samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-08-28	s4-kcc: Notify dreplsrv that Topology has changed	Kamen Mazdrashki	1	-0/+29

2010-08-28	s4-dreplsrv: Implement irpc stub to be used to force dreplsrv to update ↵	Kamen Mazdrashki	1	-0/+20
	internal cache This IRPC calls is to be used whenever repsFrom/repsTo are changed by administrative tool or KCC (i.e. Topology changes). At present, only KCC may change topology.
2010-08-28	s4-dreplsrv: Move partition cache update before scheduling another set of ↵	Kamen Mazdrashki	1	-3/+7
	replications
2010-08-28	s4-kcc: Assert when unexpected repsFromToBlob version is passed	Kamen Mazdrashki	1	-2/+4
	At present we only support v1 structures (Win2k3 and earlier), so it is good to make it obvious. In case we start supporting v2 we will be able to notice this function should be refactored right away
2010-08-27	s4-dsdb: Fixed a compiler warning.	Nadezhda Ivanova	1	-1/+0

2010-08-26	s4:dsdb_module_find_dsheuristics - free the "DN" also on other exit cases	Matthias Dieter Wallnöfer	1	-0/+2

2010-08-26	s4-dsdb: Removed an unnecessary space in dsdb_module_find_dsheuristics()	Nadezhda Ivanova	1	-1/+1

2010-08-26	s4-dsdb: Added utility functions for retrieving dSHeuristics from the module ↵	Nadezhda Ivanova	1	-0/+47
	stack Also a function to check dsHeuristics value to determine of anonymous access should be blocked
2010-08-25	s4-repl: load RODC partitions using msDS-hasFullReplicaNCs	Andrew Tridgell	2	-4/+28
	we mark these as incoming_only Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-25	s4-dsdb: make more of the UF_* flags available on pydsdb	Andrew Tridgell	1	-0/+28
	this really should be moved to IDL
2010-08-25	s4-dsdb: add more DS flags to the dsdb module	Andrew Tridgell	1	-0/+15
	These are from libds/common/flags.h Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-25	s4-dsdb: added get_attid_from_lDAPDisplayName() on samdb	Andrew Tridgell	1	-0/+46
	This can be used to form the partial_attribute_set list for GetNCChanges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23	s4:security Change struct security_token->sids from struct dom_sid * to ↵	Andrew Bartlett	5	-29/+26
	struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
2010-08-20	s4-dsdb: the RODC_JOIN control also changes samAccountName	Andrew Tridgell	1	-9/+13
	when adding a user with the RODC_JOIN control, the samAccountName is automatically set to the krbtgt_NNNNN form Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-20	s4-dsdb: fixed dsdb_get_extended_dn_sid()	Andrew Tridgell	1	-1/+1
	it should honor the component_name Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-20	s4-drs: implement RODC attribute filtering override	Andrew Tridgell	1	-15/+29
	When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-19	s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if ↵	Kamen Mazdrashki	1	-2/+2
	it exists
2010-08-19	s4-dsdb: No need for dsdb_syntax_one_DN_drsuapi_to_ldb() to be public	Kamen Mazdrashki	1	-3/+3
	It is intended to be used in schema_syntax.c module
2010-08-19	s4-dsdb-syntax: ATTID should be msDs-IntId value for the attributeSchema object	Kamen Mazdrashki	2	-14/+55
	in case object replicated is not in Schema NC and attributeSchema object has msDs-IntId attribute value set
2010-08-19	s4: fix few comment typos	Kamen Mazdrashki	2	-3/+3

2010-08-19	s4-schema_syntax.c: Fix white spaces and alignment	Kamen Mazdrashki	1	-55/+56

2010-08-19	s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functions	Kamen Mazdrashki	4	-57/+45

2010-08-19	s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functions	Kamen Mazdrashki	4	-55/+47

2010-08-19	s4-dsdb: Use dsdb_syntax_ctx in *_validate_ldb functions	Kamen Mazdrashki	3	-62/+41

2010-08-19	s4-dsdb: Add context structure for dsdb_syntax conversion functions	Kamen Mazdrashki	2	-0/+19
	This structure is intended to hold context-dependent data. Syntax-conversion and object-conversion functions need that data to convert objects and attributes from drs-to-ldb and ldb-to-drs correctly. For instance: ATTID value depends on whether we are converting object from partition different that Schema partition.
2010-08-18	s4:auth Change {anonymous,system}_session to use common session_info generation	Andrew Bartlett	1	-2/+4
	This also changes the primary group for anonymous to be the anonymous SID, and adds code to detect and ignore this when constructing the token. Andrew Bartlett
2010-08-18	s4:auth Remove system_session_anon() from python bindings	Andrew Bartlett	1	-2/+1

2010-08-18	s4:security Remove use of user_sid and group_sid from struct security_token	Andrew Bartlett	3	-6/+6
	This makes the structure more like Samba3's NT_USER_TOKEN
2010-08-17	s4:samdb_set_password/samdb_set_password_sid - make more arguments "const"	Matthias Dieter Wallnöfer	1	-5/+5

2010-08-17	s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support ↵	Matthias Dieter Wallnöfer	1	-13/+27
	the password change control And introduce parameters to pass the old password hashes.
2010-08-17	s4:password_hash LDB module - perform the adaptions to understand the new ↵	Matthias Dieter Wallnöfer	1	-8/+26
	password change control
2010-08-17	s4:acl LDB module - support password changes over the ↵	Matthias Dieter Wallnöfer	1	-1/+15
	DSDB_CONTROL_PASSWORD_CHANGE_OID control This control is used from the SAMR and "kpasswd" password changes. It is strictly private and means "this is a password change and not a password set".
2010-08-17	s4:DSDB - DSDB_CONTROL_PASSWORD_CHANGE_OID - add a structure as value to the ↵	Matthias Dieter Wallnöfer	1	-0/+5
	control This contains the NT and/or LM hash of the password specified by the user.
2010-08-17	s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID"	Matthias Dieter Wallnöfer	3	-10/+9
	Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash.
2010-08-17	s4-tests: Added tests for acl checks on search requests	Nadezhda Ivanova	1	-0/+218

2010-08-17	s4-dsdb: check the type of session_info from the opaque	Andrew Tridgell	1	-2/+2
	we saw a crash with a bad pointer here, and this may help track it down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: added support for UF_PARTIAL_SECRETS_ACCOUNT	Andrew Tridgell	1	-2/+9
	when this is in user_account_control the account is a RODC, and we need to set the primaryGroupID to be DOMAIN_RID_READONLY_DCS Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: cope with cracknames of form dnsdomain\account	Andrew Tridgell	1	-2/+8
	this is used by w2k8r2 when doing a RODC dcpromo Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumber	Andrew Tridgell	1	-1/+8
	msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: added LDB_FLAG_INTERNAL_DISABLE_VALIDATION	Andrew Tridgell	1	-7/+9
	When this flag is set on an element in an add/modify request then the normal validate_ldb() call that checks the element against schema constraints is disabled Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-ldb: use LDB_FLAG_MOD_TYPE() to extract element type from messages	Andrew Tridgell	5	-18/+18
	The flags field of message elements is part of a set of flags. We had LDB_FLAG_MOD_MASK for extracting the type, but it was only rarely being used (only 1 call used it correctly). This adds LDB_FLAG_MOD_MASK() to make it more obvious what is going on. This will allow us to use some of the other flags bits for internal markers on elements Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: support LDB_CONTROL_RODC_DCPROMO_OID for nTDSDSA add	Andrew Tridgell	1	-1/+24
	this control disables the system only check for nTDSDSA add operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17	s4-dsdb: fixed test for LDB_CONTROL_RODC_DCPROMO_OID	Andrew Tridgell	1	-1/+1
	the ldb_msg_add_fmt() call returns LDB_SUCCESS on success
2010-08-17	s4-dsdb: added support for LDB_CONTROL_RODC_DCPROMO_OID	Andrew Tridgell	1	-0/+69
	this control adds a unique msDS-SecondaryKrbTgtNumber attribute to a user object. There is some 'interesting' interaction with the rangeLower and rangeUpper attributes and this add. We don't implementat rangeLower/rangeUpper yet, but when we do we'll need an override for this control (or be careful about module ordering). Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-16	s4:samdb_set_password_sid - fix comment	Matthias Dieter Wallnöfer	1	-1/+2
	Add more possible result NTSTATUS codes
2010-08-15	s4:samdb_set_password - fix formatting	Matthias Dieter Wallnöfer	1	-1/+2
	(Sorry, I've overseen this)
2010-08-15	s4:passwords.py - proof the most important extended error codes	Matthias Dieter Wallnöfer	1	-8/+17

2010-08-15	s4:samdb_set_password - implement the extended LDAP error code detection	Matthias Dieter Wallnöfer	1	-9/+17

2010-08-15	s4:password_hash LDB module - introduce the extended LDAP error codes on the ↵	Matthias Dieter Wallnöfer	1	-43/+72
	important failure cases
2010-08-15	s4:password_hash LDB module - support this new password set syntax	Matthias Dieter Wallnöfer	1	-2/+10