summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Expand)AuthorFilesLines
2012-12-11s4:dsdb/descriptor: pass object_list to create_security_descriptor()Stefan Metzmacher1-2/+13
2012-12-10s4:dsdb/operational: fix stripping of the nTSecurityDescriptor attributeStefan Metzmacher1-2/+12
2012-12-10s4:dsdb/acl_read: return the nTSecurityDescriptor attr if the sd_flags contro...Stefan Metzmacher1-2/+9
2012-12-10s4:dsdb/acl_read: give some variables a better nameStefan Metzmacher1-10/+13
2012-12-10s4:dsdb/acl_read: fix the calculation of the attribute array for the sub searchStefan Metzmacher1-14/+19
2012-12-10s4:dsdb/acl_read: check the ldb_attr_list_copy_add() resultStefan Metzmacher1-0/+12
2012-12-10s4:dsdb/dirsync: fix potential talloc hierachy problems (bug #9470)Stefan Metzmacher1-3/+3
2012-12-07s4:dsdb/descriptor: fix replication of NC headsStefan Metzmacher1-2/+2
2012-12-07s4:dsdb/acl_read: improve debugging for fatal errorStefan Metzmacher1-3/+18
2012-12-07s4:dsdb/acl_read: keep the ldb_message of the sub search (bug #9470)Stefan Metzmacher1-0/+5
2012-12-07s4:dsdb/schema_data.c: correctly move the CN=Aggregate attributes to msg->ele...Stefan Metzmacher1-6/+18
2012-12-06s4:dsdb/password_hash: Honor password complexity settings.Stefan Metzmacher1-1/+7
2012-12-02s4:dsdb/descriptor: NULL out user_descriptor elements depending on the sd_flagsStefan Metzmacher1-0/+44
2012-11-30s4:dsdb/repl_meta_data: call dsdb_module_schedule_sd_propagation() for replic...Stefan Metzmacher1-2/+70
2012-11-30s4:dsdb/descriptor: inherit nTSecurityDescriptor changes to children (bug #8621)Stefan Metzmacher1-3/+17
2012-11-30s4:dsdb/descriptor: recalculate nTSecurityDescriptor after a rename (bug #8621)Stefan Metzmacher1-1/+18
2012-11-30s4:dsdb/acl_util: add dsdb_module_schedule_sd_propagation()Stefan Metzmacher1-0/+29
2012-11-30s4:dsdb/descriptor: implement DSDB_EXTENDED_SEC_DESC_PROPAGATION_OIDStefan Metzmacher1-8/+395
2012-11-30s4:dsdb: define DSDB_EXTENDED_SEC_DESC_PROPAGATION_OIDStefan Metzmacher1-0/+12
2012-11-30s4:dsdb/descriptor: handle DSDB_CONTROL_SEC_DESC_PROPAGATION_OIDStefan Metzmacher1-5/+67
2012-11-30s4:dsdb/schema_data: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modifyStefan Metzmacher1-0/+16
2012-11-30s4:dsdb/repl_meta_data: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modifyStefan Metzmacher1-0/+16
2012-11-30s4:dsdb/objectclass_attrs: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modifyStefan Metzmacher1-0/+18
2012-11-30s4:dsdb: define DSDB_CONTROL_SEC_DESC_PROPAGATION_OIDStefan Metzmacher1-0/+7
2012-11-30s4:dsdb/subtree_delete: delete from the leafs to the root (bug #7711)Stefan Metzmacher1-0/+19
2012-11-30s4:dsdb/subtree_delete: do the recursive delete AS_SYSTEM/TRUSTED (bug #7711)Stefan Metzmacher1-3/+11
2012-11-30s4:dsdb/subtree_delete: do an early return and avoid some nestingStefan Metzmacher1-24/+28
2012-11-30s4:dsdb/objectclass: do not pass the callers controls on helper searchesStefan Metzmacher1-1/+1
2012-11-30s4:dsdb/acl: require SEC_ADS_DELETE_TREE if the TREE_DELETE control is given ...Stefan Metzmacher1-0/+12
2012-11-30s4:dsdb/dirsync: remove unused 'deletedattr' variableStefan Metzmacher1-2/+0
2012-11-30s4:dsdb/acl: also add DSDB_SECRET_ATTRIBUTES into the password attributesStefan Metzmacher1-5/+36
2012-11-30s4:dsdb/descriptor: the old nTSecurityDescriptor is always expected there on ...Stefan Metzmacher1-0/+3
2012-11-30s4:dsdb/descriptor: make explicit that we don't support MOD_DELETE on nTSecur...Stefan Metzmacher1-0/+11
2012-11-30s4:dsdb/descriptor: remove some nesting from descriptor_modifyStefan Metzmacher1-10/+10
2012-11-30s4:dsdb/descriptor: remove some unnecessary nestingStefan Metzmacher1-10/+8
2012-11-30s4:dsdb/descriptor: add some error checks to descriptor_{add,modify}Stefan Metzmacher1-0/+12
2012-11-30s4:dsdb/descriptor: remove support for unused LDB_CONTROL_RECALCULATE_SD_OIDStefan Metzmacher1-26/+1
2012-11-30s4:dsdb/descriptor: move special dn check to the start of descriptor_{add,mod...Stefan Metzmacher1-19/+21
2012-11-30s4:dsdb/descriptor: if the caller specifies no DACL/SACL the objects gets a d...Stefan Metzmacher1-1/+28
2012-11-30s4:dsdb/descriptor: give SYSTEM the correct default owner (group) sidStefan Metzmacher1-0/+6
2012-11-30s4:dsdb/acl_read: enable acl checking on search by default (bug #8620)Stefan Metzmacher2-2/+2
2012-11-30s4:dsdb/acl_read: specify the correct access_mask for nTSecurityDescriptorStefan Metzmacher1-1/+19
2012-11-30s4:dsdb/acl_read: do search for instanceType AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher1-1/+3
2012-11-30s4:dsdb/acl: calculate the correct access_mask when modifying nTSecurityDescr...Stefan Metzmacher1-1/+14
2012-11-30s4:dsdb/acl: don't protect confidential attributes when "acl:search = yes" is...Stefan Metzmacher1-0/+11
2012-11-30s4:dsdb/acl: remove unused "acl:perform" optionStefan Metzmacher1-3/+0
2012-11-30s4:dsdb/acl: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher1-5/+15
2012-11-30s4:dsdb/descriptor: make it clear that the SD Flags are ignored on addStefan Metzmacher1-1/+7
2012-11-30s4:dsdb/descriptor: make use of dsdb_request_sd_flags()Stefan Metzmacher1-47/+15
2012-11-30s4:dsdb/descriptor: always use descriptor_search_callback if we return nTSecu...Stefan Metzmacher1-1/+12