summaryrefslogtreecommitdiff
path: root/source4/libnet
AgeCommit message (Collapse)AuthorFilesLines
2010-02-26s4:libnet: use a connected CLDAP socket.Stefan Metzmacher4-10/+47
This is needed because we don't (want) to specify an explicit local address. And the socket family (ipv4 vs. ipv6) needs to be autodetected based on the remote address before the socket() syscall. Otherwise we would try to connect to a ipv4 address through an ipv6only socket. metze
2010-02-22More spelling fixes across source4/Brad Hards1-1/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-17s4/rodc: change the libnet_become_dc code to do RODC joinAnatoliy Atanasov3-6/+59
2010-02-16s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flagsAndrew Tridgell2-9/+9
This allows for controls to be added easily where they are needed.
2010-02-05s4/drs: propagate DRS_ extension flags in code baseKamen Mazdrashki1-1/+1
2010-01-28s4:kdc move db functions in their own fileSimo Sorce1-1/+3
Keep all heimdal related plugin code within hdb_samba4.c Move interfaces needed by multiple plugins in db-glue.c Move sequence context in main db context so that we do not depend on db->hdb_dbc in the common code. Remove unnecessary paremeters from function prototypes
2010-01-28s4:kdc Use better db context structureSimo Sorce1-5/+5
This allows to use a common structure not tied to hdb_samba4 Also allows to avoid many casts within hdb_samba4 functions This is the first step to abstract samba kdc databse functions so they can be used by the MIT forthcoming plugin.
2010-01-18idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell2-24/+24
The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
2010-01-14s4-torture: switch to generic DRS options flagsAndrew Tridgell1-3/+2
2010-01-09s4-libnet: dsdb_wellknown_dn() in vampire codeAndrew Tridgell1-60/+17
2010-01-08s4-libnet: better error messages in libnet_vampire.cAndrew Tridgell1-2/+2
2009-12-25py_net/libnet: Remove C++-style comments, add more error checking, moveJelmer Vernooij2-5/+12
initialization of dcerpc subsystem to libnet.
2009-12-25s4-libnet: Python binding for libnet_SetPassword()Kamen Mazdrashki1-6/+66
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-25s4-net: Fix 'talloc_free with references ...' errorKamen Mazdrashki1-4/+4
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-12-11s4:libnet/libnet_become_dc - Fix a small glitch in ↵Matthias Dieter Wallnöfer1-4/+1
"becomeDC_drsuapi1_add_entry_send" We shouldn't use the now uninitialised "status" variable anymore.
2009-12-10s4-libnet: use GUID_to_ndr_blob()Andrew Tridgell2-9/+7
2009-11-24s4:libnet_become_dc - fix typoMatthias Dieter Wallnöfer1-1/+1
2009-11-17s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schemaAndrew Bartlett1-1/+1
The load of defaultObjectCategory as an extended DN means we need to use the common parsing functions I just split out, rather than the GET_DS_DN macro. The objectGUIDs are loaded so that we can create the extended DN when we load from LDIF (and are loaded for the other cases for consistency). Also adapt callers to API changes needed for common parsing code Andrew Bartlett
2009-11-12s4:dsdb/repl Split the 'convert' or 'commit' stages in the DRS importAndrew Bartlett1-25/+38
This will allow us in future to do tests on the LDB values we generate from the DRS replication. Andrew Bartlett
2009-11-12s4:vampire Print error message when we fail on the CLDAP pingAndrew Bartlett1-2/+7
Andrew Bartlett
2009-11-06s4:libnet_passwd - fix pointer typeMatthias Dieter Wallnöfer1-1/+1
2009-11-06s4/drs: dsdb_map_int2oid() replaced by dsdb_schema_pfm_oid_from_attid()Kamen Mazdrashki1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_verify_oid_mappings_drsuapi() replaced by ↵Kamen Mazdrashki1-1/+1
dsdb_schema_pfm_contains_drsuapi_pfm() dsdb_schema_pfm_contains_drsuapi_pfm() is part of reimplemented prefixMap interface. This name was choosen to clearly show, that this a week verification in case we want to determine if remote schema is changed. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-11-06s4/drs: dsdb_load_oid_mappings_drsuapi() -> dsdb_load_prefixmap_from_drsuapi()Kamen Mazdrashki1-1/+1
Also, dsdb_load_oid_mappings_drsuapi() was reimplemented to use dsdb_schema_pfm_from_drsuapi_pfm() function to load drsuapi_prefixMap into schema->prefixmap Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-10-23s4-python: we need to include Python.h firstAndrew Tridgell1-1/+1
If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell4-4/+4
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-19s4-libnet: fixed privilege handling in samsync to use the right dbAndrew Tridgell1-30/+29
I only noticed this one because of Karolins spelling fix :-)
2009-10-19Fix typo.Karolin Seeger1-1/+1
privilage -> privilege Karolin
2009-10-02s4: fix various warnings (not "const" related ones)Matthias Dieter Wallnöfer1-1/+1
2009-10-02s4-libnet: give sane error messages when functional levels don't matchAndrew Tridgell1-8/+12
It is nice to tell the user why their command failed :-)
2009-10-02s4:libnet_become_dc - add checks for valid domain/forest function levelsMatthias Dieter Wallnöfer1-10/+52
Add checks to make sure that we join only supported AD domains (we agreed that those are >= (Windows) 2003 Native per default - this is changeable with the "ads:function level" option). Add also checks to make sure that we cannot join domains which have a bigger function level than our DC capable function level (e.g. a (Windows) 2008 DC cannot join a (Windows) 2008 R2 domain).
2009-09-28s4-libnet: fixed debug formattingAndrew Tridgell1-2/+2
2009-09-24s4-libnet: allow the functional level of becomeDC to be specifiedAndrew Tridgell1-1/+2
Use ads:functional level = 4 for DS_DC_FUNCTION_2008_R2 See libds/common/flags.h
2009-09-24s4-libnet: avoid a steal with references errorAndrew Tridgell1-1/+2
2009-09-21s4:libnet_become_dc - bump down the level requested by abartletMatthias Dieter Wallnöfer1-1/+1
2009-09-20s4:provision Use code to store domain join in 'net join' as wellAndrew Bartlett2-284/+51
This ensures we only have one codepath to store the secret, and therefore that we have a single choke point for setting the saltPrincipal, which we were previously skipping. Andrew Bartlett
2009-09-19s4-resolve: fixed a crash bug on timeoutAndrew Tridgell1-1/+1
We were creating the name resolution context as a child of lp_ctx, which meant when we gave up on a connection the timer on name resolution kept running, and when it timed out the callback crashed as the socket was already removed.
2009-09-17s4:libnet_become_dc - Fix some uninitialised variablesMatthias Dieter Wallnöfer1-3/+3
2009-09-17s4/domain behaviour flags: Fix them up in various locationsMatthias Dieter Wallnöfer1-1/+1
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
2009-09-15s4-repl: don't do double replicationAndrew Tridgell1-2/+4
When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC
2009-09-10s4/vampire: fixed i/j index mixup in vampire codeAndrew Tridgell1-3/+3
2009-09-09s4: allow repl:RODC=true/false to set ourselves as a RODCAndrew Tridgell1-2/+6
I think this is what windows DCs use to see that we are read-only, but I am not sure. Needs more testing.
2009-09-08s4: fixed updaterefs options bitmapAndrew Tridgell1-1/+1
2009-09-07s4: fixed the secrets.ldb construction in libnetAndrew Tridgell1-8/+8
on a vampire join we were not putting the right attributes and objectclass on the secrets.ldb record
2009-09-03show more reasonable object counts during a vampireAndrew Tridgell1-4/+18
We now show the total number of objects we have processed, which gives the user a better idea of how much has been done. A vampire on a large domain can take an hour or more (which needs to be fixed btw, it is a problem with the lack of scalability of the ltdb index code). Watching the same msg for an hour makes you wonder if any progress is being made!
2009-09-02wrap the entire vampire operation in a transactionAndrew Tridgell1-13/+24
We want to grab the whole database, or none of it. This is also needed to get linked attributes right
2009-07-31s4:libnet: use talloc_strdup() instead of talloc_reference()Stefan Metzmacher2-2/+2
metze
2009-07-28Fix compile of py_net.cAndrew Bartlett1-1/+3
2009-07-28s4:libnet Add in a 'credentials' parameter for python libnet_JoinAndrew Bartlett1-7/+20
2009-07-28s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett4-2/+84
It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett