summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
AgeCommit message (Collapse)AuthorFilesLines
2012-08-14s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dnAndrew Bartlett1-1/+1
As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
2011-08-10s4-drs: In dcesrv_drsuapi_DsRemoveDSServer use the subtree control to delete ↵Matthieu Patou1-1/+2
the NTDS entry This entry has most of the time subelements (connections between DCs) that will forbid a simple (non recursive) delete
2011-03-01s4:drsuapi RPC server - this resembles more "samdb_is_gc"Matthias Dieter Wallnöfer1-1/+1
Reviewed by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 17:57:47 CET 2011 on sn-devel-104
2011-03-01s4:dsdb - always handle the attribute "options" as 32bit unsigned integerMatthias Dieter Wallnöfer1-1/+1
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as 64-bit integer. Reviewed by: Kamenim and Metze Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104
2010-11-29s4:dcesrv_drsuapi RPC server - remove unreachable statementMatthias Dieter Wallnöfer1-1/+0
2010-11-27s4:drsuapi RPC server - fix "enum security_user_level" warning on Tru64Matthias Dieter Wallnöfer1-1/+1
2010-11-28s4-drs: allow DrsReplicaGetInfo as a DCAndrew Tridgell1-1/+1
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer1-1/+2
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-12s4-libcli/security Use seperate subsystem for session related functionsAndrew Bartlett1-0/+1
The merged I plan in this area require spliting security.h into two header files, a common header and a session.h for the remaining source4-specific code. Andrew Bartlett
2010-10-12libcli/security Add debug class to security_token_debug() et alAndrew Bartlett1-1/+1
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett
2010-10-10samdb: Add flags argument to samdb_connect().Jelmer Vernooij1-2/+2
2010-09-30s4-drs: added support for level 10 of getncchangesAndrew Tridgell1-0/+1
added a simple mapping from req8
2010-09-20s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders testAnatoliy Atanasov1-29/+26
2010-09-16s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} callsAndrew Tridgell1-3/+42
2010-09-16s4-drs: Wait DsReplicaSync for as long as it takes to completeKamen Mazdrashki1-2/+19
In case the caller wants sync execution, we should not cancel the call for internal timeout reason, but rather wait for its execution
2010-09-16s4-irpc: Add 'timeout' param for dcesrv_irpc_forward_rpc_call() callKamen Mazdrashki1-3/+7
It is to be used when caller wants to explicitly specify the timeout for the call
2010-08-20s4-drs: added sam_ctx_system on DRS bind stateAndrew Tridgell1-0/+19
The getncchanges call needs to be able to access the sam as the system user for RODC clients. To do this it needs a sam_ctx connection with system credentials Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17s4-drs: added domain_sid to DRS security checksAndrew Tridgell1-4/+4
we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-2/+2
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-08s4:drsuapi RPC server - "result_site_name" - fix variable denominationMatthias Dieter Wallnöfer1-3/+3
2010-06-28s4:dcesrv_drsuapi.c - fix a counter variableMatthias Dieter Wallnöfer1-2/+1
2010-04-22s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER levelAndrew Tridgell1-5/+5
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-03-11s4:rpc_server/drsuapi: don't reset [out,ref] pointer to NULL in ↵Stefan Metzmacher1-1/+0
dcesrv_drsuapi_DsRemoveDSServer() metze
2010-03-05s4:drsuapi RPC - Change also here counters to "unsigned"Matthias Dieter Wallnöfer1-1/+2
No need to have "signed" counters at those places.
2010-02-05s4/drs: propagate DRS_ extension flags in code baseKamen Mazdrashki1-1/+1
2010-01-17s4-drs: allow for security bypass for DsReplicaGetInfoAndrew Tridgell1-5/+9
Use --option=drs:disable_sec_check=true until the group membership bug with the PAC is fixed.
2010-01-16s4-dsdb: require admin access for DsReplicaGetInfoAndrew Tridgell1-5/+7
2010-01-16s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS ↵Andrew Tridgell1-1/+11
infoType. This patch includes the framework for the implementation of all infoTypes of the DsGetReplInfo() call, and includes the implementation for the first one, the DS_REPL_INFO_NEIGHBORS. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-16s4-drs: give better debug info on unsupported DRS callsAndrew Tridgell1-14/+20
2010-01-09s4-debug: lower the verbosity of a couple of common log messagesAndrew Tridgell1-1/+1
2010-01-09s4-drs: moved the DsWriteAccountSpn call to its own fileAndrew Tridgell1-75/+0
2010-01-02s4-drs: set flag to indicate that we do support linked attributesAndrew Tridgell1-4/+1
2009-11-14s4-drs: DsExecuteKCC() implementationErick Nascimento1-1/+10
I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc(). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell1-1/+1
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-12s4-drs: make DsBind a bit less verboseAndrew Tridgell1-1/+1
2009-10-06s4-drs: open samdb with system credentials when authorisedAndrew Tridgell1-1/+14
When a DC connects to DRS, open the samdb with system session credentials, so that we don't have to re-open it each time on other calls.
2009-09-19Add drs_security_level_check for dcesrv calls security checksAnatoliy Atanasov1-8/+10
There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true
2009-09-19more include minimisationAndrew Tridgell1-3/+0
2009-09-17idl: added DsExecuteKCC IDLAndrew Tridgell1-3/+3
2009-09-15s4-repl: take advantage of async RPC forwardingAndrew Tridgell1-21/+4
This uses async RPC forwarding for the DsReplicaSync call
2009-09-15s4-drs: lock down key DRS callsAndrew Tridgell1-2/+11
The key DRS calls should only be allowed by administrators or domain controllers
2009-09-11s4-idl: added the IDL for the DsReplica* callsAndrew Tridgell1-9/+9
2009-09-09s4:drs split addentry and getncchanges into separate filesAndrew Tridgell1-290/+2
These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow
2009-09-09s4/repl: implement DsReplicaSyncAndrew Tridgell1-5/+26
This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition.
2009-09-08s3:drsuapi: add a simple DsRemoveDSServer() implementationStefan Metzmacher1-1/+42
metze
2009-09-08s4:drsuapi: add an incomplete DsAddEntry implementationStefan Metzmacher1-2/+37
metze
2009-09-08s4: implemented server side of DSUpdateRefs callAndrew Tridgell1-10/+3
This call is made by DCs to tell us we should notify them of directory changes
2009-09-08Fill the meta data vector in the responce struct.Anatoliy Atanasov1-4/+32
2009-09-03First attempt to implement dcesrv_drsuapi_DsGetNCChangesAnatoliy Atanasov1-1/+204
So far it returns the ctr6 responce without proper linked attributes support and metadata. A couple of improvements are the filter in the search uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes are excluded from the result.
2008-10-20Make sure prototypes are always included, make some functions static andJelmer Vernooij1-2/+2
remove some unused functions.