summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi
AgeCommit message (Collapse)AuthorFilesLines
2012-10-07drsuapi: Validate the input parameters for the drsuapi_UpdateRefs functionMatthieu Patou1-0/+16
2012-10-07drsuapi: check more carefully the validity of the NCMatthieu Patou1-4/+11
Check that both the GUID and DN are the GUID/DN of a NC if not return WERR_DS_DRA_BAD_NC
2012-10-07s4-drs: fix the logic to allow REPL_SECRET if the account has GET_ALL_CHANGESMatthieu Patou1-0/+24
2012-10-07s4-drs: EXOP_REPL_SECRETS can be called by RW DC as wellMatthieu Patou1-7/+15
2012-10-07drs-getncchanges: do not set the highestUsn to 0Matthieu Patou1-1/+0
Paragraph 4.1.10.5 says that if err = 0 then msgOut.pNC := msgIn.pNC msgOut.usnvecFrom := msgIn.usnvecFrom so no need to set the highestUsn to 0
2012-10-07kcc: return invalid parameter if the taskId is not 0Matthieu Patou1-1/+3
2012-10-07Implement the LIST_INFO_FOR_SERVER input formatMatthieu Patou1-1/+2
2012-10-07getdcinfo: Check that the server object has a serverreference objects ↵Matthieu Patou1-2/+4
pointing to a DC object The problem was found by the DRSR testsuite where server objects were created in the Site container without serverrefrence attribute triggering error in the testsuite.
2012-09-25s4:rpc_server/drsuapi: use talloc_zero instead of talloc() in ↵Stefan Metzmacher1-1/+1
dcesrv_drsuapi_DsBind() metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 25 03:06:13 CEST 2012 on sn-devel-104
2012-09-25s4:rpc_server/drsuapi: fix a crash in ↵Stefan Metzmacher1-6/+6
dcesrv_drsuapi_DsGetDomainControllerInfo_1() metze
2012-08-14s4-repl: Use samdb_reference_dn_is_our_ntdsa()Andrew Bartlett1-15/+13
2012-08-14s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dnAndrew Bartlett2-3/+3
As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
2012-05-04Fix direct access to krb5_principal structureSimo Sorce1-2/+4
2011-12-23s4:drsuapi/getncchanges: the default for isRecycled is FALSEStefan Metzmacher1-1/+1
metze Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Fri Dec 23 09:30:09 CET 2011 on sn-devel-104
2011-12-23s4-drsuapi: we store boolean in upppercase so we need to test them in uppercaseMatthieu Patou1-4/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-19s4:drsuapi/getncchanges: return WERR_NOMEM if talloc_array() failsStefan Metzmacher1-0/+3
metze
2011-12-19s4-drs: introduce a timeout in the getncchanges processing to always return ↵Matthieu Patou1-6/+27
something in less than x seconds Signed-off-by: Andrew Tridgell <tridge@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-19s4-drs: avoid calling unecesserly ldb_msg_find_attr_as_* as this call in ↵Matthieu Patou1-26/+45
unefficient Current implementation of ldb_msg_find_attr_as_* iterate on the list of attributes returned by the search and make a string comparison. As we sorting the array of messages / guids we tend to call this function many times. By storing the GUID and the USN in a separate structure we are sure to call this function only once per attribute and object. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-11-13s4-drs: check if we have a domain level >= 2k8r2 as before the isRecycled do ↵Matthieu Patou1-7/+24
not exists and so is always False Having a false value cause the link on removed attribute to be always returned which is what we try to avoid.
2011-10-04s4-drs: added DSDB_REPL_FLAG_ADD_NCNAME to DsAddEntry callAndrew Tridgell1-0/+1
we want new NCs to be created
2011-09-20s4-drs: allow replication of the GC partial attribute setAndrew Tridgell1-5/+95
when a DC has the GUID_DRS_GET_FILTERED_ATTRIBUTES right on a NC, we need to allow it to replicate if all the attributes it is asking for are in the GC partial attribute set Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Sep 20 13:47:38 CEST 2011 on sn-devel-104
2011-08-26s4-drsuapi Allow DsAddEntry of normal objectsAndrew Bartlett1-1/+6
We previously only allowed objects of class ntDSDSA Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Aug 26 15:34:21 CEST 2011 on sn-devel-104
2011-08-25s4-drs: fixed msdcs DNS name in getncchangesAndrew Tridgell1-3/+2
2011-08-10s4-drs: In dcesrv_drsuapi_DsRemoveDSServer use the subtree control to delete ↵Matthieu Patou1-1/+2
the NTDS entry This entry has most of the time subelements (connections between DCs) that will forbid a simple (non recursive) delete
2011-07-27s4-dcerpc: Do not return linked attribute on deleted objects it makes W2k8R2 ↵Matthieu Patou1-1/+15
loops when joining s4 domains Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Wed Jul 27 00:46:56 CEST 2011 on sn-devel-104
2011-07-11s4-drs: do not return links pointed to unexistant objectsMatthieu Patou1-0/+24
When an object is deleted, link pointed to it are marked as inactive. When the same object is purged we do not remmove the link pointed to it (we can't know them) so they stay in the database, it turns to be a problem for Windows 2008. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-06-10s4-drs: added debug lines for missing linked attribute fieldsAndrew Tridgell1-0/+8
this improved the logging of bugs related to linked attribute replication Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Jun 10 03:26:21 CEST 2011 on sn-devel-104
2011-06-10s4-drs: cope with missing RMD_ADDTIME in linked attributesAndrew Tridgell1-4/+6
upgraded links can be missing the RMD_ADDTIME field
2011-05-11s4/getncchanges: Pre-mark extended requests as success in case a ↵Kamen Mazdrashki1-0/+4
sub-function "forget" to do this
2011-05-11s4/getncchanges: Implement placeholder for handling ex-op collection of objectsKamen Mazdrashki1-13/+44
Right now it is solely based on function that handles objects in normal DsGetNCChanges calls.
2011-05-11s4/getncchanges: Move the code that collects objects into separate functionKamen Mazdrashki1-41/+67
2011-05-11s4/getncchanges: Don't mask Extended operation result - callers need itKamen Mazdrashki1-1/+0
2011-05-11s4/getncchanges: Fail extended request rather than failing whole requestKamen Mazdrashki1-1/+3
in case that destination_dsa_guid is not valid
2011-03-19source4/rpc_server: Fix prototypes for all functions.Jelmer Vernooij1-0/+1
2011-03-04s4:dsdb - we don't need to check if a DN != NULL if we call "ldb_dn_validate"Matthias Dieter Wallnöfer1-4/+2
"ldb_dn_validate" is NULL-safe and does the check implicitly. Reviewed by: Tridge
2011-03-01s4:drsuapi RPC server - this resembles more "samdb_is_gc"Matthias Dieter Wallnöfer1-1/+1
Reviewed by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 17:57:47 CET 2011 on sn-devel-104
2011-03-01s4:drsuapi RPC server - check for the "SPN" attribute != NULLMatthias Dieter Wallnöfer1-0/+6
The SPN attribute could derive from an untrusted source (client). Reviewed-by: Jelmer
2011-03-01s4:dsdb - always handle the attribute "options" as 32bit unsigned integerMatthias Dieter Wallnöfer1-1/+1
It is defined as LDAP syntax 2.5.5.9 so no need at all to treat it as 64-bit integer. Reviewed by: Kamenim and Metze Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 1 12:46:15 CET 2011 on sn-devel-104
2011-03-01s4:remove many invocations of "samdb_msg_add_string"Matthias Dieter Wallnöfer1-4/+3
This call can be substituted by "ldb_msg_add_string". We only need to be careful on local objects or talloc'ed ones which live shorter than the message. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-02-15s4:drsuapi/getncchanges: make sure we don't process filteres objects more ↵Stefan Metzmacher1-3/+3
than once metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Feb 15 09:46:55 CET 2011 on sn-devel-104
2010-11-29s4:dcesrv_drsuapi RPC server - remove unreachable statementMatthias Dieter Wallnöfer1-1/+0
2010-11-27s4:drsuapi RPC server - fix "enum security_user_level" warning on Tru64Matthias Dieter Wallnöfer6-10/+9
2010-11-28s4-drs: allow DrsReplicaGetInfo as a DCAndrew Tridgell1-1/+1
2010-11-13s4-drs: fixed a crash in writspnAndrew Tridgell1-2/+8
sam_ctx_system may be NULL for non-privileged users Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sat Nov 13 08:52:53 UTC 2010 on sn-devel-104
2010-11-09s4:rpc_server/drsuapi: don't ask for constructed "distinguishedName" if we ↵Stefan Metzmacher1-1/+0
don't use it metze
2010-11-09s4:rpc_server/drsuapi: make msg_attrs static constStefan Metzmacher1-1/+3
metze
2010-11-09s4:rpc_server/drsuapi: let dcesrv_drsuapi_DsGetNCChanges() use ↵Stefan Metzmacher1-5/+1
DSDB_SECRET_ATTRIBUTES We should replicate all secret attributes back to other DCs. metze
2010-11-08s4:drsuapi RPC server - writespn.c - fix indentationsMatthias Dieter Wallnöfer1-15/+24
2010-11-08s4-drs: allow bypass of writespn checking for some SPNsAndrew Tridgell1-1/+111
this allows accounts (and in particular RODCs) to make SPN updates on their own account if they take the form SERVICE/hostname we may be able to remove this in the future after some changes in our ACL checking for userPrincipalName Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 08:45:16 UTC 2010 on sn-devel-104
2010-11-05s4-drs: reduce the memory usage of the getncchanges serverAndrew Tridgell1-21/+69
we now keep just a list of GUIDs around between getncchanges calls, instead of an entire db search. This makes the overhead of having a pending getncchanges call much smaller. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2024-11-06 16:56:46 +0000