Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-06-07 | s4:samba_dsdb LDB module - enhance/fix module rule comments | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
2010-06-07 | s3:auth make sure the primary group sid is usable | Simo Sorce | 1 | -13/+30 | |
This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth return the full passwd struct from check_account | Simo Sorce | 1 | -12/+6 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:passdb Export function to calculate the proper primary group sid | Simo Sorce | 3 | -86/+136 | |
Don't keep it buried in passdb, this function need to be available for use in places where we do not want to construct an artificial samu struct just to play tricks. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth remove unused structure member | Simo Sorce | 3 | -110/+2 | |
sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth create nt token from info3 directly | Simo Sorce | 3 | -38/+167 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth handle unix domain sids in samu | Simo Sorce | 5 | -39/+143 | |
When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth set the resolved user sid in the fake sam account | Simo Sorce | 1 | -0/+3 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth check the user is valid first | Simo Sorce | 1 | -43/+39 | |
It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth make sure we set the right username | Simo Sorce | 1 | -0/+5 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s4:ldap.py - add some "objectclass" behaviour tests | Matthias Dieter Wallnöfer | 1 | -0/+190 | |
2010-06-07 | s4:objectclass LDB module - rework the code which handles the objectclasses ↵ | Matthias Dieter Wallnöfer | 1 | -149/+191 | |
modification Before it has been very incomplete. We try now to match the Windows Server behaviour as close as possible. | |||||
2010-06-07 | s4:ldap.py - enhance the attributes testcase to demonstrate how the ↵ | Matthias Dieter Wallnöfer | 1 | -2/+75 | |
attributes are checked against the schema and the specified objectclasses This demonstrates the bew "objectclass_attrs" LDB module behaviour. | |||||
2010-06-07 | s4:acl LDB module - LDB attribute names should be compared using ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
"ldb_attr_cmp" or "strcasecmp" | |||||
2010-06-07 | s4:acl LDB module - adaption for "objectclass_attrs" module | Matthias Dieter Wallnöfer | 1 | -5/+15 | |
Since the attribute schema checking code moved back we need to give here the "LDB_ERR_NO_SUCH_ATTRIBUTE" error. | |||||
2010-06-07 | s4:objectclass LDB module - remove "fix_check_attributes" | Matthias Dieter Wallnöfer | 1 | -62/+0 | |
Also this task is now performed by the "objectclass_attrs" LDB module. | |||||
2010-06-07 | s4:samldb LDB module - adjust the module to set always a ↵ | Matthias Dieter Wallnöfer | 1 | -35/+45 | |
"defaultObjectCategory" on objectclass add operations This is needed to make the "objectclass_attrs" LDB module happy. The search check and case adjustment are done as it was using a second modify operation. | |||||
2010-06-07 | s4:remove the "validate_update" LDB module - the task is now handled by the ↵ | Matthias Dieter Wallnöfer | 4 | -141/+0 | |
far more complete "objectclass_attrs" LDB module | |||||
2010-06-07 | s4:dsdb - introduce a new "objectclass_attrs" LDB module which performs the ↵ | Matthias Dieter Wallnöfer | 3 | -0/+401 | |
objectclass attributes checking Until now we had no real consistent mechanism which allowed us to check if attributes belong to the specified objectclasses. | |||||
2010-06-07 | s4:objectclass LDB module - instanciate the schema variable centrally on the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+28 | |
"ac" context creation This unifies the position when the schema is read and prevents multiple instanciations (eg on a modification operation). | |||||
2010-06-07 | s4:samldb LDB module - finally we can remove the RDN check | Matthias Dieter Wallnöfer | 1 | -53/+0 | |
This is now dynamically always done by the objectclass LDB module | |||||
2010-06-07 | s4:ldap.py - enhance the rename tests to demonstrate the functionality | Matthias Dieter Wallnöfer | 1 | -0/+37 | |
2010-06-07 | s4:objectclass LDB module - finally implement the correct entry rename ↵ | Matthias Dieter Wallnöfer | 1 | -25/+130 | |
protections Only the "systemFlags" check is still missing. | |||||
2010-06-07 | s4:objectclass LDB module - cosmetic change | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
2010-06-07 | s4:objectclass LDB module - remove duplicated code | Matthias Dieter Wallnöfer | 1 | -13/+4 | |
2010-06-07 | s4:objectclass LDB module - fix counter variable types | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-07 | s4:objectclass LDB module - explain why the search can return with an empty ↵ | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
return | |||||
2010-06-07 | s4:objectclass LDB module - this "talloc_steal" is not necessary | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
The "parent_dn" was created on the "ac" context which lives anyway longer than this child request. | |||||
2010-06-07 | s4:objectclass LDB module - fix error result if an entry doesn't contain a ↵ | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
structural objectclass We need to return LDB_ERR_UNWILLING_TO_PERFORM (not LDB_ERR_NAMING_VIOLATION). | |||||
2010-06-07 | s4:objectclass LDB module - use "ldb_oom" for expressing out of memory | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-06-07 | s4:objectclass LDB module - fix header and add my copyright | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
2010-06-07 | s3-waf: Build rpc_server/srv_spoolss_util.c too. | Andreas Schneider | 1 | -0/+1 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-06-07 | s3-lsa: Fix static list of luids in our privileges implementation. | Günther Deschner | 1 | -9/+9 | |
The high/low order changed while moving to LSA defines. Found by torture test. Guenther | |||||
2010-06-07 | s4-smbtorture: test workstation auth as well in RPC-SPOOLSS-ACCESS. | Günther Deschner | 1 | -2/+34 | |
Guenther | |||||
2010-06-07 | s4:ldb python bindings - implement comparison on Python LDB Message objects | Matthieu Patou | 1 | -2/+38 | |
Coauthors: Jelmer Vernooij, Matthias Dieter Wallnöfer | |||||
2010-06-07 | s4: Remove an uselessly exposed control | Matthieu Patou | 1 | -1/+0 | |
2010-06-07 | s4-smbtorture: handle printservers w/o printers in RPC-SPOOLSS-ACCESS. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2010-06-07 | s3-privileges: use LUID defines from lsa IDL. | Günther Deschner | 5 | -36/+26 | |
Guenther | |||||
2010-06-07 | Fix bug with incorrect flag values for inherited ace in some cases. | Matthew McGillis | 1 | -0/+5 | |
2010-06-06 | s4:password_hash LDB module - adapt the module to the new ↵ | Matthias Dieter Wallnöfer | 1 | -17/+6 | |
"ldb_msg_remove_attr" behaviour | |||||
2010-06-06 | ldb:ldb_msg_remove_attr - provide a better implementation | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
We can have some special (bad) messages which contain multiple message elements for the same attribute. The AD password change ones are such an example. | |||||
2010-06-06 | s4:samldb LDB module - this codepart isn't needed due to the objectclass LDB ↵ | Matthias Dieter Wallnöfer | 1 | -13/+0 | |
module When a "computer" entry will be added, also the inherited "user" objectclass is going to be specified. | |||||
2010-06-06 | s4:get_last_structural_class - only real structural classes can be ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
candidates for fetching the last one Classes with objectCategory = 1 are always structural, these with objectCategory = 0 also (as we can see in our Windows 2008 R2 schema file where class "Person" has 0 but is structural). Abstract classes and auxiliary ones cannot be considered (objectCategory = 2, 3) http://msdn.microsoft.com/en-us/library/ms677964(VS.85).aspx | |||||
2010-06-06 | s4:ldap.py - enhance the RDN name test to show that invalid "name" ↵ | Matthias Dieter Wallnöfer | 1 | -1/+3 | |
attributes are allowed on add operations | |||||
2010-06-06 | s4:rdn_name LDB module - use "ldb_msg_remove_attr" for deleting attributes | Matthias Dieter Wallnöfer | 1 | -4/+2 | |
2010-06-06 | s4:rdn_name LDB module - remove "rdn_name_find_attribute" | Matthias Dieter Wallnöfer | 1 | -15/+2 | |
It does exactly the same as "ldb_msg_find_element". | |||||
2010-06-06 | s4:dsdb/common/util.c - provide a better implementation of the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+90 | |
"samdb_msg_add_(add/del)val" calls This supports now also coexisting add and delete message elements with the same attribute name. | |||||
2010-06-06 | ldb:ltdb_filter_attrs - fix a counter variable type | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
2010-06-06 | s4:ldap_server/ldap_backend.c - send back also the extended error message if ↵ | Matthias Dieter Wallnöfer | 1 | -18/+39 | |
it exists This message often contains suggestions how to fix issues. | |||||
2010-06-06 | s4:ridalloc LDB module - add more "talloc_free"s where useful | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
Some were missing on failure return branches. |