samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-04-22	s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level	Andrew Tridgell	1	-1/+1
	This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-15	s4:rootdse: only return "tokenGroups", when the client asked for them	Stefan Metzmacher	1	-1/+1
	metze
2010-04-13	Revert "s4:prefer "samdb__dn" basedn calls over the "ldb_get__dn" functions"	Matthias Dieter Wallnöfer	1	-3/+3
	We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-04-10	s4:rootdse Implement "tokenGroups" in the rootDSE	Andrew Bartlett	1	-0/+18
	This returns the currently connected user's full token. This is very useful for debugging, and should be used in ACL tests. Andrew Bartlett
2010-03-16	s4:dsdb Change dsdb_get_schema() callers to use new talloc argument	Andrew Bartlett	1	-1/+1
	This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett
2010-03-07	s4:rootdse LDB module - change counter variables to "unsigned" where appropriate	Matthias Dieter Wallnöfer	1	-9/+10

2010-02-16	s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE here	Andrew Tridgell	1	-2/+2

2010-02-16	s4-drs: enable the recyclebin optional feature	Eduardo Lima	1	-19/+250
	Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-17	s4-dsdb: isGlobalCatalogReady should be shown by default	Andrew Tridgell	1	-1/+1
	This caused repadmin.exe to crash. Thanks to Hongwei for tracking this down for us.
2010-01-16	s4-dsdb: added isGlobalCatalogReady	Andrew Tridgell	1	-0/+12
	needed for dcdiag.exe
2009-12-09	s4-dsdb: added dsdb_functional_level() helper function	Andrew Tridgell	1	-3/+2

2009-11-06	s4/drs: remove unused num_prefixes and prefixes from dsdb_schema	Kamen Mazdrashki	1	-1/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-10-26	s4-ldb: fixed request handling for schemaUpdateNow op	Andrew Tridgell	1	-1/+1

2009-10-06	s4:rootdse module - intendation fixup	Matthias Dieter Wallnöfer	1	-2/+2

2009-09-21	s4-ldap: default edn type is 0	Andrew Tridgell	1	-1/+1

2009-09-21	s4-ldb: add support for extended DNs in the rootDSE	Andrew Tridgell	1	-2/+135
	W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs
2009-07-16	s4:dsdb Handle dc/domain/forest functional levels properly	Andrew Bartlett	1	-5/+135
	Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett
2009-07-08	Fix for schemaUpdateNow command	Anatoliy Atanasov	1	-1/+1

2009-06-30	s4:ldb Allow rootdse module to build without ldb_private.h	Andrew Bartlett	1	-1/+2
	It seems quite reasonable to allow modules to re-initialise the set of cached DNs on the ldb context. Andrew Bartlett
2009-06-18	dsdb: Fix build against system ldb.	Jelmer Vernooij	1	-1/+1

2009-01-30	Fix all other modules to use ldb_module.h instead of ldb_private.h	Simo Sorce	1	-25/+37
	The only 2 modules escaping the rule so far are rootdse and partitions
2008-12-17	s4:rootdse: fix the logic to indentify a rootdse search	Andrew Bartlett	1	-2/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17	s4:ldb: make it possible to return per entry controls	Andrew Bartlett	1	-1/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-10-02	s4:rootdse: for now don't pass down controls for the rootdse search	Stefan Metzmacher	1	-1/+1
	metze
2008-09-29	LDB ASYNC: samba4 modules	Simo Sorce	1	-54/+68

2008-07-25	Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local	Andrew Bartlett	1	-3/+44
	(This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
2008-07-25	Clarify how we are doing the 'this is a rootdse query' check.	Andrew Bartlett	1	-1/+2
	(This used to be commit 8dfba3160cc4bc518f3ad8570d104e5baae784ca)
2008-07-24	Handle schema reloading request.	Anatoliy Atanasov	1	-3/+44
	The ldif for that operation looks like this: dn: changetype: Modify add: schemaUpdateNow schemaUpdateNow: 1 It uses the rootdse's object functional attribute schemaUpdateNow. In rootdse_modify() this command is being recognized and it is send as extended operation with DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID. In the partition module its dispatched to the schema_fsmo module. The request is processed in the schema_fsmo module by schema_fsmo_extended(). (This used to be commit 39f9184ddf215f2b512319211c0a05702218ef87)
2008-07-01	schema_fsmo: move fsmo info into struct dsdb_schema	Stefan Metzmacher	1	-4/+1
	metze (This used to be commit 8538d305c803268c712a90879f29a2a74ba0ef03)
2008-04-04	Clean up provision and rootdse module to hard-code less stuff.	Andrew Bartlett	1	-0/+8
	In particular, allow for the server DN to be in a different site (possible outcome of a DRS replication). Andrew Bartlett (This used to be commit 9ee4e39fe178317f42fd9a0adceea24b55dfe0f1)
2008-02-20	Fix use of some modules (needed _PUBLIC_).	Jelmer Vernooij	1	-1/+1
	(This used to be commit ce332130ea77159832da23bab760fa26921719e2)
2008-02-20	Use struct-based rather than function-based initialization for ldb modules ↵	Jelmer Vernooij	1	-7/+1
	everywhere. (This used to be commit 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b)
2007-12-21	r25753: Move cn=rootdse to @ROOTDSE to avoid being caught up in schema ↵	Andrew Bartlett	1	-2/+2
	restrictions. Andrew Bartlett (This used to be commit f3390c9054244c0e4381007b36bbac9a17800570)
2007-10-10	r24731: Remove unused code - if we hit these error conditions, then we are	Andrew Bartlett	1	-5/+0
	dead anyway, and a segfault would leave us with more infomation. Andrew Bartlett (This used to be commit 62320616ff8795ff18c8f49029d81f12558c10ed)
2007-10-10	r23792: convert Samba4 to GPLv3	Andrew Tridgell	1	-3/+2
	There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10	r20871: implement the validFSMOs constructed attribute on the rootdse	Stefan Metzmacher	1	-0/+40
	for the schema, domain naming and pdc fsmo roles infrastructure and rid manager will be added later, when we have module for them metze (This used to be commit 308f9cf822a3a34dae28a5fa5aa850e2adbeb472)
2007-10-10	r20870: implement the constructed attributes dsSchemaAttrCount,	Stefan Metzmacher	1	-0/+44
	dsSchemaClassCount and dsSchemaPrefixCount on the rootdse having a loaded dsdb_schema make things so easy...:-) metze (This used to be commit 7862fcdbb5ce43e702512c1acdbb5843ef551293)
2007-10-10	r20762: load the default dn's after the rootdse module is initialized,	Stefan Metzmacher	1	-0/+2
	so that following module can access the default dn's. metze (This used to be commit a934da4dcfeae49fcfc901a071da2d41507da69b)
2007-10-10	r19832: better prototypes for the linearization functions:	Simo Sorce	1	-1/+1
	- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10	r19831: Big ldb_dn optimization and interfaces enhancement patch	Simo Sorce	1	-3/+3
	This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10	r19726: when a client explicit asks for the 'netlogon' attriubute on LDAP	Stefan Metzmacher	1	-0/+9
	the result entry is skipped! metze (This used to be commit 62aa73f3d56596780fc82fecbc99c688ecbf5b08)
2007-10-10	r19531: Make struct ldb_dn opaque and local to ldb_dn.c	Simo Sorce	1	-1/+1
	(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
2007-10-10	r19522: Remove gensec and credentials dependency from the rootdse module (less	Andrew Bartlett	1	-20/+12
	dependency loops). This moves the evaluation of the SASL mechansim list to display in the rootDSE to the ldap server. Andrew Bartlett (This used to be commit 379da475e224d93c05d91b37902c121eb4007d97)
2007-10-10	r18781: Move the usnCreated and usnChanged handling around again.	Andrew Bartlett	1	-1/+1
	This moves these attributes from objectguid into an optional backend (objectguid), used by ltdb. For OpenLDAP, the entryUUID module converts entryCSN into usnChanged. This also changes the sequence number API, and uses 'time based' sequence numbers, when an LDAP or similar backend is detected. To assist this, we also store the last modified time in the TDB, whenever we change a value. Andrew Bartlett (This used to be commit 72858f859483c0c532dddb2c146d6bd7b9be5072)
2007-10-10	r18368: Don't list GENSEC mechs that only have client implementations in our	Andrew Bartlett	1	-1/+1
	supportedSASLMechanism list. Andrew Bartlett (This used to be commit 3e69637b5f79e4132026ebaf9d57cf67ef3826c1)
2007-10-10	r18301: I discovered how to load the warnings from a build farm build into	Andrew Tridgell	1	-2/+2
	emacs compile mode (hint, paste to a file, and compile as "cat filename"). This allowed me to fix nearly all the warnings for a IA_64 SuSE build very quickly. (This used to be commit eba6c84efff735bb0ca941ac4b755ce2b0591667)
2007-10-10	r17514: Simplify the way to set ldb errors and add another	Simo Sorce	1	-1/+1
	helper function to set them. (This used to be commit 260868bae56194fcb98d55afc22fc66d96a303df)
2007-10-10	r17186: "async" word abuse clean-up part 2	Simo Sorce	1	-11/+11
	(This used to be commit c6aa60c7e69abf1f83efc150b1c3ed02751c45fc)
2007-10-10	r17185: Oh, I wanted to do this for sooo long time.	Simo Sorce	1	-2/+2
	Finally acknowledge that ldb is inherently async and does not have a dual personality anymore Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply to reflect the real function of this structure. Simo. (This used to be commit 25fc7354049d62efeba17681ef1cdd326bc3f2ef)
2007-10-10	r16264: Add, but do not yet enable, the partitions module.	Andrew Bartlett	1	-5/+45
	This required changes to the rootDSE module, to allow registration of partitions. In doing so I renamed the 'register' operation to 'register_control' and 'register_partition', which changed a few more modules. Due to the behaviour of certain LDAP servers, we create the baseDN entry in two parts: Firstly, we allow the admin to export a simple LDIF file to add to their server. Then we perform a modify to add the remaining attributes. To delete all users in partitions, we must now search and delete all objects in the partition, rather than a simple search from the root. Against LDAP, this might not delete all objects, so we allow this to fail. In testing, we found that the 'Domain Controllers' container was misnamed, and should be 'CN=', rather than 'OU='. To avoid the Templates being found in default searches, they have been moved to CN=Templates from CN=Templates,${BASEDN}. Andrew Bartlett (This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)