samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2009-09-19	Add drs_security_level_check for dcesrv calls security checks	Anatoliy Atanasov	1	-8/+10
	There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true
2009-09-19	more include minimisation	Andrew Tridgell	1	-3/+0

2009-09-17	idl: added DsExecuteKCC IDL	Andrew Tridgell	1	-3/+3

2009-09-15	s4-repl: take advantage of async RPC forwarding	Andrew Tridgell	1	-21/+4
	This uses async RPC forwarding for the DsReplicaSync call
2009-09-15	s4-drs: lock down key DRS calls	Andrew Tridgell	1	-2/+11
	The key DRS calls should only be allowed by administrators or domain controllers
2009-09-11	s4-idl: added the IDL for the DsReplica* calls	Andrew Tridgell	1	-9/+9

2009-09-09	s4:drs split addentry and getncchanges into separate files	Andrew Tridgell	1	-290/+2
	These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow
2009-09-09	s4/repl: implement DsReplicaSync	Andrew Tridgell	1	-5/+26
	This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition.
2009-09-08	s3:drsuapi: add a simple DsRemoveDSServer() implementation	Stefan Metzmacher	1	-1/+42
	metze
2009-09-08	s4:drsuapi: add an incomplete DsAddEntry implementation	Stefan Metzmacher	1	-2/+37
	metze
2009-09-08	s4: implemented server side of DSUpdateRefs call	Andrew Tridgell	1	-10/+3
	This call is made by DCs to tell us we should notify them of directory changes
2009-09-08	Fill the meta data vector in the responce struct.	Anatoliy Atanasov	1	-4/+32

2009-09-03	First attempt to implement dcesrv_drsuapi_DsGetNCChanges	Anatoliy Atanasov	1	-1/+204
	So far it returns the ctr6 responce without proper linked attributes support and metadata. A couple of improvements are the filter in the search uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes are excluded from the result.
2008-10-20	Make sure prototypes are always included, make some functions static and	Jelmer Vernooij	1	-2/+2
	remove some unused functions.
2008-10-18	s4-drsuapi: merge drsuapi_DsCrackNames from s3 drsuapi idl.	Günther Deschner	1	-8/+10
	Guenther
2008-10-18	s4-drsuapi: merge drsuapi_DsGetDomainControllerInfo from s3 drsuapi idl.	Günther Deschner	1	-5/+7
	Guenther
2008-10-18	s4-drsuapi: merge drsuapi_DsWriteAccountSpn from s3 drsuapi idl.	Günther Deschner	1	-5/+8
	Guenther
2008-09-23	Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.	Simo Sorce	1	-9/+9
	The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-07-22	Change occurrences of the u1 member of DsBindInfo* to pid after idl change.	Michael Adam	1	-6/+9
	Michael (This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de)
2008-04-17	Specify event_context to ldb_wrap_connect explicitly.	Jelmer Vernooij	1	-1/+1
	(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2007-12-21	r26540: Revert my previous commit after concerns raised by Andrew.	Jelmer Vernooij	1	-2/+2
	(This used to be commit 6ac86f8be7d9a8c5ab396a93e6d1e6819e11f173)
2007-12-21	r26539: Remove unnecessary statics.	Jelmer Vernooij	1	-2/+2
	(This used to be commit e53e79eebef3ece6978f0a2b4a1ee0a0814bb5d2)
2007-12-21	r26296: Store loadparm context in DCE/RPC server context.	Jelmer Vernooij	1	-1/+1
	(This used to be commit fc1f4d2d65d4c983cba5421e7ffb64dd75482860)
2007-12-21	r26227: Make loadparm_context part of a server task, move loadparm_contexts ↵	Jelmer Vernooij	1	-1/+2
	further up the call stack. (This used to be commit 0721a07aada6a1fae6dcbd610b8783df57d7bbad)
2007-12-21	r26135: Remove samdb_add(), samdb_delete() and samdb_modify(), which were just	Andrew Bartlett	1	-1/+1
	wrappers to ldb_add() etc. samdb_replace() remains, as it sets flags on all entries as 'replace'. Andrew Bartlett (This used to be commit 09c0faa5b7e1a560bf13b99a2584012a47377bb6)
2007-12-21	r25940: Rework the samldb and templates handling.	Andrew Bartlett	1	-6/+10
	Templates just don't belong in the sam.ldb, as they don't obey any of the other rules. This moves them to a seperate templates.ldb. In samldb, this patch reworks the duplicate SID and Name detection code, to use ldb_search_exp_fmt() rather than gendb_search. This returns far more useful errors, which we now handle and report better. The call to samdb_search_for_parent_domain() has been moved in samldb, to allow both the account and SID uniqueness checks to be in the same domain. This function also returns better errors. dcesrv_drsuapi.c is updated for the new prototype of samdb_search_for_parent_domain() Andrew Bartlett (This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
2007-10-10	r25553: Convert to standard bool type.	Jelmer Vernooij	1	-4/+4
	(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
2007-10-10	r24246: Avoid the annoying 'probable memory leak in ldb' messages, by fixing	Andrew Bartlett	1	-3/+3
	some issues in the NBT server (this was a false positive, but easily worked around) and DRSUAPI server. We should take care not to use the ldb_context as a talloc pool, and to always ensure that any results from ldb_search() are moved off that pool with talloc_steal or talloc_free(). To work around the issue in provision, for which I can find no fault (other than a lot of work being done in provision), I've moved the detector trigger to 400 additional blocks. This fixes Bug #4810 by <mwallnoefer@yahoo.de> Andrew Bartlett (This used to be commit 42bcf856203ae3cf43130519904828a143ac8d18)
2007-10-10	r23792: convert Samba4 to GPLv3	Andrew Tridgell	1	-3/+2
	There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10	r23239: Fill in drsuapi_QuerySitesByCost.	Günther Deschner	1	-3/+3
	Guenther (This used to be commit cf953d04813d193da5e9714ceebb7826dc7e4d0b)
2007-10-10	r22477: When an invaild base is specified to ldb_search, it should return	Andrew Bartlett	1	-20/+27
	LDB_ERR_NO_SUCH_OBJECT. Handle this (found against LDAP, ldb_tdb is being updated). Andrew Bartlett (This used to be commit 93e2ff2e85c57a192aadac96ce09a678d464e8ad)
2007-10-10	r21512: finish DsBind() in the DRSUAPI server:	Stefan Metzmacher	1	-13/+136
	- fill in our on bind_info struct correctly - remember the local and remote DsBindInfo28 struct - remember the remote bind_buid w2k3 now tries replicate using DsGetNCChanges() from us, after the NET-API-BECOME-DC test created the domain controller and replicated all data. (But we still give a DCERPC fault in DsGetNCChanges()...) metze (This used to be commit 33550c063d4e206fce63fdd99dc93a56995db580)
2007-10-10	r21356: we have a function to get the sites dn	Stefan Metzmacher	1	-5/+1
	also it's not always under the domain dn metze (This used to be commit b8c940f1e2bbd65ed5d2f4279434dd526456ad8b)
2007-10-10	r20850: Prefix all server calls with dcesrv_	Jelmer Vernooij	1	-27/+27
	(This used to be commit 76c78b0339cd88c61a13745f7f4e037f400db21b)
2007-10-10	r20514: implement idl for DsGetNT4ChangeLog() which transferres the meta data	Stefan Metzmacher	1	-3/+3
	for NT4 DC's in mixed mode domains. This call is triggered by tranferring the PDC FSMO Role to another DC the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl metze (This used to be commit d883815c8d64429e4dac26a93a15e67d31dc263e)
2007-10-10	r20374: It's still 2006 (just...). Add copyright.	Andrew Bartlett	1	-0/+1
	Andrew Bartlett (This used to be commit 21b38ae1e4c48dab4b89f234f4dc26a3aed401c3)
2007-10-10	r20353: Restructure the DRSUAPI DsGetDomainControllerInfo test, because as	Andrew Bartlett	1	-28/+2
	usual things are more complex than they appear. Also remove the incorrect server-side implementation, which blindly assumed some sense of consistancy across the API switch levels. Andrew Bartlett (This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
2007-10-10	r20315: Implement the server side of DsGetDomainControllerInfo. This is a	Andrew Bartlett	1	-1/+273
	supprisingly complex call... It turns out that the in/out parameter 'level' is not in/out, but set seperatly by the server-side code from r->req.req1.level. This commit also breaks out some common code from samldb into samdb. Andrew Bartlett (This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
2007-10-10	r19847: add idl for DsRemoveDSServer(), this is used when a server unbecomes ↵	Stefan Metzmacher	1	-3/+3
	a DC metze (This used to be commit df133cd22a350d422c49844e50a67f4cc1fb61e4)
2007-10-10	r19832: better prototypes for the linearization functions:	Simo Sorce	1	-1/+1
	- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10	r19831: Big ldb_dn optimization and interfaces enhancement patch	Simo Sorce	1	-2/+2
	This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10	r19761: This may need work, but here is an initial implementation of	Andrew Bartlett	1	-1/+64
	DsWriteAccountSpn(). It passes the client toture test. Andrew Bartlett (This used to be commit a1e80eeb9561a856ac5aa1f5a991dcd648b152ff)
2007-10-10	r16796: Fill in dsr_GetMemberships() / dsr_GetMemberships2().	Günther Deschner	1	-8/+6
	This intersting call is apparently used to construct the user token, collect memberships from other DSAs and to retrieve (nested) memberships of a given group. Torture test to follow (once I cleaned it up). Guenther (This used to be commit ca5e133e8c6fca188fcaa834cdcd4cb2cd801d79)
2007-10-10	r15319: remove unneeded macros	Stefan Metzmacher	1	-4/+4
	metze (This used to be commit 9611c8aa9ce0eba1703d5eecc52e67a9e5fba15f)
2007-10-10	r12608: Remove some unused #include lines.	Jelmer Vernooij	1	-1/+0
	(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10	r12542: Move some more prototypes out to seperate headers	Jelmer Vernooij	1	-0/+1
	(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10	r11270: Move the core CrackNames code from rpc_server/drsuapi to dsdb/samdb.	Andrew Bartlett	1	-3/+50
	I'm sure this will not be the final resting place, but it will do for now. Use the cracknames code in auth/ for creating a server_info given a principal name only (should avoid assumtions about spliting a user@realm principal). Andrew Bartlett (This used to be commit c9d5d8e45dd7b7c99b6cf35b087bc18012f31222)
2007-10-10	r10810: This adds the hooks required to communicate the current user from the	Andrew Bartlett	1	-1/+2
	authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10	r10286: This patch is ugly and disgusting, but for now it works better than ↵	Andrew Bartlett	1	-1/+1
	the other ideas I have had. When I get a full list of things I want to do to a krb5_context I'll either add gsskrb5_ wrappers, or a way of speicfying the krb5 context per gssapi context. (I want to ensure that the only krb5_context variables created while executing Samba4 are via our wrapper). Andrew Bartlett (This used to be commit 8a22d46e70e9f863831aba0c9913d195f833d625)
2007-10-10	r5742: - add torture test and idl for DsReplicaUpdateRefs()	Stefan Metzmacher	1	-9/+9
	(the torture test currently only tests if the idl is correct) - add start for idl for DsGetNCChanges() (if someone didn't noticed the current ethereal trunk code can successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs, when you provide a keytab and have compiled against heimdal :-) - add a view bitmaps and enum's for better debugging metze (This used to be commit cf7c1352ab2857b80256e02f70ab3fbd5177d596)