IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Subclass support was designed to avoid needing to spell out the full
list of objectClasses that an entry was in. However, Samba4 now
enforces this restriction in the objectClass module, and the way
subclass matching was handled was complex and counter-intuitive in my
opinion (and did not match LDAP).
Andrew Bartlett
is that when we all ldb_msg_add_empty(), we might realloc() the
msg->elements array. We need to ensure the source pointer (when
copying an element from the same msg) is still valid, or the data
copied.
Andrew Bartlett
- samba3sam.js: rework the samba3sam test to not use objectCategory,
as it's has special rules (dnsName a simple match)
- ldap.js: Test the ordering of the objectClass attributes for the baseDN
- schema_init.c: Load the mayContain and mustContain (and system...) attributes when
reading the schema from ldb
- To make the schema load not suck in terms of performance, write the
schema into a static global variable
- ldif_handlers.c: Match objectCategory for equality and canonicolisation
based on the loaded schema, not simple tring manipuation
- ldb_msg.c: don't duplicate attributes when adding attributes to a list
- kludge_acl.c: return allowedAttributesEffective based on schema results
and privilages
Andrew Bartlett
an attempt to work around this: Maybe it helps if we include other stuff
first.
This raises a question however: Do we want the DN handling to be locale
dependent? isalpha() can return different things depending on the
current locale.
few authentication tests. Now that the tests correctly 'fail', I was
able to fix the credentials subsystem to honour USER and PASSWD.
To get --machine-pass working, I needed ldb to always load it's static
modules, so I put this in ldb_connect().
Andrew Bartlett
'phantom_root' flag in the search_options control
- Add in support for LDB controls to the js layer
- Test the behaviour
- Implement support for the 'phantom_root' flag in the partitions module
- Make the LDAP server set the 'phantom_root' flag in the search_options control
- This replaces the global_catalog flag passed down as an opaque pointer
- Rework the string-format control parsing function into
ldb_parse_control_strings(), returning errors by ldb_errorstring()
method, rather than with printf to stderr
- Rework some of the ldb_control handling logic
Andrew Bartlett
to not conflict with the one that maybe added via the @ATTRIBUTES object
this is just to make the test-tdb-feature.sh torture test happy
There's still a bug when a attribute is registered multiple time
without removing old ldb_schema_attribute instances. But this bug
was there before my changes too and was just triggered by my changes
metze
to a ldb_schema_syntax struct.
the default attribute handler is now registered dynamicly as "*"
attribute, instead of having its own code path.
ldb_schema_attribute's can be added to the ldb_schema given a
ldb_schema_syntax struct or the syntax name
we may also need to introduce a ldb_schema_matching_rule,
and add a pointer to a default ldb_schema_matching_rule
in the ldb_schema_syntax.
metze
this works now against w2k3:
bin/ldbedit -U administrator%test -H ldap://w2k3-101/ -b "<GUID=44087590-dd95-435c-adc1-ec20a50807be>" -s base
bin/ldbedit -U administrator%test -H ldap://w2k3-101/ -b "<SID=S-1-5-21-769185814-1958994947-1641909093-513>" -s base
bin/ldbedit -U administrator%test -H ldap://w2k3-101/ -b "<WKGUID=AB8153B7768811D1ADED00C04FD8D5CD,DC=w2k3,dc=vmnet1,dc=vm,dc=base>" -s base
and we should try to implement this in the server too...
metze
