| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
remove some unused functions.
|
|
3.
|
|
|
|
it should always have been. Make it also async so that it is not a special case.
|
|
This uses a virtual attribute 'clearTextPassword' (name chosen to
match references in MS-SAMR) that contains the length-limited blob
containing an allegidly UTF16 password. This ensures we do no
validation or filtering of the password before we get a chance to MD4
it. We can then do the required munging into UTF8, and in future
implement the rules Microsoft has provided us with for invalid inputs.
All layers in the process now deal with the strings as length-limited
inputs, incluing the krb5 string2key calls.
This commit also includes a small change to samdb_result_passwords()
to ensure that LM passwords are not returned to the application logic
if LM authentication is disabled.
The objectClass module has been modified to allow the
clearTextPassword attribute to pass down the stack.
Andrew Bartlett
|
|
Commit 51baa8deec00244cc0a6e3d29c53932427800610 included a
copy-and-paste bug which caused all MMC mangement utilities to break.
Because of the typo Samba4 would no longer include the magic 'you may
write to these attributes/create these classes' attributes, these
tools would display all fields greyed out or 'read only', and not
allow the creation of child objects.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Also, use the constants more in the "ldif_handlers" module.
|
|
This commit applies some cosmetic corrections for the DSDB (Directory Server Database).
|
|
|
|
|
|
|
|
- when multiple partitions are searched, consider the search a
success if any of the partitions return success
- only search the right subset of partitions, looking at the scope
and basedn of the search
This fixes several errors with GC searches
|
|
direct comparison instead of a sub-tree comparison in another
this fixes basedn searches on the global catalog port
|
|
need to call ldb_module_done in the main module functions, we can directly
return an error. ldb_module_done() is for callbacks
|
|
metze
|
|
metze
|
|
metze
|
|
attribute is missing
Windows 2003 has a broken schema where the definition of msDS-IsDomainFor
is missing (which is supposed to be the backlink of the msDS-HasDomainNCs
attribute.
Our schema is extracted from windows 2003, so we have the problem.
As the NET-API-BECOME-DC test triggers this bug, windows 2003
seems to just skip creating a backlink.
metze
|
|
metze
|
|
as basedn
We resolve them into the real basedn before do the real search.
metze
|
|
|
|
This removes the event_context leak that caused
NT_STATUS_TOO_MANY_OPENED_FILES in the server,
because of all the epool fds
metze
|
|
|
|
We need to make sure replicated updates are handled differently
in some situations, e.g. we should bypass the schema checks.
metze
|
|
|
|
This commit applies some cosmetic corrections for the DSDB (Directory Server Database).
|
|
|
|
|
|
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
supporting a schema
(This used to be commit 53b57300c799a079b4d64815243fe6120e0a9fa2)
|
|
The MS-ADTS document has quite detailed instrucitons on how these
flags should be processed. This change also causes the correct
sign-wrapping to occour, as these are declared as signed integers.
Andrew Bartlett
(This used to be commit 5c3d237a6d721dc75166bdc5ac0c6e76a4495bf7)
|
|
This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.
Andrew Bartlett
(This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
|
|
when we can't process an ANR request we need to continue with the
parse tree we were given, not a NULL tree
(This used to be commit ed66feb80aac7432049fe9fd86a9232984587e17)
|
|
This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb. There is much more work to do in
this area.
Andrew Bartlett
(This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
|
|
(This used to be commit 8003ee9abf474de534677283fc499f9a3d992b20)
|
|
(This used to be commit 07d122ce2c255124dfb3acf71a3afdf52f06e1b1)
|
|
(This used to be commit 07107c45c35a11979bf68a14b2c4df9415880fcb)
|
|
This was removed from ldb_tdb a while ago
Andrew Bartlett
(This used to be commit fcb87e77860b449ac3483ccec5e6b5ed087540f2)
|
|
This reads the schema from the in-memory structure, when the magic
attributes are requested. The code is a modified version of that used
in the ad2oLschema tool (now shared).
The schema_fsmo module handles the insertion of the generated result.
As such, this commit also removes these entries from the setup/schema.ldif
Metze's previous stub of this functionality is also removed.
Andrew Bartlett
(This used to be commit c7c32ec7b42bdf0f7b669644516438c71b364e60)
|
|
(This used to be commit 31a303c099e26423160010c48b305434d4cbea25)
|
|
(This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
|
