summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r20629: add a wrapper function for ldb_extended(ldb, ↵Stefan Metzmacher1-0/+10
DSDB_EXTENDED_REPLICATED_OBJECTS_OID, out, &ext_res); which prepares the replicated objects, the repl_meta_data ldb module will then add the uSNCreated, uSNChanged and some other things and will apply the objects to the partition specific ldb metze (This used to be commit 48d568a75b8109807af29f5d9604240c20c1a116)
2007-10-10r20622: Add in a hack to avoid permitting searches on the value of protectedAndrew Bartlett1-1/+23
attributes. Andrew Bartlett (This used to be commit 5aa2195ec26d9ddf82e51f2b242cdf7c8ab52f52)
2007-10-10r20599: - forward extended operations in the partitions moduleStefan Metzmacher2-3/+47
- by default the operations goes to all partitions - but some wellkown ones will go to just one partition (DSDB_EXTENDED_REPLICATED_OBJECTS_OID for now) I'll soon change the partitions module so that it'll attach a DSDB_CONTROL_PARTITION_CONTEXT_OID control to give the repl_meta_data or other partition specific modules a chance to to know for which partition it should work. metze (This used to be commit 0ed53c6d0f4a4e43ff9c8943730eeb57c735201b)
2007-10-10r20587: prepare the DSDB_EXTENDED_REPLICATED_OBJECTS_OID handlingStefan Metzmacher2-0/+21
metze (This used to be commit ef3b325db060d43a7c2e058f6b8914b5867cd321)
2007-10-10r20580: pass the DSDB_CONTROL_REPLICATED_OBJECT_OID with the ldb_add requestStefan Metzmacher3-17/+88
when applying replicated objects. the samldb module ignores such requests now... and the repl_meta_data module has different functions for the replicated and originating cases... metze (This used to be commit a4d5e0126cfd6135ab829f4984269e265a868a28)
2007-10-10r20529: very, very ugly...Stefan Metzmacher1-4/+2
But this is currently needed to make regpatch linking in the dsdb/schema/schema_*.o object files. the problem is that the linker doesn't find any references to public symbols in this files and removes them from the link list. gnu ld has a --whole-archive option, but it seems to be not portable... I think the solution with prelinking using 'ld -r' to create one object file for a subsystem instead of using 'ar -rcs' to create an archive for a subsystem... jelmer: any ideas about this problem? metze (This used to be commit 46df7ff6e5e74eddcb81b5a195e82688d83afaf4)
2007-10-10r20522: make a copy of the objectguid ldb module because:Stefan Metzmacher2-0/+275
- I'll add handling of replication meta data to it for orginating changes - I'll pass replication meta data via a ldb control for applying replicated changes - It will also update the replUpToDateVector attribute in in root object of the partition - It will handle deleted records by adding the isDeleted=TRUE attribute and move them to the CN=Deleted Objects container of the partition - I make a copy to play with the code without breaking the LDAP backend setup metze (This used to be commit 045ddfe1ec626fab5e8fd75c5b47f0525b7ebb01)
2007-10-10r20492: Add in instructions/sample LDIF to setup Fedora DS as a backend.Andrew Bartlett1-1/+249
Add a new module entrypoint to handle the new, interesting and different mappings required for Fedora DS. Andrew Bartlett (This used to be commit 600c7f1a68c175b835ce45d13794a6f66bcc8493)
2007-10-10r20460: Simplfy the handling of password hashes in the samba3sam module.Andrew Bartlett1-7/+3
Andrew Bartlett (This used to be commit 2959b4ba8bb5764ea654ae7b152284a4e02405ab)
2007-10-10r20455: Apply some of the patches from Martin Kuehl <kuehl@univention.de> toAndrew Bartlett2-66/+116
better handle the Samba3 backend. I've refactored the password format patch to use the routines in lib/samba3/smbpasswd.c, which has required me to move this into a seperate subsystem, due to recursive dependencies. Andrew Bartlett (This used to be commit 14e2c877a82d1fcf060455f9b46de5767b71438d)
2007-10-10r20420: create infrastructure to convert attribute values from drsuapi to ldbStefan Metzmacher1-0/+1
metze (This used to be commit 17c52ed27613051beecd5bbf72c6e6e749a21d27)
2007-10-10r20398: Revert this patch, which caused failures in the samba3sam.js build ↵Andrew Bartlett1-12/+6
farm test. The interaction of the samldb.c module and this function is complex... Andrew Bartlett (This used to be commit bf7ab75875f722cc8499d24d455a94dd83b986ad)
2007-10-10r20395: Decode more unknowns in the IDL. These are language and codepage IDs!Andrew Bartlett1-0/+1
Try to pass more of the CrackNames test. Make the test quieter. Andrew Bartlett (This used to be commit a6bbfebf52f53f99b0edf52d3c23b72785b97469)
2007-10-10r20377: Rework the CrackNames implementation to handle some of the BUILTIN sidAndrew Bartlett2-32/+44
cases. Adjust our 'look for this value in this attribute, of the result' function samdb_find_attribute() to use the correct comparison function, no matter what that may be. Andrew Bartlett (This used to be commit 3c5ff4e68748cce0bb93d7d141083922d92c3845)
2007-10-10r20375: Work to improve our CrackNames implementation.Andrew Bartlett2-25/+144
We now correctly handle the canonical name as a CrackNames source, for more than just the DNS domain object. Andrew Bartlett (This used to be commit 629c72f0c27333cc9ede158e3525e8b03dd295d3)
2007-10-10r20321: fix the samdb_partitions_dn() and samdb_sites_dn() calls,Stefan Metzmacher1-4/+18
to use the new samdb_config_dn() call. also add samdb_ wrappers for samdb_schema_dn() and samdb_config_dn() metze (This used to be commit 80b8a968243aadeef7512c03278dbb0d4e88a9f2)
2007-10-10r20315: Implement the server side of DsGetDomainControllerInfo. This is aAndrew Bartlett2-45/+81
supprisingly complex call... It turns out that the in/out parameter 'level' is not in/out, but set seperatly by the server-side code from r->req.req1.level. This commit also breaks out some common code from samldb into samdb. Andrew Bartlett (This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
2007-10-10r20306: remove the static oid mapping tableStefan Metzmacher1-0/+1
and attach the table to the dsdb_schema metze (This used to be commit df63995ec5f322d17145664c1f174783861e1723)
2007-10-10r20233: add functions to create a dsdb_attribute and dsdb_class fromStefan Metzmacher1-0/+1
a drsuapi_DsReplicaObject metze (This used to be commit 9168236ddd3d8ed9daa1e47be1e6b12d2bc348b6)
2007-10-10r20221: - move the dsdb_schema, dsdb_attribute, dsdb_class structs intoStefan Metzmacher1-0/+1
a generic location - this struct should be also used by the dsdb/samdb/ldb_modules/schema.c module later - add functions to map from LDAP OID values to uint32_t values - add torture test for the OID => uint32 mapping code metze (This used to be commit 58ba6ec195ce3a5e2352866809f6cb57f8d8260a)
2007-10-10r20184: change ldb_attrib_handler into ldb_schema_attribute, which has a pointerStefan Metzmacher1-3/+3
to a ldb_schema_syntax struct. the default attribute handler is now registered dynamicly as "*" attribute, instead of having its own code path. ldb_schema_attribute's can be added to the ldb_schema given a ldb_schema_syntax struct or the syntax name we may also need to introduce a ldb_schema_matching_rule, and add a pointer to a default ldb_schema_matching_rule in the ldb_schema_syntax. metze (This used to be commit b97b8f5dcbce006f005e53ca79df3330e62f117b)
2007-10-10r20149: Remove the smb.conf distinction between PDC and BDC. Now the correctAndrew Bartlett1-24/+133
way to setup a Samba4 DC is to set 'server role = domain controller'. We use the fSMORoleOwner attribute in the base DN to determine the PDC. This patch is quite large, as I have corrected a number of places that assumed taht we are always the PDC, or that used the smb.conf lp_server_role() to determine that. Also included is a warning fix in the SAMR code, where the IDL has seperated a couple of types for group display enumeration. We also now use the ldb database to determine if we should run the global catalog service. In the near future, I will complete the DRSUAPI DsGetDomainControllerInfo server-side on the same basis. Andrew Bartlett (This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
2007-10-10r20034: Start using ldb_search_exp_fmt()Simo Sorce1-11/+6
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
2007-10-10r19869: fix memleaksSimo Sorce1-6/+3
(This used to be commit 3a662a2d985bf801284c5dc1123dec6705e6d092)
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce9-30/+28
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce14-151/+149
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19757: Don't do the strrchr twice. Pointed out by Martin Kuhl.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit c4bf9cc09b36d8dcc465608b55bbf5dc07aed9e4)
2007-10-10r19732: The 'res' from ldb_search is only valid if the call returns LDB_SUCCESS.Andrew Bartlett1-3/+6
This seems to show up (as an abort() from talloc) particularly under ldb_ildap. Andrew Bartlett (This used to be commit 9890af534d845d471d2a98268c408a907b29e016)
2007-10-10r19731: Modify the ldb_map infrustructure to always map from requestedAndrew Bartlett1-5/+9
attributes to backend (remote) attributes. We can't do a reverse mapping safely where the remote attribute may be a source for multiple local attributes. (We end up with the wrong attributes returned). In doing this, I've modified the samba3sam.js test to be more realistic, and fixed some failures in the handling of primaryGroupID. I've added a new (private) helper function ldb_msg_remove_element() to avoid a double lookup of the element name. I've also re-formatted many of the function headers, to fit into standard editor widths. Andrew Bartlett (This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
2007-10-10r19726: when a client explicit asks for the 'netlogon' attriubute on LDAPStefan Metzmacher1-0/+9
the result entry is skipped! metze (This used to be commit 62aa73f3d56596780fc82fecbc99c688ecbf5b08)
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett1-8/+14
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-2/+1
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19531: Make struct ldb_dn opaque and local to ldb_dn.cSimo Sorce3-15/+15
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
2007-10-10r19522: Remove gensec and credentials dependency from the rootdse module (lessAndrew Bartlett1-20/+12
dependency loops). This moves the evaluation of the SASL mechansim list to display in the rootDSE to the ldap server. Andrew Bartlett (This used to be commit 379da475e224d93c05d91b37902c121eb4007d97)
2007-10-10r19507: Merge my DSO fixes branch. Building Samba's libraries as shared ↵Jelmer Vernooij1-1/+1
libraries works again now, by specifying --enable-dso to configure. (This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
2007-10-10r19489: Change ldb_msg_add_value and ldb_msg_add_empty to take a foruth ↵Simo Sorce6-23/+21
argument. This is a pointer to an element pointer. If it is not null it will be filled with the pointer of the manipulated element. Will avoid double searches on the elements list in some cases. (This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
2007-10-10r19464: Reject passwords that cannot be converted into UCS2.Andrew Bartlett1-1/+7
Andrew Bartlett (This used to be commit c843fce7a0e9b91c4d2de44e7a9ad9599b33ec5c)
2007-10-10r19337: never alloc on module unless you mean to attach a context toSimo Sorce1-1/+1
it to keep the data around as long as the module lives (This used to be commit d2073c1f7e1bc674358df5da0dc09e183b4b8712)
2007-10-10r19333: commit module changes I made some time ago before I loose themSimo Sorce3-106/+135
(This used to be commit 524ec78086597e0507cb6ce307155ef1b6a47836)
2007-10-10r19332: ldb_parse_tree leaksSimo Sorce2-3/+3
(This used to be commit 3e0e2787c1da1c3831e21b163e1370001d725a3d)
2007-10-10r19330: Fix memleaksSimo Sorce1-1/+1
(This used to be commit f163f422e3f201d8b0e22538949eccf0f7e62143)
2007-10-10r19329: fixed a leak in the password hash moduleAndrew Tridgell1-1/+1
(This used to be commit 3f48bcb0585684686ba7601eb7614589a1bc2f5d)
2007-10-10r19328: another leak plugged ....Andrew Tridgell1-1/+1
(This used to be commit f57535b9c2214e58c71084fcb9d74848e7d26b89)
2007-10-10r19321: Merge from release branch:Andrew Bartlett1-6/+6
Always set the krb5key from the ntPwdHash, even if we don't have the cleartext password in sambaPassword. This fixes kerberos after a vampire. Andrew Bartlett (This used to be commit 1d4d2271c9b944db3a9a2eba971aec5bcd9cf100)
2007-10-10r19313: Don't mess with hierarchies!!Simo Sorce1-1/+1
There is a reason why we use them :-) (This used to be commit e3b7e91299559ddc7f300be53785d313a4aa90fc)
2007-10-10r19308: Merge samsync fixes from SAMBA_4_0_RELEASEAndrew Bartlett1-1/+15
Andrew Bartlett (This used to be commit 331003239972d80864211377e864f7e469bd3d77)
2007-10-10r19299: Fix possible memleaksSimo Sorce1-1/+3
(This used to be commit 6fad80bb09113a60689061a2de67711c9924708b)
2007-10-10r18945: fix compiler warnings and end-of-non-void function bugsStefan Metzmacher2-11/+17
metze (This used to be commit ed195999c0c7d89cdc61e980576d191fc05d65d7)
2007-10-10r18908: Store the schema structure into an opaque pointer so that it can be ↵Simo Sorce1-6/+14
reused by multiple connections (This used to be commit ca8827d8f9a9f6ec60afed29b0b85f491d725d1c)
2007-10-10r18781: Move the usnCreated and usnChanged handling around again.Andrew Bartlett4-18/+396
This moves these attributes from objectguid into an optional backend (objectguid), used by ltdb. For OpenLDAP, the entryUUID module converts entryCSN into usnChanged. This also changes the sequence number API, and uses 'time based' sequence numbers, when an LDAP or similar backend is detected. To assist this, we also store the last modified time in the TDB, whenever we change a value. Andrew Bartlett (This used to be commit 72858f859483c0c532dddb2c146d6bd7b9be5072)