summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2010-01-05s4:SAMLDB LDB module - Rework to allow checks for wrong ↵Matthias Dieter Wallnöfer1-50/+96
"defaultObjectCategory" attributes This allows a stricter check for "defaultObjectCategory" attributes which is performed when the "relax" control isn't specified. Additional note: As the added comment points out this isn't complete. And I personally think that moving this at some point to the "objectclass" module is a better idea to make this fully work (since there we have direct access to the schema). If someone has a good idea how to do this please inform me. Anyway, the SAMLDB module does require some restructure since at the moment it's very overloaded and therefore a bit a mess. In the meantime I started to work on a new approach to realise it in a better way.
2010-01-05s4:schema_load.c - TypoMatthias Dieter Wallnöfer1-1/+1
2010-01-04s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_reqStefan Metzmacher2-99/+127
metze
2010-01-02s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdbAndrew Tridgell1-0/+8
w2k8-r2 gives a "schema mismatch" error if the revision is not set to REVISION_ADS and you replicate the ntsecuritydescriptor using DRS. Nadya, please check this! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNsAndrew Tridgell3-38/+81
This allows for more flags in the future
2010-01-02s4-kcc: added a preiodic task to remove deleted objectsAndrew Tridgell4-4/+104
we check for deleted objects in each partition every 10 minutes, using onelevel searches
2010-01-02s4-dsdb: fixed several memory leaksAndrew Tridgell1-5/+18
need to be careful with those temporary contexts
2010-01-02s4-dsdb: fixed samdb_create_foreign_security_principal() to use the ↵Andrew Tridgell1-18/+20
wellknown GUID This also fixes a memory leak
2010-01-02s4-dsdb: make sure 'whenChanged' is set on modifyAndrew Tridgell1-1/+4
We also should preserve (and then replace) whenChanged on delete
2010-01-02s4-dsdb: added dsdb_tombstone_lifetime()Andrew Tridgell2-0/+90
2010-01-02s4-dsdb: allow system to remove deleted objectsAndrew Tridgell1-0/+19
This will be used by a periodic job to remove tombstoned objects
2010-01-02s4-drs: make sure the DNs we put in the db have a extended GUIDAndrew Tridgell1-7/+16
2010-01-02s4-dsdb: added dsdb_set_extended_dn_guid()Andrew Tridgell1-0/+19
2010-01-02s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()Andrew Tridgell2-4/+8
2010-01-02s4-drs: re-resolve the DN in linked attribute processingAndrew Tridgell1-0/+10
w2k8-r2 sometimes sends the DN with an old target
2010-01-02s4-drs: use dsdb_module_rename()Andrew Tridgell1-4/+3
Use the new dsdb_module_rename() for DRS rename handling, instead of ldb_rename(). This stops us going to the top of the module stack on a rename.
2010-01-02s4-drs: use dsdb linked attribute parse functionsAndrew Tridgell1-23/+4
This makes the code considerably more readable
2010-01-02s4-dsdb: added parse functions for DRS linked attribute blobsAndrew Tridgell1-0/+69
2010-01-02s4-dsdb: fixed valgrind error in replmd modifyAndrew Tridgell1-1/+1
We are using the values from a search result, so we need to steal them onto the msg before we free the search results Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: don't try to remove backlinks directlyAndrew Tridgell1-1/+2
backlinks need to be removed as a side effect of removing the forward link Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: isRecycled only exists in FL W2K8-R2Andrew Tridgell1-0/+13
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: use DSDB_FLAG_OWN_MODULEAndrew Tridgell1-3/+3
We need DRS driven replication changes to update replPropertyMetaData, so it needs to call into the repl_meta_data module logic Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: update comment to refect only forward link in this fnAndrew Tridgell1-2/+4
This function only update forward links Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: fixed typo for uSNCreatedAndrew Tridgell1-1/+1
This broke DRS replication from samba to windows Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: use dsdb_module_guid_by_dn()Andrew Tridgell1-1/+1
We should not be going to the top of the module stack
2010-01-02s4-drs: cope better with NULL GUIDS from DRSAndrew Tridgell1-11/+25
It is valid to get a NULL GUID over DRS for a deleted forward link. We need to match by DN if possible when seeing if we should update an existing link. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: give an error message in repl_meta_data if we don't get a partition ↵Andrew Tridgell1-0/+1
control
2010-01-02s4-drs: treat a zero GUID as not present in replmd_add_fix_laAndrew Tridgell1-3/+6
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-schema: don't fill in the extended DN with a zero GUIDAndrew Tridgell1-11/+12
sometimes windows sends us a zero GUID in a DRS DN. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02sd-schema: order DRS classes on the wire in reverse orderAndrew Tridgell1-1/+4
windows sends objectclasses in DRS in the opposite order to what LDAP uses
2010-01-02s4-dsdb: added DSDB_FLAG_OWN_MODULEAndrew Tridgell2-3/+50
This allows you to call dsdb_module_*() functions while including the current module in the module stack to be used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: use a common method for finding a link pairAndrew Tridgell1-1/+1
Use ^1 everywhere, to ensure it works for both forward and backward links
2010-01-02s4-dsdb: fill in the correct version number of links that come over DRSAndrew Tridgell1-26/+27
2010-01-02s4-dsdb: move checking for single valued links to samba modulesAndrew Tridgell2-3/+15
This uses the RELAX control and checking of single valued attributes in ldb modules to avoid problems with multi-valued links where all values but one are deleted
2010-01-02s4-dsdb: added dsdb_check_single_valued_link()Andrew Tridgell2-0/+31
This is used in conjunction with the RELAX control, to check for violations of single value rules for linked attributes
2010-01-02s4-dsdb: added dsdb_dn_is_upgraded_link_val()Andrew Tridgell1-0/+9
This is used to detect if a link has been stored in the w2k3 extended format
2010-01-02s4-dsdb: auto-upgrade w2k formatted linked attributes when modifiedAndrew Tridgell1-0/+63
When any value of a w2k formatted linked attribute is modified, upgrade the links.
2010-01-02s4-dsdb: minor cleanup in DRS replicated objects codeAndrew Tridgell1-5/+6
2010-01-02s4-dsdb: store full meta data from DRS for linked attributesAndrew Tridgell1-150/+239
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributesAndrew Tridgell1-1/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()Andrew Tridgell2-4/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USNAndrew Tridgell1-8/+14
We need a separate RMD_LOCAL_USN to allow us to tell what attributes need to be sent in a getncchanges request. Thanks to Metze for pointing this out. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: handle links with no backlinks in replmd_deleteAndrew Tridgell1-4/+3
2010-01-02s4-dsdb: simplify the linked_attributes moduleAndrew Tridgell1-853/+96
The linked_attributes module only has to deal with renames now, as other linked attribute updates happen in repl_meta_data. This allows it to be much simpler. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: do the rename after the modify in replmd_deleteAndrew Tridgell1-12/+13
This makes updating the links a bit easier
2010-01-02s4-dsdb: some backlinks can be processed immediatelyAndrew Tridgell1-77/+84
backlinks in add and delete operations can be processed immediately, rather than at the end of a transaction. This can save on backlink list processing time.
2010-01-02s4-dsdb: remove linked_attributes_addAndrew Tridgell1-86/+0
This is now handled in the repl_meta_data module
2010-01-02s4-dsdb: add linked attributes meta_data handling to replmd_addAndrew Tridgell1-24/+86
This also handles the backlink creation that was previously in the linked_attributes module Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: added replmd_delete, based on Eduardos workAndrew Tridgell1-0/+295
This implements repmld_delete(), which handles the meta_data updates for an object when deleting. A delete gets mapped to a combination of a rename followed by a modify request, which has the effect of moving the object into the Deleted Objects container. This is based on the code from Eduardo Lima <eduardoll@gmail.com>. Eduardo's code was modified to take account of the linked attributes changes that Andrew and I have been working on. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: the linked_attributes module no longer handles deletesAndrew Tridgell1-53/+0
delete handling is now moved into repl_meta_data Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>