summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2009-11-12s4:dsdb Add extensive tests for the behaviour of dsdb_dnAndrew Bartlett1-0/+357
2009-11-12s4:dsdb Use new dsdb_dn code in LDB modules and Samba4 schemaAndrew Bartlett3-64/+87
This converts the code from using the binary DN code in ldb_dn to using a special Samba-specfic wrapper around ldb_dn. We also use the dsdb_dn code for DN+Binary and DN+String comparisons (changed from treating them as Binary blobs) Andrew Bartlett
2009-11-12s4:dsdb Add new dsdb_dn to handle DN+Binary and DN+StringAndrew Bartlett4-1/+343
This aims to replace (and is based on) the code in ldb_dn.c. It is however much stricter in the DNs it will accept. Andrew Bartlett
2009-11-12lib/util Split data_blob_hex_string() into upper and lowerAndrew Bartlett1-5/+5
Rather than have a repeat of the bugs we found at the plugfest where hexidecimal strings must be in upper or lower case in particular places, ensure that each caller chooses which case they want. This reverts most of the callers back to upper case, as things were before tridge's patch. The critical call in the extended DN code is of course handled in lower case. Andrew Bartlett
2009-11-09s4-samdb: remove the rDN size constraint of 64Andrew Tridgell1-3/+10
This size constraint is not correct in it's current form, as windows does send us rDN values for CN with lengths longer than 64. Once we know how this constraint really works we can add it back in.
2009-11-07s4:dsdb/common/util - samdb_result_hashes - use "unsigned int" for countersMatthias Dieter Wallnöfer1-2/+1
2009-11-06s4:samdb_check_password - allow the password string to be NULLMatthias Dieter Wallnöfer1-0/+1
This deactivates the password complexity check, but not the minimum password length one, since the length is specified. This change is needed by my password module work.
2009-11-06s4:samdb_validate_password - Adapt the function to use the UNIX charset for ↵Matthias Dieter Wallnöfer1-20/+7
the password data blob
2009-11-06s4/drs: Refactor to be more SAMBA.Coding style compliantKamen Mazdrashki2-4/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Remove unused structures and functionsKamen Mazdrashki2-93/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: remove unused num_prefixes and prefixes from dsdb_schemaKamen Mazdrashki3-6/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_create_prefix_mapping() refactoredKamen Mazdrashki1-11/+9
TODO: this function may be refactored further. Actually we don't need to look up for the OID supplied, but just call sdb_schema_pfm_make_attid() - it will search for the OID anyway and add it if necessary Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: prefixMap lookup by full_OID implementationKamen Mazdrashki1-0/+25
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_write_prefixes_from_schema_to_ldb() refactoredKamen Mazdrashki1-39/+35
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_read_prefixes_from_ldb() refactoredKamen Mazdrashki1-54/+13
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: refactor dsdb_load_oid_mappings_ldb() to use ↵Kamen Mazdrashki1-33/+29
_dsdb_prefixmap_from_ldb_val() Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Load prefixMap from ldb_val moved in separate functionKamen Mazdrashki1-0/+35
It is to be used later in several places when we need such conversion. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_schema_pfm_from_drsuapi_pfm() to accept partial drsuapi_prefixMapKamen Mazdrashki2-22/+46
"partial drsuapi_prefixMap" is a prefix map without last entry being special - i.e. map that does not contains schema_info entry. Test for dsdb_schema_pfm_from_drsuapi_pfm() were also extended to cover both 'full' and 'partial' map conversion. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_map_int2oid() replaced by dsdb_schema_pfm_oid_from_attid()Kamen Mazdrashki2-30/+11
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_map_oid2int() replaced by dsdb_schema_pfm_make_attid()Kamen Mazdrashki3-19/+19
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_verify_oid_mappings_drsuapi() replaced by ↵Kamen Mazdrashki2-72/+1
dsdb_schema_pfm_contains_drsuapi_pfm() dsdb_schema_pfm_contains_drsuapi_pfm() is part of reimplemented prefixMap interface. This name was choosen to clearly show, that this a week verification in case we want to determine if remote schema is changed. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_get_oid_mappings_drsuapi() to use new prefixMap interfaceKamen Mazdrashki1-34/+3
dsdb_get_oid_mappings_drsuapi() just need to call dsdb_drsuapi_pfm_from_schema_pfm() to get filled-in DRSUAPI prefixMap. Perhaps it won't be bad to rename this function to have more expressive name in the future Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_load_oid_mappings_drsuapi() -> dsdb_load_prefixmap_from_drsuapi()Kamen Mazdrashki1-52/+13
Also, dsdb_load_oid_mappings_drsuapi() was reimplemented to use dsdb_schema_pfm_from_drsuapi_pfm() function to load drsuapi_prefixMap into schema->prefixmap Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_schema uses dsdb_schema_prefixmap definitionKamen Mazdrashki1-0/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Move schema_prefixMap allocation in separate functionKamen Mazdrashki1-15/+29
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: schema_prefixMap to/from drsuapi_prefixMap conversion implementationKamen Mazdrashki1-1/+228
Along with this, dsdb_schema_pfm_contains_drsuapi_pfm() function is implemented to replace previous implementation for dsdb_verify_oid_mappings_drsuapi(). Name of the function clearly implies how week this verification is, as currently it is used to indicate "Schema modified on remote" condition. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Implement binary-oid-lookup into prefixMapKamen Mazdrashki1-25/+37
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Move making of partial-binary-oid to a separate functionKamen Mazdrashki1-20/+45
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: Fix memory leek in prefixMapKamen Mazdrashki1-1/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-05Version 1.0 of the directory service acls module.Nadezhda Ivanova3-965/+358
At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
2009-11-05s4:dsdb/common/util - Add a new utility function "samdb_check_password"Matthias Dieter Wallnöfer1-9/+45
This function performs basic password checks and will be used by the "samrValidatePassword" call and the "password_hash" module.
2009-11-05s4:samdb_set_password/samdb_set_password_sid - Better comments and cosmeticsMatthias Dieter Wallnöfer1-28/+34
2009-11-04s4:provisioning - Fixed minor bugs in provisioning tool and partition module.Endi S. Dewata1-2/+2
2009-11-03Added some dn to the info in the log messages.Nadezhda Ivanova1-3/+3
2009-11-02s4:dsdb Fix up after the MAP_ constants became LDB_MAP_Andrew Bartlett1-13/+13
2009-11-02s4 - SID allocation using FDS DNA pluginEndi S. Dewata1-10/+19
2009-11-02s4:dsdb - Removed redundant domain SID filter.Endi S. Dewata1-29/+1
2009-11-02s4:dsdb - Store SID as string in FDS.Endi S. Dewata2-5/+45
2009-11-02s4 - Mapped AD schema to existing FDS schema.Endi S. Dewata2-2/+167
2009-11-02s4:dsdb - Fixed attribute dereferencing for FDSEndi S. Dewata2-18/+124
2009-11-02Remove special case logic in 'samdb_relative_path'.Andrew Bartlett1-3/+0
While this logic (avoiding to prefix a non-filename with a path) is important in the code this was copied from (private_dir()), none of the callers of this function need it. Andrew Bartlett
2009-11-02s4:dsdb Revert back to using DN:filename in the partitions recordAndrew Bartlett2-46/+102
This allows us to change the escaping function without breaking existing installs. The new escaping function (used for new databases) is RFC1738 URI encoding, except for the trivial cases without special characters. The new databases are also placed in a subdirectory, sam.ldb.d per an earlier suggestion by metze. Andrew Bartlett
2009-10-27s4-dsdb: call dsdb_make_schema_global() from ldb_wrapAndrew Tridgell1-1/+0
Calling it from samdb_connect() can cause a stale schema to be put into the global schema. Thanks to Andrew Bartlett for spotting this.
2009-10-27s4-dsdb: always cancel transactions on all partitionsAndrew Tridgell1-13/+19
If we get an error ending a transaction on one partition we need to continue on the other partitions.
2009-10-27s4:dsdb Rework partitions module for better tracingAndrew Bartlett3-97/+76
This means we need to create a fake 'module' which only has a 'next' pointer, so that we can now ldb_next_request() (which incorporates tracing). The remainaing stub of partition_request() is retained so that we can indicate which partition an operation is destined for. Similar tracing is added to the transaction handlers. Andrew Bartlett
2009-10-27s4:dsdb Remove partition_extended_schema_update_nowAndrew Bartlett1-51/+0
The schema update now request is now handled above the partitions module. Andrew Bartlett
2009-10-26s4-ldb: fixed request handling for schemaUpdateNow opAndrew Tridgell3-3/+3
2009-10-25s4-samdb: reduce the number of samdb opens at startupAndrew Tridgell3-23/+8
Using common parameters means that the ldb_wrap code can return a reference rather than a new database
2009-10-25s4-dsdb: ensure that new partitions inherit any transactionAndrew Tridgell3-11/+26
2009-10-24s4:dsdb/partition_init: don't leak a talloc_new() in case we have no data yetStefan Metzmacher1-2/+5
metze