summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r21441: create a union for the PrimaryKerberosBlob contentStefan Metzmacher1-35/+45
so that ndr_pull will fail if version isn't 3 and we notice if the format changes... metze (This used to be commit 91f7a094cfd04405c224b9579146d814cba507b3)
2007-10-10r21434: - get rid of "krb5Key"Stefan Metzmacher2-359/+732
- use "sambaPassword" only as virtual attribute for passing the cleartext password (in unix charset) into the ldb layer - store des-cbc-crc, des-cbc-md5 keys in the Primary:Kerberos blob to match w2k and w2k3 - aes key support is disabled by default, as we don't know exacly how longhorn stores them. use password_hash:create_aes_key=yes to force creation of them. - store the cleartext password in the Primary:CLEARTEXT blob if configured TODO: - find out how longhorn stores aes keys - find out how the Primary:WDigest blob needs to be constructed (not supported by w2k) metze (This used to be commit e20b53f6feaaca2cc81ee7d296ca3ff757ee3953)
2007-10-10r21395: fix commentsStefan Metzmacher1-7/+7
metze (This used to be commit 97fc985bd062b6ad5a58dd6ce883a637043283a1)
2007-10-10r21364: cosmetic change: it's nicer to use the KEYTYPE_ macroStefan Metzmacher1-2/+2
for the keytype field... metze (This used to be commit e96aa8980097712d7666a85f17c7214486d99618)
2007-10-10r21362: rename:Stefan Metzmacher3-33/+33
"ntPwdHash" => "unicodePwd" "lmPwdHash" => "dBCSPwd" "sambaLMPwdHistory" => "lmPwdHistory" "sambaNTPwdHistory" => "ntPwdHistory" Note: you need to reprovision after this change! metze (This used to be commit dc4242c09c0402cbfdba912f82892df3153456ad)
2007-10-10r21315: ldb now supports filters like ↵Stefan Metzmacher1-4/+30
(&(dn=%s)(&(objectClass=kerberosSecret)(privateKeytab=*))) again we can use such a filter:-) we should only update the keytab for records matching this filter, that means we need to do a search before calling cli_credentials_set_secrets() metze (This used to be commit 23adca4e3426360fe0685548ae2b808578f6ba75)
2007-10-10r21306: fix the RPC-LSA tests the admin couldn't no longer get the ↵Stefan Metzmacher1-0/+1
'currentValue' attribute... this needs more works, but make it work again for now metze (This used to be commit 608d24f0016ff090b7de7fbd0bed85153bcc703d)
2007-10-10r21179: Anything more complex than this causes the keytab never to be updated...Andrew Bartlett1-1/+2
Andrew Bartlett (This used to be commit c3977b4bae1e1b5e4ff4a64c7146534536685e91)
2007-10-10r21135: Instead of having hooks to update keytabs as an explicit thing, updateAndrew Bartlett2-2/+203
them as a hook on ldb modify, via a module. This should allow the secrets.ldb to be edited by the admin, and to have things update in the on-disk keytab just as an in-memory keytab would. This isn't really a dsdb plugin, but I don't have any other good ideas about where to put it. Andrew Bartlett (This used to be commit 6ce557a1aff4754d2622be8f1c6695d9ee788d54)
2007-10-10r20975: - implement handling of meta data an on originating addStefan Metzmacher1-37/+240
there're a few things TODO, but it's a good start we need to research if an originating change causes the replUpToDateVector attribute to change...(I assume it, but needs testing) metze (This used to be commit fde0aabd9ae79fcefbcba34e6f9143f93ffcf96c)
2007-10-10r20971: we don't need this check twice:-)Stefan Metzmacher1-7/+0
metze (This used to be commit b7d48274a7341c5e4a3f103387f87fcc94853271)
2007-10-10r20968: - add functions to sort the meta data and attribute arraysStefan Metzmacher1-25/+90
- we should use them before we store records to disk metze (This used to be commit a5200ef0cae5e8b0cedf196c9d76afc46e08c316)
2007-10-10r20957: a value of FF0000000000000000000000000000000000000000 isn't stored ↵Stefan Metzmacher1-4/+8
as schemaInfo so we need to use it as value if nothing is stored metze (This used to be commit cd326134079375fc83640444d6323a5cbe7c02ee)
2007-10-10r20923: only allow extended operations for SYSTEM or administrators for nowStefan Metzmacher1-0/+1
metze (This used to be commit f062f09fbf45dd6cd36d1bfd9abb301d850c19dc)
2007-10-10r20921: - only give password attributes to the SYSTEM accountStefan Metzmacher1-2/+0
- but SYSTEM and administrators can change them metze (This used to be commit fc5319e927d96b68d8bd90a01e10aa00a6ddf494)
2007-10-10r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID controlStefan Metzmacher2-0/+227
it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-10-10r20902: don't crash if the object isn't there yetStefan Metzmacher1-0/+4
metze (This used to be commit 4588e2522b11f707e608488c782f6988fd97628a)
2007-10-10r20871: implement the validFSMOs constructed attribute on the rootdseStefan Metzmacher4-21/+67
for the schema, domain naming and pdc fsmo roles infrastructure and rid manager will be added later, when we have module for them metze (This used to be commit 308f9cf822a3a34dae28a5fa5aa850e2adbeb472)
2007-10-10r20870: implement the constructed attributes dsSchemaAttrCount,Stefan Metzmacher1-0/+44
dsSchemaClassCount and dsSchemaPrefixCount on the rootdse having a loaded dsdb_schema make things so easy...:-) metze (This used to be commit 7862fcdbb5ce43e702512c1acdbb5843ef551293)
2007-10-10r20867: add modules to handle the domain naming and the pdc FSMO RolesStefan Metzmacher3-0/+263
metze (This used to be commit 341fae8e8465e67023ab0e82110835669a593577)
2007-10-10r20866: - fix debug messages missing new linesStefan Metzmacher1-14/+18
- use LDB_DEBUG_WARNING in some places - debug if we're the schema master metze (This used to be commit 63f46344437002202990bd34fb200d847fcfcf40)
2007-10-10r20864: move common stuff into an extra functionStefan Metzmacher1-85/+62
metze (This used to be commit 3f441741a6ff00ba88d3134c97e597285afbfed7)
2007-10-10r20863: check that there's a current partition control attached to the requestStefan Metzmacher1-6/+65
metze (This used to be commit b1377a2e240dbe36277816452d33d6abaa486b9e)
2007-10-10r20855: pass the DSDB_CONTROL_CURRENT_PARTITION_OID control also for theStefan Metzmacher1-10/+27
send_all case metze (This used to be commit b3fce383d3824ee418cbb7343f5d06720f5d31df)
2007-10-10r20853: attach the DSDB_CONTROL_CURRENT_PARTITION_OID control when requestsStefan Metzmacher1-2/+7
are passed to a specific partition metze (This used to be commit 06a46b1db46251989676fb04548f038930c83eb5)
2007-10-10r20849: first step to move away from using find_backend() and use ↵Stefan Metzmacher1-5/+20
find_partition() instead metze (This used to be commit 0d75cca6f37975a3855973468dc55520cb3b3fb7)
2007-10-10r20847: - split some code out into a new function find_partition()Stefan Metzmacher1-8/+27
- make all functions static metze (This used to be commit 3d313f08c7d6b201011f3b4744c8e54b1d0640c7)
2007-10-10r20826: make the dsdb_control_current_partition struct public and allocate ↵Stefan Metzmacher1-5/+1
an oid for the control metze (This used to be commit 684eee52e8812f6d104d8706ab059643ff4faa46)
2007-10-10r20809: rename struct partition into struct dsdb_control_current_partitionStefan Metzmacher1-9/+11
we'll soon pass this down as DSDB_CONTROL_CURRENT_PARTITION_OID control so that the repl_meta_data module knows where to update the replUpToDateVector attribute metze (This used to be commit e5de40f8c2377d6dce54109a8d8bf9c6b681b813)
2007-10-10r20780: keep a dsdb_schema_fsmo struct as private dataStefan Metzmacher1-0/+21
and remember if we're the schema master metze (This used to be commit c42dab21fb275ca36a517f97922af21447671785)
2007-10-10r20778: we don't need a talloc_steal hereStefan Metzmacher1-1/+1
metze (This used to be commit 0ef90769b49b93cb57e9a1ba2aea280ec70ae151)
2007-10-10r20776: require a loaded dsdb_schema for originating add and modify operationsStefan Metzmacher1-6/+26
(later we'll require it for all originating changes...) metze (This used to be commit fc1a836eccc0913fdab644341fa3e37a2f086de8)
2007-10-10r20771: add an ldb module which will force the Schema FSMO Role OwnerStefan Metzmacher2-0/+236
constraints and it also loads the dsdb_schema at startup. currently it only loads the dsdb_schema metze (This used to be commit d78de0fb68f8b4ef4c5372f3c3ed171e44cf2037)
2007-10-10r20762: load the default dn's after the rootdse module is initialized,Stefan Metzmacher1-0/+2
so that following module can access the default dn's. metze (This used to be commit a934da4dcfeae49fcfc901a071da2d41507da69b)
2007-10-10r20760: also handle the case where no private data is attached to the moduleStefan Metzmacher1-1/+1
metze (This used to be commit c8f5aad40af0741984ded2047931a77161f69ece)
2007-10-10r20729: add a version number to struct dsdb_extended_replicated_objectsStefan Metzmacher2-1/+15
metze (This used to be commit 2e79863d54030526841e5858e7be6a815c25593b)
2007-10-10r20728: the DSDB_CONTROL_REPLICATED_OBJECT_OID control isn't used anymoreStefan Metzmacher2-55/+0
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation metze (This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
2007-10-10r20727: implement basic merging of replicated objects when it already existStefan Metzmacher1-4/+246
in the ldb metze (This used to be commit 262e42123d0bca77560fbb5a33c13a9c275ba3ec)
2007-10-10r20726: - only add the rdn attribute and it's meta_data when the 'name' ↵Stefan Metzmacher1-0/+19
attribute is there - add the values for objectGUID and whenChanged inside the ldb module, so that the ldb module has only replicated attributes as input metze (This used to be commit 0ecb07e0526462529fb21cec30e789a9002b30a1)
2007-10-10r20716: add a dsdb_cache ldb module which will load the dsdb_schema and ↵Stefan Metzmacher2-0/+59
other things on startup into memory structures in future. metze (This used to be commit fbb1f85e320830f52bdf410ad61f2ec60e168d80)
2007-10-10r20713: sort the cursors in replUpToDateVector by source_dsa_invocation_id,Stefan Metzmacher1-0/+13
w2k3 seems to do the same. It's later useful, when we would have a large array be could use a binary search metze (This used to be commit cd654f20e16c32f82ceb2b66453ce8d1be7020dd)
2007-10-10r20710: update or create the "repsFrom" values after applying replicated objectsStefan Metzmacher1-1/+93
metze (This used to be commit 665d8f9626f8ef1c64f6fac79bdc40d14330f126)
2007-10-10r20709: pass a repsFromTo1 struct down as it contains all needed info for ↵Stefan Metzmacher1-4/+7
the source dsa and the highwater mark vector metze (This used to be commit a31e017e5388e5abd6ed9d09adcf26d2527954a6)
2007-10-10r20705: store the "replUpToDateVector" attribute in ↵Stefan Metzmacher1-2/+335
DSDB_EXTENDED_REPLICATED_OBJECTS metze (This used to be commit c9e7a58f6a16dfa28323fd0fd01ad6ee516c51b0)
2007-10-10r20681: implement the DSDB_EXTENDED_REPLICATED_OBJECTS operation.Stefan Metzmacher2-3/+374
the merging of existing objects is not implemented yet... there are a few ifdef REPLMD_FULL_ASYNC because we need to workarouns ldb's async infrastructure (which don't handle full async sub requests nicely) metze (This used to be commit da4ff0e7ccde47b3e092313ba22422350cf50f78)
2007-10-10r20679: make the init_handle stuff a bit easier and get rid of really ugly ↵Stefan Metzmacher1-26/+15
talloc_get_type() usage simo: if you change more modules, please include also this change metze (This used to be commit 88051a82c4918ba8183e0d6909161b2af2109446)
2007-10-10r20622: Add in a hack to avoid permitting searches on the value of protectedAndrew Bartlett1-1/+23
attributes. Andrew Bartlett (This used to be commit 5aa2195ec26d9ddf82e51f2b242cdf7c8ab52f52)
2007-10-10r20599: - forward extended operations in the partitions moduleStefan Metzmacher1-2/+45
- by default the operations goes to all partitions - but some wellkown ones will go to just one partition (DSDB_EXTENDED_REPLICATED_OBJECTS_OID for now) I'll soon change the partitions module so that it'll attach a DSDB_CONTROL_PARTITION_CONTEXT_OID control to give the repl_meta_data or other partition specific modules a chance to to know for which partition it should work. metze (This used to be commit 0ed53c6d0f4a4e43ff9c8943730eeb57c735201b)
2007-10-10r20587: prepare the DSDB_EXTENDED_REPLICATED_OBJECTS_OID handlingStefan Metzmacher1-0/+16
metze (This used to be commit ef3b325db060d43a7c2e058f6b8914b5867cd321)
2007-10-10r20580: pass the DSDB_CONTROL_REPLICATED_OBJECT_OID with the ldb_add requestStefan Metzmacher2-17/+83
when applying replicated objects. the samldb module ignores such requests now... and the repl_meta_data module has different functions for the replicated and originating cases... metze (This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)