Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-03-18 | s4:dsdb Move rdn_name down the stack | Andrew Bartlett | 1 | -1/+1 | |
This is done so that it can be (in future) removed when the OpenLDAP backend is in use and the rdn_val module is used, while keeping as similar semantics as possible between the module stacks. Andrew Bartlett | |||||
2010-03-16 | s4:resolve_oids LDB module - not really a change but a nicer method to call ↵ | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
"talloc_reference" | |||||
2010-03-16 | s4:dsdb - fix up warnings | Matthias Dieter Wallnöfer | 2 | -4/+8 | |
2010-03-16 | s4:dsdb Show more detail in failure to compute the aggregate DN. | Andrew Bartlett | 1 | -1/+1 | |
Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Change dsdb_get_schema() callers to use new talloc argument | Andrew Bartlett | 12 | -28/+85 | |
This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Fix warnings in DEBUG() by casting to unsigned long int | Andrew Bartlett | 1 | -4/+4 | |
2010-03-16 | s4:dsdb/acl Reduce calls to dsdb_get_schema() and add memory context | Andrew Bartlett | 1 | -24/+46 | |
dsdb_get_schema() isn't a very cheap call, due to the use of LDB opaque pointers. We need to call it less, and instead pass it as a parameter where possible. This also changes to the new API with a talloc context. Andrew Bartlett | |||||
2010-03-16 | s4:dsdb Don't error out if we can't get the Aggregate schema DN yet | Andrew Bartlett | 1 | -9/+16 | |
It's easier to just set it up when we can, then to deal with the ordering issues in ldb startup. As long as we have it ready if a real client ever asks for it, then we should be happy. Andrew Bartlett | |||||
2010-03-12 | s4:util.c - "dsdb_check_optional_feature" - counter should be "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-12 | s4-drs: check if an optional feature is enabled | Eduardo Lima | 1 | -0/+59 | |
2010-03-12 | Split the dsdb_access_check_on_dn. | Nadezhda Ivanova | 1 | -5/+44 | |
Split the dsdb_access_check_on_dn so it can be reused for checks from both within the module stack and outside it. | |||||
2010-03-12 | Fixed ACL module to use dsdb_module_* API. | Nadezhda Ivanova | 1 | -9/+9 | |
2010-03-12 | Moved access_check_on_dn from acl module as an utility. | Nadezhda Ivanova | 1 | -156/+19 | |
Made this an utility function so it can be used for access checking outside of the acl ldb module, such as checking validated writes and control access rights in other protocols (e. g drs) | |||||
2010-03-09 | Added a check for permissions to modify the RDN attribute on rename. | Nadezhda Ivanova | 1 | -0/+12 | |
Necessary because rdn module will be moved lower than acl in the stack. | |||||
2010-03-07 | s4:extended_dn_out LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -8/+11 | |
appropriate | |||||
2010-03-07 | s4:repl_meta_data LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -20/+24 | |
appropriate I used "unsigned int" counters where we count LDB objects (LDB specification prescribes to use "unsigned" index variables). But on DSDB replication object counters I used "uint32_t" typed variables as it is suggested. If a counter variable counts both types of objects I used "unsigned int" since size(unsigned int) >= size(uint32_t), but on most platforms equal. | |||||
2010-03-07 | s4:local_password LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
appropriate | |||||
2010-03-07 | s4:ranged_results LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
appropriate | |||||
2010-03-07 | s4:objectguid LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
appropriate | |||||
2010-03-07 | s4:objectclass LDB module - change counter variabls to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
appropriate | |||||
2010-03-07 | s4:anr LDB module - change counter variable to "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-07 | s4:acl LDB module - change counter variable to "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-03-07 | s4:linked_attributes LDB module - change counter variables to "unsigned" ↵ | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
where appropriate | |||||
2010-03-07 | s4:kludge_acl LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -5/+10 | |
appropriate | |||||
2010-03-07 | s4:proxy LDB module - Change counter variables to "unsigned" where appropriate | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
Use "size_t" when counting string index positions. | |||||
2010-03-07 | s4:schema_data LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -3/+6 | |
appropriate | |||||
2010-03-07 | s4:resolve_oids LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
appropriate | |||||
2010-03-07 | s4:rootdse LDB module - change counter variables to "unsigned" where appropriate | Matthias Dieter Wallnöfer | 1 | -9/+10 | |
2010-03-07 | s4:partition LDB module - change counter variables to "unsigned" where ↵ | Matthias Dieter Wallnöfer | 2 | -17/+26 | |
appropriate | |||||
2010-03-05 | s4:samdb_privilege.c - Change two counter variables to unsigned | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
Also here in both cases the unsigned counter fits better than the signed one. | |||||
2010-03-05 | s4:cracknames - Change two counter variables to unsigned | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
In both cases the unsigned counter fits better: - in the first one since we are counting LDB objects starting from 0 - in the second since we are counting an array starting from 0 | |||||
2010-03-04 | s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵ | Matthias Dieter Wallnöfer | 1 | -6/+14 | |
need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed. | |||||
2010-03-04 | s4:operational LDB module - make the counters unsigned | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
No need to have signed counters here. | |||||
2010-03-04 | s4:operational LDB - implement the "tokenGroups" constructed attribute | Matthias Dieter Wallnöfer | 2 | -1/+96 | |
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19. | |||||
2010-03-04 | s4:operational LDB module - use right memory context int ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer. | |||||
2010-03-03 | s4:samdb.c - Make it signed-safe | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
Use an unsigned argument for the numbers of groups and the counter "i" since the function is called only by "auth_generate_session_info" with an unsigned number of groups argument. | |||||
2010-02-25 | s4:partition DSDB module - Generate basic referrals | Matthias Dieter Wallnöfer | 2 | -47/+144 | |
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-25 | s4:partition DSDB module - change the search and domain scope control handling | Matthias Dieter Wallnöfer | 1 | -35/+22 | |
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-25 | s4:SAMLDB module - ignore referrals | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-24 | dsdb: Add a more explicit error message for constructed attributes | Matthieu Patou | 1 | -0/+1 | |
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | |||||
2010-02-24 | s4/schema: Move msDS-IntId implementation to samldb.c module | Kamen Mazdrashki | 2 | -149/+87 | |
msDS-IntId attribute should be replicated, so it must be implemented in a module that is before repl_meta_data module (thanks abartlet for pointing this out). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-21 | s4:operational LDB module - enable support for passing referrals through it | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-02-21 | s4:partition DSDB module - Cosmetic fixups | Matthias Dieter Wallnöfer | 1 | -16/+23 | |
2010-02-21 | s4:password_hash - Fix up request message pointers | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
For add requests we need the add request messages, for modify requests we need the modify request messages. | |||||
2010-02-20 | s4:credentials Add hooks to extract a named Kerberos credentials cache | Andrew Bartlett | 2 | -2/+5 | |
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett | |||||
2010-02-16 | s4-samdb: use dsdb_search() in cracknames | Andrew Tridgell | 1 | -57/+24 | |
greatly simplifies some of the cracknames code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-16 | s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.c | Andrew Tridgell | 4 | -85/+13 | |
This will be used to allow the flag based ldb functions to work on both a ldb or a module, thus saving a lot of specialist functions. | |||||
2010-02-16 | s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE here | Andrew Tridgell | 1 | -2/+2 | |
2010-02-16 | s4-drs: enable the recyclebin optional feature | Eduardo Lima | 1 | -19/+250 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-02-15 | s4-dsdb: don't change replPropertyMetaData if the value hasn't changed | Andrew Tridgell | 1 | -4/+20 | |
When updating replPropertyMetaData, check if the value being stored is the same as the current value, and skip the update if it is. This is based on a patch by Fernando J V da Silva <fernandojvsilva@yahoo.com.br> |