Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-07-05 | Changed passwords.py to use the correct account as acl checks now pass. | Nadezhda Ivanova | 1 | -14/+6 | |
2010-07-05 | s4-dsdb: Implementation of User-Change-Password and User-Force-Password-Change | Nadezhda Ivanova | 2 | -85/+226 | |
These CARs need to be checked on password change and password reset operations. Apparently the password attributes are not influenced by Write Property. Single detele operations and modifications of dBCSPwd are let through to the password_hash module. This is determined experimentally. | |||||
2010-07-04 | s4:subtree_rename LDB module - Cosmetic fixes | Matthias Dieter Wallnöfer | 1 | -3/+4 | |
2010-07-04 | s4:subtree_delete LDB module - fix comments and add my copyright | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
(I've introduced the subtree delete mechanism) | |||||
2010-07-03 | s4:dsdb/tests/python/ldap_schema.py - remove a now useless "schemaUpdateNow" ↵ | Matthias Dieter Wallnöfer | 1 | -10/+0 | |
request "schemaUpdateNow" on s4 is now a non-op and therefore not strictly needed anymore. | |||||
2010-07-03 | s4:urgent_replication.py test - remove unneeded "relax" control parameters | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-07-03 | s4:schema_load LDB module - fix a segfault condition on schema refresh | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
The schema refresh operation itself starts requests from the top of the LDB modules stack (see call "dsdb_schema_set_attributes" - search operations). This doesn't work well when these do perform "dsdb_get_schema" calls. Since the new schema isn't marked as "refreshed" atm (but in fact it still is - we didn't terminate the reload/refresh yet) we could perform other calls to "dsdb_schema_refresh" and run into serious trouble (segfault). | |||||
2010-07-03 | s4:schema_set.c - Fix a comment | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-07-03 | s4:dsdb_schema_set_attributes - remove unneeded filter criterias | Matthias Dieter Wallnöfer | 1 | -2/+4 | |
We already choose the right entry by specifying the right basedn with scope "LDB_SCOPE_BASE". | |||||
2010-07-03 | s4:dsdb_module_load_partition_usn - check for "res->count" equal/unequal to 1 | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-07-03 | s4:schema_set.c - fix typo | Matthias Dieter Wallnöfer | 1 | -1/+3 | |
2010-07-03 | s4:schema_load.c - jump to "failed" on an error condition | Matthias Dieter Wallnöfer | 1 | -3/+2 | |
2010-07-03 | s4:dsdb/tests/passwords.py - set and reset the "minPwdAge" properly | Matthias Dieter Wallnöfer | 1 | -2/+21 | |
After a patch proposal of Nadya and some reflection I think that it's really worth to change all tests which need a "0" "minPwdAge" to set it manually and reset the default afterwards. So we can finally introduce the default "minPwdAge" on provision. Patch proposal by: Nadya Ivanova | |||||
2010-07-02 | Tests for user-change-password and force-password-change access rights | Nadezhda Ivanova | 1 | -4/+242 | |
2010-07-02 | s4/schema: remove unnecessary deletion of dsdb_schema cached pointer | Anatoliy Atanasov | 1 | -3/+0 | |
This is needed so we can find and free old schemas based using the cached pointer | |||||
2010-07-02 | s4-dsdb: fixed spelling of supportedSASLMechanisms | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4:dsdb Ensure we free old schema copies | Andrew Bartlett | 1 | -6/+25 | |
It was reported by aatanasov that we kept around one whole schema per modification made. This does not fix that, but I hope moves us closer to a fix The most important part of the fix is that: - if (schema_out != schema_in) { - talloc_unlink(schema_in, ldb); - } was the wrong way around. This is now handled in the schema_set calls. Andrew Bartlett | |||||
2010-07-02 | s4/dsdb: Assert DSDB_FLAG_*_MODULE is always passed in function call | Kamen Mazdrashki | 1 | -0/+5 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/util.c Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -2/+3 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/subtree_delete.c: Use ↵ | Kamen Mazdrashki | 1 | -1/+3 | |
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/schema_load.c: Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -1/+2 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/samldb.c: Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -4/+5 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/samba3sid.c: Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -1/+3 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/rootdse.c: Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -2/+3 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/ridalloc.c: Use DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -1/+1 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-source4/dsdb/samdb/ldb_modules/repl_meta_data.c: Use ↵ | Kamen Mazdrashki | 1 | -4/+5 | |
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-dsdb/samdb/ldb_modules/linked_attributes.c: make use of ↵ | Kamen Mazdrashki | 1 | -2/+2 | |
DSDB_FLAG_NEXT_MODULE flag Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4/dsdb: Add DSDB_FLAG_NEXT_MODULE flag | Kamen Mazdrashki | 1 | -0/+1 | |
Although it is not currently used in implementation, my intention is for callers to clearly state what action they want to execute. Currently when a caller wants to pass the call to the next module in the chain, this flag is either omitted or 0 is used (which is somewhat hacky, isn't it) Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-01 | s4:dsdb/tests/python/passwords.py - add the right result codes for user ↵ | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
password changes They will be enabled once the ACL modules supports it. It was my fault to not import them earlier. | |||||
2010-06-30 | s4:dsdb: move dsdb python tests from lib/ldb/ to dsdb/ | Stefan Metzmacher | 8 | -0/+7680 | |
metze | |||||
2010-06-30 | s4:schema/schema_set.c - free LDB message diffs | Anatoliy Atanasov | 1 | -0/+2 | |
Especially the "free"s after "ldb_msg_diff" are very important since the diff message is allocated on the long-living LDB context. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> | |||||
2010-06-30 | s4:dsdb Fix possible schema segfaults for DRS-replication based schema | Andrew Bartlett | 1 | -17/+13 | |
The problem here is that if the schema has been modified on the source domain, there may be attributes that appear over DRS with 0 values (to indicate that any existing values on the target should be deleted). This would confuse the previous version of this macro. Andrew Bartlett | |||||
2010-06-29 | s4:dsdb/new_partition.c - remove the "ldb_next_request" call which we find ↵ | Matthias Dieter Wallnöfer | 1 | -3/+1 | |
also below the "if" block | |||||
2010-06-29 | Revert "s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP ↵ | Matthias Dieter Wallnöfer | 1 | -8/+6 | |
backend." This reverts commit ed4c107bc1eac8531fdd8d09f7698efcbc7ecb14. See post "Endi's Bug 7530 patches (LDAP backend)" on samba-technical. | |||||
2010-06-29 | Fixed incorrect use of cn instead of lDAPDisplayName | Nadezhda Ivanova | 1 | -2/+2 | |
2010-06-29 | s4:provision Add an msDS-SupportedEncryptionTypes entry to our DC | Andrew Bartlett | 1 | -1/+16 | |
This ensures that our DC will use all the available encyption types. (The KDC reads this entry to determine what the server supports) Andrew Bartlett | |||||
2010-06-29 | s4/repl_meta_data: remove duplicated (and commented out) log | Kamen Mazdrashki | 1 | -6/+0 | |
2010-06-28 | s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP backend. | Endi S. Dewata | 1 | -6/+8 | |
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> | |||||
2010-06-28 | s4:repl_meta_data LDB module - fix counter type | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-28 | s4:acl LDB module - fix counter type | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-06-28 | Implementation of self membership validated right. | Nadezhda Ivanova | 2 | -1/+131 | |
When this right is granted, the user can add or remove themselves from a group even if they dont have write property right. | |||||
2010-06-28 | s4/drs: re-implement 'renaming' object replication | Kamen Mazdrashki | 1 | -18/+53 | |
We should rename objects only after we make sure, that changes on the partner DC are newer than what we have. This fixes a bug, when we have following situation with 2 DCs: - we have an object O on the two DCs - we rename (delete) object O on DC1 - DC1 replicates from DC2 In the above scenario, object O will be renamed back to its original name (i.e. it will be restored). Now, we check that DC2 state is older than what we have, so nothing happens with object's DN. | |||||
2010-06-26 | s4:dsdb/ridalloc: add comment about windows behavior regarding rIDUsedPool | Stefan Metzmacher | 1 | -1/+6 | |
metze | |||||
2010-06-25 | s4/drs: DsReplicaSync should search partition to Sync | Kamen Mazdrashki | 2 | -6/+38 | |
by any valid DSName attribute given, be it - partition DN, partition GUID or partition SID | |||||
2010-06-24 | s4-python: python is not always in /usr/bin | Andrew Tridgell | 2 | -2/+2 | |
Using "#!/usr/bin/env python" is more portable. It still isn't ideal though, as we should really use the python path found at configure time. We do that in many places already, but some don't. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-23 | libds:common Remove DS_DC_* domain functionality flags | Andrew Bartlett | 1 | -10/+0 | |
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set. Andrew Bartlett | |||||
2010-06-23 | s4:operational LDB module - fix a misleading comment | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-06-22 | s4:password_hash LDB module - fix another problem regarding the lanman hash | Matthias Dieter Wallnöfer | 1 | -13/+16 | |
When a user only provides only the lanman hash (and nothing else) and the lanman authentication is deactivated then we end in an account with no password attribute at all! Lock this down. | |||||
2010-06-21 | s4:dsdb_load_partition_usn - free the right memory context (tmp_ctx) | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-06-21 | s4/dsdb: msg_idx->dn should be allocated in msg_idx mem context | Kamen Mazdrashki | 1 | -1/+1 | |