summaryrefslogtreecommitdiff
path: root/source4/provision.ldif
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4715: alwys add the distinguishedName attributeStefan Metzmacher1-0/+35
the w2k3 dc join needs that metze (This used to be commit 29bc75ba28f8c73fe22878948ed43c41faee474c)
2007-10-10r4698: - Initial implementation of trusted domains in LSA.Andrew Bartlett1-0/+18
- Use templates for Secrets and the new trusted domains - Auto-add modifiedTime, createdTime and objectGUID to records in the samdb layer. Andrew Bartlett (This used to be commit 271c8faadfe2d9e0f3d523a1cdc831f5f9e35d19)
2007-10-10r4682: A LDB-based secrets implementation in Samba4.Andrew Bartlett1-0/+17
This uses LDB (a local secrets.ldb and the global samdb) to fill out the secrets from an LSA perspective. Some small changes to come, but the bulk of the work is now done. A re-provision is required after this change. Andrew Bartlett (This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)
2007-10-10r4484: - use the nTMixedDomain attribute to check if our domain is mixed ↵Stefan Metzmacher1-0/+1
mode or not metze (This used to be commit 7fe9550375a7a922f9fc93944acaf7915ee107c1)
2007-10-10r4377: Fix default groupType attributes.Volker Lendecke1-2/+2
Volker (This used to be commit 15d50350b596068643fb8e28d2a8cb45ac4d6204)
2007-10-10r4376: Implement samr_AddAliasMember, samr_DeleteAliasMember andVolker Lendecke1-0/+7
samr_GetMembersInAlias. Volker (This used to be commit 78802720ae922cf8ad19bf2e8be23a64435c4673)
2007-10-10r4345: Unify the representation of grouptype and samaccounttype to hex. ↵Volker Lendecke1-18/+18
Without any kind of schema support we only have string comparisons (Hmm. Is this true?) and must agree upon a common representation for integers. I suspect that we might sooner or later need a search filter for "This bit in this integer attrib is being set". Volker (This used to be commit 5f2d93b66bc89d499c91638f9b71394768d135af)
2007-10-10r4335: Fix some potential memleaks, implement CreateDomAlias. Hmmmm. Isn't thereVolker Lendecke1-0/+11
enough stuff to do in 3_0??? ;-) Volker (This used to be commit c0fa7a92d9f602dc50801a9827e121c2b095a336)
2007-10-10r4318: add missing template for trusting domainsStefan Metzmacher1-0/+20
metze (This used to be commit 32264c6c30c67372ce6f0b2f0914c43a1a6eb5ea)
2007-10-10r4227: index the privilege attribute to make lsa privilege calls efficientAndrew Tridgell1-0/+1
(This used to be commit e9e603208d79dc69c75420a8e085f8ad6c8a7095)
2007-10-10r4148: add a default set of privileges to the core builtin accounts in theAndrew Tridgell1-1/+39
sam. I decided to do it the simple way of making the privileges user attributes. w2k doesn't expose the privileges via LDAP, so we are free to store them in any way we like without breaking compatibility. (This used to be commit 5f29f4c3079be2fa54b94e08c829dadccc4d14c4)
2007-10-10r4046: add more servicePrincipalName's for the dc accountStefan Metzmacher1-0/+5
metze (This used to be commit 659a0b26e2fa466169078bab6dd4af1e5fffb48b)
2007-10-10r3991: for uid->sid and gid->sid to be efficient we need to index on unixIDAndrew Tridgell1-0/+2
and unixName in samdb. (This used to be commit 5c966821e2eced9a1b34a5274cc317eab1a44eaf)
2007-10-10r3754: merge in ldb modules support from the tmp branch ldbPluginsSimo Sorce1-0/+5
(This used to be commit 71323f424b4561af1fdddd2358629049be3dad8c)
2007-10-10r3632: added an index on "member" in default provision. This speeds up myAndrew Tridgell1-0/+1
connect/disconnect test by a factor of 20x when andrew gets a chance to change auth_sam.c to not do a search on member= and instead use the memberOf attribute for the user then we should delete this index attribute, as maintaining the index is expensive (This used to be commit 0443537be8e7ba87bdf716c1366e777f17652e0d)
2007-10-10r3109: Give krbtgt and our machine account a random password in provision.Andrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit 560a8c9f424495f85284a456e829326d2a931e6e)
2007-10-10r2873: create a DNS zone file for a BIND name serverStefan Metzmacher1-6/+6
metze (This used to be commit 1e8c43133116881fb7ecf6358c1a91e0e3ea2222)
2007-10-10r2829: REALM and netbiosname are always uppercaseStefan Metzmacher1-1/+1
dnsname and dnshostname always lowercase metze (This used to be commit 0b46dc6f4b3614fc1d258653f0c8df63586539b6)
2007-10-10r2808: added auto-detection of unix user and groups names during provision.Andrew Tridgell1-7/+7
(This used to be commit 036e953fac0cd5f0a5760ff0b9f9de45e8cf9479)
2007-10-10r2804: - setup some reasonable default SAM to unixName mappings in the ↵Andrew Tridgell1-0/+10
provisioning. - enable the unixuid module by default on all backends (This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)
2007-10-10r2727: mark the password fields as hiddenStefan Metzmacher1-1/+6
metze (This used to be commit 7ff118ecc90dd9cc9a5d1870e93fc5792bf66903)
2007-10-10r2313: Make these attributes case insensitive in the default provision.ldifAndrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit e7115c6b95e221f0bf4e3a5d02ae356738b2ebd5)
2007-10-10r919: - added lsa_QueryInfoPolicy2() to IDL, test suite and serverAndrew Tridgell1-0/+2
- added lsa_OpenPolicy2() to server - added guid handling in samdb - added a couple more info policy levels in lsa server - added some DNS info in the provisioning template and script With the above changes WinXP professional can join a Samba4 domain (This used to be commit d6dca96352144d6061175c964069ed54d942b9c2)
2007-10-10r793: - don't make templates members of any class that would make them showAndrew Tridgell1-2/+5
up in searches like "objectclass=user" - auto-add the computer objectclass for computer accounts on create - added two types of password change call in samr server - reset last_fault_code before each dcerpc call (This used to be commit c1a65f83f6a4c51e60efd204dab89c20cda65d2b)
2007-10-10r743: Start on a NETLOGON server in Samba4.Andrew Bartlett1-1/+43
Currently this only authentiates the machine, not real users. As a consequence of running the Samba4 NETLOGON test against Samba4, I found a number of issues in the SAMR server, which I have addressed. There are more templates in the provison.ldif for this reason. I also added some debug to our credentials code, and fixed some bugs in the auth_sam module. The static buffer in generate_random_string() bit me badly, so I removed it in favor of a talloc based system. Andrew Bartlett (This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
2007-10-10r624: all templates should be in class TemplateAndrew Tridgell1-0/+2
(This used to be commit 0431d309037e97456895095f8e0a44b71de1454e)
2007-10-10r615: Implement samr_OpenGroup, samr_QueryGroupInfo, samr_SetGroupInfo,Volker Lendecke1-0/+1
samr_DeleteDomainGroup. I've added the hidden attribute numMembers that must be maintained by Add/DelGroupMember for the GroupInfoAll query. Volker (This used to be commit 945d7478605c1bd67e4162ebb0635ab7da11faaf)
2007-10-10r605: Implement CreateDomainGroup, essentially cut&paste from CreateUser2.Volker Lendecke1-0/+10
Volker (This used to be commit 59241c0c9aa2d64d66eb04e81aa5500681604061)
2007-10-10r578: initial server side implementation of samr_CreateUser(),Andrew Tridgell1-1/+40
samr_CreateUser2(), samr_LookupNames(), samr_OpenUser(), and samr_DeleteUser() this uses a user template in the SAM db, of objectclass "userTemplate" and dn CN=TemplateUser,CN=Templates,$BASEDN. Using a template allows an admin to add any default user attributes that they might want to the user template and all new users will receive those attributes. (This used to be commit 10b6e0011b5952c98432dc2d4b2058ac89a9cc2d)
2007-10-10r459: added an initial provision.ldif - this is temporary, and needs to beAndrew Tridgell1-0/+734
replaced with a more sophisticated provisioning system (This used to be commit 86604bef236568028e84e6b1e8d935c3cfd70112)