summaryrefslogtreecommitdiff
path: root/source4/ldap_server
AgeCommit message (Collapse)AuthorFilesLines
2010-09-26s4-ldap: Added a control to apply the access checks on read via LDAPNadezhda Ivanova1-0/+1
2010-09-07s4-ldapserver: serialise ldap server operationsAndrew Tridgell2-0/+60
This ensures that two ldap server operations cannot happen in parallel by using packet_recv_disable() and packet_recv_enable() to disable other interfaces during ldap calls. This prevents problems caused by parallel ldap operations where transactions could overlap.
2010-08-18s4:ldap_server use talloc_unlink() to avoid talloc_free() with referencesAndrew Bartlett1-4/+4
Both the session_info and the ldb can have references. Andrew Bartlett
2010-08-17s4-ldapserver: support controls on ldap add and renameAndrew Tridgell1-10/+12
we need to pass the controls down to the add and rename ldb operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-15s4:ldap_backend.c - Windows returns WERROR codes in majuscule HEX formatMatthias Dieter Wallnöfer1-1/+1
2010-08-15s4:ldap_backend.c - map error codes - add a change which allows custom ↵Matthias Dieter Wallnöfer1-0/+13
WERROR codes This is strictly needed by my recent passwords work, since I want to remove most of the password change stuff in "samr_password.c". Since AD gives us CONSTRAINT_VIOLATION on all change problems I cannot distinguish on the SAMR level which the real cause was about. Therefore I need the extended WERROR codes here.
2010-08-14s4:ldap_backend.c - fix a DS error code after WERROR changeMatthias Dieter Wallnöfer1-1/+1
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell2-15/+15
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-dsdb: fixed use after free of sasl mechanisms opaqueAndrew Tridgell1-0/+6
the supportedSASLMechanisms opaque must live for at least as long as the ldb, or we can crash when the first connection is torn down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-dsdb: fixed spelling of supportedSASLMechanismsAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-06-28s4:ldap_server: don't start if we can't bind to port 389Stefan Metzmacher1-1/+4
metze
2010-06-20s4:ldap_backend.c - now also the LDAP server supports controls on delete ↵Matthias Dieter Wallnöfer1-5/+7
operations
2010-06-20s4:ldap_backend.c - move function "ldb_mod_req_with_controls" to a better ↵Matthias Dieter Wallnöfer1-51/+52
place in the code Under the "add" and over the "delete" function.
2010-06-20s4:ldap_backend.c - add some newlines to make logs easier to readMatthias Dieter Wallnöfer1-5/+5
2010-06-19s4:ldap_backend.c - more customisations to match Windows Server error ↵Matthias Dieter Wallnöfer1-13/+16
behaviour on renames
2010-06-18s4:ldap_backend.c - fix crash bugs when we got in error situations with ↵Matthias Dieter Wallnöfer1-5/+4
"res" still set to "NULL"
2010-06-18s4:ldap_backend.c - fix a small error (use "ModifyResponse" rather than ↵Matthias Dieter Wallnöfer1-1/+1
"AddResponse")
2010-06-16s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library.Stefan Metzmacher1-1/+1
This is needed to remove samba specifc symbols from the bundled ldb, in order to get the ABI right. metze Signed-off-by: Andreas Schneider <asn@samba.org>
2010-06-06s4:ldap_server/ldap_backend.c - send back also the extended error message if ↵Matthias Dieter Wallnöfer1-18/+39
it exists This message often contains suggestions how to fix issues.
2010-05-21s4:libcli/ldap Rename ldap.h to libcli_ldap.hAndrew Bartlett5-5/+1
It is a problem if a samba header is called ldap.h if we also want to use OpenLDAP's ldap.h Andrew Bartlett
2010-05-04s4/rodc: Support read-only databaseAnatoliy Atanasov1-20/+174
Check on modify if we are RODC and return referral. On the ldap backend side now we pass context and ldb_modify_default_callback to propagate the referral error to the client.
2010-04-11s4:auth Remove event context from anonymous_session()Andrew Bartlett1-1/+1
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett
2010-04-06s4-waf: removed the AUTOGENERATED markersAndrew Tridgell1-3/+0
we won't be using the mk -> wscript generator again
2010-04-06s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell1-0/+2
them
2010-04-06build: commit all the waf build files in the treeAndrew Tridgell1-0/+12
2010-02-25s4:ldap_server - make it "signed-safe"Matthias Dieter Wallnöfer3-7/+8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:LDAP server - Enable support for returning referrals through itMatthias Dieter Wallnöfer1-0/+22
This is needed for my work regarding the referrals when the domain scope control isn't specified. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18Added freeing a successful req so it doesnt croud the ldb contextNadezhda Ivanova1-2/+4
2009-12-15Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.Nadezhda Ivanova1-1/+43
2009-11-20Some changes to allow processing of ldap controls on modify requests.Nadezhda Ivanova1-1/+1
ldap_backend used to filter out ldap controls on modify. Also, modified python binding for ldap_modify to allow writing tests for such controls.
2009-10-25s4-samdb: reduce the number of samdb opens at startupAndrew Tridgell1-4/+2
Using common parameters means that the ldb_wrap code can return a reference rather than a new database
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-23s4-dsdb: add a static samdb_credentialsAndrew Tridgell1-2/+2
Similarly to system_session(), this creates a static samdb_credentials()
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell1-1/+1
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-08s4:ldap server - remove unused error handlingsMatthias Dieter Wallnöfer1-35/+0
Those error cases should be handled by LDB itself to be available on all connection methods and not only over LDAP.
2009-10-02s4:LDB/LDAP - Re-allow renamesMatthias Dieter Wallnöfer1-1/+1
The main problem is that the "rdn_name" module launches on a rename request also a modification one with the "special attributes" which can't be changed directly. An introduced flag helps to bypass the restriction.
2009-10-02s4:ldap_server Ensure we don't segfault when sent a NULL new RDNAndrew Bartlett1-4/+7
The Microsoft testsuite tried to rename cn=administrator,cn=users,... into "",cn=users... which didn't go so well. Andrew Bartlett
2009-09-28s4-ldap: fixed spellingAndrew Tridgell1-1/+1
2009-09-26gensec: Avoid exposing lp_ctx on the API level.Jelmer Vernooij1-1/+1
2009-09-18s4-server: kill main daemon if a task fails to initialiseAndrew Tridgell1-4/+6
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state.
2009-08-14s4:ldap_server Correct removal of talloc_steal()Andrew Bartlett1-1/+0
This corrects commit 7a82aed71b74af8bc2a8a4381541adbb22452d20. The steal did not set ent->attributes, so it was incorrect to assign to ent->attributes. Andrew Bartlett
2009-08-14s4:ldap_server Remove another talloc_steal (with references)Andrew Bartlett1-1/+1
This talloc_steal also conflicts with the ldb_map code, and like the previous commit, is rudundent given the talloc_steal of the whole msg above. Andrew Bartlett
2009-08-14s4:ldap_server Don't talloc_steal (with references) in ldap_backendAndrew Bartlett1-1/+1
There may or may not be a need to take a reference to the 'name' in the ldb_map code, but given we seal the whole msg just above here, it makes no senst to steal the name, but not the values. Andrew Bartlett
2009-08-05s4:ldap_server: make sure we shutdown the tls socket before ↵Stefan Metzmacher1-0/+1
stream_terminate_connection() removes the fd event This fixes a crash bug where tls_destructor() relies on the fd event still being there. metze
2009-08-04s4-ldap_server: fix generated error string in map_ldb_error().Günther Deschner1-1/+1
Guenther
2009-07-31s4: Enhances the LDAP server to display error messages like Windows ServerMatthias Dieter Wallnöfer1-27/+178
Those error messages also include the WERROR code of the failed operation(s) in this manner: <error code eight chars in HEX>: <further error message> This also addresses bug #4949
2009-07-31s4:ldap_server: the tls code steals the original socket on its own nowStefan Metzmacher2-2/+2
metze
2009-07-01use a talloc_unlink() as ops may have a referenceAndrew Tridgell1-1/+1
2009-06-24Reenable the LDAPI socket for the merged buildVolker Lendecke1-2/+0
It seems that the samba4 part of the merged build does not pick up the DEVELOPER flag from the s3 configure. Jelmer, can you fix that properly? Thanks, Volker
2009-06-19Allow developers access the the privilaged ldapi socket for the momentAndrew Bartlett1-0/+4
This allows us some time to get the EXTERNAL bind working