summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi/getncchanges.c
AgeCommit message (Collapse)AuthorFilesLines
2010-04-29s4/rodc: RODC FAS initial implementationAnatoliy Atanasov1-11/+10
2010-04-27s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPNAndrew Tridgell1-1/+3
this is an alternative way of establishing repsTo
2010-04-26s4-drs: don't send uninstantiated objects in getncchangesAndrew Tridgell1-0/+5
This includes deleted partitions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: validate RODC credentials via the user_sidAndrew Tridgell1-27/+12
This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: only allow replication with the right invocationIdAndrew Tridgell1-1/+20
Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-22s4-drs: Do not send RODC filtered attributes to RODCs on GetNCChanges replyFernando J V da Silva1-0/+14
During building an object to send it on a GetNCChanges reply, it checks the attributes and if any of them is a RODC filtered and the recipient is a RODC, then such attribute is not sent. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-22s4-drs: samdb_is_rodc() function and new samdb_rodc() functionFernando J V da Silva1-1/+13
This patch creates the samdb_is_rodc() function, which looks for the NTDSDSA object for a DC that has a specific invocationId and if msDS-isRODC is present on such object and it is TRUE, then consider the DC as a RODC. The new samdb_rodc() function uses the samdb_is_rodc() function for the local server. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-13Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"Matthias Dieter Wallnöfer1-2/+2
We should use the "ldb_get_*_basedn" calls since they are available in the LDB library.
2010-03-16s4:dsdb Change dsdb_get_schema() callers to use new talloc argumentAndrew Bartlett1-2/+2
This choses an appropriate talloc context to attach the schema too, long enough lived to ensure it does not go away before the operation compleates. Andrew Bartlett
2010-03-11s4/rpc_server Don't segfault over replPropertyMetaData contentsAndrew Bartlett1-0/+7
The replPropertyMetaData may contain attrid values that we don't yet have in the local schema. We need to deal with this - it is a serious error, but we should not segfault. Andrew Bartlett
2010-03-05s4:drsuapi RPC - Change also here counters to "unsigned"Matthias Dieter Wallnöfer1-4/+4
No need to have "signed" counters at those places.
2010-03-01s4/rodc: Implement samdb_rodc with ldb contextAnatoliy Atanasov1-1/+1
2010-02-13s4: use LDB_TYPESAFE_QSORT() instead of ldb_qsort()Andrew Tridgell1-3/+2
2010-02-13s4-rpcserver: use TYPESAFE_QSORT() in rpc serversAndrew Tridgell1-14/+12
2010-01-18idl: switched to using the WSPP names for the 'neighbour' DRS optionsAndrew Tridgell1-4/+4
The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations.
2010-01-16s4-dsdb: take advantage of local cursor and sortAndrew Tridgell1-34/+3
in getncchanges and repl task we don't need the extra load and sort any more.
2010-01-16s4-drs: use dsdb_load_udv_v2() in getncchanges codeAndrew Tridgell1-52/+6
2010-01-14s4-drs: switch the DRS server to the generic DRS options flagsAndrew Tridgell1-3/+3
2010-01-09s4-drs: base is_nc_prefix on instanceTypeAndrew Tridgell1-1/+3
for extended operations comparing to the ncRoot_dn is not correct
2010-01-09s4-drs: need to set the getncchanges extended_ret on success tooAndrew Tridgell1-0/+3
2010-01-09s4-drs: be less verbose when we filter objects by UDVAndrew Tridgell1-5/+5
2010-01-09s4-drs: added filtering by udv in getncchangesAndrew Tridgell1-9/+57
When a client supplied an uptodateness_vector, we can use it to filter what objects we return. This greatly reduces the amount of replication traffic between DCs.
2010-01-09s4-drs: fixed the NC in the getncchanges RID alloc replyAndrew Tridgell1-11/+13
the search happens on a different DN to the NC of the request, but the reply is with the original NC
2010-01-09s4-drs: fixed usage of ldb_dn_new()Andrew Tridgell1-1/+1
2010-01-08s4-drs: we need to wrap extended operations in transactionsAndrew Tridgell1-5/+21
2010-01-08s4-drs: added some debug messagesAndrew Tridgell1-0/+6
It is nice to see when a RID Alloc is successful
2010-01-08s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOCAndrew Tridgell1-7/+103
This allocates a RID pool for the client DC when we are the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNsAndrew Tridgell1-1/+1
This allows for more flags in the future
2010-01-02s4-drs: sort linked attributesAndrew Tridgell1-0/+73
See MS-DRSR section 4.1.10.5.17 for a description of the sorting comparison function
2010-01-02s4-drs: use dsdb linked attribute parse functionsAndrew Tridgell1-19/+1
This makes the code considerably more readable
2010-01-02s4-drs: update highwatermark after successfully encoding the objectAndrew Tridgell1-8/+8
2010-01-02s4-drs: send all linked attributes at the end of a replication cycleAndrew Tridgell1-3/+7
This ensures that a link is not seen before the object it points to
2010-01-02s4-drs: use the extended linearized form for DRS replicationAndrew Tridgell1-5/+4
We were sending zero GUIDs. Not good! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-02s4-drs: implemented sorting functions based on replication flagsAndrew Tridgell1-2/+43
I think we probably have more work to do on the sort order, but this brings us a bit closer.
2010-01-02s4-drs: fixed the UDV return in getncchangesAndrew Tridgell1-5/+17
We should overwrite an existing entry if found
2010-01-02s4-drs: some useful debugging options for getncchangesAndrew Tridgell1-11/+42
Added two debugging parametric options drs:max object sync = drs:extra filter =
2010-01-02s4-drs: handle mixtures of old and new style links in getncchangesAndrew Tridgell1-0/+17
We need to send non-upgraded links using the old format
2010-01-02s4-drs: added linked attribute replication to getncchangesAndrew Tridgell1-15/+203
2009-12-16s4:drsuapi/getncchanges.c - Update the list of operational attributesMatthias Dieter Wallnöfer1-7/+8
- Reorder them as specified in "operational.c" - Add also the lan manager hash password attribute
2009-12-09s4-drs: ensure we fill in ncRoot_dn in getncchangesAndrew Tridgell1-0/+7
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-09s4-drs: use parentGUID attribute in getncchangesAndrew Tridgell1-34/+6
Now that parentGUID is reliable again, use it instead of building our own Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-03s4-drs: fixed UDV and overlapping sync calls in DRSAndrew Tridgell1-40/+42
When windows abandons a DRS sync, it will sometimes re-use the same bind handle for a new sync. This means we need to check the DN of the sync and blank the getnc_state if the DN has changed. This also fixes the UDV to use the highest uSN for the partition, not for the whole SAM.
2009-11-20s4-dsdb: some more attribuutes that we should only give if asked forAndrew Tridgell1-1/+8
2009-11-20s4-drs: we need to specifically ask for ntSecurityDescriptorAndrew Tridgell1-1/+1
ntSecurityDescriptor is no longer included by default
2009-10-20s4: ran minimal_includes.pl on source4/rpc_serverAndrew Tridgell1-2/+0
2009-10-15s4-drs: support DRSUAPI_DRS_ADD_REF flagAndrew Tridgell1-5/+29
The DRSUAPI_DRS_ADD_REF flag tells the DRS server to run an UpdateRefs call on behalf of the client after the DsGetNCChanges call. The lack of support for this option may explain why the repsTo attribute was not being created for w2k8-r2 replication partners.
2009-10-15drs: improved error checkingAndrew Tridgell1-16/+49
Check the validity of the requested options in DsGetNCChanges
2009-10-13s4-repl: check that a DsGetNCChanges is a continuation, and fix sortingAndrew Tridgell1-3/+16
When we indicate that a getncchanges request is not complete, we set the more_data flag to true in the response. The client usually then asks for the next block of data. If the client decides it wants to skip that replication and do a different replication then we need to make sure that the next call is in fact a continuation of the existing call, and not a new call. This relies on returning the results sorted by uSNChanged, as the client uses the tmp_highest_usn in each result to see if progress is being made.
2009-10-06s4-drs: take advantage of system session auth in dsbindAndrew Tridgell1-23/+10
Now that the bind opens samdb with the right credentials, we no longer need the re-open in updaterefs and getncchanges
2009-09-28s4-drs: removed debug code that replicated a maximum of 10 objects at a timeAndrew Tridgell1-2/+1
generated by cgit (git 2.34.1) at 2024-11-20 13:47:19 +0000