Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-28 | s4-kcc: fixed corruption of repsFrom records by kcc | Andrew Tridgell | 1 | -4/+2 | |
We were re-using a stack variable outside of the stack scope | |||||
2009-09-28 | s4-kcc: remove stale repsFrom entries in kcc run | Andrew Tridgell | 1 | -0/+11 | |
2009-09-28 | s4-dsdb: don't return the partition root objects | Andrew Tridgell | 1 | -1/+19 | |
When searching across partitions, we want to avoid sending duplicate records caused by the record appearing both as a mount point and as a partition root in a nested partition. This patch works by intercepting objects from searches and checking if they match a partition root. If they do, and the partition is not the one in the partition control request, then discard the object. | |||||
2009-09-28 | s4-dsdb: removed extraneous debug messages | Andrew Tridgell | 1 | -4/+0 | |
2009-09-28 | s4-dsdb: update replPropertyMetaData on linked attribute source attributes | Andrew Tridgell | 1 | -0/+23 | |
2009-09-28 | s4-dsdb: fixed searching for GUID based DNs between partitions | Andrew Tridgell | 1 | -2/+16 | |
2009-09-28 | s4-samdb: when UF_SERVER_TRUST_ACCOUNT is set mark object as critical | Andrew Tridgell | 1 | -0/+10 | |
We may also need to remove the isCriticalSystemObject when the machine is demoted | |||||
2009-09-28 | s4-repl: free the la list on prepare commit failure | Andrew Tridgell | 1 | -0/+3 | |
2009-09-28 | s4-samdb: free the linked_attributes list on prepare commit failure | Andrew Tridgell | 1 | -0/+6 | |
2009-09-28 | s4-repl: use GUID to resolve target in linked attributes | Andrew Tridgell | 1 | -8/+7 | |
When we vampire from w2k8-r2, the DC sends us a linked attribute for our machine account which has a target DN with a GUID of the OU=Domain Controllers objects, but has a DN of CN=Computers. We need to use the GUID to resolve the real DN. | |||||
2009-09-28 | s4-dsdb: ask for an extended DN in dsdb_find_dn_by_guid() | Andrew Tridgell | 1 | -0/+5 | |
2009-09-28 | s4-dsdb: make dsdb_search_dn_with_deleted public for repl_meta_data module | Andrew Tridgell | 1 | -5/+5 | |
2009-09-28 | s4-drs: fixed sorting of replPropertyMetaData | Andrew Tridgell | 1 | -31/+44 | |
This also ensures we add the SHOW_DELETED control on searches for old replPropertyMetaData attributes | |||||
2009-09-24 | s4-drs: add defines for replication flags on attributes | Andrew Tridgell | 1 | -5/+2 | |
2009-09-24 | s4-ldb: sort replPropertyMetaData by attid | Andrew Tridgell | 1 | -1/+16 | |
We need to sort on both module add and modify | |||||
2009-09-24 | s4-ldb: add instanceType in repl_meta_data module | Andrew Tridgell | 1 | -0/+8 | |
We need to add instanceType on new records if not added by caller. This is needed in repl_meta_data to ensure we fill in the meta data for replication | |||||
2009-09-24 | s4-drs: add SHOW_DELETED control on dsdb utility calls | Andrew Tridgell | 1 | -2/+60 | |
The dsdb_find_dn_by_guid() and dsdb_find_sid_by_dn() are using by the DRS server call getncchanges on objects that may be deleted. | |||||
2009-09-23 | s4-dsdb: cope with windows sending extra pad bytes | Andrew Tridgell | 1 | -4/+4 | |
2009-09-23 | s4-dsdb: added dsdb_find_sid_by_dn() | Andrew Tridgell | 1 | -0/+30 | |
2009-09-23 | s4-drs: ignore zero value elements in DRS add operations | Andrew Tridgell | 1 | -0/+13 | |
w2k8 sometimes sends us a new object via DRS with an attribute with no values | |||||
2009-09-22 | s4-ldb: added a bunch more debug for DC join | Andrew Tridgell | 5 | -0/+17 | |
These additional debug messages were added to help us track down w2k8->s4 domain join | |||||
2009-09-22 | s4-ldbmodules: allow instanceType to be specified by clients | Andrew Tridgell | 1 | -0/+6 | |
This is needed for the WSPP ADS testsuite | |||||
2009-09-21 | s4:dsdb Fix of double addition of SD-s | Nadezhda Ivanova | 2 | -11/+25 | |
Also add error strings in descriptor module | |||||
2009-09-21 | s4:ldb Add 'single-value' support to LDB. | Andrew Bartlett | 1 | -0/+4 | |
This is currently only triggered via Samba4's schema code. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 4 | -21/+160 | |
2009-09-21 | Initial Implementation of the DS objects access checks. | Nadezhda Ivanova | 4 | -0/+1188 | |
Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified. | |||||
2009-09-21 | s4:dsdb Run the new 'descriptor' module by default. | Andrew Bartlett | 1 | -6/+0 | |
This code was derived from the objectclass module, and we need the new code in the default provision, or else no ACL is set on each object. Andrew Bartlett | |||||
2009-09-21 | s4-schema: don't trace the schema load (too verbose) | Andrew Tridgell | 1 | -12/+24 | |
2009-09-21 | s4-ldap: default edn type is 0 | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4-ldb: add support for extended DNs in the rootDSE | Andrew Tridgell | 1 | -2/+135 | |
W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs | |||||
2009-09-21 | s4-dsdb: fixed a printf format warning | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4:kerberos Fix the salt to match Windows 2008. | Andrew Bartlett | 1 | -1/+1 | |
The previous commit changed the wrong end - we must fix our server, not our client. Andrew Bartlett | |||||
2009-09-21 | s4:dsdb/resolve_oids: add fast pathes for the common operations without oids | Stefan Metzmacher | 1 | -0/+217 | |
metze | |||||
2009-09-21 | s4:dsdb/resolve_oids: check return values in recursion | Stefan Metzmacher | 1 | -3/+6 | |
metze | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Matthias Dieter Wallnöfer | 1 | -0/+29 | |
2009-09-20 | s4:samba3sam.py test - remove the primary group ID attribute here | Matthias Dieter Wallnöfer | 1 | -7/+2 | |
This shouldn't be specified on creation time (Windows Server doesn't allow that). Hope this also fixes the test (see buildfarm). | |||||
2009-09-20 | Disable descriptor module unless enabled in smb.conf | Nadezhda Ivanova | 1 | -0/+29 | |
Since this code may still have some problems, it is not executed by default. To enable descriptor inheritance add: acl:inheritance = true in your smb.conf | |||||
2009-09-20 | s4:dsdb/common/util - Check for the right forest/domain function level | Matthias Dieter Wallnöfer | 1 | -0/+57 | |
This adds a function which performs the check for the supported forest and domain function levels. On an unsuccessful result a textual error message can be created (parameter "errmsg" != NULL) which gives hints for the user to help him fixing the issue. | |||||
2009-09-20 | dsdb/samdb: add resolve_oids module | Stefan Metzmacher | 2 | -0/+438 | |
Windows Servers allow OID strings to be used instead of attribute/class names. For now we only resolve the OIDs in the search expressions, the rest will follow. metze | |||||
2009-09-19 | Handle dsdb_class_by_lDAPDisplayName returned values in schema_inferiors.c | Anatoliy Atanasov | 1 | -0/+8 | |
2009-09-19 | Move replmd_drsuapi_DsReplicaCursor2_compare to a common place. | Anatoliy Atanasov | 2 | -7/+7 | |
2009-09-19 | s4:dsdb Print the partition we failed to suggest replication for | Andrew Bartlett | 1 | -1/+2 | |
2009-09-18 | s4-server: kill main daemon if a task fails to initialise | Andrew Tridgell | 5 | -20/+23 | |
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state. | |||||
2009-09-18 | s4-drs: cope with dupliate linked attributes | Andrew Tridgell | 1 | -1/+41 | |
With a w2k8-R2 DC, we sometimes get linked attribute updates via DRS which are duplicates of entries that we already have. We need to cope with this by using a remove/add pair in the ldb_modify() to avoid a "entry already exists" error | |||||
2009-09-17 | s4:descriptor module - Revert and const fixups | Matthias Dieter Wallnöfer | 1 | -7/+18 | |
- Revert a change introduced by me since I didn't understood the meaning of the version check - Added some "const" to suppress compiler warnings | |||||
2009-09-17 | s4:descriptor - cosmetic | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2009-09-17 | s4/domain behaviour flags: Fix them up in various locations | Matthias Dieter Wallnöfer | 2 | -10/+3 | |
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194 | |||||
2009-09-16 | Owner and group defaulting. | Nadezhda Ivanova | 3 | -57/+479 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-09-16 | s4-repl: raise a debug level | Andrew Tridgell | 1 | -1/+1 | |
2009-09-16 | s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't exist | Andrew Tridgell | 1 | -0/+8 | |
When a partition is first created it still needs a uSNHighest value |