summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2010-11-03s4-dsdb: Implemented value restrictions for the dSHeuristics attributeNadezhda Ivanova1-1/+27
2010-11-03s4:objectguid LDB module - remove "objectguid_find_attribute"Matthias Dieter Wallnöfer1-17/+1
It's exactly the same as "ldb_msg_find_element". In addition remove a comment which points out a "fixme" for a semi-async call since we started to permit them again. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 3 09:29:46 UTC 2010 on sn-devel-104
2010-11-03s4-dsdb: removed the use of ldb_private.h from s4Andrew Tridgell9-121/+55
this will allow s4 to use a system version of ldb
2010-11-01s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothingMatthias Dieter Wallnöfer2-2/+29
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 1 14:36:24 UTC 2010 on sn-devel-104
2010-11-01s4:sam.py - additional testing for "servicePrincipalName" updatesMatthias Dieter Wallnöfer1-12/+207
2010-11-01s4:samldb LDB module - support now the full "servicePrincipalName" update ↵Matthias Dieter Wallnöfer1-30/+96
trigger With "dNSHostName" and/or "sAMAccountName" updates
2010-11-01s4:samldb LDB module - "sAMAccountName" checkerMatthias Dieter Wallnöfer1-2/+2
We need a "talloc_steal" for the retrieved "sAMAccountName" since the memory is afterwards freed using the "talloc_free" call.
2010-11-01s4-ldb: enable version checking in dsdb ldb modulesAndrew Tridgell39-2/+42
2010-11-01s4:ldap.py/sam.py - simplify the objectclass specificationsMatthias Dieter Wallnöfer2-39/+39
- For user accounts we only need to specify "user" ("person" is an inherited objectclass) - Don't use the brackets when we have only one objectclass specified
2010-11-01s4:sam.py - test "objectSid" modification lockdownMatthias Dieter Wallnöfer1-0/+28
2010-11-01s4:samldb LDB module - unify objectSid assignment error messagesMatthias Dieter Wallnöfer1-3/+2
2010-11-01s4:samldb LDB module - deny "objectSid" modificationsMatthias Dieter Wallnöfer1-0/+7
The same as with Windows
2010-11-01s4-dsdb: convert the rest of the ldb modules to the new module typeAndrew Tridgell40-77/+298
2010-11-01s4-dsdb: convert the simple_ldap_map module to the new module styleAndrew Tridgell2-9/+26
2010-11-01s4-dsdb: convert the extended_dn_out module to the new ldb module styleAndrew Tridgell2-10/+31
2010-11-01s4-dsdb_schema: Use DRSUAPI_ATTID_INVALID instead of 0xFFFFFFFF magic valueKamen Mazdrashki2-28/+28
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Mon Nov 1 00:36:20 UTC 2010 on sn-devel-104
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki5-63/+63
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-31s4:sam.py - test the "sAMAccountName" attributeMatthias Dieter Wallnöfer1-0/+59
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 31 21:02:48 UTC 2010 on sn-devel-104
2010-10-31s4:samldb LDB module - validate "sAMAccountName" modificationsMatthias Dieter Wallnöfer1-0/+74
Also the "sAMAccountName" attribute is protected against corruption (e.g. two accounts with the same name).
2010-10-31s4:dsdb/dns/dns_update.c - increase the timeout for the SPN and DNS update ↵Matthias Dieter Wallnöfer1-2/+2
scripts Sometimes it can take longer than 10 sec.
2010-10-31s4:sam.py - add a test for the "dNSHostName" - "servicePrincipalName" update ↵Matthias Dieter Wallnöfer1-1/+151
mechanism
2010-10-31s4:samldb LDB module - implement the "dNSHostName" - "servicePrincipalName" ↵Matthias Dieter Wallnöfer1-0/+155
change trigger When the "dNSHostName" changes then also the "servicePrincipalName"s are changed as well.
2010-10-31s4:samldb LDB module - check for the number of results after a search operationMatthias Dieter Wallnöfer1-0/+3
Should always be done.
2010-10-31s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2-582/+0
The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-30s4:samldb LDB module - make the "userAccountControl" and "groupType" modify ↵Matthias Dieter Wallnöfer1-122/+173
handlers separate functions It's easier to maintain afterwards Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Oct 30 19:07:20 UTC 2010 on sn-devel-104
2010-10-30s4:samldb LDB module - add a new function which handles special cases for ↵Matthias Dieter Wallnöfer1-28/+51
single-valued attribute on SAM modifications This saves quiet some work.
2010-10-30s4:samldb LDB module - primary group change - free temporary messages to ↵Matthias Dieter Wallnöfer1-2/+4
save memory
2010-10-30s4:sam.py - add a short double swap "primaryGroupID" testMatthias Dieter Wallnöfer1-0/+9
It's not really meaningful but can happen. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Oct 30 18:15:31 UTC 2010 on sn-devel-104
2010-10-30s4:samldb LDB module - adapt the "samldb_prim_group_change" trigger to ↵Matthias Dieter Wallnöfer1-10/+55
support multiple "primaryGroupID" modification entries
2010-10-30s4:sam.py - enhance "member" testsMatthias Dieter Wallnöfer1-0/+35
2010-10-30s4:samldb LDB module - "member" triggerMatthias Dieter Wallnöfer1-38/+69
- adapt the "samldb_member_check" trigger to support multiple "member" modification entries. There can exist special modification messages which delete and add members in one operation - support the right error codes when modifications do fail (ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM)
2010-10-30s4:local_password LDB module - fix typosMatthias Dieter Wallnöfer1-6/+6
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Oct 30 15:41:46 UTC 2010 on sn-devel-104
2010-10-30s4:resolve_oids LDB module - fix counter typesMatthias Dieter Wallnöfer1-2/+2
2010-10-30s4:partition_init LDB module - fix counter typeMatthias Dieter Wallnöfer1-2/+4
2010-10-30s4:extended_dn_store LDB module - fix counter typesMatthias Dieter Wallnöfer1-2/+2
2010-10-30s4-build: removed some unnecessary dependenciesAndrew Tridgell1-1/+1
based on running waf --symbol-check
2010-10-30s4-dns: make the dns update task an external moduleAndrew Tridgell1-5/+6
this simplifies some dependencies
2010-10-30s4-auth: make KERBEROS subsystem into authkrb5 private libraryAndrew Tridgell1-1/+1
this fixes some double linking. The name 'KERBEROS' was also a bit confusing, as it sounded like a base kerberos library, when it is in fact part of auth
2010-10-30s4-ldbwrap: split ldb-wrap out from the LDBSAMBA subsystemAndrew Tridgell2-1/+2
ldb-wrap and the ldif-handlers are not really related, and this allows us to remove another dependency loop Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-29s4:samr RPC server - remove wrong implementation of ReplicaSourceNodeNameMatthias Dieter Wallnöfer1-22/+0
This should represent a replication partner - never the DC iself
2010-10-29s4-resolve_oids: Remove redundant check - resolve_oids_need_value() handle thisKamen Mazdrashki1-4/+0
2010-10-29s4-schema_init: we should be able to resolve Syntax OIDs with prefixMap we haveKamen Mazdrashki1-3/+3
If Syntax OID is not in the prefixMap then we are getting an unknown Attribute Syntax (which we can't handle anyway)
2010-10-27s4-ldb: Added the correct extended check for read access to nTSecurityDescriptorNadezhda Ivanova2-1/+63
It does not depend on READ_PROPERTY, but on SECURITY_PRIVILEGE and READ_CONTROL Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Wed Oct 27 13:18:50 UTC 2010 on sn-devel-104
2010-10-27s4-ldb: Changes the aclread module to use LDB_HANDLE_FLAG_UNTRUSTED to ↵Nadezhda Ivanova2-9/+5
determine the source of the request The aclread module used to use a control to make sure the request comes from the ldap server, but now the rootdse filters out any unregistered controls comming from ldap, so the control is lost. Using the LDB_HANDLE_FLAG_UNTRUSTED is a much more elegant solution. Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Wed Oct 27 11:55:11 UTC 2010 on sn-devel-104
2010-10-26s4-dsdb_syntax: *_OID_oid_ldb_to_drsuapi() functions should useKamen Mazdrashki1-6/+6
dsdb_schema_pfm_attid_from_oid() instead of dsdb_schema_pfm_make_attid() as those functions are supposed to return ATTIDs only for OIDs we already know about (i.e. are in prefixMap) Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Oct 26 22:44:36 UTC 2010 on sn-devel-104
2010-10-26s4-prefixMap: split dsdb_schema_make_attid() function into read-only andKamen Mazdrashki1-1/+38
read-write functions. dsdb_schema_make_attid() may change prefixMap implicitly and this is not always desired behavior. The problem was that (1) callers had no control on this behavior (2) callers had no way to know wheter prefixMap has been changed which can lead to hard to find bugs like prefixMap is changed in read operation
2010-10-26s4-prefixmap: Use WERR_NOT_FOUND when OID is not found in current prefixMapKamen Mazdrashki3-3/+3
rather than WERR_DS_NO_MSDS_INTID. WERR_DS_NO_MSDS_INTID is intended to be used for msDsIntId attribute values handling
2010-10-26s4:ldap.py - add a test for attribute ranges - still very basicMatthias Dieter Wallnöfer1-1/+56
And partially outcommented. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Oct 26 18:53:12 UTC 2010 on sn-devel-104
2010-10-26s4:sam.py - enhance users and groups testMatthias Dieter Wallnöfer1-2/+63
2010-10-26s4:samldb LDB module - enhance the "member"-check triggerMatthias Dieter Wallnöfer1-3/+7
- Also multi-valued "member" attributes are allowed - When you try to delete a member from a group which has it primary group set exactly to this group you get "UNWILLING_TO_PERFORM"