Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This makes getting the module order correct, the obligation of Samba4
developers, and not system administrators. In particular, once an ldb
is updated to use only the 'samba_dsdb' module, no further changes to the
ldb should be required when upgrading to later Samba4 versions.
(thanks to metze for the suggestion of samba_dsdb as a long-term
stable name for the module)
Andrew Bartlett
|
|
|
|
By splitting the module this way, we can load the schema at startup, after
the partitions module is operational, but we leave the 'mess with details of
entries in the partitions' module to operate only on the partitions module.
Loading the schema later allows us to set the @ATTRIBUTES correctly on all
the databases.
Andrew Bartlett
|
|
This is done by passing an extended operation to the partitions module
to extend the @PARTITION record and to extend the in-memory list of
partitions.
This also splits things up into module parts that belong above and below
repl_meta_data
Also slit the partitions module into two files due to the complexity
of the code
Andrew Barltett
|
|
These take an ldb_module argument, and avoid doing the search from the
top of the stack again.
(This will help when modules are initialised before being added to the
partition set)
Andrew Bartlett
|
|
This allows this control to be specified as critical. We support the
control because we choose to always be durable in our transactions.
We really, really need a 'duplicate request' API, as at the
moment we can't do this without a large, error-prone set of code that
cannot cope with new request fields or types.
Andrew Bartlett
|
|
Currently disabled. The search will be greatly modified,
also the object tree stuff will be simplified.
|
|
Windows Servers allow OID strings to be used instead of
attribute/class names.
For now we only resolve the OIDs in the search expressions,
the rest will follow.
metze
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This moves the "operational" LDB module to the right place under "dsdb/samdb/ldb_modules"
(suggested by abartlet) and enhances it for supporting dynamic generated
"primaryGroupToken" for AD groups. This should fix bug #6466.
|
|
|
|
do not reference it from ldb.h
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
|
The extended_dn_out module provides the functionality now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
extended_dn_store.
By splitting the module, the extended_dn_in and extended_dn_store
moudles can use extended_dn_out to actually get the extended DN. This
avoids code duplication.
The extended_dn_out module also contains a client implementation of
the OpenLDAP dereference control (draft-masarati-ldap-deref-00).
This also introduces a new control
'DSDB_CONTROL_DN_STORAGE_FORMAT_OID' to ask the extended_dn_out module
to return whatever the 'storage format' is. This allows us to work
with both OpenLDAP (which performs a dereference at run time) and LDB
(which stores the GUID and SID on disk).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
supporting a schema
(This used to be commit 53b57300c799a079b4d64815243fe6120e0a9fa2)
|
|
metze
(This used to be commit 3379630a91bd96a34f99ed24ac92380bd97ccb07)
|
|
metze
(This used to be commit a485a363c3dc1b6b4d12410ed8e390b4d64a739f)
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|
|
This commit broke the build, because not all files (libreplace, popt)
were updated.
Andrew Bartlett
(This used to be commit 3faacf4351d68a10aea78b53768571d2059772ae)
|
|
(This used to be commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c)
|
|
(This used to be commit 82db5d3d56f9faefea47160ad2c983393131382a)
|
|
(This used to be commit 17c41a6c3e71102e3516e6926f7e7d1ab5c97563)
|
|
(This used to be commit 4d7925f953bc9d1fcffb4a4dd268b763c18ceae6)
|
|
(This used to be commit 42eb6b33462228467e65a51bbf624c481802b090)
|
|
Conflicts:
source/Makefile
source/auth/config.mk
source/auth/gensec/config.mk
source/build/m4/public.m4
source/build/make/python.mk
source/build/make/rules.mk
source/build/smb_build/header.pm
source/build/smb_build/main.pl
source/build/smb_build/makefile.pm
source/dsdb/config.mk
source/dsdb/samdb/ldb_modules/config.mk
source/kdc/config.mk
source/lib/events/config.mk
source/lib/events/events.c
source/lib/ldb/config.mk
source/lib/nss_wrapper/config.mk
source/lib/policy/config.mk
source/lib/util/config.mk
source/libcli/smb2/config.mk
source/libnet/config.mk
source/librpc/config.mk
source/nbt_server/config.mk
source/ntptr/ntptr_base.c
source/ntvfs/posix/config.mk
source/ntvfs/sysdep/config.mk
source/param/config.mk
source/rpc_server/config.mk
source/rpc_server/service_rpc.c
source/scripting/ejs/config.mk
source/scripting/python/config.mk
source/smb_server/config.mk
source/smbd/server.c
source/torture/config.mk
source/torture/smb2/config.mk
source/wrepl_server/config.mk
(This used to be commit 13bbd420681519894a4036729c43273912c9b402)
|
|
(This used to be commit 8573e828d1b68c47b3c1754e9be230b2e78d9d52)
|
|
(This used to be commit 5628d58990144463fd87f8c847c9384ac2193681)
|
|
(This used to be commit 10cf48591e8d6bfb750a6ff187f04ea24a1f8cd7)
|
|
(This used to be commit a7e6d2a1832db388fdafa1279f84c9a8bbfc87d6)
|
|
(This used to be commit ca510136d2c4cae8f520c76df6aaadb5d412bea1)
|
|
(This used to be commit ce332130ea77159832da23bab760fa26921719e2)
|
|
This code raided from the repl_meta_data module, which probably needs
to be downsized to just handling the replication data.
Andrew Bartlett
(This used to be commit 2a418f33705a792d9d16cf1d4aa3dcda467e6e04)
|
|
fixes the case of the attribute in teh DN.
Fix option spelling for example re-provision
Andrew Bartlett
(This used to be commit e3a76be04760a81a9c1b7ad9b139f088decc9ee6)
|
|
(This used to be commit 85eeecf997a071ca7e7ad0247e8d34d49b7ffcbb)
|
|
incoming LDAP filter.
Warning: Any anr search will perform a full index search. Untill ldb
gets substring indexes, this is unavoidable.
Also implement a testsutie to show we match AD behaviour for this
important extension (used in the Active Directory Users and Computers
MMC plugin, as a genereral 'find').
This will also be useful to OpenChange, as their server needs to
implement this.
Andrew Bartlett
(This used to be commit 044b50947254ccd516c21cb156ab60ab9e3a582d)
|
|
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
|
|
results, as used particularly by MMC's Active Directory Users and
Computers to list group members.
This may be used on any attribute, but is useful to obtain attributes
that may be lengthy in 'pages'. The implementation presumes that
attributes will always be returned by the DB in the same order.
Andrew Bartlett
(This used to be commit c789a91e00b47b2f02513e97101b9606d00c6aaa)
|
|
simple ldap mapping (a complex mapping will follow).
Fix the module to handle 'name' better, rather than using the 'name'
attribute built into OpenLDAP, rename to samba4RDN. We need to see if
this can be handled in the backend.
Also rename the functions and inernal module name to entryuuid for
consistancy.
Andrew Bartlett
(This used to be commit a7be80766f4270d63433bbd6a976ebf302ed3433)
|
|
of Base DNs in searches (returning an error of LDB_ERR_NO_SUCH_ENTRY).
We need to handle this if ldb_tdb is to behave correctly compared with
LDAP, as well as if we are using an LDAP backend.
In doing so, I realised that subtree_rename and subtree_delete
(prevention) need rather different wait loops, so it seemed easier to
split it out into it's own module.
I've fixed the licence on both of these modules to be GPLv3.
Andrew Bartlett
(This used to be commit d3894c90f31fb45e038ab478cd9d7d34962d069b)
|
|
(This used to be commit 9d73becbb24fbde2e319e18e84af35d9efaeefda)
|
|
--enable-nss-wrapper or --enable-developer is given
metze
(This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
|
|
Much more work is still required here, particularly to handle this
better during the provision, and to handle modifies and deletes, but
this is a start.
Andrew Bartlett
(This used to be commit 2ba99d58e9fe1f8e4b15a58a2fdfce6e876f99b4)
|
|
The module is scary: On a rename, it does a search for all entries
under that entry (including itself), and fires off a seperate rename
call for each result. This will fail miserably on an LDAP backend,
but I'll need to work on using hdb for OpenLDAP, and hope Fedora DS
can implement subtree renames at some point.
Andrew Bartlett
(This used to be commit 13908a8cb4dd810503213203efb8d51f77f1f379)
|
|
ldb_subclass list.
Next step will be to have this module also set the objectCategory and
default ntSecurityDescriptor
Andrew Bartlett
(This used to be commit 0f7135a4685a1117a54c2f019df6c6de22b8dd32)
|
|
* Change license to LGPL, so it can be used by non-Samba users of
LDB (cleared with Martin as well).
* Include ldb_map in standalone build.
* Move ldb_map to its own directory
(This used to be commit a90202abca26c0da5425a2f3dd8494077c3290fd)
|
|
metze
(This used to be commit 7f07895cac3e933b39f81bf67812834352184af0)
|
|
them as a hook on ldb modify, via a module.
This should allow the secrets.ldb to be edited by the admin, and to
have things update in the on-disk keytab just as an in-memory keytab
would.
This isn't really a dsdb plugin, but I don't have any other good ideas
about where to put it.
Andrew Bartlett
(This used to be commit 6ce557a1aff4754d2622be8f1c6695d9ee788d54)
|