summaryrefslogtreecommitdiff
path: root/source4/dsdb/common
AgeCommit message (Collapse)AuthorFilesLines
2008-03-13Don't search the whole tree for the domains's sidAndrew Bartlett1-4/+18
This change removes a dependency on objectclass=domainDNS, and avoids a subtree search when we really know exactly where this record is. Andrew Bartlett (This used to be commit 52947fc0c019e57438a21e54953601b6cc08eb49)
2008-03-13Rework to have member server 'domains' be CN=NETBIOSNAMEAndrew Bartlett1-1/+1
This reworks quite a few parts of our provision system to use CN=NETBIOSNAME as the domain for member servers. This makes it clear that these domains are not in the DNS structure, while complying with our own schema (found by OpenLDAP's schema validation). Andrew Bartlett (This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402)
2008-03-07Treat maxPwdAge == 0 as passwords never expire.Andrew Kroeger1-1/+1
(This used to be commit d28f2cb678b334086f601505c88e56b9c1ee559d)
2008-03-07Add samdb_result_account_expires() function.Andrew Kroeger1-0/+24
Windows uses 2 different values to indicate an account doesn't expire: 0 and 9223372036854775807 (0x7FFFFFFFFFFFFFFFULL). This function looks up the value of the accountExpires attribute and if the value is either value indicating the account doesn't expire, 0x7FFFFFFFFFFFFFFFULL is returned. This simplifies the tests for account expiration. There is no need to check elsewhere in the code for both values, therefore a simple greater-than expression can be used. (This used to be commit 7ce5575a3a40cca4a45ec179a153f7e909065a87)
2008-02-29Fix typo.Jelmer Vernooij1-1/+1
(This used to be commit 2b408e9ed4caf14e1ac047fd76127a5c979e5177)
2008-02-29Simplify the 'password must change' logicAndrew Bartlett1-22/+17
This takes the previous patches further, so we catch all the cases (the KDC looked at the time directly). Andrew Bartlett (This used to be commit cda4642a937d249399e25eaa6e5e20a0d440bcbf)
2008-02-28Generate ACB_PW_EXPIRED correctlyAndrew Bartlett1-4/+30
More correctly handle expired passwords, and do not expire machine accounts. Test that the behaviour is consistant with windows, using the RPC-SAMR test. Change NETLOGON to directly query the userAccountControl, just because we don't want to do the extra expiry processing here. Andrew Bartlett (This used to be commit acda1f69bc9b9c43e157e254d0bae54d11363661)
2008-02-05sidmap: Some source code cleanups.Kai Blin1-10/+12
(This used to be commit 16466b543bf8dd35bc79a030696f78598ca82f54)
2008-01-06r26679: It is very bad to free the ldb handle when you didn't create it...Andrew Bartlett1-1/+1
(My bad when copying this code into samdb_is_gc()). Andrew Bartlett (This used to be commit b4a95a89853a0ebd75b39f01bbdbf82e05e97bd7)
2008-01-03r26648: Move detection of global catalog captability to a central function, soAndrew Bartlett1-0/+36
this can be shared with the CLDAP server (for the netlogon reply). Andrew Bartlett (This used to be commit 592c10ae11c94007e38404a7edea9fd8471f1907)
2008-01-01r26639: librpc: Pass iconv convenience on from RPC connection to NDR ↵Jelmer Vernooij1-2/+2
library, so it can be overridden by OpenChange. (This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
2008-01-01r26638: libndr: Require explicitly specifying iconv_convenience for ↵Jelmer Vernooij1-1/+4
ndr_struct_push_blob(). (This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
2007-12-21r26483: Merge ldb module dependency fixes, fix auth python module.Jelmer Vernooij1-0/+1895
(This used to be commit 85eeecf997a071ca7e7ad0247e8d34d49b7ffcbb)
2007-12-21r26324: Fix includes for Jelmer.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 8089283784993cfe14c343746be77790c74c2b78)
2007-12-21r26319: Split encoding functions out of libcli_ldap.Jelmer Vernooij1-1/+2
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
2007-12-21r26252: Specify loadparm_context explicitly when creating sessions.Jelmer Vernooij1-1/+1
(This used to be commit 7280c1e9415daabb2712db1372e23f9846272ede)
2007-12-21r26228: Store loadparm context in auth context, move more loadparm_contexts ↵Jelmer Vernooij1-2/+2
up the call stack. (This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
2007-12-21r26227: Make loadparm_context part of a server task, move loadparm_contexts ↵Jelmer Vernooij1-1/+2
further up the call stack. (This used to be commit 0721a07aada6a1fae6dcbd610b8783df57d7bbad)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-10-10r25553: Convert to standard bool type.Jelmer Vernooij1-11/+11
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
2007-10-10r25531: Merge GTYPE_SECURITY_UNIVERSAL_GROUP from samba3.Günther Deschner1-0/+5
Guenther (This used to be commit 5c9d755f52c8fffe93efd9543a1381a3a06ef8f9)
2007-10-10r25194: A major rework of the Samba4 LSA LookupNames and LookupSids code, withAndrew Bartlett1-5/+8
a new torture suite to match. This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de> Previously we had no knowlege of BUILTIN or well-known names. This code needs expansion to check with winbind for trusted domains. Andrew Bartlett (This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
2007-10-10r24648: Found out the meaning of a few more flags.Andrew Bartlett1-2/+2
(This used to be commit 6bdebc3cfdf13358bbb610af2a7f9889b4f885cb)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell3-9/+6
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r22196: give better error codes to make RPC-UNIXINFO passStefan Metzmacher1-6/+6
metze (This used to be commit 0096e068d02b5e09fed94373a7018ec0a58fb6d6)
2007-10-10r21772: add DS_BEHAVIOR_WIN2003_INTERIM constantStefan Metzmacher1-2/+3
metze (This used to be commit 59fffa7ba148a082d0cf13226d0577b3fcd7b5ad)
2007-10-10r20028: fix typosStefan Metzmacher1-1/+1
metze (This used to be commit 72f5e0f7ee327933acf3148fbc72d31d7ad1b040)
2007-10-10r20027: restore instanceType and systemFlags values, which got lost inStefan Metzmacher1-0/+22
http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/branches/SAMBA_4_0/source/dsdb/common/flags.h?p1=branches%2FSAMBA_4_0%2Fsource%2Finclude%2Fads.h&rev=17930&r1=15511&r2=17930 metze (This used to be commit 5da9dedece20ca21c0395fdcdffddff5948f7dc5)
2007-10-10r19441: work in progress support for NFS4 ACLs in Samba4 on Linux. Still workAndrew Tridgell1-0/+41
to do, particularly with getting the detailed bit mappings right, and on sid mapping. Does not pass RAW-ACLS yet (This used to be commit b92553481b534d0ef5277dbfe8c0d64a03f819eb)
2007-10-10r17967: Somewhere along the line we lost unixName here, and so lost theAndrew Bartlett1-1/+1
ability for 'administrator' to log in as unix user 'root'. Andrew Bartlett (This used to be commit 221efba5289b8bbb54b770c556f19bfbdc9ee216)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij3-2/+99
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r17823: get rid of most of the samdb_base_dn() calls, as they are no longerAndrew Tridgell1-7/+6
needed in searches (This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
2007-10-10r17504: Do not use the invented unixID but use the rfc2307 uidNumber and ↵Simo Sorce1-13/+13
gidNumber attributes instead Do not change unixName right now, we don't have an attribute to use in the posixGroup class, and I think we should remove its usage altogether and look up users and groups by their uid/gid only. Simo. (This used to be commit d57b521aadf24a277152ec1ff1dac3210bd14316)
2007-10-10r16833: Add a base DN to more search calls, we need to look for an ID over theAndrew Bartlett1-5/+5
whole tree here. Andrew Bartlett (This used to be commit 7674306e673341513d26556a845a698a28dec92b)
2007-10-10r15328: Move some functions around, remove dependencies.Jelmer Vernooij1-2/+1
Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2007-10-10r15076: give the correct return codeStefan Metzmacher1-2/+2
metze (This used to be commit 92a06638126b0565c0aec45862c549ef91e7212b)
2007-10-10r14964: - move sidmap code from ntvfs_common to SAMDBStefan Metzmacher1-0/+566
- make ntvfs_common a library - create sys_notify library metze (This used to be commit a3e1d56cf7b688c515f5d6d4d43e0b24c2261d15)
2007-10-10r14637: Extend the ACB -> userParameters flag mapping based on the ovbious ↵Andrew Bartlett1-1/+9
connections. Andrew Bartlett (This used to be commit 3e9e505e9e5b72dddccb548d17a5f02785d3a2e1)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-1/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14442: the ACB_ flags are 32 bit...Stefan Metzmacher1-4/+4
metze (This used to be commit a653ebd15da09a7e085338400925a6bbeb3cb316)
2007-10-10r5309: removed ads.h from includes.hAndrew Tridgell1-0/+1
(This used to be commit 196c45b834c39f293b9533cec5cfe5a77382d4e2)
2007-10-10r4568: make use of SidType and move it to lsa.idlStefan Metzmacher1-1/+1
metze (This used to be commit c2523adc0a0807979fb21b8ba77d556bac82e435)
2007-10-10r4096: move the samdb code to source/dsdb/Stefan Metzmacher1-0/+135
the idea is to have a directory service db layer which will be used by the ldap server, samr server, drsuapi server authentification... I plan to make different implementations of this interface possible - current default will be the current samdb code with sam.ldb - a compat implementation for samba3 (if someone wants to write one) - a new dsdb implementation which: - understands naming contexts (directory parrtitions) - do schema and acl checking checking - maintain objectGUID, timestamps and USN number, maybe linked attributes ('member' and 'memberOf' attributes) - store metadata on a attribute=value combination... metze (This used to be commit 893a8b8bca2f020fbbe6f469aaa8dd4478249eb8)