summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2009-12-07s4:dsdb Use ldb_match_msg_objectclass in operational.cAndrew Bartlett1-6/+1
This avoids not only a possibly non-portable compiler expression, but also the need to look up the schema each time. Andrew Bartlett
2009-12-07s4:dsdb Make primaryGroupToken calculation more efficient and correctAndrew Bartlett1-20/+46
The original code here would do a subtree search under each object, attempting to determine if it was a group. This was incorrect, and inefficient - we just need to ask for the objectClass attribute, and check that value before returning the group's RID. (Much of this patch reworks operational.c to allow a search for 2 attributes for this calculation). Andrew Bartlett
2009-12-07s4:dsdb Make parentGUID handler use dsdb_module_search_dn()Andrew Bartlett2-76/+29
This avoids doing a new search from the top of the module stack. This also removes the helper function dsdb_find_parentguid_by_dn() which is now unused. Andrew Bartlett
2009-12-07s4:dsdb Hide the LM password by default tooAndrew Bartlett1-1/+2
2009-12-04s4-ldb: fixed show_deleted module not to corrupt parse treesAndrew Tridgell1-23/+26
The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04s4-drsutil: fixed a memory leak in samdb_search_countAndrew Tridgell2-5/+9
In general functions that don't return any memory should not take a memory context. Otherwise it is too easy to have a bug like this where memory is leaked
2009-12-03s4:operational LDB module - Fix usage of LDB constantsMatthias Dieter Wallnöfer1-4/+4
2009-12-03s4-drs: fixed updating of uSNChanged in replmd_modifyAndrew Tridgell1-3/+2
Updating of uSNChanged broke in a recent change
2009-12-01s4:schema - Make some more (result) variables const and fix up warnings with ↵Matthias Dieter Wallnöfer2-53/+72
"discard_const_p"
2009-11-30s4-drs: Using dsdb_msg_add_guid() utility functionFernando J V da Silva3-46/+5
Uses the dsdb_msg_add_guid() to add any kind of GUID attribute to a ldb_message in several places of samba4 code. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-30s4-drs: add deletion of old connectionsCrístian Deives3-37/+190
the nTDSConnection objects that are not needed anymore will be deleted. the function kccsrv_delete_connection wasn't tested yet. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-30s4-ldb: changed ldb_msg_add_dn() to ldb_msg_add_linearized_dn()Crístian Deives1-3/+3
this makes the usage clearer Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-30s4-drs: Create connection obejct (nTDSConnection)Crístian Deives3-0/+130
create nTDSConnection objects to match the list of servers Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-30s4-dsdb: don't call ldb_next_init() twice in objectclass moduleAndrew Tridgell1-1/+1
2009-11-28s4-drs: cope with bogus empty attributes from w2k8-r2Andrew Tridgell1-0/+17
w2k8-r2 sometimes sends empty attributes with completely bogus attrid values in a DRS replication response. This allows us to continue with the vampire operation despite these broken elements.
2009-11-28s4: fix SD update and password change in upgrade scriptMatthieu Patou1-4/+11
- reserve a new Samba OID for recalculate SD control - fix the update SD function - fix handling of kvno in the update_machine_account_password function - fix handling of handles in RPC winreg server Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-27s4:dsdb Don't segfault with ldb_transaction_prepare_commit() without begin()Andrew Bartlett1-0/+4
It is up to other modules to complain if ldb_transaction_prepare_commit() is called before ldb_transaction_begin_transaction() Andrew Bartlett
2009-11-26s4:objectclass LDB module - Prevent write operations on constructed attributesMatthias Dieter Wallnöfer1-6/+19
2009-11-26s4:operational LDB module - Don't do the write checks hereMatthias Dieter Wallnöfer1-16/+0
Let this perform the schema in the "objectclass" module.
2009-11-25s4:dsdb Make samba_dsdb easier to use in upgrades - assume default valuesAndrew Bartlett1-4/+7
2009-11-24s4:dsdb Handle LDAP backends correctly with new samba_dsdb systemAndrew Bartlett1-5/+5
The original code had the wrong module names, and use strcasecmp() incorrectly. Andrew Bartlett
2009-11-24s4:provision Move secrets.ldb over to .c file module lists, like sam.ldbAndrew Bartlett2-0/+111
2009-11-24s4:operational LDB module - Prevent the modification of operational attributesAndrew Bartlett1-0/+16
(merged by Andrew Bartlett) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-24s4:dsdb Use new helper function to obtain CN=Aggregate schema DN in schema_dataAndrew Bartlett1-6/+6
2009-11-24s4:dsdb Return the subSchemaSubEntry operational attribute on every objectAndrew Bartlett1-4/+40
2009-11-24s4:dsdb Add function to return the CN=Aggregate schema DNAndrew Bartlett1-0/+18
2009-11-23s4:dsdb Move module configuration from each ldb into samba_dsdb.cAndrew Bartlett5-5/+397
This makes getting the module order correct, the obligation of Samba4 developers, and not system administrators. In particular, once an ldb is updated to use only the 'samba_dsdb' module, no further changes to the ldb should be required when upgrading to later Samba4 versions. (thanks to metze for the suggestion of samba_dsdb as a long-term stable name for the module) Andrew Bartlett
2009-11-23s4/schema(tort): Refactor DSDB-SYNTAX test for better performanceKamen Mazdrashki1-35/+86
Test was implemented as a test fixture so that setup/teardown occurs only once. This should impact test performace as long as provision_get_schema() is a slow function (especially when debugging)
2009-11-23s4/schema: Handle Object(OR-Name) syntax in extended_dn_out moduleKamen Mazdrashki1-4/+12
Windows displays attribute values with Object(OR-Name) syntax in plain DN format when queried through LDAP. Hence, we need to post-process such values specially in extended_dn_out.c module so they are always shown as plain DN, no matter what controls are passed for search request.
2009-11-23s4/schema: Object(OR-Name) syntax handling for DRS callsKamen Mazdrashki3-6/+11
OR-Name syntax through DRS calls looks like DN-Binary syntax
2009-11-23s4/schema(tort): Inject authOrig attribute into schema loaded for testsKamen Mazdrashki1-1/+44
2009-11-23s4/schema(tort): Add test for Object(OR-Name) syntaxKamen Mazdrashki1-0/+8
2009-11-23s4/schema(tort): Test LDB_SYNTAX_DN with extended_dn in [GUID;SID;DN] formKamen Mazdrashki1-1/+9
2009-11-22Fixed incorrect indentation.Nadezhda Ivanova1-7/+6
2009-11-21Implemented LDAP_SERVER_SD_FLAGS_OID on search requests.Nadezhda Ivanova2-22/+165
2009-11-20Cosmetic patch - fixed case of attribute name.Nadezhda Ivanova1-1/+1
2009-11-20Implementation of LDAP_SERVER_SD_FLAGS_OID on modify requests.Nadezhda Ivanova1-16/+133
2009-11-20s4-dsdb: some more attribuutes that we should only give if asked forAndrew Tridgell1-1/+6
2009-11-20added new function "ldb_msg_add_dn"Crístian Deives1-2/+3
a helper function to a DN element to an ldb_msg using ldb_msg_add_string. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-dsdb: removed attributes that should not be displayed by defaultAndrew Tridgell1-0/+37
Some attributes (like ntSecurityDescriptor) are stored in our db, but should only be displayed if asked for. This also applied to parentGUID from old installs, which is now generated.
2009-11-20s4-drs: Removes stored parentGUID's creation and renamingFernando J V da Silva1-80/+7
parentGUID is now created on demand in operational.c Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-drs: Synchronous Implementation of generated parentGUIDFernando J V da Silva1-2/+34
This generated parentGUID on demand, rather than getting it from the database Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-drs: Utility functions to deal with GUIDFernando J V da Silva1-0/+99
dsdb_find_parentguid_by_dn() returns the parentGUID for a given DN dsdb_msg_add_guid() adds a GUID value to a given message (either objectGUID or parentGUID). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-20s4-dsdb: make sure mod_usn list is zeroed on each transactionAndrew Tridgell1-7/+10
2009-11-17s4:SAMLDB DSDB module - Add "\n"s on debug messagesMatthias Dieter Wallnöfer1-2/+2
2009-11-17s4:SAMLDB DSDB module - Remove "\n" in LDB error messagesMatthias Dieter Wallnöfer1-25/+31
abartlet suggested me to not use anymore "\n"s in those kind of outputs. Plus, enhance a search filter to consider also "builtinDomain" objects which are basically domain objects too.
2009-11-17s4:dsdb/schema: let schema_supclasses() return the correct pointerStefan Metzmacher1-2/+2
str_list_unique() changes the pointer via talloc_realloc(). metze
2009-11-17s4:schema Add the GUID to each defaultObjectCategory when loading from LDIFAndrew Bartlett1-0/+49
This makes these full extended DNs, so we set the right values into the database, even before we actually set the schema objects themselves. Andrew Bartlett
2009-11-17s4:dsdb Rework samdb code to use 'storage format' DNs for defaultObjectCategoryAndrew Bartlett4-1/+67
It is important to always ensure that this attribute has an extended DN if the rest of the database stores things that way. The knowlege of what format the DN is stored on disk with is passed around in an LDB opaque. Andrew Bartlett
2009-11-17s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schemaAndrew Bartlett2-35/+27
The load of defaultObjectCategory as an extended DN means we need to use the common parsing functions I just split out, rather than the GET_DS_DN macro. The objectGUIDs are loaded so that we can create the extended DN when we load from LDIF (and are loaded for the other cases for consistency). Also adapt callers to API changes needed for common parsing code Andrew Bartlett