| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
_dsdb_syntax_OID_oid_drsuapi_to_ldb() fails
I haven't found a way to test this function during replication so far,
but when I do, it will be useful to notice this error in the log file
|
|
Without this check, receiving empty replica leads to a situation
where we left with a working_schema attached to the ldb.
The problem here is that working_schema is not fully functional
schema cache and keeping it attached to the ldb may lead
to modules failing to accomplish their jobs
|
|
|
|
remote-ATTID to local one
We may have no prefix for the remote ATTID (remote OID strictly speaking)
So this is the place for us to update our local prefixMap
adding a prefix for the numeric OID we've recived
|
|
|
|
while committing objects
working_schema is to be used while committing a Schema replica.
When we replicate Schema, then we most probably won't be
able to convert all replicated objects using the current
Schema cache (as we don't know anything about those new objects).
Thus, during Schema replication, we make a temporary
working_schema that contains both our current Schema +
all objects we get on the wire.
When we commit those new objects, we should use our working_schema
(by setting it to the ldb), and after all changes are commited,
we can refresh the schema cache so we have a brand new,
full-featured Schema cache
|
|
in dsdb_attribute_drsuapi_to_ldb() function.
drsuapi_DsReplicaAttribute *in parameter come from remote DC
so we can't rely on in->attid to map it directly to an
dsdb_attribute in our local schema cache
|
|
Without this change, when a schema is set to ldb, the
effect is that dsdb_get_schema() returns global_schema
preferably.
Thus we end up with two schemas in effect:
- global one, which is the old one and it is still used everywhere
- new one, which is just cached in ldb, but can't be used, as
there is no way to access it
|
|
used
Make it much harder to import bad data into the password attributes.
This isn't 100% safe, but much better than no checks.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Dec 13 16:17:36 CET 2010 on sn-devel-104
|
|
metze
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Dec 12 23:40:17 CET 2010 on sn-devel-104
|
|
"ldb_private.h" is private and therefore might not always be available.
|
|
Py_RETURN_NONE
This was only thought for Python 2.3 which we generally no longer support (only
pyldb in the LDB library is an exception).
|
|
- Remove memory contexts when not really useful (if only one allocation)
- Try to find out OOM conditions and return correct error codes
- Move the parameter parsing always to the beginning (to prevent
unneeded allocations in case of errors)
|
|
This is consistent with the test names used by selftest, should
make the names less confusing and easier to integrate with other tools.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
|
|
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Fri Dec 10 11:03:28 CET 2010 on sn-devel-104
|
|
|
|
one using this result message.
No need to reference as no one further up the stack uses the result, it is the result of a secondary request sent by aclread.
As a result from code review by Kamen Mazdrashki and Anatoliy Atanasov
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec 8 15:01:51 CET 2010 on sn-devel-104
|
|
this is only set when rpath is used on install. It ensures that
applications that link against Samba libraries get the rpath right
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec 8 12:46:00 CET 2010 on sn-devel-104
|
|
Instead of using ldb_msg_remove_attr, now we are flagging the attributes to be removed,
and allocating the new elements array to be returned at once. This seems to decrease the
overhead by 50 percent.
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec 8 12:00:27 CET 2010 on sn-devel-104
|
|
|
|
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Mon Dec 6 16:48:35 CET 2010 on sn-devel-104
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Dec 6 15:11:44 CET 2010 on sn-devel-104
|
|
Modified the aclread module to now insert the attributes needed to perform access checks in the same request,
instead of doind a separate search per entry. Also, instanceType is now used to determine id the object has a parent
instead of parentGUID, which saves one additional search in operational.
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Mon Dec 6 13:50:19 CET 2010 on sn-devel-104
|
|
The aclread needs to be belod descriptor, as it needs to have the full nTsecurityDescriptor to make the
checks, and the descriptor module may filter out parts of it if SD_FLAGS_CONTROL is provided.
|
|
|
|
Schema cache
Same error message is printed by linked_attributes.c module
and it was really hard to tell where the error occurred
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Mon Dec 6 00:05:59 CET 2010 on sn-devel-104
|
|
We have exact same error messages at different locations
and it is little bit hard to tell where the error came from
from the log.
|
|
|
|
If *schema is NULL, then dsdb_schema_from_ldb_results()
call should have failed
|
|
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Dec 4 17:26:39 CET 2010 on sn-devel-104
|
|
|
|
SAM members
For example contacts.
|
|
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Thu Dec 2 18:47:59 CET 2010 on sn-devel-104
|
|
|
|
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Dec 2 12:35:03 CET 2010 on sn-devel-104
|
|
This seems to have been broken some time ago - till someone on the
mailing list noticed it.
I've also added a testsuite (and some additional SamDB python helpers) which
should prove this.
|
|
return NULL
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Dec 1 17:14:01 CET 2010 on sn-devel-104
|
|
better memory context
"msg->elements" fits better than "msg".
|
|
|
|
"el->values" could under some circumstances be NULL (see "if" above).
|
|
|
|
|
|
Schema is changed and it is quite possible we won't be able
to decode replicated objects using current Schema cache we have.
Thus, when replicating Schema, we will make a temporary Schema
cache, working_schema, so that we can fully decode objects
we recieve.
|
|
It is heavily based on implementation in libnet_vampire_cb_apply_schema()
function, except that it actually creates a new copy of the supplied
initial_schema + resolving all incoming objects and add them to
supplied initial_schema.
We are going to need this 'working_schema' later so we are able
to fully resolve all objects we receive on wire during DRS replication.
Working schema created is to be used only as an index to search in.
It is not supposed to be set to an ldb_context as it doesn't
contain all information for classSchema and attributeSchema objects.
|
|
|
|
|
|
This allows us to use schema that is different than the one
set to 'ldb' to decode objects.
|
