| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2009-09-19 | s4-drs: security checking on DRS needs to default to on | Andrew Tridgell | 1 | -1/+2 | |
| 2009-09-19 | s4-repl: need param.h for lp_parm_bool | Andrew Tridgell | 1 | -0/+1 | |
| 2009-09-19 | Move replmd_drsuapi_DsReplicaCursor2_compare to a common place. | Anatoliy Atanasov | 1 | -7/+1 | |
| 2009-09-19 | Add drs_security_level_check for dcesrv calls security checks | Anatoliy Atanasov | 6 | -20/+36 | |
| There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true | |||||
| 2009-09-19 | more include minimisation | Andrew Tridgell | 5 | -17/+0 | |
| 2009-09-19 | s4-rpc_server: removed remaining unnecessary #includes | Andrew Tridgell | 1 | -0/+2 | |
| 2009-09-17 | idl: added DsExecuteKCC IDL | Andrew Tridgell | 1 | -3/+3 | |
| 2009-09-15 | s4-repl: take advantage of async RPC forwarding | Andrew Tridgell | 1 | -21/+4 | |
| This uses async RPC forwarding for the DsReplicaSync call | |||||
| 2009-09-15 | s4-drs: lock down key DRS calls | Andrew Tridgell | 4 | -22/+54 | |
| The key DRS calls should only be allowed by administrators or domain controllers | |||||
| 2009-09-15 | s4-drs: filter based on local_usn | Andrew Tridgell | 1 | -1/+1 | |
| The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData | |||||
| 2009-09-14 | s4-drs: allow replication of renames | Andrew Tridgell | 1 | -6/+7 | |
| a rename may have no attribute changes | |||||
| 2009-09-13 | s4-drs: fixed search expression | Andrew Tridgell | 1 | -1/+1 | |
| At least on the command line the braces are needed. Strange. | |||||
| 2009-09-12 | s4-drs: change debug level | Andrew Tridgell | 1 | -1/+1 | |
| It's useful seeing the object count without as much detail | |||||
| 2009-09-12 | s4-drs: also fill in tmp_highest_usn | Andrew Tridgell | 1 | -0/+1 | |
| Without this the client will not update its repsFrom highest_usn values | |||||
| 2009-09-12 | s4-drs: return objects with uSN > highest_usn | Andrew Tridgell | 1 | -2/+6 | |
| When the client tells us the highest_usn they have is N, then we want to send them objects with usn>N, not>=N, as otherwise we end up sending them the same object (the one with the highest uSN) again and again. | |||||
| 2009-09-12 | s4-drs: spelling fix, and simpler search expression | Andrew Tridgell | 1 | -2/+2 | |
| uSNChanged>=N is good enough, and offers a possibility of a simple optimisation where the partition module could look for that expression and check the partitions sequence number, then avoid searching a partition that doesn't have any records with a larger uSN. | |||||
| 2009-09-12 | s4-drs: fixed the cursor generation to always be filled in | Andrew Tridgell | 1 | -102/+152 | |
| We were relying on the uSNChanged>=n search always finding the DN of the root of the partition, but this now doesn't happen very often as we are now restricting when we change uSNChanged. This means we need to always load the replUpToDateVector attribute from the NC root and use it to populate the cursors in the return. | |||||
| 2009-09-12 | s4-repl: use common functions to simplify updaterefs.c | Andrew Tridgell | 1 | -108/+4 | |
| We now have dsdb_loadreps() and dsdb_savereps() | |||||
| 2009-09-12 | Fix up-to-dateness vector creation. | Anatoliy Atanasov | 1 | -15/+76 | |
| 2009-09-11 | s4-drs: fixed the ldap SPN in AddEntry | Andrew Tridgell | 1 | -1/+1 | |
| 2009-09-11 | s4-idl: added the IDL for the DsReplica* calls | Andrew Tridgell | 1 | -9/+9 | |
| 2009-09-11 | s4-drs: actually call the new drsuapi_add_SPNs() code | Andrew Tridgell | 1 | -2/+2 | |
| An early return here didn't do any good :-) | |||||
| 2009-09-11 | s4-drs: add the magic DRS SPNs on AddEntry | Andrew Tridgell | 1 | -4/+120 | |
| When a DsAddEntry is used to create a nTDSDSA object we need to also create the SPNs for the NTDS GUID in the servers machine account. | |||||
| 2009-09-11 | s4/drs: parentGUID needs to be specififcally asked for | Andrew Tridgell | 1 | -1/+2 | |
| Right now parentGUID is a normal attribute in s4, but it should be generated, which means we need to ask for it in a search if we want to use it. | |||||
| 2009-09-10 | s4/drs: enable attribute encryption | Andrew Tridgell | 1 | -6/+41 | |
| This means we now get passwords vampired correctly for s4<->s4 replication. | |||||
| 2009-09-10 | s4/drs: changed the UpdateRefs server to use the dn instead of the GUID | Andrew Tridgell | 1 | -27/+18 | |
| Our vampire code sends a zero GUID in the updaterefs calls. Windows seems to ignore the GUID and use the DN in the naming context instead, so I have changed our UpdateRefs server implementation to do the same. With this change we can now vampire from s4<->s4 successfully! Now to see if all the attributes came across correctly. | |||||
| 2009-09-10 | s4/drs: correctly fill in the GUID of DRS objects | Andrew Tridgell | 1 | -1/+1 | |
| 2009-09-10 | s4: fix spelling | Andrew Tridgell | 1 | -1/+1 | |
| 2009-09-10 | s4/drs: when we don't find an attribute use zero values | Andrew Tridgell | 1 | -19/+10 | |
| thanks to metze for pointing this out | |||||
| 2009-09-09 | s4:drs match the meta_data and attributes array | Andrew Tridgell | 1 | -16/+46 | |
| These two arrays need to be in sync, as they are walked in sync by the client | |||||
| 2009-09-09 | s4/drs: broke out the core of the getncchanges code | Andrew Tridgell | 1 | -81/+96 | |
| It is easier to understand without the heavy nesting | |||||
| 2009-09-09 | s4:drs level_out is a pointer | Andrew Tridgell | 1 | -1/+1 | |
| DsAddEntry now seems to work for simple tests | |||||
| 2009-09-09 | s4:drs split addentry and getncchanges into separate files | Andrew Tridgell | 6 | -292/+373 | |
| These will get quite complex eventually, I think we are better separating them so the code is a bit easier to follow | |||||
| 2009-09-09 | s4/repl: implement DsReplicaSync | Andrew Tridgell | 1 | -5/+26 | |
| This patch implements DsReplicaSync by passing the call via irpc to the repl server task. The repl server then triggers an immediate replication of the specified partition. This means we no longer need to set a small value for dreplsrv:periodic_interval to force frequent DRS replication. We can now wait for the DC to send us a ReplicaSync msg for any partition that changes, and we immediately sync that partition. | |||||
| 2009-09-09 | s4: fixed format of repsTo in samdb | Andrew Tridgell | 1 | -52/+70 | |
| Metze pointed out what the windows tool ldp.exe will examine repsTo attributes on remote DCs, so we do in fact need to use the same format that windows uses. This patch changes the server side implementation of UpdateRefs to use the windows format | |||||
| 2009-09-08 | s3:drsuapi: add a simple DsRemoveDSServer() implementation | Stefan Metzmacher | 1 | -1/+42 | |
| metze | |||||
| 2009-09-08 | s4:drsuapi: add an incomplete DsAddEntry implementation | Stefan Metzmacher | 1 | -2/+37 | |
| metze | |||||
| 2009-09-08 | s4: implemented server side of DSUpdateRefs call | Andrew Tridgell | 4 | -10/+337 | |
| This call is made by DCs to tell us we should notify them of directory changes | |||||
| 2009-09-08 | Fill the meta data vector in the responce struct. | Anatoliy Atanasov | 1 | -4/+32 | |
| 2009-09-03 | First attempt to implement dcesrv_drsuapi_DsGetNCChanges | Anatoliy Atanasov | 1 | -1/+204 | |
| So far it returns the ctr6 responce without proper linked attributes support and metadata. A couple of improvements are the filter in the search uses '(uSNChanged>=N)', added extended dn search support, non-replicated attributes are excluded from the result. | |||||
| 2008-10-20 | Make sure prototypes are always included, make some functions static and | Jelmer Vernooij | 1 | -2/+2 | |
| remove some unused functions. | |||||
| 2008-10-18 | s4-drsuapi: merge drsuapi_DsCrackNames from s3 drsuapi idl. | Günther Deschner | 1 | -8/+10 | |
| Guenther | |||||
| 2008-10-18 | s4-drsuapi: merge drsuapi_DsGetDomainControllerInfo from s3 drsuapi idl. | Günther Deschner | 1 | -5/+7 | |
| Guenther | |||||
| 2008-10-18 | s4-drsuapi: merge drsuapi_DsWriteAccountSpn from s3 drsuapi idl. | Günther Deschner | 1 | -5/+8 | |
| Guenther | |||||
| 2008-09-23 | Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. | Simo Sorce | 1 | -9/+9 | |
| The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful. | |||||
| 2008-07-22 | Change occurrences of the u1 member of DsBindInfo* to pid after idl change. | Michael Adam | 1 | -6/+9 | |
| Michael (This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de) | |||||
| 2008-04-17 | Specify event_context to ldb_wrap_connect explicitly. | Jelmer Vernooij | 1 | -1/+1 | |
| (This used to be commit b4e1ae07a284c044704322446c94351c2decff91) | |||||
| 2007-12-21 | r26540: Revert my previous commit after concerns raised by Andrew. | Jelmer Vernooij | 1 | -2/+2 | |
| (This used to be commit 6ac86f8be7d9a8c5ab396a93e6d1e6819e11f173) | |||||
| 2007-12-21 | r26539: Remove unnecessary statics. | Jelmer Vernooij | 1 | -2/+2 | |
| (This used to be commit e53e79eebef3ece6978f0a2b4a1ee0a0814bb5d2) | |||||
| 2007-12-21 | r26296: Store loadparm context in DCE/RPC server context. | Jelmer Vernooij | 1 | -1/+1 | |
| (This used to be commit fc1f4d2d65d4c983cba5421e7ffb64dd75482860) | |||||
 |
index : samba | |
| Unnamed repository; edit this file 'description' to name the repository. | ben |
| summaryrefslogtreecommitdiff |