Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-01-11 | Revert "s4:provision_users.ldif - Add objects for IIS" | Andrew Tridgell | 1 | -21/+0 | |
This reverts commit 91e210028790397996659116446e6add452707f6. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | s4-selftest: when a command fails show both normal and expanded command | Andrew Tridgell | 1 | -0/+12 | |
It is sometimes hard to tell which varient of something like $SMB_CONF_PATH or $USERNAME is being used in a test. By giving both the expanded command ($command with environment variables expanded) and non-expanded command it is easier to reproduce bugs outside the test environment. | |||||
2010-01-11 | s4-test: fixed make test without having done make install | Andrew Tridgell | 1 | -0/+1 | |
client.conf didn't specify "setup directory" | |||||
2010-01-10 | s4:upgradeprovision - fix up the script regarding linked attributes | Matthias Dieter Wallnöfer | 1 | -12/+46 | |
We have to try to add new objects until between two iterations we didn't make any progress. Either we are then done (no objects remaining) or we are incapable to do this fully automatically. The latter can happen if important system objects (builtin groups, users...) moved (e.g. consider one of my recent comments). Then the new object can't be added if it contains the same "sAMAccountName" attribute as the old one. We have to let the user delete the old one (also to give him a chance to backup personal changes - if needed) and only then the script is capable to add the new one onto the right place. Make this clear with an exhaustive error output. I personally don't see a good way how to do this better for now so I would leave this as a manual step. | |||||
2010-01-10 | s4:upgradeprovision - Reformat comments | Matthias Dieter Wallnöfer | 1 | -28/+44 | |
Make them break at line 80 (better readability). | |||||
2010-01-10 | s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-01-10 | s4:provision_users.ldif - Add objects for IIS | Matthias Dieter Wallnöfer | 1 | -0/+21 | |
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too. | |||||
2010-01-10 | s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-01-10 | s4:provision_users.ldif - Fix memberships regarding the denied password RODC ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
replication group | |||||
2010-01-10 | s3: Remove some unused variables | Volker Lendecke | 1 | -7/+0 | |
2010-01-10 | s3: Fix some nonempty blank lines | Volker Lendecke | 3 | -42/+42 | |
2010-01-10 | s3: Use sid_check_is_domain instead of a direct sid_equal | Volker Lendecke | 1 | -3/+6 | |
2010-01-10 | s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid | Volker Lendecke | 1 | -4/+2 | |
2010-01-10 | s3: Replace most calls to sid_append_rid() by sid_compose() | Volker Lendecke | 23 | -93/+64 | |
2010-01-10 | s3: Remove unused samr_make_sam_obj_sd | Volker Lendecke | 2 | -41/+0 | |
2010-01-10 | s3: Remove the typedef for "auth_serversupplied_info" | Volker Lendecke | 17 | -51/+55 | |
2010-01-10 | s3: Remove the typedef for "auth_usersupplied_info" | Volker Lendecke | 16 | -44/+44 | |
2010-01-10 | s3: Trim libnss_wins.so | Volker Lendecke | 1 | -2/+1 | |
2010-01-10 | s3: Trim down some utilities a bit | Volker Lendecke | 1 | -11/+11 | |
2010-01-10 | s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
This belongs to the AD IIS stuff where I don't know yet if we should import it. | |||||
2010-01-10 | s4:provision_users.ldif - Import all essential groups for Windows Server ↵ | Matthias Dieter Wallnöfer | 1 | -85/+113 | |
2008 mode Additionally I had to fix some bugs (especially wrong "groupTypes") and reordered the objects using the SID (this is easier when enhancing the file). | |||||
2010-01-10 | s4-ldb: display security descriptors with correct SDL for known SIDs | Andrew Tridgell | 2 | -1/+7 | |
This makes it much easier to compare SDs | |||||
2010-01-10 | s4-dsdb: added samdb_domain_sid_cache_only() | Andrew Tridgell | 1 | -1/+8 | |
2010-01-09 | s3: Remove a pointless "else" branch from add_ccache_to_list() | Volker Lendecke | 1 | -4/+3 | |
2010-01-09 | s3: Slightly simplify winbindd_store_creds | Volker Lendecke | 1 | -4/+2 | |
2010-01-09 | s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth() | Volker Lendecke | 1 | -1/+1 | |
ntlmssp_update allocates the reply_blob as a child of ntlmssp_state. This means with ntlmss_end() it will be gone. winbindd_dual_ccache_ntlm_auth used the blob after the ntlmssp_end(). | |||||
2010-01-09 | s4-drs: instanceType is always sent, regardless of UDV values | Andrew Tridgell | 1 | -4/+6 | |
2010-01-09 | s4-debug: lower the verbosity of a couple of common log messages | Andrew Tridgell | 2 | -2/+2 | |
2010-01-09 | s4-samldb: fixed primaryGroupID when promoting a machine to a DC | Andrew Tridgell | 1 | -17/+30 | |
The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done without changing the member attributes of its groups. | |||||
2010-01-09 | s4-schema: fixed the SDDL for the schema root security descriptor | Andrew Tridgell | 1 | -10/+14 | |
This was preventing a DCPROMO client from allowing outgoing replication | |||||
2010-01-09 | s4-drs: add a local UDV entry even when no replUpToDateVector present on NC | Andrew Tridgell | 1 | -3/+3 | |
This allows us to filter correctly for a NC that we have created but not pulled from anyone. | |||||
2010-01-09 | s4-drs: give DN of failed replication partition | Andrew Tridgell | 1 | -4/+5 | |
2010-01-09 | s4-drs: base is_nc_prefix on instanceType | Andrew Tridgell | 1 | -1/+3 | |
for extended operations comparing to the ncRoot_dn is not correct | |||||
2010-01-09 | s4-drs: having no SPNs to change is not an error | Andrew Tridgell | 1 | -0/+7 | |
2010-01-09 | s4-drs: fixed writespn to ignore add/delete errors | Andrew Tridgell | 1 | -3/+40 | |
When a SPN is added and already exists, it is ignored. Similarly, when a SPN is deleted and doesn't exist, it is ignored. | |||||
2010-01-09 | s4-dsdb: added samdb_ldb_val_case_cmp() | Andrew Tridgell | 1 | -0/+16 | |
2010-01-09 | s4-drs: moved the DsWriteAccountSpn call to its own file | Andrew Tridgell | 4 | -75/+104 | |
2010-01-09 | s4-libnet: dsdb_wellknown_dn() in vampire code | Andrew Tridgell | 1 | -60/+17 | |
2010-01-09 | s4-drs: need to set the getncchanges extended_ret on success too | Andrew Tridgell | 1 | -0/+3 | |
2010-01-09 | s4-drs: calculate and send a uptodateness_vector with replication requests | Andrew Tridgell | 2 | -7/+82 | |
This stops us getting objects changes twice if they came via an indirect path. | |||||
2010-01-09 | s4-drs: be less verbose when we filter objects by UDV | Andrew Tridgell | 1 | -5/+5 | |
2010-01-09 | s4-drs: added filtering by udv in getncchanges | Andrew Tridgell | 2 | -9/+63 | |
When a client supplied an uptodateness_vector, we can use it to filter what objects we return. This greatly reduces the amount of replication traffic between DCs. | |||||
2010-01-09 | s4-idl: give a enum for attribute cn and a 'NONE' attribute | Andrew Tridgell | 3 | -2/+10 | |
The 'NONE' attribute has value 0xFFFFFFFF. Adding this ensures the compiler will complain if it is set to use 16 bit enums. We rely on being able to store 32 bits in an attid enum. | |||||
2010-01-09 | s4-drs: fixed the NC in the getncchanges RID alloc reply | Andrew Tridgell | 1 | -11/+13 | |
the search happens on a different DN to the NC of the request, but the reply is with the original NC | |||||
2010-01-09 | s4-debug: removed debug_ctx(). It didn't catch on :-) | Andrew Tridgell | 1 | -4/+0 | |
There was only one user, which isn't worth it for the overhead. | |||||
2010-01-09 | s4-messaging: remove only usage of debug_ctx() | Andrew Tridgell | 1 | -2/+4 | |
2010-01-09 | s4-messaging: fixed a memory leak in messaging_path() | Andrew Tridgell | 1 | -2/+9 | |
It is a bit convoluted to fix, as cluster_id_string() may return a const string. | |||||
2010-01-09 | s4-drs: fixed usage of ldb_dn_new() | Andrew Tridgell | 1 | -1/+1 | |
2010-01-09 | s4-ldb: validate the type of the ldb argument to ldb_dn_new() | Andrew Tridgell | 1 | -1/+7 | |
It has been a common bug to get the first two arguments the wrong way around | |||||
2010-01-08 | Fix comment | Simo Sorce | 1 | -1/+1 | |