| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
We now have the core code for handling storage of linked attribute
meta-data with local modifies
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
When in functional levels above w2k, we need to store much richer meta
data about linkked attributes. We also need to keep deleted linked
attributes around to allow the deletion to be propogated to other DCs.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This attribute can not be modified on existing schema object.
msDS-IntId is not allowed during attribute creation also.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The bug is that prefixMap is updated only memory when
adding new Classs/Attribute that has and OID not in
prefixMap already.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
|
|
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
To allow us to use the repl_meta_data module in standalone mode (and
thus not have two module stacks to test), we need a invocationID
stored somewhere when standalone. This creates a random one, and
stores it in @SAMBA_DSDB.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We can use dsdb_module_search() to make this much simpler
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is done by sorting the classes by subClass_order, which will
check if the last structural class is valid to add (in
objectclass_do_add instead checking the last class in the list).
They were being sorted by building a class tree, and adding the
classes to the list in that order. However, AUX classes usually don't
fit into that tree, so LDB_ERR_OBJECT_CLASS_VIOLATION was returned. I
have changed the behavior to sort the classes by subClass_order
instead.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
user.
Makes sure samAccountName has been specified before adding a
user. This happened while I was trying to add a user with the
posixAccount objectclass. I forgot to specify the user objectClass,
and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
It can now also be used by objectclass.c
get_last_structural_class now ignores AUX classes, because they are
not structural
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Check to see if there were any messages passed to acl_modify before
debugging the first one. I think I caused this by some malformed
LDIF.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with
the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights
to an account over itself.
|
|
|
|
removing a control means it can't be seen by any other modules, which
is usually not what is wanted. Better to just mark it non-critical,
which means anyone else who wants to look at it can, but if nobody
does its not an error.
|
|
|
|
For controls that need to be seen by more than one module, it is best
to just mark them non-critical when handled, instead of removing
them. Otherwise lower modules can't see them.
In this case we want the operational module to see the SD_FLAGS
control
|
|
This will be used by the replmd_delete() code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is used to do a sync modify in a module
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
needs to ask for the DN in storage format, plus fix compilation errors
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This function will be used for non-search controls, like relax
|
|
This finds a DN given a GUID, searching below the current module in
the module stack.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This also moves the check to before we parse the DN, which saves some
unnecessary work
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
When reveal is set, then we show deleted linked attributes and all
linkked attribute components. When not set we show a normal extended
DN.
|
|
This matches the default handling order in the "password_hash" module (it's nice
to have this consistent).
|
|
allowedChildClassesEffective.
Behavior as documented in WSPP and tested. Needs optimisation though.
|
|
|
|
|
|
|
|
This allows us to search below the current module. That
will be important when we start using the results of this
search to get the linked attributes meta data right
|
|
msg->elements could be NULL before we add parentGUID
|
|
This avoids not only a possibly non-portable compiler expression, but
also the need to look up the schema each time.
Andrew Bartlett
|
|
The original code here would do a subtree search under each object,
attempting to determine if it was a group. This was incorrect, and
inefficient - we just need to ask for the objectClass attribute, and
check that value before returning the group's RID.
(Much of this patch reworks operational.c to allow a search for 2
attributes for this calculation).
Andrew Bartlett
|
|
This avoids doing a new search from the top of the module stack.
This also removes the helper function dsdb_find_parentguid_by_dn()
which is now unused.
Andrew Bartlett
|
|
|
|
The show_deleted module was using a static private ptr in the module
to hold a parse tree to save on parsing. The code caused this
static ptr to change with each search, which caused incorrect
searches and numerous valgrind errors.
This patch replaces it with a hand-built parse tree.
|
|
In general functions that don't return any memory should not take a memory context.
Otherwise it is too easy to have a bug like this where memory is leaked
|
|
|
|
Updating of uSNChanged broke in a recent change
|
|
Uses the dsdb_msg_add_guid() to add any kind of GUID attribute
to a ldb_message in several places of samba4 code.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
