summaryrefslogtreecommitdiff
path: root/source4/dsdb/repl
AgeCommit message (Collapse)AuthorFilesLines
2010-11-08s4-drs: reduce verbosity of dreplsrv_out_connection_attachAndrew Tridgell1-2/+2
2010-11-08s4-dsdb Explain why we may not use the GC name in some situations.Andrew Bartlett1-0/+8
This delicate balance caused us a bit of a puzzle when we could not work out why an DC join failed with the new python scripts. Andrew Bartlett
2010-11-08s4-repl: fixed replication notifications to RODCsAndrew Tridgell3-7/+58
We need a separate source dsa list for RODCs, as they are not in the repsFrom for our partitions, but are in the repsTo. This adds a new 'notifies' list, which contains all the source dsas for the DCs that we should send notifies to, but which we don't replicate from Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 06:57:43 UTC 2010 on sn-devel-104
2010-11-08fixAndrew Tridgell2-4/+4
2010-11-05s4:dsdb/drepl_notify: reuse dreplsrv_notify_operation structuresStefan Metzmacher1-0/+22
Otherwise we'll requeue the same notify events on and on. (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies $8 = {prev = 0xe4cb30, next = 0x1a25440, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next $9 = {prev = 0x80e000, next = 0x1b7bf70, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next $10 = {prev = 0x1a25440, next = 0x1d0c310, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next $11 = {prev = 0x1b7bf70, next = 0x1ba1420, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next $12 = {prev = 0x1d0c310, next = 0x1c43510, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next $13 = {prev = 0x1ba1420, next = 0xed97b0, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next->next $14 = {prev = 0x1c43510, next = 0xe4ce80, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} We can reuse this operations, while they're not yet started. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Nov 5 07:15:04 UTC 2010 on sn-devel-104
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki1-1/+1
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-12libcli/security Use common security.hAndrew Bartlett2-2/+2
This includes dom_sid.h and security_token.h and will be moved to the top level shortly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-10samdb: Add flags argument to samdb_connect().Jelmer Vernooij1-1/+1
2010-10-10s4-dsdb-repl: Print what the error code for failure isKamen Mazdrashki1-1/+3
2010-10-01s4-repl: use the GC principal name for DRS replication connectionAndrew Tridgell3-6/+76
this is required when talking to RODCs (for notify calls), and is good practice for all DCs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-rodc: don't set SPECIAL_SECRET_PROCESSING on EXOP_REPL_SECRETAndrew Tridgell1-0/+3
otherwise we don't get the secrets! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-29s4-drepl: don't call UpdateRefs on a RODCAndrew Tridgell1-5/+11
we use the ADD_REF bit in getncchanges instead Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29s4-drepl: fixed the checking of replica_flags in the drepl serverAndrew Tridgell1-7/+0
we were incorrectly avoiding a getncchanges when WRIT_REP was not set Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-25s4-repl: use namingContexts from rootDSE to initialise partition listAndrew Tridgell1-53/+36
this is preferable to looking for the hasMasterNCs attribute on nTDSDSA objects.
2010-09-25s4-repl: force on WRIT_REP when we are a writable replicaAndrew Tridgell1-4/+3
this ensures we always mark ourselves as writeable when we are not an RODC
2010-09-25s4-repl: use dreplsrv_partition_source_dsa_by_guid to find source dsaAndrew Tridgell1-5/+6
this avoids a list walk in the calling code
2010-09-24s4:drepl_out_helpers.c - fix a counter typeMatthias Dieter Wallnöfer1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-20s4-drepl: use the partition UDV and hwm for extended getncchanges opsAndrew Tridgell3-28/+75
we find the NC root then load the uptodateness vector and highwater mark, if available, from there
2010-09-20s4/fsmo: Create separate function for retrieving fsmo role dn and owner dn.Anatoliy Atanasov1-54/+9
This functionality is needed for DsCrackNames ListRoles command also.
2010-09-19s4/fsmo: Naming master support addedAnatoliy Atanasov1-1/+2
Test suite for fsmo is extended with a test case for naming master too.
2010-09-18s4-drs: Check for schema changes only in case we are *not* applying Schema ↵Kamen Mazdrashki1-8/+19
replica This fixes the problem when we fail to replicate with a partner DC that has a newer Schema with attributeSchema objects with OIDs that we don't have in our local prefixMap.
2010-09-16s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} callsAndrew Tridgell2-0/+96
2010-09-16s4-repl: if we are an RODC don't set WRIT_REP in replicationAndrew Tridgell1-2/+7
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: add partial attribute set to getncchanges calls for RODCsAndrew Tridgell4-9/+67
when we are a RODC we must supply a partial attribute set in the getncchanges call Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: added min_usn to extended replication callAndrew Tridgell4-2/+9
the repl_secret code needs to set it to avoid too many duplicate attributes Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: added repl_secret handling Andrew Tridgell1-1/+97
initiate a repl secret extended op when requested Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: cleanup the extended op calls in repl serverAndrew Tridgell5-21/+23
- use generic parameter names - trigger a run of pending ops on all extended ops - don't prevent parallel fsmo transfers - moved extended op code into drepl_extended
2010-09-16s4-pyjoin: fill in the dns name in the python replication methodAndrew Tridgell1-0/+40
this is needed to get the repsFrom DNS entry right Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: split out the extended op handling Andrew Tridgell2-136/+168
this is not part of the rid allocation logic Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: cleanup getncchanges extended op callsAndrew Tridgell3-40/+70
Multiple calls are allowed to run in parallel as long as they don't conflict. This also cleans up the variable names in the extended op calls. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4/fsmo: Handle infrastructure, pdc and rid extended opsAnatoliy Atanasov2-45/+53
With this change we can transfer all roles back and forward, except for the naming master. Also this commit fixes the naming of fsmo_role_dn - used to point to the DN from which we read fSMORoleOwner role_owner_dn - used to point to the NTDSDSA who owns the role Now we always pass fsmo_role_dn, role_owner_dn to the extended operation and to drepl_create_role_owner_source_dsa Conflicts: source4/dsdb/repl/drepl_ridalloc.c
2010-09-15s4-repl: use consistent API calls for getting DN GUIDAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-rodc: add a trigger message for REPL_SECRET to auth_samAndrew Tridgell1-0/+14
when an RODC tries to authenticate against an account and the account has no password information it needs to send a message to the drepl server to tell it to try and replicate the secret information from a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-10s4/fsmo: Change return type from NTSTATUS to WERROR for drepl_takeFSMOroleAnatoliy Atanasov1-1/+1
This removed an unnecessary conversion of the return type in drepl_take_FSMO_role.
2010-09-10s4/fsmo: Fix callback declarationAnatoliy Atanasov1-1/+2
2010-09-10s4-dreplsrv: fix 'dn' for partition object being createdKamen Mazdrashki1-1/+9
2010-09-10s4-drs-fsmo: try to dispatch ops in queue as soon as possibleKamen Mazdrashki1-1/+9
In most cases this will transfer of schema master role to look like a synchronous operation.
2010-09-10s4-fsmo: update FSMO changes for recent IRPC workAndrew Tridgell1-3/+3
the IRPC API has changed Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-10s4/drs: update repsFrom only when we are not in getncchanges extended opAnatoliy Atanasov1-4/+4
2010-09-10s4-irpc: Added internal rpc call DREPL_TAKEFSMOROLENadezhda Ivanova1-1/+10
It schedules a getncchanges with extended op 6, to be used when a modify request on becomeROLEMaster atteibute on rootDSE is received.
2010-09-10s4-drs: Implementation of GetNCChanges extended op 6 - fsmo role transferNadezhda Ivanova1-0/+151
Basically the candidate owner makes a getncchanges call with extended op 6 when they want to become the new owner. The current owner then updates the corresponding fSMORoleOwner attribute in its database with the new owner, and replicates the change to the candidate, who then becomes the owner. The patch was made in cooperation with Anatoliy Atanasov <anatoliy.atanasov@postpath.com> who kindly helped to debug it.
2010-09-10s4-drs: Refactored drepl_service and send_ridalloc_request so that the ↵Nadezhda Ivanova2-27/+48
structures can be used for other extended ops
2010-09-09s4-dreplsrv: Call dreplsrv_out_operation::callback in case we fail to even ↵Kamen Mazdrashki1-0/+8
run the operation Operation was scheduled already, so we need to call the callback function for it to be able to do its job. For instance, if we are blocking an rpc call until an operation is completed and there is no memory, then client will be blocked without knowing what is going on with the server.
2010-09-09s4-dsdb/repl/drepl_out_pull.c: Remove unused codeKamen Mazdrashki1-43/+0
2010-09-09s4-drepl_service.c: Update (C)Kamen Mazdrashki1-9/+10
and remove few trailing white spaces
2010-09-09s4-drepsrv: Dump more info when drepl_replica_sync() failsKamen Mazdrashki1-24/+28
There are many spots where this function may fail and I find it very useful to know where exactly function fails and what are the input parameters during testing. REPLICA_SYNC_FAIL() macro now dumps an error message so we may remove extra DEBUG() dump in implementation.
2010-09-07s4-dreplsrv: Run NC replication synchronously if requestedKamen Mazdrashki1-30/+119
2010-09-05s4-idl: redefine dreplsrv_refresh() to be alike other RPC function definitionsKamen Mazdrashki1-1/+1
Sorry for the 'custom' definition first time
2010-09-03s4-dreplsrv: Refactor drepl_replica_sync() to behave as described in MS-DRSRKamen Mazdrashki1-8/+111
see: MS-DRSR - 4.1.23.2 Note: Synchronious replication not implemented yet.
2010-09-03s4-dreplsrv: Helpers to locate source DSA in a partition by GUID or DNS nameKamen Mazdrashki1-0/+40