Age | Commit message (Collapse) | Author | Files | Lines |
|
This change removes a dependency on objectclass=domainDNS, and avoids
a subtree search when we really know exactly where this record is.
Andrew Bartlett
(This used to be commit 52947fc0c019e57438a21e54953601b6cc08eb49)
|
|
This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.
This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema
validation).
Andrew Bartlett
(This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402)
|
|
(This used to be commit d28f2cb678b334086f601505c88e56b9c1ee559d)
|
|
Windows uses 2 different values to indicate an account doesn't expire: 0 and
9223372036854775807 (0x7FFFFFFFFFFFFFFFULL).
This function looks up the value of the accountExpires attribute and if the
value is either value indicating the account doesn't expire,
0x7FFFFFFFFFFFFFFFULL is returned.
This simplifies the tests for account expiration. There is no need to check
elsewhere in the code for both values, therefore a simple greater-than
expression can be used.
(This used to be commit 7ce5575a3a40cca4a45ec179a153f7e909065a87)
|
|
(This used to be commit 2b408e9ed4caf14e1ac047fd76127a5c979e5177)
|
|
This takes the previous patches further, so we catch all the cases
(the KDC looked at the time directly).
Andrew Bartlett
(This used to be commit cda4642a937d249399e25eaa6e5e20a0d440bcbf)
|
|
More correctly handle expired passwords, and do not expire machine accounts.
Test that the behaviour is consistant with windows, using the RPC-SAMR test.
Change NETLOGON to directly query the userAccountControl, just because
we don't want to do the extra expiry processing here.
Andrew Bartlett
(This used to be commit acda1f69bc9b9c43e157e254d0bae54d11363661)
|
|
(This used to be commit 16466b543bf8dd35bc79a030696f78598ca82f54)
|
|
(My bad when copying this code into samdb_is_gc()).
Andrew Bartlett
(This used to be commit b4a95a89853a0ebd75b39f01bbdbf82e05e97bd7)
|
|
this can be shared with the CLDAP server (for the netlogon reply).
Andrew Bartlett
(This used to be commit 592c10ae11c94007e38404a7edea9fd8471f1907)
|
|
library, so it can be overridden by OpenChange.
(This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
|
|
ndr_struct_push_blob().
(This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
|
|
(This used to be commit 85eeecf997a071ca7e7ad0247e8d34d49b7ffcbb)
|
|
Andrew Bartlett
(This used to be commit 8089283784993cfe14c343746be77790c74c2b78)
|
|
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
|
|
(This used to be commit 7280c1e9415daabb2712db1372e23f9846272ede)
|
|
up the call stack.
(This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
|
|
further up the call stack.
(This used to be commit 0721a07aada6a1fae6dcbd610b8783df57d7bbad)
|
|
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
|
|
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
|
|
Guenther
(This used to be commit 5c9d755f52c8fffe93efd9543a1381a3a06ef8f9)
|
|
a new torture suite to match.
This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de>
Previously we had no knowlege of BUILTIN or well-known names.
This code needs expansion to check with winbind for trusted domains.
Andrew Bartlett
(This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
|
|
(This used to be commit 6bdebc3cfdf13358bbb610af2a7f9889b4f885cb)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
metze
(This used to be commit 0096e068d02b5e09fed94373a7018ec0a58fb6d6)
|
|
metze
(This used to be commit 59fffa7ba148a082d0cf13226d0577b3fcd7b5ad)
|
|
metze
(This used to be commit 72f5e0f7ee327933acf3148fbc72d31d7ad1b040)
|
|
http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/branches/SAMBA_4_0/source/dsdb/common/flags.h?p1=branches%2FSAMBA_4_0%2Fsource%2Finclude%2Fads.h&rev=17930&r1=15511&r2=17930
metze
(This used to be commit 5da9dedece20ca21c0395fdcdffddff5948f7dc5)
|
|
to do, particularly with getting the detailed bit mappings right, and
on sid mapping. Does not pass RAW-ACLS yet
(This used to be commit b92553481b534d0ef5277dbfe8c0d64a03f819eb)
|
|
ability for 'administrator' to log in as unix user 'root'.
Andrew Bartlett
(This used to be commit 221efba5289b8bbb54b770c556f19bfbdc9ee216)
|
|
* Move dlinklist.h, smb.h to subsystem-specific directories
* Clean up ads.h and move what is left of it to dsdb/
(only place where it's used)
(This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
|
|
needed in searches
(This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
|
|
gidNumber attributes instead
Do not change unixName right now, we don't have an attribute to use in the posixGroup class,
and I think we should remove its usage altogether and look up users and groups by their uid/gid only.
Simo.
(This used to be commit d57b521aadf24a277152ec1ff1dac3210bd14316)
|
|
whole tree here.
Andrew Bartlett
(This used to be commit 7674306e673341513d26556a845a698a28dec92b)
|
|
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
|
|
metze
(This used to be commit 92a06638126b0565c0aec45862c549ef91e7212b)
|
|
- make ntvfs_common a library
- create sys_notify library
metze
(This used to be commit a3e1d56cf7b688c515f5d6d4d43e0b24c2261d15)
|
|
connections.
Andrew Bartlett
(This used to be commit 3e9e505e9e5b72dddccb548d17a5f02785d3a2e1)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
metze
(This used to be commit a653ebd15da09a7e085338400925a6bbeb3cb316)
|
|
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
|
|
metze
(This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
|
|
the idea is to have a directory service db layer
which will be used by the ldap server, samr server, drsuapi server
authentification...
I plan to make different implementations of this interface possible
- current default will be the current samdb code with sam.ldb
- a compat implementation for samba3 (if someone wants to write one)
- a new dsdb implementation which:
- understands naming contexts (directory parrtitions)
- do schema and acl checking checking
- maintain objectGUID, timestamps and USN number,
maybe linked attributes ('member' and 'memberOf' attributes)
- store metadata on a attribute=value combination...
metze
(This used to be commit 893a8b8bca2f020fbbe6f469aaa8dd4478249eb8)
|