Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-06-16 | s4:dsdb Allow renames with (now removed) linked attributes | Andrew Bartlett | 1 | -3/+11 | |
It is important to allow the rename, even if we just have one-way links, as this happens on deleted objects, which have the backlinks alredy removed by repl_meta_data. Andrew Bartlett | |||||
2010-06-16 | s4:dsdb Fix linked_attributes to cope with the Feb 2010 changes to DLIST | Andrew Bartlett | 1 | -2/+6 | |
The DLIST macros changed in behaviour in Feb 2010, and walking the lists backwards is no longer safe if you don't use the macros. Andrew Bartlett | |||||
2010-06-16 | s4:dsdb Assert that we can't get backlinks as input in linked_attributes | Andrew Bartlett | 1 | -2/+15 | |
The objectclass_attr module should prevent users creating such links, and the mrepl_meta_data module should only create them in functional level 2003 or above. Andrew Bartlett | |||||
2010-06-16 | s4:dsdb use dsdb_module_modify() rather than ldb_next_request() | Andrew Bartlett | 1 | -22/+2 | |
This does exactly the same thing, but with less code. Andrew Bartlett | |||||
2010-06-16 | s4:dsdb Handle backlinks for Windows 2000 level linked attributes | Andrew Bartlett | 2 | -12/+928 | |
This revives the code from 5964acfa741d691c0196f91c0796122ec025f177, before tridge and I simplified this too much, and removed the Windows 2000 functional level linked attribute support. By telling the linked_attributes module that repl_meta_data has handled the links, we avoid a conflict for the new style (functional level 2003 and above) linked attributes. However, we still need backlinks for 2000 style linked attributes, so this allows that code in the linked_attributes module to be revived to handle those. Andrew Bartlett | |||||
2010-06-16 | s4:dsdb Add control for signaling between repl_meta_data and linked_attributes | Andrew Bartlett | 2 | -0/+6 | |
This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett | |||||
2010-06-15 | dsdb: Fix includes when building against system ldb. | Jelmer Vernooij | 5 | -44/+45 | |
2010-06-15 | dsdb: Build modules as external modules when using system ldb. | Jelmer Vernooij | 1 | -3/+37 | |
2010-06-15 | s4:dsdb Move linked attribute restrictions to objectclass_attrs | Andrew Bartlett | 1 | -0/+9 | |
This puts more of the schema restrictions in one place. Andrew Bartlett | |||||
2010-06-15 | s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. | Andrew Bartlett | 1 | -2/+2 | |
Andrew Bartlett | |||||
2010-06-15 | s4:provision Allow a specific prefix map to be loaded into a new schema ↵ | Andrew Bartlett | 1 | -1/+1 | |
provision This allows the prefixMap from a DRS server to be used when loading the schema from the local files. This helps us then import other schema with this map in place. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Allow the setting an override on the schema | Andrew Bartlett | 2 | -6/+23 | |
The change here is to try and convert a per the previous rules, but if we don't know a particular OID as a attributeID, then store it as an OID (for example). This allows known values to be converted as before, but still copes with unknown values. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Use the schema from our local provision to decode the schema | Andrew Bartlett | 1 | -367/+0 | |
This works on the assumption that the schema partition can only contain schema objects. We may need to pass down some kind of 'relax' to the DRS -> LDB conversion code, so that it allows incomplete conversions, so that we don't fail if a new attribute is present, and we can't decode it. This would then be resolved the second time we do the conversion. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-13 | s4:fix allocated control OIDs for "password_hash" LDB module | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date. | |||||
2010-06-13 | s4-test: Use smb.conf path set in environment rather than using | Jelmer Vernooij | 1 | -14/+15 | |
command-line options. This is the first step towards supporting custom test runners. | |||||
2010-06-12 | s4:password_hash LDB module - this does really deactivate the MS LAN manager ↵ | Matthias Dieter Wallnöfer | 1 | -5/+9 | |
hash Previously, only the conversion from cleartext to the LM hash was deactivated, and not when the user specified it directly through "dBCSPwd". | |||||
2010-06-12 | s4:password_hash LDB module - fix comment | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-12 | s4:dsdb Allow calling dsdb_convert_object_ex() directly | Andrew Bartlett | 1 | -6/+6 | |
This will allow the libnet_vampire code to manually convert individual schema objects. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Simplfy match of objectclass in dsdb_schema_set_el_from_ldb_msg | Andrew Bartlett | 1 | -17/+4 | |
There is no need to do a full ldb_match_msg() for a simple case insensitive string. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Provide a function to convert from DRS prefix maps to the LDB prefixmap | Andrew Bartlett | 1 | -12/+21 | |
This allows us to push a prefixmap directly into the schema we generate in the provision code. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Add more debugs to help track down failures to parse the prefixmap | Andrew Bartlett | 1 | -5/+20 | |
2010-06-12 | s4:dsdb Put back the reference and set_attributes in dsdb_reference_schema | Andrew Bartlett | 1 | -0/+9 | |
I'm not sure why I removed these in fe3e1af901c970f738bee92baac5d7d4f5736e17 Andrew Bartlett | |||||
2010-06-11 | s4:rootdse LDB module - use LDB result constants | Matthias Dieter Wallnöfer | 1 | -4/+5 | |
2010-06-10 | s4:samldb LDB module - fix up the case when the old and new "primaryGroupID" ↵ | Matthias Dieter Wallnöfer | 1 | -7/+7 | |
are the same | |||||
2010-06-10 | s4:samldb LDB module - don't create multiple "ac" module contexts on modify ↵ | Matthias Dieter Wallnöfer | 1 | -12/+6 | |
operations Since we do now run sequentially through all checks we don't need multiple "ac" contexts anymore. | |||||
2010-06-10 | s4:samba_dsdb LDB module - move the "objectclass_attrs" module back | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
I think it should be lower in order to control also the "instanceType" module. | |||||
2010-06-10 | s4:instancetype LDB module - prevent all types of "instanceType" manipulation | Matthias Dieter Wallnöfer | 1 | -0/+16 | |
Also on Windows Server you aren't able to change it. | |||||
2010-06-07 | s4:objectclass_attrs LDB module - move the single-valued attribute check ↵ | Matthias Dieter Wallnöfer | 1 | -1/+13 | |
into this module It seems to me more consistent (and also to keep the same behaviour on all backends). Also the DRS hack should therefore not be needed anymore since the "repl_meta_data" module launches requests behind "objectclass_attrs". | |||||
2010-06-07 | s4:samba_dsdb LDB module - fix typos | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-06-07 | s4:samba_dsdb LDB module - enhance/fix module rule comments | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
2010-06-07 | s4:objectclass LDB module - rework the code which handles the objectclasses ↵ | Matthias Dieter Wallnöfer | 1 | -149/+191 | |
modification Before it has been very incomplete. We try now to match the Windows Server behaviour as close as possible. | |||||
2010-06-07 | s4:acl LDB module - LDB attribute names should be compared using ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
"ldb_attr_cmp" or "strcasecmp" | |||||
2010-06-07 | s4:acl LDB module - adaption for "objectclass_attrs" module | Matthias Dieter Wallnöfer | 1 | -5/+15 | |
Since the attribute schema checking code moved back we need to give here the "LDB_ERR_NO_SUCH_ATTRIBUTE" error. | |||||
2010-06-07 | s4:objectclass LDB module - remove "fix_check_attributes" | Matthias Dieter Wallnöfer | 1 | -62/+0 | |
Also this task is now performed by the "objectclass_attrs" LDB module. | |||||
2010-06-07 | s4:samldb LDB module - adjust the module to set always a ↵ | Matthias Dieter Wallnöfer | 1 | -35/+45 | |
"defaultObjectCategory" on objectclass add operations This is needed to make the "objectclass_attrs" LDB module happy. The search check and case adjustment are done as it was using a second modify operation. | |||||
2010-06-07 | s4:remove the "validate_update" LDB module - the task is now handled by the ↵ | Matthias Dieter Wallnöfer | 4 | -141/+0 | |
far more complete "objectclass_attrs" LDB module | |||||
2010-06-07 | s4:dsdb - introduce a new "objectclass_attrs" LDB module which performs the ↵ | Matthias Dieter Wallnöfer | 3 | -0/+401 | |
objectclass attributes checking Until now we had no real consistent mechanism which allowed us to check if attributes belong to the specified objectclasses. | |||||
2010-06-07 | s4:objectclass LDB module - instanciate the schema variable centrally on the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+28 | |
"ac" context creation This unifies the position when the schema is read and prevents multiple instanciations (eg on a modification operation). | |||||
2010-06-07 | s4:samldb LDB module - finally we can remove the RDN check | Matthias Dieter Wallnöfer | 1 | -53/+0 | |
This is now dynamically always done by the objectclass LDB module | |||||
2010-06-07 | s4:objectclass LDB module - finally implement the correct entry rename ↵ | Matthias Dieter Wallnöfer | 1 | -25/+130 | |
protections Only the "systemFlags" check is still missing. | |||||
2010-06-07 | s4:objectclass LDB module - cosmetic change | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
2010-06-07 | s4:objectclass LDB module - remove duplicated code | Matthias Dieter Wallnöfer | 1 | -13/+4 | |
2010-06-07 | s4:objectclass LDB module - fix counter variable types | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-07 | s4:objectclass LDB module - explain why the search can return with an empty ↵ | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
return | |||||
2010-06-07 | s4:objectclass LDB module - this "talloc_steal" is not necessary | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
The "parent_dn" was created on the "ac" context which lives anyway longer than this child request. | |||||
2010-06-07 | s4:objectclass LDB module - fix error result if an entry doesn't contain a ↵ | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
structural objectclass We need to return LDB_ERR_UNWILLING_TO_PERFORM (not LDB_ERR_NAMING_VIOLATION). | |||||
2010-06-07 | s4:objectclass LDB module - use "ldb_oom" for expressing out of memory | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-06-07 | s4:objectclass LDB module - fix header and add my copyright | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
2010-06-06 | s4:password_hash LDB module - adapt the module to the new ↵ | Matthias Dieter Wallnöfer | 1 | -17/+6 | |
"ldb_msg_remove_attr" behaviour | |||||
2010-06-06 | s4:samldb LDB module - this codepart isn't needed due to the objectclass LDB ↵ | Matthias Dieter Wallnöfer | 1 | -13/+0 | |
module When a "computer" entry will be added, also the inherited "user" objectclass is going to be specified. |