summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett2-4/+21
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10791: Add copyright, fix comments (this isn't the timestamps module any more)Andrew Bartlett1-3/+2
Andrew Bartlett (This used to be commit efdc6d834aecbf978f538365c72149fa7afe0828)
2007-10-10r10759: make modules easier to write by allowing modules to only implement theAndrew Tridgell2-74/+2
functions they care about, instead of all functions. This also makes it more likely that future changes to ldb will not break existing modules (This used to be commit 45f0c967b58e7c1b2e900a4d74cfde2a2c527dfa)
2007-10-10r10753: don't require every ldb module to implement both a search_bytree() andAndrew Tridgell2-18/+0
a search() function, instead each module now only implements the bytree method, and the expression based search is handled generically by the modules code. This makes for more consistency and less code duplication. fixed the tdb backend to handle BASE searches much more efficiently. They now always only lookup one record, regardless of the search expression (This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
2007-10-10r10477: expose transactions outside ldb and change the API once moreSimo Sorce2-6/+20
do not autostart transactions on ldb operations if a transaction is already in place test transactions on winsdb all my tests passes so far tridge please confirm this is ok for you (This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
2007-10-10r10411: we don't need the 10 times retry on rid allocation now, asAndrew Tridgell1-10/+2
transactions ensure two account creations can't interfere with each other (This used to be commit 91c27bc97662c8d8b764c76bd2d98a1b04f47337)
2007-10-10r10306: change these modules to use new error APISimo Sorce2-64/+4
(This used to be commit e86c9b4a7f399a3152a2703c76406e9d69ec1225)
2007-10-10r10300: forgot to change the dsdb modules function namesSimo Sorce2-16/+16
(This used to be commit e9018e3d9f69528acc0c440929fdb8d95413fa0d)
2007-10-10r9992: More fixes from the 64-bit warning police.Tim Potter1-2/+2
(This used to be commit cda829f0d9476bd8b057a7019f55fac206205825)
2007-10-10r9930: Use a single samdb_base_dn() function rather than lots of sillyAndrew Bartlett1-0/+34
searches all over the place. This can be extended to cover an NT4 (no ADS) mode in future as well. Andrew Bartlett (This used to be commit 0761b22f99a128bd9634a191adc88b0e30982a3a)
2007-10-10r9915: Some more mappings. Fix weird sAMAccountName values.Jelmer Vernooij1-10/+47
(This used to be commit 8ff1358f401e0086b941f4ff73af5d4c38a1f8bf)
2007-10-10r9908: Generate posixUser and posixGroup as wellJelmer Vernooij1-25/+151
(This used to be commit ebed25b47d3d8bd350b51b462d605d713f17602d)
2007-10-10r9899: Be more conservative about what is sent to the remote server in ldb_map.Jelmer Vernooij1-15/+29
(This used to be commit 76e943d4416e38ce4cce27d5403bc3e133d0025b)
2007-10-10r9883: More nested initialiser fixes.Tim Potter1-21/+79
(This used to be commit 579d11147849932ec76a175f815de890a8ea20ad)
2007-10-10r9849: Extend testsuite a bit more.Jelmer Vernooij1-2/+50
(This used to be commit 5cbe1e6b70b03be441a36b36fb969339df0dfd45)
2007-10-10r9842: More error checks in the ldb_map modules, extend testsuiteJelmer Vernooij1-1/+1
(This used to be commit b7992de4b7d42a55e00509c887a269a07c19627d)
2007-10-10r9835: Make ldb_map compile in the stand-alone LDB buildJelmer Vernooij1-4/+4
(This used to be commit 2283a336e0e31e6857621d9806bba54c400bd986)
2007-10-10r9793: Be more verbose, check for errors in upgrade script.Jelmer Vernooij2-22/+11
(This used to be commit b7c09df9e506f8048f69c4bdd1c3351e3b554e18)
2007-10-10r9786: Move ldb_map into ldb/modules/Jelmer Vernooij1-0/+631
Move samba3sam to dsdb/ (This used to be commit eb9d615bcd49328131613f64745760a90553b7f2)
2007-10-10r9768: Arrrgh.. Right this time.Jelmer Vernooij1-1/+1
(This used to be commit 8bded3fc926b8eb6285e06fd4b4706b779edb386)
2007-10-10r9767: Fix typoJelmer Vernooij1-1/+1
(This used to be commit 0602e8b3e7b5921fa99bfe788fe290f03b3dc7ac)
2007-10-10r9654: introduce the samdb_search_dn callSimo Sorce1-0/+22
(This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce3-61/+59
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r9385: Remove unused functionsSimo Sorce1-97/+0
(This used to be commit fac8ff623778250acd830f358fcd34b85f7983b6)
2007-10-10r9240: - move struct security_token to the idl file, with this we canStefan Metzmacher1-3/+3
the ndr_pull/push/print functions for it in the ntacl-lsm module - fix compiler warnings in the ldap_encode_ndr_* code metze (This used to be commit 83d65d0d7ed9c240ad44aa2c881c1f07212bfda4)
2007-10-10r9208: fix a crash bugStefan Metzmacher1-2/+3
metze (This used to be commit f8a25ac2397d50359f4903618832da7886d91d6f)
2007-10-10r8811: Fix the build..Jelmer Vernooij1-0/+1
(This used to be commit fac77f5fa267da57a55e88cad8993897e80741a0)
2007-10-10r8810: Fix missing headers. Still doesn't fix the build but getting closer ↵Rafal Szczesniak1-0/+1
there. rafal (This used to be commit bc638cc3d66525cf91ef76eb0c486542fff2b929)
2007-10-10r8791: (missing from previous commit)Andrew Bartlett1-16/+61
Add templating support for foreignSecurityPrincipal to the samdb module. Andrew Bartltt (This used to be commit 5f51d806d718bfa6931d102ff4e866c688a6ecd9)
2007-10-10r8740: Extend the rdn_name module to handle adding the rdn as an attribute. ie:Andrew Bartlett1-23/+1
dn: cn=foo,ou=bar objectClass: person implies dn: cn=foo,ou=bar objectClass: person cn: foo (as well as a pile more default attributes) We also correct the case in the attirbute to match that in the DN (win2k3 behaviour) and I have a testsuite (in ejs) to prove it. This module also found a bug in our provision.ldif, so and reduces code complexity in the samdb module. Andrew Bartlett (This used to be commit 0cc58f5c3cce12341ad0f7a90cdd85a3fab786b3)
2007-10-10r8715: - revert the %PRIi64 stuff. Tim, we explicitly check for %llu supportAndrew Tridgell1-7/+17
in configure, and replace snprintf if the system doesn't support it. Our replacement code does not handle the "%PRIi64" stuff, so using it would break us on lots of platforms - fixed constant array initialisers to work on HPUX. (This used to be commit c6bae3e87e2dcb3a89bbb32da131627c60871e3d)
2007-10-10r8714: Oops - get it right this time!Tim Potter1-2/+2
(This used to be commit 1d2b708da657a3f3c81bb60600f66bc359c2eab7)
2007-10-10r8713: Experiment to try and fix warnings on 64-bit machines without breakingTim Potter1-2/+2
32-bit ones. Yes, this weird looking macros are part of C99. (This used to be commit 7b316f119b8486b75ebe63b185c50fab82313e58)
2007-10-10r8674: With the rdn_name module, we don't need this duplication in the samdbAndrew Bartlett1-22/+0
module any more. Andrew Bartlett (This used to be commit da48e77e7ca21bc99f2829a22ea3dc96ba413191)
2007-10-10r8669: The objectguid module belongs in Samba's ldb module collection, not inAndrew Bartlett2-14/+224
ldb, as it can't build without the NDR and GUID code. Also make it properly use the NDR encoding for the GUID (I forgot last time, and used a string), as well as set the dependencies on the module correctly. Andrew Bartlett (This used to be commit 8054abc76e5e3588cebc7fc01062a1223b7f140b)
2007-10-10r8666: The same fix as the last commit, I was caught out on a move from aAndrew Bartlett1-2/+2
BOOL to int function return. Andrew Bartlett (This used to be commit e03e00fe606db443783f1dea03411025c01c7de5)
2007-10-10r8664: I got caught out not testing...Andrew Bartlett1-2/+2
I replaced these function calls, and they went from BOOL to int return values, so naturally failed. Andrew Bartlett (This used to be commit 1982fdb6f3355494ecaae93280eea4e69c78430f)
2007-10-10r8663: Since simo constructed the samdb module, he and tridge have worked onAndrew Bartlett1-31/+34
a DN parsing system. Leverage that in the dsdb module. Andrew Bartlett (This used to be commit 2408f322765fc1b1769d5c8ea69eae4d968cd195)
2007-10-10r8660: Use templates for the initial provision of user and computer accounts.Andrew Bartlett1-5/+12
This ensures the templating code is used, and also makes it clearer what I need to duplicate in the vampire area. Also fix a silly bug in the template application code (the samdb module) that caused templates to be compleatly unused (my fault, from my commit last night). Andrew Bartlett (This used to be commit 4a8ef7197ff938942832034453f843cb8a50f2d1)
2007-10-10r8650: Use the timestamps and a new objectguid module rather than placingAndrew Bartlett1-6/+3
boilerplate attributes in every entry in provision.ldif. The next step will be to use templates. Andrew Bartlett (This used to be commit 940ed9827f5ab83b668a60a2b0110567dd54c3e2)
2007-10-10r8568: change missing templates to warnings, so that provisioning with an ↵Andrew Tridgell1-3/+3
existing db doesn't print lots of fatal errors (This used to be commit d8d47bb18fbb467e253e99c4281578d6e4762de3)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-3/+4
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r8321: Fix some uninitalized variable warningsVolker Lendecke1-1/+1
(This used to be commit 126cb3db4b0cf9c382ba7496ba08311f3b669f00)
2007-10-10r8224: - add objectGUID ldif_handlerStefan Metzmacher1-17/+25
- fix some compiler warnings metze (This used to be commit e6c39241bf93336d4c94c43f9d8beb69018fb74a)
2007-10-10r7925: small tidyup (please keep lines at a reasonable length)Andrew Tridgell1-1/+2
(This used to be commit 0bfd91c32a62e651e81ce8d3b102158ec9c680fe)
2007-10-10r7864: fixed some const bugsAndrew Tridgell1-1/+1
(This used to be commit 616f54015ff8c7b25fa500cb03d025a9950ed6cf)
2007-10-10r7860: switch our ldb storage format to use a NDR encoded objectSid. This isAndrew Tridgell3-43/+118
quite a large change as we had lots of code that assumed that objectSid was a string in S- format. metze and simo tried to convince me to use NDR format months ago, but I didn't listen, so its fair that I have the pain of fixing all the code now :-) This builds on the ldb_register_samba_handlers() and ldif handlers code I did earlier this week. There are still three parts of this conversion I have not finished: - the ltdb index records need to use the string form of the objectSid (to keep the DNs sane). Until that it done I have disabled indexing on objectSid, which is a big performance hit, but allows us to pass all our tests while I rejig the indexing system to use a externally supplied conversion function - I haven't yet put in place the code that allows client to use the "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3 supports this, presumably by looking for the "S-" prefix to determine what type of objectSid form is being used by the client. I have been working on ways to handle this, but am not happy with them yet so they aren't part of this patch - I need to change pidl to generate push functions that take a "const void *" instead of a "void*" for the data pointer. That will fix the couple of new warnings this code generates. Luckily it many places the conversion to NDR formatted records actually simplified the code, as it means we no longer need as many calls to dom_sid_parse_talloc(). In some places it got more complex, but not many. (This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
2007-10-10r7783: the whenChanged attribute is now handled by the timestamps module, andAndrew Tridgell1-3/+0
should not be handled here as well. I had to remove it from here as it was buggy anyway (it wasn't setting the modify flags, this making an invalid ldb_modify() request) (This used to be commit f267e9d5b7b40c9c8bf1aa67a00f42e2d3bb3bc5)
2007-10-10r7615: fix the build and simplify gendb_search_dnSimo Sorce1-2/+2
(This used to be commit b38bb63175ae0bdcf833c017e5fbbfc2c0769506)
2007-10-10r7582: Better way to have a fast path searching for a specific DN.Simo Sorce1-4/+4
Old way was ugly and had a bug, you couldn't add an attribute named dn or distinguishedName and search for it, tdb would change that search in a dn search. This makes it also possible to search by dn against an ldap server as the old method was not supported by ldap syntaxes. sss (This used to be commit a614466dec2484a0d39bdfae53da822cfcf80926)