| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
when an RODC tries to authenticate against an account and the account
has no password information it needs to send a message to the drepl
server to tell it to try and replicate the secret information from
a writeable DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This removed an unnecessary conversion of the return type in
drepl_take_FSMO_role.
|
|
|
|
|
|
In most cases this will transfer of schema master role to
look like a synchronous operation.
|
|
the IRPC API has changed
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
It schedules a getncchanges with extended op 6, to be used when a modify request on
becomeROLEMaster atteibute on rootDSE is received.
|
|
Basically the candidate owner makes a getncchanges call with extended op 6 when they want to
become the new owner. The current owner then updates the corresponding fSMORoleOwner attribute
in its database with the new owner, and replicates the change to the candidate, who then becomes the
owner.
The patch was made in cooperation with Anatoliy Atanasov <anatoliy.atanasov@postpath.com> who
kindly helped to debug it.
|
|
structures can be used for other extended ops
|
|
run the operation
Operation was scheduled already, so we need to call
the callback function for it to be able to do its job.
For instance, if we are blocking an rpc call until an
operation is completed and there is no memory, then
client will be blocked without knowing what is going on
with the server.
|
|
|
|
and remove few trailing white spaces
|
|
There are many spots where this function may fail
and I find it very useful to know where exactly function
fails and what are the input parameters during testing.
REPLICA_SYNC_FAIL() macro now dumps an error message
so we may remove extra DEBUG() dump in implementation.
|
|
|
|
Sorry for the 'custom' definition first time
|
|
see: MS-DRSR - 4.1.23.2
Note: Synchronious replication not implemented yet.
|
|
|
|
|
|
It is to be used when we need to preserve a state
to be used in tha callback when dreplsrv_out_operation is completed
|
|
internal cache
This IRPC calls is to be used whenever repsFrom/repsTo are
changed by administrative tool or KCC (i.e. Topology changes).
At present, only KCC may change topology.
|
|
replications
|
|
we mark these as incoming_only
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
It's useless to get messages like this every few seconds:
dreplsrv_notify: Failed to send DsReplicaSync to
edbf4745-2966-49a7-8653-99200f1c9430._msdcs.samba2003.example.com for
CN=Configuration,DC=samba2003,DC=example,DC=com -
NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE
We have a non bug regarding non-linked DN attributes
and changes of the target DN.
metze
|
|
ridalloc client)
metze
|
|
doesn't return success
metze
|
|
if we are at least half-exhausted then ask for a new pool.
This fixes a bug where we're sending unintialized alloc_pool
variable as exop->fsmo_info to the rid master and get back
DRSUAPI_EXOP_ERR_PARAM_ERROR.
metze
|
|
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
|
|
by any valid DSName attribute given, be it - partition DN,
partition GUID or partition SID
|
|
This will allow the libnet_vampire code to manually convert individual
schema objects.
Andrew Bartlett
|
|
|
|
other host is just unreachable
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
The 0xc0002104/WERR_DS_DRA_NO_REPLICA seems to be spurious, and can be
avoided by setting DRSUAPI_DRS_SYNC_ALL in the DsReplicaSync request.
We need to investigate this further, and find out from MS why this is
sometimes being sent, even when the target DC has the right repsFrom
entries
|
|
this prevents the queue being stuck on failure
|
|
otherwise the queue is stuck forever
|
|
we rely on the highestUSN counters instead. W2K8 does not resend
DsUpdateRefs each time, and the WSPP docs do not indicate that repsTo
should be deleted
|
|
Needed for RID allocation
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This test is in the wrong place. We end up validating our own flags.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This patch creates the samdb_is_rodc() function, which looks for
the NTDSDSA object for a DC that has a specific invocationId
and if msDS-isRODC is present on such object and it is TRUE, then
consider the DC as a RODC.
The new samdb_rodc() function uses the samdb_is_rodc() function
for the local server.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
|
|
|
|
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.
Andrew Bartlett
|
|
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
I changed also some "uint32_t" to "unsigned" since the LDB interface doesn't
specify the bitlength of the unsigned type.
|
|
metze
|
|
metze
|
