| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
We intend to see always all objects with the "show_deleted" control specified.
To see also recycled objects (beginning with 2008_R2 function level) we need to
use the new "show_recycled" control.
As far as I see this is only internal code and therefore we don't run into
problems if we do substitute it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
DSDB_FLAG_NEXT_MODULE flag
|
|
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
|
|
DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
- unsigned counters for LDB objects
- we tend to have the "ret" variable always as the last declaration to see
which type of error a function returns
|
|
It is important to allow the rename, even if we just have one-way
links, as this happens on deleted objects, which have the backlinks
alredy removed by repl_meta_data.
Andrew Bartlett
|
|
The DLIST macros changed in behaviour in Feb 2010, and walking the
lists backwards is no longer safe if you don't use the macros.
Andrew Bartlett
|
|
The objectclass_attr module should prevent users creating such links,
and the mrepl_meta_data module should only create them in functional
level 2003 or above.
Andrew Bartlett
|
|
This does exactly the same thing, but with less code.
Andrew Bartlett
|
|
This revives the code from 5964acfa741d691c0196f91c0796122ec025f177,
before tridge and I simplified this too much, and removed the Windows
2000 functional level linked attribute support.
By telling the linked_attributes module that repl_meta_data has
handled the links, we avoid a conflict for the new style (functional
level 2003 and above) linked attributes. However, we still need
backlinks for 2000 style linked attributes, so this allows that code
in the linked_attributes module to be revived to handle those.
Andrew Bartlett
|
|
|
|
|
|
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.
Andrew Bartlett
|
|
where appropriate
|
|
This uses the RELAX control and checking of single valued attributes
in ldb modules to avoid problems with multi-valued links where all
values but one are deleted
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
The linked_attributes module only has to deal with renames now, as
other linked attribute updates happen in repl_meta_data. This allows
it to be much simpler.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is now handled in the repl_meta_data module
|
|
delete handling is now moved into repl_meta_data
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This functionality has moved into repl_meta_data
|
|
|
|
It is up to other modules to complain if
ldb_transaction_prepare_commit() is called before
ldb_transaction_begin_transaction()
Andrew Bartlett
|
|
|
|
|
|
|
|
This one copes with deleted objects where linked attributes have been
set on the module. We hit this when we do the ldb wipe at the start of
a provision, which trigers linked attribute updates, but for objects
that have disappeared. We need to ensure that the linked attribute
updates only happen on the right object, and if the object gets
re-created (as happens with a provision) then it is not the right
object.
To cope with this we record the GUID of the object when the operation
that triggered the linked attribute update comes in, and then find the
DN by suing that GUID when we apply the change in the prepare commit
hook.
|
|
We need to call down to the next transaction function when we finish
in linked_attributes.
This also changes linked_attributes to use the common
dsdb_find_dn_by_guid() function
|
|
items are added to the linked attribute list using DLIST_ADD(), which
means to commit them to the database in the same order they came from
the server we need to walk the list backwards when we traverse it
|
|
linked attribute changes can come in any order. This means it is
possible for a forward link to come over the wire in DRS before the
target even exists. To make this work this patch changed the linked
attributes module to gather up all the changes it needs to make in a
linked list, then execute the changes in the end_transaction hook for
the module.
During that commit phase we also fix up all the DNs that we got by
searching for their GUID, as the objects may have moved after the
linked attribute was sent, but before the end of the transaction
|
|
|
|
Some corrections which make the code a bit more readable (no functional changes here)
|
|
do not reference it from ldb.h
|
|
The only 2 modules escaping the rule so far are rootdse and partitions
|
|
This means that linked attributes will always have the same case form
as the actaul entry, as we search for that entry. We then also use
the GUID and SID found on that entry to fill in the extended DN on disk.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This causes the linked attribute modifies to occour after the original
operation is entered in the transaction (any failure still fails the
lot). This means (I hope) that we can have another module search the
originating record when the backlink is created, filling in the GUID
and SID for the extended DN.
Andrew Bartlett
|
|
|
|
The ldb_val is length-limited, and while normally NULL terminated,
this avoids the chance that this particular value might not be, as
well as avoiding a cast.
Andrew Bartlett
|
|
This bug occours frequenetly in ldb users because the union so happens
to be layed out that this works. However, it is still incorrect
usage...
Andrew Bartlett
|
|
|
|
attribute is missing
Windows 2003 has a broken schema where the definition of msDS-IsDomainFor
is missing (which is supposed to be the backlink of the msDS-HasDomainNCs
attribute.
Our schema is extracted from windows 2003, so we have the problem.
As the NET-API-BECOME-DC test triggers this bug, windows 2003
seems to just skip creating a backlink.
metze
|
|
|
|
This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb. There is much more work to do in
this area.
Andrew Bartlett
(This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
|
|
This passes down the timeout more consistantly, and ensures that no
matter how the modules screw up, we don't free() the memory we are
going to write into the ASN1 packet until we actually write it out.
Andrew Bartlett
(This used to be commit eefd46289b90967ce6b4cd385fb1f7e1d6f9b343)
|
|
(This used to be commit ce332130ea77159832da23bab760fa26921719e2)
|
|
everywhere.
(This used to be commit 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b)
|
|
This moves to a smarter 'find the delta' based operation of the linked
attributes module, when the caller asks for a 'replace' of the link
source. Previously we would spray operations all over the database,
even if the net result was just to modify one record.
This also means we need the transaction safety less, which may be
useful for some LDAP backends that don't provide this functionality on
the LDAP server.
Andrew Bartlett
(This used to be commit 8c88e4eb1c0a606e7899091525260e8d6558ffd0)
|
|
modifications, and then extend our implementation to match.
Andrew Bartlett
(This used to be commit 65d17f0ad7ead438333abcccb0bd56b038ffb88e)
|
|
A re-arrangment of the code due to the base DN checking meant that the
ac->down_req array wasn't started, so was NULL
Andrew Bartlett
(This used to be commit 0a44b8e9f3e1a85c27d105cdd1572a0df936f612)
|
