| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
This checks if instanceType attribute is available, and if
INSTANCE_TYPE_IS_NC_HEAD bit is set. If the bit is set, then
the DN is NC root and security descriptor is not inherited
from parent SD.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Normally they should always be passed to the main backend unless
something different has been specified.
Reviewed-by: abartlet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Nov 15 22:43:06 CET 2011 on sn-devel-104
|
|
"dsdb:schema update allowed = yes" is now needed in smb.conf
to enable schema updates, as schema updates are a currenty a good
way to prevent samba from startup again, because of errors in
the schema definition.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Nov 15 13:00:07 CET 2011 on sn-devel-104
|
|
msDS-IntId
As windows we return CONSTRAINT_VIOLATION now.
metze
|
|
schema master
metze
|
|
schema base
The objectclass module should also check for this, but make sure
we also reject it on things like provision.
metze
|
|
We should only be able to update the schemaInfo internaly.
metze
|
|
Deleted Object Container
|
|
The error message from this causes confusion, for a feature
that we have never finished and have agreed to remove.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 1 06:32:52 CET 2011 on sn-devel-104
|
|
referrals
Reviewed-by: abartlet
|
|
messages
"ldb_error" could overwrite possibly useful error messages.
Reviewed-by: abartlet
|
|
These are displayed when an object just doesn't exist!
Reviewed-by: abartlet
|
|
on failure
And add "ldb_operr()" before the "return ret" to point out the position
where it failed (for "add_time_element" and "add_uint64_element")
Reworked after a suggestion by abartlet.
|
|
len(res) == 1
No need to perform an additional check here. As a return value we should
always give back the original error code and not generate a new one (to
let the caller know what is going on).
Reviewed-by: abartlet
|
|
correctly
Consider bug #8489
Reviewed-by: abartlet
|
|
"talloc_strdup"
We are adding strings embedded in the schema structure which is basically
global and lives longer than the request - hence no duplication needed.
Reviewed-by: abartlet
|
|
According to bug #8486 the modification to direct related structural
object classes is possible (equal, child, parent).
Reviewed-by: abartlet
|
|
E.g. unsatisfied abstract objectclasses, additional top-most structural
classes
Reviewed-by: abartlet
|
|
This saves us from doing one "ldb_msg_find_element".
Reviewed-by: abartlet
|
|
For convention use "ldb_attr_cmp()".
Reviewed-by: abartlet
|
|
Reviewed-by: abartlet
|
|
Bail out on other LDB request types (only add and modify allowed).
|
|
show the reply type in "Invalid reply type" messages
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 20 00:57:05 CEST 2011 on sn-devel-104
|
|
This will allow the TDB layer to get at the lp_ctx for tdb options.
Andrew Bartlett
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Which allows the caller to pass a given 'pwdLastSet' value
(every useful for migrations).
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 7 15:28:13 CEST 2011 on sn-devel-104
|
|
This makes clear that struct dsdb_control_password_change
belongs to DSDB_CONTROL_PASSWORD_CHANGE_OID.
metze
|
|
we show wellknown links to the deleted objects container
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Oct 7 07:58:08 CEST 2011 on sn-devel-104
|
|
unless the user asks for the display of deactivated links, we should
not display DNs that link to deleted objects
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
to correctly implement the show_deleted and show_recycled control we
need to know if the recyclebin is enabled. When not enabled, the
isRecycled attribute is ignored, and only isDeleted is used.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
the dsdb_check_optional_feature() call should look on our own NTDS DN
for the enabled feature. This should work for all features, not just
for forest wide fetaures.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this will be used for overrides by the dbcheck validator
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows dbcheck to fix groupType on objects that have been deleted
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
sAMAccountType
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Oct 6 03:43:13 CEST 2011 on sn-devel-104
|
|
|
|
|
|
when we are adding an object via DRS, we need to add the
DSDB_CONTROL_PARTIAL_REPLICA control if we are replicating a partial
replica, so ensure the partition module creates new NCs as partial
replicas
|
|
this control tells the partition module that the DN being created is a
partial replica, so it should modify the @PARTITION object to add the
partialReplica attribute
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
another missing newline
|
|
this is needed for a subdomain join by a new NC. The NC is initially
uninstantiated
|
|
this allows INSTANCE_TYPE_WRITE to be not set if
INSTANCE_TYPE_UNINSTANT is set
|
|
With this set, we accept changes even if they have the same tuple as
the local copy. This can be used by a FULL_SYNC replication to recover
a replica that is corrupt
|
|
if instanceType does not include INSTANCE_TYPE_WRITE, then disallow
changes to any replicated attributes. This ensures partial replicates
are not alterered
|
|
this allows the replication server to control replication via a set of
flags. Initial flags will allow control for partial replications and
full_sync support
|
|
|
|
this modifies the partition module to honor a partialReplica attribute
on the @PARTITION module, marking partiations as partial replicas so
the NO_GLOBAL_CATALOG control can be honoured
|
|
this control is used to ask samdb to not return searches with a basedn
in partial repica partitions, which is needed to support the
difference between a search on the 3268 GC ldap port and the non-GC
389 port
|
