summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
AgeCommit message (Collapse)AuthorFilesLines
2007-12-21r26140: Add a new test for searches by distinguieshedName and dn, andAndrew Bartlett1-0/+18
implement these in the simple ldap mapping module. We still don't pass this test, because we must get linked attributes into OpenLDAP. Andrew Bartlett (This used to be commit d41f34e979bb119f71ab3cc2fdb3c08e4b92849c)
2007-12-21r26137: Rename the entryUUID module to better match it's purpose: being aAndrew Bartlett2-51/+61
simple ldap mapping (a complex mapping will follow). Fix the module to handle 'name' better, rather than using the 'name' attribute built into OpenLDAP, rename to samba4RDN. We need to see if this can be handled in the backend. Also rename the functions and inernal module name to entryuuid for consistancy. Andrew Bartlett (This used to be commit a7be80766f4270d63433bbd6a976ebf302ed3433)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25981: Don't create an ldb_request on NULL.Andrew Bartlett1-8/+11
A re-arrangment of the code due to the base DN checking meant that the ac->down_req array wasn't started, so was NULL Andrew Bartlett (This used to be commit 0a44b8e9f3e1a85c27d105cdd1572a0df936f612)
2007-12-21r25949: Make error messages clearer and more correct.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit f0a0d73f768434cb474b311d7c366d1f2a06c8f4)
2007-12-21r25942: Make various ldb modules handle an LDB backend that enforces validityAndrew Bartlett7-163/+348
of Base DNs in searches (returning an error of LDB_ERR_NO_SUCH_ENTRY). We need to handle this if ldb_tdb is to behave correctly compared with LDAP, as well as if we are using an LDAP backend. In doing so, I realised that subtree_rename and subtree_delete (prevention) need rather different wait loops, so it seemed easier to split it out into it's own module. I've fixed the licence on both of these modules to be GPLv3. Andrew Bartlett (This used to be commit d3894c90f31fb45e038ab478cd9d7d34962d069b)
2007-12-21r25941: Use samdb_relative_path() (new function in samdb.c) in the partitionsAndrew Bartlett1-30/+3
module. Andrew Bartlett (This used to be commit c8d1ab30845fa1496c85630b138b1cb512c2b6aa)
2007-12-21r25940: Rework the samldb and templates handling.Andrew Bartlett1-35/+48
Templates just don't belong in the sam.ldb, as they don't obey any of the other rules. This moves them to a seperate templates.ldb. In samldb, this patch reworks the duplicate SID and Name detection code, to use ldb_search_exp_fmt() rather than gendb_search. This returns far more useful errors, which we now handle and report better. The call to samdb_search_for_parent_domain() has been moved in samldb, to allow both the account and SID uniqueness checks to be in the same domain. This function also returns better errors. dcesrv_drsuapi.c is updated for the new prototype of samdb_search_for_parent_domain() Andrew Bartlett (This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
2007-12-21r25920: ndr: change NTSTAUS into enum ndr_err_code (samba4 callers)Stefan Metzmacher7-93/+110
lib/messaging/ lib/registry/ lib/ldb-samba/ librpc/rpc/ auth/auth_winbind.c auth/gensec/ auth/kerberos/ dsdb/repl/ dsdb/samdb/ dsdb/schema/ torture/ cluster/ctdb/ kdc/ ntvfs/ipc/ torture/rap/ ntvfs/ utils/getntacl.c ntptr/ smb_server/ libcli/wrepl/ wrepl_server/ libcli/cldap/ libcli/dgram/ libcli/ldap/ libcli/raw/ libcli/nbt/ libnet/ winbind/ rpc_server/ metze (This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
2007-12-21r25891: Test that we get the correct return value when we attempt to referenceAndrew Bartlett1-2/+2
invalid entries with a linked attribute. Make Samba4 pass that test, by fixing a silly bug in the linked_attributes module. (By passing down the 'original' request structure, tdb would override our handle, and therefore we would never be called for the 'wait', which collects the errors). Fix up the provision templates to handle the newly required referential integrity. Andrew Bartlett (This used to be commit 0377d85bbdcb2c4f110b0519005f0d1d10bc0c0b)
2007-12-21r25887: Build Samba-specific ldb modules as dso's.Jelmer Vernooij1-2/+23
(This used to be commit 9d73becbb24fbde2e319e18e84af35d9efaeefda)
2007-12-21r25839: use nss_wrapper code in samba4 ifStefan Metzmacher1-1/+1
--enable-nss-wrapper or --enable-developer is given metze (This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
2007-12-21r25788: Use a single routine to handle the creation of modify requests in theAndrew Bartlett1-202/+132
linked_attributs code. This drasticly reduces the code duplication here. Andrew Bartlett (This used to be commit c66e188e6729a8e12854017d62067b4ae4a23af8)
2007-12-21r25781: Handle and test linked attribute renames.Andrew Bartlett1-7/+310
Andrew Bartlett (This used to be commit 56d9dd5140b6d7d7bbaa2f59ecdff7ee70c4faac)
2007-12-21r25780: fix bool returnStefan Metzmacher1-1/+1
metze (This used to be commit 7b77210d3e2c644d28d6e3795e6c4423dc6ea4bf)
2007-12-21r25763: Handle modifies, in the easy case (add/delete of elements), for theAndrew Bartlett1-1/+151
linked attributes. Andrew Bartlett (This used to be commit c6a6246fbde996ec7e85cb66f060cfe8b90044dd)
2007-12-21r25762: This test belongs best with the other checks for a valid parent, inAndrew Bartlett2-8/+8
the objectclass module. Andrew Bartlett (This used to be commit 16a292fcb134adec110cbc4c8f0fb03323750a45)
2007-12-21r25761: Rename to be a DN to be a child of itself wasn't being checked for.Andrew Bartlett1-0/+8
This prevents CN=test,dc=samba,dc=example,dc=com being renamed into CN=test2,cn=test,dc=samba,dc=example,dc=com Andrew Bartlett (This used to be commit 958a92ed0c6bee19d8b86df7c66330d2bba23e46)
2007-12-21r25755: Fix a couple of memory leaks, in particular a new leak onto the NULLAndrew Bartlett1-3/+5
context caused by my objectclass module work. Andrew Bartlett (This used to be commit 2a835d900fee71e4461d5d18e39b4358fa6fdfba)
2007-12-21r25754: More work on normal forms for ldb input.Andrew Bartlett1-69/+147
This patch is to ensure that all attributes are in the same case as the schema specifies. In the process, I ensure that all attributes are indeed in the schema. This ensures we use the schema case, not the user supplied case for future responses, which assists any (incorrect, but possible) case sensitive processing on a client. I've also removed more of the subtle 'schema &&' that metze objected to in the for loops, moving to a much more explicit 'if (schema)'. Andrew Bartlett (This used to be commit bfc96fff063e7cc278755c043b9da0ed4b75a615)
2007-12-21r25753: Move cn=rootdse to @ROOTDSE to avoid being caught up in schema ↵Andrew Bartlett1-2/+2
restrictions. Andrew Bartlett (This used to be commit f3390c9054244c0e4381007b36bbac9a17800570)
2007-12-21r25750: Update the objectclass module to improve consistency in Samba4.Andrew Bartlett1-78/+351
The aim here is to ensure that if we have CN=Users,DC=samba,DC=example,DC=com that we cannot have a DN of the form cn=admin ,cn=useRS,DC=samba,DC=example,DC=com This module pulls apart the DN, fixes up the relative DN part, and searches for the parent to copy the base from. I've used the objectclass module, as I intend to also validate the placement of child objects, by reading the allowedChildClasses virtual attribute. In the future, I'll also force the attribute names to be consistant (using the case from the schema). Andrew Bartlett (This used to be commit c0a0c69ac5a81cfcb7c7d5ba38db59f8686c30ab)
2007-12-21r25748: Don't segfault if we don't have a schema yet.Andrew Bartlett1-0/+12
Andrew Bartlett (This used to be commit 388e15a4c1fab55d376be956c2a7168b946bc994)
2007-12-21r25747: Implement linked attributes, for add operations.Andrew Bartlett2-0/+324
Much more work is still required here, particularly to handle this better during the provision, and to handle modifies and deletes, but this is a start. Andrew Bartlett (This used to be commit 2ba99d58e9fe1f8e4b15a58a2fdfce6e876f99b4)
2007-12-21r25729: Fix silly regression in the subtree_rename - I broke normal renames.Andrew Bartlett1-1/+1
Bug 5041 Andrew Bartlett (This used to be commit 7e68051bb7a9ac5f1b232c32b7614db61c3c1bc4)
2007-12-21r25723: Add a check to prevent deletion of entries with children. Sadly MMCAndrew Bartlett1-1/+112
doesn't trigger it's recursive delete correctly, but the error return is correct (but perhaps needs a different LDAP wire format). Andrew Bartlett (This used to be commit 10ba3ae6990098e772683de9144b13b3f1d45a36)
2007-12-21r25710: Finally fix subtree renames. Untested code is broken code and in thisAndrew Bartlett2-17/+18
case an oddity of the javascript caused the test to 'pass'. For the same oddity, we have a failure in ldb's handling of spaces in DNs. We need to resolve that too. Andrew Bartlett (This used to be commit e8cbac1a46f4d3b083e6bb5a509ef1ba47bebff1)
2007-12-21r25705: Ensure we return the out value to the caller.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 3434262ad74c366ac58319c70880ca50898fa78c)
2007-12-21r25704: Handle the chicken-and-egg problem of setting up the LDB before we getAndrew Bartlett1-8/+15
a schema. perhaps i need to look into metze's 'load a schema from ldif' code. Andrew Bartlett (This used to be commit f350ef5f19ec755c93c6c09210cdf276d1b66877)
2007-12-21r25702: Clarify comments and make this module more strict on objectclasses.Andrew Bartlett1-10/+13
This is becoming the schema module... Andrew Bartlett (This used to be commit ecea817a3e793f8ac0187dd83a29e62a7d645868)
2007-12-21r25701: Clarify commentAndrew Bartlett1-1/+1
(This used to be commit cea496d2163db6dde371526dd5a79d4c090839ef)
2007-12-21r25693: Implement the rest of subtree renames, now that tridge waved his magicAndrew Bartlett1-22/+34
over the ldb_tdb part of the problem. Andrew Bartlett (This used to be commit daca0cfd2fc2ec3344415d2d31f399ee3bf16151)
2007-10-10r25553: Convert to standard bool type.Jelmer Vernooij6-37/+37
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
2007-10-10r25430: Add the loadparm context to all parametric options.Jelmer Vernooij1-1/+1
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-1/+2
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25249: Thanks to Andrew Kroeger for pointing out this silly typo (callingAndrew Bartlett1-1/+1
end_transaction in delete_tranaction would be very much the wrong thing to do) in the update_keytab module. Andrew Bartlett (This used to be commit aad9545ca12bc8a3aeaf5cc870d137d89c34bb39)
2007-10-10r25035: Fix some more warnings, use service pointer rather than service ↵Jelmer Vernooij1-1/+1
number in more places. (This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r25001: Fix more C++ and other warnings, fix some of the indentation with ↵Jelmer Vernooij1-11/+11
ts=4 lines that I accidently added earlier. (This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
2007-10-10r25000: Fix some more C++ compatibility warnings.Jelmer Vernooij3-6/+9
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
2007-10-10r24914: In response to bug #4892 by Matthias Wallnöfer <mwallnoefer@yahoo.de>,Andrew Bartlett2-25/+42
allow the objectclass module to reconstruct the objectclass hierarchy, rather than using templates. The issue being fixed in particular is that 'top' was not being set on containers. This should ensure we do this right for all objects. Andrew Bartlett (This used to be commit d17a0058ba8492b8b3f81b6f10fc34b3e45bb8a6)
2007-10-10r24793: The subtree_rename module is a work of fiction. An resemblance to aAndrew Bartlett1-16/+7
working module, live or dead, is purely co-incidental. Andrew Bartlett (This used to be commit 64cc31642fd2ded149631d07bc022213f19595b8)
2007-10-10r24780: More work allowing libutil to be used by external users.Jelmer Vernooij1-2/+1
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
2007-10-10r24761: Permit subtree renames in Samba4.Andrew Bartlett2-0/+302
The module is scary: On a rename, it does a search for all entries under that entry (including itself), and fires off a seperate rename call for each result. This will fail miserably on an LDAP backend, but I'll need to work on using hdb for OpenLDAP, and hope Fedora DS can implement subtree renames at some point. Andrew Bartlett (This used to be commit 13908a8cb4dd810503213203efb8d51f77f1f379)
2007-10-10r24731: Remove unused code - if we hit these error conditions, then we areAndrew Bartlett9-82/+0
dead anyway, and a segfault would leave us with more infomation. Andrew Bartlett (This used to be commit 62320616ff8795ff18c8f49029d81f12558c10ed)
2007-10-10r24696: Fix bug 4918 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>Andrew Bartlett1-37/+40
with a patch from Andrew Kroeger <andrew@sprocks.gotdns.com>. The changes to samldb_fill_foreignSecurityPrincipal_object() look much larger then they are: We just skip all the objectSid generation if the SID is supplied. By providing a few more objects, standard dialogs on the clients are better behaved, for these 'well known' users. Andrew Bartlett (This used to be commit 35ee4aee719e69983d650602d1c6422a31600001)
2007-10-10r24690: Further fix to bug 4919: Ensure we don't supply a NULL URL argument toAndrew Bartlett1-0/+5
ldb_connect_backend(). Andrew Bartlett (This used to be commit d0595e7a3d15c40dd49062efa0ddc6864b6b9030)
2007-10-10r24655: Fix bug 4919 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>:Andrew Bartlett1-3/+2
> When you change to the SAMBA private directory on a shell (default > /usr/local/samba/private) and start there for example ldbedit with the sam.ldb, > the application crashes if you don't put the "./" before the filename. I've adapted Matthias's patch. Andrew Bartlett (This used to be commit ba82197e30da8e626419e877d224431703edc866)
2007-10-10r24479: Typo fix - this makes 'make test' pass against OpenLDAP again.Andrew Bartlett1-1/+1
The objectCategory canonicalise_fn makes everything a DN, which is exactly what we need here. Andrew Bartlett (This used to be commit f5ec369741661fdf7ef5f5183c0e1a996bd46d41)
2007-10-10r24459: Fix up ldap.js and test_ldb.sh to test the domain_scope control, andAndrew Bartlett2-112/+8
to test the behaviour of objectCategory=user searches. It turns out (thanks to a hint on http://blog.joeware.net/2005/12/08/147/) that objectCategory=user maps into objectCategory=CN=Person,... (by the defaultObjectCategory of that objectclass). Simplify the entryUUID module by using the fact that we now set the DN as the canoncical form of objectCategory. Andrew Bartlett (This used to be commit b474be9507df51982a604289215bb1868124fc24)