summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2010-06-16s4:linked_attributes LDB module - cosmeticsMatthias Dieter Wallnöfer1-12/+10
- unsigned counters for LDB objects - we tend to have the "ret" variable always as the last declaration to see which type of error a function returns
2010-06-16s4:dsdb Allow renames with (now removed) linked attributesAndrew Bartlett1-3/+11
It is important to allow the rename, even if we just have one-way links, as this happens on deleted objects, which have the backlinks alredy removed by repl_meta_data. Andrew Bartlett
2010-06-16s4:dsdb Fix linked_attributes to cope with the Feb 2010 changes to DLISTAndrew Bartlett1-2/+6
The DLIST macros changed in behaviour in Feb 2010, and walking the lists backwards is no longer safe if you don't use the macros. Andrew Bartlett
2010-06-16s4:dsdb Assert that we can't get backlinks as input in linked_attributesAndrew Bartlett1-2/+15
The objectclass_attr module should prevent users creating such links, and the mrepl_meta_data module should only create them in functional level 2003 or above. Andrew Bartlett
2010-06-16s4:dsdb use dsdb_module_modify() rather than ldb_next_request()Andrew Bartlett1-22/+2
This does exactly the same thing, but with less code. Andrew Bartlett
2010-06-16s4:dsdb Handle backlinks for Windows 2000 level linked attributesAndrew Bartlett2-12/+928
This revives the code from 5964acfa741d691c0196f91c0796122ec025f177, before tridge and I simplified this too much, and removed the Windows 2000 functional level linked attribute support. By telling the linked_attributes module that repl_meta_data has handled the links, we avoid a conflict for the new style (functional level 2003 and above) linked attributes. However, we still need backlinks for 2000 style linked attributes, so this allows that code in the linked_attributes module to be revived to handle those. Andrew Bartlett
2010-06-16s4:dsdb Add control for signaling between repl_meta_data and linked_attributesAndrew Bartlett1-0/+5
This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett
2010-06-15dsdb: Fix includes when building against system ldb.Jelmer Vernooij5-44/+45
2010-06-15dsdb: Build modules as external modules when using system ldb.Jelmer Vernooij1-3/+37
2010-06-15s4:dsdb Move linked attribute restrictions to objectclass_attrsAndrew Bartlett1-0/+9
This puts more of the schema restrictions in one place. Andrew Bartlett
2010-06-13s4:fix allocated control OIDs for "password_hash" LDB moduleMatthias Dieter Wallnöfer1-3/+3
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date.
2010-06-13s4-test: Use smb.conf path set in environment rather than usingJelmer Vernooij1-14/+15
command-line options. This is the first step towards supporting custom test runners.
2010-06-12s4:password_hash LDB module - this does really deactivate the MS LAN manager ↵Matthias Dieter Wallnöfer1-5/+9
hash Previously, only the conversion from cleartext to the LM hash was deactivated, and not when the user specified it directly through "dBCSPwd".
2010-06-12s4:password_hash LDB module - fix commentMatthias Dieter Wallnöfer1-1/+1
2010-06-11s4:rootdse LDB module - use LDB result constantsMatthias Dieter Wallnöfer1-4/+5
2010-06-10s4:samldb LDB module - fix up the case when the old and new "primaryGroupID" ↵Matthias Dieter Wallnöfer1-7/+7
are the same
2010-06-10s4:samldb LDB module - don't create multiple "ac" module contexts on modify ↵Matthias Dieter Wallnöfer1-12/+6
operations Since we do now run sequentially through all checks we don't need multiple "ac" contexts anymore.
2010-06-10s4:samba_dsdb LDB module - move the "objectclass_attrs" module backMatthias Dieter Wallnöfer1-1/+1
I think it should be lower in order to control also the "instanceType" module.
2010-06-10s4:instancetype LDB module - prevent all types of "instanceType" manipulationMatthias Dieter Wallnöfer1-0/+16
Also on Windows Server you aren't able to change it.
2010-06-07s4:objectclass_attrs LDB module - move the single-valued attribute check ↵Matthias Dieter Wallnöfer1-1/+13
into this module It seems to me more consistent (and also to keep the same behaviour on all backends). Also the DRS hack should therefore not be needed anymore since the "repl_meta_data" module launches requests behind "objectclass_attrs".
2010-06-07s4:samba_dsdb LDB module - fix typosMatthias Dieter Wallnöfer1-2/+2
2010-06-07s4:samba_dsdb LDB module - enhance/fix module rule commentsMatthias Dieter Wallnöfer1-3/+5
2010-06-07s4:objectclass LDB module - rework the code which handles the objectclasses ↵Matthias Dieter Wallnöfer1-149/+191
modification Before it has been very incomplete. We try now to match the Windows Server behaviour as close as possible.
2010-06-07s4:acl LDB module - LDB attribute names should be compared using ↵Matthias Dieter Wallnöfer1-2/+2
"ldb_attr_cmp" or "strcasecmp"
2010-06-07s4:acl LDB module - adaption for "objectclass_attrs" moduleMatthias Dieter Wallnöfer1-5/+15
Since the attribute schema checking code moved back we need to give here the "LDB_ERR_NO_SUCH_ATTRIBUTE" error.
2010-06-07s4:objectclass LDB module - remove "fix_check_attributes"Matthias Dieter Wallnöfer1-62/+0
Also this task is now performed by the "objectclass_attrs" LDB module.
2010-06-07s4:samldb LDB module - adjust the module to set always a ↵Matthias Dieter Wallnöfer1-35/+45
"defaultObjectCategory" on objectclass add operations This is needed to make the "objectclass_attrs" LDB module happy. The search check and case adjustment are done as it was using a second modify operation.
2010-06-07s4:remove the "validate_update" LDB module - the task is now handled by the ↵Matthias Dieter Wallnöfer3-128/+0
far more complete "objectclass_attrs" LDB module
2010-06-07s4:dsdb - introduce a new "objectclass_attrs" LDB module which performs the ↵Matthias Dieter Wallnöfer3-0/+401
objectclass attributes checking Until now we had no real consistent mechanism which allowed us to check if attributes belong to the specified objectclasses.
2010-06-07s4:objectclass LDB module - instanciate the schema variable centrally on the ↵Matthias Dieter Wallnöfer1-28/+28
"ac" context creation This unifies the position when the schema is read and prevents multiple instanciations (eg on a modification operation).
2010-06-07s4:samldb LDB module - finally we can remove the RDN checkMatthias Dieter Wallnöfer1-53/+0
This is now dynamically always done by the objectclass LDB module
2010-06-07s4:objectclass LDB module - finally implement the correct entry rename ↵Matthias Dieter Wallnöfer1-25/+130
protections Only the "systemFlags" check is still missing.
2010-06-07s4:objectclass LDB module - cosmetic changeMatthias Dieter Wallnöfer1-2/+3
2010-06-07s4:objectclass LDB module - remove duplicated codeMatthias Dieter Wallnöfer1-13/+4
2010-06-07s4:objectclass LDB module - fix counter variable typesMatthias Dieter Wallnöfer1-1/+1
2010-06-07s4:objectclass LDB module - explain why the search can return with an empty ↵Matthias Dieter Wallnöfer1-1/+2
return
2010-06-07s4:objectclass LDB module - this "talloc_steal" is not necessaryMatthias Dieter Wallnöfer1-1/+0
The "parent_dn" was created on the "ac" context which lives anyway longer than this child request.
2010-06-07s4:objectclass LDB module - fix error result if an entry doesn't contain a ↵Matthias Dieter Wallnöfer1-3/+3
structural objectclass We need to return LDB_ERR_UNWILLING_TO_PERFORM (not LDB_ERR_NAMING_VIOLATION).
2010-06-07s4:objectclass LDB module - use "ldb_oom" for expressing out of memoryMatthias Dieter Wallnöfer1-2/+1
2010-06-07s4:objectclass LDB module - fix header and add my copyrightMatthias Dieter Wallnöfer1-4/+6
2010-06-06s4:password_hash LDB module - adapt the module to the new ↵Matthias Dieter Wallnöfer1-17/+6
"ldb_msg_remove_attr" behaviour
2010-06-06s4:samldb LDB module - this codepart isn't needed due to the objectclass LDB ↵Matthias Dieter Wallnöfer1-13/+0
module When a "computer" entry will be added, also the inherited "user" objectclass is going to be specified.
2010-06-06s4:get_last_structural_class - only real structural classes can be ↵Matthias Dieter Wallnöfer1-1/+1
candidates for fetching the last one Classes with objectCategory = 1 are always structural, these with objectCategory = 0 also (as we can see in our Windows 2008 R2 schema file where class "Person" has 0 but is structural). Abstract classes and auxiliary ones cannot be considered (objectCategory = 2, 3) http://msdn.microsoft.com/en-us/library/ms677964(VS.85).aspx
2010-06-06s4:ridalloc LDB module - add more "talloc_free"s where usefulMatthias Dieter Wallnöfer1-0/+3
Some were missing on failure return branches.
2010-06-06s4:acl LDB module - fix counter types where appropriateMatthias Dieter Wallnöfer1-2/+4
2010-06-06s4:descriptor LDB module - cosmetic fixupMatthias Dieter Wallnöfer1-4/+4
2010-06-01s4: check the sacl and dacl pointers on the old sdAnatoliy Atanasov1-2/+2
2010-06-01s4-cracknames: Fix typo in debug message.Karolin Seeger1-1/+1
Karolin
2010-05-31s4:samldb LDB module - start on a sequential trigger implementationMatthias Dieter Wallnöfer1-10/+26
This is a start to allow the triggers to be called sequentially.
2010-05-30s4:samldb LDB module - deny delete operations on some important attributesMatthias Dieter Wallnöfer1-3/+12
Add operations are denied since these are single-valued - only replace is allowed. This is only provisorily at the moment - we need to implement the triggers specified in MS-ADTS.
generated by cgit (git 2.34.1) at 2024-07-06 09:38:38 +0000