Age | Commit message (Collapse) | Author | Files | Lines |
|
this will catch future programmer errors with incorrect base DNs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
windows does not allow a search on the empty DN except for rootDSE
searches or for phantom_root searches (ie. with --cross-ncs). By
enforcing this in Samba we make it more likely that our tests and
utilities will work against windows
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
NULL should be used when doing all partition searches. The default
basedn should be used when wanting just the domain NC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when searching all partitions we must use the NULL basedn, or we will
miss partitions in multi-domain setups
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Aug 18 22:16:38 CEST 2011 on sn-devel-104
|
|
when in FL 2000 we were not correctly deleting backlinks as we uses
dsdb_find_dn_by_guid() which doesn't find deleted objects. Modules
should use dsdb_module_dn_by_guid() which prevents going to the top
level, and finds deleted objects
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
added comments explaining the backlink deletion code, plus fix a use
of a bitwise operation in a boolean expression, and avoid calling
dsdb_functional_level() inside a loop
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this prevents us going to the top level of the module stack
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
samdb_connect() now calls samdb_connect_url() with default "sam.ldb".
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
this DN can change due to a server rename, so we cannot cache it. It
is set by provision, but not anywhere else.
This seems to not have a large performance impact
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows dsServiceName to be stored as an extended DN or GUID form
in @ROOTDSE, and its string form will be found at runtime.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
these are not needed now that the rootdse modules calculates the
validFSMOs attribute at runtime
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this changes the rootdse to compute the validFSMOs attribute at
runtime by checking the fSMORoleOwner attribute on the appropriate
DN. This avoids the need for the pdc_fsmo and naming_fsmo modules.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
s4:subtree_rename LDB module - fix the move/rename constraints
By the inspiration of an email request by ekacnet I have rechecked the
move/rename constraints and re-read the chapter 3.1.1.5.4.1 located in the
MS-ADTS technical documentation.
It really turns out that the constraint checking is only performed on
the root object of a request.
In addition add my copyright notice (I've written these constraint checks).
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Aug 10 01:05:19 CEST 2011 on sn-devel-104
|
|
|
|
|
|
This happens if we have a custom schema - we need to build up the schema until
it loads, by converting more objects.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Aug 9 13:10:25 CEST 2011 on sn-devel-104
|
|
|
|
|
|
this can be used to force re-indexing of samdb when we change
something that affects index comparison, in this case the
canonicalisation of booleans
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this ensures we don't look past the end of the data
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this auto-normalises some attributes when they are added/modified. The
list that we auto-normalise is currently:
Boolean
INT32
INTEGER
UTC_TIME
This fixes a problem with groupType being stored in an unnormalised
form
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
this ensures we setup dn_format when we do runtime schema changes
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
clearer than magic numbers
|
|
checking filter elements in the right order makes it a little faster
|
|
this saves some string comparisons
|
|
|
|
this replaces DN components in incoming filter expressions with the
full extended DN of the target, which allows search expressions based
on <GUID=> and <SID=> DNs, as well as fixing the problem with one-way
links in search expressions
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows for searches like member=<SID=S-1-2-3>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
this is faster than string comparisons during searches at runtime
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
when we return a DN which is a one way link, fix the string DN
component by searching for the GUID and replacing the DN components
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows us to quickly determine if a DN is a one way link
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
struct ldb_dn is never const
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
this allows us to use dsdb_module_dn_by_guid() from levels below the
extended_dn_out module
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
gensec_session_key()
This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.
Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.
Andrew Bartlett
|
|
|
|
repsTo
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sun Jul 31 00:17:17 CEST 2011 on sn-devel-104
|
|
|
|
this adds the DSDB_SEARCH_SHOW_DELETED flag, which fixes deletion of
deleted objects
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this gives us a delete function that takes the standard set of dsdb
flags
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
to delete
If the parent request specify the show_deleted control we must use it in
order to be able to see the deleted objects.
Also we just allow to trusted connections with the system account to
remove deleted objects, others receive an unwilling to perform.
|