Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-08-14 | s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dn | Andrew Bartlett | 1 | -1/+1 | |
As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104 | |||||
2011-08-10 | s4-drs: In dcesrv_drsuapi_DsRemoveDSServer use the subtree control to delete ↵ | Matthieu Patou | 1 | -1/+2 | |
the NTDS entry This entry has most of the time subelements (connections between DCs) that will forbid a simple (non recursive) delete | |||||
2011-03-01 | s4:drsuapi RPC server - this resembles more "samdb_is_gc" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Reviewed by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 17:57:47 CET 2011 on sn-devel-104 | |||||
2011-03-01 | s4:dsdb - always handle the attribute "options" as 32bit unsigned integer | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as 64-bit integer. Reviewed by: Kamenim and Metze Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104 | |||||
2010-11-29 | s4:dcesrv_drsuapi RPC server - remove unreachable statement | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
2010-11-27 | s4:drsuapi RPC server - fix "enum security_user_level" warning on Tru64 | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-11-28 | s4-drs: allow DrsReplicaGetInfo as a DC | Andrew Tridgell | 1 | -1/+1 | |
2010-10-15 | s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵ | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-10-12 | s4-libcli/security Use seperate subsystem for session related functions | Andrew Bartlett | 1 | -0/+1 | |
The merged I plan in this area require spliting security.h into two header files, a common header and a session.h for the remaining source4-specific code. Andrew Bartlett | |||||
2010-10-12 | libcli/security Add debug class to security_token_debug() et al | Andrew Bartlett | 1 | -1/+1 | |
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett | |||||
2010-10-10 | samdb: Add flags argument to samdb_connect(). | Jelmer Vernooij | 1 | -2/+2 | |
2010-09-30 | s4-drs: added support for level 10 of getncchanges | Andrew Tridgell | 1 | -0/+1 | |
added a simple mapping from req8 | |||||
2010-09-20 | s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test | Anatoliy Atanasov | 1 | -29/+26 | |
2010-09-16 | s4-drs: initial skeleton for DrsReplica{Add,Del,Mod} calls | Andrew Tridgell | 1 | -3/+42 | |
2010-09-16 | s4-drs: Wait DsReplicaSync for as long as it takes to complete | Kamen Mazdrashki | 1 | -2/+19 | |
In case the caller wants sync execution, we should not cancel the call for internal timeout reason, but rather wait for its execution | |||||
2010-09-16 | s4-irpc: Add 'timeout' param for dcesrv_irpc_forward_rpc_call() call | Kamen Mazdrashki | 1 | -3/+7 | |
It is to be used when caller wants to explicitly specify the timeout for the call | |||||
2010-08-20 | s4-drs: added sam_ctx_system on DRS bind state | Andrew Tridgell | 1 | -0/+19 | |
The getncchanges call needs to be able to access the sam as the system user for RODC clients. To do this it needs a sam_ctx connection with system credentials Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-drs: added domain_sid to DRS security checks | Andrew Tridgell | 1 | -4/+4 | |
we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 1 | -2/+2 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-08 | s4:drsuapi RPC server - "result_site_name" - fix variable denomination | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
2010-06-28 | s4:dcesrv_drsuapi.c - fix a counter variable | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
2010-04-22 | s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level | Andrew Tridgell | 1 | -5/+5 | |
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-03-11 | s4:rpc_server/drsuapi: don't reset [out,ref] pointer to NULL in ↵ | Stefan Metzmacher | 1 | -1/+0 | |
dcesrv_drsuapi_DsRemoveDSServer() metze | |||||
2010-03-05 | s4:drsuapi RPC - Change also here counters to "unsigned" | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
No need to have "signed" counters at those places. | |||||
2010-02-05 | s4/drs: propagate DRS_ extension flags in code base | Kamen Mazdrashki | 1 | -1/+1 | |
2010-01-17 | s4-drs: allow for security bypass for DsReplicaGetInfo | Andrew Tridgell | 1 | -5/+9 | |
Use --option=drs:disable_sec_check=true until the group membership bug with the PAC is fixed. | |||||
2010-01-16 | s4-dsdb: require admin access for DsReplicaGetInfo | Andrew Tridgell | 1 | -5/+7 | |
2010-01-16 | s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS ↵ | Andrew Tridgell | 1 | -1/+11 | |
infoType. This patch includes the framework for the implementation of all infoTypes of the DsGetReplInfo() call, and includes the implementation for the first one, the DS_REPL_INFO_NEIGHBORS. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-01-16 | s4-drs: give better debug info on unsupported DRS calls | Andrew Tridgell | 1 | -14/+20 | |
2010-01-09 | s4-debug: lower the verbosity of a couple of common log messages | Andrew Tridgell | 1 | -1/+1 | |
2010-01-09 | s4-drs: moved the DsWriteAccountSpn call to its own file | Andrew Tridgell | 1 | -75/+0 | |
2010-01-02 | s4-drs: set flag to indicate that we do support linked attributes | Andrew Tridgell | 1 | -4/+1 | |
2009-11-14 | s4-drs: DsExecuteKCC() implementation | Erick Nascimento | 1 | -1/+10 | |
I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc(). Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-10-23 | s4-dsdb: create a static system_session context | Andrew Tridgell | 1 | -1/+1 | |
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap | |||||
2009-10-12 | s4-drs: make DsBind a bit less verbose | Andrew Tridgell | 1 | -1/+1 | |
2009-10-06 | s4-drs: open samdb with system credentials when authorised | Andrew Tridgell | 1 | -1/+14 | |
When a DC connects to DRS, open the samdb with system session credentials, so that we don't have to re-open it each time on other calls. | |||||
2009-09-19 | Add drs_security_level_check for dcesrv calls security checks | Anatoliy Atanasov | 1 | -8/+10 | |
There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true | |||||
2009-09-19 | more include minimisation | Andrew Tridgell | 1 | -3/+0 | |
2009-09-17 | idl: added DsExecuteKCC IDL | Andrew Tridgell | 1 | -3/+3 | |
2009-09-15 | s4-repl: take advantage of async RPC forwarding | Andrew Tridgell | 1 | -21/+4 | |
This uses async RPC forwarding for the DsReplicaSync call | |||||
2009-09-15 | s4-drs: lock down key DRS calls | Andrew Tridgell | 1 | -2/+11 | |
The key DRS calls should only be allowed by administrators or domain controllers | |||||
2009-09-11 | s4-idl: added the IDL for the DsReplica* calls | Andrew Tridgell | 1 | -9/+9 | |
2009-09-09 | s4:drs split addentry and getncchanges into separate files | Andrew Tridgell | 1 | -290/+2 | |
These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow | |||||
2009-09-09 | s4/repl: implement DsReplicaSync | Andrew Tridgell | 1 | -5/+26 | |
This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition. | |||||
2009-09-08 | s3:drsuapi: add a simple DsRemoveDSServer() implementation | Stefan Metzmacher | 1 | -1/+42 | |
metze | |||||
2009-09-08 | s4:drsuapi: add an incomplete DsAddEntry implementation | Stefan Metzmacher | 1 | -2/+37 | |
metze | |||||
2009-09-08 | s4: implemented server side of DSUpdateRefs call | Andrew Tridgell | 1 | -10/+3 | |
This call is made by DCs to tell us we should notify them of directory changes | |||||
2009-09-08 | Fill the meta data vector in the responce struct. | Anatoliy Atanasov | 1 | -4/+32 | |
2009-09-03 | First attempt to implement dcesrv_drsuapi_DsGetNCChanges | Anatoliy Atanasov | 1 | -1/+204 | |
So far it returns the ctr6 responce without proper linked attributes support and metadata. A couple of improvements are the filter in the search uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes are excluded from the result. | |||||
2008-10-20 | Make sure prototypes are always included, make some functions static and | Jelmer Vernooij | 1 | -2/+2 | |
remove some unused functions. |