summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-09-10s4/provision: another fix for breakage from b1dabb1133Andrew Tridgell1-6/+8
2009-09-10s4:provision Don't reference provision_backend when using LDBAndrew Bartlett1-1/+3
This broke in Endi's patch for Fedora DS support Andrew Bartlett
2009-09-10s4/torture: don't mix declarations and codeAndrew Tridgell1-22/+22
2009-09-10s4: regenerate drsuapi IDLAndrew Tridgell2-0/+24
2009-09-10s4/schema: teach the schema_syntax code how to encode/decode more attributesAndrew Tridgell1-0/+104
We were trying to encode strings like 'top' as integers, without first looking them up in our schema. We need special handling for all the attributes that contain attributeID_id or governsID_id fields that should be translated first before encoding.
2009-09-10s4/schema: don't crash if we don't have subClassOfAndrew Tridgell1-2/+7
2009-09-10s4/drsuapi: tech the IDL about some more key attribute namesAndrew Tridgell1-0/+8
2009-09-10s4: Use SASL authentication against Fedora DS.Endi Sukma Dewata6-23/+103
1. During instance creation the provisioning script will import the SASL mapping for samba-admin. It's done here due to missing config schema preventing adding the mapping via ldapi. 2. After that it will use ldif2db to import the cn=samba-admin user as the target of SASL mapping. 3. Then it will start FDS and continue to do provisioning using the Directory Manager with simple bind. 4. The SASL credentials will be stored in secrets.ldb, so when Samba server runs later it will use the SASL credentials. 5. After the provisioning is done (just before stopping the slapd) it will use the DM over direct ldapi to delete the default SASL mappings included automatically by FDS, leaving just the new samba-admin mapping. 6. Also before stopping slapd it will use the DM over direct ldapi to set the ACL on the root entries of the user, configuration, and schema partitions. The ACL will give samba-admin the full access to these partitions. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-09s3:docs: Add info about how to obtain cifs module in cifs mount helper manpageVolker Lendecke1-0/+8
2009-09-09Fix compile in a usually non-selected define.Jeremy Allison1-1/+1
Jeremy.
2009-09-09s3:smbd: Add a "hidden" parameter "share:fake_fscaps"Volker Lendecke1-0/+3
This is needed to support some special app I've just come across where I had to set the SPARSE_FILES bit (0x40) to make it work against Samba at all. There might be others to fake. This is definitely a "Don't touch if you don't know what you're doing" thing, so I decided to make this an undocumented parametric parameter. I know this sucks, so feel free to beat me up on this. But I don't think it will hurt.
2009-09-09s3:examples:ldap: allow substing search on more attributes in nds schema fileBjörn Jacke1-2/+2
2009-09-09s4/torture: add new SMB oplock testsAravind Srinivasan1-2/+397
* test if oplocks are granted when requesting delete-on-close * test how oplocks are broken by byte-range-lock requests
2009-09-09s4/torture: convert printf to torture_comment()Aravind Srinivasan1-6/+9
Allows "make test" and other harnesses to print cleaner output.
2009-09-09s3:examples:ldap: fix some OIDs in various schema filesBjörn Jacke4-13/+13
2009-09-10s4/drs: when we don't find an attribute use zero valuesAndrew Tridgell1-19/+10
thanks to metze for pointing this out
2009-09-10s4/vampire: fixed i/j index mixup in vampire codeAndrew Tridgell1-3/+3
2009-09-09s4:drs match the meta_data and attributes arrayAndrew Tridgell1-16/+46
These two arrays need to be in sync, as they are walked in sync by the client
2009-09-09s4/drs: broke out the core of the getncchanges codeAndrew Tridgell1-81/+96
It is easier to understand without the heavy nesting
2009-09-09s4:drs level_out is a pointerAndrew Tridgell1-1/+1
DsAddEntry now seems to work for simple tests
2009-09-09s4:drs split addentry and getncchanges into separate filesAndrew Tridgell7-292/+375
These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow
2009-09-09Added "admin_session" method.Nadezhda Ivanova4-1/+223
The purpose of admin_session is to be able to execute parts of provisioning as the user Administrator in order to have the correct group and owner in the security descriptors. To be used for provisioning and tests only.
2009-09-09s4/repl: implement DsReplicaSyncAndrew Tridgell3-5/+68
This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition.
2009-09-09s4/repl: added refresh of repsToAndrew Tridgell1-1/+87
I've found that w2k3 deletes the repsTo records we carefully created in the vampire join if we don't refresh them frequently. After about 30mins all 3 repsTo records are gone. This patch adds automatic refresh of the repsTo by calling DSReplicaUpdateRefs every time we do a sync cycle with the server
2009-09-09s4: fixed format of repsTo in samdbAndrew Tridgell5-353/+70
Metze pointed out what the windows tool ldp.exe will examine repsTo attributes on remote DCs, so we do in fact need to use the same format that windows uses. This patch changes the server side implementation of UpdateRefs to use the windows format
2009-09-09s4: allow repl:RODC=true/false to set ourselves as a RODCAndrew Tridgell1-2/+6
I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing.
2009-09-09s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server ↵Günther Deschner1-1/+1
principal. Patch from Robert LeBlanc <robert@leblancnet.us>. Thanks! Guenther
2009-09-09ntlmssp: avoid duplicate inclusion of helper headers.Günther Deschner1-1/+0
Guenther
2009-09-08Mark test_security_descriptor_add_neg as known failing (for now).Jelmer Vernooij2-1/+2
2009-09-08Basic tests for nTSceurityDescriptor both SDDL and BASE64 formatZahari Zahariev1-2/+194
These are updated second eddition unittests using ldb.add_ldif() and ldb.modify_ldif(). Unittests are found to work when using the right local domain SID. Negative test separated. Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-09-08s3-nterr: add NT_STATUS_RPC_NT_CALL_FAILED.Günther Deschner2-0/+2
Guenther
2009-09-08s4/torture/smb2: removed SMB2-FIND testSteven Danneman3-222/+0
This test has been wholly replaced by the SMB2-DIR-ONE test found in dir.c.
2009-09-08s4/torture/smb2: Fix several small bugs and style issues in SMB2 dir testsSteven Danneman1-136/+152
* removed all uses of printf, replaced with torture_comment * replaced custom CHECK macros with new torture_assert_*_todo() helpers * switched string dir name generation to generate_unique_strs() helper, to avoid non-deterministic test behavior where generate_rand_str() would cause file colissions in the same directory.
2009-09-08s4/torture: add new torture_assert_*_todo() macrosSteven Danneman1-0/+38
These allow torture tests to perform cleanup after a failure, by jumping to a goto label.
2009-09-08lib/util: add unique string generator helper functionSteven Danneman2-0/+69
2009-09-08ntlmssp: add some void decode calls (useful for ndrdump).Günther Deschner5-3/+311
Guenther
2009-09-08socket_wrapper: swrap_read() should use SWRAP_RECV* for swrap_dump_packet()Stefan Metzmacher1-5/+3
This is the same as swrap_recv(). metze
2009-09-08s4:repl_meta_data: remove unused codeStefan Metzmacher1-11/+0
metze
2009-09-08s3:drsuapi: add a simple DsRemoveDSServer() implementationStefan Metzmacher1-1/+42
metze
2009-09-08s4:drsuapi: add an incomplete DsAddEntry implementationStefan Metzmacher2-10/+194
metze
2009-09-08s3:smbd: Fix bug 6690, wrong error checkAndrew Klosterman1-1/+1
2009-09-08schannel: add missing prototype for ndr_print_nbt_string() in schannel helper.Günther Deschner1-0/+1
Hopefully fixes samba4 build. Guenther
2009-09-08s3: remove unused RPC_AUTH_SCHANNEL_NEG struct and parsing functions.Günther Deschner3-55/+0
Guenther
2009-09-08s3-rpc_server: use NL_AUTH_MESSAGE in pipe_schannel_auth_bind().Günther Deschner1-6/+23
Guenther
2009-09-08s3-rpc_client: use NL_AUTH_MESSAGE in create_schannel_auth_rpc_bind_req().Günther Deschner1-7/+24
Guenther
2009-09-08s3/docs: Raise version number.Karolin Seeger82-82/+82
Karolin
2009-09-08schannel: add NL_AUTH_MESSAGE and both NL_AUTH_SIGNATURE structs.Günther Deschner8-1/+700
These actually belong netlogon but we for now want to keep netlogon as a security providor separate. Guenther
2009-09-08s4:idl Add generated code for netlogon.idl changesAndrew Bartlett3-3/+39
2009-09-08Return a correct value for Supported Encryption TypeMatthieu Patou2-2/+15
Vista and upper version use this value to check wether they should ask the DC to change the msDS-SupportedEncryptionTypes attribute or not. Declare the different value as a bitmap in Netlogon idl
2009-09-08tort: RPC-CRACKNAMES test case refactoredKamen Mazdrashki2-1/+18