Age | Commit message (Collapse) | Author | Files | Lines |
|
We need a machine account so the RID allocation code can work. It
seems better to use the same code paths for a domain controller and
standalone server to avoid testing headaches with little used code.
|
|
When we get one we haven't seen before, we can work out the right type
automatically in most cases.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This way we have consistent behavior when loading from DRSUAPI
and from LDB.
|
|
This reverts commit 4e8ad284f5813413fdec8426f11e24570d22549b.
|
|
This way msDS-IntId should not be assigned during provisioning,
which is how Windows works
|
|
|
|
|
|
|
|
|
|
if we get an error code from a lower module, we don't want to ignore
it just because something also succeeded
|
|
this makes building and testing s4 as a developer much faster, if you
have enough memory!
|
|
This enables the full schema during the rest of the provision, which
means indexing is enabled (along with index error checking, such as
duplicate SIDs)
|
|
|
|
When we get an indexing failure we want a clear error message
|
|
We want to incorporate the error messages from the modules further
down the stack.
|
|
It is nice to see when a RID Alloc is successful
|
|
we're still not weaned off event_context_find()
|
|
This allocates a RID pool for the client DC when we are the RID Manager
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This will be called by getncchanges when a client asks for a
DRSUAPI_EXOP_FSMO_RID_ALLOC operation
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
When the repl server gets MSG_DREPL_ALLOCATE_RID it contacts the RID
Manager to ask for another RID pool. We use a callback on completion
of the operation to make sure that we don't have two RID allocation
requests in flight at once
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We send the message when the current pool is half gone. We don't wait
for a reply.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This will be used to ask the drepl task for a new RID pool
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
The drepl task now checks to see if our rIDAllocationPool is
exhausted, and if it is then we queue a extended operation
DsGetNCChanges call to ask the RID Manager to give us a new allocation
pool.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
The attributes rIDNextRid and rIDAllocationPool are not replicated, so
their initial value when we first get a RID Set from the RID Manager
is blank.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This will be used by ridalloc.c
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
These are very badly named attributes! See the comments in ridalloc.c
for a explanation of what they really seem to mean
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when we run out of RIDs in our RID Set pool then grab a new one from
the RID Manager object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We now create it automatically in the samldb module when the first
user is created.
The creation of the dns user also had to move to the _modify.ldif as
it now relies on the fSMO role being setup for the RID Manager
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when we are the RID Manager we can create our own RID Set object when
the first user is created
|
|
We can't just use the callers callback directly otherwise the
ldb_module_done() is never called on the parent request, as the child
request is passed to the callback.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This should be used when you create a sub request and just want the
parent requests callback to be called when done.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This provides a convenient way to update a integer attribute with a
constrained delete/add
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This adds a module callable version of samdb_reference_dn(), which
finds a DN via a reference link
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
added a ldb add function for modules
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
we need to recognise a changetype of 'add'
|
|
This will end up having the RID Manager logic as well, so all the RID
pool allocation logic is in one spot
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is the first step towards DRS-friendly RID allocation. We now get
the next rid from the RID Set object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We can't allocate a objectSID until we have rIDSetReferences, but that
is in the DC object, so we have to force the objectSID of the DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This returns the DN of our RID Set object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We will allocate RIDs from this set
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This returns a 'reference' DN, which is a link to a DN, from the
specified object. It is then used by samdb_server_reference_dn() which
returns the serverReference DN, and samdb_rid_manager_dn() which
returns the rIDManagerReference DN.
|