summaryrefslogtreecommitdiff
path: root/source4/ldap_server
AgeCommit message (Collapse)AuthorFilesLines
2007-12-21r26385: Integrate gensec-socket into gensec.Jelmer Vernooij2-2/+2
(This used to be commit 78bb444b4b73df9a84f8702814f9b30b32ffd885)
2007-12-21r26325: Remove use of global_loadparm in netif.Jelmer Vernooij1-2/+2
(This used to be commit e452cb28594f23add7c00247ed39e8323aea78a6)
2007-12-21r26313: Fix more uses of static loadparm.Jelmer Vernooij1-4/+12
(This used to be commit 6fd0d9d3b75546d08c24c513e05b1843d5777608)
2007-12-21r26266: Remove more global_loadparm uses.Jelmer Vernooij4-7/+10
(This used to be commit 99113075c4a96679bcec4f4d6bba4acb3dee4245)
2007-12-21r26260: Store loadparm context in gensec context.Jelmer Vernooij1-0/+1
(This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081)
2007-12-21r26252: Specify loadparm_context explicitly when creating sessions.Jelmer Vernooij1-1/+1
(This used to be commit 7280c1e9415daabb2712db1372e23f9846272ede)
2007-12-21r26250: Avoid global_loadparm in a couple more places.Jelmer Vernooij1-1/+1
(This used to be commit 2c6b755309fdf685cd0b0564272bf83038574a43)
2007-12-21r26238: Add a loadparm context parameter to torture_context, remove more ↵Jelmer Vernooij1-1/+1
uses of global_loadparm. (This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
2007-12-21r26237: Add loadparm context to the server service interface.Jelmer Vernooij1-0/+1
(This used to be commit 1386c5c92505a950c65411b8af74d703ce023f95)
2007-12-21r26234: More global_loadparm fixes.Jelmer Vernooij1-1/+1
(This used to be commit 84892d030de6266fc0f3a699cade960dd5dc37bc)
2007-12-21r26229: Set loadparm context as opaque pointer in ldb, remove more uses of ↵Jelmer Vernooij1-1/+2
global_loadparm. (This used to be commit 37d05fdc7b0e6b3211ba6ae56b1b5da30a6a392a)
2007-12-21r26228: Store loadparm context in auth context, move more loadparm_contexts ↵Jelmer Vernooij2-4/+4
up the call stack. (This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
2007-12-21r26227: Make loadparm_context part of a server task, move loadparm_contexts ↵Jelmer Vernooij1-6/+7
further up the call stack. (This used to be commit 0721a07aada6a1fae6dcbd610b8783df57d7bbad)
2007-12-21r26193: In the LDAP server, use the new 'controls_decoded' element toAndrew Bartlett1-0/+12
determine if this (possibly critical) control has been decoded. This allows us to return an error, rather than just dropping the socket. Andrew Bartlett (This used to be commit 230a60c1910f95ce5139c174d6d79786fca08433)
2007-12-21r26136: Attempt to fix dependencies for auth.Jelmer Vernooij1-1/+1
(This used to be commit abf2600a044cdbab6c5d7880d18217bff3d15c39)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25960: Enable checks on the validity of the search base on sam.ldb in Samba4.Andrew Bartlett1-4/+0
Remove bogus check to return NO_SUCH_ENTRY in ldap_backend.c, as this error is now correctly emited from ldb. Andrew Bartlett (This used to be commit ed57862b90812e5a38ca81935b131338112fb19f)
2007-12-21r25921: Now also listen on ldapi by default in the LDAP serverAndrew Bartlett1-0/+14
Create a phpLDAPadmin configuration file example to use ldapi to talk to Samba4 Andrew Bartlett (This used to be commit 54f4c8ba6127757fd272bd97e301188eb69977ed)
2007-10-10r25548: Convert to standard bool type.Jelmer Vernooij1-1/+1
(This used to be commit 190d73b44b9b9c6dabbd26212d596d985b25edab)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+3
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25428: forward declarations of enums are not portable,Stefan Metzmacher1-3/+1
so pass struct cli_credentials *cred instead of enum credentials_use_kerberos use_kerberos. metze (This used to be commit b945aaa9dadc4c0595340d35725b49bac8e5778e)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij2-5/+5
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25299: Modify the provision script to take an additional argument: ↵Andrew Bartlett1-0/+12
--server-role This must be set to either 'domain controller', 'domain member' or 'standalone'. The default for the provision now changes to 'standalone'. This is not because Samba4 is particularlly useful in that mode, but because we still want a positive sign from the administrator that we should advertise as a DC. We now do more to ensure the 'standalone' and 'member server' provision output is reasonable, and try not to set odd things into the database that only belong for the DC. Andrew Bartlett (This used to be commit 4cc4ed7719aff712e735628410bd3813c7d6aa40)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij2-0/+2
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r25001: Fix more C++ and other warnings, fix some of the indentation with ↵Jelmer Vernooij1-1/+2
ts=4 lines that I accidently added earlier. (This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
2007-10-10r24780: More work allowing libutil to be used by external users.Jelmer Vernooij1-2/+3
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
2007-10-10r24712: No longer expose the 'BOOL' data type in any interfaces.Jelmer Vernooij1-1/+1
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
2007-10-10r23849: ldap_server: Provide more info in debug tracesAndrew Bartlett1-7/+8
blackbox tests: increase test coverage by running more options. Andrew Bartlett (This used to be commit 46abf82675ea0ce06a162be5d733da0c236880c2)
2007-10-10r23816: A little more static, but leave the dead code testjoin.c as ↵Andrew Bartlett1-1/+1
documentation. Andrew Bartlett (This used to be commit 6679003c0553804333f0090a91e1fe53837ceb47)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell5-15/+10
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23762: Fix DN renames over LDAP, and instrument the partition module. Add aAndrew Bartlett1-0/+1
test to prove the behaviour of LDAP renames etc. Fix LDB to return correct error code when failing to rename one DN onto another. Andrew Bartlett (This used to be commit 3f3da9c4710b7752ed97f55c2fc3d32a63d352af)
2007-10-10r23036: error checking on asn1_init() failureAndrew Tridgell1-1/+3
(This used to be commit 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2)
2007-10-10r23030: finally fixed up our asn1 code to use better memory allocation. ThisAndrew Tridgell1-5/+5
should allow us to fix some long standing memory leaks. (This used to be commit 3db49c2ec9968221c1361785b94061046ecd159d)
2007-10-10r22403: this dependencies should be privateStefan Metzmacher1-3/+4
metze (This used to be commit c3cc03ffb290cb7c1eba51e98c52e5e7c1aba5fb)
2007-10-10r21806: I've been working over the last week to fix up the LDAP backend forAndrew Bartlett1-2/+4
Samba4. This only broke on global catalog queries, which turned out to be due to changes in the partitions module that metze needed for his DRSUAPI work. I've reworked partitions.c to always include the 'problematic' control, and therefore demonstrated that this is the issue. This ensures consistency, and should help with finding issues like this in future. As this control (DSDB_CONTROL_CURRENT_PARTITION_OID) is not intended to be linearised, I've added logic to allow it to be skipped when creating network packets. I've likewise make our LDAP server skip unknown controls, when marked 'not critical' on it's input, rather than just dropping the entire request. I need some help to generate a correct error packet when it is marked critical. Further work could perhaps be to have the ldap_encode routine return a textual description of what failed to encode, as that would have saved me a lot of time... Andrew Bartlett (This used to be commit eef710668f91d1bbaa2d834d9e653e11c8aac817)
2007-10-10r21511: this seems to be the nicer fix for the problem withStefan Metzmacher1-8/+4
the windows 2000 LDAP client metze (This used to be commit d40465470fa09827ea529e1f2c80bca9efc152a8)
2007-10-10r21496: A number of ldb control and LDAP changes, surrounding theAndrew Bartlett1-4/+15
'phantom_root' flag in the search_options control - Add in support for LDB controls to the js layer - Test the behaviour - Implement support for the 'phantom_root' flag in the partitions module - Make the LDAP server set the 'phantom_root' flag in the search_options control - This replaces the global_catalog flag passed down as an opaque pointer - Rework the string-format control parsing function into ldb_parse_control_strings(), returning errors by ldb_errorstring() method, rather than with printf to stderr - Rework some of the ldb_control handling logic Andrew Bartlett (This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
2007-10-10r20906: allow LDAP simple binds using the following syntaxes in the DN field:Stefan Metzmacher1-1/+1
CN=Administrator,CN=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base Administrator@W2K3 W2K3\Administrator w2k3.vmnet1.vm.base/Users/Administrator w2k3 also allows this (and maybe more...?) metze (This used to be commit 40c27ef88df9021e9ef2a6c43aabab709ac9662f)
2007-10-10r20407: the oMObjectClass values are not padded to 10 bytes!Stefan Metzmacher1-4/+4
metze (This used to be commit f860dd2dca391edf55975d582dda0c1d01ddb6e3)
2007-10-10r20322: I assume the options attribute of the nTDSDSA object containsStefan Metzmacher1-2/+2
mutiple flags not just 1 for being a global catalog metze (This used to be commit 202645e196b1425f9043bd34dd02a1418e2e3dd9)
2007-10-10r20189: remove unused struct elementStefan Metzmacher1-2/+0
metze (This used to be commit d20d1872d5ed1176928b85ef9811c6a5177d0148)
2007-10-10r20149: Remove the smb.conf distinction between PDC and BDC. Now the correctAndrew Bartlett1-5/+40
way to setup a Samba4 DC is to set 'server role = domain controller'. We use the fSMORoleOwner attribute in the base DN to determine the PDC. This patch is quite large, as I have corrected a number of places that assumed taht we are always the PDC, or that used the smb.conf lp_server_role() to determine that. Also included is a warning fix in the SAMR code, where the IDL has seperated a couple of types for group display enumeration. We also now use the ldb database to determine if we should run the global catalog service. In the near future, I will complete the DRSUAPI DsGetDomainControllerInfo server-side on the same basis. Andrew Bartlett (This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce1-1/+1
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce2-23/+24
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19722: fix memory leaks and hierachie bugsStefan Metzmacher1-4/+6
metze (This used to be commit fddcbf5d4cce77705be43956ea93895432b64aa1)
2007-10-10r19721: ldapsrv_SearchCallback isn't needed any moreStefan Metzmacher1-60/+1
ldb_search_default_callback does the same... metze (This used to be commit 0edac60ec6f1e67de8e08f4e71e56b674915ad6e)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett2-0/+3
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19531: Make struct ldb_dn opaque and local to ldb_dn.cSimo Sorce1-4/+7
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
2007-10-10r19522: Remove gensec and credentials dependency from the rootdse module (lessAndrew Bartlett2-1/+32
dependency loops). This moves the evaluation of the SASL mechansim list to display in the rootDSE to the ldap server. Andrew Bartlett (This used to be commit 379da475e224d93c05d91b37902c121eb4007d97)
2007-10-10r18989: Fixes found by these two LDAP testsuites:Andrew Bartlett1-0/+4
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/ - http://gleg.net/protover_ldap_sample.shtml Also fixes found by a subsequent audit of the code for similar issues. (This used to be commit 441a4f6262459dabfefd9bb12622ada9c007a60c)