sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-05-01 22:50:23 +03:00
Code
69,071 Commits 62 Branches 1,158 Tags
Commit Graph

93 Commits

Author SHA1 Message Date
Nadezhda Ivanova
1e9a7882be s4-tests: Modified create_ou to only accept security.descriptor type for sd to avoid confusion 
It used to work with sddl as well, but this is confusing and could lead to errors. It also caused a message about tallocing a security descriptor to appear.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 19:46:42 CET 2010 on sn-devel-104
 2010-11-25 19:46:42 +01:00
Nadezhda Ivanova
db403ac35d s4-dsdb: Switched to using a dictionary in create_ou for consistency. 
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 25 14:12:52 CET 2010 on sn-devel-104
 2010-11-25 14:12:52 +01:00
Nadezhda Ivanova
05b8e078f4 s4-dsdb: Fixed wrong assignment of name attribute to description atribute in create_ou. 2010-11-25 14:25:43 +02:00
Nadezhda Ivanova
c89ecfc2ad s4-dsdb: Extended samdb.newgroup to set the group's security descriptor. 2010-11-24 16:54:18 +01:00
Nadezhda Ivanova
e95a350682 s4-dsdb: Changed filter to find the account of a user by samAccountName 
In newuser, a filter by dn was given to setpassword to find the account whose password is to be reset.
It appears however that if given filter of type (dn=CN=smth) Windows fails to return the entry, and the
tests that use newuser fail against it. Changed to use samAccountName instead.
 2010-11-23 21:02:03 +01:00
Nadezhda Ivanova
3001a514dd s4-dsdb: Extended samdb.newuser to accept security descriptor for the object and optionally skip password reset 
Sometimes for testing purposes we create users without any permissions on their objects and password reset
cannot be performed at that point, and is not necessary. For this purpose we can now optionally skip this step.
The default is still to reset the user password.
Also, a security.descriptor object can be specified during the user creation to override using the default one.
defaultSecurityDescriptor is still used by default.
 2010-11-23 17:15:16 +01:00
Nadezhda Ivanova
0c22316ccf s4-dsdb: Added a python method to SamDB for creating organizationalUnits 2010-11-23 14:33:27 +02:00
Nadezhda Ivanova
eaa9733a83 s4-dsdb: Added python helpers for getting and seting dSHeuristics to SamDB 2010-11-23 11:22:26 +02:00
Nadezhda Ivanova
c88b90e9f6 s4-dsdb: Added a helper to python SamDB for retrieving and setting minPwdAge. 2010-11-22 18:52:04 +02:00
Kamen Mazdrashki
c29a8c7ec5 s4-samdb.py: Use ldb.get_default_basedn() to avoid RootDSE search 2010-11-18 22:28:07 +01:00
Andrew Tridgell
cbded38ed5 s4-pydsdb: added DsReplicaAttribute() 
this allows us to form a DsReplicaAttribute structure from python
 2010-11-05 23:42:08 +11:00
Matthias Dieter Wallnöfer
a9b58f6246 s4:samdb.py - remove a pointless comment 
We are only looking for the default DN - but the method name already tells
us this.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Oct 19 10:03:12 UTC 2010 on sn-devel-104
 2010-10-19 10:03:12 +00:00
Matthias Dieter Wallnöfer
8c4f6bcd67 s4:samdb.py - use a more standard way to get to the domain realm/dns name 
We do always use the canonical name as a base if we don't have it around yet.
 2010-10-19 09:21:04 +00:00
Lukasz Zalewski
87fd2fd157 Addition of userPrincipalName attribute when new account is created 2010-10-19 09:21:04 +00:00
Kamen Mazdrashki
46ac1c3b47 s4-samba.samdb: Fix masking names from outer context 
- 'filter' is built-in
- 'ldb' is a module name we imported
 2010-10-03 01:24:56 +03:00
Kamen Mazdrashki
edfb8c64f6 s4-samba.samdb: Fix leading indention and trailing ';' 2010-10-03 01:24:55 +03:00
Andrew Tridgell
e72a1e2055 s4-pydsdb: added am_rodc() method on samdb 2010-09-19 11:29:32 -07:00
Andrew Tridgell
2666cc9c16 s4-pydsdb: don't force am_rodc unless it is set by caller 
we should normally get the rodc flag by looking at the database, not
by forcing it in the database connect
 2010-09-19 11:29:32 -07:00
Andrew Tridgell
54e86d881d s4-pydsdb: expose samdb_partitions_dn() as get_partitions_dn() in python 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-09 21:39:24 +10:00
Andrew Tridgell
8438da96ba s4-dsdb: added get_attid_from_lDAPDisplayName() on samdb 
This can be used to form the partial_attribute_set list for
GetNCChanges

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-25 08:40:04 +10:00
Andrew Tridgell
3d13c9e53a s4-pysamdb: fixed get_domain_sid() 
we need to actually return the SID!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-08-20 20:34:11 +10:00
Matthieu Patou
3e49b20cf0 s4 upgradeprovision: Fixes for increment_keyversion 
fix
 2010-08-19 15:59:04 +04:00
Matthieu Patou
f97c90c9cd s4 python: Add functions to samdb to manipulate version of replPropertyMetaData attribute 
This change contains also helpers for attribute id to attribute oid
conversion and from attribute id to attribute name.
It brings also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthias Dieter Wallnöfer
32a2bbb44b s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" attribute 
This does work per default on each AD-compatible DC. "userPassword" support on
Windows however has to be activated explicitly by the "dSHeuristics".
 2010-07-08 19:28:43 +02:00
Andrew Tridgell
4cb423f527 s4-python: python is not always in /usr/bin 
Using "#!/usr/bin/env python" is more portable. It still isn't ideal
though, as we should really use the python path found at configure
time. We do that in many places already, but some don't.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-06-24 18:46:57 +10:00
Lukasz Zalewski
740c97b513 Fix to undo nasty hack for for grouptype conversion 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-23 14:49:02 +02:00
Jelmer Vernooij
9e02764f7c pydsdb: Mark all SamDB and Schema methods that are in pydsdb as 
private, to discourage them being called directly.
 2010-06-20 15:22:49 +02:00
Jelmer Vernooij
66e27e5214 Remove unnecessary use of transactions. 2010-06-20 11:59:49 +02:00
Jelmer Vernooij
94e06fe203 Some more formatting fixes, move schema related functions from Ldb to Schema. 2010-06-20 02:46:57 +02:00
Jelmer Vernooij
1d86414eb0 samdb: Fix formatting, move get_oid_from_attid from Ldb to SamDB. 2010-06-20 01:30:51 +02:00
Lukasz Zalewski
214133fbec Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Lukasz Zalewski
c58c0c2129 Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Anatoliy Atanasov
d040658e1a s4-rodc: Set am_rodc flag during provision 2010-05-17 13:30:27 +03:00
Anatoliy Atanasov
7200c25646 Revert "s4-rodc: Fix provision warnings by creating ntds objectGUID in provision" 
This reverts commit c3cbb846d0bfbaa11fd255bada7fa5fe502d4d96.
The fix is not correct, we should cache a bool to answer amIRODC
 2010-05-11 12:54:18 +03:00
Anatoliy Atanasov
c3cbb846d0 s4-rodc: Fix provision warnings by creating ntds objectGUID in provision 2010-05-10 17:24:02 +03:00
Matthias Dieter Wallnöfer
cde9ec4af6 s4:samdb python bindings - remove idmap creation stuff from this call 
The id mapping should now be handled automatically by the s4 daemon.
 2010-05-09 19:14:46 +02:00
Andrew Bartlett
ea5cf7ce05 s4:provision Pass in the invoication ID and NTDS Settings DN to Schema() 
By putting these values into the cache on the LDB, this reduces some
of the noise in provision, particularly with the LDAP backend.

Andrew Bartlett
 2010-04-20 12:11:18 +10:00
Andrew Tridgell
75f5c3cd97 s4-net: allow a username to be displayed in setpassword errors 
the filter is a bit too cryptic

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-16 14:12:44 +10:00
Jelmer Vernooij
57ac0a6042 s4-python: Move load_partition_usn to dsdb module. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
dd4ef4e106 s4-python: More cleanups. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
4f2d8d6ace s4-python: samdb: Default to using global schema. 2010-04-08 23:20:35 +02:00
Jelmer Vernooij
2578072541 s4-python: Move set_global_schema to pydsdb. 2010-04-08 12:21:35 +02:00
Jelmer Vernooij
c76bd65b60 s4-samdb: Allow skipping global schema. 2010-04-07 17:40:00 +02:00
Jelmer Vernooij
21ab06f8a2 s4-python: Move samdb_ntds_objectGUID to pydsdb. 2010-04-07 17:39:59 +02:00
Jelmer Vernooij
ccd954f2a7 s4-python: Avoid importing glue directly. 2010-04-04 00:30:34 +02:00
Jelmer Vernooij
86e2b25186 More formatting fixes, pointed out by pylint. 2010-03-01 16:24:58 +01:00
Matthias Dieter Wallnöfer
7373bb79d4 s4:samdb/tools - That should fix now the last failures 2009-09-21 13:53:47 +02:00
Matthias Dieter Wallnöfer
c1527612b9 s4:python tools - try to fix some test problems 2009-09-20 23:49:05 +02:00
Matthias Dieter Wallnöfer
017092a028 s4:samdb.py - further rework 
- I added a comment to the "new user" operation to point out that this works
  only on s4, since we add also ID mapping entries for winbind there
- The "new user" operation adds now the password through the "set password"
  operation which I find better due to the re-use principle
- Remove the word "DC" after "SAMBA 4" in the comment over the "set password"
  operation since this note and operation applies also to s4 in standalone mode
 2009-09-19 21:57:41 +02:00
Matthias Dieter Wallnöfer
a873ea42ca s4:samdb.py - Unification of the interfaces 
- When a user account is requested by a call always the search filter will be
  passed as argument. This helps us to unify the API
- Add/fix some comments; in particular new comments inform the developer which
  requirements exist if he wants to use calls which manipulate the
  "userPassword" attribute (On s4 no problem - but on certain domain levels on
  Windows Server)
 2009-09-18 20:27:30 +02:00