Age | Commit message (Collapse) | Author | Files | Lines |
|
fix the provision.ldif the layout of the @MODULES dn has changed since last commit
(This used to be commit acb99e63d40e71fa843c1b7a1719a350a353ed28)
|
|
anymore by the hacked ldap backend
- readd the schema naming context container object as it's needed for a w2k3 dc join
metze
(This used to be commit c583f806231652cce9879e9fc4237a5ab0774346)
|
|
(This used to be commit 37a133c8171087aceec4f377d513f7c28d726b14)
|
|
- add some stuff to make w2k3 dc join to get the correct
values
metze
(This used to be commit d1490635622023f5c672eea70260265960ac48b6)
|
|
but let schema checking be disabled by default until we can pass all test with it enabled
(This used to be commit e2c1ee1dd896c978e9be72fcbe4abce42482b7c9)
|
|
Andrew Bartlett
(This used to be commit feca96fe5a1612592757f53f7aa4eb5a39fd24ff)
|
|
(This used to be commit 31919995fd30d63b9dc89ca78d274f5c0de77206)
|
|
the w2k3 dc join needs that
metze
(This used to be commit 29bc75ba28f8c73fe22878948ed43c41faee474c)
|
|
- Use templates for Secrets and the new trusted domains
- Auto-add modifiedTime, createdTime and objectGUID to records in the
samdb layer.
Andrew Bartlett
(This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
|
|
This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.
Some small changes to come, but the bulk of the work is now done.
A re-provision is required after this change.
Andrew Bartlett
(This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
|
|
mode or not
metze
(This used to be commit 7fe9550375a7a922f9fc93944acaf7915ee107c1)
|
|
Volker
(This used to be commit 15d50350b596068643fb8e28d2a8cb45ac4d6204)
|
|
samr_GetMembersInAlias.
Volker
(This used to be commit 78802720ae922cf8ad19bf2e8be23a64435c4673)
|
|
Without any
kind of schema support we only have string comparisons (Hmm. Is this true?)
and must agree upon a common representation for integers. I suspect that we
might sooner or later need a search filter for "This bit in this integer
attrib is being set".
Volker
(This used to be commit 5f2d93b66bc89d499c91638f9b71394768d135af)
|
|
enough stuff to do in 3_0??? ;-)
Volker
(This used to be commit c0fa7a92d9f602dc50801a9827e121c2b095a336)
|
|
metze
(This used to be commit 32264c6c30c67372ce6f0b2f0914c43a1a6eb5ea)
|
|
(This used to be commit e9e603208d79dc69c75420a8e085f8ad6c8a7095)
|
|
sam. I decided to do it the simple way of making the privileges user
attributes. w2k doesn't expose the privileges via LDAP, so we are free
to store them in any way we like without breaking compatibility.
(This used to be commit 5f29f4c3079be2fa54b94e08c829dadccc4d14c4)
|
|
metze
(This used to be commit 659a0b26e2fa466169078bab6dd4af1e5fffb48b)
|
|
and unixName in samdb.
(This used to be commit 5c966821e2eced9a1b34a5274cc317eab1a44eaf)
|
|
(This used to be commit 71323f424b4561af1fdddd2358629049be3dad8c)
|
|
connect/disconnect test by a factor of 20x
when andrew gets a chance to change auth_sam.c to not do a search on
member= and instead use the memberOf attribute for the user then we
should delete this index attribute, as maintaining the index is
expensive
(This used to be commit 0443537be8e7ba87bdf716c1366e777f17652e0d)
|
|
Andrew Bartlett
(This used to be commit 560a8c9f424495f85284a456e829326d2a931e6e)
|
|
metze
(This used to be commit 1e8c43133116881fb7ecf6358c1a91e0e3ea2222)
|
|
dnsname and dnshostname always lowercase
metze
(This used to be commit 0b46dc6f4b3614fc1d258653f0c8df63586539b6)
|
|
(This used to be commit 036e953fac0cd5f0a5760ff0b9f9de45e8cf9479)
|
|
provisioning.
- enable the unixuid module by default on all backends
(This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)
|
|
metze
(This used to be commit 7ff118ecc90dd9cc9a5d1870e93fc5792bf66903)
|
|
Andrew Bartlett
(This used to be commit e7115c6b95e221f0bf4e3a5d02ae356738b2ebd5)
|
|
- added lsa_OpenPolicy2() to server
- added guid handling in samdb
- added a couple more info policy levels in lsa server
- added some DNS info in the provisioning template and script
With the above changes WinXP professional can join a Samba4 domain
(This used to be commit d6dca96352144d6061175c964069ed54d942b9c2)
|
|
up in searches like "objectclass=user"
- auto-add the computer objectclass for computer accounts on create
- added two types of password change call in samr server
- reset last_fault_code before each dcerpc call
(This used to be commit c1a65f83f6a4c51e60efd204dab89c20cda65d2b)
|
|
Currently this only authentiates the machine, not real users.
As a consequence of running the Samba4 NETLOGON test against Samba4, I
found a number of issues in the SAMR server, which I have addressed.
There are more templates in the provison.ldif for this reason.
I also added some debug to our credentials code, and fixed some bugs
in the auth_sam module.
The static buffer in generate_random_string() bit me badly, so I
removed it in favor of a talloc based system.
Andrew Bartlett
(This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
|
|
(This used to be commit 0431d309037e97456895095f8e0a44b71de1454e)
|
|
samr_DeleteDomainGroup.
I've added the hidden attribute numMembers that must be maintained by
Add/DelGroupMember for the GroupInfoAll query.
Volker
(This used to be commit 945d7478605c1bd67e4162ebb0635ab7da11faaf)
|
|
Volker
(This used to be commit 59241c0c9aa2d64d66eb04e81aa5500681604061)
|
|
samr_CreateUser2(), samr_LookupNames(), samr_OpenUser(),
and samr_DeleteUser()
this uses a user template in the SAM db, of objectclass "userTemplate"
and dn CN=TemplateUser,CN=Templates,$BASEDN. Using a template allows
an admin to add any default user attributes that they might want to
the user template and all new users will receive those attributes.
(This used to be commit 10b6e0011b5952c98432dc2d4b2058ac89a9cc2d)
|
|
replaced with a more sophisticated provisioning system
(This used to be commit 86604bef236568028e84e6b1e8d935c3cfd70112)
|