Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-28 | s4-repl: use GUID to resolve target in linked attributes | Andrew Tridgell | 1 | -8/+7 | |
When we vampire from w2k8-r2, the DC sends us a linked attribute for our machine account which has a target DN with a GUID of the OU=Domain Controllers objects, but has a DN of CN=Computers. We need to use the GUID to resolve the real DN. | |||||
2009-09-28 | s4-dsdb: ask for an extended DN in dsdb_find_dn_by_guid() | Andrew Tridgell | 1 | -0/+5 | |
2009-09-28 | s4-dsdb: make dsdb_search_dn_with_deleted public for repl_meta_data module | Andrew Tridgell | 1 | -5/+5 | |
2009-09-28 | s4-drs: fixed sorting of replPropertyMetaData | Andrew Tridgell | 1 | -31/+44 | |
This also ensures we add the SHOW_DELETED control on searches for old replPropertyMetaData attributes | |||||
2009-09-24 | s4-drs: add defines for replication flags on attributes | Andrew Tridgell | 1 | -5/+2 | |
2009-09-24 | s4-ldb: sort replPropertyMetaData by attid | Andrew Tridgell | 1 | -1/+16 | |
We need to sort on both module add and modify | |||||
2009-09-24 | s4-ldb: add instanceType in repl_meta_data module | Andrew Tridgell | 1 | -0/+8 | |
We need to add instanceType on new records if not added by caller. This is needed in repl_meta_data to ensure we fill in the meta data for replication | |||||
2009-09-24 | s4-drs: add SHOW_DELETED control on dsdb utility calls | Andrew Tridgell | 1 | -2/+60 | |
The dsdb_find_dn_by_guid() and dsdb_find_sid_by_dn() are using by the DRS server call getncchanges on objects that may be deleted. | |||||
2009-09-23 | s4-dsdb: cope with windows sending extra pad bytes | Andrew Tridgell | 1 | -4/+4 | |
2009-09-23 | s4-dsdb: added dsdb_find_sid_by_dn() | Andrew Tridgell | 1 | -0/+30 | |
2009-09-23 | s4-drs: ignore zero value elements in DRS add operations | Andrew Tridgell | 1 | -0/+13 | |
w2k8 sometimes sends us a new object via DRS with an attribute with no values | |||||
2009-09-22 | s4-ldb: added a bunch more debug for DC join | Andrew Tridgell | 5 | -0/+17 | |
These additional debug messages were added to help us track down w2k8->s4 domain join | |||||
2009-09-22 | s4-ldbmodules: allow instanceType to be specified by clients | Andrew Tridgell | 1 | -0/+6 | |
This is needed for the WSPP ADS testsuite | |||||
2009-09-21 | s4:dsdb Fix of double addition of SD-s | Nadezhda Ivanova | 2 | -11/+25 | |
Also add error strings in descriptor module | |||||
2009-09-21 | s4:ldb Add 'single-value' support to LDB. | Andrew Bartlett | 1 | -0/+4 | |
This is currently only triggered via Samba4's schema code. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 4 | -21/+160 | |
2009-09-21 | Initial Implementation of the DS objects access checks. | Nadezhda Ivanova | 4 | -0/+1188 | |
Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified. | |||||
2009-09-21 | s4:dsdb Run the new 'descriptor' module by default. | Andrew Bartlett | 1 | -6/+0 | |
This code was derived from the objectclass module, and we need the new code in the default provision, or else no ACL is set on each object. Andrew Bartlett | |||||
2009-09-21 | s4-schema: don't trace the schema load (too verbose) | Andrew Tridgell | 1 | -12/+24 | |
2009-09-21 | s4-ldap: default edn type is 0 | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4-ldb: add support for extended DNs in the rootDSE | Andrew Tridgell | 1 | -2/+135 | |
W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs | |||||
2009-09-21 | s4-dsdb: fixed a printf format warning | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4:kerberos Fix the salt to match Windows 2008. | Andrew Bartlett | 1 | -1/+1 | |
The previous commit changed the wrong end - we must fix our server, not our client. Andrew Bartlett | |||||
2009-09-21 | s4:dsdb/resolve_oids: add fast pathes for the common operations without oids | Stefan Metzmacher | 1 | -0/+217 | |
metze | |||||
2009-09-21 | s4:dsdb/resolve_oids: check return values in recursion | Stefan Metzmacher | 1 | -3/+6 | |
metze | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Matthias Dieter Wallnöfer | 1 | -0/+29 | |
2009-09-20 | s4:samba3sam.py test - remove the primary group ID attribute here | Matthias Dieter Wallnöfer | 1 | -7/+2 | |
This shouldn't be specified on creation time (Windows Server doesn't allow that). Hope this also fixes the test (see buildfarm). | |||||
2009-09-20 | Disable descriptor module unless enabled in smb.conf | Nadezhda Ivanova | 1 | -0/+29 | |
Since this code may still have some problems, it is not executed by default. To enable descriptor inheritance add: acl:inheritance = true in your smb.conf | |||||
2009-09-20 | s4:dsdb/common/util - Check for the right forest/domain function level | Matthias Dieter Wallnöfer | 1 | -0/+57 | |
This adds a function which performs the check for the supported forest and domain function levels. On an unsuccessful result a textual error message can be created (parameter "errmsg" != NULL) which gives hints for the user to help him fixing the issue. | |||||
2009-09-20 | dsdb/samdb: add resolve_oids module | Stefan Metzmacher | 2 | -0/+438 | |
Windows Servers allow OID strings to be used instead of attribute/class names. For now we only resolve the OIDs in the search expressions, the rest will follow. metze | |||||
2009-09-19 | Handle dsdb_class_by_lDAPDisplayName returned values in schema_inferiors.c | Anatoliy Atanasov | 1 | -0/+8 | |
2009-09-19 | Move replmd_drsuapi_DsReplicaCursor2_compare to a common place. | Anatoliy Atanasov | 2 | -7/+7 | |
2009-09-19 | s4:dsdb Print the partition we failed to suggest replication for | Andrew Bartlett | 1 | -1/+2 | |
2009-09-18 | s4-server: kill main daemon if a task fails to initialise | Andrew Tridgell | 5 | -20/+23 | |
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state. | |||||
2009-09-18 | s4-drs: cope with dupliate linked attributes | Andrew Tridgell | 1 | -1/+41 | |
With a w2k8-R2 DC, we sometimes get linked attribute updates via DRS which are duplicates of entries that we already have. We need to cope with this by using a remove/add pair in the ldb_modify() to avoid a "entry already exists" error | |||||
2009-09-17 | s4:descriptor module - Revert and const fixups | Matthias Dieter Wallnöfer | 1 | -7/+18 | |
- Revert a change introduced by me since I didn't understood the meaning of the version check - Added some "const" to suppress compiler warnings | |||||
2009-09-17 | s4:descriptor - cosmetic | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2009-09-17 | s4/domain behaviour flags: Fix them up in various locations | Matthias Dieter Wallnöfer | 2 | -10/+3 | |
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194 | |||||
2009-09-16 | Owner and group defaulting. | Nadezhda Ivanova | 3 | -57/+479 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-09-16 | s4-repl: raise a debug level | Andrew Tridgell | 1 | -1/+1 | |
2009-09-16 | s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't exist | Andrew Tridgell | 1 | -0/+8 | |
When a partition is first created it still needs a uSNHighest value | |||||
2009-09-15 | s4-repl: take advantage of async RPC forwarding | Andrew Tridgell | 1 | -5/+3 | |
This uses async RPC forwarding for the DsReplicaSync call | |||||
2009-09-15 | s4-repl: don't do double replication | Andrew Tridgell | 2 | -2/+36 | |
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC | |||||
2009-09-15 | s4-repl: make sure we marshal the replPropertyMetaData after the last change | Andrew Tridgell | 1 | -10/+10 | |
we were setting local_usn after the marshall, so it wasn't going into the object | |||||
2009-09-15 | s4-dsdb: use DLIST_ADD() not DLIST_ADD_END() | Andrew Tridgell | 2 | -4/+4 | |
Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better. | |||||
2009-09-15 | s4-repl: add a debug to make it easier to monitor replication | Andrew Tridgell | 1 | -0/+5 | |
2009-09-15 | s4:schema Add code to provide an index into the subClass tree | Andrew Bartlett | 2 | -1/+27 | |
In time, this should avoid the astounding (order) complexity of the objectclass sorting in objectclass.c eventually. Andrew Bartlett | |||||
2009-09-14 | s4-repl: handle rename in repl_meta_data | Andrew Tridgell | 1 | -0/+97 | |
On a rename we need to update uSNChanged, and the max uSN for the partition | |||||
2009-09-14 | s4-repl: fixed a memory error handling linked attributes | Andrew Tridgell | 1 | -10/+10 | |
We could get a double free with multiple linked attributes in a message | |||||
2009-09-14 | s4-repl: fall back to repsFrom if repsTo not set | Andrew Tridgell | 1 | -2/+4 | |
Windows does not seem to be always setting up repsTo using DsUpdateRefs(). For now we will fall back to using repsFrom if repsTo is empty. This is almost certainly incorrect, but it does get notification based replication working with both w2k3 and w2k8. |