Age | Commit message (Collapse) | Author | Files | Lines |
|
We should not do any magic regarding the highwatermark we got from
the source dsa. We need to treat it as opaque and not try to be smart
and merge it into the uptodatevector.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This matches Windows 2008R2 and Windows 2012.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
replicated changes
We only do so if the replicated object is not deleted.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The propagation of nTSecurityDescriptor doesn't change the
replProperyMetaData.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
In all callers, we must already have a attributeID for each of the
values or else we would have already given an error, or could not have
obtained the message over DRS.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 9 11:39:54 CEST 2012 on sn-devel-104
|
|
This allows a lastKnownParent from LostAndFound to be replaced.
Andrew Bartlett
|
|
When we call ldb_module_done() rather than just calling the callback, we make log entries
that are critical in debugging.
Andrew Bartlett
|
|
Previously we would only consider renaming the local object, now we can cope with
renaming the remote object as well.
This should avoid most of the cases where Samba AD replication can just stop.
Andrew Bartlett
|
|
parent
This fixes up the lastKnownParent attribute on lostAndFound objects to have a GUID
(found by dbcheck).
Andrew Bartlett
|
|
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jul 29 16:51:34 CEST 2012 on sn-devel-104
|
|
|
|
add debugging
The logic looking for LostAndFound failed for a user, so add extensive
debugging to make this eaiser to trace down in future.
Andrew Bartlett
|
|
This should mean that a samba-tool drs replicate --full-sync forces a
replication of all objects, regardless of if we think the local name
is newer and regards any local name as being in conflict.
Andrew Bartlett
|
|
This allows us to proceed with replication when the source DC is sending us an object
which has a matching object in this NC (by name) but not by GUID.
Andrew Bartlett
|
|
Normally this would be a very bad idea, but the specific case of fixing the instanceType
is the only case where this makes sense.
Andrew Bartlett
|
|
This allows the parent to be renmaed while a new object is added on another replica.
This rename may also be a delete, in which case we must move it to lostandfound.
Andrew Bartlett
|
|
We search in the schema if we have already this intid (using dsdb_attribute_by_attributeID_id because
in the range 0x80000000 0xBFFFFFFFF, attributeID is a DSDB_ATTID_TYPE_INTID).
If so generate another random value.
If not check if the highest USN in the database for the schema partition is the
one that we know.
If so it means that's only this ldb context that is touching the schema in the database.
If not it means that's someone else has modified the database while we are doing our changes too
(this case should be very bery rare) in order to be sure do the search in the database.
|
|
|
|
"unix_to_nt_time()" which is based on "time_t" behaves differently for
literals > 32 bit on 32 and 64 bit platforms.
Reviewed-by: ekacnet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
attribute interSiteTopologyGenerator even if the value didn't change
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Nov 19 16:47:53 CET 2011 on sn-devel-104
|
|
Deleted Object Container
|
|
referrals
Reviewed-by: abartlet
|
|
messages
"ldb_error" could overwrite possibly useful error messages.
Reviewed-by: abartlet
|
|
These are displayed when an object just doesn't exist!
Reviewed-by: abartlet
|
|
on failure
And add "ldb_operr()" before the "return ret" to point out the position
where it failed (for "add_time_element" and "add_uint64_element")
Reworked after a suggestion by abartlet.
|
|
len(res) == 1
No need to perform an additional check here. As a return value we should
always give back the original error code and not generate a new one (to
let the caller know what is going on).
Reviewed-by: abartlet
|
|
show the reply type in "Invalid reply type" messages
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 20 00:57:05 CEST 2011 on sn-devel-104
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
sAMAccountType
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Oct 6 03:43:13 CEST 2011 on sn-devel-104
|
|
|
|
|
|
when we are adding an object via DRS, we need to add the
DSDB_CONTROL_PARTIAL_REPLICA control if we are replicating a partial
replica, so ensure the partition module creates new NCs as partial
replicas
|
|
another missing newline
|
|
With this set, we accept changes even if they have the same tuple as
the local copy. This can be used by a FULL_SYNC replication to recover
a replica that is corrupt
|
|
if instanceType does not include INSTANCE_TYPE_WRITE, then disallow
changes to any replicated attributes. This ensures partial replicates
are not alterered
|
|
when we do a subdomain join we create a new object using a REPL_OBJ
getncchanges call for the partitions DN. This has a side effect of
creating that object. We need to skip the UDV update in that case
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
added comments explaining the backlink deletion code, plus fix a use
of a bitwise operation in a boolean expression, and avoid calling
dsdb_functional_level() inside a loop
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
thanks to Matthias for his great test suite work!
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when dbcheck is fixing missing backlinks we don't want a DEBUG 0
message
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
the samldb checks failed to account for the possibility of a member
being removed and added in the same modify operation. This happens
(for example) when dbcheck is fixing a SID in a DN.
The repl_meta_data.c code already has this check, it just wasn't
giving the right specialised error code for the 'member' attribute
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
even if the data hasn't change
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
dn might be broken
The usual use case is that you have a not complete linked attribute (ie.
without the SID) if we keep using the old dn, then the SID will never be
added.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is needed because we can have more than 1 value in a single valued
attribute as we store also deleted values. So we do the check in repl_meta_data
and then indicate LDB to do the check.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this allows attributes not known in the schema to be removed if the
caller has set the RELAX control. This will be used by dbcheck to
allow cleaning of bad attributes from the database
|
|
if the link was a w2k style, and we are upgrading it, then set the
RMD_ADDTIME to the current time
|
|
if backlinks have not propogated correctly in a previous replication
this allows us to recover
|