summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2010-11-06s4:ldap.py - enhance the "distinguishedName" testsMatthias Dieter Wallnöfer1-0/+24
The "dn" shortcut isn't supported by AD.
2010-11-06s4:update_keytab LDB module - we don't need to search for the ↵Matthias Dieter Wallnöfer1-2/+2
"distinguishedName" attribute Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 6 20:08:28 UTC 2010 on sn-devel-104
2010-11-06s4:operational LDB module - "canonicalName" doesn't make use of the ↵Matthias Dieter Wallnöfer1-2/+2
"distinguishedName" attribute It uses the DN from the returned message
2010-11-05s4-pydsdb: added DsReplicaAttribute()Andrew Tridgell2-1/+75
this allows us to form a DsReplicaAttribute structure from python
2010-11-05s4:password_hash LDB module - fix indentationMatthias Dieter Wallnöfer1-10/+10
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Nov 5 12:31:28 UTC 2010 on sn-devel-104
2010-11-05s4:dsdb/drepl_notify: reuse dreplsrv_notify_operation structuresStefan Metzmacher1-0/+22
Otherwise we'll requeue the same notify events on and on. (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies $8 = {prev = 0xe4cb30, next = 0x1a25440, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next $9 = {prev = 0x80e000, next = 0x1b7bf70, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next $10 = {prev = 0x1a25440, next = 0x1d0c310, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next $11 = {prev = 0x1b7bf70, next = 0x1ba1420, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next $12 = {prev = 0x1d0c310, next = 0x1c43510, service = 0x1b52190, uSN = 123589, source_dsa = 0x1a2d930, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next $13 = {prev = 0x1ba1420, next = 0xed97b0, service = 0x1b52190, uSN = 1587, source_dsa = 0x13d3210, is_urgent = false, replica_flags = 29} (gdb) p *((struct dreplsrv_service *) 0x1b52190)->ops.notifies->next->next->next->next->next->next $14 = {prev = 0x1c43510, next = 0xe4ce80, service = 0x1b52190, uSN = 123905, source_dsa = 0x164c100, is_urgent = false, replica_flags = 29} We can reuse this operations, while they're not yet started. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Nov 5 07:15:04 UTC 2010 on sn-devel-104
2010-11-04s4:ldap.py/passwords.py - just use objectclass "user" for usersMatthias Dieter Wallnöfer2-7/+7
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Nov 4 21:09:00 UTC 2010 on sn-devel-104
2010-11-04s4:dsdb/objectclass_attrs: not all objects have delete protected attributes ↵Stefan Metzmacher1-0/+14
as must contain Before we got the following error, while starting samba after a 'samba-tool vampire': Failed to store repsFrom - objectclass_attrs: delete protected attribute 'objectSid' on entry 'DC=ForestDnsZones,DC=alpha,DC=sz,DC=salzgitter-ag,DC=lab' missing! metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Nov 4 17:01:59 UTC 2010 on sn-devel-104
2010-11-04s4:dsdb/samdb: optimize samldb_prim_group_change()Stefan Metzmacher1-60/+60
We should only do searches when we have to. metze
2010-11-04s4:dsdb/common: fix memory leak in samdb_ntds_settings_dn()Stefan Metzmacher1-1/+1
fetch and set should use the same name! metze
2010-11-04s4:dsdb/kcc: fix memory leak in kcctpl_copy_output_edges()Stefan Metzmacher1-0/+1
metze
2010-11-04s4-dsdb Fix urgent_replication test not to set an invalid userAccountControlAndrew Bartlett1-2/+3
A userAccountControl value of 0 or 1 is invalid, you must include one of the account types. Andrew Bartlett
2010-11-04urgent_replication: Fix syntax error.Jelmer Vernooij1-1/+1
2010-11-04s4-dsdb: use LDB_FLAG_MOD_REPLACE for isDeletedAndrew Tridgell1-1/+1
isDeleted could have been set to FALSE previously Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Nov 4 10:18:10 UTC 2010 on sn-devel-104
2010-11-04s4-dsdb: use LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK in dsdbAndrew Tridgell2-2/+8
when we are creating linked attributes with multiple values (some deleted), use LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK to disable that checking.
2010-11-04Move the checking of single valued attributes back into the tdb backend.Andrew Tridgell1-12/+0
The backend is the only place that can do this properly. It makes no sense to do it anywhere else. As a result of it moving out of the backend we ended up with some bugs causing multiple values in single valued attributes (eg. isDeleted), which can really damage the inregrity of the database. For the override of single valued values needed for deleted linked attributes we should use attribute flags. This reverts commit 1949864417f3d10fb8996df7db259649eb777271.
2010-11-03urgent_replication: Fix formattingJelmer Vernooij1-33/+33
2010-11-03possibleinferiors: Report subunit.Jelmer Vernooij1-4/+8
2010-11-03possibleinferiors: Fix formatting.Jelmer Vernooij1-15/+14
2010-11-03s4:dsdb/samldb: avoid nested unindexed searches in samldb_member_check()Stefan Metzmacher1-14/+31
With 20000 objects in the database it's no fun to add members... metze
2010-11-03s4:dsdb/tests/python/sam.py: test with member: <SID=...>Stefan Metzmacher1-0/+16
metze
2010-11-03s4:descriptor LDB module - a bit cleanupMatthias Dieter Wallnöfer1-13/+34
- add more OOM checks where needed - remove message of an error which cannot happen anymore (since now the structural objectclass is always checked by the objectclass LDB module) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 3 18:30:52 UTC 2010 on sn-devel-104
2010-11-03s4:sam.py - assign valid values when performing the special-attributes ↵Matthias Dieter Wallnöfer1-3/+3
constraint checks The problem is that s4 per construction does the checks in a different order. It first checks for validity (pre-operation trigger in samldb LDB module) and then for the schema (post-operation trigger in objectclass_attrs LDB module). constraints (post-operation trigger
2010-11-03s4:samldb LDB module - improve the "get_single_valued_attr" call and move it ↵Matthias Dieter Wallnöfer2-84/+36
into "ldb_modules/util.c" It will be used by other LDB modules as well.
2010-11-03s4:objectclass_attrs LDB module - introduce the hardcoded delete-protected ↵Matthias Dieter Wallnöfer1-1/+19
attributes list This is a hardcoded list in AD of attributes, which can never be deleted.
2010-11-03pydsdb: Import testtools before subunit for those that don't haveJelmer Vernooij9-32/+19
testtools installed. Also, cleanup some imports. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Wed Nov 3 17:47:55 UTC 2010 on sn-devel-104
2010-11-03s4:objectclass LDB module - the structural objectclass has always to be ↵Matthias Dieter Wallnöfer2-0/+25
specified Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 3 16:20:55 UTC 2010 on sn-devel-104
2010-11-03s4:objectclass_attrs LDB module - refactor the "dSHeuristics" checkerMatthias Dieter Wallnöfer1-12/+9
The checks are done when there are more than 0 values. The other checks should be performed by the other parts of the module.
2010-11-03s4:objectclass_attrs LDB module - simplify the invoke of the "dSHeuristics" ↵Matthias Dieter Wallnöfer1-3/+4
checker It's always invoked on add and modify operations.
2010-11-03s4-tests: Tests for the dSHeuristics attribute value restrictionsNadezhda Ivanova1-0/+41
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Wed Nov 3 13:58:42 UTC 2010 on sn-devel-104
2010-11-03s4-dsdb: Implemented value restrictions for the dSHeuristics attributeNadezhda Ivanova1-1/+27
2010-11-03s4:objectguid LDB module - remove "objectguid_find_attribute"Matthias Dieter Wallnöfer1-17/+1
It's exactly the same as "ldb_msg_find_element". In addition remove a comment which points out a "fixme" for a semi-async call since we started to permit them again. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 3 09:29:46 UTC 2010 on sn-devel-104
2010-11-03s4-dsdb: removed the use of ldb_private.h from s4Andrew Tridgell9-121/+55
this will allow s4 to use a system version of ldb
2010-11-01s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothingMatthias Dieter Wallnöfer2-2/+29
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 1 14:36:24 UTC 2010 on sn-devel-104
2010-11-01s4:sam.py - additional testing for "servicePrincipalName" updatesMatthias Dieter Wallnöfer1-12/+207
2010-11-01s4:samldb LDB module - support now the full "servicePrincipalName" update ↵Matthias Dieter Wallnöfer1-30/+96
trigger With "dNSHostName" and/or "sAMAccountName" updates
2010-11-01s4:samldb LDB module - "sAMAccountName" checkerMatthias Dieter Wallnöfer1-2/+2
We need a "talloc_steal" for the retrieved "sAMAccountName" since the memory is afterwards freed using the "talloc_free" call.
2010-11-01s4-ldb: enable version checking in dsdb ldb modulesAndrew Tridgell39-2/+42
2010-11-01s4:ldap.py/sam.py - simplify the objectclass specificationsMatthias Dieter Wallnöfer2-39/+39
- For user accounts we only need to specify "user" ("person" is an inherited objectclass) - Don't use the brackets when we have only one objectclass specified
2010-11-01s4:sam.py - test "objectSid" modification lockdownMatthias Dieter Wallnöfer1-0/+28
2010-11-01s4:samldb LDB module - unify objectSid assignment error messagesMatthias Dieter Wallnöfer1-3/+2
2010-11-01s4:samldb LDB module - deny "objectSid" modificationsMatthias Dieter Wallnöfer1-0/+7
The same as with Windows
2010-11-01s4-dsdb: convert the rest of the ldb modules to the new module typeAndrew Tridgell40-77/+298
2010-11-01s4-dsdb: convert the simple_ldap_map module to the new module styleAndrew Tridgell2-9/+26
2010-11-01s4-dsdb: convert the extended_dn_out module to the new ldb module styleAndrew Tridgell2-10/+31
2010-11-01s4-dsdb_schema: Use DRSUAPI_ATTID_INVALID instead of 0xFFFFFFFF magic valueKamen Mazdrashki2-28/+28
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Mon Nov 1 00:36:20 UTC 2010 on sn-devel-104
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki5-63/+63
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-31s4:sam.py - test the "sAMAccountName" attributeMatthias Dieter Wallnöfer1-0/+59
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 31 21:02:48 UTC 2010 on sn-devel-104
2010-10-31s4:samldb LDB module - validate "sAMAccountName" modificationsMatthias Dieter Wallnöfer1-0/+74
Also the "sAMAccountName" attribute is protected against corruption (e.g. two accounts with the same name).
2010-10-31s4:dsdb/dns/dns_update.c - increase the timeout for the SPN and DNS update ↵Matthias Dieter Wallnöfer1-2/+2
scripts Sometimes it can take longer than 10 sec.