IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
this auto-normalises some attributes when they are added/modified. The
list that we auto-normalise is currently:
Boolean
INT32
INTEGER
UTC_TIME
This fixes a problem with groupType being stored in an unnormalised
form
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
the objectclass_attrs validation that an object contains all mandatory
attributes is incorrect for deleted objects, as they get stripped of
some mandatory attributes when deleted (for example, objectCategory
gets stripped)
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
this allows attributes not known in the schema to be removed if the
caller has set the RELAX control. This will be used by dbcheck to
allow cleaning of bad attributes from the database
this allows dbcheck to fix bad attributes
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Jun 22 12:27:06 CEST 2011 on sn-devel-104
LSA object classes are protected on both LDAP add and LDAP modify
operations, so I've refactored the previous check in the objectclass LDB
module only for LDAP adds in a new one in the objectclass_attrs LDB
module for both adds and modifies.
This is the result of the investigations done by Hongwei Sun and I in
the last months.
Interestingly these protection mechansim doesn't apply on LDAP deletes!
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Before we got the following error, while starting samba after a
'samba-tool vampire':
Failed to store repsFrom - objectclass_attrs: delete protected attribute
'objectSid' on entry 'DC=ForestDnsZones,DC=alpha,DC=sz,DC=salzgitter-ag,DC=lab'
missing!
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Nov 4 17:01:59 UTC 2010 on sn-devel-104
The backend is the only place that can do this properly. It makes no
sense to do it anywhere else. As a result of it moving out of the
backend we ended up with some bugs causing multiple values in single
valued attributes (eg. isDeleted), which can really damage the
inregrity of the database.
For the override of single valued values needed for deleted linked
attributes we should use attribute flags.
This reverts commit 1949864417f3d10fb8996df7db259649eb777271.
We intend to see always all objects with the "show_deleted" control specified.
To see also recycled objects (beginning with 2008_R2 function level) we need to
use the new "show_recycled" control.
As far as I see this is only internal code and therefore we don't run into
problems if we do substitute it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
When this flag is set on an element in an add/modify request then the
normal validate_ldb() call that checks the element against schema
constraints is disabled
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
For attributes that we know that are harmless and that used to be stored
in the ldb we relax the tests on the existance in a given objectclass.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
It seems to me more consistent (and also to keep the same behaviour on all
backends).
Also the DRS hack should therefore not be needed anymore since the
"repl_meta_data" module launches requests behind "objectclass_attrs".
