summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/samldb.c
AgeCommit message (Collapse)AuthorFilesLines
2010-11-07s4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the ↵Matthias Dieter Wallnöfer1-6/+12
attribute fetch also on LDB add operations We've to completely ignore the flags in that case. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Nov 7 11:10:23 UTC 2010 on sn-devel-104
2010-11-04s4:dsdb/samdb: optimize samldb_prim_group_change()Stefan Metzmacher1-60/+60
We should only do searches when we have to. metze
2010-11-03s4:dsdb/samldb: avoid nested unindexed searches in samldb_member_check()Stefan Metzmacher1-14/+31
With 20000 objects in the database it's no fun to add members... metze
2010-11-03s4:samldb LDB module - improve the "get_single_valued_attr" call and move it ↵Matthias Dieter Wallnöfer1-84/+6
into "ldb_modules/util.c" It will be used by other LDB modules as well.
2010-11-01s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothingMatthias Dieter Wallnöfer1-2/+8
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 1 14:36:24 UTC 2010 on sn-devel-104
2010-11-01s4:samldb LDB module - support now the full "servicePrincipalName" update ↵Matthias Dieter Wallnöfer1-30/+96
trigger With "dNSHostName" and/or "sAMAccountName" updates
2010-11-01s4:samldb LDB module - "sAMAccountName" checkerMatthias Dieter Wallnöfer1-2/+2
We need a "talloc_steal" for the retrieved "sAMAccountName" since the memory is afterwards freed using the "talloc_free" call.
2010-11-01s4-ldb: enable version checking in dsdb ldb modulesAndrew Tridgell1-0/+1
2010-11-01s4:samldb LDB module - unify objectSid assignment error messagesMatthias Dieter Wallnöfer1-3/+2
2010-11-01s4:samldb LDB module - deny "objectSid" modificationsMatthias Dieter Wallnöfer1-0/+7
The same as with Windows
2010-11-01s4-dsdb: convert the rest of the ldb modules to the new module typeAndrew Tridgell1-1/+6
2010-10-31s4:samldb LDB module - validate "sAMAccountName" modificationsMatthias Dieter Wallnöfer1-0/+74
Also the "sAMAccountName" attribute is protected against corruption (e.g. two accounts with the same name).
2010-10-31s4:samldb LDB module - implement the "dNSHostName" - "servicePrincipalName" ↵Matthias Dieter Wallnöfer1-0/+155
change trigger When the "dNSHostName" changes then also the "servicePrincipalName"s are changed as well.
2010-10-31s4:samldb LDB module - check for the number of results after a search operationMatthias Dieter Wallnöfer1-0/+3
Should always be done.
2010-10-30s4:samldb LDB module - make the "userAccountControl" and "groupType" modify ↵Matthias Dieter Wallnöfer1-122/+173
handlers separate functions It's easier to maintain afterwards Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Oct 30 19:07:20 UTC 2010 on sn-devel-104
2010-10-30s4:samldb LDB module - add a new function which handles special cases for ↵Matthias Dieter Wallnöfer1-28/+51
single-valued attribute on SAM modifications This saves quiet some work.
2010-10-30s4:samldb LDB module - primary group change - free temporary messages to ↵Matthias Dieter Wallnöfer1-2/+4
save memory
2010-10-30s4:samldb LDB module - adapt the "samldb_prim_group_change" trigger to ↵Matthias Dieter Wallnöfer1-10/+55
support multiple "primaryGroupID" modification entries
2010-10-30s4:samldb LDB module - "member" triggerMatthias Dieter Wallnöfer1-38/+69
- adapt the "samldb_member_check" trigger to support multiple "member" modification entries. There can exist special modification messages which delete and add members in one operation - support the right error codes when modifications do fail (ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM)
2010-10-26s4:samldb LDB module - enhance the "member"-check triggerMatthias Dieter Wallnöfer1-3/+7
- Also multi-valued "member" attributes are allowed - When you try to delete a member from a group which has it primary group set exactly to this group you get "UNWILLING_TO_PERFORM"
2010-10-25s4:"samdb_search_count" - introduce a "mem_ctx" parameterMatthias Dieter Wallnöfer1-2/+2
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't? Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104
2010-10-25s4:samldb LDB module - other indentation fixes on error messagesMatthias Dieter Wallnöfer1-9/+12
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 12:31:57 UTC 2010 on sn-devel-104
2010-10-25s4:samldb LDB module - fix indentationsMatthias Dieter Wallnöfer1-15/+28
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 25 09:48:15 UTC 2010 on sn-devel-104
2010-10-25s4:samldb LDB module - use "uint32_t" for available krbtgt numberMatthias Dieter Wallnöfer1-5/+8
2010-10-25s4:samldb LDB module - assign better memory contexts in some casesMatthias Dieter Wallnöfer1-8/+9
2010-10-24s4:dsdb - remove some calls of "samdb_msg_add_string" when we have talloc'ed ↵Matthias Dieter Wallnöfer1-3/+2
strings They can be substituted by "ldb_msg_add_string" if the string was already talloc'ed. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 24 20:03:27 UTC 2010 on sn-devel-104
2010-10-21s4-dsdb: moved a bunch of fuctions from schema/schema_info_attr.c to ↵Andrew Tridgell1-9/+6
samdb/ldb_modules/schema_util.c these functions operate on ldb_modules, so they should be in the ldb_modules directory. They also should return ldb errors codes, not WERROR codes, as otherwise the error can be hidden from the ldap caller This re-arrangement fixes a dependency loop in the schema/samdb code. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Kamen Mazdrashki <kamenim@samba.org>
2010-10-18s4:"util_ldb" - remove some really unused dependanciesMatthias Dieter Wallnöfer1-1/+0
2010-10-17Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer1-0/+1
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer1-1/+0
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-16s4:samldb LDB module - use appropriate fixed-length integer types where neededMatthias Dieter Wallnöfer1-4/+5
- The "systemFlags" we interpret always as signed - Use "samdb_msg_add_int" where possible (much saver for integer storing than ldb_msg_add_fmt)
2010-10-16s4:dsdb - fix unsigned integer save problems using the "%u" specifierMatthias Dieter Wallnöfer1-5/+10
The issue here is that we have not yet first cast to int32_t explicitly, before we cast to an signed int to printf() into the %d or cast to a int64_t before we then cast to a long long to printf into a %lld. There are *no* unsigned integers in Active Directory LDAP, even the RID allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities. (See the schema, and the syntax definitions in schema_syntax.c). The failure has been detected by Matthieu Patou on the buildfarm host "tridge" due to a malformed "groupType" attribute. The solution is to use the "%d" specifier. Either to use it directly - or better (when possible) use the call "samdb_msg_add_uint" (which encapsulates it). This patch changes such problematic situations.
2010-10-15s4 dsdb: fix sign problem on PPC and x86Matthieu Patou1-2/+2
In LDAP we used signed intege and groups have the highest bit set (ie. 0x80000002). So it will result with values that are > 2^31 when these value are used on some plateforms (x86 and PPC 64bits in this case) it causes problem with strtol.
2010-10-15s4:samldb LDB module - cosmetic - use "ldb" variable rather than ↵Matthias Dieter Wallnöfer1-1/+1
"ldb_module_get_ctx"
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer1-3/+3
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-14s4:samldb LDB module - attempt to fix integer handling on big-endian platformsMatthias Dieter Wallnöfer1-7/+9
And beside this it's also nicer to use standard LDB functions for type conversions. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Oct 14 08:26:53 UTC 2010 on sn-devel-104
2010-10-13s4:samldb LDB module - cosmetic fixupsMatthias Dieter Wallnöfer1-9/+9
- Update the module description - Fix indentation Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Oct 13 20:55:18 UTC 2010 on sn-devel-104
2010-10-13s4:samldb LDB module - deny creation of temporary duplicate accountsMatthias Dieter Wallnöfer1-0/+12
2010-10-13s4:samldb LDB module - proof the account type also on LDB modify operationsMatthias Dieter Wallnöfer1-0/+8
2010-10-13s4:samldb LDB module - support the group type changing properlyMatthias Dieter Wallnöfer1-1/+53
This is exactly that what Windows allows. It was proven by a blackbox test. And we also need to deny add operations of builtin groups.
2010-10-13s4:samldb LDB module - deny also the direct modification of ↵Matthias Dieter Wallnöfer1-3/+14
"isCriticalSystemObject" on modify operations
2010-10-13s4:samldb LDB module - first implementation of the samldb primary group triggerMatthias Dieter Wallnöfer1-48/+61
This was done according to MS-SAMR 3.1.1.8.2 But do use it only for add operations at the moment.
2010-10-13s4:samldb LDB module - use the new "objectclass_trigger" for add operationsMatthias Dieter Wallnöfer1-142/+33
Additionally clean up "samldb_fill_object" which is now much easier to comprehend.
2010-10-13s4:samldb LDB module - first implementation of the samldb objectclass triggerMatthias Dieter Wallnöfer1-0/+176
This was done according to MS-SAMR 3.1.1.8.1 I need to perform some RELAX checks since otherwise the provision wouldn't work anymore.
2010-10-11dsdb modules: Split ridalloc out of common helpers, because of dependency loops.Jelmer Vernooij1-0/+1
2010-10-06s4:samldb LDB module - remove "type" parameter of "samldb_fill_object"Matthias Dieter Wallnöfer1-6/+9
It's a bit redundant given that we have the "type" variable on "ac". Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Oct 6 10:20:45 UTC 2010 on sn-devel-104
2010-10-05s4:samldb LDB module - simplify/unify the message handling on add and modify ↵Matthias Dieter Wallnöfer1-28/+54
operations - Perform only shallow copies (should be enough) - Perform only one copy per operation (also on modifications) - Build a new request on modify operations if needed ("modified" flag) - this makes it look cleaner - Fix an important bug: the "el" pointers could have changed after modifications. Therefore we have to refresh them on the FLAG_DELETE checks Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Oct 5 09:24:57 UTC 2010 on sn-devel-104
2010-10-05s4:samldb LDB module - assign better memory contexts on two placesMatthias Dieter Wallnöfer1-2/+2
2010-09-29s4-samldb: also set a password on the krbtgt_NNNN accountAndrew Tridgell1-0/+11
when we setup the krbtgt_NNNN account using the DCPROMO_OID control, we also need to set an initial password for this account Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-25ldb: mark the location of a lot more ldb requestsAndrew Tridgell1-0/+1
generated by cgit (git 2.34.1) at 2024-11-09 18:20:08 +0000