IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
some systems requires quite a large change in ldb. The core problem is
that ldb doesn't have its own equivalent of lib/replace/, so we have
no sane place to put things like timegm.c
This patch moves part of lib/replace/ from Samba4 into ldb, and the
next patch will remove those parts from Samba4. We will probably need
to similarly move parts of lib/replace/ into lib/talloc/ and lib/tdb/,
so that at each level the libraries have replacements for the
functions they need, but higher level libraries don't need to
re-include replacements if a lower level library already replaces the
function
(This used to be commit c2f6c217fb)
dependencies. If someone can fix it to only rebuild when something
changes, then feel free to re-enable it by default. Otherwise use
"make doxygen" if you are in need of a doxygen fix ....
(This used to be commit e9ab8d9f48)
AIX 5.1 version of make. Putting a direct dependency on $(OBJS) works
around this, and should be harmless on other systems
(This used to be commit 6a7182b599)
pointer.
This only works when this is the only structure member, but when I
added a new context pointer, it failed.
Andrew Bartlett
(This used to be commit 5bcfa12cef)
- allow ldb to be built in a separate build directory, using:
/some/path/to/ldb/configure
make
this will make it much easier to put ldb in the build farm without
interfering with the build farm builds of tdb and talloc
(This used to be commit 580ed6730d)
This module has been created with the purpose of being used
for searches against ldap servers without the need to handle
the control manually
You can test it by passing -o modules:paged_searches to ldbsearch
The page search size is set to 500 objects.
Simo.
(This used to be commit 07d377f3c2)
We now read the objectClasses, and sort them into order, so that
OpenLDAP will load them. We do this by walking down the 'subClassOf'
chain. This should also be used in the objectClass module to sort the
objectClass list, and to populate the @SUBCLASS records.
Andrew Bartlett
(This used to be commit 22dec7b62a)
for objectClass=xyz. The code has been warning at me 'no
covert_operator set', and indeed this is the case. (It then proceeds to
strip this as a search expression)
In this commit, I have implemented a convert_operator for objectClass,
by pretending it is a simple MAP_CONVERT operator for the search
requests.
I also have changed the logic for when we should bail out. I can only
see reason to bail out on the search if we have both local and remote
trees. How can a remote-only search be un-splittable?
Andrew Bartlett
(This used to be commit 656e58672c)
needs to be renamed (operation_add?).
This allows me to match the behaviour and substitute with the
entryUUID module for remote LDAP connections.
Andrew Bartlett
(This used to be commit af02b4d7c6)
<mkhl@samba.org>.
Martin took over the work done last year by Jelmer, in last year's
SoC. This was a substanital task, as the the ldb modules API changed
significantly during the past year, with the addition of async calls.
This changeset reimplements and enables the ldb_map ldb module and
adapts the example module and test case, both named samba3sam, to the
implementation.
The ldb_map module supports splitting an ldb database into two parts
(called the "local" and "remote" part) and storing the data in one of
them (the remote database) in a different format while the other acts
as a fallback.
This allows ldb to e.g. store to and load data from a remote LDAP
server and present it according to the Samba4 schema while still
allowing the LDAP to present and modify its data separately.
A complex example of this is the samba3sam module (by Jelmer
Vernooij), which maps data between the samba3 and samba4 schemas.
A simpler example is given by the entryUUID module (by Andrew
Bartlett), which handles some of the differences between AD and
OpenLDAP in operational attributes. It principally maps objectGUID,
to and from entryUUID elements. This is also an example of a module
that doesn't use the local backend as fallback storage.
This merge also splits the ldb_map.c file into smaller, more
manageable parts.
(This used to be commit af2bece4d3)
Do not change unixName right now, we don't have an attribute to use in the posixGroup class,
and I think we should remove its usage altogether and look up users and groups by their uid/gid only.
Simo.
(This used to be commit d57b521aad)
with this you can limit a search to a specific partitions
or a search over all partitions without getting referrals.
(Witch is the default behavior on the Global Catalog Port)
metze
(This used to be commit 4ccd0f8171)
because the handlers are called within the async callbacks
in side the main search.
Also it makes no sense to give the sddl encoder the sid of the primary
domain when we need a description of a real security_descriptor,
this only makes sense for the defaultSecurityDescriptor...
metze
(This used to be commit 92f133f1ef)
Finally acknowledge that ldb is inherently async and does not have a dual personality anymore
Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply
to reflect the real function of this structure.
Simo.
(This used to be commit 25fc735404)
that it should handle the add without a search.
Now that I'm working on better behaviour with an LDAP backend, I've
fixed the module to do just that. For an ADD, and a MODIFY with the
REPLACE flag, we do not need the search step.
Andrew Bartlett
(This used to be commit 87573e2ee4)
The function pointer was meant to be unused, this patch fixes
partition.c to use ldb_sequence_number(). (No backend provided the
pointer any more).
Set the flags onto the ldb structure, so that all backends opened by
the partitions module inherit the flags.
Set the read-ony flag when accessed as the global catalog
Modify the LDAP server to track that this query is for the global
catalog (by incoming port), and set a opqaue pointer.
Next step is to read that opaque pointer in the partitions module.
Andrew Bartlett
(This used to be commit a1161cb30e)
This clearly links the log function with its private pointer, and
makes the argument list for tdb_open_ex a bit shorter.
Andrew Bartlett
(This used to be commit 5d5503e8d8)
In particular, this removes one use of the LDB_DN_NULL_FAILED macro,
which was being used on more than DNs, had an embedded goto, and
confused the IBM checker.
In the password_hash code, ensure that sambaAttr is not, before
checking the number of values.
In GENSEC, note that this switch value can't occour. This seems to be
the only way to quiet both the IBM checker and gcc, as well as cope
with possibly invalid inputs.
Andrew Bartlet
(This used to be commit 3e58350ec2)
easier to chase down what modules or application code gets wrong.
Ensure not to leave memory allocated on failure in ldb_search()
Andrew Bartlett
(This used to be commit 0828739951)
as part of ldb.
This allows tdb failures to be passed all the way up to Samba's DEBUG
system, which allowed easier debugging.
Unfortunately I had to extend the tdb API, as the logging function
didn't have a context pointer.
I've worked over the 'debug levels' in TDB. Most of them were 0,
which didn't seem right, as some were trace-like messages. We didn't
see any of these previously, except when accessing TDB directly.
Andrew Bartlett
(This used to be commit 58898092c1)
This required changes to the rootDSE module, to allow registration of
partitions. In doing so I renamed the 'register' operation to
'register_control' and 'register_partition', which changed a few more
modules.
Due to the behaviour of certain LDAP servers, we create the baseDN
entry in two parts: Firstly, we allow the admin to export a simple
LDIF file to add to their server. Then we perform a modify to add the
remaining attributes.
To delete all users in partitions, we must now search and delete all
objects in the partition, rather than a simple search from the root.
Against LDAP, this might not delete all objects, so we allow this to
fail.
In testing, we found that the 'Domain Controllers' container was
misnamed, and should be 'CN=', rather than 'OU='.
To avoid the Templates being found in default searches, they have been
moved to CN=Templates from CN=Templates,${BASEDN}.
Andrew Bartlett
(This used to be commit b49a4fbb57)
r15944.
Hey idra I think a better rename would be to keep the LDB_REQ suffix
here to remain consistent with the other enums (e.g ldb_reply_type,
ldb_async_wait_type and ldb_async_state).
(This used to be commit d44ee8c43b)
the whole ldb structure.
Because the sequence number was a fn pointer on the main ldb context,
turn it into a full request (currently sync).
Andrew Bartlett
(This used to be commit fbe7d0ca90)
change the code to exploit that in ldb
I still have to reintroduce transactions when you call ldb_request directly,
I have some plans I hop to be able to develop in the next weekend
(This used to be commit 3511120602)
at least a generic error, even when inside a transaction.
This helps debugging ldb/js interactions a lot...
Andrew Bartlett
(This used to be commit b607acf6f0)
- we were giving OPERATIONS_ERROR in all cases:-(
- we now pass ALREADY_EXIST fine to the caller,
and the code in libnet_site.c is happy again.
- this bug wasn't noticed for a long time because
the ldb_ildap code always passed SUCCESS to it's caller
metze
(This used to be commit 7b9d711920)
This means that some modules have been disabled as well as they
have not been ported to the async interface
One of them is the ugly objectclass module.
I hope that the change in samldb module will make the MMC happy
without the need of this crappy module, we need proper handling
in a decent schema module.
proxy and ldb_map have also been disabled
ldb_sqlite3 need to be ported as well (currenlty just broken).
(This used to be commit 51083de795)
It passess all my tests, but I still need to work on a lot of stuff.
Shouldn't impact anybody else work, so I want to commit now and see what happens
Will work to remove the old code from modules and backends soon, and make some
more restyling in ldb internals.
So, if there is something you don't like in this desgin please speak now.
Simo.
(This used to be commit 8b2a563e71)
Fix up behaviour of Ldb.__setitem__() function. It should overwrite the
element data.
Add wrapper for ldb_msg_sanity_check().
(This used to be commit d67e055f86)
Recursive dependencies are now forbidden (the build system
will bail out if there are any).
I've split up auth_sam.c into auth_sam.c and sam.c. Andrew,
please rename sam.c / move its contents to whatever/wherever you think suits
best.
(This used to be commit 6646384aaf)
Don't try and steal the result of a search on failure, it has already
been talloc_free()'ed by the ildb code.
Andrew Bartlett
(This used to be commit a99bd2e033)
Prototypes are now spread over multiple headers, usually one per subsystem.
This change is required to allow proper header dependencies later on,
without recompiling Samba each time the mtime of any source file changes.
(This used to be commit 3da79bf909)
- VERSION: should contain the current version. Will be made part of the filename.
- SO_VERSION: should contain the latest version that this on is compatible to. Will be used for setting the soname of the shared library.
Fix sonames and use them on platforms that support them
Remove symlinking code. ldconfig will take care of creating the symlinks now
that we set the soname.
(This used to be commit 7871b07e21)
get anything if not waiting for all, keeping this
value may just lead to false expectations.
You either make blocking call waiting for ALL results
transforming this in a sync call, or either you loop
expecting from 0 to all results being returned at any
time on any of these loops.
It should be clear also that when you may receive results
at any time as soon as you call ldb_request.
Your callback may have received all results even before
calling ldb_async_wait the first time.
Simo.
(This used to be commit 6f041068b5)
