sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
Code
64,308 Commits 60 Branches 1,144 Tags 452 MiB
a27bd84bf8
Commit Graph

23561 Commits

Author SHA1 Message Date
Jelmer Vernooij
0802f354ea smbtorture: Fix loading of --load-list. 2010-06-25 11:32:59 +02:00
Matthias Dieter Wallnöfer
408a3aa308 s4:lib/registry/ldb.c - cosmetic - fix comment 2010-06-25 08:48:31 +02:00
Matthias Dieter Wallnöfer
14386e6ec5 s4:lib/registry/ldb.c - cosmetic - wrap lines 2010-06-25 08:48:08 +02:00
Michael Wood
92cfc63287 s4 upgradeprovision: Try to support older Pythons. 
Use "...".split(sep, 1) instead of "...".partition(sep).

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-25 08:46:13 +02:00
Kamen Mazdrashki
163ed44903 s4/drs: DsReplicaSync should search partition to Sync 
by any valid DSName attribute given, be it - partition DN,
partition GUID or partition SID
 2010-06-25 04:51:59 +03:00
Kamen Mazdrashki
e40635c48d s4/utils: fix few 'net drs replicate' error messages 
mainly for the output to be more informative
 2010-06-25 04:51:58 +03:00
Kamen Mazdrashki
0dd6a759ed s4/drs-test: Tests Deleted objects replication 
Tests how deleted objects are replicated between two DCs.
Currently the test exploits following vulnerabilities:
 - DsReplicaSync is not correctly implemented
 - a 'deleted object' is restored (kind of) in case DC1 replicates
   from DC2 before the 'deleted object' is replicated
 2010-06-25 04:51:58 +03:00
Jelmer Vernooij
e0aa54d0ed selftest: Store the output of the last test run in st/subunit. 
If a testrepository repository is present, add the test output when it
has completed.
 2010-06-25 01:21:14 +02:00
Aravind Srinivasan
7e49a58ab9 s4 torture: Warn on NOT_IMPLEMENTED in addition to NOT_SUPPORTED for RAW-QFILEINFO 
Signed-off-by: Tim Prouty <tprouty@samba.org>
 2010-06-24 08:22:25 -07:00
Matthias Dieter Wallnöfer
8ad01613f6 Revert "s4:provision.ldif - fix the number of available RIDs" 
This reverts commit 41cdcd54b7.

As per request of metze revert this (cause written on the mailing list).
 2010-06-24 15:13:40 +02:00
Matthias Dieter Wallnöfer
0f45536279 s4:auth/gensec/gensec_gssapi.c - reorder constructor 
To have the same order as in the structure definition.
 2010-06-24 15:13:40 +02:00
Andrew Tridgell
0be1820718 s4-ldb: use CHECK_XSLTPROC_MANPAGES() 2010-06-24 18:46:57 +10:00
Andrew Tridgell
4cb423f527 s4-python: python is not always in /usr/bin 
Using "#!/usr/bin/env python" is more portable. It still isn't ideal
though, as we should really use the python path found at configure
time. We do that in many places already, but some don't.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-06-24 18:46:57 +10:00
Matthias Dieter Wallnöfer
41cdcd54b7 s4:provision.ldif - fix the number of available RIDs 
There should be 4611686014132422209 and not 4611686014132422109.
 2010-06-24 10:04:53 +02:00
Matthias Dieter Wallnöfer
fec489bd87 s4:provision.ldif - this Win2003 revision level seems always to be "9" on Windows Server 2008 machines 2010-06-24 10:04:53 +02:00
Matthias Dieter Wallnöfer
64e19ef9fb s4:provision_users.ldif - change a group description to be correct 2010-06-24 10:04:52 +02:00
Matthias Dieter Wallnöfer
560620a53d s4:upgradeprovision - fix include order for "ldb" 
Patch originally posted on the list by Matthieu Patou.
 2010-06-24 10:04:52 +02:00
Endi S. Dewata
e228b67e56 s4/ldb: ldb_msg_el_map_remote() should rename the remote attribute names into local names as defined in simple_ldap_map.c. 2010-06-24 10:04:51 +02:00
Matthias Dieter Wallnöfer
e88f37daa0 s4:setup/provision.reg - raise version to Windows Server 2008 R2 2010-06-24 10:04:50 +02:00
Matthias Dieter Wallnöfer
b172b7f467 s4:libnet_join.c - always use LDB constants 2010-06-24 10:04:48 +02:00
Günther Deschner
ba40f38281 s4-smbtorture: test more valid key names in RPC-WINREG. 
Guenther
 2010-06-23 15:35:41 +02:00
Günther Deschner
2dc50ec44c s4-smbtorture: more work on test values WINREG test. 
Guenther
 2010-06-23 15:35:41 +02:00
Lukasz Zalewski
740c97b513 Fix to undo nasty hack for for grouptype conversion 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-23 14:49:02 +02:00
Jelmer Vernooij
c5d07d2a1a Per Andrews request, revert 
"heimdal/waf: Initial work on making it possible to use the system"
as the hdb_check_s4u2self function handling is incorrect.

This reverts commit b099631f42.
 2010-06-23 14:49:02 +02:00
Günther Deschner
714c926cf0 s4-smbtorture: add test for different winreg SetValue value names. 
Guenther
 2010-06-23 12:16:12 +02:00
Andrew Bartlett
ff5ace20a2 s4:selftest Fix up netbios names for rpc_echo test 2010-06-23 20:10:12 +10:00
Andrew Bartlett
1acd49c524 s4:selftest Add 2003 and 2008R2 test environments and tests 
These tests were chosen particularly because they are known to test things
that vary across the functional levels.

Andrew Bartlett
 2010-06-23 20:10:08 +10:00
Andrew Bartlett
86ed5eb892 s4:net Remove warnings for 2000 native mode and Samba4. 
We now support 2000 native mode, and so we just need to warn about mixed mode.

Andrew Bartlett
 2010-06-23 20:10:07 +10:00
Andrew Bartlett
d0f52ddac2 s4:provision Raise default max functional level to 2008R2 
We don't support many of the extra features, but that applies across many
other parts of AD.  Allow the admin to join a 2008R2 domain if he or she wants.

This also makes it possible to test 2008R2 domain code in 'make test'

Andrew Bartlett
 2010-06-23 20:10:06 +10:00
Andrew Bartlett
b26125b7d3 s4:provision Remove am_rodc from Schema 
The SamDB created in the schema code isn't real enough to care if it's an
rodc or not.
 2010-06-23 20:10:05 +10:00
Andrew Bartlett
ebc2da10cd s4:libnet When joining a domain, update msDS-SupportedEncryptionTypes 
We need this for our DC to have clients use AES keys to us
 2010-06-23 20:10:04 +10:00
Andrew Bartlett
c4482bf53e libds:common Remove DS_DC_* domain functionality flags 
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other.  Just make them one set.

Andrew Bartlett
 2010-06-23 20:10:03 +10:00
Andrew Bartlett
80701e5f29 s4:kdc Use msDS-SupportedEncTypes in our KDC 
We need to honour this, otherwise we will send AES-encrypted tickets
to unprepared Kerberos targets.

Andrew Bartlett
 2010-06-23 20:10:01 +10:00
Günther Deschner
7f8b3a26ec s4-smbtorture: Fix test_SetPrinterDataEx_keys and test_SetPrinterDataEx_values. 
We want to continue, not to skip here.

Guenther
 2010-06-23 10:48:18 +02:00
Matthias Dieter Wallnöfer
26a95463a6 s4:operational LDB module - fix a misleading comment 2010-06-23 09:53:23 +02:00
Matthias Dieter Wallnöfer
eff7d2db31 s4:samr RPC server - make use of LDB constants in macros 2010-06-22 22:21:12 +02:00
Matthias Dieter Wallnöfer
0e637be43b s4:password_hash LDB module - fix another problem regarding the lanman hash 
When a user only provides only the lanman hash (and nothing else) and the
lanman authentication is deactivated then we end in an account with no
password attribute at all! Lock this down.
 2010-06-22 22:21:04 +02:00
Günther Deschner
1e897f6561 s4-smbtorture: add "printerdata_values" test to RPC-SPOOLSS-PRINTER. 
Guenther
 2010-06-22 15:57:18 +02:00
Günther Deschner
13ede2bf7a s4-smbtorture: also test keynames with '/' in it in SetPrinterDataEx keyname tests. 
Guenther
 2010-06-22 15:57:12 +02:00
Günther Deschner
e439b6cb8c s4-smbtorture: activate all keys in SetPrinterData keys test. 
(just skip some of them still against s3).

Guenther
 2010-06-22 15:57:06 +02:00
Günther Deschner
c31ffaf587 s4-smbtorture: split out a "printerdata_keys" test for RPC-SPOOLSS-PRINTER. 
This separates key and value tests for SetPrinterDataEx and GetPrinterDataEx
(and also speeds up the whole testsuite).

Guenther
 2010-06-22 15:57:00 +02:00
Kamen Mazdrashki
efe65cd7b7 s4/dsdb-test: fix usage comment 2010-06-22 04:50:19 +03:00
Kamen Mazdrashki
acebfcb938 s4/test: fix DC password in selftest-vars.sh 2010-06-22 04:50:19 +03:00
Aravind Srinivasan
c668b21cd6 s4 torture: RAW-SFILEINFO display warning instead of error on unsupported info level 
Also add a test to make sure setting the directory attribute is
disallowed.

Signed-off-by: Tim Prouty <tprouty@samba.org>
 2010-06-21 17:08:41 -07:00
James Peach
f5709975c1 smbtorture: Fix missing includes. 2010-06-21 14:12:58 -07:00
Matthieu Patou
32f82fbec0 s4 upgradeprovision: fix the logging stuff so that it actually log 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-21 23:11:50 +02:00
James Peach
6227eac607 smbtorture: Fixx off-by-one command line parsing. 
If we are not in shell mode we require both the target and test name
arguments. Make sure we process these from the correct index.
 2010-06-21 11:09:45 -07:00
James Peach
0fc18ead76 smbtorture: Add "target" command to interactive shell. 
Add a "target" command to set the target server to test. Refactor
the command line argument processing a little so that you can run
--shell without any additional arguments.
 2010-06-21 08:58:10 -07:00
James Peach
7a25e2efe9 smbtorture: Enhance shell "help" command. 
Sort the command list alphabetically. Let the help command print
usage info for other commands.
 2010-06-21 08:58:10 -07:00
James Peach
bf35aa8603 smbtorture: Add "auth" command to the shell. 
Add a new "auth" command to set the cmdline credentials from withing
the smbtorture shell.
 2010-06-21 08:58:10 -07:00
James Peach
3f398ec36d smbtorture: Refactor interactive shell into independent commands. 
Refactor the smbtorture interactive shell into a set of independent
command callbacks to make it easier to add more independent commands.
 2010-06-21 08:58:10 -07:00
James Peach
9f69790355 smbtorture: Move interactive shell into a separate file. 2010-06-21 08:58:10 -07:00
James Peach
a5e14bded4 smbtorture: Print global options for interactive "list" command. 2010-06-21 08:58:10 -07:00
James Peach
12e15b0ac8 smbtorture: Add history support to shell mode. 2010-06-21 08:58:10 -07:00
James Peach
6f96293406 smbtorture: Add list command to smbtorture shell. 2010-06-21 08:58:10 -07:00
Matthias Dieter Wallnöfer
c38f94ed9b s4:dsdb_load_partition_usn - free the right memory context (tmp_ctx) 2010-06-21 11:10:02 +02:00
Kamen Mazdrashki
3aa8853f58 s4/dsdb: msg_idx->dn should be allocated in msg_idx mem context 2010-06-21 02:57:56 +03:00
Kamen Mazdrashki
cc7e2c10f2 s4/dsdb: Move schema accessors cleanup in separate function 
This way dsdb_setup_sorted_accessors() will
free memory allocated for accessor arrays correctly
in case of failure,
 2010-06-21 02:57:56 +03:00
Kamen Mazdrashki
267645ca55 s4/dsdb-schema: Index attributes on msDS-IntId value 
O(n) search for dsdb_attribute by msDS-IntId value was
replaced by binary-search in ordered index.

I've choosen the approach of separate index on msDS-IntId values
as I think it is more clear what we are searching for.
And it should little bit faster as we can clearly determine
in which index to perform the search based on ATTID value -
ATTIDs based on prefixMap and ATTIDs based on msDS-IntId
are in separate ranges.

Other way to implement this index was to merge msDS-IntId values
in attributeID_id index.
This led me to a shorted but not so obvious implementation.
 2010-06-21 02:57:55 +03:00
Matthias Dieter Wallnöfer
ecbe9a74c6 s4:kdc/db-glue.c - remove unreachable code 
Would be nice if someone could check if this fits.
 2010-06-20 22:33:03 +02:00
Matthias Dieter Wallnöfer
05f31c3f6d s4:registry/regf.c - add some casts to suppress build warnings on Solaris 2010-06-20 22:33:02 +02:00
Matthias Dieter Wallnöfer
2adfe47303 s4:registry/rpc.c - fix Solaris warnings by casts 2010-06-20 22:33:02 +02:00
Matthias Dieter Wallnöfer
2f49c8f58e s4:samr RPC server - fix Solaris build warning 2010-06-20 22:33:01 +02:00
Matthias Dieter Wallnöfer
871cdec414 s4:registry RPC server - quite some build warnings on Solaris 2010-06-20 22:33:01 +02:00
Matthias Dieter Wallnöfer
82fd483758 s4:lsa_lookup.c - fix type argument 2010-06-20 22:33:00 +02:00
Matthias Dieter Wallnöfer
0bf26edf6c s4:rpc_server/service_rpc.c - fix warnings on Solaris 2010-06-20 22:32:59 +02:00
Matthias Dieter Wallnöfer
c972e6ec23 s4:rpc_server/service_rpc.c - deactivate the 0-length struct 
This should fix the build on Solaris
 2010-06-20 22:32:59 +02:00
Matthias Dieter Wallnöfer
58715dd365 s4:libpolicy - fix printf output specifiers to suppress warning 2010-06-20 20:34:48 +02:00
Matthias Dieter Wallnöfer
26bcbf6e35 s4:libpolicy - Solaris compatibility fix 2010-06-20 20:25:00 +02:00
Matthias Dieter Wallnöfer
91c49c2fb2 s4:ldap.py - test subtree deletes through a new testcase 2010-06-20 18:52:31 +02:00
Matthias Dieter Wallnöfer
449370db54 s4:ldap_backend.c - now also the LDAP server supports controls on delete operations 2010-06-20 18:52:31 +02:00
Matthias Dieter Wallnöfer
9803c89ee2 s4:ldap_backend.c - move function "ldb_mod_req_with_controls" to a better place in the code 
Under the "add" and over the "delete" function.
 2010-06-20 18:52:30 +02:00
Matthias Dieter Wallnöfer
fbd0902958 s4:subtree_delete LDB module - now do support tree delete operations 2010-06-20 18:52:30 +02:00
Matthias Dieter Wallnöfer
87d0f63632 s4:dsdb - add a new dsdb delete function which understands the tree delete control 2010-06-20 18:52:29 +02:00
Matthias Dieter Wallnöfer
ad5e19f29e ldb:controls - add the "TREE_DELETE" control for allowing subtree deletes 2010-06-20 18:52:29 +02:00
Matthias Dieter Wallnöfer
065579b4c6 ldb:ldb.h - add classifications to the control declarations 
This makes it easier to understand which standard specifies which control.
 2010-06-20 18:52:28 +02:00
Matthias Dieter Wallnöfer
e062e7300b s4:python LDB __init__.py - remove completely unused "erase_partitions" call 
Seems to be a relict from the past.
 2010-06-20 18:52:28 +02:00
Matthias Dieter Wallnöfer
2fb715b484 s4:samldb LDB module - remove "samldb_set_defaultObjectCategory" 
As far as I can tell and the test show the DN gets now normalised automatically
when stored into the database.

Anyway, if we find a case where this doesn't happen then I propose to do it
centrally for all DN attributes in common since we should get away from special
attribute hacks as far as possible.
 2010-06-20 18:52:27 +02:00
Matthias Dieter Wallnöfer
c8d2c5fff0 s4:ldap_backend.c - add some newlines to make logs easier to read 2010-06-20 18:52:27 +02:00
Matthias Dieter Wallnöfer
d7ad7eed24 ldb:pyldb.c - introduce a "mem_ctx" also on "py_ldb_search" 
To prevent memory leaks
 2010-06-20 18:52:27 +02:00
Matthias Dieter Wallnöfer
00bf608481 ldb:pyldb.c - some cleanups and adequations also in "py_ldb_modify" and "py_ldb_rename" 
To make them consistent.
 2010-06-20 18:52:26 +02:00
Matthias Dieter Wallnöfer
4cc49d365f s4:ldap_controls.c - remove encoding functions for private recalculate SD control 2010-06-20 18:52:26 +02:00
Jelmer Vernooij
0714e23971 provision: Look for Samba prefix a bit harder. 2010-06-20 17:46:39 +02:00
Stefan Metzmacher
a87561613a Revert "s4:ldb-samba: fix the build without a system ldb" 
This reverts commit 44c01a5eb4.

This caused problems when using a system ldb and as we don't
do ABI checks for ldb-samba4 any more, we don't need this change.

metze

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:42:22 +02:00
Stefan Metzmacher
e812832db3 s4:ldb: only do ABI checking for the standalone build for now 
Otherwise we fail to build samba4 with a system ldb.

metze

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:42:22 +02:00
Jelmer Vernooij
52307a11e1 libpolicy: Fix the build. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:13 +02:00
Wilco Baan Hofman
e18a172207 Add preliminary support for storing changed Group Policies. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:13 +02:00
Wilco Baan Hofman
04133225c1 Refactor policy filesystem code. 
* It now uses reusable code to download the GPT.
 * It creates a list before copying for better error handling.
 * String_replace is now used instead of manually replacing '\\' with '/'
   for local paths.
 * A security check has been added for file names with "../".
 * It adheres to the 80 column rule, if at all possible.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:13 +02:00
Wilco Baan Hofman
b9b85d6b0e Fix memory allocation with error handling. 
Also moved pypolicy.c headers around so as not to generate compile warnings

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:13 +02:00
Wilco Baan Hofman
9b5e0fe6bb Add talloc_frees in error cases in net_gpo.c 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:13 +02:00
Wilco Baan Hofman
c09922cfae Code cleanups: GUID generation, lp_dnsdomain instead of lp_realm, missing spaces. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
5c2c8dfc5a Set inherit flag type to bool. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
d61f0240ee Fix 'magic' numbers to be strlen(something) 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
e86ef688ee Change talloc_steal to strdup because function might not expect it. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
674d559f37 Add GP ini functions. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
3fe793fce7 Remove iconv convenience in used functions, which were deleted in commit f9ca9e46ad 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
e1f22174e1 Fix net gpo list to use the dsdb with extended DN's. Fixes memberOf group memberships. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
3895b8fbf8 Revert "Add old functionality back which was removed in commit 589a42e2." 
This reverts commit 94e3b4a0d8b714c101803886d60ae6c484740d2f.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
8f74ee01d9 Add ini parser for GPO's. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
c36bd5de6a Add net gpo setacl support. Create gp_set_acl function. Show ACL in net gpo show. 
Cleanup memory allocation of gp_create_gpo

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
5434171296 Fix set GPT security descriptor to match windows' behaviour. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
31aeddfa43 Fix crash when get_gpo_info returns incorrect data. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:12 +02:00
Wilco Baan Hofman
299531ce32 Add preliminary NT ACL support for GPT (GPO on filesystem). 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Jelmer Vernooij
60bc5fe0ed samba4: Add python bindings for samba.policy.get_gplink_options. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Jelmer Vernooij
381e824658 policy: Add samba.policy.get_gpo_flags binding. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
41fae89daf Add gpo create functionality. Also fix gPLink handling bugs 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
32ee6f8cfd Fix mode_t in mkdir. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
2941d2ebc3 Finish net gpo fetch function. Reorder arguments to make them more understandable. Rename getgpo to show. 
This makes the net gpo break for it's samba 3 origins, but makes the syntax more intuitive.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
2b761c3def Optimize the backslash logic in the path traversal. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
f24f472d44 Fix error in logic, making recursion work past the first level. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
3b11a53304 Add fetch function for GPO which fetches all relevant files from the sysvol share. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
698144851a Add getinheritance and setinheritance to net gpo util and library. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
a4cb72790c Implemented delete group policy link function and corresponding feature in net gpo. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
f0353fddde Changed add_gplink to set_gplink, so we can change gPLink options as well. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:11 +02:00
Wilco Baan Hofman
40d7181507 Add add gPLink function and corresponding net gpo linkadd call. 
Also added some definitions for future functions in policy.h

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
a1fceac844 Rename files to reflect the libpolicy naming convention. Also fix the GNU make build. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
b025715419 Rename libgpo to lib/policy to avoid confusion with samba3 and add waf build 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
626db5c3b5 Add old functionality back which was removed in commit 589a42e2. 
Andrew, please review!

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
08a7bb4abc Add gpo list function for listing applicable GPO's for users/machines. 
Implements:
 * Hierarchical listing through all parent containers
 * security ACL checking on the GPO
 * User/computer disabled flags on the GPO
 * gPLink disabled
 * gPLink enforced
 * Block inheritance on the container

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
6478a1edb7 Add gPLink and getgpo functionality to net gpo. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Wilco Baan Hofman
8d5f8f577f Created net gpo and new libgpo for samba 4. This adds the init function which finds a DC and connects to its LDAP. It also can return information on all group policy objects on a DC. 
Aborted earlier attempt at reconciliation with samba 3.
Did not work out due to lack of ldb support in samba 3, also the
different registry libraries and different libnet did not help..

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 17:19:10 +02:00
Jelmer Vernooij
9e02764f7c pydsdb: Mark all SamDB and Schema methods that are in pydsdb as 
private, to discourage them being called directly.
 2010-06-20 15:22:49 +02:00
Jelmer Vernooij
7b32f65600 testparm: Check netbios name and workgroup characters and length. 2010-06-20 15:04:42 +02:00
Jelmer Vernooij
5f3d5a3ad8 provision: Properly cancel transactions on the secrets ldb. 2010-06-20 14:24:54 +02:00
Jelmer Vernooij
237ab66f6c selftest: Use scripted testparm. 2010-06-20 14:14:47 +02:00
Jelmer Vernooij
7a064b9960 pyparam: Support Loadparm.get(p, "global") 2010-06-20 14:14:01 +02:00
Jelmer Vernooij
a2540fb3cb ldb: Add ABI file for use when including ildap in the build. 2010-06-20 13:54:51 +02:00
Jelmer Vernooij
08a3e8b9f4 testparm: Simplify default option handling. 2010-06-20 13:51:39 +02:00
Jelmer Vernooij
338315f4d7 pyparam: Allow specifying None as section name to LoadparmContext.get() 
to mean default section.
 2010-06-20 13:51:14 +02:00
Jelmer Vernooij
f0ab4503d6 testparm: Fix suppress prompt option. 2010-06-20 13:47:36 +02:00
Jelmer Vernooij
c0e9a41f67 testparm: Fix exit value, install. 2010-06-20 13:41:38 +02:00
Jelmer Vernooij
de3f9e31d3 s4-python: Add LoadparmService.dump() 2010-06-20 13:40:49 +02:00
Jelmer Vernooij
74c66c9a3f s4-python: Implement LoadParm.dump(). 2010-06-20 13:29:35 +02:00
Jelmer Vernooij
f051a8557f testparm: Split up functions that do multiple things. 2010-06-20 13:22:26 +02:00
Jelmer Vernooij
0a07b8ebfe testparm: Convert to Python. 2010-06-20 13:16:30 +02:00
Jelmer Vernooij
8f383fc5c8 s4-python: Remove more unused imports, fix use of sets in upgradehelpers. 2010-06-20 13:15:09 +02:00
Jelmer Vernooij
1e35ec43f2 setnttoken: Remove empty utility. 2010-06-20 12:19:08 +02:00
Jelmer Vernooij
3795358aca Use standard Python syntax, booleans and set()'s where appropriate. 2010-06-20 12:06:50 +02:00
Jelmer Vernooij
66e27e5214 Remove unnecessary use of transactions. 2010-06-20 11:59:49 +02:00
Jelmer Vernooij
9bcd0daba2 ldb: Change LDBSAMBA back to subsystem, update comments, use different 
ABI file based on whether ldb_ildap is included.
 2010-06-20 11:49:08 +02:00
Stefan Metzmacher
44c01a5eb4 s4:ldb-samba: fix the build without a system ldb 
metze
 2010-06-20 11:33:43 +02:00
Jelmer Vernooij
1f07f53827 ldb: Remove last import of dsdb. 2010-06-20 02:46:57 +02:00
Jelmer Vernooij
94e06fe203 Some more formatting fixes, move schema related functions from Ldb to Schema. 2010-06-20 02:46:57 +02:00
Jelmer Vernooij
d3d7ff66d4 Move convert_to_openldap onto Schema class. 2010-06-20 02:46:56 +02:00
Jelmer Vernooij
afad634207 Formatting cleanups; use True/False for booleans, unnecessary backslashes, spacing. 2010-06-20 01:57:11 +02:00
Jelmer Vernooij
a5e8ef884b Move a few more samdb-specific methods to SamDB, away from Ldb. 2010-06-20 01:37:06 +02:00
Jelmer Vernooij
1d86414eb0 samdb: Fix formatting, move get_oid_from_attid from Ldb to SamDB. 2010-06-20 01:30:51 +02:00
Jelmer Vernooij
b48182007c s4-python: Remove trivial function, replace by dictionary. 2010-06-20 01:30:51 +02:00
Lukasz Zalewski
e55c012acc make test modules for net group set of commands and modification to the newuser to include additional parameters 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Lukasz Zalewski
214133fbec Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Lukasz Zalewski
c58c0c2129 Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Matthieu Patou
38a26f79ea s4 upgradeprovision: Make grouped commit / rollback more resistant to unexpected problems 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
c4f7b0e5f6 s4 upgradeprovision: Check that the policy for DC is present if not warn the user 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
aea0003d08 s4 upgradeprovision: Emit message instead of crashing when not able to set acl 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
17af115de5 s4 upgradeprovision: add an option to force the rebuilding of FS ACLs on sysvols share 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
59f17f9e64 s4 unittests: add unit tests for upgradehelpers 
The functions tested are:
* construct_existor_expr
* search_constructed_attrs_stored

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
75389cecdd s4 upgradeprovision: Add function for searching stored constructed attributes 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
f3e7d0ae8f s4: Using control bypassoperational allow the logic of this module to be bypassed for some given attributes 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
3ebe560622 ldb: add a new control bypassioperationnal 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
9c5f0ed729 s4 upgradeprovision: additional restyling 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
423f99172e s4 upgradeprovision: Restyle imports 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
fbeacc1013 s4 upgradeprovision: Move functions to helpers and improve code 
Among code improvement the most significant part is that we now
compare DN object instead of their string representation. It allow
 to better react to case an white space difference.
Some new move objects have been added (ie. System into well known
security principals).

This will allow more unittesting

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
8ff65b0136 s4 python: Update unit tests related to create secrets 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
9c808c47fc s4: Add comments about setup_secrets 
Comments are to inform people that this function should not handle
transaction within the function as it is mainly used in provision and
that we want to commit secrets only if all the action on secrets have
worked.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
84342b1c7f s4 upgradeprovision: Add documentation on the update process 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
a466e0d61a s4 python: Add unit tests for upgradeprovision related stuff 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
ad55248958 s4 upgradeprovision: move some functions to upgradehelpers for unit tests 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
0537de17c1 s4 upgradeprovision: Fix style 
reformat *_update_samdb functions
  fix_partition_sd
  rebuild_sd
  update_samdb
  update_privilege
  update_machine_account_password
  update_gpo

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
b624440a0f s4 upgradeprovision: Use replPropertyMetaData for better guess 
Rework upgradeprovision in order to get more precise updates when doing upgrade provision.
This is done through the use of replPropertyMetaData information and raw information revealed by the
"reveal" control.
The code has been changed also to avoid double free error when changing the schema (for old provision).
Checking of SD is done a bit more cleverly as we compare the different parts for an ACL separately.
Fix logic when upgrading provision without replPropertyMetaData infos
Also for old provision (pre alpha9) do not copy the usn range because data here will be wrong

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
dd963ddb4e s4 upgradeprovision: Reformat attributes lists and reformat parser 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
60400a7803 s4 upgradeprovision: Inform about new dns dynamic update if the provision didn't have it 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
26ccc3f440 s4 upgradeprovision: fix style 
add_deletedobj_containers
  add missing objects
  clean add-mising
  handle special add + dump denied

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
0ff46ec557 s4 upgrade provision: Refactor code to do all the modification within 1 transaction 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
ec90b1b40e s4 upgrade provision: Fix style in gen_dn_index 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
50072e27fe s4 Add functions related to ldb manipulation when doing upgrade 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
e2df3c2510 s4 provision: Add information about provisioned usn range in sam.ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Jelmer Vernooij
c92db7b6dc python: Use samba.tests.TestCase, make sure base class tearDown and 
setUp methods are called, fix formatting.
 2010-06-19 22:46:45 +02:00
Jelmer Vernooij
105ebb3440 acl: Clean up formatting, use samba.tests.TestCase. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
5060367bf9 pyrpc: Fix reference counting when using secondary connections. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
50429fb750 samba.tests.samba3: Clean up imports, use new TestCase class. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
f57b26b6f4 ntacls: Raise TestSkipped rather than writing to stdout. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
96f120e234 python/passwords: Clean up imports. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
026a4d85a1 samba.tests: Provide TestCase and TestSkipped classes (from testtools) for convenience. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
2b7b69544c dsdb_schema_info: Clean up imports, avoid using rpc test case for 
non-RPC tests.
 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
c2cb0a710b python: Remove unnecessary Ldb.set_invocation_id - use SamDB.set_invocation_id instead. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
827ce7b0a3 pyglue: Trim dependencies. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
27d82685da pyglue: Remove unused code. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
74309eb29c pydsdb: Move write_prefixes_from_schema_to_ldb to pydsdb from pyglue. 2010-06-19 22:46:43 +02:00
Jelmer Vernooij
a4f60ffe4b pydsdb: Move dsdb_set_schema_from_ldb to pydsdb. 2010-06-19 22:46:43 +02:00
Jelmer Vernooij
05b108a06b pydsdb: Move set_schema_from_ldif function to pydsdb from pyglue. 2010-06-19 22:46:43 +02:00
Stefan Metzmacher
cadca1f6ba s4:provision: don't use hardcoded 'Default-First-Site-Name' 
metze

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-19 21:32:43 +02:00
Matthias Dieter Wallnöfer
131be8da0f s4:instancetype LDB module - "instanceType" is single-valued - MS-ADTS 3.1.1.5.2.2 2010-06-19 19:37:47 +02:00
Matthias Dieter Wallnöfer
3055ead4cf s4:torture/ldap/basic.c - add more error code/messages tests 
And now we do match at least the LDAP error code (the WERROR one does still
differ from Windows - we will see how to change that).
 2010-06-19 17:53:24 +02:00
Matthias Dieter Wallnöfer
7cbe3035d9 s4:ldap_backend.c - more customisations to match Windows Server error behaviour on renames 2010-06-19 17:53:23 +02:00
Matthias Dieter Wallnöfer
e315aceda3 ldb:ldb_dn.c - don't support "ldb_dn_add_child" on a "" parent DN 
It's meaningless and could end in DNs as "cn=child,".
 2010-06-19 17:53:23 +02:00
Matthias Dieter Wallnöfer
bce8017ca9 s4:python/samba/__init__.py - now specify the "relax" control for the delete operation before the provision 2010-06-19 17:53:22 +02:00
Matthias Dieter Wallnöfer
c0538a006d ldb:api.py - add a small test for the enhanced "py_ldb_delete" syntax 2010-06-19 17:53:21 +02:00
Matthias Dieter Wallnöfer
ca34ffaaac ldb:python bindings - some small cleanup & improvements in "py_ldb_add" 
Also to make it similar to "py_ldb_delete".
 2010-06-19 17:53:21 +02:00
Matthias Dieter Wallnöfer
2aeea4bb4d ldb:python bindings - let also "py_ldb_delete" support controls 2010-06-19 17:53:20 +02:00
Matthias Dieter Wallnöfer
d16697df49 s4:objectclass LDB module - disable delete operations when "SYSTEM_FLAG_DISALLOW_DELETE" is specified 2010-06-19 17:53:19 +02:00