summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2010-07-05s4-dsdb: Implementation of User-Change-Password and User-Force-Password-ChangeNadezhda Ivanova1-79/+162
These CARs need to be checked on password change and password reset operations. Apparently the password attributes are not influenced by Write Property. Single detele operations and modifications of dBCSPwd are let through to the password_hash module. This is determined experimentally.
2010-07-04s4:subtree_rename LDB module - Cosmetic fixesMatthias Dieter Wallnöfer1-3/+4
2010-07-04s4:subtree_delete LDB module - fix comments and add my copyrightMatthias Dieter Wallnöfer1-2/+3
(I've introduced the subtree delete mechanism)
2010-07-03s4:schema_load LDB module - fix a segfault condition on schema refreshMatthias Dieter Wallnöfer1-0/+5
The schema refresh operation itself starts requests from the top of the LDB modules stack (see call "dsdb_schema_set_attributes" - search operations). This doesn't work well when these do perform "dsdb_get_schema" calls. Since the new schema isn't marked as "refreshed" atm (but in fact it still is - we didn't terminate the reload/refresh yet) we could perform other calls to "dsdb_schema_refresh" and run into serious trouble (segfault).
2010-07-03s4:dsdb_module_load_partition_usn - check for "res->count" equal/unequal to 1Matthias Dieter Wallnöfer1-1/+1
2010-07-03s4:schema_load.c - jump to "failed" on an error conditionMatthias Dieter Wallnöfer1-3/+2
2010-07-02s4-dsdb: fixed spelling of supportedSASLMechanismsAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4/dsdb: Assert DSDB_FLAG_*_MODULE is always passed in function callKamen Mazdrashki1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/util.c Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-2/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/subtree_delete.c: Use ↵Kamen Mazdrashki1-1/+3
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/schema_load.c: Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-1/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/samldb.c: Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-4/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/samba3sid.c: Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-1/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-2/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/ridalloc.c: Use DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-source4/dsdb/samdb/ldb_modules/repl_meta_data.c: Use ↵Kamen Mazdrashki1-4/+5
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-dsdb/samdb/ldb_modules/linked_attributes.c: make use of ↵Kamen Mazdrashki1-2/+2
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4/dsdb: Add DSDB_FLAG_NEXT_MODULE flagKamen Mazdrashki1-0/+1
Although it is not currently used in implementation, my intention is for callers to clearly state what action they want to execute. Currently when a caller wants to pass the call to the next module in the chain, this flag is either omitted or 0 is used (which is somewhat hacky, isn't it) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-29s4:dsdb/new_partition.c - remove the "ldb_next_request" call which we find ↵Matthias Dieter Wallnöfer1-3/+1
also below the "if" block
2010-06-29Revert "s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP ↵Matthias Dieter Wallnöfer1-8/+6
backend." This reverts commit ed4c107bc1eac8531fdd8d09f7698efcbc7ecb14. See post "Endi's Bug 7530 patches (LDAP backend)" on samba-technical.
2010-06-29Fixed incorrect use of cn instead of lDAPDisplayNameNadezhda Ivanova1-2/+2
2010-06-29s4/repl_meta_data: remove duplicated (and commented out) logKamen Mazdrashki1-6/+0
2010-06-28s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP backend.Endi S. Dewata1-6/+8
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28s4:repl_meta_data LDB module - fix counter typeMatthias Dieter Wallnöfer1-1/+1
2010-06-28s4:acl LDB module - fix counter typeMatthias Dieter Wallnöfer1-1/+2
2010-06-28Implementation of self membership validated right.Nadezhda Ivanova1-1/+100
When this right is granted, the user can add or remove themselves from a group even if they dont have write property right.
2010-06-28s4/drs: re-implement 'renaming' object replicationKamen Mazdrashki1-18/+53
We should rename objects only after we make sure, that changes on the partner DC are newer than what we have. This fixes a bug, when we have following situation with 2 DCs: - we have an object O on the two DCs - we rename (delete) object O on DC1 - DC1 replicates from DC2 In the above scenario, object O will be renamed back to its original name (i.e. it will be restored). Now, we check that DC2 state is older than what we have, so nothing happens with object's DN.
2010-06-26s4:dsdb/ridalloc: add comment about windows behavior regarding rIDUsedPoolStefan Metzmacher1-1/+6
metze
2010-06-24s4-python: python is not always in /usr/binAndrew Tridgell2-2/+2
Using "#!/usr/bin/env python" is more portable. It still isn't ideal though, as we should really use the python path found at configure time. We do that in many places already, but some don't. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-23s4:operational LDB module - fix a misleading commentMatthias Dieter Wallnöfer1-1/+2
2010-06-22s4:password_hash LDB module - fix another problem regarding the lanman hashMatthias Dieter Wallnöfer1-13/+16
When a user only provides only the lanman hash (and nothing else) and the lanman authentication is deactivated then we end in an account with no password attribute at all! Lock this down.
2010-06-20s4:subtree_delete LDB module - now do support tree delete operationsMatthias Dieter Wallnöfer1-9/+45
2010-06-20s4:dsdb - add a new dsdb delete function which understands the tree delete ↵Matthias Dieter Wallnöfer1-0/+53
control
2010-06-20s4:samldb LDB module - remove "samldb_set_defaultObjectCategory"Matthias Dieter Wallnöfer1-78/+0
As far as I can tell and the test show the DN gets now normalised automatically when stored into the database. Anyway, if we find a case where this doesn't happen then I propose to do it centrally for all DN attributes in common since we should get away from special attribute hacks as far as possible.
2010-06-20s4: Using control bypassoperational allow the logic of this module to be ↵Matthieu Patou1-10/+39
bypassed for some given attributes Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-19s4:instancetype LDB module - "instanceType" is single-valued - MS-ADTS ↵Matthias Dieter Wallnöfer1-2/+12
3.1.1.5.2.2
2010-06-19s4:objectclass LDB module - disable delete operations when ↵Matthias Dieter Wallnöfer1-5/+80
"SYSTEM_FLAG_DISALLOW_DELETE" is specified
2010-06-19s4:rootdse LDB module - strip trailing whitespacesMatthias Dieter Wallnöfer1-24/+24
2010-06-19s4:rootdse LDB module - protect add and delete operations on the rootdse entryMatthias Dieter Wallnöfer1-4/+34
2010-06-19s4:rootdse LDB module - Return "UNWILLING_TO_PERFORM" when no attribute fits ↵Matthias Dieter Wallnöfer1-1/+2
on a change
2010-06-19s4:rootdse LDB module - refactor error messagesMatthias Dieter Wallnöfer1-24/+29
Fix indentations, use "set_errstring" when no "asprintf" functionality required.
2010-06-19s4:objectclass LDB module - use the old DN when displaying error messagesMatthias Dieter Wallnöfer1-2/+2
2010-06-19s4:objectclass LDB module - add a better message when the parent DN is invalidMatthias Dieter Wallnöfer1-2/+3
2010-06-19s4:objectclass LDB module - add an error message when someone tries to add ↵Matthias Dieter Wallnöfer1-3/+4
entries without objectclasses
2010-06-19s4:objectclass LDB module - handle the case when there is a retry to add the ↵Matthias Dieter Wallnöfer1-0/+26
root basedn This isn't quitted with a normal "NO_SUCH_OBJECT" (parent not found) but with a very special referral: one with the DN itself and the hostname is the last component value of the DN.
2010-06-19dsdb: Fix includes when building against system ldb.Jelmer Vernooij2-0/+4
2010-06-19dsdb: Use Samba includes so _PUBLIC_ is defined.Jelmer Vernooij2-2/+2
2010-06-19dsdb: Make module ops struct for each module public.Jelmer Vernooij7-8/+6
2010-06-18s4:objectclass LDB module - move "mem_ctx" initialisation lowerMatthias Dieter Wallnöfer1-16/+11
Saves us some "talloc_free"s on error cases
2010-06-16s4: Fix build when there is a system-provided ldb.Jelmer Vernooij1-1/+1