Age | Commit message (Collapse) | Author | Files | Lines |
|
to a ldb_schema_syntax struct.
the default attribute handler is now registered dynamicly as "*"
attribute, instead of having its own code path.
ldb_schema_attribute's can be added to the ldb_schema given a
ldb_schema_syntax struct or the syntax name
we may also need to introduce a ldb_schema_matching_rule,
and add a pointer to a default ldb_schema_matching_rule
in the ldb_schema_syntax.
metze
(This used to be commit b97b8f5dcbce006f005e53ca79df3330e62f117b)
|
|
(This used to be commit 49d1559d3670de4a4f9eace99600c37cf039bae2)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
remove old unused schema module
metze
(This used to be commit 3c16951b0d88013b34a0213ced79087653713ddf)
|
|
map_attr_find_local() always returns, which is exactly what we don't
want. Instead, rely on the overwrite behaviour.
Andrew Bartlett
(This used to be commit 9b9b7bae16a635d9a9ba72d21a4a4718d294c9b0)
|
|
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
(This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
|
|
(This used to be commit 889fb983ba1cf8a11424a8b3dc3a5ef76e780082)
|
|
Andrew Bartlett
(This used to be commit cf1b0cc19fc7aad2a44777929861e70497ccef7d)
|
|
libraries
works again now, by specifying --enable-dso to configure.
(This used to be commit 7a01235067a4800b07b8919a6a475954bfb0b04c)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
(This used to be commit 4ad2eba2aa7711d480a844766e2dd3da938b3413)
|
|
(This used to be commit 05134a90e3ff0e4039dbd34c52f824bc666feb11)
|
|
(This used to be commit 3e0e2787c1da1c3831e21b163e1370001d725a3d)
|
|
the results where used.
Seem that el is hanging out of a request, and the target is put on the final results.
Still one to catch and fix, but this seem to cure most of them
(This used to be commit bfeaa08fde805439dbda974be6fcb692957b00f1)
|
|
(This used to be commit 6fad80bb09113a60689061a2de67711c9924708b)
|
|
(This used to be commit 7180f38e9e436ca7a7c49f2d4b315ec5eb9c7631)
|
|
This moves these attributes from objectguid into an optional backend
(objectguid), used by ltdb. For OpenLDAP, the entryUUID module
converts entryCSN into usnChanged.
This also changes the sequence number API, and uses 'time based'
sequence numbers, when an LDAP or similar backend is detected.
To assist this, we also store the last modified time in the TDB,
whenever we change a value.
Andrew Bartlett
(This used to be commit 72858f859483c0c532dddb2c146d6bd7b9be5072)
|
|
paged_searches module.
In particular, we must query the remote server to find out if paged
searches are supported, not the local ldb.
This patch also removes the ue of bool, and returns it to LDB error codes.
Andrew Bartlett
(This used to be commit d36d05858bb9b87802f5ffb83285ef12b9646741)
|
|
Fix logic error in paged_results
(This used to be commit 34ce1f8e1bab2debb508aa8bf478231389a77d42)
|
|
to mess with the values in these cases.
Where we do convert the values, try and convert substrings. This
isn't going to be perfect, but we should try rather than segfault.
This also avoids using the wrong arm of the union for the attribute
name
The change in the entryUUID module is to correct the case of
sAMAccountName, due to the case sensitive ldap.js test.
Andrew Bartlett
(This used to be commit 81d9a692c1e74ec9078bf718003eafdba85b4324)
|
|
This adds a list of attributes that are in our wildcard seaches, but
the remote server requires to be explicitly listed. This also cleans
up the handling of wildcards in ldb_map to be more consistant.
Also fix the partitions module to rebase the search, if on the GC
port, we do a subtree search. (Otherwise backends can rightly
complain that the search is not in their scope).
Andrew Bartlett
(This used to be commit bc58792b7102f086b19353635d5d5ef9d40a0aae)
|
|
exposed.
Unfortunately this generates a large number of type punning
warnings. We'll have to find some magic to hide those.
(This used to be commit 254cbf09dee5a1e20c47e47a298f1a8d172b41b9)
|
|
carefully. Most of them are OK, but a couple were not.
(This used to be commit b0de2838829d9750817c31f28c11c6b2be6e7b64)
|
|
appropriate.
Note that I also removed the error checks that were being done on the
result of talloc_steal(). They are pointless as talloc_steal() doesn't
have any failure modes that wouldn't cause a segv anyway, and they
tend to clutter the code
(This used to be commit c0d9e7d473b8e3eb2524a9fc29cf88680f994b36)
|
|
(This used to be commit 449fab2c264aa50601f9a2d3310f1910ba97706b)
|
|
(This used to be commit 41cb3a9258012e628a2d87959cc066f6c5d92255)
|
|
emacs compile mode (hint, paste to a file, and compile as "cat
filename").
This allowed me to fix nearly all the warnings for a IA_64 SuSE build
very quickly.
(This used to be commit eba6c84efff735bb0ca941ac4b755ce2b0591667)
|
|
metze
(This used to be commit c66cf31afd99d537b1f4dfc8ff1502dfa6accfd3)
|
|
we make searches before things are initialised. Cope with this.
Andrew Bartlett
(This used to be commit daa1a61891ede404bcce72affb7094e5c452c689)
|
|
pointer.
This only works when this is the only structure member, but when I
added a new context pointer, it failed.
Andrew Bartlett
(This used to be commit 5bcfa12cef0d9eba5d5d1f65f676e7852297667f)
|
|
modules to put private data.
Andrew Bartlett
(This used to be commit ba00f45357d113bf245c6622ef96701aa7c7026c)
|
|
This module has been created with the purpose of being used
for searches against ldap servers without the need to handle
the control manually
You can test it by passing -o modules:paged_searches to ldbsearch
The page search size is set to 500 objects.
Simo.
(This used to be commit 07d377f3c27966b40465bb5dc4f55746ba8489af)
|
|
(This used to be commit e9d101bc3c1e7c1e8b6560a1f7161e6eb270c7df)
|
|
(This used to be commit 403cbd335594112e0c58fd68d20f0e3faad7d186)
|
|
for objectClass=xyz. The code has been warning at me 'no
covert_operator set', and indeed this is the case. (It then proceeds to
strip this as a search expression)
In this commit, I have implemented a convert_operator for objectClass,
by pretending it is a simple MAP_CONVERT operator for the search
requests.
I also have changed the logic for when we should bail out. I can only
see reason to bail out on the search if we have both local and remote
trees. How can a remote-only search be un-splittable?
Andrew Bartlett
(This used to be commit 656e58672c357121647a080400fcab4e5d30b46b)
|
|
needs to be renamed (operation_add?).
This allows me to match the behaviour and substitute with the
entryUUID module for remote LDAP connections.
Andrew Bartlett
(This used to be commit af02b4d7c631bb15bf5a5f73f9fdc23075d50f60)
|
|
Martin Kühl
<mkhl@samba.org>.
Martin took over the work done last year by Jelmer, in last year's
SoC. This was a substanital task, as the the ldb modules API changed
significantly during the past year, with the addition of async calls.
This changeset reimplements and enables the ldb_map ldb module and
adapts the example module and test case, both named samba3sam, to the
implementation.
The ldb_map module supports splitting an ldb database into two parts
(called the "local" and "remote" part) and storing the data in one of
them (the remote database) in a different format while the other acts
as a fallback.
This allows ldb to e.g. store to and load data from a remote LDAP
server and present it according to the Samba4 schema while still
allowing the LDAP to present and modify its data separately.
A complex example of this is the samba3sam module (by Jelmer
Vernooij), which maps data between the samba3 and samba4 schemas.
A simpler example is given by the entryUUID module (by Andrew
Bartlett), which handles some of the differences between AD and
OpenLDAP in operational attributes. It principally maps objectGUID,
to and from entryUUID elements. This is also an example of a module
that doesn't use the local backend as fallback storage.
This merge also splits the ldb_map.c file into smaller, more
manageable parts.
(This used to be commit af2bece4d343a9f787b2e3628848b266cec2b9f0)
|
|
helper function to set them.
(This used to be commit 260868bae56194fcb98d55afc22fc66d96a303df)
|
|
(This used to be commit c6aa60c7e69abf1f83efc150b1c3ed02751c45fc)
|
|
Finally acknowledge that ldb is inherently async and does not have a dual personality anymore
Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply
to reflect the real function of this structure.
Simo.
(This used to be commit 25fc7354049d62efeba17681ef1cdd326bc3f2ef)
|
|
that it should handle the add without a search.
Now that I'm working on better behaviour with an LDAP backend, I've
fixed the module to do just that. For an ADD, and a MODIFY with the
REPLACE flag, we do not need the search step.
Andrew Bartlett
(This used to be commit 87573e2ee4a71168ea69182d2dc4ebf1779b7c02)
|
|
The function pointer was meant to be unused, this patch fixes
partition.c to use ldb_sequence_number(). (No backend provided the
pointer any more).
Set the flags onto the ldb structure, so that all backends opened by
the partitions module inherit the flags.
Set the read-ony flag when accessed as the global catalog
Modify the LDAP server to track that this query is for the global
catalog (by incoming port), and set a opqaue pointer.
Next step is to read that opaque pointer in the partitions module.
Andrew Bartlett
(This used to be commit a1161cb30e4ffa09657a89e03ca85dd6efd4feba)
|
|
easier to chase down what modules or application code gets wrong.
Ensure not to leave memory allocated on failure in ldb_search()
Andrew Bartlett
(This used to be commit 0828739951ed879640f8ed6e4700d8ca6b8221b8)
|
|
This required changes to the rootDSE module, to allow registration of
partitions. In doing so I renamed the 'register' operation to
'register_control' and 'register_partition', which changed a few more
modules.
Due to the behaviour of certain LDAP servers, we create the baseDN
entry in two parts: Firstly, we allow the admin to export a simple
LDIF file to add to their server. Then we perform a modify to add the
remaining attributes.
To delete all users in partitions, we must now search and delete all
objects in the partition, rather than a simple search from the root.
Against LDAP, this might not delete all objects, so we allow this to
fail.
In testing, we found that the 'Domain Controllers' container was
misnamed, and should be 'CN=', rather than 'OU='.
To avoid the Templates being found in default searches, they have been
moved to CN=Templates from CN=Templates,${BASEDN}.
Andrew Bartlett
(This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)
|
|
correct grammar
(This used to be commit 26a2fa97e4c819e630bc9b50e11c8d5328c7b8c8)
|
|
r15944.
Hey idra I think a better rename would be to keep the LDB_REQ suffix
here to remain consistent with the other enums (e.g ldb_reply_type,
ldb_async_wait_type and ldb_async_state).
(This used to be commit d44ee8c43bd8f6f978330a8ded8bf30ffad494d6)
|
|
cn=rootDSE entry.
(it was also crashing, as 'ac' wasn't initialised at this point)
Andrew Bartlett
(This used to be commit 8455aafb1547ae843b066db716a892fda14438b4)
|
|
Check timeouts are correctly verified.
Some minor fixed and removal of unused code.
(This used to be commit b52e5d6a0cb1a32e62759eaa49ce3e4cc804cc92)
|
|
Add a test to show that we need this, and to prove it works (for add
at least).
Andrew Bartlett
(This used to be commit f72079029abb594677bf8c2b63e40c07e910004f)
|