Age | Commit message (Collapse) | Author | Files | Lines |
|
implement these in the simple ldap mapping module.
We still don't pass this test, because we must get linked attributes
into OpenLDAP.
Andrew Bartlett
(This used to be commit d41f34e979bb119f71ab3cc2fdb3c08e4b92849c)
|
|
simple ldap mapping (a complex mapping will follow).
Fix the module to handle 'name' better, rather than using the 'name'
attribute built into OpenLDAP, rename to samba4RDN. We need to see if
this can be handled in the backend.
Also rename the functions and inernal module name to entryuuid for
consistancy.
Andrew Bartlett
(This used to be commit a7be80766f4270d63433bbd6a976ebf302ed3433)
|
|
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
|
|
A re-arrangment of the code due to the base DN checking meant that the
ac->down_req array wasn't started, so was NULL
Andrew Bartlett
(This used to be commit 0a44b8e9f3e1a85c27d105cdd1572a0df936f612)
|
|
Andrew Bartlett
(This used to be commit f0a0d73f768434cb474b311d7c366d1f2a06c8f4)
|
|
of Base DNs in searches (returning an error of LDB_ERR_NO_SUCH_ENTRY).
We need to handle this if ldb_tdb is to behave correctly compared with
LDAP, as well as if we are using an LDAP backend.
In doing so, I realised that subtree_rename and subtree_delete
(prevention) need rather different wait loops, so it seemed easier to
split it out into it's own module.
I've fixed the licence on both of these modules to be GPLv3.
Andrew Bartlett
(This used to be commit d3894c90f31fb45e038ab478cd9d7d34962d069b)
|
|
module.
Andrew Bartlett
(This used to be commit c8d1ab30845fa1496c85630b138b1cb512c2b6aa)
|
|
Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules. This moves them to a seperate templates.ldb.
In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search. This
returns far more useful errors, which we now handle and report better.
The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain. This function also returns better errors.
dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()
Andrew Bartlett
(This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
|
|
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/
metze
(This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
|
|
invalid entries with a linked attribute.
Make Samba4 pass that test, by fixing a silly bug in the
linked_attributes module. (By passing down the 'original' request
structure, tdb would override our handle, and therefore we would never
be called for the 'wait', which collects the errors).
Fix up the provision templates to handle the newly required
referential integrity.
Andrew Bartlett
(This used to be commit 0377d85bbdcb2c4f110b0519005f0d1d10bc0c0b)
|
|
(This used to be commit 9d73becbb24fbde2e319e18e84af35d9efaeefda)
|
|
--enable-nss-wrapper or --enable-developer is given
metze
(This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
|
|
linked_attributs code.
This drasticly reduces the code duplication here.
Andrew Bartlett
(This used to be commit c66e188e6729a8e12854017d62067b4ae4a23af8)
|
|
Andrew Bartlett
(This used to be commit 56d9dd5140b6d7d7bbaa2f59ecdff7ee70c4faac)
|
|
metze
(This used to be commit 7b77210d3e2c644d28d6e3795e6c4423dc6ea4bf)
|
|
linked attributes.
Andrew Bartlett
(This used to be commit c6a6246fbde996ec7e85cb66f060cfe8b90044dd)
|
|
the objectclass module.
Andrew Bartlett
(This used to be commit 16a292fcb134adec110cbc4c8f0fb03323750a45)
|
|
This prevents CN=test,dc=samba,dc=example,dc=com being renamed into
CN=test2,cn=test,dc=samba,dc=example,dc=com
Andrew Bartlett
(This used to be commit 958a92ed0c6bee19d8b86df7c66330d2bba23e46)
|
|
context caused by my objectclass module work.
Andrew Bartlett
(This used to be commit 2a835d900fee71e4461d5d18e39b4358fa6fdfba)
|
|
This patch is to ensure that all attributes are in the same case as
the schema specifies. In the process, I ensure that all attributes
are indeed in the schema.
This ensures we use the schema case, not the user supplied case for
future responses, which assists any (incorrect, but possible) case
sensitive processing on a client.
I've also removed more of the subtle 'schema &&' that metze objected
to in the for loops, moving to a much more explicit 'if (schema)'.
Andrew Bartlett
(This used to be commit bfc96fff063e7cc278755c043b9da0ed4b75a615)
|
|
restrictions.
Andrew Bartlett
(This used to be commit f3390c9054244c0e4381007b36bbac9a17800570)
|
|
The aim here is to ensure that if we have
CN=Users,DC=samba,DC=example,DC=com
that we cannot have a DN of the form
cn=admin ,cn=useRS,DC=samba,DC=example,DC=com
This module pulls apart the DN, fixes up the relative DN part, and
searches for the parent to copy the base from.
I've used the objectclass module, as I intend to also validate the
placement of child objects, by reading the allowedChildClasses virtual
attribute.
In the future, I'll also force the attribute names to be consistant
(using the case from the schema).
Andrew Bartlett
(This used to be commit c0a0c69ac5a81cfcb7c7d5ba38db59f8686c30ab)
|
|
Andrew Bartlett
(This used to be commit 388e15a4c1fab55d376be956c2a7168b946bc994)
|
|
Much more work is still required here, particularly to handle this
better during the provision, and to handle modifies and deletes, but
this is a start.
Andrew Bartlett
(This used to be commit 2ba99d58e9fe1f8e4b15a58a2fdfce6e876f99b4)
|
|
Bug 5041
Andrew Bartlett
(This used to be commit 7e68051bb7a9ac5f1b232c32b7614db61c3c1bc4)
|
|
doesn't trigger it's recursive delete correctly, but the error return
is correct (but perhaps needs a different LDAP wire format).
Andrew Bartlett
(This used to be commit 10ba3ae6990098e772683de9144b13b3f1d45a36)
|
|
case an oddity of the javascript caused the test to 'pass'.
For the same oddity, we have a failure in ldb's handling of spaces in
DNs. We need to resolve that too.
Andrew Bartlett
(This used to be commit e8cbac1a46f4d3b083e6bb5a509ef1ba47bebff1)
|
|
Andrew Bartlett
(This used to be commit 3434262ad74c366ac58319c70880ca50898fa78c)
|
|
a schema. perhaps i need to look into metze's 'load a schema from
ldif' code.
Andrew Bartlett
(This used to be commit f350ef5f19ec755c93c6c09210cdf276d1b66877)
|
|
This is becoming the schema module...
Andrew Bartlett
(This used to be commit ecea817a3e793f8ac0187dd83a29e62a7d645868)
|
|
(This used to be commit cea496d2163db6dde371526dd5a79d4c090839ef)
|
|
over the ldb_tdb part of the problem.
Andrew Bartlett
(This used to be commit daca0cfd2fc2ec3344415d2d31f399ee3bf16151)
|
|
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
end_transaction in delete_tranaction would be very much the wrong
thing to do) in the update_keytab module.
Andrew Bartlett
(This used to be commit aad9545ca12bc8a3aeaf5cc870d137d89c34bb39)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
ts=4 lines that I accidently added earlier.
(This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
|
|
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
|
|
allow the objectclass module to reconstruct the objectclass hierarchy,
rather than using templates.
The issue being fixed in particular is that 'top' was not being set on
containers.
This should ensure we do this right for all objects.
Andrew Bartlett
(This used to be commit d17a0058ba8492b8b3f81b6f10fc34b3e45bb8a6)
|
|
working module, live or dead, is purely co-incidental.
Andrew Bartlett
(This used to be commit 64cc31642fd2ded149631d07bc022213f19595b8)
|
|
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
|
|
The module is scary: On a rename, it does a search for all entries
under that entry (including itself), and fires off a seperate rename
call for each result. This will fail miserably on an LDAP backend,
but I'll need to work on using hdb for OpenLDAP, and hope Fedora DS
can implement subtree renames at some point.
Andrew Bartlett
(This used to be commit 13908a8cb4dd810503213203efb8d51f77f1f379)
|
|
dead anyway, and a segfault would leave us with more infomation.
Andrew Bartlett
(This used to be commit 62320616ff8795ff18c8f49029d81f12558c10ed)
|
|
with a patch from Andrew Kroeger <andrew@sprocks.gotdns.com>.
The changes to samldb_fill_foreignSecurityPrincipal_object() look much
larger then they are: We just skip all the objectSid generation if the
SID is supplied.
By providing a few more objects, standard dialogs on the clients are
better behaved, for these 'well known' users.
Andrew Bartlett
(This used to be commit 35ee4aee719e69983d650602d1c6422a31600001)
|
|
ldb_connect_backend().
Andrew Bartlett
(This used to be commit d0595e7a3d15c40dd49062efa0ddc6864b6b9030)
|
|
> When you change to the SAMBA private directory on a shell (default
> /usr/local/samba/private) and start there for example ldbedit with the sam.ldb,
> the application crashes if you don't put the "./" before the filename.
I've adapted Matthias's patch.
Andrew Bartlett
(This used to be commit ba82197e30da8e626419e877d224431703edc866)
|
|
The objectCategory canonicalise_fn makes everything a DN, which is
exactly what we need here.
Andrew Bartlett
(This used to be commit f5ec369741661fdf7ef5f5183c0e1a996bd46d41)
|
|
to test the behaviour of objectCategory=user searches.
It turns out (thanks to a hint on
http://blog.joeware.net/2005/12/08/147/) that objectCategory=user maps
into objectCategory=CN=Person,... (by the defaultObjectCategory of
that objectclass).
Simplify the entryUUID module by using the fact that we now set the DN
as the canoncical form of objectCategory.
Andrew Bartlett
(This used to be commit b474be9507df51982a604289215bb1868124fc24)
|