Age | Commit message (Collapse) | Author | Files | Lines |
|
We need to keep a search count in ltdb to allow for nesting
of searches inside a module
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
We need to delete the deepest DNs first
|
|
Hopefully this will ensure we don't get an older version from the system.
|
|
(as objectClass will always be a case insensitive ascii string, we can
make a much simpler match function here than for the general case).
Andrew Bartlett
|
|
This tries to show that the domain object should not have a
primaryGroupToken, for example. (This passes against the old and new
code, as the failure case requires an object with an objectSid, and
exactly one group in it's subtree. Sadly I don't know of a valid structure
that I can construct to test this).
Andrew Bartlett
|
|
|
|
The '1' form gives GUIDs and SIDs in the ascii form as normally used
for display.
|
|
Tridge found that the partitions.c module was being initialised twice,
and setting the partitions into the rootDSE twice.
Andrew Bartlett
|
|
Includes the following verifications for the constructed parentGUID:
- Checks if it returns nothing when there is no parent object
- Ensures that attributes mentioned after the parentGUID
are returned correctly (this avoid a bug pointed out by Tridge
during sync constructed parentGUID development)
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this makes the usage clearer
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This comes from a tip from Howard Chu. Apparently some clients
will send a -ve page size value.
|
|
|
|
- reserve a new Samba OID for recalculate SD control
- fix the update SD function
- fix handling of kvno in the update_machine_account_password function
- fix handling of handles in RPC winreg server
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We were trying to open $SERVER:3268 regardless, which could result in
creating a file called "localdc1:3268", which led to subsequent test
failures
|
|
We were testing for valid DNs in ldbrename in the command line
tool. This hid a bug in the ldb library where we caught a bad DN in
the objectclass module rather than in the main ldb code. It is better
to do validation of the DNs passed on the command line in the library
code, as this gives us more consistent error handling between the
programming APIs for ldb and the command line.
|
|
|
|
(Deny creation of entries with operational attributes specified)
|
|
Apparently Windows Server (2003) doesn't like the comma delimiter here. I got
always error 16 ("LDB_NO_SUCH_ATTRIBUTE"). With this change the test works
again.
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
I've forgotten to add this when checking in the reworked SAMLDB module
|
|
|
|
metze
|
|
|
|
ldap_backend used to filter out ldap controls on modify. Also, modified
python binding for ldap_modify to allow writing tests for such controls.
|
|
ldb_msg_add_dn does not copy the dn linearized string
|
|
a helper function to a DN element to an ldb_msg using ldb_msg_add_string.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
- The outside API contains "DN" string arguments: Bad. Since in this way we
fully rely on the outside calls regarding the right DN format. Solution: Use
always a "struct ldb_dn" entry. Since this one is interchangeable and we can
handle it in our preferred way.
|
|
- DN comparison: The function doesn't seem that efficient. I "upgraded" it a bit
to be more powerful (added a second length check and do both before the string
comparison)
|
|
This tests the fix for double rename/add and indexing
|
|
This is useful for speed tests with large numbers of records.
|
|
this prevents output being buffered when redirected to a file. Useful
for larger ldb command line operations
|
|
When we rename or modify a record, we need to update the indexes at
the same time. It is important that we use the DN of the actual
message that is stored in the database to do this, not the DN that was
passed in by the user. If the two differ in case then the index
records needs to use the 'real' record DN, as index handling is
currently case sensitive.
|
|
This makes it much easier to debug (as you can break in the ldb
modules by running gdb on /usr/bin/python)
|
|
When ildap created a new message to forward, it only copied controls for ldb_search
requests. This caused controls for add and modify to be lost in transition
and tests for them could not be implemented.
|
|
Fixed some expected owners and groups.
Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>
|
|
So the converted DN will be freed after usage.
|
|
Don't add only a new objectclass but also a new attribute. Plus let now the
server itself calculate the "lDAPDisplayName" attribute and compare the result.
|
|
I think those parts should be deactivated since they're result set checks for
lookups which are commented out already.
|
|
The DN escape function was using the form \c where c is any
character. The unescape function was using \XX where XX is a 2 digit
hex number. The asymmetry led to quite a few problems when we start to
deal with DNs containing escape chars, such as CN=foo\0ADEL:XXX. The
result was a DN that was not accessible.
This patch changes the escaping to follow RFC2253 much more
closely. We accept either type of escape, and produce the two types of
escape, depending on the character being escaped
|
|
(These are deliberately there in DRS replication).
Andrew Bartlett
|
|
|
|
|
|
|
|
This is now in dsdb_dn. Removing this to a specific wrapper avoids a
number of bugs where Binary DNs were being handled incorrectly.
This reverts much of tridge's commit
fd22e0304782e20b9bbb29464b6c745d409ff4c6
Andrew Bartlett
|
|
This will help simplify boilerplate comparison functions where we
don't have a shortcut way to compare.
Andrew Bartlett
|
|
|
|
This size constraint is not correct in it's current form, as windows
does send us rDN values for CN with lengths longer than 64. Once we
know how this constraint really works we can add it back in.
|
|
|