Age | Commit message (Collapse) | Author | Files | Lines |
|
Found by callcatcher
Ricky Nance
|
|
Kerberos is efficient when the credentials cache is set up once and
then reused.
Sadly this test creates a user, does a test and deletes the user, over
and over.
For this, using NTLM saves a little time, but we also stress the rest
of the DB, and should rework the test.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Feb 20 00:49:56 CET 2012 on sn-devel-104
|
|
This fixes the error output from tdb2 when metadata module tries
to create metadata.tdb first time. This error is reported since
metadata module tries to check if tdb exists by trying to open
tdb file.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Mon Feb 13 03:02:09 CET 2012 on sn-devel-104
|
|
anymore in reps*"
This reverts commit 5bfd6251eb22ff701184a95649822a73cf4d157b.
This change has been causing regular segfaults in the build farm since
it was applied. I also think it may be unnecessary as
dreplsrv_refresh_partitions() should already be achieving the same
thing (removing stale replication targets).
I think the segfaults were caused by freeing an in-flight DSA, but I
have been unable to reproduce it outside of the build farm
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Feb 1 07:49:42 CET 2012 on sn-devel-104
|
|
TDB2's tdb_fetch() returns an error code; use tdb_fetch_compat() for now.
Similarly, tdb_errorstr() -> tdb_errorstr_compat().
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
|
|
This way we only catch true exceptions and keyboard interrupts
are not caught here.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue Jan 24 03:32:40 CET 2012 on sn-devel-104
|
|
supplementalCredentials
If this is missing a w2k8r2 server will reboot, when someone tries to
change a password.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan 16 17:10:07 CET 2012 on sn-devel-104
|
|
Add NTDSSITELINK options to dsdb class for use
in python samba_kcc
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
"unix_to_nt_time()" which is based on "time_t" behaves differently for
literals > 32 bit on 32 and 64 bit platforms.
Reviewed-by: ekacnet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
|
|
For the configuration container we do a full scan at every run of the
kcc-delete service. For the base DN we introduce a new parameter that
avoid the full scan to kick just when samba starts.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
If the parent object is a SAM object (as defined in 3.1.1.5.2.3
Special Classes and Attributes of MS-ADTS) then we can use the subtree
delete control even if the object is a critical one.
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Mon Dec 19 14:32:19 CET 2011 on sn-devel-104
|
|
metze
|
|
doing
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Dec 9 12:00:03 CET 2011 on sn-devel-104
|
|
Modification to periodic and explicit invocation
paths of the KCC topology generation code. Managed
via samba_runcmd_send() API. The samba_kcc script
is invoked if (kccsrv:samba_kcc = true) appears in smb.conf
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The subreq and status fields in the kcc_service struct
are added for execution management of the external samba_kcc
python script.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
in reps*
Servers connection can be removed from repsTo and respFrom either due to
DC demote or topology change by the KCC, if a server is removed from the
reps* it must be effectivly removed from the list of server that we will
contact for getNcChanges and for replicaSync.
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Mon Dec 5 19:56:09 CET 2011 on sn-devel-104
|
|
the one we want to use
|
|
|
|
Sometimes windows DC will set up dNSHostname before setting up
GC SPN and that causes replication errors since samba tries to
use GC SPN, which does not yet exist locally.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
|
|
This adds support for global sequence number which is independent of
partition information.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The result of the extended operation is now available in the calling
routine.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This was a hack for LDAP backends to store a sequence number as a
timestamp. It is still supported in standalone ldb tdb backend.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We launch a search request with base scope on exactly the same DN (see
downwards).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
attribute interSiteTopologyGenerator even if the value didn't change
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Nov 19 16:47:53 CET 2011 on sn-devel-104
|
|
As per Section 3.1.1.4.5.26 [MS-ADTS.pdf], password is expired if
pwdLastSet = null, or
pwdLastSet = 0, or
(maxPwdAge != 0x8000000000000000 and (ST - pwdLastSet) > maxPwdAge)
|
|
|
|
This checks if instanceType attribute is available, and if
INSTANCE_TYPE_IS_NC_HEAD bit is set. If the bit is set, then
the DN is NC root and security descriptor is not inherited
from parent SD.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Normally they should always be passed to the main backend unless
something different has been specified.
Reviewed-by: abartlet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Nov 15 22:43:06 CET 2011 on sn-devel-104
|
|
"dsdb:schema update allowed = yes" is now needed in smb.conf
to enable schema updates, as schema updates are a currenty a good
way to prevent samba from startup again, because of errors in
the schema definition.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Nov 15 13:00:07 CET 2011 on sn-devel-104
|
|
By default schema updates are not allowed anymore, as we don't have
complete validation code to prevent database corruption.
metze
|
|
msDS-IntId
As windows we return CONSTRAINT_VIOLATION now.
metze
|
|
schema master
metze
|
|
schema base
The objectclass module should also check for this, but make sure
we also reject it on things like provision.
metze
|
|
metze
|
|
metze
|
|
metze
|
|
We should only be able to update the schemaInfo internaly.
metze
|
|
|
|
Deleted Object Container
|
|
this fixes error checking. Test failures were not being detected
otherwise
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
Add missing flags present in C code base to python
code base dsdb/pydsdb.c
INSTANCE_TYPE...
DS_NTDSSETTINGS_OPT...
NTDSCONN_OPT...
These are consumed by the python KCC scripts
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Nov 2 22:35:00 CET 2011 on sn-devel-104
|
|
|
|
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 2 07:03:40 CET 2011 on sn-devel-104
|
|
To replicate application partitions (e.g. DNS partitions) consult
msDs-hasMasterNCs attribute as well. Also, make sure we don't add
same partition twice in the list. hasMasterNCs and msDs-hasMasterNCs
have domain, configuration and schema partitions common.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The error message from this causes confusion, for a feature
that we have never finished and have agreed to remove.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 1 06:32:52 CET 2011 on sn-devel-104
|