summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-02-26s4-provision: added dns_update_listAndrew Tridgell1-0/+20
This contains the list of DNS names we should have as a DC
2010-02-26s4-provision: setup the dns_update_list at provision timeAndrew Tridgell1-0/+5
This file is substituted at runtime by samba_dnsupdate
2010-02-26s4-provision: if we aren't doing variable substitution then don't check for varsAndrew Tridgell1-1/+1
2010-02-26dns: auto-delete incorrect SRV entries for our hostnameAndrew Tridgell1-8/+15
2010-02-26s4-dns: add automatic dynamic DNS updating scriptAndrew Tridgell1-1/+223
This script checks a list of DNS names that we should have, and does dynamic DNS updates using our machine account credentials to add any missing DNS entries. This allows us to correctly add all the DNS entries we need when we join an existing domain as a DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26s4-provision: fixed port number for gc ldap DNS SRV entryAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26s4-param: added 'nsupdate command' option, default to /usr/bin/nsupdate -gAndrew Tridgell1-0/+4
2010-02-26samdb: added get_ntds_GUID() methodAndrew Tridgell2-0/+39
2010-02-26py-samdb: added server_site_name methodAndrew Tridgell1-0/+3
2010-02-26pyglue: added py_samdb_server_site_name()Andrew Tridgell1-0/+29
2010-02-26py-samdb: added get_invocation_id() methodAndrew Tridgell1-0/+5
2010-02-26pyglue: added py_samdb_ntds_invocation_id()Andrew Tridgell1-0/+36
2010-02-26pyglue: don't return 127.0.0.0/8 IPs in interface_ips()Andrew Tridgell1-5/+18
We don't generally want loopback addresses in the python code
2010-02-26s4-krb5: propogate errors from a lot more kerberos functionsAndrew Tridgell13-101/+158
We need to be able to give sensible error messages when a kerberos calls fails. This propogates the kerberos error up the stack to the caller. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26dns: install samba_dnsupdateAndrew Tridgell1-1/+1
2010-02-26dns: dummy samba_dnsupdate scriptAndrew Tridgell1-0/+38
The merge from metze of my dns tree means we now depend on this. This is a placeholder until Andrew and I have finished the full script.
2010-02-26s4-dsdb: fixed the fetch of the server site nameAndrew Tridgell1-1/+7
when the ntds objects were moved by a recent change it broke the calculation of the server site Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26Revert "s4:AD content - adequate some revision levels to match Windows ↵Andrew Tridgell2-5/+5
Server 2008" This reverts commit 973ea198677c581064fad62cdac30baac7103ef8. This change breaks DRS dcpromo.
2010-02-26s4:RPC-DSSYNC: pass the ip address to the cldap code instead of a nameStefan Metzmacher1-2/+16
metze
2010-02-26s4:torture: use a connected CLDAP socket.Stefan Metzmacher3-18/+63
This is needed because we don't (want) to specify an explicit local address. And the socket family (ipv4 vs. ipv6) needs to be autodetected based on the remote address before the socket() syscall. Otherwise we would try to connect to a ipv4 address through an ipv6only socket. metze
2010-02-26s4:libnet: use a connected CLDAP socket.Stefan Metzmacher4-10/+47
This is needed because we don't (want) to specify an explicit local address. And the socket family (ipv4 vs. ipv6) needs to be autodetected based on the remote address before the socket() syscall. Otherwise we would try to connect to a ipv4 address through an ipv6only socket. metze
2010-02-25Fix up debug info on smb2_rename code.Jeremy Allison1-9/+3
Jeremy.
2010-02-25Implement rename/move in SMB2 from Windows7.Jeremy Allison3-1/+112
Jeremy.
2010-02-25s3-nltest: fix uninitialized query level.Günther Deschner1-1/+1
Guenther
2010-02-25s4-smbtorture: define environment in one place in RPC-SPOOLSS test.Günther Deschner1-26/+38
Guenther
2010-02-25s4:kdc add mit plugin codeSimo Sorce3-0/+459
2010-02-25s4:kdc make function staticSimo Sorce2-6/+1
2010-02-25s3-spoolss: Save entire devicemode.Günther Deschner1-13/+10
found by RPC-SPOOLSS-PRINTER torture test. Guenther
2010-02-25s4-smbtorture: try to set every single devicemode component in ↵Günther Deschner1-0/+103
RPC-SPOOLSS-PRINTER. Guenther
2010-02-25s4-smbtorture: move ChangeID test to the list of tests we run against ↵Günther Deschner1-4/+4
created printers. Guenther
2010-02-24Make conn_close_all() safe to call from SMB2 sessions (fix crash bug).Jeremy Allison2-10/+23
Ensure we don't call close_cnum() with SMB2, also talloc_move the compat_conn pointer from the NULL context onto the tcon context in SMB2 as it's conceptually owned by that pointer. Jeremy.
2010-02-25s4:ldb Fix segfault in ldbsearch store_referral callbackAndrew Bartlett1-6/+1
sctx->refs_store was not initialised, and that made talloc_realloc grumpy once we started actually returning referrals regularly from Samba4's partitions module (0be57c747825737fa9d64411223e693b055b5f8f by mdw). We now just use talloc_zero() and forget about this manual initialisation work. Tracking down use of uninitialised variables with valgrind was the grand idea when this started, but in practice we just get segfaults in unusual places. Andrew Bartlett
2010-02-24Change the credential handling so that we start with maxmux creds,Jeremy Allison1-7/+10
and then return to the client the number of credits per operation that they asked for. This is a more sensible algorithm than just blindly returning "20" on every reply, although we will probably still need more changes to this going forward. Jeremy.
2010-02-24idl:lsa change string typeSimo Sorce3-7/+7
comapring win<-> traces it looks like this is an lsa_StringLarge
2010-02-24s4:lsa use the correct way to store a domain sidSimo Sorce1-7/+5
Converting the sid to a string and then storing a string does not save the sid in the right format. Causing following retrievals to fail to read back a sid with samdb_result_dom_sid().
2010-02-24s4:lsa avoid confusing ourselves over sam_ldbSimo Sorce1-39/+41
Do not use policy_state->sam_ldb and trusted_domain_state->policy->sam_ldb interchangeably all over the place. Just use sam_ldb everywhere and make the code slightly more readable.
2010-02-24s4:lsa cleanup trailing spaces and tabsSimo Sorce1-35/+35
2010-02-24Revert "s4-smb: Migrate named_pipe_server to tsocket."Simo Sorce2-279/+211
This reverts commit 69d5cea2e59162f19460e7ce4b6382fc5fdd6ca0. This commit causes issues with the RPC server, revert it until we find the exact issue and possibly have a torture test to avoid it happening again. Found playing with w2k8r2 and forest trusts.
2010-02-25s4:install Fix bug #7149 reported by JHT.Andrew Bartlett1-0/+2
We need to install named.conf.update for provision to succeed from the installed setup file. Andrew Bartlett
2010-02-25s4:scripting/devel Allow tmpfs script to be re-runAndrew Bartlett1-1/+4
By doing the unmount, we can avoid double-mounting st and bin
2010-02-25s4:DNS update - change "i" to be unsignedMatthias Dieter Wallnöfer1-1/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:ldap_server - make it "signed-safe"Matthias Dieter Wallnöfer3-7/+8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:auth - make some parts "signed-safe"Matthias Dieter Wallnöfer2-7/+8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:cldap_server - make it "signed-safe"Matthias Dieter Wallnöfer2-2/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:torture/ldap/basic.c - add a basic test for referral returnMatthias Dieter Wallnöfer1-3/+219
I implemented this referral test in C since the LDB python API isn't capable to extract referrals from search result sets (there the result sets are simple lists which contain only the matching entries). First I enhanced the RootDSE test to return all partition base DNs in a new null-terminated list "partitions". Then I used this in my referrals test which I've implemented in the LDB api since I needed some certain DN functions.
2010-02-25s4:partition DSDB module - Generate basic referralsMatthias Dieter Wallnöfer2-47/+144
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:partition DSDB module - change the search and domain scope control handlingMatthias Dieter Wallnöfer1-35/+22
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:LDAP server - Enable support for returning referrals through itMatthias Dieter Wallnöfer1-0/+22
This is needed for my work regarding the referrals when the domain scope control isn't specified. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:SAMLDB module - ignore referralsMatthias Dieter Wallnöfer1-5/+6
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-24s4:netlogon remove wrong ZERO_STRUCT of outputSimo Sorce1-6/+0
This was causing marshalling faults when we returned errors.