summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2009-11-23s4:dsdb Move module configuration from each ldb into samba_dsdb.cAndrew Bartlett5-5/+397
This makes getting the module order correct, the obligation of Samba4 developers, and not system administrators. In particular, once an ldb is updated to use only the 'samba_dsdb' module, no further changes to the ldb should be required when upgrading to later Samba4 versions. (thanks to metze for the suggestion of samba_dsdb as a long-term stable name for the module) Andrew Bartlett
2009-11-23s4/schema: Handle Object(OR-Name) syntax in extended_dn_out moduleKamen Mazdrashki1-4/+12
Windows displays attribute values with Object(OR-Name) syntax in plain DN format when queried through LDAP. Hence, we need to post-process such values specially in extended_dn_out.c module so they are always shown as plain DN, no matter what controls are passed for search request.
2009-11-22Fixed incorrect indentation.Nadezhda Ivanova1-7/+6
2009-11-21Implemented LDAP_SERVER_SD_FLAGS_OID on search requests.Nadezhda Ivanova2-22/+165
2009-11-20Cosmetic patch - fixed case of attribute name.Nadezhda Ivanova1-1/+1
2009-11-20Implementation of LDAP_SERVER_SD_FLAGS_OID on modify requests.Nadezhda Ivanova1-16/+133
2009-11-20s4-dsdb: some more attribuutes that we should only give if asked forAndrew Tridgell1-1/+6
2009-11-20added new function "ldb_msg_add_dn"Crístian Deives1-2/+3
a helper function to a DN element to an ldb_msg using ldb_msg_add_string. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-dsdb: removed attributes that should not be displayed by defaultAndrew Tridgell1-0/+37
Some attributes (like ntSecurityDescriptor) are stored in our db, but should only be displayed if asked for. This also applied to parentGUID from old installs, which is now generated.
2009-11-20s4-drs: Removes stored parentGUID's creation and renamingFernando J V da Silva1-80/+7
parentGUID is now created on demand in operational.c Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-drs: Synchronous Implementation of generated parentGUIDFernando J V da Silva1-2/+34
This generated parentGUID on demand, rather than getting it from the database Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-dsdb: make sure mod_usn list is zeroed on each transactionAndrew Tridgell1-7/+10
2009-11-17s4:SAMLDB DSDB module - Add "\n"s on debug messagesMatthias Dieter Wallnöfer1-2/+2
2009-11-17s4:SAMLDB DSDB module - Remove "\n" in LDB error messagesMatthias Dieter Wallnöfer1-25/+31
abartlet suggested me to not use anymore "\n"s in those kind of outputs. Plus, enhance a search filter to consider also "builtinDomain" objects which are basically domain objects too.
2009-11-17s4:dsdb Rework samdb code to use 'storage format' DNs for defaultObjectCategoryAndrew Bartlett4-1/+67
It is important to always ensure that this attribute has an extended DN if the rest of the database stores things that way. The knowlege of what format the DN is stored on disk with is passed around in an LDB opaque. Andrew Bartlett
2009-11-17s4:dsdb Use the new flags to dsdb_module_search in schema_loadAndrew Bartlett1-1/+3
This loads the defaultObjectCategory DN as an extended DN, so we can apply it, with the associated GUID, when setting this on records in the objectClass module. Previously we would not store the extended DN components for objectCategory. Andrew Bartlett
2009-11-17s4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used featuresAndrew Bartlett6-11/+84
These flags, also on dsdb_module_search_dn() allow us to add commonly set controls to this pre-packaged blocking search, without rebuilding the whole function in each caller. Andrew Bartlett
2009-11-16s4:SAMLDB moduleMatthias Dieter Wallnöfer1-14/+14
- Add more "\n" to make sure that error messages are displayed immediately - Add a "NULL" in a attribute list
2009-11-16s4:dsdb LDB attribute lists must always be a static const char **.Andrew Bartlett1-1/+1
(If they are not, then due to the async code, they will cause a segfault as they reference a reclaimed portion of the stack). Andrew Bartlett
2009-11-16s4:provision - Removed dependency on full Samba 3 schema from FDSEndi S. Dewata1-41/+0
2009-11-15Fixed some major bugs in inheritance and access checks.Nadezhda Ivanova2-105/+258
Fixed sd creation not working on LDAP modify. Fixed incorrect replacement of CO and CG. Fixed incorrect access check on modify for SD modification. Fixed failing sec_descriptor test and enabled it. Fixed failing sd add test in ldap.python
2009-11-15s4:SAMLDB module - Add support for required and generated schema attributesAndrew Bartlett1-7/+285
This missing support found by Microsoft test suite at AD interop event. Patch by Andrew Bartlett Enhancements by Matthias Dieter Wallnöfer
2009-11-12s4:dsdb Make callbacks in extended_dn_out clearer to followAndrew Bartlett1-1/+6
2009-11-12s4:repl_meta_data Parse linked attributes with schema syntaxesAndrew Bartlett1-39/+44
The bug here was that by assuming all linked attributes were 'normal DNs', we would miss the binary portion of DN+Binary. This patch then has us reparse the string to determine it's GUID, for the GUID lookup, but maintains the binary porition into the on-disk format. Andrew Bartlett
2009-11-12s4:dsdb Improve debug message in extended_dn_outAndrew Bartlett1-1/+3
2009-11-12s4:dsdb Cosmetic fixes found by metze in review of dsdb_dn changesAndrew Bartlett2-29/+36
These changes include reworking the code to call ldb_module_get_ctx() less often (avoid the function calls, particularly during the step into a complex function). Andrew Bartlett
2009-11-12s4:dsdb Use new dsdb_dn code in LDB modules and Samba4 schemaAndrew Bartlett2-45/+72
This converts the code from using the binary DN code in ldb_dn to using a special Samba-specfic wrapper around ldb_dn. We also use the dsdb_dn code for DN+Binary and DN+String comparisons (changed from treating them as Binary blobs) Andrew Bartlett
2009-11-12s4:dsdb Add new dsdb_dn to handle DN+Binary and DN+StringAndrew Bartlett1-0/+1
This aims to replace (and is based on) the code in ldb_dn.c. It is however much stricter in the DNs it will accept. Andrew Bartlett
2009-11-12lib/util Split data_blob_hex_string() into upper and lowerAndrew Bartlett1-5/+5
Rather than have a repeat of the bugs we found at the plugfest where hexidecimal strings must be in upper or lower case in particular places, ensure that each caller chooses which case they want. This reverts most of the callers back to upper case, as things were before tridge's patch. The critical call in the extended DN code is of course handled in lower case. Andrew Bartlett
2009-11-09s4-samdb: remove the rDN size constraint of 64Andrew Tridgell1-3/+10
This size constraint is not correct in it's current form, as windows does send us rDN values for CN with lengths longer than 64. Once we know how this constraint really works we can add it back in.
2009-11-06s4/drs: remove unused num_prefixes and prefixes from dsdb_schemaKamen Mazdrashki1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_map_oid2int() replaced by dsdb_schema_pfm_make_attid()Kamen Mazdrashki1-2/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-05Version 1.0 of the directory service acls module.Nadezhda Ivanova2-963/+346
At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
2009-11-04s4:provisioning - Fixed minor bugs in provisioning tool and partition module.Endi S. Dewata1-2/+2
2009-11-03Added some dn to the info in the log messages.Nadezhda Ivanova1-3/+3
2009-11-02s4:dsdb Fix up after the MAP_ constants became LDB_MAP_Andrew Bartlett1-13/+13
2009-11-02s4 - SID allocation using FDS DNA pluginEndi S. Dewata1-10/+19
2009-11-02s4:dsdb - Removed redundant domain SID filter.Endi S. Dewata1-29/+1
2009-11-02s4:dsdb - Store SID as string in FDS.Endi S. Dewata2-5/+45
2009-11-02s4 - Mapped AD schema to existing FDS schema.Endi S. Dewata1-2/+159
2009-11-02s4:dsdb - Fixed attribute dereferencing for FDSEndi S. Dewata2-18/+124
2009-11-02Remove special case logic in 'samdb_relative_path'.Andrew Bartlett1-3/+0
While this logic (avoiding to prefix a non-filename with a path) is important in the code this was copied from (private_dir()), none of the callers of this function need it. Andrew Bartlett
2009-11-02s4:dsdb Revert back to using DN:filename in the partitions recordAndrew Bartlett2-46/+102
This allows us to change the escaping function without breaking existing installs. The new escaping function (used for new databases) is RFC1738 URI encoding, except for the trivial cases without special characters. The new databases are also placed in a subdirectory, sam.ldb.d per an earlier suggestion by metze. Andrew Bartlett
2009-10-27s4-dsdb: call dsdb_make_schema_global() from ldb_wrapAndrew Tridgell1-1/+0
Calling it from samdb_connect() can cause a stale schema to be put into the global schema. Thanks to Andrew Bartlett for spotting this.
2009-10-27s4-dsdb: always cancel transactions on all partitionsAndrew Tridgell1-13/+19
If we get an error ending a transaction on one partition we need to continue on the other partitions.
2009-10-27s4:dsdb Rework partitions module for better tracingAndrew Bartlett3-97/+76
This means we need to create a fake 'module' which only has a 'next' pointer, so that we can now ldb_next_request() (which incorporates tracing). The remainaing stub of partition_request() is retained so that we can indicate which partition an operation is destined for. Similar tracing is added to the transaction handlers. Andrew Bartlett
2009-10-27s4:dsdb Remove partition_extended_schema_update_nowAndrew Bartlett1-51/+0
The schema update now request is now handled above the partitions module. Andrew Bartlett
2009-10-26s4-ldb: fixed request handling for schemaUpdateNow opAndrew Tridgell3-3/+3
2009-10-25s4-samdb: reduce the number of samdb opens at startupAndrew Tridgell1-11/+2
Using common parameters means that the ldb_wrap code can return a reference rather than a new database
2009-10-25s4-dsdb: ensure that new partitions inherit any transactionAndrew Tridgell3-11/+26