Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-03-26 | s4-drs: replmd_delete with the 3 stage deletion recycle bin | Eduardo Lima | 2 | -105/+204 | |
2010-03-23 | s4:ldb_modules/util.c - fix two counter variables to be "unsigned" | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-03-22 | s4:dsdb Add a shortcut sequence number for schema reloads | Andrew Bartlett | 1 | -14/+79 | |
This uses the ldb sequence number, in a hope to detect an unchanged schema quicker. Andrew Bartlett | |||||
2010-03-22 | s4:dsdb Rework schema loading and add schema reloading | Andrew Bartlett | 1 | -105/+126 | |
This commit reworks Samba4's schema loading code to detect when it needs to reload the schema. This is done by watching the @REPLCHANGED special DN. The reload happens by means of a callback, which is only set when the schema is loaded from the ldb - not when loaded from an LDIF file or DRS. We also rework the global schema handling - instead of storing the pointer to the global schema in each ldb, we store a flag indicating that the global schema should be returned at run time. This makes it much easier to switch to a new global schema. Andrew Bartlett | |||||
2010-03-22 | s4:dsdb Move dsdb_save_partition_usn() to be a module helper function | Andrew Bartlett | 2 | -4/+178 | |
This function should not traverse the module stack again, but instead run from this point. Also add a matching dsdb_module_load_partition_usn() and change repl_meta_data to match. Andrew Bartlett | |||||
2010-03-22 | s4:dsdb Add 'const' to some struct dsdb_schema variables | Andrew Bartlett | 2 | -9/+9 | |
We don't currently require this, but we may move this way in future. | |||||
2010-03-22 | s4:dsdb Don't load the schema unconditionally | Andrew Bartlett | 2 | -3/+19 | |
Schema loads now come at a price, so avoid doing them if we don't have to (such as when doing an @REPLCHANGED or other special DN based search). Andrew Bartlett | |||||
2010-03-18 | s4:dsdb Move rdn_name down the stack | Andrew Bartlett | 1 | -1/+1 | |
This is done so that it can be (in future) removed when the OpenLDAP backend is in use and the rdn_val module is used, while keeping as similar semantics as possible between the module stacks. Andrew Bartlett | |||||
2010-03-16 | s4:resolve_oids LDB module - not really a change but a nicer method to call ↵ | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
"talloc_reference" | |||||
2010-03-16 | s4:dsdb - fix up warnings | Matthias Dieter Wallnöfer | 2 | -4/+8 | |
2010-03-16 | s4:dsdb Show more detail in failure to compute the aggregate DN. | Andrew Bartlett | 1 | -1/+1 | |
Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Change dsdb_get_schema() callers to use new talloc argument | Andrew Bartlett | 12 | -28/+85 | |
This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Fix warnings in DEBUG() by casting to unsigned long int | Andrew Bartlett | 1 | -4/+4 | |
2010-03-16 | s4:dsdb/acl Reduce calls to dsdb_get_schema() and add memory context | Andrew Bartlett | 1 | -24/+46 | |
dsdb_get_schema() isn't a very cheap call, due to the use of LDB opaque pointers. We need to call it less, and instead pass it as a parameter where possible. This also changes to the new API with a talloc context. Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Don't error out if we can't get the Aggregate schema DN yet | Andrew Bartlett | 1 | -9/+16 | |
It's easier to just set it up when we can, then to deal with the ordering issues in ldb startup. As long as we have it ready if a real client ever asks for it, then we should be happy. Andrew Bartlett | |||||
2010-03-12 | s4:util.c - "dsdb_check_optional_feature" - counter should be "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-12 | s4-drs: check if an optional feature is enabled | Eduardo Lima | 1 | -0/+59 | |
2010-03-12 | Split the dsdb_access_check_on_dn. | Nadezhda Ivanova | 1 | -5/+44 | |
Split the dsdb_access_check_on_dn so it can be reused for checks from both within the module stack and outside it. | |||||
2010-03-12 | Fixed ACL module to use dsdb_module_* API. | Nadezhda Ivanova | 1 | -9/+9 | |
2010-03-12 | Moved access_check_on_dn from acl module as an utility. | Nadezhda Ivanova | 1 | -156/+19 | |
Made this an utility function so it can be used for access checking outside of the acl ldb module, such as checking validated writes and control access rights in other protocols (e. g drs) | |||||
2010-03-09 | Added a check for permissions to modify the RDN attribute on rename. | Nadezhda Ivanova | 1 | -0/+12 | |
Necessary because rdn module will be moved lower than acl in the stack. | |||||
2010-03-07 | s4:extended_dn_out LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -8/+11 | |
appropriate | |||||
2010-03-07 | s4:repl_meta_data LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -20/+24 | |
appropriate I used "unsigned int" counters where we count LDB objects (LDB specification prescribes to use "unsigned" index variables). But on DSDB replication object counters I used "uint32_t" typed variables as it is suggested. If a counter variable counts both types of objects I used "unsigned int" since size(unsigned int) >= size(uint32_t), but on most platforms equal. | |||||
2010-03-07 | s4:local_password LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
appropriate | |||||
2010-03-07 | s4:ranged_results LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
appropriate | |||||
2010-03-07 | s4:objectguid LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
appropriate | |||||
2010-03-07 | s4:objectclass LDB module - change counter variabls to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
appropriate | |||||
2010-03-07 | s4:anr LDB module - change counter variable to "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-07 | s4:acl LDB module - change counter variable to "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-07 | s4:linked_attributes LDB module - change counter variables to "unsigned" ↵ | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
where appropriate | |||||
2010-03-07 | s4:kludge_acl LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -5/+10 | |
appropriate | |||||
2010-03-07 | s4:proxy LDB module - Change counter variables to "unsigned" where appropriate | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
Use "size_t" when counting string index positions. | |||||
2010-03-07 | s4:schema_data LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -3/+6 | |
appropriate | |||||
2010-03-07 | s4:resolve_oids LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
appropriate | |||||
2010-03-07 | s4:rootdse LDB module - change counter variables to "unsigned" where appropriate | Matthias Dieter Wallnöfer | 1 | -9/+10 | |
2010-03-07 | s4:partition LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 2 | -17/+26 | |
appropriate | |||||
2010-03-04 | s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵ | Matthias Dieter Wallnöfer | 1 | -6/+14 | |
need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed. | |||||
2010-03-04 | s4:operational LDB module - make the counters unsigned | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
No need to have signed counters here. | |||||
2010-03-04 | s4:operational LDB - implement the "tokenGroups" constructed attribute | Matthias Dieter Wallnöfer | 2 | -1/+96 | |
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19. | |||||
2010-03-04 | s4:operational LDB module - use right memory context int ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer. | |||||
2010-02-25 | s4:partition DSDB module - Generate basic referrals | Matthias Dieter Wallnöfer | 2 | -47/+144 | |
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-25 | s4:partition DSDB module - change the search and domain scope control handling | Matthias Dieter Wallnöfer | 1 | -35/+22 | |
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-25 | s4:SAMLDB module - ignore referrals | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-24 | dsdb: Add a more explicit error message for constructed attributes | Matthieu Patou | 1 | -0/+1 | |
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | |||||
2010-02-24 | s4/schema: Move msDS-IntId implementation to samldb.c module | Kamen Mazdrashki | 2 | -149/+87 | |
msDS-IntId attribute should be replicated, so it must be implemented in a module that is before repl_meta_data module (thanks abartlet for pointing this out). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-21 | s4:operational LDB module - enable support for passing referrals through it | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-02-21 | s4:partition DSDB module - Cosmetic fixups | Matthias Dieter Wallnöfer | 1 | -16/+23 | |
2010-02-21 | s4:password_hash - Fix up request message pointers | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
For add requests we need the add request messages, for modify requests we need the modify request messages. | |||||
2010-02-20 | s4:credentials Add hooks to extract a named Kerberos credentials cache | Andrew Bartlett | 1 | -1/+2 | |
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett | |||||
2010-02-16 | s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.c | Andrew Tridgell | 4 | -85/+13 | |
This will be used to allow the flag based ldb functions to work on both a ldb or a module, thus saving a lot of specialist functions. |