| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation
metze
(This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
|
|
when applying replicated objects.
the samldb module ignores such requests now...
and the repl_meta_data module has different functions
for the replicated and originating cases...
metze
(This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)
|
|
supprisingly complex call...
It turns out that the in/out parameter 'level' is not in/out, but set
seperatly by the server-side code from r->req.req1.level.
This commit also breaks out some common code from samldb into samdb.
Andrew Bartlett
(This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
|
|
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
This seems to show up (as an abort() from talloc) particularly under
ldb_ildap.
Andrew Bartlett
(This used to be commit 9890af534d845d471d2a98268c408a907b29e016)
|
|
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
(This used to be commit f163f422e3f201d8b0e22538949eccf0f7e62143)
|
|
(This used to be commit f57535b9c2214e58c71084fcb9d74848e7d26b89)
|
|
needed in searches
(This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
|
|
metze
(This used to be commit 00fcc4f16a01a0c6a70f86c8bd9d1f9801dfd9df)
|
|
not used purely as ldb module helper functions. This now passes these
strings back as explicit parameters.
Andrew Bartlett
(This used to be commit 9c1cd9c2c6bcd9d056a7c9caafacdd573562ebbc)
|
|
to do
(This used to be commit ad75cf869550af66119d0293503024d41d834e02)
|
|
helper function to set them.
(This used to be commit 260868bae56194fcb98d55afc22fc66d96a303df)
|
|
(This used to be commit c6aa60c7e69abf1f83efc150b1c3ed02751c45fc)
|
|
to be created as foreign, even if they are in a local domain.
Also we do need the user to exist for the life of the test, as we add
it to a group.
Andrew Bartlett
(This used to be commit ae470ff7014e52b55d88e9fe12e2322e069daf9d)
|
|
in the Builtin domain a SID from the global domain.
Andrew Bartlett
(This used to be commit 9d31b9f04721a2cac62f492f8db071aaa0aa966b)
|
|
Andrew Bartlett
(This used to be commit 9fdbedafad69e55ef4ccad51c4f002c49e43f372)
|
|
- creation of ForeignSecurityPrincipals
- template duplication code
Rework much of the LSA server to pass the RPC-LSA test. Much of the
server code was untested. In implementing the LSA Accounts feature, I
have opted to have it only create entires when privilages are applied,
and not to delete entries, but to delete the privilages.
We skip some parts of the test, but it is much better than not testing
it at all.
Andrew Bartlett
(This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
|
|
This required changes to the rootDSE module, to allow registration of
partitions. In doing so I renamed the 'register' operation to
'register_control' and 'register_partition', which changed a few more
modules.
Due to the behaviour of certain LDAP servers, we create the baseDN
entry in two parts: Firstly, we allow the admin to export a simple
LDIF file to add to their server. Then we perform a modify to add the
remaining attributes.
To delete all users in partitions, we must now search and delete all
objects in the partition, rather than a simple search from the root.
Against LDAP, this might not delete all objects, so we allow this to
fail.
In testing, we found that the 'Domain Controllers' container was
misnamed, and should be 'CN=', rather than 'OU='.
To avoid the Templates being found in default searches, they have been
moved to CN=Templates from CN=Templates,${BASEDN}.
Andrew Bartlett
(This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)
|
|
Andrew Bartlett
(This used to be commit af11f464a717cc7db0393070da780091a6053ee0)
|
|
original error strings back to the callers.
Andrew Bartlett
(This used to be commit defa63298838fefae7ed003458020045edaef21d)
|
|
This adds more/better setting of the ldb error string, and avoids
using gendb_search(), as this doens't return the error code.
Andrew Bartlett
(This used to be commit 2d2e71a2d5827c9dc8785b87547559071b47ab34)
|
|
We were not using the correct baseDN for the templates search. Using NULL is no longer valid (like against AD).
While chasing that down, return proper error codes, and use the
ldb_set_errstr() to get a good error string back up to the UI layer.
Andrew Bartlett
(This used to be commit b31003403d84def6f11b21df566ff57c01da21b8)
|
|
Andrew Bartlett
(This used to be commit 25e85975459acc556c0d46f1683dd4bbdd94874b)
|
|
things.
With this fix, we now correctly detect computers again, and get the
correct objectCategory, which is important for the OSX AD plugin.
Andrew Bartlett
(This used to be commit 4e39d7bb245bc337ac496c7e39a510d1c5611c71)
|
|
(This used to be commit d346531d0a3e7160ae2a3bdc430521148b485540)
|
|
Check timeouts are correctly verified.
Some minor fixed and removal of unused code.
(This used to be commit b52e5d6a0cb1a32e62759eaa49ce3e4cc804cc92)
|
|
(This used to be commit 959c8c35ef170e03a5f698d0fa11616583cc6f66)
|
|
situation handled in the incorrect way.
A while(1) loop may end up looping forever consuming all valid RIDs because of a secondary bug.
And anyway nextRid is supposed to always give back a new unique RID, if someone messed up the database let him
fix the problem first, trying to be smart here would probably end up in worst results.
Simo.
(This used to be commit 6b214f232eefc4ffbc98dfb68c99d1f0c97ae6db)
|
|
This means that some modules have been disabled as well as they
have not been ported to the async interface
One of them is the ugly objectclass module.
I hope that the change in samldb module will make the MMC happy
without the need of this crappy module, we need proper handling
in a decent schema module.
proxy and ldb_map have also been disabled
ldb_sqlite3 need to be ported as well (currenlty just broken).
(This used to be commit 51083de795bdcbf649de926e86969adc20239b6d)
|
|
I was sick of jumping inot each module for each request,
even the ones not handle by that module.
(This used to be commit 7d65105e885a28584e8555453b90232c43a92bf7)
|
|
It passess all my tests, but I still need to work on a lot of stuff.
Shouldn't impact anybody else work, so I want to commit now and see what happens
Will work to remove the old code from modules and backends soon, and make some
more restyling in ldb internals.
So, if there is something you don't like in this desgin please speak now.
Simo.
(This used to be commit 8b2a563e716a789ea77cbfbf2f372724de5361ce)
|
|
(This used to be commit 977982c884da15d1e9f5fe19d24cd4169ecbb0c5)
|
|
(This used to be commit 36537100db491012d8124f7aca266a8290f2eee6)
|
|
(This used to be commit 3c9434e264710a1fa29adedbe571d5324ecae906)
|
|
metze
(This used to be commit 73ca71b42b20c9cc0acba8caecc24b07624c4abc)
|
|
tree fro long
(This used to be commit 7c050b541e98cd442a0c9ed0ddadb3e573cd1304)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
Samld is NOT yet async itself, but as that module only intercepts
user,groups or foreign principal creation and nothing else we can
accept it not to be asynchronous for now.
Simo.
(This used to be commit 250dac3072c647caf9f301219922007a3a672d93)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
Applications that use LDB modules will now have to run ldb_global_init()
before they can use LDB.
The next step will be adding support for loading LDB modules from .so
files. This will also allow us to use one LDB without difference between the
standalone and the Samba-specific build
(This used to be commit 52a235650514039bf8ffee99a784bbc1b6ae6b92)
|
|
The module was just used to get to the ldb so it was meningless.
Also add LDB_WAIT_ONCE e relative code in ldb_ildap.c
(This used to be commit d5b467b7c132b0bd4d23918ba7bf3370b1afcce8)
|
|
Andrew Bartlett
(This used to be commit c34666abc170687daa8dcd085020880b598caaf7)
|
|
This updates the module to handle both SID allocation and nextRid
updating while importing users. (As imported users already have a
SID, so don't go via the allocation step). We also ensure that SIDs
in the database are unquie at create time.
Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.
Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).
We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks. These checks also need to apply to modification, or those
modifications denied outright.
Also update part of the testsuite to validate this.
Andrew Bartlett
(This used to be commit 7a9c8eee4bea88f5f0bb7c62f701476384b7dc84)
|
|
than a hardcoded SID.
Fix the samldb module to return the what *was* the nextrid, rather
than the new nextrid (that is for next time).
Andrew Bartlett
(This used to be commit ffe9042e15cebbc7ff1bac90ec39835753d6caa7)
|
|
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
|
