summaryrefslogtreecommitdiff
path: root/source4/dsdb
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r25268: Thanks to Andrew Kroeger for pointing out on IRC that this isAndrew Bartlett1-4/+0
compleatly dead code. Andrew Bartlett (This used to be commit 5838aca79b11fd8a94567a04c1c1a99bc4343547)
2007-10-10r25249: Thanks to Andrew Kroeger for pointing out this silly typo (callingAndrew Bartlett1-1/+1
end_transaction in delete_tranaction would be very much the wrong thing to do) in the update_keytab module. Andrew Bartlett (This used to be commit aad9545ca12bc8a3aeaf5cc870d137d89c34bb39)
2007-10-10r25194: A major rework of the Samba4 LSA LookupNames and LookupSids code, withAndrew Bartlett1-5/+8
a new torture suite to match. This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de> Previously we had no knowlege of BUILTIN or well-known names. This code needs expansion to check with winbind for trusted domains. Andrew Bartlett (This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
2007-10-10r25101: Directly depend on drsblobs - can't rely on having it in via ldb.Jelmer Vernooij1-1/+1
(This used to be commit 6b4a21e1abd35c33d7a57084a86607bfa72ad3b1)
2007-10-10r25035: Fix some more warnings, use service pointer rather than service ↵Jelmer Vernooij3-4/+4
number in more places. (This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij3-0/+3
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r25001: Fix more C++ and other warnings, fix some of the indentation with ↵Jelmer Vernooij1-11/+11
ts=4 lines that I accidently added earlier. (This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
2007-10-10r25000: Fix some more C++ compatibility warnings.Jelmer Vernooij5-16/+16
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
2007-10-10r24986: LDB has a function for comparing things that must meet the rules ofAndrew Bartlett1-1/+1
attribute names. Andrew Bartlett (This used to be commit 46e387580622bd6d5d621399e08c5d5003c91bbf)
2007-10-10r24941: Simplify samdb_result_nttime(), and remove nttime_from_string()Andrew Bartlett1-3/+1
Andrew Bartlett (This used to be commit bcd994a139e2e8fb2e97c8b897c987ff234e0b0a)
2007-10-10r24918: Fix the build (forgot to include dcesrv_lsa.c in the previous commit)Andrew Bartlett1-2/+4
and improve error strings returned from samdb.c Andrew Bartlett (This used to be commit a42d0eb531e663304bea840d614b2f91f95dd818)
2007-10-10r24914: In response to bug #4892 by Matthias Wallnöfer <mwallnoefer@yahoo.de>,Andrew Bartlett3-59/+63
allow the objectclass module to reconstruct the objectclass hierarchy, rather than using templates. The issue being fixed in particular is that 'top' was not being set on containers. This should ensure we do this right for all objects. Andrew Bartlett (This used to be commit d17a0058ba8492b8b3f81b6f10fc34b3e45bb8a6)
2007-10-10r24793: The subtree_rename module is a work of fiction. An resemblance to aAndrew Bartlett1-16/+7
working module, live or dead, is purely co-incidental. Andrew Bartlett (This used to be commit 64cc31642fd2ded149631d07bc022213f19595b8)
2007-10-10r24780: More work allowing libutil to be used by external users.Jelmer Vernooij1-2/+1
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
2007-10-10r24761: Permit subtree renames in Samba4.Andrew Bartlett2-0/+302
The module is scary: On a rename, it does a search for all entries under that entry (including itself), and fires off a seperate rename call for each result. This will fail miserably on an LDAP backend, but I'll need to work on using hdb for OpenLDAP, and hope Fedora DS can implement subtree renames at some point. Andrew Bartlett (This used to be commit 13908a8cb4dd810503213203efb8d51f77f1f379)
2007-10-10r24731: Remove unused code - if we hit these error conditions, then we areAndrew Bartlett9-82/+0
dead anyway, and a segfault would leave us with more infomation. Andrew Bartlett (This used to be commit 62320616ff8795ff18c8f49029d81f12558c10ed)
2007-10-10r24712: No longer expose the 'BOOL' data type in any interfaces.Jelmer Vernooij1-11/+11
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
2007-10-10r24697: Excelent patch and detective work by Matthias WallnöferAndrew Bartlett1-4/+4
<mwallnoefer@yahoo.de> noticing that: > The error was caused by info1 that is'nt talloced but rather static. In fact, no caller supplies info1 as a valid talloc context - other callers supply an element into the array. Andrew Bartlett (This used to be commit c8e6a87867909b092d0451cd619d7eff4cd80dff)
2007-10-10r24696: Fix bug 4918 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>Andrew Bartlett1-37/+40
with a patch from Andrew Kroeger <andrew@sprocks.gotdns.com>. The changes to samldb_fill_foreignSecurityPrincipal_object() look much larger then they are: We just skip all the objectSid generation if the SID is supplied. By providing a few more objects, standard dialogs on the clients are better behaved, for these 'well known' users. Andrew Bartlett (This used to be commit 35ee4aee719e69983d650602d1c6422a31600001)
2007-10-10r24690: Further fix to bug 4919: Ensure we don't supply a NULL URL argument toAndrew Bartlett1-0/+5
ldb_connect_backend(). Andrew Bartlett (This used to be commit d0595e7a3d15c40dd49062efa0ddc6864b6b9030)
2007-10-10r24655: Fix bug 4919 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>:Andrew Bartlett1-3/+2
> When you change to the SAMBA private directory on a shell (default > /usr/local/samba/private) and start there for example ldbedit with the sam.ldb, > the application crashes if you don't put the "./" before the filename. I've adapted Matthias's patch. Andrew Bartlett (This used to be commit ba82197e30da8e626419e877d224431703edc866)
2007-10-10r24648: Found out the meaning of a few more flags.Andrew Bartlett1-2/+2
(This used to be commit 6bdebc3cfdf13358bbb610af2a7f9889b4f885cb)
2007-10-10r24631: Fix up format warnings, found on my Fedora 7 x86_64 workstation.Andrew Bartlett2-4/+4
Andrew Bartlett (This used to be commit 3d74d178bfd89127ff387939e848b240e638cc35)
2007-10-10r24611: Following up on the re-opening of bug 4817 is it pretty clear thatAndrew Bartlett1-5/+11
machine accounts are not subject to password policy in Win2k3 R2 (at least in terms of password quality). In testing this, I found that Win2k3 R2 has changed the way the old ChangePassword RPC call is handled - the 'cross-checks' between new LM and NT passwords are not required. Andrew Bartlett (This used to be commit 417ea885b41cc097a0bb3a10ffbffb31f234f25d)
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-1/+1
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r24479: Typo fix - this makes 'make test' pass against OpenLDAP again.Andrew Bartlett1-1/+1
The objectCategory canonicalise_fn makes everything a DN, which is exactly what we need here. Andrew Bartlett (This used to be commit f5ec369741661fdf7ef5f5183c0e1a996bd46d41)
2007-10-10r24459: Fix up ldap.js and test_ldb.sh to test the domain_scope control, andAndrew Bartlett2-112/+8
to test the behaviour of objectCategory=user searches. It turns out (thanks to a hint on http://blog.joeware.net/2005/12/08/147/) that objectCategory=user maps into objectCategory=CN=Person,... (by the defaultObjectCategory of that objectclass). Simplify the entryUUID module by using the fact that we now set the DN as the canoncical form of objectCategory. Andrew Bartlett (This used to be commit b474be9507df51982a604289215bb1868124fc24)
2007-10-10r24277: Tidyup as requested by metze.Andrew Bartlett1-8/+14
Andrew Bartlett (This used to be commit 43d62181f204fb32e487b7689729c1a91b8d23ad)
2007-10-10r24263: Fix bug 4846 (unable to copy users in MMC Active Directory Users andAndrew Bartlett1-3/+47
Computers). We now generate a security descriptor for each object, when it is created. This seems to keep MMC happy. The next step is to honour it. Andrew Bartlett (This used to be commit 72f4ae82463c5c1f9f6b7f18f125c4c8fb56ae4f)
2007-10-10r24262: Set the objectCategory by default in the objectclass module, rather ↵Andrew Bartlett1-1/+10
than using templates. Modify the samba3sam test to be less fussy, and not use the objectclass module (which requires proper schema stuff now). Andrew Bartlett (This used to be commit 53c248c2645e86fbc8720860aed92a479483b528)
2007-10-10r24260: Ensure we always override any existing values for these generatedAndrew Bartlett1-0/+4
attributes. Anything else leads to madness. Andrew Bartlett (This used to be commit af092a361df6b98e1890cbd3e2d1fed168701364)
2007-10-10r24259: Rework the objectclass module to use the new schema, rather than theAndrew Bartlett2-0/+703
ldb_subclass list. Next step will be to have this module also set the objectCategory and default ntSecurityDescriptor Andrew Bartlett (This used to be commit 0f7135a4685a1117a54c2f019df6c6de22b8dd32)
2007-10-10r24249: Thse generated attributes should not be pushed this far down the stackAndrew Bartlett1-69/+0
in any cse. Andrew Bartlett (This used to be commit 5f08a686a6b002a21803a0dd2f9ee0ae9ef928f5)
2007-10-10r24247: Remove extra newlines from ldb_debug() calls - it already adds one.Andrew Bartlett3-23/+23
Andrew Bartlett (This used to be commit e5fdcda2a1e97c587d48baf3521b18515277f6de)
2007-10-10r24060: Fix bug #4806 by Matthias Wallnöfer <mwallnoefer@yahoo.de>: We need toAndrew Bartlett3-6/+83
include the attribute allowedChildClassesEffective for MMC to allow the creation of containers. This may need further refinement, but it seems to work for now. Andrew Bartlett (This used to be commit d053b8e218767cb12e20a00fb18995e30869db11)
2007-10-10r24010: Fix warning for the function paramter to qsort().Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 51862c4c5299da02d3d781b3e9255823bc9b59af)
2007-10-10r23982: Fix use-after-realloc() found by valgrind and mwallnoefer@yahoo.de.Andrew Bartlett1-1/+5
Should fix bug #4804. Andrew Bartlett (This used to be commit 848336dc617b72d189fe82e10c0b08a518d6d073)
2007-10-10r23966: It isn't great, but at least now we have some access control in SWATAndrew Bartlett1-0/+5
This patch prevents non-root and non-administrator users from running the provision, upgrade and vampire pages. *I think* the rest of SWAT is LDB operations, or otherwise authenticated, so we should now be secure. I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha. Andrew Bartlett (This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)
2007-10-10r23810: Make things static, and remove unsued code.Andrew Bartlett1-4/+4
This includes some of the original ildap ldap client API. ldb provides a much easier abstraction on this to use, and doesn't use these functions. Andrew Bartlett (This used to be commit dc27a7e41c297472675e8c251bb14327a1af3902)
2007-10-10r23798: updated old Temple Place FSF addresses to new URLAndrew Tridgell5-10/+5
(This used to be commit 40c0919aaa9c1b14bbaebb95ecce53eb0380fdbb)
2007-10-10r23795: more v2->v3 conversionAndrew Tridgell5-5/+5
(This used to be commit 84b468b2f8f2dffda89593f816e8bc6a8b6d42ac)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell34-102/+68
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23762: Fix DN renames over LDAP, and instrument the partition module. Add aAndrew Bartlett1-22/+24
test to prove the behaviour of LDAP renames etc. Fix LDB to return correct error code when failing to rename one DN onto another. Andrew Bartlett (This used to be commit 3f3da9c4710b7752ed97f55c2fc3d32a63d352af)
2007-10-10r23718: Make Samba4 work against the LDAP backend again.Andrew Bartlett1-2/+8
When we set up the schema, we don't have a partitions container yet. The LDAP error differs from that given by LDB, so I think we still have some conformance work to do. Andrew Bartlett (This used to be commit 5ddbca73d4971a885c105c8d893e53598c5582b4)
2007-10-10r23699: when we create the global schema, remember to set the ldb opaque so weAndrew Tridgell1-1/+3
can find it again (This used to be commit 968e70b2aa478cfd49321e3386b505fd00a81527)
2007-10-10r23695: By not using the NULL context for these large structures, we don'tAndrew Bartlett1-1/+1
falsely report them as leaked. Andrew Bartlett (This used to be commit e3eb6c2cf63edf50d93a87f656df3ae5aa6efc00)
2007-10-10r23679: invocationID is a GUID too.Andrew Bartlett1-0/+12
Andrew Bartlett (This used to be commit 645a8862a3d7c493020e432d76ad0e5da5ea77b5)
2007-10-10r23560: - Activate metze's schema modules (from metze's schema-loading-13 ↵Andrew Bartlett4-8/+188
patch). - samba3sam.js: rework the samba3sam test to not use objectCategory, as it's has special rules (dnsName a simple match) - ldap.js: Test the ordering of the objectClass attributes for the baseDN - schema_init.c: Load the mayContain and mustContain (and system...) attributes when reading the schema from ldb - To make the schema load not suck in terms of performance, write the schema into a static global variable - ldif_handlers.c: Match objectCategory for equality and canonicolisation based on the loaded schema, not simple tring manipuation - ldb_msg.c: don't duplicate attributes when adding attributes to a list - kludge_acl.c: return allowedAttributesEffective based on schema results and privilages Andrew Bartlett (This used to be commit dcff83ebe463bc7391841f55856d7915c204d000)
2007-10-10r23419: initialize variable...Stefan Metzmacher1-0/+1
metze (This used to be commit d19293982bb534c9c4ebfe82f72224813e14bec9)
2007-10-10r23412: We don't need hdb.h here any moreAndrew Bartlett1-1/+0
(This used to be commit 1abda90f15bcfb56ac56b01fd2b7343fade3843c)