summaryrefslogtreecommitdiff
path: root/source4/dsdb/repl
AgeCommit message (Collapse)AuthorFilesLines
2010-09-16s4-repl: cleanup the extended op calls in repl serverAndrew Tridgell5-21/+23
- use generic parameter names - trigger a run of pending ops on all extended ops - don't prevent parallel fsmo transfers - moved extended op code into drepl_extended
2010-09-16s4-pyjoin: fill in the dns name in the python replication methodAndrew Tridgell1-0/+40
this is needed to get the repsFrom DNS entry right Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: split out the extended op handling Andrew Tridgell2-136/+168
this is not part of the rid allocation logic Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-16s4-repl: cleanup getncchanges extended op callsAndrew Tridgell3-40/+70
Multiple calls are allowed to run in parallel as long as they don't conflict. This also cleans up the variable names in the extended op calls. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4/fsmo: Handle infrastructure, pdc and rid extended opsAnatoliy Atanasov2-45/+53
With this change we can transfer all roles back and forward, except for the naming master. Also this commit fixes the naming of fsmo_role_dn - used to point to the DN from which we read fSMORoleOwner role_owner_dn - used to point to the NTDSDSA who owns the role Now we always pass fsmo_role_dn, role_owner_dn to the extended operation and to drepl_create_role_owner_source_dsa Conflicts: source4/dsdb/repl/drepl_ridalloc.c
2010-09-15s4-repl: use consistent API calls for getting DN GUIDAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-rodc: add a trigger message for REPL_SECRET to auth_samAndrew Tridgell1-0/+14
when an RODC tries to authenticate against an account and the account has no password information it needs to send a message to the drepl server to tell it to try and replicate the secret information from a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-10s4/fsmo: Change return type from NTSTATUS to WERROR for drepl_takeFSMOroleAnatoliy Atanasov1-1/+1
This removed an unnecessary conversion of the return type in drepl_take_FSMO_role.
2010-09-10s4/fsmo: Fix callback declarationAnatoliy Atanasov1-1/+2
2010-09-10s4-dreplsrv: fix 'dn' for partition object being createdKamen Mazdrashki1-1/+9
2010-09-10s4-drs-fsmo: try to dispatch ops in queue as soon as possibleKamen Mazdrashki1-1/+9
In most cases this will transfer of schema master role to look like a synchronous operation.
2010-09-10s4-fsmo: update FSMO changes for recent IRPC workAndrew Tridgell1-3/+3
the IRPC API has changed Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-10s4/drs: update repsFrom only when we are not in getncchanges extended opAnatoliy Atanasov1-4/+4
2010-09-10s4-irpc: Added internal rpc call DREPL_TAKEFSMOROLENadezhda Ivanova1-1/+10
It schedules a getncchanges with extended op 6, to be used when a modify request on becomeROLEMaster atteibute on rootDSE is received.
2010-09-10s4-drs: Implementation of GetNCChanges extended op 6 - fsmo role transferNadezhda Ivanova1-0/+151
Basically the candidate owner makes a getncchanges call with extended op 6 when they want to become the new owner. The current owner then updates the corresponding fSMORoleOwner attribute in its database with the new owner, and replicates the change to the candidate, who then becomes the owner. The patch was made in cooperation with Anatoliy Atanasov <anatoliy.atanasov@postpath.com> who kindly helped to debug it.
2010-09-10s4-drs: Refactored drepl_service and send_ridalloc_request so that the ↵Nadezhda Ivanova2-27/+48
structures can be used for other extended ops
2010-09-09s4-dreplsrv: Call dreplsrv_out_operation::callback in case we fail to even ↵Kamen Mazdrashki1-0/+8
run the operation Operation was scheduled already, so we need to call the callback function for it to be able to do its job. For instance, if we are blocking an rpc call until an operation is completed and there is no memory, then client will be blocked without knowing what is going on with the server.
2010-09-09s4-dsdb/repl/drepl_out_pull.c: Remove unused codeKamen Mazdrashki1-43/+0
2010-09-09s4-drepl_service.c: Update (C)Kamen Mazdrashki1-9/+10
and remove few trailing white spaces
2010-09-09s4-drepsrv: Dump more info when drepl_replica_sync() failsKamen Mazdrashki1-24/+28
There are many spots where this function may fail and I find it very useful to know where exactly function fails and what are the input parameters during testing. REPLICA_SYNC_FAIL() macro now dumps an error message so we may remove extra DEBUG() dump in implementation.
2010-09-07s4-dreplsrv: Run NC replication synchronously if requestedKamen Mazdrashki1-30/+119
2010-09-05s4-idl: redefine dreplsrv_refresh() to be alike other RPC function definitionsKamen Mazdrashki1-1/+1
Sorry for the 'custom' definition first time
2010-09-03s4-dreplsrv: Refactor drepl_replica_sync() to behave as described in MS-DRSRKamen Mazdrashki1-8/+111
see: MS-DRSR - 4.1.23.2 Note: Synchronious replication not implemented yet.
2010-09-03s4-dreplsrv: Helpers to locate source DSA in a partition by GUID or DNS nameKamen Mazdrashki1-0/+40
2010-09-03s4-dreplsrv: Helper to find NC by DN or GUID or SIDKamen Mazdrashki1-0/+33
2010-09-03s4-dreplsrv: Add caller-specific data parameter for dreplsrv_fsmo_callback_tKamen Mazdrashki3-7/+14
It is to be used when we need to preserve a state to be used in tha callback when dreplsrv_out_operation is completed
2010-08-28s4-dreplsrv: Implement irpc stub to be used to force dreplsrv to update ↵Kamen Mazdrashki1-0/+20
internal cache This IRPC calls is to be used whenever repsFrom/repsTo are changed by administrative tool or KCC (i.e. Topology changes). At present, only KCC may change topology.
2010-08-28s4-dreplsrv: Move partition cache update before scheduling another set of ↵Kamen Mazdrashki1-3/+7
replications
2010-08-25s4-repl: load RODC partitions using msDS-hasFullReplicaNCsAndrew Tridgell2-4/+28
we mark these as incoming_only Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell3-6/+6
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-09s4:drepl_notify: hide some bugs from the make test outputStefan Metzmacher1-1/+12
It's useless to get messages like this every few seconds: dreplsrv_notify: Failed to send DsReplicaSync to edbf4745-2966-49a7-8653-99200f1c9430._msdcs.samba2003.example.com for CN=Configuration,DC=samba2003,DC=example,DC=com - NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE We have a non bug regarding non-linked DN attributes and changes of the target DN. metze
2010-07-09s4:dsdb/repl: expose drsuapi_DsExtendedError to the caller (e.g. the ↵Stefan Metzmacher4-6/+13
ridalloc client) metze
2010-07-09s4:drepl_out_helpers: don't return NT_STATUS_OK, if an extended operation ↵Stefan Metzmacher1-1/+14
doesn't return success metze
2010-07-09s4:drepl_ridalloc: only ask the rid master for a new rid pool if we need to.Stefan Metzmacher1-9/+38
if we are at least half-exhausted then ask for a new pool. This fixes a bug where we're sending unintialized alloc_pool variable as exop->fsmo_info to the rid master and get back DRSUAPI_EXOP_ERR_PARAM_ERROR. metze
2010-07-07s4-dsdb: use ldb_operr() in the dsdb codeAndrew Tridgell1-1/+2
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-06-25s4/drs: DsReplicaSync should search partition to SyncKamen Mazdrashki2-6/+38
by any valid DSName attribute given, be it - partition DN, partition GUID or partition SID
2010-06-12s4:dsdb Allow calling dsdb_convert_object_ex() directlyAndrew Bartlett1-6/+6
This will allow the libnet_vampire code to manually convert individual schema objects. Andrew Bartlett
2010-05-18Finish removal of iconv_convenience in public API's.Jelmer Vernooij1-1/+1
2010-05-13s4: Do not display by default the message Failed to send DsReplicaSync is ↵Matthieu Patou1-1/+6
other host is just unreachable Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-04-27s4-repl: added a workaround for WERR_DS_DRA_NO_REPLICA DsReplicaSync errorsAndrew Tridgell2-2/+19
The 0xc0002104/WERR_DS_DRA_NO_REPLICA seems to be spurious, and can be avoided by setting DRSUAPI_DRS_SYNC_ALL in the DsReplicaSync request. We need to investigate this further, and find out from MS why this is sometimes being sent, even when the target DC has the right repsFrom entries
2010-04-27s4-repl: on a failed request, clear the current ptrAndrew Tridgell1-0/+1
this prevents the queue being stuck on failure
2010-04-27s4-repl: end repl request when not doing an UpdateRefsAndrew Tridgell1-0/+2
otherwise the queue is stuck forever
2010-04-27s4-repl: don't delete repsTo entry on DsReplicaSyncAndrew Tridgell1-46/+12
we rely on the highestUSN counters instead. W2K8 does not resend DsUpdateRefs each time, and the WSPP docs do not indicate that repsTo should be deleted
2010-04-26s4-drs: allow getncchanges requests to non WRIT_REP partitions for extended opsAndrew Tridgell1-1/+2
Needed for RID allocation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-26s4-drepl: don't send an UpdateRefs unless its a plain replicationAndrew Tridgell1-1/+3
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: removed dsdb_validate_client_flags()Andrew Tridgell1-7/+0
This test is in the wrong place. We end up validating our own flags. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s40-drs: Do not send GetNCChanges messages to RODCsFernando J V da Silva1-0/+11
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22s4-drs: samdb_is_rodc() function and new samdb_rodc() functionFernando J V da Silva2-2/+8
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-13Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"Matthias Dieter Wallnöfer1-1/+1
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-03-25s4-drs: If we are a RODC then do not send DSReplicaSync messagesFernando J V da Silva1-8/+11