summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/samldb.c
AgeCommit message (Collapse)AuthorFilesLines
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-2/+1
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-03-28Convert some more files to GPLv3.Andrew Kroeger1-1/+1
(This used to be commit ebe5e8399422eb7e2ff4deb546338823e2718907)
2008-03-14Allow more 'domain' objects when looking for a unqiue SID.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit db3b5f16ec8d9b83d8a82a535a4847dce5923663)
2008-02-28Users and computers now share the same template.Andrew Bartlett1-35/+100
Slowly work away at the samldb module again, it is clear that AD does not use much of a templating system. samAccountType is managed, as far as I can tell, when groupType or userAccountControl changes. Andrew Bartlett (This used to be commit 447d5a795441aa6beab2f057c5ac1bc3c04e08c4)
2008-02-20Fix use of some modules (needed _PUBLIC_).Jelmer Vernooij1-1/+1
(This used to be commit ce332130ea77159832da23bab760fa26921719e2)
2008-02-20Use struct-based rather than function-based initialization for ldb modules ↵Jelmer Vernooij1-7/+1
everywhere. (This used to be commit 85c96a325867f7bcdb412ebc53f8a47dbf7cd89b)
2008-01-26ldb: Add ldb_oom() calls in a couple of places.Jelmer Vernooij1-1/+5
(This used to be commit 1163c2ad54b122487fa25960b8989f0f6d0b8c64)
2008-01-01r26638: libndr: Require explicitly specifying iconv_convenience for ↵Jelmer Vernooij1-1/+1
ndr_struct_push_blob(). (This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
2007-12-21r26319: Split encoding functions out of libcli_ldap.Jelmer Vernooij1-1/+2
(This used to be commit 95a6ef7fc8757ccfd90dbf0d6c9b5098f10b10b6)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25949: Make error messages clearer and more correct.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit f0a0d73f768434cb474b311d7c366d1f2a06c8f4)
2007-12-21r25940: Rework the samldb and templates handling.Andrew Bartlett1-35/+48
Templates just don't belong in the sam.ldb, as they don't obey any of the other rules. This moves them to a seperate templates.ldb. In samldb, this patch reworks the duplicate SID and Name detection code, to use ldb_search_exp_fmt() rather than gendb_search. This returns far more useful errors, which we now handle and report better. The call to samdb_search_for_parent_domain() has been moved in samldb, to allow both the account and SID uniqueness checks to be in the same domain. This function also returns better errors. dcesrv_drsuapi.c is updated for the new prototype of samdb_search_for_parent_domain() Andrew Bartlett (This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
2007-12-21r25920: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers)Stefan Metzmacher1-4/+5
lib/messaging/ lib/registry/ lib/ldb-samba/ librpc/rpc/ auth/auth_winbind.c auth/gensec/ auth/kerberos/ dsdb/repl/ dsdb/samdb/ dsdb/schema/ torture/ cluster/ctdb/ kdc/ ntvfs/ipc/ torture/rap/ ntvfs/ utils/getntacl.c ntptr/ smb_server/ libcli/wrepl/ wrepl_server/ libcli/cldap/ libcli/dgram/ libcli/ldap/ libcli/raw/ libcli/nbt/ libnet/ winbind/ rpc_server/ metze (This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
2007-12-21r25780: fix bool returnStefan Metzmacher1-1/+1
metze (This used to be commit 7b77210d3e2c644d28d6e3795e6c4423dc6ea4bf)
2007-10-10r25553: Convert to standard bool type.Jelmer Vernooij1-1/+1
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
2007-10-10r24914: In response to bug #4892 by Matthias Wallnöfer <mwallnoefer@yahoo.de>,Andrew Bartlett1-17/+4
allow the objectclass module to reconstruct the objectclass hierarchy, rather than using templates. The issue being fixed in particular is that 'top' was not being set on containers. This should ensure we do this right for all objects. Andrew Bartlett (This used to be commit d17a0058ba8492b8b3f81b6f10fc34b3e45bb8a6)
2007-10-10r24696: Fix bug 4918 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>Andrew Bartlett1-37/+40
with a patch from Andrew Kroeger <andrew@sprocks.gotdns.com>. The changes to samldb_fill_foreignSecurityPrincipal_object() look much larger then they are: We just skip all the objectSid generation if the SID is supplied. By providing a few more objects, standard dialogs on the clients are better behaved, for these 'well known' users. Andrew Bartlett (This used to be commit 35ee4aee719e69983d650602d1c6422a31600001)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r20728: the DSDB_CONTROL_REPLICATED_OBJECT_OID control isn't used anymoreStefan Metzmacher1-5/+0
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation metze (This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
2007-10-10r20580: pass the DSDB_CONTROL_REPLICATED_OBJECT_OID with the ldb_add requestStefan Metzmacher1-0/+5
when applying replicated objects. the samldb module ignores such requests now... and the repl_meta_data module has different functions for the replicated and originating cases... metze (This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)
2007-10-10r20315: Implement the server side of DsGetDomainControllerInfo. This is aAndrew Bartlett1-36/+1
supprisingly complex call... It turns out that the in/out parameter 'level' is not in/out, but set seperatly by the server-side code from r->req.req1.level. This commit also breaks out some common code from samldb into samdb. Andrew Bartlett (This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
2007-10-10r20034: Start using ldb_search_exp_fmt()Simo Sorce1-11/+6
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce1-5/+5
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce1-6/+6
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19732: The 'res' from ldb_search is only valid if the call returns LDB_SUCCESS.Andrew Bartlett1-3/+6
This seems to show up (as an abort() from talloc) particularly under ldb_ildap. Andrew Bartlett (This used to be commit 9890af534d845d471d2a98268c408a907b29e016)
2007-10-10r19531: Make struct ldb_dn opaque and local to ldb_dn.cSimo Sorce1-13/+13
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
2007-10-10r19489: Change ldb_msg_add_value and ldb_msg_add_empty to take a foruth ↵Simo Sorce1-1/+1
argument. This is a pointer to an element pointer. If it is not null it will be filled with the pointer of the manipulated element. Will avoid double searches on the elements list in some cases. (This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
2007-10-10r19330: Fix memleaksSimo Sorce1-1/+1
(This used to be commit f163f422e3f201d8b0e22538949eccf0f7e62143)
2007-10-10r19328: another leak plugged ....Andrew Tridgell1-1/+1
(This used to be commit f57535b9c2214e58c71084fcb9d74848e7d26b89)
2007-10-10r17823: get rid of most of the samdb_base_dn() calls, as they are no longerAndrew Tridgell1-2/+2
needed in searches (This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
2007-10-10r17788: fix compiler warningsStefan Metzmacher1-3/+3
metze (This used to be commit 00fcc4f16a01a0c6a70f86c8bd9d1f9801dfd9df)
2007-10-10r17529: Simo doesn't like the use of the internal ldb_errstring in functionsAndrew Bartlett1-8/+28
not used purely as ldb module helper functions. This now passes these strings back as explicit parameters. Andrew Bartlett (This used to be commit 9c1cd9c2c6bcd9d056a7c9caafacdd573562ebbc)
2007-10-10r17516: Change helper function names to make more clear what they are meant ↵Simo Sorce1-1/+1
to do (This used to be commit ad75cf869550af66119d0293503024d41d834e02)
2007-10-10r17514: Simplify the way to set ldb errors and add anotherSimo Sorce1-30/+38
helper function to set them. (This used to be commit 260868bae56194fcb98d55afc22fc66d96a303df)
2007-10-10r17186: "async" word abuse clean-up part 2Simo Sorce1-1/+1
(This used to be commit c6aa60c7e69abf1f83efc150b1c3ed02751c45fc)
2007-10-10r16860: Fix (and reactivate) the RPC-SAMR test. We need to allow these sidsAndrew Bartlett1-5/+3
to be created as foreign, even if they are in a local domain. Also we do need the user to exist for the life of the test, as we add it to a group. Andrew Bartlett (This used to be commit ae470ff7014e52b55d88e9fe12e2322e069daf9d)
2007-10-10r16854: Fix the RPC-SAMR-PASSWORDS test. It failed because we allocated usersAndrew Bartlett1-1/+3
in the Builtin domain a SID from the global domain. Andrew Bartlett (This used to be commit 9d31b9f04721a2cac62f492f8db071aaa0aa966b)
2007-10-10r16831: Use a valid memory context (found by the IBM checker).Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 9fdbedafad69e55ef4ccad51c4f002c49e43f372)
2007-10-10r16827: Factor out some code into common samdb functions:Andrew Bartlett1-149/+24
- creation of ForeignSecurityPrincipals - template duplication code Rework much of the LSA server to pass the RPC-LSA test. Much of the server code was untested. In implementing the LSA Accounts feature, I have opted to have it only create entires when privilages are applied, and not to delete entries, but to delete the privilages. We skip some parts of the test, but it is much better than not testing it at all. Andrew Bartlett (This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
2007-10-10r16264: Add, but do not yet enable, the partitions module.Andrew Bartlett1-1/+1
This required changes to the rootDSE module, to allow registration of partitions. In doing so I renamed the 'register' operation to 'register_control' and 'register_partition', which changed a few more modules. Due to the behaviour of certain LDAP servers, we create the baseDN entry in two parts: Firstly, we allow the admin to export a simple LDIF file to add to their server. Then we perform a modify to add the remaining attributes. To delete all users in partitions, we must now search and delete all objects in the partition, rather than a simple search from the root. Against LDAP, this might not delete all objects, so we allow this to fail. In testing, we found that the 'Domain Controllers' container was misnamed, and should be 'CN=', rather than 'OU='. To avoid the Templates being found in default searches, they have been moved to CN=Templates from CN=Templates,${BASEDN}. Andrew Bartlett (This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)
2007-10-10r16227: Don't segfault if the ldb_search() fails.Andrew Bartlett1-2/+5
Andrew Bartlett (This used to be commit af11f464a717cc7db0393070da780091a6053ee0)
2007-10-10r16159: Even more work on samldb error reporting. Make sure to get theAndrew Bartlett1-34/+31
original error strings back to the callers. Andrew Bartlett (This used to be commit defa63298838fefae7ed003458020045edaef21d)
2007-10-10r16129: Further clean up the samldb module.Andrew Bartlett1-42/+52
This adds more/better setting of the ldb error string, and avoids using gendb_search(), as this doens't return the error code. Andrew Bartlett (This used to be commit 2d2e71a2d5827c9dc8785b87547559071b47ab34)
2007-10-10r16108: Fixes from working with the partition module.Andrew Bartlett1-12/+17
We were not using the correct baseDN for the templates search. Using NULL is no longer valid (like against AD). While chasing that down, return proper error codes, and use the ldb_set_errstr() to get a good error string back up to the UI layer. Andrew Bartlett (This used to be commit b31003403d84def6f11b21df566ff57c01da21b8)
2007-10-10r16069: Remove unused destructor and an unused variable.Andrew Bartlett1-9/+0
Andrew Bartlett (This used to be commit 25e85975459acc556c0d46f1683dd4bbdd94874b)
2007-10-10r16061: Prove that removing the objectClass list in the samldb module breaks ↵Andrew Bartlett1-3/+0
things. With this fix, we now correctly detect computers again, and get the correct objectCategory, which is important for the OSX AD plugin. Andrew Bartlett (This used to be commit 4e39d7bb245bc337ac496c7e39a510d1c5611c71)
2007-10-10r16042: Fix crashbug caused by incorret error reporting.Simo Sorce1-12/+12
(This used to be commit d346531d0a3e7160ae2a3bdc430521148b485540)
2007-10-10r16036: Add a couple of new functions to corretly deal with timeouts.Simo Sorce1-1/+3
Check timeouts are correctly verified. Some minor fixed and removal of unused code. (This used to be commit b52e5d6a0cb1a32e62759eaa49ce3e4cc804cc92)
2007-10-10r16022: ooops, a bit too aggressive commit :-)Simo Sorce1-1/+1
(This used to be commit 959c8c35ef170e03a5f698d0fa11616583cc6f66)
2007-10-10r16021: While studying how to make samldb really async I found a critical ↵Simo Sorce1-29/+29
situation handled in the incorrect way. A while(1) loop may end up looping forever consuming all valid RIDs because of a secondary bug. And anyway nextRid is supposed to always give back a new unique RID, if someone messed up the database let him fix the problem first, trying to be smart here would probably end up in worst results. Simo. (This used to be commit 6b214f232eefc4ffbc98dfb68c99d1f0c97ae6db)