Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 76c78b0339cd88c61a13745f7f4e037f400db21b)
|
|
Andrew Bartlett
(This used to be commit 05debeaced7296762b293cc804a71abcfb096066)
|
|
way to setup a Samba4 DC is to set 'server role = domain controller'.
We use the fSMORoleOwner attribute in the base DN to determine the PDC.
This patch is quite large, as I have corrected a number of places that
assumed taht we are always the PDC, or that used the smb.conf
lp_server_role() to determine that.
Also included is a warning fix in the SAMR code, where the IDL has
seperated a couple of types for group display enumeration.
We also now use the ldb database to determine if we should run the
global catalog service.
In the near future, I will complete the DRSUAPI
DsGetDomainControllerInfo server-side on the same basis.
Andrew Bartlett
(This used to be commit 67d8365e831adf3eaecd8b34dcc481fc82565893)
|
|
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
Andrew Bartlett
(This used to be commit 4c349f44f8a018e1ad6ed8e92c5083abc4979324)
|
|
(This used to be commit 8143de855c0b65346b2d8e59ecdb78952927de4a)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
and "priorSecret" are "currentValue" and "priorValue".
With this, we pass RPC-LSA against OpenLDAP.
Andrew Bartlett
(This used to be commit 4380bcaaee74a0aa1a83540bf39793c4aeab4068)
|
|
handle. Avoids a lookup for the basic domain information for every
request.
Andrew Bartlett
(This used to be commit 35b69bc5f4bda7f4f2480997cc32188154a175ce)
|
|
LookupNames3/LookupNames4
The latter calls don't supply a policy handle
The latter calls now acquire a policy handle, then call the earlier
calls. This means we still share the codepaths, but don't need to
fetch policy state when it is already provided.
Andrew Bartlett
(This used to be commit 5fa9e96bd0d1f75e208be9a8a04dfc90a854bee9)
|
|
which has been recently fixed to cope with NULL pointers (fix segfault
on Solaris).
Andrew Bartlett
(This used to be commit ce36069765e8dff3bbdabed5d50af1c7a8fa8e45)
|
|
is just one call.
This simplifies the one remaining DSSETUP call, and removes another
user of the dnsDomain attribute.
Andrew Bartlett
(This used to be commit 6a54711564b67891c368c09ead3f7389ad40111f)
|
|
This commit cleans up a number of aspects of the LSA interface.
Firstly, we do 2 simple searches on opening the LSA policy, to obtain
the basic information we need. This also avoids us searching for
dnsDomain (an invented attribute).
While I was at it, I added and tested new LSA calls, including the
enumTrustedDomainsEx call. I have also merged the identical structures
lsa_DomainInformation and lsa_DomainList.
Also in this commit: Fix netlogon use of uninitialised variables.
Andrew Bartlett
(This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa)
|
|
(This used to be commit 09007b0907662a0d147e8eb21d5bdfc90dbffefc)
|
|
needed in searches
(This used to be commit a5ea749f0ac63bf495a55ee8d9d002208ab93572)
|
|
metze
(This used to be commit 00fcc4f16a01a0c6a70f86c8bd9d1f9801dfd9df)
|
|
not used purely as ldb module helper functions. This now passes these
strings back as explicit parameters.
Andrew Bartlett
(This used to be commit 9c1cd9c2c6bcd9d056a7c9caafacdd573562ebbc)
|
|
to do
(This used to be commit ad75cf869550af66119d0293503024d41d834e02)
|
|
- creation of ForeignSecurityPrincipals
- template duplication code
Rework much of the LSA server to pass the RPC-LSA test. Much of the
server code was untested. In implementing the LSA Accounts feature, I
have opted to have it only create entires when privilages are applied,
and not to delete entries, but to delete the privilages.
We skip some parts of the test, but it is much better than not testing
it at all.
Andrew Bartlett
(This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
|
|
baseDN won't work once the partitions module is loaded.
Andrew Bartlett
(This used to be commit c4ab9e8a754ca4a23a47f38a2344df305b4a351d)
|
|
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
|
|
metze
(This used to be commit 9611c8aa9ce0eba1703d5eecc52e67a9e5fba15f)
|
|
- make ntvfs_common a library
- create sys_notify library
metze
(This used to be commit a3e1d56cf7b688c515f5d6d4d43e0b24c2261d15)
|
|
metze
(This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
|
|
new dependency/proto system :-)
(This used to be commit 63ae3f21e3471895ba83df1c2fdc4147090f7fdb)
|
|
- the process module subsystem should not know about smb_server.h
- the smb_server module should not know about process models
metze
(This used to be commit bac95bb8f4ad35a31ee666f5916ff9b2f292d964)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
|
|
independend of ntvfs...(later...)
metze
(This used to be commit 2a34ed7a07c9e5f32408a0edb714239714eb1d26)
|
|
(This used to be commit 2d655f05285a86bb1bbb882e4dd843def15c9dfa)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
- Collect the generic utility functions into a lib/util/ (a la GLib is
for the GNOME folks)
- Remove even more files from include/
(This used to be commit ba62880f5b05c2a505dc7f54676b231197a7e707)
|
|
metze
(This used to be commit 65be02a9801444c01230903d130b2d71b6c15617)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
|
|
This is for use on user-supplied arguments to printf style format
strings which will become ldb filters. I have used it on LSA, SAMR
and the auth/ code so far.
Also add comments to cracknames code.
Andrew Bartlett
(This used to be commit 8308cf6e0472790c1c9d521d19322557907f4418)
|
|
Andrew Bartlett
(This used to be commit aef6800548e320c2ebb20ae345566a774d6acf8b)
|
|
implementation.
Andrew Bartlett
(This used to be commit a6a615cc997cd3a71ea0d63994f6cd97096afc30)
|
|
(This used to be commit 449cc714b882d6ebea3e1cbf92e204efba98b6cb)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
ldap. Also ensure we put a objectclass on our private ldb's, so they
have some chance of being stored in ldap if you want to
(This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
|
|
authenticated session down into LDB. This associates a session info
structure with the open LDB, allowing a future ldb_ntacl module to
allow/deny operations on that basis.
Along the way, I cleaned up a few things, and added new helper functions
to assist. In particular the LSA pipe uses simpler queries for some of
the setup.
In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.
I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.
Andrew Bartlett
(This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
|
|
schannel connections.
Test for Win2k3 SP1 behaviour in RPC-SCHANNEL.
Andrew Bartlett
(This used to be commit 1c3911374ec65e4770c2fe9109d7b7d3ecd99f6a)
|
|
Andrew Bartlett
(This used to be commit ddc3a1c79e80e12296c398c42110fc378fb80e00)
|
|
searches all over the place.
This can be extended to cover an NT4 (no ADS) mode in future as well.
Andrew Bartlett
(This used to be commit 0761b22f99a128bd9634a191adc88b0e30982a3a)
|
|
Guenther
(This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
|
|
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m!
(This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
|
|
(This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00)
|