summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/extended_dn_in.c
AgeCommit message (Collapse)AuthorFilesLines
2013-09-18Add an OpenLDAP-specific extended_dn_in moduleHoward Chu1-1/+24
Don't "fix" plain DNs before sending them to OpenLDAP Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2012-11-30s4:dsdb/extended_dn_in: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher1-12/+13
Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-06-22s4-extended: do not try to fix if there is no schemaMatthieu Patou1-0/+4
2012-06-22s4-dsdb: support otherWellKnownObjectsMatthieu Patou1-24/+31
2011-09-23build: avoid util.h as a public header name due to conflict with MacOSAndrew Bartlett1-1/+1
2011-08-25s4-dsdb: fixed basedn in extended_dn_in moduleAndrew Tridgell1-6/+10
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-09s4-dsdb: make extended_dn_in a bit more efficientAndrew Tridgell1-9/+17
checking filter elements in the right order makes it a little faster
2011-08-04s4-dsdb: extend the extended_dn_in module to handle DN linksAndrew Tridgell1-44/+104
this replaces DN components in incoming filter expressions with the full extended DN of the target, which allows search expressions based on <GUID=> and <SID=> DNs, as well as fixing the problem with one-way links in search expressions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-04s4-dsdb: handle search expressions containing extended DNsAndrew Tridgell1-0/+166
this allows for searches like member=<SID=S-1-2-3> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-07-11s4-dsdb: fixed crash bug in extended_dn_inAndrew Tridgell1-2/+4
when extended_dn_in fails to resolve a GUID extended DN component, the debug code assumed that it was a search operation, and accessed ac->req->op.search.base, which is not valid for non-search DN expansions. Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-06-22s4-dsdb: prioritise GUID in extended_dn_inAndrew Tridgell1-8/+11
if we search with a base DN that has both a GUID and a SID, then use the GUID first. This matters for the S-1-5-17 SID. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-06-22s4-dsdb: catch duplicate matches in extended_dn_inAndrew Tridgell1-0/+12
When searching using extended DNs, if there are multiple matches then return an object not found error. This is needed for the case of a duplicate objectSid, which happens for S-1-5-17 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10ldb: use #include <ldb.h> for ldbAndrew Tridgell1-3/+3
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-14s4-dsdb: only enforce the extended dn rules over ldapAndrew Tridgell1-2/+21
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Jan 14 07:23:31 CET 2011 on sn-devel-104
2011-01-14s4-dsdb: validate number of extended componentsAndrew Tridgell1-2/+10
this checks that the number of extended components in a DN is valid, to match MS AD behaviour. We need to do this to ensure that our tools don't try to do operations that will be invalid when used against MS servers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-01s4-ldb: enable version checking in dsdb ldb modulesAndrew Tridgell1-0/+1
2010-11-01s4-dsdb: convert the rest of the ldb modules to the new module typeAndrew Tridgell1-1/+6
2010-09-27s4-ldb: Added ldb_request_replace_controlNadezhda Ivanova1-1/+1
It is the same as ldb_request_add_control, except it will replace an existing control. Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 19:00:38 UTC 2010 on sn-devel-104
2010-09-26s4-tests: Removed search tests with anonymous credentials as they fail ↵Nadezhda Ivanova1-1/+1
againts Windows These tests will fail in make test as well if the acl_read module is enabled.
2010-09-25ldb: mark the location of a lot more ldb requestsAndrew Tridgell1-0/+4
2010-09-25s4-dsdb: added tagging of requests in dsdb modulesAndrew Tridgell1-0/+2
this allows you to call dsdb_req_chain_debug() in gdb or when writing debug code to see the request chain
2010-09-24s4:extended_dn_in LDB module - fix a counter typeMatthias Dieter Wallnöfer1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-07s4-dsdb: use ldb_operr() in the dsdb codeAndrew Tridgell1-13/+7
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-04-10s4:dsdb Improve error message in extended_dn_inAndrew Bartlett1-1/+1
This error occours when an extended DN cannot be resolved, so it's most helpful to print the problematic extended DN. Andrew Bartlett
2010-01-02s4-dsdb: add a TODO item for linked attributes in extended_dn_outAndrew Tridgell1-0/+5
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-09-28s4-dsdb: fixed searching for GUID based DNs between partitionsAndrew Tridgell1-2/+16
2009-06-30s4: dsdb Avoid using the internal ldb_private.h headerAndrew Bartlett1-22/+22
This job is not complete (the partition module remains a unfinished task), but now we do use the private ldb headers much less. Andrew Bartlett
2008-12-17s4:dsdb: split extended_dn into extended_dn_in, extended_dn_out and ↵Andrew Bartlett1-0/+394
extended_dn_store. By splitting the module, the extended_dn_in and extended_dn_store moudles can use extended_dn_out to actually get the extended DN. This avoids code duplication. The extended_dn_out module also contains a client implementation of the OpenLDAP dereference control (draft-masarati-ldap-deref-00). This also introduces a new control 'DSDB_CONTROL_DN_STORAGE_FORMAT_OID' to ask the extended_dn_out module to return whatever the 'storage format' is. This allows us to work with both OpenLDAP (which performs a dereference at run time) and LDB (which stores the GUID and SID on disk). Signed-off-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2024-06-02 05:10:29 +0000