| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
controller"
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.
To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.
Andrew Bartlett
|
|
This matches the log level of the CLDAP case.
metze
|
|
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
w2k8r2 returns the local DC information on no inputs for
getDcNameEx2. This is needed for starting dsa.msc (ADUC) on
Win7.
CDLAP on the same call returns an error. This uses a parameter
fill_on_blank_request to distinguish the two cases.
|
|
|
|
A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.
Andrew Bartlett
|
|
metze
|
|
remove some unused functions.
|
|
|
|
|
|
Don't reopen the samdb for every netlogon packet, and use the
system_session(), as we must access data not available to anonymous.
Perhaps we should consider a 'authenticated but not system' token, if
we want more control on this.
Andrew Bartlett
(This used to be commit d10c9b71ea7f2670c4ea5ec569bcb7f49ec41362)
|
|
This now handles checking if the user exists, including validating the
ACB mask on the user.
This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...
Andrew Bartlett
(This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e)
|
|
I can't tell the difference between the NTLOGON and NETLOGON behaviour
on these pipes, and this 'exception' turned out to be alignment
dependent, not pipe dependent.
Andrew Bartlett
(This used to be commit bf1b99aff2a8feaee5f57c7530bc81d447e5d765)
|
|
It turns out that the mailslot name (and a useful private prointer) is
provided in the struct dgram_mailslot_handler.
Andrew Bartlett
(This used to be commit e17804b8857fdb3c182c5e886323b9d6c194c2ff)
|
|
This commit also fixes a number of issues found by the NBT-DGRAM and
LDAP-CLDAP tests.
Andrew Bartlett
(This used to be commit 8f99a4b94e95f8bde0f80f92d4e57020c62cfaab)
|
|
Rework the mailslot infrustructure to cope, passing down the mailslot
name so that we can implement both in the same callback function.
Andrew Bartlett
(This used to be commit 89fdd77891529aa74bb920994b8b5959aae8ac2d)
|
|
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
|
|
(This used to be commit f920e78ea7bb8aa575e6a2ebb5cc53462fbe2fe9)
|
|
(This used to be commit 6fd0d9d3b75546d08c24c513e05b1843d5777608)
|
|
(This used to be commit 9d806da113b5f0688b6193dfdee9b8765e18b38f)
|
|
(This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081)
|
|
further up the call stack.
(This used to be commit 0721a07aada6a1fae6dcbd610b8783df57d7bbad)
|
|
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
|
|
(This used to be commit ac83dbf199fd442fc994d43a6e5e9fda8d4c88b6)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
some issues in the NBT server (this was a false positive, but easily
worked around) and DRSUAPI server.
We should take care not to use the ldb_context as a talloc pool, and
to always ensure that any results from ldb_search() are moved off that
pool with talloc_steal or talloc_free().
To work around the issue in provision, for which I can find no fault
(other than a lot of work being done in provision), I've moved the
detector trigger to 400 additional blocks.
This fixes Bug #4810 by <mwallnoefer@yahoo.de>
Andrew Bartlett
(This used to be commit 42bcf856203ae3cf43130519904828a143ac8d18)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
- use the client_site when creating the server object
metze
(This used to be commit b02d0e1be343c7d609715237dc842702b6fbe231)
|
|
(This used to be commit 548c682fe5aff4657f53d7986642a87566f6f531)
|
|
(This used to be commit 4f235b88aa0ce6c684bf203ea3cbc81e91a3cd3e)
|
|
I think we should have a helper function for this search, we do it too
often...
Andrew Bartlett
(This used to be commit 09327baa0ded3a98398b266c960f827b29021d91)
|
|
(This used to be commit 09007b0907662a0d147e8eb21d5bdfc90dbffefc)
|
|
dnsRoot.
Fix to read the nETBIOSName from the correct result.
Andrew Bartlett
(This used to be commit dc37c48724115940094a0f6003ee2f74fe81d102)
|
|
LDAP backends.
Andrew Bartlett
(This used to be commit 270a77bfff65c9e1d5d7c535338f9b9b86d53fa3)
|
|
requests...
this fixes a bug where I thought windows would try KRB5 via broadcast...
metze
(This used to be commit 0e7b224294ce6a3b5bbdc284181ab496a5a0c058)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
metze
(This used to be commit e73cc5060c4cf4ac286c407fb8a323ce6be6b79c)
|
|
fix bug #3411
metze
(This used to be commit 2cb587c779b5f70e4818fa57fcb2b8ee4a2a276b)
|
|
(so I may learn about the protocol, while watching the debug output)
metze
(This used to be commit 40d7033a1472e5f6b7760984b7d2b6b7db2db860)
|
|
structure that is more generic than just 'IP/port'.
It now passes make test, and has been reviewed and updated by
metze. (Thankyou *very* much).
This passes 'make test' as well as kerberos use (not currently in the
testsuite).
The original purpose of this patch was to have Samba able to pass a
socket address stucture from the BSD layer into the kerberos routines
and back again. It also removes nbt_peer_addr, which was being used
for a similar purpose.
It is a large change, but worthwhile I feel.
Andrew Bartlett
(This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
|
