Age | Commit message (Collapse) | Author | Files | Lines |
|
Modification to periodic and explicit invocation
paths of the KCC topology generation code. Managed
via samba_runcmd_send() API. The samba_kcc script
is invoked if (kccsrv:samba_kcc = true) appears in smb.conf
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
when we are a global catalog server, the KCC needs to add partial
replicas for all domain partitions that we don't have copies of
|
|
we need to base this DNS name on the forest DNS name for multi-domain
support
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
|
|
We need the ability to utilize this function in a different
manner. KCC intra-site topology has already vetted the
replica as being appropriate to produce a repsFrom from.
We do not want kccsrv_add_repsFrom() to produce further
checking as was the case for simple topology. Thus if
we pass a NULL (res) parameter this extra check will
be skipped.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
kccsrv_replica_flags() and
kccsrv_add_repsFrom() need to be available to functions
outside kcc_periodic.c
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
see the description of this flag in [MS-DRSR]
|
|
|
|
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
if our calculated replica_flags doesn't match the ones in our repsFrom
then update it
Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
|
repsTo is set by other DCs, when they ask to be notified about changes
in a partition
|
|
use a rodc flag on the service instead of calling samdb_rodc each time
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
metze
|
|
|
|
At present we only support v1 structures (Win2k3 and earlier),
so it is good to make it obvious.
In case we start supporting v2 we will be able to notice this
function should be refactored right away
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
We are counting LDB objects here -> therefore "unsigned"
|
|
This is based on the documentation: "the KCC will automatically create
the Reps-To attributes on destination DSAs based on other DSAs
Reps-From entries."
|
|
use hasMasterNCs to see what NCs we should be pulling from each DC
|
|
|
|
The upper limits are unsigned variables therefore also the counter variables
need to be like that.
|
|
The documentation shows that all these functions in fact use the same
flags variable type. To be consistent between functions, and to allow
easy reference to the WSPP docs, it is better for us to also use this
generic DrsOptions bitfield rather than one per operations.
|
|
we check for deleted objects in each partition every 10 minutes, using
onelevel searches
|
|
the nTDSConnection objects that are not needed anymore will be deleted.
the function kccsrv_delete_connection wasn't tested yet.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
create nTDSConnection objects to match the list of servers
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc().
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
|
|
We were re-using a stack variable outside of the stack scope
|
|
|
|
When one of our core tasks fails to initialise it can now ask for the
server as a whole to die, rather than limping along in a degraded
state.
|
|
If we already have a repsFrom for a particular DC and naming context
then we should not overwrite it, as it contains info on what
replication we've already done
|
|
A KCC is a 'Knowledge Consistency Checker', a fancy name for a daemon
that works out who will replicate with who in a AD domain. This
implements an extremely simple KCC task that just wants to replicate
with everyone :-)
|