summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2010-03-04s4:operational LDB - implement the "tokenGroups" constructed attributeMatthias Dieter Wallnöfer2-1/+96
It contains the transitive SID closure (expand member/memberOf attributes) of a certain SAM object. The "tokenGroups" attribute never contains the SID of the object itself. References: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx, http://support.microsoft.com/kb/301916, MS-ADTS 3.1.1.4.5.19.
2010-03-04s4:operational LDB module - use right memory context int ↵Matthias Dieter Wallnöfer1-2/+2
"construct_primary_group_token" Use the "msg" as temporary context and not "ldb" which lives much longer.
2010-03-03s4:samdb.c - Make it signed-safeMatthias Dieter Wallnöfer1-2/+2
Use an unsigned argument for the numbers of groups and the counter "i" since the function is called only by "auth_generate_session_info" with an unsigned number of groups argument.
2010-03-01s4:drepl_out_helpers: don't look at the internals of 'struct rpc_request'Stefan Metzmacher1-2/+13
metze
2010-03-01s4:drepl_notify: don't look at the internals of 'struct rpc_request'Stefan Metzmacher1-1/+9
metze
2010-03-01s4:dsdb/repl: make use of explicit dcerpc_*_recv functionsStefan Metzmacher2-4/+4
metze
2010-03-01s4/rodc: Implement samdb_rodc with ldb contextAnatoliy Atanasov2-8/+62
2010-02-26s4:dsdb/schema: fix validation of DNsStefan Metzmacher1-1/+0
ldb_dn_extended_filter() removes all but the listed components, I didn't noticed that when writting the code. Doing a ldb_dn_remove_extended_components(dn2) is wrong. This was hidden by some bugs in the ldb_dn code. metze
2010-02-26s4-dns: use a loadparm list for samba_runcmd() commandsAndrew Tridgell1-4/+4
This allows commands with multiple arguments and quoting to be used, while still avoiding running a shell (and this having shell expansion problems)
2010-02-26s4-dsdb: fixed the fetch of the server site nameAndrew Tridgell1-1/+7
when the ntds objects were moved by a recent change it broke the calculation of the server site Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:DNS update - change "i" to be unsignedMatthias Dieter Wallnöfer1-1/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:partition DSDB module - Generate basic referralsMatthias Dieter Wallnöfer2-47/+144
This is a first, very basic implementation of the referrals (more informations at MS-ADTS 3.1.1.4.6 and 3.1.1.3.4.1.12). To have the full referral support (and to always point to the right host) the full implementation using DNS will be needed (at the moment we always point to the main DC which is referenceable through the DNS domainname). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:partition DSDB module - change the search and domain scope control handlingMatthias Dieter Wallnöfer1-35/+22
The domain scope control is always removed, from the search one only the two interesting flags (which are handled) and it is marked as non-critical. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:SAMLDB module - ignore referralsMatthias Dieter Wallnöfer1-5/+6
They don't cause any harm to our functionality - so ignore them were not needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-24dsdb: Add a more explicit error message for constructed attributesMatthieu Patou1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-24s4/drs: Propagate drsuapi_DsReplicaGetInfoRequest... changes into source codeKamen Mazdrashki1-2/+2
2010-02-24s4/drs: Propagate drsuapi_DsReplicaSync changes in source baseKamen Mazdrashki2-5/+9
2010-02-24s4/schema: Move msDS-IntId implementation to samldb.c moduleKamen Mazdrashki2-149/+87
msDS-IntId attribute should be replicated, so it must be implemented in a module that is before repl_meta_data module (thanks abartlet for pointing this out). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-23s4-dns: improved logging, and run name check at startupAndrew Tridgell1-6/+10
2010-02-23s4-dns: call out to the dns update command every 10 minutesAndrew Tridgell1-26/+112
This periodically calls samba_dnsupdate to update our DNS entries if needed
2010-02-21s4:operational LDB module - enable support for passing referrals through itMatthias Dieter Wallnöfer1-2/+1
2010-02-21s4:partition DSDB module - Cosmetic fixupsMatthias Dieter Wallnöfer1-16/+23
2010-02-21s4:password_hash - Fix up request message pointersMatthias Dieter Wallnöfer1-7/+7
For add requests we need the add request messages, for modify requests we need the modify request messages.
2010-02-21s4:dsdb/util.c - Use LDB result constants in some more helper functionsMatthias Dieter Wallnöfer1-11/+11
Always better to rely on the standards rather than on custom results.
2010-02-20s4:credentials Add hooks to extract a named Kerberos credentials cacheAndrew Bartlett2-2/+5
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett
2010-02-17s4/drs:kccdrs_replica_get_info_obj_metadata implementationAnatoliy Atanasov1-12/+88
Fix the names of the drsuapi_DsReplicaInfoType enum and rebuild the .idl The get_info_obj_metadata implementation is ported from implementation i developed and tested at the samba io lab 2009
2010-02-17s4-dnsupdate: use samba_runcmd() in the dns update taskAndrew Tridgell2-17/+37
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-kcc: remove a qsort() that snuck into the new topology codeAndrew Tridgell1-2/+1
2010-02-16s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1Andrew Tridgell1-1/+1
In a single record search, LDB_ERR_CONSTRAINT_VIOLATION is more useful than the generic LDB_ERR_OPERATIONS_ERROR Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-samdb: use dsdb_search() in cracknamesAndrew Tridgell1-57/+24
greatly simplifies some of the cracknames code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-kcc: remove search_onelevel_with_deleted() in kccAndrew Tridgell1-52/+3
Use dsdb_search() instead Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()Andrew Tridgell4-29/+80
dsdb_find_dn_by_guid() now takes a struct GUID instead of a guid_string. All the callers in fact wanted a struct GUID, so we now avoid the extra conversion. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: replace dsdb_find_dn_by_guid() with a dsdb_search() callAndrew Tridgell1-67/+84
much simpler code by using dsdb_flags Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: change dsdb_search_dn_with_deleted() to dsdb_search_dn() with ↵Andrew Tridgell1-56/+58
dsdb_flags Allows for arbitrary controls
2010-02-16s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flagsAndrew Tridgell4-76/+33
This allows for controls to be added easily where they are needed.
2010-02-16s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flagsAndrew Tridgell2-38/+41
2010-02-16s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.cAndrew Tridgell6-85/+115
This will be used to allow the flag based ldb functions to work on both a ldb or a module, thus saving a lot of specialist functions.
2010-02-16s4-drs: DsGetReplInfo() refactoringErick Nogueira do Nascimento1-263/+190
2010-02-16s4-drs: DsReplGetInfo() for DS_REPL_INFO_REPSTO infoTypeErick Nogueira do Nascimento1-4/+142
Implements the DS_REPL_INFO_REPSTO infoType of DsReplGetInfo().
2010-02-16s4-rootdse: we don't need DSDB_FLAG_OWN_MODULE hereAndrew Tridgell1-2/+2
2010-02-16s4-drs: enable the recyclebin optional featureEduardo Lima1-19/+250
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15s4-kcc: remove C++ commentAndrew Tridgell1-1/+1
2010-02-15s4-kcc: initial code for the topology algorithmCrístian Deives2-0/+615
this patch contains the data structures declarations and the functions to setup the graph. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15s4-dsdb: don't change replPropertyMetaData if the value hasn't changedAndrew Tridgell1-4/+20
When updating replPropertyMetaData, check if the value being stored is the same as the current value, and skip the update if it is. This is based on a patch by Fernando J V da Silva <fernandojvsilva@yahoo.com.br>
2010-02-15s4-drs: Fixes bugs regarding Urgent Replication on wrong situationsFernando J V da Silva1-7/+16
It fixes the bug which causes an urgent replication to be enabled incorrectly when an object is modified, but it should happen only when it was created. This patch also fixes the bug that enable an urgent replication when an object is deleted, but it should happen only when it was modified and fixes the bug that does not enable an urgent replication when an object is deleted and it should happen only when it is deleted (not when it is modified). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-15s4-dsdb: added dsdb_modify_permissive()Andrew Tridgell1-0/+36
This will be used in the drsuapi server
2010-02-13s4:util.c - Corrected the location of the "Directory Service" objectMatthias Dieter Wallnöfer1-1/+1
I wonder why nobody noticed this since for sure this "tombstone" functionality was broken till now.
2010-02-13s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort()Andrew Tridgell1-5/+2
2010-02-13s4-dsdb: use TYPESAFE_QSORT() in dsdb codeAndrew Tridgell7-52/+28
2010-02-11s4-dns: don't leave behind a tmp fileAndrew Tridgell1-0/+2
If the dns update file doesn't need updating we need to delete the tmp file