samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-09-30	s4-rodc: fixed the keyVersionNumber on the RODC account in secrets.keytab	Andrew Tridgell	1	-2/+5
	we need to fetch the msDS-keyVersionNumber from the writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30	s4-drs: put the GCSPN flag into the repsTo if requested	Andrew Tridgell	2	-0/+8
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30	s4-libnet: wipe the old keytab when exporting	Andrew Tridgell	1	-0/+2
	this prevents confusion with old keytab entries Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30	s4-dsdb: silence the domainFunctionality not setup warning	Andrew Tridgell	1	-1/+2

2010-09-30	autobuild: added much better email reporting	Andrew Tridgell	1	-10/+48
	logs are now accessible via http://git.samba.org
2010-09-30	autobuild: fixed exit status	Andrew Tridgell	1	-1/+1
	this should fix the case where we don't send logs on failure
2010-09-30	s4-drs: added support for level 10 of getncchanges	Andrew Tridgell	2	-73/+112
	added a simple mapping from req8
2010-09-30	LDAPCmp feature to compare nTSecurityDescriptors	Zahari Zahariev	1	-34/+252
	New feature that enables LDAPCmp users to find unmatched or missing ACEs in objects for the three naming contexts between DCs in one domain (default) or different domains. Comparing security descriptors is not the default action but attribute compatison. So to activate the new mode there is --sd switch. However there are two view modes to the new --sd action which are 'section' (default) or 'collision'. In 'section' mode you can only find differences connected to missing or value unmatched ACEs but not disorder unmatch if ACE values and count are the same. All of the mentioned differences plus disorder ACE unmatch you can observe under 'collision' view however it is more verbose. Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-30	s3: Add "smbcontrol winbindd ip-dropped <local-ip>"	Volker Lendecke	6	-0/+87
	This is supposed to improve the winbind reconnect time after an ip address has been moved away from a box. Any kind of HA scenario will benefit from this, because winbindd does not have to wait for the TCP timeout to kick in when a local IP address has been dropped and DC replies are not received anymore.
2010-09-30	s3: Re-introduce a procid_self()	Volker Lendecke	1	-1/+1
	Giving the parent pid to reinit_after_fork is not a good idea.... None of the other callers do this, checked it.
2010-09-30	s3: Fix a typo in dump-domain-list smbcontrol usage msg	Volker Lendecke	1	-1/+1

2010-09-30	s4-selftest: Add some more comments to skip file.	Jelmer Vernooij	1	-1/+4

2010-09-30	selftest: Eliminate some unnecessary spaces.	Jelmer Vernooij	1	-36/+36

2010-09-30	selftest: Avoid accessing deprecated BaseException.message.	Jelmer Vernooij	1	-1/+1
	Thanks to Andreas for pointing this out.
2010-09-30	subunit: Import new upstream snapshot (adds subunit_progress())	Jelmer Vernooij	4	-0/+80

2010-09-30	testtools: Import new upstream snapshot.	Jelmer Vernooij	5	-3/+49

2010-09-29	s4-drepl: don't call UpdateRefs on a RODC	Andrew Tridgell	1	-5/+11
	we use the ADD_REF bit in getncchanges instead Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29	s4-drepl: fixed the checking of replica_flags in the drepl server	Andrew Tridgell	1	-7/+0
	we were incorrectly avoiding a getncchanges when WRIT_REP was not set Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29	s4-kcc: fixed the replica_flags in repsFrom in the kcc	Andrew Tridgell	1	-31/+72
	if our calculated replica_flags doesn't match the ones in our repsFrom then update it Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29	idl-drsuapi: fixed another replica_flags that should use the bitmap	Andrew Tridgell	1	-1/+1
	Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-30	s4-dns: send A record updates via TKEY	Andrew Tridgell	1	-1/+6

2010-09-30	s3-spoolss: make sure to exit early and with the appropriate error code in	Günther Deschner	1	-0/+4
	_spoolss_GetPrinterDriver2. Guenther
2010-09-30	spoolss: use the correct flags for spoolss_PrinterInfo1 struct.	Günther Deschner	1	-1/+1
	Guenther
2010-09-30	s3-spoolss: Fix servername/printername handling which turns out to be very ↵	Günther Deschner	6	-141/+189
	important to get right. Guenther
2010-09-30	s4-smbtorture: add new EnumPrinters test to test printername/servername	Günther Deschner	1	-13/+207
	behaviour in EnumPrinter and GetPrinter calls. Guenther
2010-09-29	s4-samldb: also set a password on the krbtgt_NNNN account	Andrew Tridgell	1	-0/+11
	when we setup the krbtgt_NNNN account using the DCPROMO_OID control, we also need to set an initial password for this account Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-29	s4-devel: added new options to getncchanges script	Andrew Tridgell	1	-9/+65
	added --pas, --dest-dsa and --replica-flags options Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29	s4-drs: implement PAS checks and access checks for getncchanges	Andrew Tridgell	1	-26/+130
	This implements partial attribute set checking on getncchanges. If the client sends a partial_attribute_set then we only return the specified attributes. This also implements access checking on the NC root for the access right GUIDs for requests with and without reveal secrets Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29	s4-drs: added drs_security_access_check_nc_root()	Andrew Tridgell	2	-12/+63
	this checks securiity on the NC root of the specified naming context
2010-09-29	util: added BINARY_ARRAY_SEARCH_V()	Andrew Tridgell	1	-0/+16
	this is used to search an array of values
2010-09-29	s4-sam: added DOMAIN_RID_ENTERPRISE_READONLY_DCS for RODCs in the PAC	Andrew Tridgell	1	-0/+16
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-29	libds: added more UF_ -> ACB_ flags mappings	Andrew Tridgell	2	-2/+5
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2010-09-29	midltests: add midltests-pipe-sync-ndr32-downgrade-02.idl	Stefan Metzmacher	2	-0/+3566
	metze
2010-09-29	midltests: support for fragmented RPC traffic	Stefan Metzmacher	1	-5/+57
	metze
2010-09-29	midltests: print out the alloc_hint for requests and responses	Stefan Metzmacher	1	-4/+4
	metze
2010-09-29	midltests: improve NDR64 downgrade	Stefan Metzmacher	1	-4/+21
	metze
2010-09-29	midltests: revert to a simple default midltests.idl	Stefan Metzmacher	1	-248/+3
	metze
2010-09-29	s3-waf: add basic make test infrastructure, not able to test yet.	Günther Deschner	3	-0/+158
	Guenther
2010-09-29	s3-waf: clean up socket-wrapper and nss-wrapper a little.	Günther Deschner	1	-15/+5
	Guenther
2010-09-29	s3-waf: add vlp binary.	Günther Deschner	1	-0/+5
	Guenther
2010-09-29	s4-spnupdate: when we are a RODC we need to use the WriteSPN DRS call	Andrew Tridgell	1	-10/+57
	we can't do SPN updates via sam writes and replication, as the sam is read-only
2010-09-29	s4-drsutils: expose DsBind() call in drs_utils.py	Andrew Tridgell	1	-37/+38
	this will be used by samba_spnupdate
2010-09-29	s4-kerberos: use TZ=GMT when we are invoking krb5 code in helpers	Andrew Tridgell	2	-0/+12
	Our helper scripts can fail on Fedora with the PDT timezone (Western USA). This is the same issue we found with Heimdal earlier today, the 24 second difference between GMT and UTC, but this time in MIT Kerberos as linked into bind9. By forcing TZ=GMT in these scripts we avoid the problem Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-29	s4-rodc: RODC should not accept requests for role transfer	Nadezhda Ivanova	1	-0/+12
	A RODC cannot assume a role, and unwillingToPerform must be returned if such request is sent via LDAP
2010-09-28	s4-provision: simplify our generated krb5.conf	Andrew Tridgell	1	-14/+1
	we don't want to force the KDC to be ourselves, we should be using DNS to find a live KDC. Also remove some other options and allow the krb5 lib to use defaults. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-28	s4-kdc: RODC DCs should be able to produce forwardable tickets	Andrew Tridgell	1	-1/+1
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-28	heimdal: fixed timegm UTC/GMT bug	Andrew Tridgell	1	-15/+6
	This was a wonderful bug! On some Fedora systems, but not on Ubuntu, there is a difference between UTC and GMT. Heimdal replaced timegm() with _der_timegm() which did not account for that difference (which is 24 seconds at the moment). This led to a mutual authentication failure. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-28	s4-sam: fixed termination of krbtgt_attrs (comma and NULL)	Andrew Tridgell	1	-4/+4
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-28	ldb-dn: don't crash on NULL in ldb_binary_encode_string()	Andrew Tridgell	1	-0/+3
	Thanks to Nadya for finding this one!
2010-09-28	s4-kdc Ensure that an RODC may act as a server (needed to fill	Andrew Bartlett	1	-5/+24
	the krbtgt role). Andrew Bartlett