Age | Commit message (Collapse) | Author | Files | Lines |
|
Commit 51baa8deec00244cc0a6e3d29c53932427800610 included a
copy-and-paste bug which caused all MMC mangement utilities to break.
Because of the typo Samba4 would no longer include the magic 'you may
write to these attributes/create these classes' attributes, these
tools would display all fields greyed out or 'read only', and not
allow the creation of child objects.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Also, use the constants more in the "ldif_handlers" module.
|
|
This commit applies some cosmetic corrections for the DSDB (Directory Server Database).
|
|
|
|
|
|
This guesses the type by running each of the possible options.
Andrew Bartlett
|
|
|
|
This is not permitted in the AD aggregate schema, and more trouble
than it is worth in the OpenLDAP schema due to escaping issues.
Andrew Bartlett
|
|
A dITConentRules attribute (unlike objectClasses) must not contain a
'SUP'.
The ADSI layer in Windows would download the whole schema, and
validate it. Thanks to the team at Microsoft for very long debugging
session to find this.
Andrew Bartlett
|
|
|
|
- when multiple partitions are searched, consider the search a
success if any of the partitions return success
- only search the right subset of partitions, looking at the scope
and basedn of the search
This fixes several errors with GC searches
|
|
direct comparison instead of a sub-tree comparison in another
this fixes basedn searches on the global catalog port
|
|
need to call ldb_module_done in the main module functions, we can directly
return an error. ldb_module_done() is for callbacks
|
|
metze
|
|
metze
|
|
metze
|
|
attribute is missing
Windows 2003 has a broken schema where the definition of msDS-IsDomainFor
is missing (which is supposed to be the backlink of the msDS-HasDomainNCs
attribute.
Our schema is extracted from windows 2003, so we have the problem.
As the NET-API-BECOME-DC test triggers this bug, windows 2003
seems to just skip creating a backlink.
metze
|
|
metze
|
|
as basedn
We resolve them into the real basedn before do the real search.
metze
|
|
|
|
This removes the event_context leak that caused
NT_STATUS_TOO_MANY_OPENED_FILES in the server,
because of all the epool fds
metze
|
|
|
|
|
|
We need to make sure replicated updates are handled differently
in some situations, e.g. we should bypass the schema checks.
metze
|
|
|
|
This commit applies some cosmetic corrections for the DSDB (Directory Server Database).
|
|
|
|
|
|
This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091.
Conflicts:
source4/smbd/server.c
|
|
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
This reverts commit 0e9008be35a5b334bd65e6417193d4b8f27bdc36.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
supporting a schema
(This used to be commit 53b57300c799a079b4d64815243fe6120e0a9fa2)
|
|
This also tries to simplify the logic in the schema -> @ATTRIBUTES and
@INDEXES code.
Andrew Bartlett
(This used to be commit a383b8bf88a5681f9c9c6839ba645c872a735051)
|
|
I think it is just too complex and error prone to init and cancel
transactions during the module init code. Instead, this isn't prone
to races as it will always achieve a steady state (eventually), and
most cases will never do the write.
Andrew Bartlett
(This used to be commit d60977cc7f89f89f34187f310c91d1ab7db6ccf2)
|
|
I'm not sure if this fixes bug #5713, as this is not consistantly
reproducably on my equipment.
Andrew Bartlett
(This used to be commit 02d6645efc84179efd652dd29ab32f62ae310147)
|
|
(It instead ensured that only 'top' had a SUP keyword)
This clearly shows that 937b466266256d26d02cf8d48e72a26272fe8627 was
not a full or correct fix, but despite this I can no longer reproduce
the issue. Further investigation is required.
Andrew Bartlett
(This used to be commit 95a9e9b6b84866cd300b1d19915627c6718b4dde)
|
|
This bug is entitled 'Schema patch breaks interoperability with
Microsoft MMC consoles.', and it does so very spectacularly.
The issue is that we would include an entry:
objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT..
The MMC Active Directory Users and Computers snap in presumably
objected to the 'loop' this would present. The fixed entry is:
objectClasses: ( 2.5.6.0 NAME 'top' ABSTRACT
Thanks to Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> for his
persistance in getting me to look at this.
Andrew Bartlett
(This used to be commit 937b466266256d26d02cf8d48e72a26272fe8627)
|
|
(This used to be commit 36f727c4a73ffc8634692b0c5645343cb414de93)
|
|
The MS-ADTS document has quite detailed instrucitons on how these
flags should be processed. This change also causes the correct
sign-wrapping to occour, as these are declared as signed integers.
Andrew Bartlett
(This used to be commit 5c3d237a6d721dc75166bdc5ac0c6e76a4495bf7)
|
|
This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.
Andrew Bartlett
(This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
|