Age | Commit message (Collapse) | Author | Files | Lines |
|
This control is exactly thought for the actions which previously were performed
using the RELAX one.
We agreed that the RELAX control will only remain for interactions with OpenLDAP.
|
|
This will happen on an OpenLDAP backend, because @ records are invalid in LDAP.
We don't have these sequence numbers in this case.
Andrew Bartlett
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
"samdb_msg_add_uint", "samdb_msg_add_uint64" and "samdb_msg_set_uint" a bit more
Unsigned int data in AD is a bit problematic to handle. Problem described by
abartlet.
|
|
"samdb_msg_add_string"
"ldb_msg_add_string" is safe here since the integer has already been converted
to a string which is "talloc"ed on "mem_ctx".
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Oct 15 09:11:49 UTC 2010 on sn-devel-104
|
|
"samdb_msg_add_string"
|
|
|
|
need to be duplicated
This is done internally by the LDB library - look at "ldb_msg_add_empty".
|
|
This can be substituted by "ldb_msg_add_value".
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Oct 15 00:21:53 UTC 2010 on sn-devel-104
|
|
"samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This includes dom_sid.h and security_token.h and will be moved
to the top level shortly.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
|
|
|
|
SAMDB_COMMON and DSDB_MODULE_HELPERS.
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Oct 7 07:40:31 UTC 2010 on sn-devel-104
|
|
They will be used by the samldb LDB module
|
|
Use it only in conjunction with the DELETE one to allow the functions to work
also against Windows < 2008R2. This is really important for the vampire
operation.
Also mark the RECYCLED control as non-critical (so that it's simply ignored by
older Windows'es).
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 4 16:10:11 UTC 2010 on sn-devel-104
|
|
We intend to see always all objects with the "show_deleted" control specified.
To see also recycled objects (beginning with 2008_R2 function level) we need to
use the new "show_recycled" control.
As far as I see this is only internal code and therefore we don't run into
problems if we do substitute it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This is needed since starting with 2008_R2 function level we get another type
of hidden objects which aren't seen by the "show_deleted" control: recycled
objects.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Do this as in "dsdb_dn_is_upgraded_link_val". There is really no reason to
truncate before search.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 3 10:45:39 UTC 2010 on sn-devel-104
|
|
this is more efficient than first searching for the DN, then doing a
search. We should look at using this in lots of existing code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
this will be used outside of the drs server.
This also fixes the handling of the ndr_size elements of the
drs_ObjectIdentifier
|
|
|
|
If we don't we could show an old, incrorrect error
|
|
This simplifies the function. While doing so, also change the error
string setting to set a really clear error string for the failure to find
and failure to parse cases.
Andrew Bartlett
|
|
samdb_find_ntdsguid_for_computer()
these will be used by the new RODC dns update code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Now also the primary group detection/change on modify operations does work
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This functionality is needed for DsCrackNames ListRoles command also.
|
|
LDAP filters
This makes also lookups through special backends as "samba3sam" work.
|
|
|
|
detection working"
This reverts commit 7e9e35db4126f953e8a2579d992c63b274011119.
Sorry, the logic is working differently here. We do still need this.
|
|
working
|
|
results
|
|
|
|
it should honor the component_name
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
When a RODC uses extended getncchanges operation
DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to
replicate the secret attributes.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
the password change control
And introduce parameters to pass the old password hashes.
|
|
Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards
contain a record with the specified old password as NT and/or LM hash.
|
|
The flags field of message elements is part of a set of flags. We had
LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely
being used (only 1 call used it correctly). This adds
LDB_FLAG_MOD_MASK() to make it more obvious what is going on.
This will allow us to use some of the other flags bits for internal
markers on elements
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Add more possible result NTSTATUS codes
|
|
(Sorry, I've overseen this)
|
|
|
|
account doesn't exist
This is for the (SAMR) account detection protection mechanism.
|
|
Sooner or later we'll need this too since not all operations depend only on the
current's domain function level (see the MS-ADTS docs).
|