IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- I added a comment to the "new user" operation to point out that this works
only on s4, since we add also ID mapping entries for winbind there
- The "new user" operation adds now the password through the "set password"
operation which I find better due to the re-use principle
- Remove the word "DC" after "SAMBA 4" in the comment over the "set password"
operation since this note and operation applies also to s4 in standalone mode
We were creating the name resolution context as a child of lp_ctx,
which meant when we gave up on a connection the timer on name
resolution kept running, and when it timed out the callback crashed as
the socket was already removed.
With a w2k8-R2 DC, we sometimes get linked attribute updates via DRS
which are duplicates of entries that we already have. We need to cope
with this by using a remove/add pair in the ldb_modify() to avoid a
"entry already exists" error
- I removed also the "-H" parameter since those scripts are all thought for the
use on a local s4 domain controller. Another reason is also the bind as SYSTEM
account which itself is only possible on local binds.
- This unified the shape of those four scripts (comments, command sequence, call
of SamDB)
- To consider the samdb.py changes regarding the filter: there is now always the
possibility either to specify the username or the search filter
- When a user account is requested by a call always the search filter will be
passed as argument. This helps us to unify the API
- Add/fix some comments; in particular new comments inform the developer which
requirements exist if he wants to use calls which manipulate the
"userPassword" attribute (On s4 no problem - but on certain domain levels on
Windows Server)
We now open a named via the named_pipe_auth
code and process IO via the tstream interface.
This means we support byte mode and message mode
named pipes.
We also correctly issue NT_STATUS_PIPE_BUSY
when a smb_trans request comes in and a read or smb_trans
is already pending.
We also have support for async dcerpc over ncacn_np now,
and we now can remove the ncacn_np specific hacks from the
rpc_server/ code.
metze
This simple script allows raising the domain and/or forest level for s4.
I integrated also the basic checks (since we don't perform them in LDB yet):
e.g. the forest level can't be higher than the domain level(s).
- The DC level we keep on Windows Server 2008 R2 (we should call ourself
always the newest server type)
- The domain/forest level we set to the minimum (Windows 2000 native) to
allow all AD DC types (from Windows 2000 on) in our domain - the NT4 "mixed"
mode isn't supported by us (discussed on mailing list) -> "nTMixedDomain" is
set always to 0
- I'll add a script which allows to bump the DC level (basically sets the
"msDS-Behaviour-Version" attributes on the "Partitions/Configuration/DC" and
on the "DC" object)
It's annoying when you use
p talloc_report_full(ctx, fopen("/tmp/xx","w"))
in gdb, and if you don't have write permission on the file then
you get a segv.
