Age | Commit message (Collapse) | Author | Files | Lines |
|
modifications
Pointed out by abartlet
|
|
on Windows 2000 forest function level
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov 15 13:10:05 UTC 2010 on sn-devel-104
|
|
conversion errors
This errors can happen also on a regular basis - then we shouldn't return
ERR_OPERATIONS_ERROR (this error code is reserved for very serious failures).
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 13 12:37:36 UTC 2010 on sn-devel-104
|
|
unfortunately still allowed
The test message has been compressed - therefore I've now used "modify_ldif".
|
|
Allow programs with the PROVISION control to bypass groupType checks.
This is needed by upgradeprovision for older alpha (11, 10 ...)
|
|
"objectClass" attribute changes
There first one we perform all other tentatives are terminated with
ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows).
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104
|
|
These regarding "objectGUID".
|
|
"objectclass_attrs" into "samldb"
This according to an answer from dochelp is SAM specific behaviour.
|
|
The cleartext_utf16_str variable was declared char **, but due to the
cast on convert_string_talloc() and the lack of type checking here and
on data_blob_const (due to void *) it was able to be used as if it was
a char *.
The simple solution seems to be to fill in cleartext_utf16 blob directly.
Andrew Bartlett
|
|
The new stricter test on clearTextPassword values caught out that
we did not provide a utf16 password here.
Andrew Bartlett
|
|
The UTF16MUNGED helper will map all invalid sequences (except odd
input length) to valid input sequences, per the rules. Therefore if
it fails, we need to bail out, somehing serious is wrong.
Andrew Bartlett
|
|
This should prevent crashes as pointed out on the mailing list.
|
|
Detected by a testcase written by Zahari Zahariev.
|
|
according to the "dSHeuristics"
|
|
the password_hash LDB module
It's only used there and so I think it doesn't really belong in
"dsdb/common/util.c" (I first thought that it could be useful for ACL checking
but obviously it wasn't).
|
|
This is now done by the "objectclass_attrs" LDB module.
|
|
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Nov 9 22:43:44 UTC 2010 on sn-devel-104
|
|
metze
|
|
enables/disables the two "userPassword" behaviours
- Enabled: "userPassword" password change behaviour (will later be linked to the
"dSHeuristics")
- Disabled: "userPassword" plain attribute behaviour (default)
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov 8 15:28:06 UTC 2010 on sn-devel-104
|
|
complicated
|
|
- don't crash when no values where specified
- return ERR_CONSTRAINT_VIOLATION on malformed messages
- only check for flags when we are involved in a LDB modify operation
|
|
attributes isn't possible
|
|
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov 8 10:36:50 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
behave as in AD
- fix crash when provided "nTSecurityDescriptor" attribute is empty
- print out the correct error codes if it's provided multi-valued
- simplify the "recalculate_sd" control handling
|
|
attribute fetch also on LDB add operations
We've to completely ignore the flags in that case.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Nov 7 11:10:23 UTC 2010 on sn-devel-104
|
|
temporary "ac" context
This prevents two calls of "ldb_msg_copy_shallow".
|
|
default operation callback implementations
Only customised ones still need to remain.
|
|
For only one operation we do not need an additional "mem_ctx". "ac" should be
enough (see for example the samldb LDB module).
|
|
This check (the structural objectclass) is performed in the objectclass LDB
module.
|
|
ordinary external search operation
Referrals are valid results.
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
|
|
|
|
|
|
"distinguishedName" attribute
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 6 20:08:28 UTC 2010 on sn-devel-104
|
|
"distinguishedName" attribute
It uses the DN from the returned message
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Nov 5 12:31:28 UTC 2010 on sn-devel-104
|
|
as must contain
Before we got the following error, while starting samba after a
'samba-tool vampire':
Failed to store repsFrom - objectclass_attrs: delete protected attribute
'objectSid' on entry 'DC=ForestDnsZones,DC=alpha,DC=sz,DC=salzgitter-ag,DC=lab'
missing!
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Nov 4 17:01:59 UTC 2010 on sn-devel-104
|
|
We should only do searches when we have to.
metze
|
|
isDeleted could have been set to FALSE previously
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 4 10:18:10 UTC 2010 on sn-devel-104
|
|
when we are creating linked attributes with multiple values (some
deleted), use LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK to disable
that checking.
|
|
The backend is the only place that can do this properly. It makes no
sense to do it anywhere else. As a result of it moving out of the
backend we ended up with some bugs causing multiple values in single
valued attributes (eg. isDeleted), which can really damage the
inregrity of the database.
For the override of single valued values needed for deleted linked
attributes we should use attribute flags.
This reverts commit 1949864417f3d10fb8996df7db259649eb777271.
|
|
|
|
|
|
With 20000 objects in the database it's no fun to add members...
metze
|