Age | Commit message (Collapse) | Author | Files | Lines |
|
so that ndr_pull will fail if version isn't 3 and we notice
if the format changes...
metze
(This used to be commit 91f7a094cfd04405c224b9579146d814cba507b3)
|
|
- use "sambaPassword" only as virtual attribute for passing
the cleartext password (in unix charset) into the ldb layer
- store des-cbc-crc, des-cbc-md5 keys in the Primary:Kerberos
blob to match w2k and w2k3
- aes key support is disabled by default, as we don't know
exacly how longhorn stores them. use password_hash:create_aes_key=yes
to force creation of them.
- store the cleartext password in the Primary:CLEARTEXT blob
if configured
TODO:
- find out how longhorn stores aes keys
- find out how the Primary:WDigest blob needs to be constructed
(not supported by w2k)
metze
(This used to be commit e20b53f6feaaca2cc81ee7d296ca3ff757ee3953)
|
|
metze
(This used to be commit 97fc985bd062b6ad5a58dd6ce883a637043283a1)
|
|
for the keytype field...
metze
(This used to be commit e96aa8980097712d7666a85f17c7214486d99618)
|
|
"ntPwdHash" => "unicodePwd"
"lmPwdHash" => "dBCSPwd"
"sambaLMPwdHistory" => "lmPwdHistory"
"sambaNTPwdHistory" => "ntPwdHistory"
Note: you need to reprovision after this change!
metze
(This used to be commit dc4242c09c0402cbfdba912f82892df3153456ad)
|
|
(&(dn=%s)(&(objectClass=kerberosSecret)(privateKeytab=*))) again
we can use such a filter:-)
we should only update the keytab for records matching this filter,
that means we need to do a search before calling cli_credentials_set_secrets()
metze
(This used to be commit 23adca4e3426360fe0685548ae2b808578f6ba75)
|
|
'currentValue'
attribute...
this needs more works, but make it work again for now
metze
(This used to be commit 608d24f0016ff090b7de7fbd0bed85153bcc703d)
|
|
Andrew Bartlett
(This used to be commit c3977b4bae1e1b5e4ff4a64c7146534536685e91)
|
|
them as a hook on ldb modify, via a module.
This should allow the secrets.ldb to be edited by the admin, and to
have things update in the on-disk keytab just as an in-memory keytab
would.
This isn't really a dsdb plugin, but I don't have any other good ideas
about where to put it.
Andrew Bartlett
(This used to be commit 6ce557a1aff4754d2622be8f1c6695d9ee788d54)
|
|
there're a few things TODO, but it's a good start
we need to research if an originating change causes the replUpToDateVector
attribute to change...(I assume it, but needs testing)
metze
(This used to be commit fde0aabd9ae79fcefbcba34e6f9143f93ffcf96c)
|
|
metze
(This used to be commit b7d48274a7341c5e4a3f103387f87fcc94853271)
|
|
- we should use them before we store records to disk
metze
(This used to be commit a5200ef0cae5e8b0cedf196c9d76afc46e08c316)
|
|
as schemaInfo
so we need to use it as value if nothing is stored
metze
(This used to be commit cd326134079375fc83640444d6323a5cbe7c02ee)
|
|
metze
(This used to be commit f062f09fbf45dd6cd36d1bfd9abb301d850c19dc)
|
|
- but SYSTEM and administrators can change them
metze
(This used to be commit fc5319e927d96b68d8bd90a01e10aa00a6ddf494)
|
|
it hides objects with isDeleted=TRUE by default, and let them through
if the control is present
metze
(This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
|
|
metze
(This used to be commit 4588e2522b11f707e608488c782f6988fd97628a)
|
|
for the schema, domain naming and pdc fsmo roles
infrastructure and rid manager will be added later,
when we have module for them
metze
(This used to be commit 308f9cf822a3a34dae28a5fa5aa850e2adbeb472)
|
|
dsSchemaClassCount and dsSchemaPrefixCount on the rootdse
having a loaded dsdb_schema make things so easy...:-)
metze
(This used to be commit 7862fcdbb5ce43e702512c1acdbb5843ef551293)
|
|
metze
(This used to be commit 341fae8e8465e67023ab0e82110835669a593577)
|
|
- use LDB_DEBUG_WARNING in some places
- debug if we're the schema master
metze
(This used to be commit 63f46344437002202990bd34fb200d847fcfcf40)
|
|
metze
(This used to be commit 3f441741a6ff00ba88d3134c97e597285afbfed7)
|
|
metze
(This used to be commit b1377a2e240dbe36277816452d33d6abaa486b9e)
|
|
send_all case
metze
(This used to be commit b3fce383d3824ee418cbb7343f5d06720f5d31df)
|
|
are passed to a specific partition
metze
(This used to be commit 06a46b1db46251989676fb04548f038930c83eb5)
|
|
find_partition()
instead
metze
(This used to be commit 0d75cca6f37975a3855973468dc55520cb3b3fb7)
|
|
- make all functions static
metze
(This used to be commit 3d313f08c7d6b201011f3b4744c8e54b1d0640c7)
|
|
an oid for the
control
metze
(This used to be commit 684eee52e8812f6d104d8706ab059643ff4faa46)
|
|
we'll soon pass this down as DSDB_CONTROL_CURRENT_PARTITION_OID control
so that the repl_meta_data module knows where to update the replUpToDateVector
attribute
metze
(This used to be commit e5de40f8c2377d6dce54109a8d8bf9c6b681b813)
|
|
and remember if we're the schema master
metze
(This used to be commit c42dab21fb275ca36a517f97922af21447671785)
|
|
metze
(This used to be commit 0ef90769b49b93cb57e9a1ba2aea280ec70ae151)
|
|
(later we'll require it for all originating changes...)
metze
(This used to be commit fc1a836eccc0913fdab644341fa3e37a2f086de8)
|
|
constraints and it also loads the dsdb_schema at startup.
currently it only loads the dsdb_schema
metze
(This used to be commit d78de0fb68f8b4ef4c5372f3c3ed171e44cf2037)
|
|
so that following module can access the default dn's.
metze
(This used to be commit a934da4dcfeae49fcfc901a071da2d41507da69b)
|
|
metze
(This used to be commit c8f5aad40af0741984ded2047931a77161f69ece)
|
|
metze
(This used to be commit 2e79863d54030526841e5858e7be6a815c25593b)
|
|
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation
metze
(This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
|
|
in the ldb
metze
(This used to be commit 262e42123d0bca77560fbb5a33c13a9c275ba3ec)
|
|
attribute is there
- add the values for objectGUID and whenChanged inside the ldb module,
so that the ldb module has only replicated attributes as input
metze
(This used to be commit 0ecb07e0526462529fb21cec30e789a9002b30a1)
|
|
other things
on startup into memory structures in future.
metze
(This used to be commit fbb1f85e320830f52bdf410ad61f2ec60e168d80)
|
|
w2k3 seems to do the same.
It's later useful, when we would have a large array
be could use a binary search
metze
(This used to be commit cd654f20e16c32f82ceb2b66453ce8d1be7020dd)
|
|
metze
(This used to be commit 665d8f9626f8ef1c64f6fac79bdc40d14330f126)
|
|
the source dsa
and the highwater mark vector
metze
(This used to be commit a31e017e5388e5abd6ed9d09adcf26d2527954a6)
|
|
DSDB_EXTENDED_REPLICATED_OBJECTS
metze
(This used to be commit c9e7a58f6a16dfa28323fd0fd01ad6ee516c51b0)
|
|
the merging of existing objects is not implemented yet...
there are a few ifdef REPLMD_FULL_ASYNC because we need to workarouns
ldb's async infrastructure (which don't handle full async sub requests nicely)
metze
(This used to be commit da4ff0e7ccde47b3e092313ba22422350cf50f78)
|
|
talloc_get_type()
usage
simo: if you change more modules, please include also this change
metze
(This used to be commit 88051a82c4918ba8183e0d6909161b2af2109446)
|
|
attributes.
Andrew Bartlett
(This used to be commit 5aa2195ec26d9ddf82e51f2b242cdf7c8ab52f52)
|
|
- by default the operations goes to all partitions
- but some wellkown ones will go to just one partition
(DSDB_EXTENDED_REPLICATED_OBJECTS_OID for now)
I'll soon change the partitions module so that it'll attach a
DSDB_CONTROL_PARTITION_CONTEXT_OID control to give
the repl_meta_data or other partition specific modules a chance to
to know for which partition it should work.
metze
(This used to be commit 0ed53c6d0f4a4e43ff9c8943730eeb57c735201b)
|
|
metze
(This used to be commit ef3b325db060d43a7c2e058f6b8914b5867cd321)
|
|
when applying replicated objects.
the samldb module ignores such requests now...
and the repl_meta_data module has different functions
for the replicated and originating cases...
metze
(This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)
|