replicate
the password fields.
metze
(This used to be commit ce12a9105113ad7cff96b7d553a8d69901c56de7)
This helps us see the real groupings in the generated memberOf
handling.
Andrew Bartlett
(This used to be commit ec70ebb8310e563324233662f8e779c55fb87514)
The MS-SMB document explains that some of these options should be
ignored. The test proves it.
/* Must be ignored by the server, per MS-SMB 2.2.8 */
/* Must be ignored by the server, per MS-SMB 2.2.8 */
If we implement HSM in samba4 (likely) we should honour this bit.
/* Don't pull this file off tape in a HSM system */
Andrew Bartlett
(This used to be commit 502739ff90d56d2c9aabe8e224317f6ceb175c17)
We just open it to figure out if we need to be a Global Catalog server.
Andrew Bartlett
(This used to be commit f13572d9e9f1962b637cbd573588184d1459d252)
Fedora DS is still setup for simple binds only, at this point.
(it also fails on other issues).
Andrew Bartlett
(This used to be commit b24c572d5a38c1f6906751c2ad2f809e1995b510)
This reworks our LDAP backend code to move from anonymous access to a
shared-secret SASL-protected connection. (SASL selects NTLM or
DIGEST-MD5 on my system).
To get this working, we must pre-populate the LDAP backend with a DN
to store ths SASL secret on, and we use back-ldif for this.
This gives us a reasonable basis to deploy a replicated OpenLDAP
backend solution.
Andrew Bartlett
(This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa)
With these changes, we don't leak the LDAP socket, and don't reset all
credentials feature flags, just the ones we are actually incompatible
with.
Andrew Bartlett
(This used to be commit 72e52a301102941c41ab423e0212fe9a1aed0405)
This makes Samba4 behave much like Samba3 did, and use a single set of
administrative credentials for it's connection to LDAP.
Andrew Bartlett
(This used to be commit e396a59788d77aa2fbf3b523c3773fe0e5c976c0)
This includes a simple bind DN, or SASL credentials.
The error messages are reworked as on systems without an LDAP backend,
we will fail to find this record very often.
Andrew Bartlett
(This used to be commit 95825ae6d5e9d9846f3a7505a81ebe603826227e)
We don't really care (because nobody uses them) what we send as the
domain and workstation in the negotiate packet.
Andrew Bartlett
(This used to be commit 9ac07e14873df2c18d0e9501691c2d4c4047e218)
This attribute is used in a very similar way (virtual attribute
updating the password) in AD on Win2003, so eliminate the difference.
This should not cause a problem for on-disk passwords, as by default
we do not store the plaintext at all.
Andrew Bartlett
(This used to be commit 1cf0d751493b709ef6b2234ec8847a7499f48ab3)
Instead of extensibleObject, we use the new (more correct) ad2oLschema
tool, and a new objectClass called 'samba4Top', which we add and
remove in the same way we did extensibleObject.
Andrew Bartlett
(This used to be commit 5ab20aa8b43415751f77602fff3a3008bf2186db)
This will allow the kludge_acl and schema code to leverage the same
work. (We might even get schema validation soon! :-)
Andrew Bartlett
(This used to be commit cecd04ce1f8ce2af2fb654b3abc1499092405d60)
that can store a timestamp along with the SD. Allows
us to check for validity against the POSIX st_ctime.
Keeps the IDL consistent with Samba3.3 IDL.
Jeremy.
(This used to be commit 29843a6b339a581de714924219632390b156aa4f)
This reverts commit fafb8ad2b81b9a46cf8259bedc1dca5023b06115.
This fix is not valid:
1. convert_string() is not only used for key strings but also for data.
2. Some databases use string_tdb_data() i.e. non-null-terminated strings
as keynames and others (like the one I was using), use
string_term_tdb_data(), i.e. zero-terminated key strings.
After discussion with Metze, the easiest (and proper way) to
handle this is to specify key names as "keyname\0" for databases
which use string_term_tdb_data().
Sorry for the noise...
Michael
(This used to be commit 17c012c4645f4e9542537c15f80d9b4e74304d11)
This prevented all commands operating on keys (all non-traverse commands)
in tdbtool to fail with a "fetch failed" or "delete failed" message.
It seems that it fixes bug #2344 ...
Apparently this bug was introduced with 94e53472666ed in 2005.
Either nobody is using tdbtool or else tdb_find() has become
more strict about the key legth in the meantime. :-)
Michael
(This used to be commit fafb8ad2b81b9a46cf8259bedc1dca5023b06115)
