Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-20 | Remove place-holders when it is single domain | Zahari Zahariev | 1 | -18/+32 | |
This patch changes the behavior of LDAPCmp in a single domain scenario. No place-holders will be applied during comparison so replication will be fully tested and even the silightest difference will pop up. There is a second smaller fix when we compre hosts in different domains. This fix disables ${SERVERNAME} paace-holder when there are more then one serevr (domain controller) in the given domain. | |||||
2010-08-20 | s4-dsdb: the RODC_JOIN control also changes samAccountName | Andrew Tridgell | 1 | -9/+13 | |
when adding a user with the RODC_JOIN control, the samAccountName is automatically set to the krbtgt_NNNNN form Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-pysamdb: fixed get_domain_sid() | Andrew Tridgell | 1 | -1/+1 | |
we need to actually return the SID! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-ldb: added support for rodc_control in ldb | Andrew Tridgell | 1 | -0/+27 | |
this allows you to specify the RODC join control in python ldb calls or on the command line Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-drs: fixed the error code for EXOP_REPL_SECRET getncchanges calls | Andrew Tridgell | 1 | -10/+8 | |
when we deny a EXOP_REPL_SECRET call we should set the exop error code to NONE, and the main return code to WERR_DS_DRA_ACCESS_DENIED (based on observing windows server behaviour) Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-drs: bring us much closer to the docs for DRS secret replication | Andrew Tridgell | 1 | -9/+241 | |
The rules for when a RODC can replicate secrets are: - it can always replicate its own acct - it can also replicate its krbtgt acct - it can't replicate other krbtgt accts - it can't replicate interdomain trust accounts - it can't replicate users in the denied group list - it can replicate users in the allowed group list otherwise it can't replicate Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-dsdb: fixed dsdb_get_extended_dn_sid() | Andrew Tridgell | 1 | -1/+1 | |
it should honor the component_name Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | idl: added the RODC allow/deny secrets RIDs | Andrew Tridgell | 1 | -0/+2 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-drs: implement RODC attribute filtering override | Andrew Tridgell | 2 | -39/+79 | |
When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-drs: added sam_ctx_system on DRS bind state | Andrew Tridgell | 2 | -0/+20 | |
The getncchanges call needs to be able to access the sam as the system user for RODC clients. To do this it needs a sam_ctx connection with system credentials Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s3:loadparm: make lp_load_ex static. We have wrappers for external callers. | Michael Adam | 2 | -14/+7 | |
2010-08-19 | s3-libsmbclient Convert dos error codes to NTstatus in async libsmbclient. | Jim McDonough | 2 | -8/+2 | |
DOS error codes were being lost with the conversion to async libsmbclient. If we're passing around NTSTATUS internally, let's just convert it when we get it. DOS ACCESS_DENIED on nautilus was not prompting for other credentials, because it was not being mapped. | |||||
2010-08-19 | s3-ads: Fix wrong test in if statement | Simo Sorce | 2 | -1/+3 | |
2010-08-19 | s3-waf: fix the build. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-08-19 | s3-ldapsam: add samba.ldif LDAP schema. | Günther Deschner | 1 | -0/+185 | |
This one is suiteable for cn=config setups and should be added via ldapadd. Thanks to Sumit Bose <sbose@redhat.com> for providing it. Guenther | |||||
2010-08-19 | s3-cli: fix uninitialized variable. | Günther Deschner | 1 | -1/+1 | |
Volker, please check. Guenther | |||||
2010-08-19 | s3-idmap: fix uninitialized variable in idmap_tdb_sids_to_unixids_action(). | Günther Deschner | 1 | -1/+1 | |
Michael, please check. Guenther | |||||
2010-08-19 | s4 provision: POLICY_ACL is already an FS acl no need to translate it | Matthieu Patou | 1 | -2/+1 | |
2010-08-19 | s4 provision: Add some documentation to GPO related functions | Matthieu Patou | 2 | -15/+58 | |
2010-08-19 | unit tests: debug to ease locating pb, remove dir if exists to avoid error | Matthieu Patou | 1 | -2/+8 | |
2010-08-19 | s4 upgradeprovision: exit with a non null return code so that it can be ↵ | Matthieu Patou | 1 | -0/+1 | |
trapped in blackbox tests | |||||
2010-08-19 | s4 upgradeprovision: add more attrbutes the ignore list | Matthieu Patou | 2 | -5/+20 | |
Also format in a pretty way the int64 ranges | |||||
2010-08-19 | s4 upgradeprovision: Deal with bootstrap indexing attribute to avoid useless ↵ | Matthieu Patou | 1 | -13/+65 | |
reindexing | |||||
2010-08-19 | s4 upgradeprovision: Add a function for schema reloading | Matthieu Patou | 1 | -1/+31 | |
Full schema reloading is needed when we modify exisiting elements that have attributes that comes from not from the default schema (ie. openchange schema, user schema ..) | |||||
2010-08-19 | s4 upgradeprovision: upgrade_delta_samdb return a msg_diff of @ATTRIBUTES | Matthieu Patou | 1 | -9/+14 | |
This is used by upgradeprovision to readd this delta just before loading a merged schema | |||||
2010-08-19 | s4 upgradeprovision: Fixes for increment_keyversion | Matthieu Patou | 3 | -3/+22 | |
fix | |||||
2010-08-19 | s4 upgradeprovision: fix a typo and pass correct parameter to ↵ | Matthieu Patou | 2 | -4/+5 | |
increment_calculated_keyversion | |||||
2010-08-19 | s3-libsmb: fix some uninitialized variables. | Günther Deschner | 1 | -2/+2 | |
Volker, please check. Guenther | |||||
2010-08-19 | -ENOTSUP translates to NT_STATUS_NOT_SUPPORTED | Surbhi Palande | 1 | -1/+3 | |
https://launchpad.net/bugs/276472 This patch adds the translation of Unix Error code -ENOTSUP to NT Error Code NT_STATUS_NOT_SUPPORTED. The absense of this translation wrongly sends back to the client a STATUS_DENIED message in samba3. Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com> | |||||
2010-08-19 | s3: Remove smb_pam_accountcheck from the auth modules | Volker Lendecke | 3 | -32/+4 | |
We go through the same check in auth/auth.c line 287 after the module has done its job. So we don't have to do that check twice. | |||||
2010-08-19 | s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if ↵ | Kamen Mazdrashki | 2 | -3/+4 | |
it exists | |||||
2010-08-19 | s4-test: make better error message for ATTID checks | Kamen Mazdrashki | 1 | -4/+20 | |
2010-08-19 | s4-test: Change attribute syntax and value for readability | Kamen Mazdrashki | 1 | -3/+3 | |
When it comes to read logs and dumping data received Octet String syntax comes in handy | |||||
2010-08-19 | s4-test: Enable drs.rpc.msdsintid test case - it should be passing now | Kamen Mazdrashki | 1 | -1/+0 | |
2010-08-19 | s4-dsdb: No need for dsdb_syntax_one_DN_drsuapi_to_ldb() to be public | Kamen Mazdrashki | 1 | -3/+3 | |
It is intended to be used in schema_syntax.c module | |||||
2010-08-19 | s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDs | Kamen Mazdrashki | 1 | -3/+16 | |
Depending on which NC is being replicated, GetNCChanges() returns either ATTID based on local prefixMap or msDs-IntId value of the attributeSchema class for the attribute being replicated. If set, msDs-IntId value is always returned when replicating object form NC other than Schema NC. Objects in Schema NC replica always use prefixMap based ATTIDs. | |||||
2010-08-19 | s4-dsdb-syntax: ATTID should be msDs-IntId value for the attributeSchema object | Kamen Mazdrashki | 2 | -14/+55 | |
in case object replicated is not in Schema NC and attributeSchema object has msDs-IntId attribute value set | |||||
2010-08-19 | s4: fix few comment typos | Kamen Mazdrashki | 2 | -3/+3 | |
2010-08-19 | s4-schema_syntax.c: Fix white spaces and alignment | Kamen Mazdrashki | 1 | -55/+56 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functions | Kamen Mazdrashki | 4 | -57/+45 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functions | Kamen Mazdrashki | 4 | -55/+47 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_validate_ldb functions | Kamen Mazdrashki | 3 | -62/+41 | |
2010-08-19 | s4-dsdb: Add context structure for dsdb_syntax conversion functions | Kamen Mazdrashki | 2 | -0/+19 | |
This structure is intended to hold context-dependent data. Syntax-conversion and object-conversion functions need that data to convert objects and attributes from drs-to-ldb and ldb-to-drs correctly. For instance: ATTID value depends on whether we are converting object from partition different that Schema partition. | |||||
2010-08-19 | s4-test-dssync: remove unused variable | Kamen Mazdrashki | 1 | -1/+0 | |
2010-08-18 | Fix bug 7626 - Typo in configure samba_cv__CC_NEGATIVE_ENUM_VALUES two ↵ | Jeremy Allison | 1 | -1/+1 | |
underscores. Noticed by bj@sernet.de. | |||||
2010-08-18 | Fix bug 7563 - Creation of symlink using smbclient is buggy. | Jeremy Allison | 1 | -13/+9 | |
Fix semantics of symlink. "oldpath" should be an untouched blob, "newpath" should fit the share path semantics. Jeremy. | |||||
2010-08-18 | s3: Remove an unused variable | Volker Lendecke | 1 | -1/+0 | |
2010-08-18 | librpc/rpc: call do_ndr_print hook in dcerpc_binding_handle_call*() | Stefan Metzmacher | 1 | -0/+10 | |
metze | |||||
2010-08-18 | s3-ads: Remove unused wrapper and make function static | Simo Sorce | 2 | -35/+12 | |
2010-08-18 | s3: async cli_list | Volker Lendecke | 5 | -422/+721 | |