Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-07 | s4:dsdb/common/util.c - add a function "dsdb_add" | Matthias Dieter Wallnöfer | 1 | -0/+30 | |
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 1 | -2/+2 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-07 | s4-dsdb: use ldb_operr() in the dsdb code | Andrew Tridgell | 1 | -38/+40 | |
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error. | |||||
2010-07-06 | s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is ↵ | Matthias Dieter Wallnöfer | 1 | -3/+9 | |
"-1" we shouldn't force a password change This value is set by the ADUC console. | |||||
2010-06-28 | Implementation of self membership validated right. | Nadezhda Ivanova | 1 | -0/+31 | |
When this right is granted, the user can add or remove themselves from a group even if they dont have write property right. | |||||
2010-06-21 | s4:dsdb_load_partition_usn - free the right memory context (tmp_ctx) | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-06-20 | s4:dsdb - add a new dsdb delete function which understands the tree delete ↵ | Matthias Dieter Wallnöfer | 1 | -0/+7 | |
control | |||||
2010-06-15 | s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. | Andrew Bartlett | 1 | -2/+2 | |
Andrew Bartlett | |||||
2010-06-06 | s4:dsdb/common/util.c - provide a better implementation of the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+90 | |
"samdb_msg_add_(add/del)val" calls This supports now also coexisting add and delete message elements with the same attribute name. | |||||
2010-05-31 | s4:dsdb_load_udv_v1 - "uint32_t" counter type fits better than "unsigned int" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-30 | s4:dsdb/common/util.c - fix a counter variable | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-24 | s4:dsdb Allow a NULL search expression in dsdb_search() | Andrew Bartlett | 1 | -2/+5 | |
The NULL search expression expands to (objectClass=*), but %s expands NULL to (NULL) which doesn't parse... Andrew Bartlett | |||||
2010-05-18 | Finish removal of iconv_convenience in public API's. | Jelmer Vernooij | 1 | -7/+5 | |
2010-05-17 | s4-rodc: Cache am_rodc flag | Anatoliy Atanasov | 1 | -0/+29 | |
2010-05-13 | s4:dsdb: fix samdb_result_logon_hours() and don't hardcode units_per_week | Stefan Metzmacher | 1 | -4/+11 | |
metze | |||||
2010-05-11 | s4:dsdb: cached results of samdb_rodc() | Stefan Metzmacher | 1 | -1/+29 | |
metze | |||||
2010-05-10 | s4:samdb_set_password - adapt it for the user password change handling | Matthias Dieter Wallnöfer | 1 | -0/+12 | |
Make use of the new "change old password checked" control. | |||||
2010-05-10 | s4:samdb_set_password/samdb_set_password_sid - Rework | Matthias Dieter Wallnöfer | 1 | -256/+134 | |
Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file | |||||
2010-05-10 | s4:dsdb/util.c - Add a new function for retrieving password change attributes | Matthias Dieter Wallnöfer | 1 | -0/+41 | |
This is needed since we have not only reset operations on password fields (attributes marked with REPLACE flag) but also change operations which can be performed by users itself. They have one attribute with the old value marked with the REMOVE flag and one with the new one marked with the ADD flag. This function helps to retrieve them (argument "new" is used for the new password on both reset and change). | |||||
2010-05-09 | s4:dsdb Provide an intelegent fallback if not CN=Subnets is found | Andrew Bartlett | 1 | -3/+7 | |
We may as well fall back rather than return NULL (which callers don't do useful things with). Andrew Bartlett | |||||
2010-05-04 | s4/rodc: Support read-only database | Anatoliy Atanasov | 1 | -0/+1 | |
Check on modify if we are RODC and return referral. On the ldap backend side now we pass context and ldb_modify_default_callback to propagate the referral error to the client. | |||||
2010-05-03 | s4/rodc: Implement msDS-isRODC constructed attr | Anatoliy Atanasov | 1 | -6/+15 | |
2010-04-29 | s4/rodc: RODC FAS initial implementation | Anatoliy Atanasov | 1 | -0/+28 | |
2010-04-28 | s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID | Kamen Mazdrashki | 1 | -18/+18 | |
This function is used in DRSUpdateRefs() implementation where we get DSA's objectGUID rather than invocationId | |||||
2010-04-27 | s4:dsdb/common: if we don't have the ip of the client return the server site ↵ | Stefan Metzmacher | 1 | -0/+8 | |
as client site metze | |||||
2010-04-27 | s4:util - add a function which finds the matching client site using the ↵ | Matthias Dieter Wallnöfer | 1 | -0/+90 | |
client address The lookup of the client site is done using the subnets in the configuration partition. If no one matches we use the Windows Server fallback mechansim. This means: if only one site is available just use it. If they're more set the output variable to "". Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: removed dsdb_validate_client_flags() | Andrew Tridgell | 1 | -30/+0 | |
This test is in the wrong place. We end up validating our own flags. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-dsdb: added dsdb_validate_invocation_id() | Andrew Tridgell | 1 | -0/+87 | |
this validates that a invocationID matches an account sid This will be used to ensure that we don't allow DRS replication from someone a non-DC or administrator Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-dsdb: added dsdb_get_extended_dn_sid() | Andrew Tridgell | 1 | -0/+29 | |
This will be used by the RODC code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: Use new samdb_rodc() function in s4 code | Fernando J V da Silva | 1 | -1/+1 | |
This patch fits the calling to the new samdb_rodc() function and fix a little bug in this function. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: dsdb_validate_client_flags() function | Fernando J V da Silva | 1 | -0/+28 | |
This function is intended to check if some client is not lying about his flags. At this moment, it only checks for RODC flags. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-22 | s4-drs: samdb_is_rodc() function and new samdb_rodc() function | Fernando J V da Silva | 1 | -32/+41 | |
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-20 | s4:provision Pass in the invoication ID and NTDS Settings DN to Schema() | Andrew Bartlett | 1 | -1/+38 | |
By putting these values into the cache on the LDB, this reduces some of the noise in provision, particularly with the LDAP backend. Andrew Bartlett | |||||
2010-04-13 | s4:samdb_server_site_name - fix indentation | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
2010-04-13 | s4:dsdb/common/util.c - add a call which determines centrally the forest DNS ↵ | Matthias Dieter Wallnöfer | 1 | -0/+19 | |
domainname | |||||
2010-04-13 | s4:remove "samdb_root_dn", "samdb_base_dn", "samdb_config_dn" and ↵ | Matthias Dieter Wallnöfer | 1 | -20/+0 | |
"samdb_schema_dn" They aren't needed anymore. | |||||
2010-04-13 | Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions" | Matthias Dieter Wallnöfer | 1 | -6/+8 | |
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library. | |||||
2010-04-11 | s4:samdb_server_site_dn - free unused DNs in the right way | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-03-22 | s4:dsdb Move dsdb_save_partition_usn() to be a module helper function | Andrew Bartlett | 1 | -88/+0 | |
This function should not traverse the module stack again, but instead run from this point. Also add a matching dsdb_module_load_partition_usn() and change repl_meta_data to match. Andrew Bartlett | |||||
2010-03-09 | A helper function to get the Infrastructure DN. | Nadezhda Ivanova | 1 | -0/+12 | |
2010-03-05 | s4:dsdb/util - Change also here counters to "unsigned" | Matthias Dieter Wallnöfer | 1 | -13/+16 | |
No need to have "signed" counters at those places. | |||||
2010-03-01 | s4/rodc: Implement samdb_rodc with ldb context | Anatoliy Atanasov | 1 | -7/+61 | |
2010-02-26 | s4-dsdb: fixed the fetch of the server site name | Andrew Tridgell | 1 | -1/+7 | |
when the ntds objects were moved by a recent change it broke the calculation of the server site Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-21 | s4:dsdb/util.c - Use LDB result constants in some more helper functions | Matthias Dieter Wallnöfer | 1 | -11/+11 | |
Always better to rely on the standards rather than on custom results. | |||||
2010-02-16 | s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1 | Andrew Tridgell | 1 | -1/+1 | |
In a single record search, LDB_ERR_CONSTRAINT_VIOLATION is more useful than the generic LDB_ERR_OPERATIONS_ERROR Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-16 | s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid() | Andrew Tridgell | 1 | -11/+72 | |
dsdb_find_dn_by_guid() now takes a struct GUID instead of a guid_string. All the callers in fact wanted a struct GUID, so we now avoid the extra conversion. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-16 | s4-dsdb: replace dsdb_find_dn_by_guid() with a dsdb_search() call | Andrew Tridgell | 1 | -67/+84 | |
much simpler code by using dsdb_flags Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-16 | s4-dsdb: change dsdb_search_dn_with_deleted() to dsdb_search_dn() with ↵ | Andrew Tridgell | 1 | -56/+58 | |
dsdb_flags Allows for arbitrary controls | |||||
2010-02-16 | s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags | Andrew Tridgell | 1 | -72/+27 | |
This allows for controls to be added easily where they are needed. | |||||
2010-02-16 | s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flags | Andrew Tridgell | 1 | -38/+40 | |