samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-11-01	s4-ldb: enable version checking in dsdb ldb modules	Andrew Tridgell	1	-0/+1

2010-11-01	s4-dsdb: convert the rest of the ldb modules to the new module type	Andrew Tridgell	1	-1/+6

2010-10-24	s4:dsdb - use the more safe "samdb_msg_add_(u)int*" calls always where possible	Matthias Dieter Wallnöfer	1	-6/+7
	This should prevent all possible integer storage problems in future.
2010-10-19	s4-dsdb: filter unregistered controls in the rootdse module	Andrew Tridgell	1	-19/+84
	if we get an unregistered control in the rootdse module, and the request comes from an untrusted source (eg. ldap://) then we need to: 1) filter the control out if it is marked non-critical 2) give an error if it is marked critical Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-16	s4:dsdb - fix unsigned integer save problems using the "%u" specifier	Matthias Dieter Wallnöfer	1	-8/+9
	The issue here is that we have not yet first cast to int32_t explicitly, before we cast to an signed int to printf() into the %d or cast to a int64_t before we then cast to a long long to printf into a %lld. There are no unsigned integers in Active Directory LDAP, even the RID allocations and ms-DS-Secondary-KrbTgt-Number are signed quantities. (See the schema, and the syntax definitions in schema_syntax.c). The failure has been detected by Matthieu Patou on the buildfarm host "tridge" due to a malformed "groupType" attribute. The solution is to use the "%d" specifier. Either to use it directly - or better (when possible) use the call "samdb_msg_add_uint" (which encapsulates it). This patch changes such problematic situations.
2010-10-12	s4-libcli/security Use seperate subsystem for session related functions	Andrew Bartlett	1	-0/+1
	The merged I plan in this area require spliting security.h into two header files, a common header and a session.h for the remaining source4-specific code. Andrew Bartlett
2010-09-29	s4-rodc: RODC should not accept requests for role transfer	Nadezhda Ivanova	1	-0/+12
	A RODC cannot assume a role, and unwillingToPerform must be returned if such request is sent via LDAP
2010-09-29	s4-dsdb Fix segfault in error case in rootdse module	Andrew Bartlett	1	-1/+4

2010-09-25	ldb: mark the location of a lot more ldb requests	Andrew Tridgell	1	-0/+2

2010-09-24	s4:rootdse LDB module - make use of "dsdb_forest_functional_level"	Matthias Dieter Wallnöfer	1	-3/+2
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - introduce dynamic "ldapServiceName"	Matthias Dieter Wallnöfer	1	-0/+25
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - introduce dynamic "dnsHostName" attribute	Matthias Dieter Wallnöfer	1	-0/+8
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - make "serverName" dynamic	Matthias Dieter Wallnöfer	1	-0/+7
	This helps to fix bug #7347. "dsServiceName" cannot be made dynamic in such a simple way since it's already needed on LDB initialisation time. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - remove "priv" checks where not needed	Matthias Dieter Wallnöfer	1	-3/+3
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - better that the "edn" control handling is done last	Matthias Dieter Wallnöfer	1	-20/+20
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - make more use of LDB result constants	Matthias Dieter Wallnöfer	1	-17/+17
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - fix comment typo	Matthias Dieter Wallnöfer	1	-1/+1
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24	s4:rootdse LDB module - fix counter types	Matthias Dieter Wallnöfer	1	-1/+1
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19	s4-rootdse: mark registered controls as non-critical	Andrew Tridgell	1	-0/+37
	this is needed for clients that may include unnecessary controls in requests and mark them as non-critical
2010-09-15	s4-rootdse: setup length after NULL check	Andrew Tridgell	1	-2/+2

2010-09-10	s4/fsmo: Change return type from NTSTATUS to WERROR for drepl_takeFSMOrole	Anatoliy Atanasov	1	-2/+3
	This removed an unnecessary conversion of the return type in drepl_take_FSMO_role.
2010-09-10	s4-fsmo: update FSMO changes for recent IRPC work	Andrew Tridgell	1	-4/+10
	the IRPC API has changed Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-10	s4-ldap: Added support for FSMO role transfer via LDAP by modify on rootDSE	Nadezhda Ivanova	1	-1/+46
	GetNCChanges with the corresponding extended operation is initiated and added to the queue when a modify request is received on becomeSchemaMaster, becomeRidMaster, becomeNamingMaster, becomeInfrastructureMaster and becomePDC attributes in rootDSE.
2010-08-23	s4:security Change struct security_token->sids from struct dom_sid * to ↵	Andrew Bartlett	1	-1/+1
	struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
2010-07-07	s4-dsdb: use ldb_operr() in the dsdb code	Andrew Tridgell	1	-22/+17
	this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-02	s4-dsdb: fixed spelling of supportedSASLMechanisms	Andrew Tridgell	1	-1/+1
	Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-02	s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flag	Kamen Mazdrashki	1	-2/+3
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-19	s4:rootdse LDB module - strip trailing whitespaces	Matthias Dieter Wallnöfer	1	-24/+24

2010-06-19	s4:rootdse LDB module - protect add and delete operations on the rootdse entry	Matthias Dieter Wallnöfer	1	-4/+34

2010-06-19	s4:rootdse LDB module - Return "UNWILLING_TO_PERFORM" when no attribute fits ↵	Matthias Dieter Wallnöfer	1	-1/+2
	on a change
2010-06-19	s4:rootdse LDB module - refactor error messages	Matthias Dieter Wallnöfer	1	-24/+29
	Fix indentations, use "set_errstring" when no "asprintf" functionality required.
2010-06-11	s4:rootdse LDB module - use LDB result constants	Matthias Dieter Wallnöfer	1	-4/+5

2010-04-22	s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level	Andrew Tridgell	1	-1/+1
	This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-15	s4:rootdse: only return "tokenGroups", when the client asked for them	Stefan Metzmacher	1	-1/+1
	metze
2010-04-13	Revert "s4:prefer "samdb__dn" basedn calls over the "ldb_get__dn" functions"	Matthias Dieter Wallnöfer	1	-3/+3
	We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-04-10	s4:rootdse Implement "tokenGroups" in the rootDSE	Andrew Bartlett	1	-0/+18
	This returns the currently connected user's full token. This is very useful for debugging, and should be used in ACL tests. Andrew Bartlett
2010-03-16	s4:dsdb Change dsdb_get_schema() callers to use new talloc argument	Andrew Bartlett	1	-1/+1
	This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett
2010-03-07	s4:rootdse LDB module - change counter variables to "unsigned" where appropriate	Matthias Dieter Wallnöfer	1	-9/+10

2010-02-16	s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE here	Andrew Tridgell	1	-2/+2

2010-02-16	s4-drs: enable the recyclebin optional feature	Eduardo Lima	1	-19/+250
	Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-17	s4-dsdb: isGlobalCatalogReady should be shown by default	Andrew Tridgell	1	-1/+1
	This caused repadmin.exe to crash. Thanks to Hongwei for tracking this down for us.
2010-01-16	s4-dsdb: added isGlobalCatalogReady	Andrew Tridgell	1	-0/+12
	needed for dcdiag.exe
2009-12-09	s4-dsdb: added dsdb_functional_level() helper function	Andrew Tridgell	1	-3/+2

2009-11-06	s4/drs: remove unused num_prefixes and prefixes from dsdb_schema	Kamen Mazdrashki	1	-1/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-10-26	s4-ldb: fixed request handling for schemaUpdateNow op	Andrew Tridgell	1	-1/+1

2009-10-06	s4:rootdse module - intendation fixup	Matthias Dieter Wallnöfer	1	-2/+2

2009-09-21	s4-ldap: default edn type is 0	Andrew Tridgell	1	-1/+1

2009-09-21	s4-ldb: add support for extended DNs in the rootDSE	Andrew Tridgell	1	-2/+135
	W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs
2009-07-16	s4:dsdb Handle dc/domain/forest functional levels properly	Andrew Bartlett	1	-5/+135
	Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett
2009-07-08	Fix for schemaUpdateNow command	Anatoliy Atanasov	1	-1/+1