sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-04-30 18:53:31 +03:00
Code
66,200 Commits 62 Branches 1,158 Tags
Commit Graph

972 Commits

Author SHA1 Message Date
Andrew Tridgell
b9c0b59034 s4-rodc: get the domain name from the partitions DN 
don't rely on the netbios domain name being the first part of the
realm

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-09 21:39:24 +10:00
Andrew Tridgell
c44bdbc01d s4-provision: fixed error format string 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-09 21:39:24 +10:00
Andrew Tridgell
54e86d881d s4-pydsdb: expose samdb_partitions_dn() as get_partitions_dn() in python 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-09 21:39:24 +10:00
Jelmer Vernooij
0bc53f7d9f pidl: Keep only a single copy of samba.dcerpc.base.ClientConnection. 2010-09-03 02:39:38 +02:00
Andrew Tridgell
39599e949b s4-pidl: added a test for all generated rpc interfaces 
this tries to instantiate all types in all generated python RPC
interfaces, then checks that all attributes can be read, written and
compared.
 2010-09-02 13:37:07 +10:00
Andrew Tridgell
9f5dcb2235 s4-net: use CommandError() in net rodc 
this integrates better with the net command

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>
 2010-09-02 13:37:07 +10:00
Andrew Bartlett
896553a1a8 s4:provision Allow OpenLDAP backend to provision again 
OpenLDAP does not have any post-setup requirements at the moment.

Andrew Bartlett
 2010-09-02 10:40:34 +10:00
Zahari Zahariev
9aae50443d s4:provision Improved error handling in provisionbackend 
When using OpenLDAP as a backend with Samba4 we get failure during
provision and this patch will help better determining the real error.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-02 10:40:34 +10:00
Andrew Tridgell
057a47130d s4-net: fixed docstring on spn command 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-26 22:50:20 +10:00
Andrew Tridgell
d8f48c7ffc s4-net: added "net rodc preload" command 
this command will preload the credentials for an account from the full
domain controller

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-26 22:50:20 +10:00
Andrew Tridgell
da366ba221 s4-drs: split out drs utility python functions 
these will be re-used by other net commands
 2010-08-26 22:50:20 +10:00
Andrew Tridgell
502a5313c4 s4-pyrpc: convert rpc_talloc.py test to unittest framework 
This fits in better with our test framework

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>
 2010-08-26 22:50:20 +10:00
Andrew Tridgell
e69b13ccdd s4-pyrpc: added a test for talloc behaviour in pidl python code 2010-08-25 23:05:05 +10:00
Andrew Tridgell
717ee453dd s4-pyglue: added talloc_total_blocks() python call 2010-08-25 23:05:05 +10:00
Andrew Tridgell
ba5b3fb248 s4-rodc: removed python memory workaround 
we can now assign pidl generates structures directly without errors
 2010-08-25 23:05:05 +10:00
Andrew Tridgell
9218de4b74 s4-pyglue: pyglue now depends on pytalloc 2010-08-25 23:05:05 +10:00
Andrew Tridgell
956341965c s4-rodc: setup secrets database at end of RODC join 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-25 23:05:05 +10:00
Andrew Tridgell
5a367f641e s4-pyglue: added talloc_report_full() and talloc_enable_null_tracking() 
these are useful for tracking down leaks and bugs in python scripts

Pair-Programmed-With: Jelmer Vernooij <jelmer@samba.org>
 2010-08-25 23:05:05 +10:00
Andrew Tridgell
64bf637edf s4-rodc: broke up RODC join into separate functions 
this also removes some of the magic constants
 2010-08-25 08:40:05 +10:00
Andrew Tridgell
e3c0409c7a s4-rodc: added REPL_SECRET exop replication of accounts 
During a RODC join, we need to fetch the secrets for the machine
account and krbtgt account using GetNCChanges
DRSUAPI_EXOP_REPL_SECRET calls

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-25 08:40:04 +10:00
Andrew Tridgell
8438da96ba s4-dsdb: added get_attid_from_lDAPDisplayName() on samdb 
This can be used to form the partial_attribute_set list for
GetNCChanges

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-25 08:40:04 +10:00
Andrew Tridgell
495bd182f5 s4-rodc: next step in RODC join code 
a RODC net join can now replicate the schame, config and base
partitions, by calling the net.replicate*() python hooks, and driving
the GetNCChanges calls from python

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-25 08:40:04 +10:00
Andrew Tridgell
b4a048d763 s4-net: role should be case insensitive for join 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-23 15:55:39 +10:00
Andrew Tridgell
bd7f9813de s4-net: added initial implemention of RODC join 
This does the join using python code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-23 15:55:39 +10:00
Andrew Tridgell
a2cb6ef017 s4-net: moved the net join command to python 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-23 15:55:39 +10:00
Andrew Tridgell
10813bdd85 s4-python: added ndr_print() method in ndr 2010-08-23 15:55:39 +10:00
Andrew Tridgell
d7d19fdc84 s4-net: better error message on net setpassword 2010-08-22 14:57:34 +10:00
Andrew Tridgell
3d13c9e53a s4-pysamdb: fixed get_domain_sid() 
we need to actually return the SID!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Matthieu Patou
4fec72db1c s4 provision: POLICY_ACL is already an FS acl no need to translate it 2010-08-19 15:59:06 +04:00
Matthieu Patou
6e7d684462 s4 provision: Add some documentation to GPO related functions 2010-08-19 15:59:05 +04:00
Matthieu Patou
a5653bcf83 s4 upgradeprovision: add more attrbutes the ignore list 
Also format in a pretty way the int64 ranges
 2010-08-19 15:59:05 +04:00
Matthieu Patou
eaf1d050fe s4 upgradeprovision: upgrade_delta_samdb return a msg_diff of @ATTRIBUTES 
This is used by upgradeprovision to readd this delta just before loading
a merged schema
 2010-08-19 15:59:04 +04:00
Matthieu Patou
3e49b20cf0 s4 upgradeprovision: Fixes for increment_keyversion 
fix
 2010-08-19 15:59:04 +04:00
Matthieu Patou
503824b757 s4 upgradeprovision: fix a typo and pass correct parameter to increment_calculated_keyversion 2010-08-19 15:59:04 +04:00
Andrew Tridgell
82c171aa55 s4-net: use an encrypted ldap session when setting passwords 
this allows for "net setpassword -H ldap://server -Uusername%password USERNAME"
to set a password remotely on a windows DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-17 21:21:51 +10:00
Andrew Tridgell
ec3ed2898f s3-provision: cope with the policy directory already existing 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-08-17 08:44:28 +10:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion 
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-16 18:24:27 +10:00
Andrew Bartlett
299057d8d9 s4:provision Handle machine account password changes while keeping keytab 
The challenge here is to update the existing record if it already
exists, rather than deleting the old record.  This ensures that the
secrets.keytab handling code keeps the previous password in the
keytab.

Andrew Bartlett
 2010-07-15 22:08:22 +10:00
Matthieu Patou
62a32975c8 s4: Add unit test for increment_calculated_keyversion_number 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
9323901644 s4 upgradeprovision: introduce a new function to update the field use for calculating msds-keyversionnumber 
This function change the version field of the unicodePwd in the
replPropertyMetaData so that the version is equal or
superior to the reference value passed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
f97c90c9cd s4 python: Add functions to samdb to manipulate version of replPropertyMetaData attribute 
This change contains also helpers for attribute id to attribute oid
conversion and from attribute id to attribute name.
It brings also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthieu Patou
6a0856da9c s4 dsdb: Use the changereplmetadata control 
This control allow to specify the replPropertyMetaData attribute to
be specified on modify request. It can be used for very specific needs
to tweak the content of the replication data.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthieu Patou
fd2eb0dfd0 s4 provision: move update_machine_account_password to helpers 
This is to allow reuse of this function and also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Stefan Metzmacher
800c7af0c9 s4:provision: also use fixed GUID names of the default group policies for domain and domain controllers in tests 
metze
 2010-07-10 11:18:19 +02:00
Matthieu Patou
f16007430a s4 provision: use correct GUID for default policies 
The value of GUID for policy is not random for default policies, it is
described here ("How Core Group Policy Works"):
http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx
at paragraph System\Policies Container.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-07-10 11:18:18 +02:00
Matthieu Patou
cad04dabbb s4 net: Add spn module to list/add/remove spn on objects 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-07-10 11:18:17 +02:00
Matthias Dieter Wallnöfer
32a2bbb44b s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" attribute 
This does work per default on each AD-compatible DC. "userPassword" support on
Windows however has to be activated explicitly by the "dSHeuristics".
 2010-07-08 19:28:43 +02:00
Matthias Dieter Wallnöfer
c0ee606474 s4:pwsettings net utility - change also here the "minPwdAge" to be the real default 
Which is one day.
 2010-07-03 11:38:54 +02:00
Andrew Bartlett
94637e5fe4 s4:provision Add an msDS-SupportedEncryptionTypes entry to our DC 
This ensures that our DC will use all the available encyption types.

(The KDC reads this entry to determine what the server supports)

Andrew Bartlett
 2010-06-29 16:59:22 +10:00
Matthias Dieter Wallnöfer
c7b52b233e s4:provision.py - fix comment regarding DNS entries 
I think this should mean partially Samba4 specified (all beside the "dns"
account is standard)
 2010-06-26 11:11:46 +02:00