Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-10 | s4:dsdb/common/util.c - use LDB constants whenever possible | Matthias Dieter Wallnöfer | 1 | -8/+8 | |
2010-08-07 | s4:kcc_connection.c - fix typo in error message | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-08-07 | s4:ldap.py - comment a test part which fails with another error code on Windows | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
2010-08-07 | s4:ldap.py - test the new "systemFlags" constraint | Matthias Dieter Wallnöfer | 1 | -1/+11 | |
2010-08-07 | s4:objectclass LDB module - "add operation" - enhance and clean the ↵ | Matthias Dieter Wallnöfer | 1 | -8/+20 | |
"systemFlags" section Also here we have to test for single-valueness. | |||||
2010-08-07 | s4:ldap.py - test for an invalid "objectCategory" attribute | Matthias Dieter Wallnöfer | 1 | -0/+10 | |
2010-08-07 | s4:objectclass LDB module - "add operation" - implement "objectCategory" ↵ | Matthias Dieter Wallnöfer | 1 | -5/+34 | |
validation | |||||
2010-08-07 | s4:ldap.py - proof for the impossibility to add a LSA-specific object over LDAP | Matthias Dieter Wallnöfer | 1 | -0/+11 | |
2010-08-07 | s4:urgent_replication.py - relax also here the add of a secrets object | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-08-07 | s4:dsdb/common/util.c - add a function "dsdb_add" | Matthias Dieter Wallnöfer | 1 | -0/+30 | |
2010-08-07 | s4:objectclass LDB module - "add operation" - reject creation of LSA ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
specific objects (only using the RELAX flag allowed) | |||||
2010-08-07 | s4:objectclass LDB module - "add operation" - move two checks | Matthias Dieter Wallnöfer | 1 | -17/+12 | |
To be more consistent with the MS-ADTS doc. | |||||
2010-08-07 | s4:objectclass LDB module - "add operation" - deny multiple "objectclass" ↵ | Matthias Dieter Wallnöfer | 1 | -5/+14 | |
message elements Requested by MS-ADTS 3.1.1.5.2.2 | |||||
2010-08-07 | s4:objectclass LDB module - "add" operation - free "mem_ctx" as soon as possible | Matthias Dieter Wallnöfer | 1 | -4/+2 | |
We don't need to have it around until the end of the function. | |||||
2010-08-04 | s4:LDB modules - remove the "kludge_acl" module code | Matthias Dieter Wallnöfer | 1 | -516/+0 | |
Obviously this has been forgotten by Nadya. | |||||
2010-08-04 | s4-dsdb: Removed kludge_acl as it is no longer necessary | Nadezhda Ivanova | 5 | -23/+47 | |
Moved the access check on extended operations to acl module and removed kludge_acl | |||||
2010-08-03 | s4-schema: More verbose error log when subClassOf is not found in schema | Kamen Mazdrashki | 1 | -1/+3 | |
Error message show failing classSchema object but not the specific value for the failure, which makes diagnostics by log files really hard. | |||||
2010-08-03 | s4: fix comment typos | Kamen Mazdrashki | 1 | -3/+3 | |
2010-08-01 | s4:ldap.py - remove superflous spaces | Matthias Dieter Wallnöfer | 1 | -2/+0 | |
Sorry, forgot to delete them in the last commit | |||||
2010-08-01 | s4:ldap.py - additional "instanceType" checks | Matthias Dieter Wallnöfer | 1 | -0/+23 | |
2010-08-01 | s4:instancetype LDB module - add checks requested by MS-ADTS 3.1.1.5.2.2 | Matthias Dieter Wallnöfer | 1 | -6/+20 | |
We've to test for the WRITE flag if we are performing an NC add. And if it isn't an NC add then only the WRITE or no flag is allowed. | |||||
2010-08-01 | s4:objectclass LDB module - consider the "instanceType" when adding NCs | Matthias Dieter Wallnöfer | 1 | -10/+18 | |
This is requested by MS-ADTS 3.1.1.5.2.2 (NC add operation). | |||||
2010-08-01 | s4:descriptor LDB module - remove the "forest DN" check | Matthias Dieter Wallnöfer | 1 | -4/+3 | |
Also here we have to work with the default base DN. After some reading I've discovered that this isn't really true. The forest partition does exist on one or more DCs and is there the same as the default base DN (which is already checked by the module). And if we have other DCs which contain child domains then they never contain data of the forest domain beside the schema and the configuration partition (which are checked anyway) since a DC can always contain only one domain! Link: http://www.informit.com/articles/article.aspx?p=26896&seqNum=5 | |||||
2010-08-01 | s4:acl LDB module - remove the "forest DN" check | Matthias Dieter Wallnöfer | 1 | -6/+3 | |
After some reading I've discovered that this isn't really true. The forest partition does exist on one or more DCs and is there the same as the default base DN (which is already checked by the module). And if we have other DCs which contain child domains then they never contain data of the forest domain beside the schema and the configuration partition (which are checked anyway) since a DC can always contain only one domain! Link: http://www.informit.com/articles/article.aspx?p=26896&seqNum=5 | |||||
2010-08-01 | s4:acl LDB module - remove unused call "is_root_base_dn" | Matthias Dieter Wallnöfer | 1 | -8/+0 | |
2010-08-01 | s4:urgent_replication.py test - adapt the test for the harder delete ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
restrictions Otherwise we are not able to delete the "test crossRef" object which points to the default NC anymore. | |||||
2010-08-01 | s4:ldap.py - perform tests on the additional delete constraint checks | Matthias Dieter Wallnöfer | 1 | -4/+38 | |
2010-08-01 | s4:objectclass LDB module - implement additional delete constraint checks | Matthias Dieter Wallnöfer | 1 | -3/+47 | |
MS-ADTS 3.1.1.5.5.3 | |||||
2010-08-01 | s4:ldap.py - add a test for "CN=System" object rename behaviour | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
2010-08-01 | s4:subtree_rename LDB module - rename "check_system_flags" into ↵ | Matthias Dieter Wallnöfer | 1 | -9/+43 | |
"check_constraints" and perform more checks Always considering MS-ADTS 3.1.1.5.4.1.2. | |||||
2010-08-01 | s4:subtree_rename LDB module - introduce out of memory checks | Matthias Dieter Wallnöfer | 1 | -0/+4 | |
2010-08-01 | s4:dsdb/samdb/ldb_modules/util.c - remove unused variables | Matthias Dieter Wallnöfer | 1 | -2/+0 | |
2010-08-01 | s4:ldap.py - performs some "systemFlags" testing | Matthias Dieter Wallnöfer | 1 | -0/+56 | |
2010-08-01 | s4:subtree_rename LDB module - introduce the "systemFlags" protection rules | Matthias Dieter Wallnöfer | 1 | -2/+122 | |
This is done in a dedicated call "check_system_flags". | |||||
2010-07-31 | s4:dsdb/pydsdb.c - import "systemFlags" into Python | Matthias Dieter Wallnöfer | 1 | -0/+26 | |
Needed by ldap.py tests | |||||
2010-07-31 | s4:subtree_rename LDB module - "subren_ctx_init" - fix the "out of memory" ↵ | Matthias Dieter Wallnöfer | 1 | -3/+2 | |
return | |||||
2010-07-19 | s4-dsdb: use ldb_msg_normalize() in source4/dsdb/schema/schema_set.c | Kamen Mazdrashki | 1 | -5/+4 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-19 | s4-dsdb/schema/schema_set.c: fix trailing spaces and comments spelling | Kamen Mazdrashki | 1 | -30/+38 | |
Few comments split on several lines also... (Sorry Metze, I know you hate reviewing "and this, and that" type of patches, but those are just cosmetics) Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-19 | s4-dsdb: use ldb_msg_difference() in source4/dsdb/schema/schema_set.c | Kamen Mazdrashki | 1 | -2/+10 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 18 | -40/+40 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-15 | s4 ldb modules: relax some tests about attributes that should not be here | Matthieu Patou | 1 | -0/+9 | |
For attributes that we know that are harmless and that used to be stored in the ldb we relax the tests on the existance in a given objectclass. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-15 | s4 dsdb: Use the changereplmetadata control | Matthieu Patou | 1 | -61/+144 | |
This control allow to specify the replPropertyMetaData attribute to be specified on modify request. It can be used for very specific needs to tweak the content of the replication data. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-15 | s4 dsdb: create a new control: changereplmetadata | Matthieu Patou | 1 | -0/+6 | |
This control is designed to allow replmetadata to be specified Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-14 | s4: Added acl search tests for anonymous connection. | Nadezhda Ivanova | 1 | -83/+68 | |
The tests make sure that we comply with dsHeuristics setting and restrict anonymous access to rootDSE. They will be enabled when the implementation is pushed. tests are verified against win2k8. | |||||
2010-07-13 | s4: Reorganized dsHeuristics reset so the code can be reused | Nadezhda Ivanova | 1 | -53/+38 | |
Moved the setting of dsHeuristics to a method as soon we will have to set other values as well in different tests | |||||
2010-07-09 | s4:drepl_notify: hide some bugs from the make test output | Stefan Metzmacher | 1 | -1/+12 | |
It's useless to get messages like this every few seconds: dreplsrv_notify: Failed to send DsReplicaSync to edbf4745-2966-49a7-8653-99200f1c9430._msdcs.samba2003.example.com for CN=Configuration,DC=samba2003,DC=example,DC=com - NT_STATUS_OBJECT_NAME_NOT_FOUND : WERR_BADFILE We have a non bug regarding non-linked DN attributes and changes of the target DN. metze | |||||
2010-07-09 | s4:dsdb/repl: expose drsuapi_DsExtendedError to the caller (e.g. the ↵ | Stefan Metzmacher | 4 | -6/+13 | |
ridalloc client) metze | |||||
2010-07-09 | s4:drepl_out_helpers: don't return NT_STATUS_OK, if an extended operation ↵ | Stefan Metzmacher | 1 | -1/+14 | |
doesn't return success metze | |||||
2010-07-09 | s4:drepl_ridalloc: only ask the rid master for a new rid pool if we need to. | Stefan Metzmacher | 1 | -9/+38 | |
if we are at least half-exhausted then ask for a new pool. This fixes a bug where we're sending unintialized alloc_pool variable as exop->fsmo_info to the rid master and get back DRSUAPI_EXOP_ERR_PARAM_ERROR. metze | |||||
2010-07-09 | s4:dsdb:ridalloc: use ridalloc_ridset_values infrastructure in ↵ | Stefan Metzmacher | 1 | -74/+56 | |
ridalloc_allocate_rid_pool_fsmo() metze |