summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
AgeCommit message (Collapse)AuthorFilesLines
2010-11-24s4:objectclass LDB module - move one checks into the "objectclass derivation ↵Matthias Dieter Wallnöfer1-11/+17
loop" This denies objects created from possible derivated classes from the prohibited ones. Also small cosmetic improvements for another check.
2010-11-24s4:objectclass LDB module - some more or less cosmetic return value macro ↵Matthias Dieter Wallnöfer1-14/+22
changes Sometimes "ldb_module_oom" fits better than "ldb_operr" or "ldb_oom".
2010-11-20s4:repl_meta_data LDB module - fix a counter typeMatthias Dieter Wallnöfer1-2/+4
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 20 22:32:06 CET 2010 on sn-devel-104
2010-11-20s4:repl_meta_data LDB module - move the "objectGUID" checks a bit higherMatthias Dieter Wallnöfer1-29/+29
- they don't need the allocated "ac" context - some small code cleanups
2010-11-20s4:objectclass_attrs LDB module - add more delete protected attributesMatthias Dieter Wallnöfer1-1/+4
And enhance the testsuite
2010-11-20s4:samldb LDB module - objectclass trigger - reorder template attributesMatthias Dieter Wallnöfer1-9/+10
2010-11-20s4:acl LDB module - it's more correct to count the password attributes using ↵Matthias Dieter Wallnöfer1-3/+6
"unsigned int" Since these are derived from a LDB result. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 20 11:29:07 CET 2010 on sn-devel-104
2010-11-18s4/operational: Fix swapped parameters for ldb_msg_copy_attrAnatoliy Atanasov1-2/+2
Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> Autobuild-Date: Thu Nov 18 17:02:07 UTC 2010 on sn-devel-104
2010-11-18s4:password_hash LDB module - remove unused headersMatthias Dieter Wallnöfer1-3/+0
2010-11-18s4:repl_meta_data LDB module - allow also special DNs to be renamed correctlyMatthias Dieter Wallnöfer1-1/+1
Do always escape RDN values - this fixes bug #7794 Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Nov 18 10:43:40 UTC 2010 on sn-devel-104
2010-11-17s4-repl: save the result of the last replication in repsFrom/repsToAndrew Tridgell1-5/+0
when a replication fails, we should add the failure to repsFrom when a notify fails, we need to save it to repsTo this ensures showrepl always shows the latest status
2010-11-16s4:acl LDB module - use also here "dsdb_find_nc_root" to implement the ↵Matthias Dieter Wallnöfer1-28/+57
NC-specific checks Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 15:12:13 UTC 2010 on sn-devel-104
2010-11-16s4:descriptor LDB module - also "get_default_ag" should make use of ↵Matthias Dieter Wallnöfer1-12/+12
"dsdb_find_nc_root"
2010-11-16s4:descriptor LDB module - handle the NCs in a more generic way by using ↵Matthias Dieter Wallnöfer1-10/+22
"dsdb_find_nc_root"
2010-11-16s4:descriptor LDB module - make more clear that special control entries ↵Matthias Dieter Wallnöfer1-0/+7
never should be handled by modules
2010-11-16s4:objectclass LDB module - the "olddn" is the special DN for rename requestsMatthias Dieter Wallnöfer1-1/+1
2010-11-16s4-schema_load: Don't clean in_transaction flag until transaction is really ↵Kamen Mazdrashki1-7/+6
finished Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Nov 16 11:00:35 UTC 2010 on sn-devel-104
2010-11-16s4:subtree_rename LDB module - make use of "dsdb_find_nc_root"Matthias Dieter Wallnöfer1-22/+27
This is exactly what's needed there. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 08:42:07 UTC 2010 on sn-devel-104
2010-11-16s4:objectclass LDB module - free "nc_root" after name context comparisonsMatthias Dieter Wallnöfer1-0/+2
2010-11-15s4:objectclass LDB module - improve the default name context checking on ↵Matthias Dieter Wallnöfer1-16/+12
modifications Pointed out by abartlet
2010-11-15s4:objectclass LDB module - implement the "objectClass" change restrictions ↵Matthias Dieter Wallnöfer1-0/+25
on Windows 2000 forest function level Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 15 13:10:05 UTC 2010 on sn-devel-104
2010-11-13s4:password_hash LDB module - return "ERR_CONSTRAINT_VIOLATION" on password ↵Matthias Dieter Wallnöfer1-6/+9
conversion errors This errors can happen also on a regular basis - then we shouldn't return ERR_OPERATIONS_ERROR (this error code is reserved for very serious failures). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 13 12:37:36 UTC 2010 on sn-devel-104
2010-11-13s4:objectclass LDB module - multiple "objectClass" change elements are ↵Matthias Dieter Wallnöfer1-161/+169
unfortunately still allowed The test message has been compressed - therefore I've now used "modify_ldif".
2010-11-12samldb: relax groupType modification checksMatthieu Patou1-27/+32
Allow programs with the PROVISION control to bypass groupType checks. This is needed by upgradeprovision for older alpha (11, 10 ...)
2010-11-12s4:objectclass LDB module - we should not simply ignore additional ↵Matthias Dieter Wallnöfer1-2/+16
"objectClass" attribute changes There first one we perform all other tentatives are terminated with ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104
2010-11-12s4:repl_meta_data LDB module - convert two debug messages into error messagesMatthias Dieter Wallnöfer1-4/+4
These regarding "objectGUID".
2010-11-12s4:samldb/objectclass_attrs LDB modules - move "description" logic from ↵Matthias Dieter Wallnöfer2-43/+81
"objectclass_attrs" into "samldb" This according to an answer from dochelp is SAM specific behaviour.
2010-11-11s4-dsdb Remove incorrectly declared ** variable used as *.Andrew Bartlett1-6/+3
The cleartext_utf16_str variable was declared char **, but due to the cast on convert_string_talloc() and the lack of type checking here and on data_blob_const (due to void *) it was able to be used as if it was a char *. The simple solution seems to be to fill in cleartext_utf16 blob directly. Andrew Bartlett
2010-11-11s4-dsdb Convert new krbtgt_xxx password into UTF16Andrew Bartlett1-1/+12
The new stricter test on clearTextPassword values caught out that we did not provide a utf16 password here. Andrew Bartlett
2010-11-11s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8Andrew Bartlett1-1/+5
The UTF16MUNGED helper will map all invalid sequences (except odd input length) to valid input sequences, per the rules. Therefore if it fails, we need to bail out, somehing serious is wrong. Andrew Bartlett
2010-11-11s4:dsdb - proof against empty RDN values where expectedMatthias Dieter Wallnöfer3-2/+23
This should prevent crashes as pointed out on the mailing list.
2010-11-11s4:objectclass LDB module - allow RDNs also to come from superclassesMatthias Dieter Wallnöfer1-11/+39
Detected by a testcase written by Zahari Zahariev.
2010-11-11s4:password_hash and acl LDB modules - handle the "userPassword" attribute ↵Matthias Dieter Wallnöfer4-12/+59
according to the "dSHeuristics"
2010-11-11s4:password_hash LDB module - move "samdb_msg_find_old_and_new_ldb_val" into ↵Matthias Dieter Wallnöfer1-16/+77
the password_hash LDB module It's only used there and so I think it doesn't really belong in "dsdb/common/util.c" (I first thought that it could be useful for ACL checking but obviously it wasn't).
2010-11-11s4:local_password LDB module - remove schema checking code and fix some typosMatthias Dieter Wallnöfer1-12/+6
This is now done by the "objectclass_attrs" LDB module.
2010-11-11s4:ldb_modules/util.c - "dsHeuristics" -> "dSHeuristics"Matthias Dieter Wallnöfer1-2/+2
2010-11-09s4:dsdb/operational.c: use DSDB_SECRET_ATTRIBUTES_EX()Stefan Metzmacher1-5/+2
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Nov 9 22:43:44 UTC 2010 on sn-devel-104
2010-11-09s4:dsdb/local_password: use DSDB_SECRET_ATTRIBUTESStefan Metzmacher1-7/+3
metze
2010-11-08s4:password_hash LDB module - introduce a "userPassword" flag which ↵Matthias Dieter Wallnöfer1-15/+37
enables/disables the two "userPassword" behaviours - Enabled: "userPassword" password change behaviour (will later be linked to the "dSHeuristics") - Disabled: "userPassword" plain attribute behaviour (default) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 15:28:06 UTC 2010 on sn-devel-104
2010-11-08s4:password_hash LDB module - deleting password attributes is a little more ↵Matthias Dieter Wallnöfer1-6/+6
complicated
2010-11-08s4:samdb_msg_find_old_and_new_ldb_val - reworkMatthias Dieter Wallnöfer1-4/+11
- don't crash when no values where specified - return ERR_CONSTRAINT_VIOLATION on malformed messages - only check for flags when we are involved in a LDB modify operation
2010-11-08s4:password_hash LDB module - clear the fact that a delete of password ↵Matthias Dieter Wallnöfer1-1/+1
attributes isn't possible
2010-11-08s4:acl LDB module - define the delete passwords special case a bit betterMatthias Dieter Wallnöfer1-3/+4
2010-11-08s4:objectguid/repl_meta_data LDB module - deny "objectGUID" updatesMatthias Dieter Wallnöfer2-0/+17
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 10:36:50 UTC 2010 on sn-devel-104
2010-11-08s4:objectclass LDB module - no idea why we'd need the "objectGUID" hereMatthias Dieter Wallnöfer1-1/+1
2010-11-08s4:objectguid LDB module - make use of "dsdb_next_callback"Matthias Dieter Wallnöfer2-30/+6
2010-11-07s4:objectguid LDB module - fix typo in output messageMatthias Dieter Wallnöfer1-1/+1
2010-11-07s4:objectguid LDB module - objectGUIDs cannot be specified on add operationsMatthias Dieter Wallnöfer1-2/+6
2010-11-07s4:descriptor LDB module - make the "nTSecurityDescriptor" attribute fully ↵Matthias Dieter Wallnöfer1-47/+61
behave as in AD - fix crash when provided "nTSecurityDescriptor" attribute is empty - print out the correct error codes if it's provided multi-valued - simplify the "recalculate_sd" control handling
2010-11-07s4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the ↵Matthias Dieter Wallnöfer2-10/+20
attribute fetch also on LDB add operations We've to completely ignore the flags in that case. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Nov 7 11:10:23 UTC 2010 on sn-devel-104