summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-06-25s4-samba_upgradedns: Do not set DNS account for internal serverAndrew Bartlett1-32/+32
The internal DNS server does not need the samba-only NAME-dns account. Andrew Bartlett
2012-06-25s4-join: Import DNS zones in AD DC joinAndrew Bartlett3-20/+59
2012-06-24selftest: Test unix.whoami with kerberos on plugin_s4_dcAndrew Bartlett3-18/+10
This also tests the comparison with LDAP on anonymous connections and marks this as knownfail, while we investigate the correct behaviour here. Andrew Bartlett
2012-06-24s4-classicupgrade: Allow DNS backend to be specifiedAndrew Bartlett2-6/+12
2012-06-24s4-drepl: Ensure that the op->source does not get deallocated too earlyAndrew Bartlett2-9/+25
We need to have the struct dreplsrv_partition_source_dsa around until the end of the async op, so we use talloc_reference after carefully checking the callers and making the modifications required. This prevents a crash when replicating partitions in the vampire_dc test after adding DNS replication at join time. Andrew Bartlett
2012-06-23selftest: schema is not automatically reloaded now so if you modify it you ↵Matthieu Patou1-0/+9
have to reload it Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Sat Jun 23 10:48:13 CEST 2012 on sn-devel-104
2012-06-22s4-dsdb: operational handle modifyTimeStamp on the CN=aggregate DNMatthieu Patou1-1/+37
modifyTimeStamp is a generated attribute, for most object it's generated directly from the whenChanged attribute. But for the CN=aggregate object in the schema we have to handle it in a different way, that's because for this object whenChanged!=modifyTimeStamp (as checked against Windows 2003R2 DCs) instead the modifyTimeStamp reflect the timestamp of the most recently modified and loaded schema object (that is to the one with the highest USN before the schema was reload due to timeout or by the reloadSchemaNow command). Some third party are using this information to know if they have to update their schema cache and also to check that schema updates have been correctly reloaded by the DC, a good example of this behavior is exchange 2010.
2012-06-22s4-schema: improve the documentation of the dsdb_schema structureMatthieu Patou1-4/+6
2012-06-22s4-dsdb: Check for key SCHEMA_SEQ_NUM in metadata.tdb updatesMatthieu Patou2-3/+192
If the value has changed then reload the schema, this means that now the schema is only reloaded on a periodical basis or if we have been asked explicitly to do it and not necesserly if the schema partition has changed.
2012-06-22s4-dsdb: Add/Update SCHEMA_SEQ_NUM key in the metadata.tdb after schemaUpdateNowMatthieu Patou4-2/+43
The idea is to signal to other process accessing the database that the schema was forced to be reloaded and so they should reload as well.
2012-06-22s4-drs: if schema has changed during replication notify other process that ↵Matthieu Patou1-0/+55
they have to reload the schema
2012-06-22s4-dsdb: move schema_load at the top of module stackMatthieu Patou1-1/+1
2012-06-22s4-extended: do not try to fix if there is no schemaMatthieu Patou1-0/+4
2012-06-22s4-schema: keep track of the timestamp of the most recently changed/created ↵Matthieu Patou3-1/+13
object
2012-06-22s4-schema: generalized time use its own syntax nowMatthieu Patou1-1/+0
2012-06-22ldb: lay foundation for proper utc/generalized time handlingMatthieu Patou3-5/+42
We use to handle UTCtime and generalized time the same way. The thing is that it's not the case, they are different in the way they are set (most of the time) with different format and also stored and return in different format too.
2012-06-22s4-drsuapi: Fix a const warningMatthieu Patou1-1/+1
2012-06-22s4-drsuapi: rework the crackname implementation of functionnal namesMatthieu Patou1-24/+122
2012-06-22s4-dsdb-linkedattributes: register the VERIFY_NAME control, handle it when ↵Matthieu Patou1-10/+97
we are a GC In theory when presented this control and not a GC we should use the specified name as the DC to contact for cross-domain link verification. But for the moment we don't support this so we just fail when we have this control and are not a GC.
2012-06-22s4-ldap: handle VERIFY_NAME control encoding/decodingMatthieu Patou1-0/+96
2012-06-22ldb: add the VERIFY_NAME controlMatthieu Patou2-0/+68
2012-06-22s4-dsdb: support otherWellKnownObjectsMatthieu Patou1-24/+31
2012-06-22s4-dsdb: Try to avoid much of the time a db search for msDS-IntIDMatthieu Patou3-14/+97
We search in the schema if we have already this intid (using dsdb_attribute_by_attributeID_id because in the range 0x80000000 0xBFFFFFFFF, attributeID is a DSDB_ATTID_TYPE_INTID). If so generate another random value. If not check if the highest USN in the database for the schema partition is the one that we know. If so it means that's only this ldb context that is touching the schema in the database. If not it means that's someone else has modified the database while we are doing our changes too (this case should be very bery rare) in order to be sure do the search in the database.
2012-06-22dsdb-schema: do not reload more often than schema_reload_intervalMatthieu Patou5-4/+65
Samba 4 use to try to reload the schema every time dsdb_get_schema was called (which could be 20+ time per ldb request). Now we only reload at most every xx seconds (xx being the value of dsdb:"schema_reload_interval" or 120). The timestamp of the last reloaded schema is kept in the dsdb_schema object. There is also a timestamp in the ldb_context, that is used by the LDAP server to know if it has to reload the schema after handling the request. This is used to allow that the schema will be immediately reload after a schemaUpdateNow request has been issued, the reload can't occur in the handling of the LDAP request itself because we have a transaction autostarted.
2012-06-22s4-dsdb: fix a warning about unused variableMatthieu Patou1-3/+0
2012-06-22s3: Correct documentation of case sensitiveOlaf Flebbe1-1/+1
this fixes bug #8552 Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Jun 22 21:59:59 CEST 2012 on sn-devel-104
2012-06-22s3-vfs_gpfs: Fix bug #9003, posix acl on gpfsVolker Lendecke1-2/+2
gpfs2smb_acl can leave errno!=0 around even if it returned a correct result!=NULL. We can only rely on errno being set if another error condition (in this case result==NULL) indicates an error. If result!=NULL, errno is undefined and can be anything. This leads to SAFE_FREE(result) further down even in the success case. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Jun 22 19:27:39 CEST 2012 on sn-devel-104
2012-06-22s3: Give machine password changes 10 minutes of timeVolker Lendecke1-0/+13
This is what we do at domain join time as well, see lib/netapi/joindomain.c:141 Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22s3:torture:smb2: pass smb2-session-reconnect test (add generosity in error case)Michael Adam1-7/+21
samba checks tree before file, so we get a STATUS_NETWORK_NAME_DELETED instead STATUS_FILE_CLOSED when operating on a file handle on a invalid tree id. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22dbwrap: don't ignore the result of dbwrap_parse_record in dbwrap_fetch_int32()Stefan Metzmacher1-1/+5
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Jun 22 17:10:52 CEST 2012 on sn-devel-104
2012-06-22dbwrap: intialize state.status in dbwrap_fetch_int32()Stefan Metzmacher1-0/+2
This might not be needed, but it makes it more clear that we won't use uninitialized memory, it the callback was not triggered. metze
2012-06-22dbwrap: Convert fetch_int32 to dbwrap_parse_recordVolker Lendecke1-13/+24
Now dbwrap_fetch_int32 is used in smbd/locking/posix.c is used a lot more often than before. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22s3: Remove reduce_windows_lock_ref_count, used only onceVolker Lendecke1-8/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22s3: Make reduce_windows_lock_ref_count staticVolker Lendecke2-2/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22s3: Use dbwrap_util for windows_lock_ref_countVolker Lendecke1-94/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22dbwrap: Add dbwrap_fetch_int32Volker Lendecke2-3/+11
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22dbwrap: Add dbwrap_change_int32_atomicVolker Lendecke2-9/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-06-22script/autobuild: fix path to random-sleep.shStefan Metzmacher1-8/+8
metze
2012-06-22selftest/knownfail: mark ^samba4.raw.session.expire1 as knownfailStefan Metzmacher1-0/+1
Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Jun 22 15:03:16 CEST 2012 on sn-devel-104
2012-06-22s4:torture/raw: add raw.session.expire1Stefan Metzmacher1-0/+200
This demonstrates the interaction of CAP_DYNAMIC_REAUTH and NT_STATUS_NETWORK_SESSION_EXPIRED. metze
2012-06-22s3:smbd: fix warning in smbd_tevent_trace_callback() without profile supportStefan Metzmacher1-0/+5
metze
2012-06-22s3:serverid: don't ignore the result of dbwrap_parse_record()Stefan Metzmacher1-1/+6
metze
2012-06-22s4:torture/smb2: run smb2.session.reauth5 in a subdirectoryStefan Metzmacher1-14/+77
This way we can give anonymous full access to the directory. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Jun 22 11:30:06 CEST 2012 on sn-devel-104
2012-06-22tdb: don't use err.h in tests.Rusty Russell21-22/+1
It's not portable. While we could use ccan/err, it seems overkill since we actually only use it in one test (I obviously cut & paste the #include). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Fri Jun 22 09:22:28 CEST 2012 on sn-devel-104
2012-06-22tdb: make TDB_NOSYNC merely disable sync.Rusty Russell3-15/+20
(As suggested by Stefan Metzmacher, based on the change to ntdb.) Since commit ec96ea690edbe3398d690b4a953d487ca1773f1c, we handle the case where a process dies during a transaction commit. Unfortunately, TDB_NOSYNC means this no longer works, as it disables the recovery area as well as the actual msync/fsync. We should do everything except the syncs. This also means we can do a complete test with $TDB_NO_FSYNC set; just to get more complete coverage, we disable it explicitly for one test (where we override the actual sync calls anyway). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-22dbwrap: dbwrap_hash_size().Rusty Russell7-0/+12
Implemented for ntdb and tdb; falls back to 0 for others. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-22dbwrap: dbwrap_name().Rusty Russell7-1/+11
Useful for debug messages: particularly once we start switching between .tdb and .ntdb files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-22dbwrap: dbwrap_transaction_start_nonblock().Rusty Russell4-0/+26
Implemented for ntdb and tdb; falls back to the blocking variant for others. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-22dbwrap: dbwrap_fetch_locked_timeout().Rusty Russell4-0/+52
Implemented for ntdb and tdb; falls back to the non-timeout variant for others. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-22dbwrap: add dbwrap_check() function.Rusty Russell4-0/+31
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>