summaryrefslogtreecommitdiff
path: root/source4/dsdb/repl
AgeCommit message (Collapse)AuthorFilesLines
2011-08-03gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett1-0/+1
gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
2011-05-11s4/drepl_fsmo: Add an CR so that message is visible in the logsKamen Mazdrashki1-1/+1
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Wed May 11 21:03:59 CEST 2011 on sn-devel-104
2011-05-03s4-messaging Rename messaging -> imessagingAndrew Bartlett2-2/+2
This avoid symbol and structure conflicts between Samba3 and Samba4, and chooses a less generic name. Andrew Bartlett
2011-03-29s4-dsdb: perform FSMO transfers asynchronouslyAndrew Tridgell2-26/+43
this gives the administrator a proper error message on the command line Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-03-01s4-repl/working_schema: Ignore some attributes when bulding working schema cacheKamen Mazdrashki1-0/+9
We don't need all object attributes resolved and converted for a working schema to be functional.
2011-03-01s4-replicated_objects: Implement a mechanism to relax some attributes conversionKamen Mazdrashki1-4/+31
during replicated object convert stage. The problem is that we may have loops in schema graph and we can't resolve those loops in just one pass. Ignoring some attributes conversion will allow us to have a functional schema cache that we can use later to resolve all attribute OIDs on another pass
2011-02-27s4-drepl: Schedule event to trigger replication rather than calling ↵Kamen Mazdrashki1-2/+5
run_pending_ops directly Executing dreplsrv_run_pending_ops() directly may cause a segfault as in case of failure, the _drepl_replica_sync_done_cb() callback gets called *before* drepl_replica_sync() returns. In such case, irpc message gets freed twice - once when irpc_send_reply() gets called and once when drepl_replica_sync() returns
2011-02-27s4-drepl: Fix replica sync callback to really store last error rather than ↵Kamen Mazdrashki1-1/+1
last success
2011-02-27s4-drepl: Refactor dreplsrv_run_pull_ops() toKamen Mazdrashki1-16/+33
1. Take into account DSA options - we should not send replication requests in case OUTBOUND_REPLICATION is disabled 2. Use replication flags for the operation to determine if a forced replication is requested 3. In case outbound replication is disabled and we don't have DRSUAPI_DRS_SYNC_FORCED flag set, then we should record WERR_DS_DRA_SINK_DISABLED error as a last replication result
2011-02-27s4-drepl: Pass replication options from DsReplicaSync callKamen Mazdrashki4-5/+12
2011-02-22s4-auth Move libcli/security/session.c to the top levelAndrew Bartlett1-0/+1
This code is now useful in common, as the elements of the auth_session_info structure have now been defined in common IDL. Andrew Bartlett
2011-02-10ldb: use #include <ldb.h> for ldbAndrew Tridgell7-7/+7
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-12-18s4-drepl: During Schema replication, we need to save updated prefixMap if ↵Kamen Mazdrashki1-0/+18
everything is OK Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Sat Dec 18 05:53:48 CET 2010 on sn-devel-104
2010-12-18s4-drepl: Make refreshed schema a global oneKamen Mazdrashki1-0/+7
We need to do this as dsdb_reference_schema() function clears "use_global_schema" ldb flag. Basically what is going to happen is that after dsdb_reference_schema() global_schema pointer will continue to point at old schema cache, while "dsdb_schema" for LDB will point at the working_schema. After replication is done, we reset "dsdb_schema" for the ldb with an updated Schema cache, but this leaves global_schema pointer with its old value, which is not up to date. So we need to call dsdb_make_schema_global() again so that global_schema points to a valid Schema cache.
2010-12-17s4-drepl: Reference current Schema cache into working_schema contextKamen Mazdrashki1-1/+1
working_schema is a shallow copy of current schema and thus depends on part of it. So we want it to be around as long as working_schema is used. Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Fri Dec 17 23:34:29 CET 2010 on sn-devel-104
2010-12-17s4-drepl: Fix log message to be shown on its own lineKamen Mazdrashki1-1/+1
2010-12-15s4-drepl: We won't need a working schema for empty replicas sent.Kamen Mazdrashki1-2/+5
Without this check, receiving empty replica leads to a situation where we left with a working_schema attached to the ldb. The problem here is that working_schema is not fully functional schema cache and keeping it attached to the ldb may lead to modules failing to accomplish their jobs
2010-12-15s4-drepl: User working schema for commiting objects when replicating Schema NCKamen Mazdrashki1-6/+4
2010-12-15s4-repl: Allow dsdb_replicated_objects_commit() to use different schema ↵Kamen Mazdrashki2-0/+57
while committing objects working_schema is to be used while committing a Schema replica. When we replicate Schema, then we most probably won't be able to convert all replicated objects using the current Schema cache (as we don't know anything about those new objects). Thus, during Schema replication, we make a temporary working_schema that contains both our current Schema + all objects we get on the wire. When we commit those new objects, we should use our working_schema (by setting it to the ldb), and after all changes are commited, we can refresh the schema cache so we have a brand new, full-featured Schema cache
2010-12-01s4:dsdb/repl/replicated_objects.c - proof if "talloc_reference" doesn't ↵Matthias Dieter Wallnöfer1-1/+2
return NULL Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Dec 1 17:14:01 CET 2010 on sn-devel-104
2010-12-01s4-dreplsrv: Use working_schema when replicating from Schema NCKamen Mazdrashki1-2/+22
Schema is changed and it is quite possible we won't be able to decode replicated objects using current Schema cache we have. Thus, when replicating Schema, we will make a temporary Schema cache, working_schema, so that we can fully decode objects we recieve.
2010-12-01s4-dsdb/schema: Implement multi-pass working schema creation functionKamen Mazdrashki1-0/+132
It is heavily based on implementation in libnet_vampire_cb_apply_schema() function, except that it actually creates a new copy of the supplied initial_schema + resolving all incoming objects and add them to supplied initial_schema. We are going to need this 'working_schema' later so we are able to fully resolve all objects we receive on wire during DRS replication. Working schema created is to be used only as an index to search in. It is not supposed to be set to an ldb_context as it doesn't contain all information for classSchema and attributeSchema objects.
2010-12-01s4-repl: Let dsdb_replicated_objects_convert() to accept schema from callerKamen Mazdrashki2-7/+16
This allows us to use schema that is different than the one set to 'ldb' to decode objects.
2010-11-28s4:dsdb/repl/drepl* - move "lib/messaging/irpc.h" include into "drepl_service.h"Matthias Dieter Wallnöfer8-9/+1
This is needed to fix a Tru64 "cc" warning regarding "enum drepl_role_master". Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Nov 28 12:46:19 CET 2010 on sn-devel-104
2010-11-27s4:dsdb/repl/drepl_service.c - return the correct WERR resultMatthias Dieter Wallnöfer1-1/+1
2010-11-27s4:drepl_service.c - fix error macro (use "_werr" and not "werr")Matthias Dieter Wallnöfer1-1/+1
Detected by Tru64 "cc".
2010-11-27s4:dsdb/repl/drepl_out_helpers.c - print out the correct error message (werr)Matthias Dieter Wallnöfer1-1/+1
Also detected by Tru64 "cc".
2010-11-27s4:role transfer - use always type "enum drepl_role_master" for role ↵Matthias Dieter Wallnöfer2-3/+4
specifications Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 27 16:03:43 CET 2010 on sn-devel-104
2010-11-17s4-repl: removed the syncall_workaround codeAndrew Tridgell2-6/+0
this isn't needed any more Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Nov 17 13:41:51 UTC 2010 on sn-devel-104
2010-11-17s4-repl: save the result of the last replication in repsFrom/repsToAndrew Tridgell2-53/+75
when a replication fails, we should add the failure to repsFrom when a notify fails, we need to save it to repsTo this ensures showrepl always shows the latest status
2010-11-17s4-repl: ensure we don't starve pending replication opsAndrew Tridgell4-6/+24
when there was a continuous sequence of notify ops, we could leave the replication ops starving. This ensures we run whichever was queued first
2010-11-11s4-repl: Propagate remote prefixMap in DRSUAPI data conversion functionsKamen Mazdrashki1-3/+19
2010-11-11s4-repl: dsdb_extended_replicated_objects_convert -> ↵Kamen Mazdrashki2-23/+23
dsdb_replicated_objects_convert/ It is part of dsdb_replicated_* family of functions
2010-11-11s4-repl: dsdb_extended_replicated_objects_commit -> ↵Kamen Mazdrashki2-6/+6
dsdb_replicated_objects_commit It is part of dsdb_replicated_* family of functions
2010-11-11s4-repl: dsdb_convert_object -> dsdb_origin_object_convertKamen Mazdrashki1-7/+7
It is used in dsdb_origin_objects_commit() func, hence the dsdb_origin_ prefix
2010-11-08s4-drs: reduce verbosity of dreplsrv_out_connection_attachAndrew Tridgell1-2/+2
2010-11-08s4-dsdb Explain why we may not use the GC name in some situations.Andrew Bartlett1-0/+8
This delicate balance caused us a bit of a puzzle when we could not work out why an DC join failed with the new python scripts. Andrew Bartlett
2010-11-08s4-repl: fixed replication notifications to RODCsAndrew Tridgell3-7/+58
We need a separate source dsa list for RODCs, as they are not in the repsFrom for our partitions, but are in the repsTo. This adds a new 'notifies' list, which contains all the source dsas for the DCs that we should send notifies to, but which we don't replicate from Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 06:57:43 UTC 2010 on sn-devel-104
2010-11-08fixAndrew Tridgell2-4/+4
2010-11-05s4:dsdb/drepl_notify: reuse dreplsrv_notify_operation structuresStefan Metzmacher1-0/+22
Otherwise we'll requeue the same notify events on and on. (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies $8 = {prev = 0xe4cb30, next = 0x1a25440, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next $9 = {prev = 0x80e000, next = 0x1b7bf70, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next $10 = {prev = 0x1a25440, next = 0x1d0c310, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next $11 = {prev = 0x1b7bf70, next = 0x1ba1420, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next $12 = {prev = 0x1d0c310, next = 0x1c43510, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next $13 = {prev = 0x1ba1420, next = 0xed97b0, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next->next $14 = {prev = 0x1c43510, next = 0xe4ce80, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} We can reuse this operations, while they're not yet started. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Nov 5 07:15:04 UTC 2010 on sn-devel-104
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki1-1/+1
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-12libcli/security Use common security.hAndrew Bartlett2-2/+2
This includes dom_sid.h and security_token.h and will be moved to the top level shortly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-10samdb: Add flags argument to samdb_connect().Jelmer Vernooij1-1/+1
2010-10-10s4-dsdb-repl: Print what the error code for failure isKamen Mazdrashki1-1/+3
2010-10-01s4-repl: use the GC principal name for DRS replication connectionAndrew Tridgell3-6/+76
this is required when talking to RODCs (for notify calls), and is good practice for all DCs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-rodc: don't set SPECIAL_SECRET_PROCESSING on EXOP_REPL_SECRETAndrew Tridgell1-0/+3
otherwise we don't get the secrets! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-29s4-drepl: don't call UpdateRefs on a RODCAndrew Tridgell1-5/+11
we use the ADD_REF bit in getncchanges instead Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29s4-drepl: fixed the checking of replica_flags in the drepl serverAndrew Tridgell1-7/+0
we were incorrectly avoiding a getncchanges when WRIT_REP was not set Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-25s4-repl: use namingContexts from rootDSE to initialise partition listAndrew Tridgell1-53/+36
this is preferable to looking for the hasMasterNCs attribute on nTDSDSA objects.
2010-09-25s4-repl: force on WRIT_REP when we are a writable replicaAndrew Tridgell1-4/+3
this ensures we always mark ourselves as writeable when we are not an RODC