summaryrefslogtreecommitdiff
path: root/source4/dsdb/common/util.c
AgeCommit message (Collapse)AuthorFilesLines
2013-09-19dsdb: Refuse to return an all-zero invocationIDAndrew Bartlett1-0/+8
This could cause an all-zero GUID to be entered into the replPropertyMetaData, which will then fail to be replicated to other DCs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-09-19python/drs: Ensure to pass in the local invocationID during the domain joinAndrew Bartlett1-0/+2
This ensures (and asserts) that we never write an all-zero GUID as an invocationID to the database in replPropertyMetaData. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-12dsdb: Allow dsdb_find_dn_by_guid to show deleted DNsAndrew Bartlett1-2/+4
This helps us in the KCC as we need to return the deleted DN for the GUID in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-04dsdb/util: rework samdb_check_password() to support utf8Stefan Metzmacher1-5/+16
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2013-01-01s4:dsdb/common: use 01.01.1970 as last_sync_success for our entry in the ↵Stefan Metzmacher1-3/+4
uptodatevector This matches a Windows 2008R2 and 2012 server. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-01s4:dsdb/common: use LDB_SEQ_HIGHEST_SEQ for our entry in the uptodatevectorStefan Metzmacher1-2/+2
We should use the global highestCommittedUSN, not the per partition value. This matches a Windows 2008R2 and 2012 server. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-11s4:dsdb/common: only pass the DSDB_CONTROL_PASSWORD_HASH_VALUES_OID if requiredStefan Metzmacher1-7/+11
This should give the password_hash module a chance to detect if the called was the cleartext password or not. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-11-06dsdb: Rename _res argument to _result.Jelmer Vernooij1-6/+6
Newer versions of heimdal include a macro that is unfortunately named '_res'. This change prevents the clash. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-09-01s4-dsdb: Remove unused variablesAndrew Bartlett1-3/+0
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 1 05:10:47 CEST 2012 on sn-devel-104
2012-09-01s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_contextAndrew Bartlett1-2/+0
This was found based on a log provided by Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Thanks Ricky! Andrew Bartlett
2012-08-14s4-dsdb: Use samdb_dn_is_our_ntdsa()Andrew Bartlett1-14/+3
This uses a GUID based comparison, and avoids re-fetching the samdb_ntds_settings_dn each time. Andrew Bartlett
2012-08-14s4-dsdb: Add samdb_dn_is_our_ntdsa()Andrew Bartlett1-0/+25
This is like samdb_reference_dn_is_our_ntdsa but without the attribute de-reference. Andrew Bartlett
2012-08-14s4-dsdb: Use samdb_reference_dn_is_our_ntdsa()Andrew Bartlett1-35/+4
2012-08-14s4-dsdb: Add helper function samdb_reference_dn_is_our_ntdsa()Andrew Bartlett1-1/+39
We often want to know if we own an FSMO role (for example). This tries to be more efficient by comparing the GUID, rather than the string DN, as this does not need to be re-fetched each time. Andrew Bartlett
2012-08-14s4-dsdb: Use ldb_dn_copy() rather than talloc_reference()Andrew Bartlett1-1/+1
As the normal case (outside provision) uses a copy, this avoids a case where a caller might modify a global variable accidentily. As suggested by metze. Andrew Bartlett
2012-08-14s4-libnet: Improve debugging of libnet_BecomeDC LDAP errorsAndrew Bartlett1-0/+2
2012-08-14s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dnAndrew Bartlett1-10/+18
As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
2012-08-14s4-dsdb: Add constAndrew Bartlett1-4/+4
2012-06-27s4-dsdb when setting DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID make it ↵Andrew Bartlett1-1/+7
non-critical
2012-04-29s4:dsdb/common/util.c - samdb_is_pdc() - fail if the "fSMORoleOwner" ↵Matthias Dieter Wallnöfer1-1/+5
attribute has not been set
2012-03-20Move NS_GUID_string and NS_GUID_from_string to dsdb-common.Jelmer Vernooij1-0/+52
2012-02-25s4-lib: Remove unused samdb_msg_set_value()Ricky Nance1-15/+0
Found by callcatcher. Ricky Nance
2012-02-25s4-lib: Remove unused samdb_msg_set_string()Ricky Nance1-15/+0
Found by callcatcher. Ricky Nance
2012-02-25s4-lib: Remove unused samdb_msg_set_int()Ricky Nance1-15/+0
Found by callcatcher Ricky Nance
2012-01-24dsdb: Allow DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID to be specified as a flagAndrew Bartlett1-0/+7
2011-12-09s4:dsdb/common/util.c - test LDB result against LDB_SUCCESS as we are always ↵Matthias Dieter Wallnöfer1-1/+1
doing Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Dec 9 12:00:03 CET 2011 on sn-devel-104
2011-11-18dsdb: Fix the password expiry calculationAmitay Isaacs1-1/+1
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if pwdLastSet = null, or pwdLastSet = 0, or (maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
2011-10-04s4-dsdb: fixed re-join of subdomainAndrew Tridgell1-3/+4
if we repeat the join of a subdomain then we try to re-create the NC for the subdomain during a DsAddEntry(). This allows that re-creation to succeed if the NC already exists
2011-10-04s4-dsdb: simplify samdb_is_gc()Andrew Tridgell1-28/+2
we already have a function for returning the NTDS options
2011-10-04s4-dsdb: added new control DSDB_MODIFY_PARTIAL_REPLICAAndrew Tridgell1-0/+66
this control tells the partition module that the DN being created is a partial replica, so it should modify the @PARTITION object to add the partialReplica attribute Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-22s4-dsdb: added NO_GLOBAL_CATALOG controlAndrew Tridgell1-1/+10
this control is used to ask samdb to not return searches with a basedn in partial repica partitions, which is needed to support the difference between a search on the 3268 GC ldap port and the non-GC 389 port
2011-09-22s4-dsdb: failing to find the object is not an error in dsdb_loadreps()Andrew Tridgell1-3/+8
we may not have replicated the partition yet, so this should be considered the same as having no repsFrom/repsTo
2011-09-08s4-dsdb: fixed compiler warningAndrew Tridgell1-1/+1
sid can be const Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-25s4-dsdb: added samdb_ntds_msdcs_dns_name()Andrew Tridgell1-2/+37
this gets the DNS name for a NTDS GUID, based on the forest DNS name Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-25s4-dsdb: added samdb_dn_to_dns_domain()Andrew Tridgell1-0/+36
this converts a DC into the equivalent DNS domain. It is used when forming t_msdcs NTDS DNS names Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-25s4-dsdb: assert that base DNs are used correctlyAndrew Tridgell1-0/+3
this will catch future programmer errors with incorrect base DNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-13s4-dsdb Add flag to set DSDB_BYPASS_PASSWORD_HASH controlAndrew Bartlett1-0/+8
2011-08-12s4-dsdb: don't cache the NTDS settings DNAndrew Tridgell1-9/+8
this DN can change due to a server rename, so we cannot cache it. It is set by provision, but not anywhere else. This seems to not have a large performance impact Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-04s4-dsdb: fixed a warning on dsdb_delete()Andrew Tridgell1-1/+1
struct ldb_dn is never const Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-04s4-dsdb: make requests for STORAGE_FORMAT control non-criticalAndrew Tridgell1-1/+1
this allows us to use dsdb_module_dn_by_guid() from levels below the extended_dn_out module Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-07-21s4-dsdb: added dsdb_delete() functionAndrew Tridgell1-0/+30
this gives us a delete function that takes the standard set of dsdb flags Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-14Standalone samdb_ntds_site_settings_options() helperDave Craft1-0/+48
A helper function for retrieving the ntds site settings via standalone function call. Used within KCC Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-06-10s4-drs: cope with missing RMD_ADDTIME in linked attributesAndrew Tridgell1-1/+1
upgraded links can be missing the RMD_ADDTIME field
2011-05-03s4-socket: rename allow_access() to socket_allow_access()Andrew Tridgell1-1/+1
this prevents a symbol collision with s3 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-04-04s4-dsdb: added a ldb err -> NTSTATUS mappingAndrew Tridgell1-0/+78
this is not perfect, but its better than always giving NT_STATUS_UNSUCCESSFUL in our RPC servers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-03-04s4/ldb - remove now superflous "ldb_dn_validate" checksMatthias Dieter Wallnöfer1-2/+2
If we immediately afterwards perform an LDB base operation then we don't need an explicit "ldb_dn_validate" check anymore (only OOM makes sense). Reviewed by: Tridge
2011-03-01s4:dsdb - always handle the attribute "options" as 32bit unsigned integerMatthias Dieter Wallnöfer1-2/+3
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as 64-bit integer. Reviewed by: Kamenim and Metze Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104
2011-03-01s4:dsdb/common/util.c - remove "samdb_find_or_add_value"Matthias Dieter Wallnöfer1-8/+0
This isn't used anymore. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01s4:dsdb/common/util.c - fully remove "samdb_msg_add_string"Matthias Dieter Wallnöfer1-18/+3
This isn't needed anymore and will be substituted by "ldb_msg_add_string". Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-03-01s4:remove many invocations of "samdb_msg_add_string"Matthias Dieter Wallnöfer1-2/+2
This call can be substituted by "ldb_msg_add_string". We only need to be careful on local objects or talloc'ed ones which live shorter than the message. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2024-07-10 00:03:37 +0000