summaryrefslogtreecommitdiff
path: root/source4/dsdb/common/util.c
AgeCommit message (Collapse)AuthorFilesLines
2010-11-09s4:dsdb/common: create a DSDB_SECRET_ATTRIBUTES define with all secret ↵Stefan Metzmacher1-12/+2
attributes We should have them just in one place, so that we don't forget some of them. metze
2010-11-08s4:samdb_msg_find_old_and_new_ldb_val - reworkMatthias Dieter Wallnöfer1-6/+27
- don't crash when no values where specified - return ERR_CONSTRAINT_VIOLATION on malformed messages - only check for flags when we are involved in a LDB modify operation
2010-11-04s4:dsdb/common: fix memory leak in samdb_ntds_settings_dn()Stefan Metzmacher1-1/+1
fetch and set should use the same name! metze
2010-10-29s4:samr RPC server - remove wrong implementation of ReplicaSourceNodeNameMatthias Dieter Wallnöfer1-22/+0
This should represent a replication partner - never the DC iself
2010-10-25s4:"samdb_search_count" - introduce a "mem_ctx" parameterMatthias Dieter Wallnöfer1-5/+4
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't? Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104
2010-10-25ldb:gendb_* calls: support a "NULL" resultset parameterMatthias Dieter Wallnöfer1-2/+1
This is useful for "samdb_search_count" where only the amount of entries matters.
2010-10-23s4/ldb:introduce the LDB_CONTROL_PROVISION_OID controlMatthias Dieter Wallnöfer1-0/+7
This control is exactly thought for the actions which previously were performed using the RELAX one. We agreed that the RELAX control will only remain for interactions with OpenLDAP.
2010-10-19s4-dsdb Allow LDB_ERR_INVALID_DN_SYNTAX in dsdb_load_partition_usnAndrew Bartlett1-1/+1
This will happen on an OpenLDAP backend, because @ records are invalid in LDAP. We don't have these sequence numbers in this case. Andrew Bartlett
2010-10-17Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer1-86/+1
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer1-1/+86
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-16s4:dsdb/common/util.c - describe the behaviour of the functions ↵Matthias Dieter Wallnöfer1-5/+32
"samdb_msg_add_uint", "samdb_msg_add_uint64" and "samdb_msg_set_uint" a bit more Unsigned int data in AD is a bit problematic to handle. Problem described by abartlet.
2010-10-15s4:samdb_msg_add_int* - use "ldb_msg_add_string" rather than ↵Matthias Dieter Wallnöfer1-2/+2
"samdb_msg_add_string" "ldb_msg_add_string" is safe here since the integer has already been converted to a string which is "talloc"ed on "mem_ctx". Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Oct 15 09:11:49 UTC 2010 on sn-devel-104
2010-10-15s4:samdb_create_foreign_security_principal - proof error code of ↵Matthias Dieter Wallnöfer1-3/+6
"samdb_msg_add_string"
2010-10-15s4:dsdb/common/util.c - samdb_msg_add_* calls - proof for more OOM conditionsMatthias Dieter Wallnöfer1-0/+6
2010-10-15s4:dsdb/common/util.c - samdb_msg_add_string - the attribute name doesn't ↵Matthias Dieter Wallnöfer1-4/+3
need to be duplicated This is done internally by the LDB library - look at "ldb_msg_add_empty".
2010-10-15s4:dsdb - remove "samdb_msg_add_value"Matthias Dieter Wallnöfer1-10/+2
This can be substituted by "ldb_msg_add_value". Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Oct 15 00:21:53 UTC 2010 on sn-devel-104
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer1-44/+9
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-10dsdb: Move attr_in_list to SAMDB_COMMON to avoid circular dependency between ↵Jelmer Vernooij1-1/+12
SAMDB_COMMON and DSDB_MODULE_HELPERS.
2010-10-07s4:dsdb/common/util.c - provide message set functions for integer typesMatthias Dieter Wallnöfer1-0/+31
They will be used by the samldb LDB module
2010-10-04s4:dsdb/common/util.c - change the usage of the RECYCLED controlMatthias Dieter Wallnöfer1-1/+4
Use it only in conjunction with the DELETE one to allow the functions to work also against Windows < 2008R2. This is really important for the vampire operation. Also mark the RECYCLED control as non-critical (so that it's simply ignored by older Windows'es). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 4 16:10:11 UTC 2010 on sn-devel-104
2010-10-03s4:dsdb - substitute the "show_deleted" with the "show_recycled" controlMatthias Dieter Wallnöfer1-3/+6
We intend to see always all objects with the "show_deleted" control specified. To see also recycled objects (beginning with 2008_R2 function level) we need to use the new "show_recycled" control. As far as I see this is only internal code and therefore we don't run into problems if we do substitute it. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-03s4:dsdb/common/util.c - introduce "DSDB_SEARCH_SHOW_RECYCLED" flagMatthias Dieter Wallnöfer1-0/+7
This is needed since starting with 2008_R2 function level we get another type of hidden objects which aren't seen by the "show_deleted" control: recycled objects. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-03s4:dsdb_dn_val_rmd_flags - memmem - scan the whole string for occourencesMatthias Dieter Wallnöfer1-1/+1
Do this as in "dsdb_dn_is_upgraded_link_val". There is really no reason to truncate before search. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 3 10:45:39 UTC 2010 on sn-devel-104
2010-10-01s4-dsdb: added dsdb_search_by_dn_guid()Andrew Tridgell1-0/+26
this is more efficient than first searching for the DN, then doing a search. We should look at using this in lots of existing code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-dsdb: silence the domainFunctionality not setup warningAndrew Tridgell1-1/+2
2010-09-29s4-dsdb Add ldb_reset_err_string() when we set error codes.Andrew Bartlett1-0/+3
If we don't we could show an old, incrorrect error
2010-09-29s4-dsdb Make samdb_reference_dn() use dsdb_search() and DSDB_SEARCH_ONE_ONLYAndrew Bartlett1-7/+8
This simplifies the function. While doing so, also change the error string setting to set a really clear error string for the failure to find and failure to parse cases. Andrew Bartlett
2010-09-27s4-dsdb: added samdb_find_site_for_computer() and ↵Andrew Tridgell1-0/+57
samdb_find_ntdsguid_for_computer() these will be used by the new RODC dns update code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-26s4-dsdb: A helper to determine if an attribute is part of the search filterNadezhda Ivanova1-0/+46
2010-09-20s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders testAnatoliy Atanasov1-0/+21
2010-09-20s4/fsmo: Create separate function for retrieving fsmo role dn and owner dn.Anatoliy Atanasov1-0/+72
This functionality is needed for DsCrackNames ListRoles command also.
2010-09-13s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for ↵Matthias Dieter Wallnöfer1-1/+1
LDAP filters This makes also lookups through special backends as "samba3sam" work.
2010-09-13s4:cosmetic - the SID attribute is called objectSid - not objectSIDMatthias Dieter Wallnöfer1-4/+4
2010-09-05dsdb: make the ATTRIBUTE NOT FOUND more clearMatthieu Patou1-0/+2
2010-08-20s4-dsdb: fixed dsdb_get_extended_dn_sid()Andrew Tridgell1-1/+1
it should honor the component_name Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-20s4-drs: implement RODC attribute filtering overrideAndrew Tridgell1-15/+29
When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17s4:samdb_set_password/samdb_set_password_sid - make more arguments "const"Matthias Dieter Wallnöfer1-5/+5
2010-08-17s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support ↵Matthias Dieter Wallnöfer1-13/+27
the password change control And introduce parameters to pass the old password hashes.
2010-08-17s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID"Matthias Dieter Wallnöfer1-1/+1
Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash.
2010-08-17s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messagesAndrew Tridgell1-3/+3
The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-16s4:samdb_set_password_sid - fix commentMatthias Dieter Wallnöfer1-1/+2
Add more possible result NTSTATUS codes
2010-08-15s4:samdb_set_password - fix formattingMatthias Dieter Wallnöfer1-1/+2
(Sorry, I've overseen this)
2010-08-15s4:samdb_set_password - implement the extended LDAP error code detectionMatthias Dieter Wallnöfer1-9/+17
2010-08-14s4:samdb_set_password - return "NT_STATUS_WRONG_PASSWORD" when a user ↵Matthias Dieter Wallnöfer1-0/+2
account doesn't exist This is for the (SAMR) account detection protection mechanism.
2010-08-10s4:dsdb/common/util.c - provide a call which returns the forest function levelMatthias Dieter Wallnöfer1-2/+15
Sooner or later we'll need this too since not all operations depend only on the current's domain function level (see the MS-ADTS docs).
2010-08-10s4:dsdb/common/util.c - use LDB constants whenever possibleMatthias Dieter Wallnöfer1-8/+8
2010-08-07s4:dsdb/common/util.c - add a function "dsdb_add"Matthias Dieter Wallnöfer1-0/+30
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-2/+2
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-07s4-dsdb: use ldb_operr() in the dsdb codeAndrew Tridgell1-38/+40
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-06s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is ↵Matthias Dieter Wallnöfer1-3/+9
"-1" we shouldn't force a password change This value is set by the ADUC console.