summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2008-09-18Fix tests, be less verbose.Jelmer Vernooij1-35/+35
2008-09-18Fix some tests.Jelmer Vernooij1-4/+16
2008-09-12Remove ancient remains of first experimentations aboutSimo Sorce4-1781/+0
supporting a schema (This used to be commit 53b57300c799a079b4d64815243fe6120e0a9fa2)
2008-09-12Fix failure to load the schema on read-only DB.Andrew Bartlett1-23/+13
This also tries to simplify the logic in the schema -> @ATTRIBUTES and @INDEXES code. Andrew Bartlett (This used to be commit a383b8bf88a5681f9c9c6839ba645c872a735051)
2008-09-11Remove the complexity of transactions from the attributes-setting code.Andrew Bartlett1-16/+1
I think it is just too complex and error prone to init and cancel transactions during the module init code. Instead, this isn't prone to races as it will always achieve a steady state (eventually), and most cases will never do the write. Andrew Bartlett (This used to be commit d60977cc7f89f89f34187f310c91d1ab7db6ccf2)
2008-09-11Make cn=aggregate output less pretty, by more like Win2008.Andrew Bartlett1-2/+2
I'm not sure if this fixes bug #5713, as this is not consistantly reproducably on my equipment. Andrew Bartlett (This used to be commit 02d6645efc84179efd652dd29ab32f62ae310147)
2008-09-09Fix reversed test trying to fix bug #5713Andrew Bartlett1-1/+1
(It instead ensured that only 'top' had a SUP keyword) This clearly shows that 937b466266256d26d02cf8d48e72a26272fe8627 was not a full or correct fix, but despite this I can no longer reproduce the issue. Further investigation is required. Andrew Bartlett (This used to be commit 95a9e9b6b84866cd300b1d19915627c6718b4dde)
2008-09-09Fix bug #5713 by correcting the generated schema.Andrew Bartlett1-1/+1
This bug is entitled 'Schema patch breaks interoperability with Microsoft MMC consoles.', and it does so very spectacularly. The issue is that we would include an entry: objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT.. The MMC Active Directory Users and Computers snap in presumably objected to the 'loop' this would present. The fixed entry is: objectClasses: ( 2.5.6.0 NAME 'top' ABSTRACT Thanks to Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> for his persistance in getting me to look at this. Andrew Bartlett (This used to be commit 937b466266256d26d02cf8d48e72a26272fe8627)
2008-09-08Add definition for SYSTEM_FLAG_ATTR_IS_RDNAndrew Bartlett1-0/+1
(This used to be commit 36f727c4a73ffc8634692b0c5645343cb414de93)
2008-09-08Try to implement the right logic for systemFlagsAndrew Bartlett1-0/+37
The MS-ADTS document has quite detailed instrucitons on how these flags should be processed. This change also causes the correct sign-wrapping to occour, as these are declared as signed integers. Andrew Bartlett (This used to be commit 5c3d237a6d721dc75166bdc5ac0c6e76a4495bf7)
2008-09-08Don't expose passwords, even to the administrator.Andrew Bartlett1-1/+14
This ensures they don't leak over LDAP, but does not prevent access, as ldbsearch locally still bypasses these controls. Andrew Bartlett (This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
2008-08-22Merge branch 'abartlet-4-0-local' into v4-0-testAndrew Tridgell12-572/+828
(This used to be commit 469fac2669991b130dec219e1a109a8b2ce224be)
2008-08-22fixed error handling in ANR code Andrew Tridgell1-18/+24
when we can't process an ANR request we need to continue with the parse tree we were given, not a NULL tree (This used to be commit ed66feb80aac7432049fe9fd86a9232984587e17)
2008-08-21Don't walk past the end of ldb values.Andrew Bartlett5-8/+8
This is a partial fix towards bugs due to us walking past the end of what we think are strings in ldb. There is much more work to do in this area. Andrew Bartlett (This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
2008-08-21Stop every ldb startup doing a write to the database.Andrew Bartlett1-0/+7
Something in the search stack adds a distinguisedName record, which isn't in the message we generate. So we compare, fail and rewrite the record - every time ldb starts up... Andrew Bartlett (This used to be commit 44775d1ed4a4b8edc66a06e2b3710aba6a0dd019)
2008-08-21Set both attributes and indexes into the database on schema load.Andrew Bartlett1-18/+142
This ensures that a rudementary schema is always present (for bootstrapping), and that the indexes are maintained equal to the schema (rather than hard-coded). Andrew Bartlett (This used to be commit 747d683b0d92c3b1cde67245d514977a2c87dc44)
2008-08-21Don't maniplate control entries in samldbAndrew Bartlett1-0/+4
(This used to be commit 8003ee9abf474de534677283fc499f9a3d992b20)
2008-08-20drsuapi: fix samba4 callers after drsuapi.idl changesStefan Metzmacher1-6/+14
metze (This used to be commit 4b054cee51c39c5430bcadd5c06a94dc3e6b0d8f)
2008-08-20Use the new SEARCH_FLAG_ANR defineAndrew Bartlett1-1/+1
(This used to be commit 07d122ce2c255124dfb3acf71a3afdf52f06e1b1)
2008-08-20Apply attributes (and their syntax) from the schema into ldbAndrew Bartlett1-0/+49
This changes the @ATTRIBUTES record to be for bootstrapping only, before we find the schema. Andrew Bartlett (This used to be commit 358477fcc041d5fb2e6ac5641c2f899cc49cfb69)
2008-08-20Add schema search flags from MS-ADTSAndrew Bartlett1-0/+11
(This used to be commit 731d9e569a474da27014737e0805ae712366357d)
2008-08-20Split schema_init.c into smaller bits.Andrew Bartlett4-545/+600
This should make schema manipulation a little easier to follow. Andrew Bartlett (This used to be commit 300ed83526e75d834bd23ddd1c1c26ebe2555e0f)
2008-08-18Note the ldb syntax for attribute syntaxes in the table.Andrew Bartlett3-20/+29
This includes additional Samba-specific syntaxes made available from the ldif_handlers code. This commit also changes some table to use #defines, to ensure consistancy in other parts of the code. Andrew Bartlett (This used to be commit e26a5efd9a580ed3728e1f449e367b1cd4a73b5f)
2008-08-18Fix segfaults when loading the schema fails.Andrew Bartlett1-14/+13
(This used to be commit 9643db1a011edc95aa903908cec708b3a3566e71)
2008-08-18Ensure we fail to proceed if the schema won't load.Andrew Bartlett1-0/+1
(This used to be commit 07107c45c35a11979bf68a14b2c4df9415880fcb)
2008-08-18Remove references to the unused @SUBCLASS feature.Andrew Bartlett1-1/+1
This was removed from ldb_tdb a while ago Andrew Bartlett (This used to be commit fcb87e77860b449ac3483ccec5e6b5ed087540f2)
2008-08-18Merge the two attribute syntax tables.Andrew Bartlett6-183/+75
This merges the table once found in the oLschema2ldif tool (and moved many times) with the table used for DRSUAPI. The OpenLDAP schema map has been updated, to ensure that despite a number of attributes being declared as OIDs, they are actually used as strings (as they are actually LDAP class/attribute names). Andrew Bartlett (This used to be commit 61f2958c84beeedcf369ccdc02afed0c8055b108)
2008-08-15Generate the subSchema in cn=AggregateAndrew Bartlett8-234/+758
This reads the schema from the in-memory structure, when the magic attributes are requested. The code is a modified version of that used in the ad2oLschema tool (now shared). The schema_fsmo module handles the insertion of the generated result. As such, this commit also removes these entries from the setup/schema.ldif Metze's previous stub of this functionality is also removed. Andrew Bartlett (This used to be commit c7c32ec7b42bdf0f7b669644516438c71b364e60)
2008-08-07drsuapi: fix callers after idl changeStefan Metzmacher1-1/+1
metze (This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)
2008-07-28Remove unused variableAndrew Bartlett1-1/+0
(This used to be commit 31a303c099e26423160010c48b305434d4cbea25)
2008-07-28Fix warnings in new prefixMap codeAndrew Bartlett1-2/+3
(This used to be commit b8770a4fd8408473593fa4c6600bce056183958d)
2008-07-26dsdb: add a comment about the parameter to DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OIDStefan Metzmacher1-0/+4
metze (This used to be commit 2f06fbe06be2e1b77ea013ddba853ce819e58e88)
2008-07-26dsdb/schema: make more clear where we create the value for the new prefix ↵Stefan Metzmacher1-0/+6
mapping metze (This used to be commit c92eb8b776c17f12622837daeb1786862f380269)
2008-07-26dsdb/schema: dsdb_write_prefixes_to_ldb() should do the reverse of ↵Stefan Metzmacher1-52/+44
dsdb_read_prefixes_to_ldb() metze (This used to be commit 34ea9d4a0b1270a27412bf939d7e897a5d68d0a6)
2008-07-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett8-155/+768
(This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
2008-07-25Try to avoid a memory leak if we re-set the global schemaAndrew Bartlett1-0/+9
However, try also not to pull a schema out from under a running ldb session. Andrew Bartlett (This used to be commit 7cf9b9dd0bb35835a7c6e9897ea99951a33c63c7)
2008-07-25Clarify how we are doing the 'this is a rootdse query' check.Andrew Bartlett1-1/+2
(This used to be commit 8dfba3160cc4bc518f3ad8570d104e5baae784ca)
2008-07-24password_hash: fix the callers after drsblobs.idl changesStefan Metzmacher1-33/+41
metze (This used to be commit fac7c79afae05a88ecc2a63c8eb9f2fd53ab7ce6)
2008-07-24dsdb_create_prefix_mapping() implementation checks for existing prefix ↵Anatoliy Atanasov1-36/+257
maping in ldb. if one not found it creates a mapping for it and updates the prefixMap schema attribute in ldb. (This used to be commit bbe895db7144b192981fad9ab6bbd3ebacb8d299)
2008-07-24Handle schema reloading request.Anatoliy Atanasov4-4/+158
The ldif for that operation looks like this: dn: changetype: Modify add: schemaUpdateNow schemaUpdateNow: 1 It uses the rootdse's object functional attribute schemaUpdateNow. In rootdse_modify() this command is being recognized and it is send as extended operation with DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID. In the partition module its dispatched to the schema_fsmo module. The request is processed in the schema_fsmo module by schema_fsmo_extended(). (This used to be commit 39f9184ddf215f2b512319211c0a05702218ef87)
2008-07-23libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam1-0/+1
instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
2008-07-23dsdb: teach dreplsrv_out_drsuapi_bind_recv() knowledge of DsBindInfo48.Michael Adam1-0/+9
To make it work against w2k8. Michael (This used to be commit a8aea9274170a2b472c45c97a4904bd299d2a92e)
2008-07-23password_hash: add generation of the Primary:Kerberos-Newer-Keys blobStefan Metzmacher1-3/+216
But it's still of by default until we now what triggers this generation. It could be that the value is always generated but the KDC only uses it when in a specific funtional level, but it could also be that it's only generated in a specific functional level. metze (This used to be commit 08618bbd508ede0bb9e1922fae562cffdca41cbd)
2008-07-23password_hash: order the supplementalCredentials Packages in the same order ↵Stefan Metzmacher1-13/+55
like windows metze (This used to be commit ca9cd81a1798fb15195566422b3cad7c282fce89)
2008-07-23password_hash: split the generation of krb5 keys into a different functionStefan Metzmacher1-92/+69
metze (This used to be commit 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a)
2008-07-23password_hash: simplify the logic if we have cleartext we always generate ↵Stefan Metzmacher1-2/+2
the hashes metze (This used to be commit 5edff84429ef0d03b47a438e18861d26c97e17b6)
2008-07-23password_hash: fix callers after idl change for package_PrimaryKerberosStefan Metzmacher1-7/+0
metze (This used to be commit 1bf552856f3a930c4716ceb73d9ba9adf7502d3d)
2008-07-23password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATUREStefan Metzmacher1-2/+11
metze (This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)
2008-07-23password_hash: ignore reserved value, but still set it like windows doesStefan Metzmacher1-8/+4
metze (This used to be commit 5b860572686167d0291161f6597f143e538e2f3a)
2008-07-23password_hash: don't add zero padding as w2k8 also don't add itStefan Metzmacher1-10/+0
metze (This used to be commit 26e9169d454349795ad0bc64d7f65059541ab89e)