| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
to be created as foreign, even if they are in a local domain.
Also we do need the user to exist for the life of the test, as we add
it to a group.
Andrew Bartlett
(This used to be commit ae470ff7014e52b55d88e9fe12e2322e069daf9d)
|
|
in the Builtin domain a SID from the global domain.
Andrew Bartlett
(This used to be commit 9d31b9f04721a2cac62f492f8db071aaa0aa966b)
|
|
Andrew Bartlett
(This used to be commit 9fdbedafad69e55ef4ccad51c4f002c49e43f372)
|
|
- creation of ForeignSecurityPrincipals
- template duplication code
Rework much of the LSA server to pass the RPC-LSA test. Much of the
server code was untested. In implementing the LSA Accounts feature, I
have opted to have it only create entires when privilages are applied,
and not to delete entries, but to delete the privilages.
We skip some parts of the test, but it is much better than not testing
it at all.
Andrew Bartlett
(This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
|
|
This required changes to the rootDSE module, to allow registration of
partitions. In doing so I renamed the 'register' operation to
'register_control' and 'register_partition', which changed a few more
modules.
Due to the behaviour of certain LDAP servers, we create the baseDN
entry in two parts: Firstly, we allow the admin to export a simple
LDIF file to add to their server. Then we perform a modify to add the
remaining attributes.
To delete all users in partitions, we must now search and delete all
objects in the partition, rather than a simple search from the root.
Against LDAP, this might not delete all objects, so we allow this to
fail.
In testing, we found that the 'Domain Controllers' container was
misnamed, and should be 'CN=', rather than 'OU='.
To avoid the Templates being found in default searches, they have been
moved to CN=Templates from CN=Templates,${BASEDN}.
Andrew Bartlett
(This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)
|
|
Andrew Bartlett
(This used to be commit af11f464a717cc7db0393070da780091a6053ee0)
|
|
original error strings back to the callers.
Andrew Bartlett
(This used to be commit defa63298838fefae7ed003458020045edaef21d)
|
|
This adds more/better setting of the ldb error string, and avoids
using gendb_search(), as this doens't return the error code.
Andrew Bartlett
(This used to be commit 2d2e71a2d5827c9dc8785b87547559071b47ab34)
|
|
We were not using the correct baseDN for the templates search. Using NULL is no longer valid (like against AD).
While chasing that down, return proper error codes, and use the
ldb_set_errstr() to get a good error string back up to the UI layer.
Andrew Bartlett
(This used to be commit b31003403d84def6f11b21df566ff57c01da21b8)
|
|
Andrew Bartlett
(This used to be commit 25e85975459acc556c0d46f1683dd4bbdd94874b)
|
|
things.
With this fix, we now correctly detect computers again, and get the
correct objectCategory, which is important for the OSX AD plugin.
Andrew Bartlett
(This used to be commit 4e39d7bb245bc337ac496c7e39a510d1c5611c71)
|
|
(This used to be commit d346531d0a3e7160ae2a3bdc430521148b485540)
|
|
Check timeouts are correctly verified.
Some minor fixed and removal of unused code.
(This used to be commit b52e5d6a0cb1a32e62759eaa49ce3e4cc804cc92)
|
|
(This used to be commit 959c8c35ef170e03a5f698d0fa11616583cc6f66)
|
|
situation handled in the incorrect way.
A while(1) loop may end up looping forever consuming all valid RIDs because of a secondary bug.
And anyway nextRid is supposed to always give back a new unique RID, if someone messed up the database let him
fix the problem first, trying to be smart here would probably end up in worst results.
Simo.
(This used to be commit 6b214f232eefc4ffbc98dfb68c99d1f0c97ae6db)
|
|
This means that some modules have been disabled as well as they
have not been ported to the async interface
One of them is the ugly objectclass module.
I hope that the change in samldb module will make the MMC happy
without the need of this crappy module, we need proper handling
in a decent schema module.
proxy and ldb_map have also been disabled
ldb_sqlite3 need to be ported as well (currenlty just broken).
(This used to be commit 51083de795bdcbf649de926e86969adc20239b6d)
|
|
I was sick of jumping inot each module for each request,
even the ones not handle by that module.
(This used to be commit 7d65105e885a28584e8555453b90232c43a92bf7)
|
|
It passess all my tests, but I still need to work on a lot of stuff.
Shouldn't impact anybody else work, so I want to commit now and see what happens
Will work to remove the old code from modules and backends soon, and make some
more restyling in ldb internals.
So, if there is something you don't like in this desgin please speak now.
Simo.
(This used to be commit 8b2a563e716a789ea77cbfbf2f372724de5361ce)
|
|
(This used to be commit 977982c884da15d1e9f5fe19d24cd4169ecbb0c5)
|
|
(This used to be commit 36537100db491012d8124f7aca266a8290f2eee6)
|
|
(This used to be commit 3c9434e264710a1fa29adedbe571d5324ecae906)
|
|
metze
(This used to be commit 73ca71b42b20c9cc0acba8caecc24b07624c4abc)
|
|
tree fro long
(This used to be commit 7c050b541e98cd442a0c9ed0ddadb3e573cd1304)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
Samld is NOT yet async itself, but as that module only intercepts
user,groups or foreign principal creation and nothing else we can
accept it not to be asynchronous for now.
Simo.
(This used to be commit 250dac3072c647caf9f301219922007a3a672d93)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
Applications that use LDB modules will now have to run ldb_global_init()
before they can use LDB.
The next step will be adding support for loading LDB modules from .so
files. This will also allow us to use one LDB without difference between the
standalone and the Samba-specific build
(This used to be commit 52a235650514039bf8ffee99a784bbc1b6ae6b92)
|
|
The module was just used to get to the ldb so it was meningless.
Also add LDB_WAIT_ONCE e relative code in ldb_ildap.c
(This used to be commit d5b467b7c132b0bd4d23918ba7bf3370b1afcce8)
|
|
Andrew Bartlett
(This used to be commit c34666abc170687daa8dcd085020880b598caaf7)
|
|
This updates the module to handle both SID allocation and nextRid
updating while importing users. (As imported users already have a
SID, so don't go via the allocation step). We also ensure that SIDs
in the database are unquie at create time.
Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.
Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).
We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks. These checks also need to apply to modification, or those
modifications denied outright.
Also update part of the testsuite to validate this.
Andrew Bartlett
(This used to be commit 7a9c8eee4bea88f5f0bb7c62f701476384b7dc84)
|
|
than a hardcoded SID.
Fix the samldb module to return the what *was* the nextrid, rather
than the new nextrid (that is for next time).
Andrew Bartlett
(This used to be commit ffe9042e15cebbc7ff1bac90ec39835753d6caa7)
|
|
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
|
|
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
|
|
(This used to be commit c297c93faf3b748de68679f5a4be50845ebe25fe)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
We need to add to the multivalued objectClass, not ignore it because
the user has already specified a value.
Also rename the template again.
This was caught by more stringent tests in the unicodePwd module, but
breaks MMC. A later commit will sort the objectClass.
Andrew Bartlett
(This used to be commit 0aaff059ba76c7eee86f37bfd74735c1c365d55f)
|
|
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
|
|
different computer account types. (Earlier code changes removed the
BDC case).
We don't use the TemplateDomainController, so just have a
TemplateServer in provision_templates.ldif
Andrew Bartlett
(This used to be commit c4520ba2e6fad42a137983a2e1dbcd9c26db74e9)
|
|
after being freed)
(This used to be commit 5c7f3fef3e2324f0d1edda0f0f06f662bbcf7e08)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
functions they care about, instead of all functions. This also makes
it more likely that future changes to ldb will not break existing
modules
(This used to be commit 45f0c967b58e7c1b2e900a4d74cfde2a2c527dfa)
|
|
a search() function, instead each module now only implements the
bytree method, and the expression based search is handled generically
by the modules code. This makes for more consistency and less code
duplication.
fixed the tdb backend to handle BASE searches much more
efficiently. They now always only lookup one record, regardless of the
search expression
(This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
|
|
do not autostart transactions on ldb operations if a transaction is already in place
test transactions on winsdb
all my tests passes so far
tridge please confirm this is ok for you
(This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
|
|
transactions ensure two account creations can't interfere with each
other
(This used to be commit 91c27bc97662c8d8b764c76bd2d98a1b04f47337)
|
|
(This used to be commit e86c9b4a7f399a3152a2703c76406e9d69ec1225)
|
|
(This used to be commit e9018e3d9f69528acc0c440929fdb8d95413fa0d)
|
|
(This used to be commit b7c09df9e506f8048f69c4bdd1c3351e3b554e18)
|
|
(This used to be commit 8bded3fc926b8eb6285e06fd4b4706b779edb386)
|
