| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
I think these modules ended up LGPL because someone based the module
on an existing LGPL module in the core ldb, and it spread from
there. Certainly there is no reason for the ldb modules that are not
distributed as part of ldb to be LGPL.
|
|
|
|
This fixes up the change of the primary group of a user when using the ADUC
console:
- When the "primaryGroupId" attribute changes, we have to delete the
"member"/"memberOf" attribute reference of the new primary group and add one
for the old primary group.
- Deny deletion of primary groups according to Windows Server (so we cannot
have invalid "primaryGroupID" attributes in our AD).
- We cannot add a primary group directly before it isn't a secondary one of a
user account.
- We cannot add a secondary reference ("member" attribute) when the group has
been chosen as primary one.
This also removes the LDB templates which are basically overhead now.
This should also fix bug #6599.
|
|
|
|
These references were triggering the ambiguous talloc_free errors from
the recent talloc changes when the server is run using the 'standard'
process model instead of the 'single' process model. I am aiming to
move the build farm to use the 'standard' process model soon, as part
of an effort to make our test environment better match the real
deployment of Samba4.
The references are not needed as the way that the event context is
used is as the 'top parent', so when the event context is freed then
all of the structures that were taking a reference to the event
context were actually freed as well, thus making the references
redundent.
|
|
Guenther
|
|
Using ldb unique indexes for samAccountName doesn't work with DRS as
the other DC may send us a deleted record (tombstone record), which
has the same samAccountName as an existing record. That would then
create two records in the same partition with the same samAccountName.
So we needed to put back the logic in samldb.c which explicitly
checked whether a samAccountName already exists on add
|
|
These attributes now use the unique indexing flag
|
|
The only 2 modules escaping the rule so far are rootdse and partitions
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
When things go wrong with LDB, this routine seems to be particularly
sensitive to it. This extra debugging should help the next poor soul who
breaks LDB.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
remove some unused functions.
|
|
|
|
This removes the event_context leak that caused
NT_STATUS_TOO_MANY_OPENED_FILES in the server,
because of all the epool fds
metze
|
|
|
|
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
(This used to be commit 8003ee9abf474de534677283fc499f9a3d992b20)
|
|
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
|
|
(This used to be commit ebe5e8399422eb7e2ff4deb546338823e2718907)
|
|
Andrew Bartlett
(This used to be commit db3b5f16ec8d9b83d8a82a535a4847dce5923663)
|
|
Slowly work away at the samldb module again, it is clear that AD does
not use much of a templating system. samAccountType is managed, as
far as I can tell, when groupType or userAccountControl changes.
Andrew Bartlett
(This used to be commit 447d5a795441aa6beab2f057c5ac1bc3c04e08c4)
|
|
(This used to be commit ce332130ea77159832da23bab760fa26921719e2)
|
|
everywhere.
(This used to be commit 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b)
|
|
(This used to be commit 1163c2ad54b122487fa25960b8989f0f6d0b8c64)
|
|
ndr_struct_push_blob().
(This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
|
|
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
|
|
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
|
|
Andrew Bartlett
(This used to be commit f0a0d73f768434cb474b311d7c366d1f2a06c8f4)
|
|
Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules. This moves them to a seperate templates.ldb.
In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search. This
returns far more useful errors, which we now handle and report better.
The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain. This function also returns better errors.
dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()
Andrew Bartlett
(This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
|
|
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/
metze
(This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
|
|
metze
(This used to be commit 7b77210d3e2c644d28d6e3795e6c4423dc6ea4bf)
|
|
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
|
|
allow the objectclass module to reconstruct the objectclass hierarchy,
rather than using templates.
The issue being fixed in particular is that 'top' was not being set on
containers.
This should ensure we do this right for all objects.
Andrew Bartlett
(This used to be commit d17a0058ba8492b8b3f81b6f10fc34b3e45bb8a6)
|
|
with a patch from Andrew Kroeger <andrew@sprocks.gotdns.com>.
The changes to samldb_fill_foreignSecurityPrincipal_object() look much
larger then they are: We just skip all the objectSid generation if the
SID is supplied.
By providing a few more objects, standard dialogs on the clients are
better behaved, for these 'well known' users.
Andrew Bartlett
(This used to be commit 35ee4aee719e69983d650602d1c6422a31600001)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation
metze
(This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
|
|
when applying replicated objects.
the samldb module ignores such requests now...
and the repl_meta_data module has different functions
for the replicated and originating cases...
metze
(This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
This seems to show up (as an abort() from talloc) particularly under
ldb_ildap.
Andrew Bartlett
(This used to be commit 9890af534d845d471d2a98268c408a907b29e016)
|
|
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
(This used to be commit f163f422e3f201d8b0e22538949eccf0f7e62143)
|
|
(This used to be commit f57535b9c2214e58c71084fcb9d74848e7d26b89)
|
|
needed in searches
(This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
|
|
metze
(This used to be commit 00fcc4f16a01a0c6a70f86c8bd9d1f9801dfd9df)
|
|
not used purely as ldb module helper functions. This now passes these
strings back as explicit parameters.
Andrew Bartlett
(This used to be commit 9c1cd9c2c6bcd9d056a7c9caafacdd573562ebbc)
|
