summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
AgeCommit message (Collapse)AuthorFilesLines
2010-03-07s4:linked_attributes LDB module - change counter variables to "unsigned" ↵Matthias Dieter Wallnöfer1-3/+5
where appropriate
2010-03-07s4:kludge_acl LDB module - change counter variables to "unsigned" where ↵Matthias Dieter Wallnöfer1-5/+10
appropriate
2010-03-07s4:proxy LDB module - Change counter variables to "unsigned" where appropriateMatthias Dieter Wallnöfer1-5/+6
Use "size_t" when counting string index positions.
2010-03-07s4:schema_data LDB module - change counter variables to "unsigned" where ↵Matthias Dieter Wallnöfer1-3/+6
appropriate
2010-03-07s4:resolve_oids LDB module - change counter variables to "unsigned" where ↵Matthias Dieter Wallnöfer1-5/+5
appropriate
2010-03-07s4:rootdse LDB module - change counter variables to "unsigned" where appropriateMatthias Dieter Wallnöfer1-9/+10
2010-03-07s4:partition LDB module - change counter variables to "unsigned" where ↵Matthias Dieter Wallnöfer2-17/+26
appropriate
2010-03-05s4:samdb_privilege.c - Change two counter variables to unsignedMatthias Dieter Wallnöfer1-2/+3
Also here in both cases the unsigned counter fits better than the signed one.
2010-03-05s4:cracknames - Change two counter variables to unsignedMatthias Dieter Wallnöfer1-2/+2
In both cases the unsigned counter fits better: - in the first one since we are counting LDB objects starting from 0 - in the second since we are counting an array starting from 0
2010-03-04s4:operational LDB - don't accidentally "ate" search helper attributes if we ↵Matthias Dieter Wallnöfer1-6/+14
need them for more constructed attributes With this patch we delete the helper attributes at the end where all constructed attributes have already been computed.
2010-03-04s4:operational LDB module - make the counters unsignedMatthias Dieter Wallnöfer1-2/+2
No need to have signed counters here.
2010-03-04s4:operational LDB - implement the "tokenGroups" constructed attributeMatthias Dieter Wallnöfer2-1/+96
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
2010-03-04s4:operational LDB module - use right memory context int ↵Matthias Dieter Wallnöfer1-2/+2
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
2010-03-03s4:samdb.c - Make it signed-safeMatthias Dieter Wallnöfer1-2/+2
Use an unsigned argument for the numbers of groups and the counter "i" since the function is called only by "auth_generate_session_info" with an unsigned number of groups argument.
2010-02-25s4:partition DSDB module - Generate basic referralsMatthias Dieter Wallnöfer2-47/+144
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:partition DSDB module - change the search and domain scope control handlingMatthias Dieter Wallnöfer1-35/+22
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:SAMLDB module - ignore referralsMatthias Dieter Wallnöfer1-5/+6
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-24dsdb: Add a more explicit error message for constructed attributesMatthieu Patou1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-24s4/schema: Move msDS-IntId implementation to samldb.c moduleKamen Mazdrashki2-149/+87
msDS-IntId attribute should be replicated, so it must be implemented in a module that is before repl_meta_data module (thanks abartlet for pointing this out). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-21s4:operational LDB module - enable support for passing referrals through itMatthias Dieter Wallnöfer1-2/+1
2010-02-21s4:partition DSDB module - Cosmetic fixupsMatthias Dieter Wallnöfer1-16/+23
2010-02-21s4:password_hash - Fix up request message pointersMatthias Dieter Wallnöfer1-7/+7
For add requests we need the add request messages, for modify requests we need the modify request messages.
2010-02-20s4:credentials Add hooks to extract a named Kerberos credentials cacheAndrew Bartlett2-2/+5
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett
2010-02-16s4-samdb: use dsdb_search() in cracknamesAndrew Tridgell1-57/+24
greatly simplifies some of the cracknames code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.cAndrew Tridgell4-85/+13
This will be used to allow the flag based ldb functions to work on both a ldb or a module, thus saving a lot of specialist functions.
2010-02-16s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE hereAndrew Tridgell1-2/+2
2010-02-16s4-drs: enable the recyclebin optional featureEduardo Lima1-19/+250
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15s4-dsdb: don't change replPropertyMetaData if the value hasn't changedAndrew Tridgell1-4/+20
When updating replPropertyMetaData, check if the value being stored is the same as the current value, and skip the update if it is. This is based on a patch by Fernando J V da Silva <fernandojvsilva@yahoo.com.br>
2010-02-15s4-drs: Fixes bugs regarding Urgent Replication on wrong situationsFernando J V da Silva1-7/+16
It fixes the bug which causes an urgent replication to be enabled incorrectly when an object is modified, but it should happen only when it was created. This patch also fixes the bug that enable an urgent replication when an object is deleted, but it should happen only when it was modified and fixes the bug that does not enable an urgent replication when an object is deleted and it should happen only when it is deleted (not when it is modified). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-13s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort()Andrew Tridgell1-5/+2
2010-02-13s4-dsdb: use TYPESAFE_QSORT() in dsdb codeAndrew Tridgell4-19/+11
2010-02-10util: rewrite dlinklist.h so that DLIST_ADD_END() is O(1)Andrew Tridgell1-2/+1
This changes the meaning of the ->prev pointer in our doubly linked lists to point at the end of the list from the front of the list. That allows us to implement DLIST_ADD_END() and related functions in O(1) time, which can be a huge saving in many places in Samba. This also means that the 'type' argument to various DLIST_*() macros is no longer needed, but I have left it in for now to keep the patchset small, which will make it easier to revert if any problems are found. In the future we should remove the 'type' arguments. (jra. Move the one use of DLIST_TAIL over to the new macros).
2010-02-10s4-dsdb: update repl_meta_data.c to use new DLIST_ macrosJeremy Allison1-3/+2
2010-02-08s4:subtree_delete - "NULL" as format string isn't allowed on FreeBSDMatthias Dieter Wallnöfer1-2/+3
I changed the format string into "(objectClass=*)" which should be an equivalent expression for choosing all available objects. Consider bug 7115 for the issue.
2010-02-04s4:mark the SYSTEM control always as non-criticalMatthias Dieter Wallnöfer1-0/+29
It is needed to not break the various LDAP backends. For reference look at bug #7040.
2010-02-02Change uint_t to unsigned int in source4Matt Kraai1-2/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-17s4-dsdb: isGlobalCatalogReady should be shown by defaultAndrew Tridgell1-1/+1
This caused repadmin.exe to crash. Thanks to Hongwei for tracking this down for us.
2010-01-16s4-dsdb: added isGlobalCatalogReadyAndrew Tridgell1-0/+12
needed for dcdiag.exe
2010-01-14s4-drs: Store uSNUrgent for Urgent ReplicationFernando J V da Silva1-10/+95
When a object or attribute is created/updated/deleted, according to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED for the partitions that it belongs. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-13s4:dsdb: use validate_update moduleStefan Metzmacher1-0/+1
metze
2010-01-13s4:dsdb: add validate_update moduleStefan Metzmacher2-1/+130
metze
2010-01-13s4:dsdb/resolve_oids: also resolve oid in search attribute listStefan Metzmacher1-4/+55
metze
2010-01-13s4:dsdb/schema_load: add a TODO about schema reloadingStefan Metzmacher1-1/+11
metze
2010-01-10s4:repl_meta_data - Transform a "1" into a "true" on a boolean variableMatthias Dieter Wallnöfer1-1/+1
2010-01-09s4-drs: instanceType is always sent, regardless of UDV valuesAndrew Tridgell1-4/+6
2010-01-09s4-samldb: fixed primaryGroupID when promoting a machine to a DCAndrew Tridgell1-17/+30
The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done without changing the member attributes of its groups.
2010-01-08s4-samba3samtest: we need to force netbios name as wellAndrew Tridgell1-0/+1
needed for when run in CLIENT context
2010-01-08s4-samba3sid: fixed error returns when res->count != 1 and oomAndrew Tridgell1-3/+3
2010-01-08s4-samba3samtest: force workgroup so the domain is rightAndrew Tridgell1-0/+1
the samba3sid backend looks at lp_sam_name() which is based on the workgroup
2010-01-08s4-samba3sid: the sambaNextRid attribute is actually the previous RIDAndrew Tridgell1-3/+6
Not well named .... though same mistake that MS made with rIDNextRid