summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_become_dc.c
AgeCommit message (Collapse)AuthorFilesLines
2011-04-04s4-libnet: honour convention of DEBUGLEVEL>=10 for NDR printAndrew Tridgell1-0/+12
2011-02-10ldb: use #include <ldb.h> for ldbAndrew Tridgell1-2/+2
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki1-12/+12
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-16s4:dsdb - fix unsigned integer save problems using the "%u" specifierMatthias Dieter Wallnöfer1-2/+3
The issue here is that we have not yet first cast to int32_t explicitly, before we cast to an signed int to printf() into the %d or cast to a int64_t before we then cast to a long long to printf into a %lld. There are *no* unsigned integers in Active Directory LDAP, even the RID allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities. (See the schema, and the syntax definitions in schema_syntax.c). The failure has been detected by Matthieu Patou on the buildfarm host "tridge" due to a malformed "groupType" attribute. The solution is to use the "%d" specifier. Either to use it directly - or better (when possible) use the call "samdb_msg_add_uint" (which encapsulates it). This patch changes such problematic situations.
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer1-10/+10
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-08-23s4-libnet: show the DN when DsAddEntry() failsAndrew Tridgell1-1/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-5/+5
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-23s4:provision Raise default max functional level to 2008R2Andrew Bartlett1-2/+2
We don't support many of the extra features, but that applies across many other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants. This also makes it possible to test 2008R2 domain code in 'make test' Andrew Bartlett
2010-06-23libds:common Remove DS_DC_* domain functionality flagsAndrew Bartlett1-1/+1
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set. Andrew Bartlett
2010-06-16s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library.Stefan Metzmacher1-1/+1
This is needed to remove samba specifc symbols from the bundled ldb, in order to get the ABI right. metze Signed-off-by: Andreas Schneider <asn@samba.org>
2010-06-16s4:libnet Remove 'ads min function level' checks.Andrew Bartlett1-23/+0
We support Windows 2000 native now. Andrew Bartlett
2010-05-18Finish removal of iconv_convenience in public API's.Jelmer Vernooij1-25/+23
2010-04-27nbt: samlogon/netlogon structures - unify denominationsMatthias Dieter Wallnöfer1-1/+1
2010-04-27s4-libnet: cope with an empty client site name from CLDAPAndrew Tridgell1-0/+5
We fall back to the server site name in a vampire Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-27s4-vampire: show main CLDAP response attributes during vampireAndrew Tridgell1-0/+4
2010-04-22s4-libnet: fixed two compiler warningsAndrew Tridgell1-3/+2
2010-04-13Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"Matthias Dieter Wallnöfer1-2/+4
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-04-12s4/libnet: handle errors returned for DsAddEntry_v3 properlyKamen Mazdrashki1-4/+3
It turns out ms-docs are little bit misleading - in case of no error, r->out.ctr->ctr3.err_data is not NULL, but error information (r->out.ctr->ctr3.err_data->v1.info) is NULL!
2010-04-12s4/libnet: Add few new lines in the debug log so it is readable againKamen Mazdrashki1-14/+16
2010-04-12s4/libnet: Dump DRSUAPI_DIRERR_OK as unexpectedKamen Mazdrashki1-2/+1
Actually DRSUAPI_DIRERR_OK is not valid error to be returned. I introduce it in the IDL so that I can use it in enum. So it should be dumped as Unexpected error code
2010-03-24s4/drs: Implement DsAddEntry V3 error handlingKamen Mazdrashki1-10/+67
2010-03-24s4/drs: Refactor error handling for DsAddEntry V3 repliesKamen Mazdrashki1-15/+43
Dumping for specific error classes are to be implemented properly in the near future.
2010-03-24s4/drs: drsuapi_DsAddEntry_ErrData propagate structure def in source codeKamen Mazdrashki1-7/+7
2010-03-24s4/drs: DsAddEntry - extending error handling for V2 repliesKamen Mazdrashki1-2/+15
After having more complete definition for DsAddEntryReply V2 structure, we can now handle error state in more robust way, not just counting on number of objects returned.
2010-03-24s4/drs: drsuapi_DsAddEntryErrorInfoX changes propagated to source codeKamen Mazdrashki1-2/+2
2010-03-24s4/drs: DsAddEntry - Propagating unsigned switches to source codeKamen Mazdrashki1-1/+1
2010-03-12s4:libnet_become_dc: make use of use tevent_req based dcerpc_binding_handle ↵Stefan Metzmacher1-53/+80
stubs metze
2010-03-10s4:libnet_become_dc - change counter variables to "unsigned" where they ↵Matthias Dieter Wallnöfer1-2/+2
count LDB objects
2010-03-10s4/drs: DsGetNCChanges - Propagating IDL changes to source codeKamen Mazdrashki1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-01s4:libnet_become_dc: don't look at the internals of 'struct rpc_request'Stefan Metzmacher1-7/+21
metze
2010-03-01s4:libnet_become_dc: make use of explicit dcerpc_*_recv functionsStefan Metzmacher1-71/+9
metze
2010-03-01s4/libnet: Fix misleading commentAnatoliy Atanasov1-1/+1
2010-02-26s4:libnet: use a connected CLDAP socket.Stefan Metzmacher1-3/+15
This is needed because we don't (want) to specify an explicit local address. And the socket family (ipv4 vs. ipv6) needs to be autodetected based on the remote address before the socket() syscall. Otherwise we would try to connect to a ipv4 address through an ipv6only socket. metze
2010-02-17s4/rodc: change the libnet_become_dc code to do RODC joinAnatoliy Atanasov1-5/+54
2010-02-05s4/drs: propagate DRS_ extension flags in code baseKamen Mazdrashki1-1/+1
2010-01-18idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell1-18/+18
The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
2010-01-14s4-torture: switch to generic DRS options flagsAndrew Tridgell1-3/+2
2010-01-09s4-libnet: dsdb_wellknown_dn() in vampire codeAndrew Tridgell1-60/+17
2009-12-11s4:libnet/libnet_become_dc - Fix a small glitch in ↵Matthias Dieter Wallnöfer1-4/+1
"becomeDC_drsuapi1_add_entry_send" We shouldn't use the now uninitialised "status" variable anymore.
2009-12-10s4-libnet: use GUID_to_ndr_blob()Andrew Tridgell1-3/+3
2009-11-24s4:libnet_become_dc - fix typoMatthias Dieter Wallnöfer1-1/+1
2009-11-12s4:vampire Print error message when we fail on the CLDAP pingAndrew Bartlett1-2/+7
Andrew Bartlett
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-02s4-libnet: give sane error messages when functional levels don't matchAndrew Tridgell1-8/+12
It is nice to tell the user why their command failed :-)
2009-10-02s4:libnet_become_dc - add checks for valid domain/forest function levelsMatthias Dieter Wallnöfer1-10/+52
Add checks to make sure that we join only supported AD domains (we agreed that those are >= (Windows) 2003 Native per default - this is changeable with the "ads:function level" option). Add also checks to make sure that we cannot join domains which have a bigger function level than our DC capable function level (e.g. a (Windows) 2008 DC cannot join a (Windows) 2008 R2 domain).
2009-09-24s4-libnet: allow the functional level of becomeDC to be specifiedAndrew Tridgell1-1/+2
Use ads:functional level = 4 for DS_DC_FUNCTION_2008_R2 See libds/common/flags.h
2009-09-21s4:libnet_become_dc - bump down the level requested by abartletMatthias Dieter Wallnöfer1-1/+1
2009-09-17s4:libnet_become_dc - Fix some uninitialised variablesMatthias Dieter Wallnöfer1-3/+3
2009-09-17s4/domain behaviour flags: Fix them up in various locationsMatthias Dieter Wallnöfer1-1/+1
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-09s4: allow repl:RODC=true/false to set ourselves as a RODCAndrew Tridgell1-2/+6
I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing.