Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-10-03 | s4:dsdb - substitute the "show_deleted" with the "show_recycled" control | Matthias Dieter Wallnöfer | 1 | -3/+6 | |
We intend to see always all objects with the "show_deleted" control specified. To see also recycled objects (beginning with 2008_R2 function level) we need to use the new "show_recycled" control. As far as I see this is only internal code and therefore we don't run into problems if we do substitute it. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-10-03 | s4:dsdb/common/util.c - introduce "DSDB_SEARCH_SHOW_RECYCLED" flag | Matthias Dieter Wallnöfer | 2 | -0/+8 | |
This is needed since starting with 2008_R2 function level we get another type of hidden objects which aren't seen by the "show_deleted" control: recycled objects. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-10-03 | s4:dsdb_dn_val_rmd_flags - memmem - scan the whole string for occourences | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Do this as in "dsdb_dn_is_upgraded_link_val". There is really no reason to truncate before search. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 3 10:45:39 UTC 2010 on sn-devel-104 | |||||
2010-10-01 | s4-dsdb: added dsdb_search_by_dn_guid() | Andrew Tridgell | 1 | -0/+26 | |
this is more efficient than first searching for the DN, then doing a search. We should look at using this in lots of existing code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-30 | s4-dsdb: silence the domainFunctionality not setup warning | Andrew Tridgell | 1 | -1/+2 | |
2010-09-28 | s4-drs: moved the drs_ObjectIdentifier handling to dsdb_dn.c | Andrew Tridgell | 1 | -0/+42 | |
this will be used outside of the drs server. This also fixes the handling of the ndr_size elements of the drs_ObjectIdentifier | |||||
2010-09-28 | s4-dsdb: adapted check_access_on_dn for use in drs. | Nadezhda Ivanova | 1 | -9/+10 | |
2010-09-29 | s4-dsdb Add ldb_reset_err_string() when we set error codes. | Andrew Bartlett | 1 | -0/+3 | |
If we don't we could show an old, incrorrect error | |||||
2010-09-29 | s4-dsdb Make samdb_reference_dn() use dsdb_search() and DSDB_SEARCH_ONE_ONLY | Andrew Bartlett | 1 | -7/+8 | |
This simplifies the function. While doing so, also change the error string setting to set a really clear error string for the failure to find and failure to parse cases. Andrew Bartlett | |||||
2010-09-27 | s4-dsdb: added samdb_find_site_for_computer() and ↵ | Andrew Tridgell | 1 | -0/+57 | |
samdb_find_ntdsguid_for_computer() these will be used by the new RODC dns update code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-26 | s4-dsdb: A helper to determine if an attribute is part of the search filter | Nadezhda Ivanova | 1 | -0/+46 | |
2010-09-24 | s4:dsdb/common/util_samr.c - remove the primary group specifications | Matthias Dieter Wallnöfer | 1 | -4/+0 | |
Now also the primary group detection/change on modify operations does work Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-20 | s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test | Anatoliy Atanasov | 1 | -0/+21 | |
2010-09-20 | s4/fsmo: Create separate function for retrieving fsmo role dn and owner dn. | Anatoliy Atanasov | 1 | -0/+72 | |
This functionality is needed for DsCrackNames ListRoles command also. | |||||
2010-09-13 | s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
LDAP filters This makes also lookups through special backends as "samba3sam" work. | |||||
2010-09-13 | s4:cosmetic - the SID attribute is called objectSid - not objectSID | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
2010-09-12 | Revert "s4:util_samr.c - also here we've now the default primaryGroupID ↵ | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
detection working" This reverts commit 7e9e35db4126f953e8a2579d992c63b274011119. Sorry, the logic is working differently here. We do still need this. | |||||
2010-09-12 | s4:util_samr.c - also here we've now the default primaryGroupID detection ↵ | Matthias Dieter Wallnöfer | 1 | -4/+1 | |
working | |||||
2010-09-11 | s4:ldb_register_samba_handlers - fix up and convert result codes to LDB/LDAP ↵ | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
results | |||||
2010-09-05 | dsdb: make the ATTRIBUTE NOT FOUND more clear | Matthieu Patou | 1 | -0/+2 | |
2010-08-20 | s4-dsdb: fixed dsdb_get_extended_dn_sid() | Andrew Tridgell | 1 | -1/+1 | |
it should honor the component_name Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-20 | s4-drs: implement RODC attribute filtering override | Andrew Tridgell | 1 | -15/+29 | |
When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functions | Kamen Mazdrashki | 1 | -1/+5 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functions | Kamen Mazdrashki | 1 | -1/+5 | |
2010-08-17 | s4:samdb_set_password/samdb_set_password_sid - make more arguments "const" | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
2010-08-17 | s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support ↵ | Matthias Dieter Wallnöfer | 1 | -13/+27 | |
the password change control And introduce parameters to pass the old password hashes. | |||||
2010-08-17 | s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash. | |||||
2010-08-17 | s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages | Andrew Tridgell | 1 | -3/+3 | |
The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-16 | s4:samdb_set_password_sid - fix comment | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
Add more possible result NTSTATUS codes | |||||
2010-08-15 | s4:samdb_set_password - fix formatting | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
(Sorry, I've overseen this) | |||||
2010-08-15 | s4:samdb_set_password - implement the extended LDAP error code detection | Matthias Dieter Wallnöfer | 1 | -9/+17 | |
2010-08-14 | s4:samdb_set_password - return "NT_STATUS_WRONG_PASSWORD" when a user ↵ | Matthias Dieter Wallnöfer | 1 | -0/+2 | |
account doesn't exist This is for the (SAMR) account detection protection mechanism. | |||||
2010-08-10 | s4:dsdb/common/util.c - provide a call which returns the forest function level | Matthias Dieter Wallnöfer | 1 | -2/+15 | |
Sooner or later we'll need this too since not all operations depend only on the current's domain function level (see the MS-ADTS docs). | |||||
2010-08-10 | s4:dsdb/common/util.c - use LDB constants whenever possible | Matthias Dieter Wallnöfer | 1 | -8/+8 | |
2010-08-07 | s4:dsdb/common/util.c - add a function "dsdb_add" | Matthias Dieter Wallnöfer | 1 | -0/+30 | |
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 1 | -2/+2 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-07 | s4-dsdb: use ldb_operr() in the dsdb code | Andrew Tridgell | 2 | -47/+52 | |
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error. | |||||
2010-07-06 | s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is ↵ | Matthias Dieter Wallnöfer | 1 | -3/+9 | |
"-1" we shouldn't force a password change This value is set by the ADUC console. | |||||
2010-06-28 | Implementation of self membership validated right. | Nadezhda Ivanova | 1 | -0/+31 | |
When this right is granted, the user can add or remove themselves from a group even if they dont have write property right. | |||||
2010-06-21 | s4:dsdb_load_partition_usn - free the right memory context (tmp_ctx) | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-06-20 | s4:dsdb - add a new dsdb delete function which understands the tree delete ↵ | Matthias Dieter Wallnöfer | 2 | -2/+9 | |
control | |||||
2010-06-16 | s4:dsdb Add control for signaling between repl_meta_data and linked_attributes | Andrew Bartlett | 1 | -0/+1 | |
This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett | |||||
2010-06-15 | s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. | Andrew Bartlett | 1 | -2/+2 | |
Andrew Bartlett | |||||
2010-06-06 | s4:dsdb/common/util.c - provide a better implementation of the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+90 | |
"samdb_msg_add_(add/del)val" calls This supports now also coexisting add and delete message elements with the same attribute name. | |||||
2010-05-31 | s4:dsdb_load_udv_v1 - "uint32_t" counter type fits better than "unsigned int" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-30 | s4:dsdb/common/util.c - fix a counter variable | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-24 | s4:dsdb_enum_group_mem - use "unsigned" counters | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
"size_t" counters aren't really needed here (we don't check data lengths). And we save the result in a certain "num_sids" variable which is of type "unsigned". | |||||
2010-05-24 | s4:dsdb_lookup_rids - "unsigned" counters fit better than "signed" in this case | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-05-24 | s4:dsdb_add_user - check the "cn"/"account_name" length (should be >= 1) | Matthias Dieter Wallnöfer | 1 | -7/+12 | |
This needed by the "cn_name_len"-1 accesses. And use a "size_t"-typed variable for storing it (length specificators should always be stored using "size_t" variables). | |||||
2010-05-24 | s4:samr Push most of samr_LookupRids into a helper function | Andrew Bartlett | 1 | -0/+66 | |
This is a rewrite of the lookup_rids code, using a query based on the extended DN for a clearer interface. By splitting this out, the logic is able to be shared, rather than copied, into a passdb wrapper. Andrew Bartlett |