IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Commit 51baa8deec00244cc0a6e3d29c53932427800610 included a
copy-and-paste bug which caused all MMC mangement utilities to break.
Because of the typo Samba4 would no longer include the magic 'you may
write to these attributes/create these classes' attributes, these
tools would display all fields greyed out or 'read only', and not
allow the creation of child objects.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
A dITConentRules attribute (unlike objectClasses) must not contain a
'SUP'.
The ADSI layer in Windows would download the whole schema, and
validate it. Thanks to the team at Microsoft for very long debugging
session to find this.
Andrew Bartlett
- when multiple partitions are searched, consider the search a
success if any of the partitions return success
- only search the right subset of partitions, looking at the scope
and basedn of the search
This fixes several errors with GC searches
Windows 2003 has a broken schema where the definition of msDS-IsDomainFor
is missing (which is supposed to be the backlink of the msDS-HasDomainNCs
attribute.
Our schema is extracted from windows 2003, so we have the problem.
As the NET-API-BECOME-DC test triggers this bug, windows 2003
seems to just skip creating a backlink.
metze
This also tries to simplify the logic in the schema -> @ATTRIBUTES and
@INDEXES code.
Andrew Bartlett
(This used to be commit a383b8bf88a5681f9c9c6839ba645c872a735051)
I think it is just too complex and error prone to init and cancel
transactions during the module init code. Instead, this isn't prone
to races as it will always achieve a steady state (eventually), and
most cases will never do the write.
Andrew Bartlett
(This used to be commit d60977cc7f89f89f34187f310c91d1ab7db6ccf2)
I'm not sure if this fixes bug #5713, as this is not consistantly
reproducably on my equipment.
Andrew Bartlett
(This used to be commit 02d6645efc84179efd652dd29ab32f62ae310147)
(It instead ensured that only 'top' had a SUP keyword)
This clearly shows that 937b466266256d26d02cf8d48e72a26272fe8627 was
not a full or correct fix, but despite this I can no longer reproduce
the issue. Further investigation is required.
Andrew Bartlett
(This used to be commit 95a9e9b6b84866cd300b1d19915627c6718b4dde)
This bug is entitled 'Schema patch breaks interoperability with
Microsoft MMC consoles.', and it does so very spectacularly.
The issue is that we would include an entry:
objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT..
The MMC Active Directory Users and Computers snap in presumably
objected to the 'loop' this would present. The fixed entry is:
objectClasses: ( 2.5.6.0 NAME 'top' ABSTRACT
Thanks to Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> for his
persistance in getting me to look at this.
Andrew Bartlett
(This used to be commit 937b466266256d26d02cf8d48e72a26272fe8627)
The MS-ADTS document has quite detailed instrucitons on how these
flags should be processed. This change also causes the correct
sign-wrapping to occour, as these are declared as signed integers.
Andrew Bartlett
(This used to be commit 5c3d237a6d721dc75166bdc5ac0c6e76a4495bf7)
This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.
Andrew Bartlett
(This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
