summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Expand)AuthorFilesLines
2013-01-21dsdb: Explain ordering constraints on the ACL module as well.Andrew Bartlett1-2/+2
2013-01-21dsdb: Ensure "authenticated users" is processed for group membershipsAndrew Bartlett2-31/+25
2013-01-21libcli/security: handle node initialisation in one spot in insert_in_object_t...Andrew Bartlett2-11/+10
2013-01-21dsdb-acl: the SEC_ADS_DELETE_CHILD checks need objectclass->schemaIDGUIDStefan Metzmacher1-2/+7
2013-01-21dsdb-acl: make use of acl_check_access_on_objectclass() for the object in acl...Stefan Metzmacher1-6/+50
2013-01-21dsdb-acl: make use of acl_check_access_on_{attribute,objectclass} in acl_rena...Stefan Metzmacher1-47/+43
2013-01-21dsdb-acl: make use of acl_check_access_on_attribute() in acl_modify()Stefan Metzmacher1-44/+16
2013-01-21dsdb-acl: remove unused acl_check_access_on_class()Stefan Metzmacher1-46/+0
2013-01-21dsdb-acl: use acl_check_access_on_objectclass() instead of acl_check_access_o...Stefan Metzmacher1-8/+13
2013-01-21dsdb-acl: Use the structural objectClass in acl_check_access_on_attribute()Andrew Bartlett1-16/+16
2013-01-21dsdb-acl: Pass the structural objectClass into acl_check_access_on_attributeAndrew Bartlett3-20/+57
2013-01-21dsdb-acl: Remove unused get_oc_guid_from_message()Andrew Bartlett1-19/+0
2013-01-21dsdb-acl: ask for the objectClass attribute if it's not in the scope of the c...Andrew Bartlett1-1/+16
2013-01-21dsdb-acl: use dsdb_get_structural_oc_from_msg() rather than class_schemaid_gu...Andrew Bartlett1-8/+7
2013-01-21dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename()Andrew Bartlett1-12/+14
2013-01-21dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_modify()Andrew Bartlett1-8/+10
2013-01-21dsdb-acl: add acl_check_access_on_objectclass() helperStefan Metzmacher1-0/+39
2013-01-21dsdb-acl: Add helper function dsdb_get_structural_oc_from_msg()Andrew Bartlett1-0/+13
2013-01-21dsdb-acl: attr is not optional to acl_check_access_on_attribute()Stefan Metzmacher1-25/+24
2013-01-21dsdb-acl: dsdb_attribute_by_lDAPDisplayName() is needed for all attributesStefan Metzmacher1-16/+18
2013-01-21dsdb-acl: introduce a 'el' helper variable to acl_modify()Stefan Metzmacher1-12/+11
2013-01-21dsdb-acl: introduce a 'msg' helper variable to acl_modify()Stefan Metzmacher1-20/+20
2013-01-21dsdb-schema: make sure we build [system]PossibleInferiors completelyStefan Metzmacher1-0/+4
2013-01-21dsdb-schema: make sure use clean caches in schema_inferiors.cStefan Metzmacher2-28/+32
2013-01-21dsdb-schema: make schema_subclasses_order_recurse() staticStefan Metzmacher1-3/+3
2013-01-21Tests: rewrite ldap_schema to specify attributesMatthieu Patou1-15/+24
2013-01-17dsdb-operational: Avoid doing the ldb_attr_cmp if bypass flag is not setMatthieu Patou1-1/+1
2013-01-17dsdb: Do not hold the transaction over the IRPC call to perform a role transferAndrew Bartlett1-1/+26
2013-01-17drs-fsmo: Improve handling of FSMO role takeover.Andrew Bartlett2-4/+12
2013-01-17dsdb-acl: calculate sDRightsEffective based on "nTSecurityDescriptor"Stefan Metzmacher1-3/+11
2013-01-17dsdb-acl: add helper variable 'ldb' in acl_sDRightsEffectiveStefan Metzmacher1-1/+2
2013-01-17dsdb-acl: fix the order of special and system checksStefan Metzmacher1-22/+61
2013-01-17dsdb-acl: Do not apply ACL on special DNs to hide attributes that the user sh...Matthieu Patou1-0/+4
2013-01-17dsdb-acl: talloc_free the private context when we pass to the next moduleStefan Metzmacher1-0/+1
2013-01-17dsdb-acl: don't call dsdb_user_password_support() if we don't use the resultStefan Metzmacher1-2/+8
2013-01-15dsdb: Add test for modification of two attributes, one permitted, one denied ...Andrew Bartlett1-0/+15
2013-01-15dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #...Andrew Bartlett1-28/+27
2013-01-12dsdb: Make linked_attributes module GUID based for renamesAndrew Bartlett1-13/+64
2013-01-10dsdb-acl: give error string if we can not obtain the schemaAndrew Bartlett1-2/+3
2013-01-01s4:dsdb/drepl: update the source_dsa_obj/invocation_id in repsFromStefan Metzmacher1-0/+4
2013-01-01s4:dsdb/common: use 01.01.1970 as last_sync_success for our entry in the upto...Stefan Metzmacher1-3/+4
2013-01-01s4:dsdb/common: use LDB_SEQ_HIGHEST_SEQ for our entry in the uptodatevectorStefan Metzmacher1-2/+2
2013-01-01s4:dsdb/repl_meta_data: don't merge highwatermark and uptodatevector (bug #9508)Stefan Metzmacher1-38/+1
2013-01-01s4:dsdb/repl_meta_data: also update the last_sync_success in replUpToDateVectorStefan Metzmacher1-5/+1
2013-01-01s4:dsdb/repl_meta_data: store the last results and timestamps in the repsFromStefan Metzmacher1-0/+3
2013-01-01s4:dsdb/repl_meta_data: always treat the highwatermark as opaque (bug #9508)Stefan Metzmacher1-1/+0
2012-12-21s4-dsdb: Make it clear that we want to fall trough here.Andreas Schneider1-0/+1
2012-12-11s4:dsdb/password_hash: do the min password age checks firstMichael Adam1-11/+13
2012-12-11s4:dsdb/common: only pass the DSDB_CONTROL_PASSWORD_HASH_VALUES_OID if requiredStefan Metzmacher1-7/+11
2012-12-11s4:dsdb/password_hash: Honor password complexity settings.Stefan Metzmacher1-5/+0