summaryrefslogtreecommitdiff
path: root/source4/dsdb/schema
AgeCommit message (Collapse)AuthorFilesLines
2009-10-03s4:schema_inferiors - Fix wrong checkMatthias Dieter Wallnöfer1-1/+1
2009-10-03s4:dsdb add systemPossibleInferiors to schema codeAndrew Bartlett2-0/+21
This allows us to figure out what the system can add, which will not be in possibleInferiors due to the systemOnly flag. Andrew Bartlett
2009-10-02s4-ldb: Add support for binary blobs in DNsAndrew Tridgell1-23/+113
AD has the concept of a DN prefixed with B:NN:XXXXXX: that contains a binary blob. We need to support those in order to give correctly formatted binary blobs for things like wellKnownObjects This implementation is not ideal, as it allows for binary blobs on all DNs, whereas it should only allow them on those with a syntax of 2.5.5.7. We should clean this up in the future, but meanwhile this implementation at least gets us a working DC join of w2k8 to s4. This patch also uses a static function for marking DNs as invalid, which is very useful when debugging this code, as you can break on it in gdb.
2009-09-23s4-dsdb: cope with windows sending extra pad bytesAndrew Tridgell1-4/+4
2009-09-22s4-ldb: added a bunch more debug for DC joinAndrew Tridgell1-0/+4
These additional debug messages were added to help us track down w2k8->s4 domain join
2009-09-21s4:ldb Add 'single-value' support to LDB.Andrew Bartlett1-0/+4
This is currently only triggered via Samba4's schema code.
2009-09-21Merge branch 'master' of git://git.samba.org/sambaNadezhda Ivanova1-12/+24
2009-09-21Initial Implementation of the DS objects access checks.Nadezhda Ivanova1-0/+12
Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified.
2009-09-21s4-schema: don't trace the schema load (too verbose)Andrew Tridgell1-12/+24
2009-09-19Handle dsdb_class_by_lDAPDisplayName returned values in schema_inferiors.cAnatoliy Atanasov1-0/+8
2009-09-15s4-dsdb: use DLIST_ADD() not DLIST_ADD_END()Andrew Tridgell2-4/+4
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better.
2009-09-15s4:schema Add code to provide an index into the subClass treeAndrew Bartlett2-1/+27
In time, this should avoid the astounding (order) complexity of the objectclass sorting in objectclass.c eventually. Andrew Bartlett
2009-09-10s4/schema: teach the schema_syntax code how to encode/decode more attributesAndrew Tridgell1-0/+104
We were trying to encode strings like 'top' as integers, without first looking them up in our schema. We need special handling for all the attributes that contain attributeID_id or governsID_id fields that should be translated first before encoding.
2009-09-10s4/schema: don't crash if we don't have subClassOfAndrew Tridgell1-2/+7
2009-09-07s4:dsdb: correctly implement _dsdb_syntax_OID_oid_ldb_to_drsuapi()Stefan Metzmacher1-1/+31
Here we just need to map the oid string in the ldb value to the ATTRTYP id. metze
2009-09-03Fix the dsdb_syntax_OID_ldb_to_drsuapi functionAnatoliy Atanasov1-1/+51
This replace the dsdb_syntax_FOOBAR_ldb_to_drsuapi function, which was left as a TODO code. Implementation in both added functions is completely identical and probably should differ in the future.
2009-08-26s4:schema Rework dsdb_write_prefixes_from_schema_to_ldb() to use tallocAndrew Bartlett1-14/+20
This changes dsdb_write_prefixes_from_schema_to_ldb() to use an internal talloc hirarchy, so we can safely give it a NULL context from the python. It also fixes manual construction of the ldb_message - we now use the right helper functions. Andrew Bartlett
2009-08-26s4:scheam quiet a 'const' warningAndrew Bartlett1-1/+1
2009-08-26s4:dsdb Rework dsdb_write_prefixes_to_ldb() to take a schemaAndrew Bartlett1-14/+13
The aim is to create a function that is more easily wrapped for python, so that we can write the updated prefixMap in an upgrade script. Andrew Bartlett
2009-08-24s4:dsdb Add constAndrew Bartlett1-2/+2
2009-08-24s4:dsdb use talloc_strndup() in GET_STRING_LDB() rather than walk off the endAndrew Bartlett1-7/+17
The problem is that samdb_result_string() and ldb_msg_find_attr_as_string() both simply cast the string, rather than ensuring the return value is NULL terminated. This may be best regarded as a flaw in LDB, but fixing it there is going to be more difficult. Andrew Bartlett
2009-08-17s4: int32 handling: previous fix was not fully correctMatthias Dieter Wallnöfer1-1/+1
2009-08-17s4: Make the int32 problem more clear - and fix another errorMatthias Dieter Wallnöfer1-1/+3
2009-08-17make sure we update the current schema->prefixes when we add a new prefixAndrew Tridgell1-0/+9
This triggered a failure in the updateNow schema test, as the current global schema was not being updated when a new schema element was added
2009-08-17s4:schema Allow a schema load on an unconnected databaseAndrew Bartlett1-5/+6
This helps ensure we don't load the schema too often in the provision (allowing a reference in of the schema before the modules load). Andrew Bartlett
2009-08-17s4:schema Provide a way to reference a loaded schema between ldbsAndrew Bartlett1-11/+19
This allows us to load the schema against one ldb context, but apply it to another. This will be useful in the provision script, as we need the schema before we start the LDAP server backend. Adnrew Bartlett
2009-08-07use talloc with the global schema consistentlyAndrew Tridgell1-1/+2
Before this change, the first opener of the sam ldb context would become the owner of the global schema, then the autofree context got a reference to the schema. Any subsequent opens of the sam ldb also got a reference. This meant that the talloc hierarchy was inconsistent between the first sam ldb open and subsequent opens. With this change the autofree context becomes the owner of the global schema, and all ldb contexts get a reference.
2009-08-05s4:dsdb Don't cast an ldb_val into a const char * for schema lookupsAndrew Bartlett2-33/+122
This removes a number of cases where we did a cast into a const char * of an ldb_val. While convention is to alway have an extra \0 at data[length] in the ldb_val, this is not required, and does not occour at least on build farm host 'svart'. Andrew Bartlett
2009-07-08Fix for schemaUpdateNow commandAnatoliy Atanasov2-4/+4
2009-07-02we can't use the unique index code for samAccountNameAndrew Tridgell1-1/+1
Using ldb unique indexes for samAccountName doesn't work with DRS as the other DC may send us a deleted record (tombstone record), which has the same samAccountName as an existing record. That would then create two records in the same partition with the same samAccountName. So we needed to put back the logic in samldb.c which explicitly checked whether a samAccountName already exists on add
2009-07-02fixed the pull of drs schema elementsAndrew Tridgell3-33/+108
The previous code incorrectly assumed that attributes such as subClassOf come over the wire as strings. In fact they come over as 32 bit integers which refer to goversIDs. We have to post-process these as it sometimes happens that a governsID comes over the wire before the record that defines what it means.
2009-07-01fixed the reference to the global_schemaAndrew Tridgell1-2/+3
2009-06-19Fixed some uninitialised variablesMatthias Dieter Wallnöfer1-8/+5
I tried hard to not change the program logic. Should fix bug #6439.
2009-06-19Correct handling of 32-bit integer attributes in SAMBA 4Matthias Dieter Wallnöfer1-0/+2
- LDB handles now all 32-bit integer attributes correctly (also with overflows) according to the schema - LDAP backends handle the attributes "groupType", "userAccountControl" and "sAMAccountType" correctly. This handling doesn't yet use the schema but the conversion file "simple_ldap.map.c" which contains them hardcoded. Did also a refactoring of the conversion function there. - Bug #6136 should be gone
2009-06-18Fix build with system LDB.Jelmer Vernooij1-1/+1
2009-06-01mark samAccountName, objectGUID and objectSID as unique indexedAndrew Tridgell1-0/+20
2009-05-28enable one-level indexing in sam.ldbAndrew Tridgell1-0/+5
2009-05-14dsdb:schema Use str_list_make_empty() to create an empty listAndrew Bartlett1-5/+5
2009-04-09make the memory usage of possibleInferiors much more efficientAndrew Tridgell1-20/+31
2009-04-09fixed the possibleInferiors calculation so it now passes the testAndrew Tridgell2-27/+28
We are probably still using more memory here than we need to. That needs to be looked at.
2009-04-08Make the schema_inferiors generation code to compileAndrew Bartlett3-69/+99
Sadly it still segfaults at this stage Andrew Bartlett
2009-04-07first cut at a C version of the possible inferiors codeAndrew Tridgell1-0/+172
2009-04-03s4:schema Don't free mem_ctx before it is initilisedAndrew Bartlett1-1/+0
2009-04-02major upgrade to the ldb attribute handlingAndrew Tridgell5-115/+325
This is all working towards supporting the full WSPP schema without a major performance penalty. We now use binary searches when looking up classes and attributes. We also avoid the loop loading the attributes into ldb, by adding a hook to override the ldb attribute search function in a module. The attributes can thus be loaded once, and then saved as part of the global schema. Also added support for a few more key attribute syntaxes, as needed for the full schema.
2009-03-31possibleInferiors is a generated attribute - we can't pull it over DRSAndrew Tridgell1-2/+0
or from ldb
2009-03-11s4:schema Don't rely on objectCategory 'magic' when loading the schemaAndrew Bartlett1-2/+2
The short-to-long name canonicalisation rules use the schema, so clearly they won't work when loading it. Andrew Bartlett
2009-03-06Load the schema with a more efficient single searchAndrew Bartlett1-93/+15
This search uses the index, and is not recursive, so should avoid the major performance problem with the current sorted schema load. The ad2oLschema code (recently moved to provision-backend) no longer needs the schema to be sorted. Andrew Bartlett
2009-03-06Sort output of schema for OpenLDAP during conversionAndrew Bartlett1-98/+132
This avoids the need to assume that the schema is sorted on load, which happens more often and is a major performace issue in the Samba4's use of ldb. Andrew Bartlett
2009-03-05Remove ad2oLschema, insted call it directly from provision-backendAndrew Bartlett2-1/+317
This removes a level of indirection via external binaries in the provision-backend code, and also makes better use of our internal code for loading schema from an LDIF file. Remaining to do: Sort the output again, as the load from LDIF is unsorted (also needed because the normal LDB load from sorted input is too slow anyway, and is only needed here). Andrew Bartlett
2009-03-04Pull in all the schema information during DRS schema fetchAndrew Bartlett1-9/+38
This includes things such as allowed attributes, which were not populated into the schema structure before. Andrew Bartlett