Age | Commit message (Collapse) | Author | Files | Lines |
|
Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules. This moves them to a seperate templates.ldb.
In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search. This
returns far more useful errors, which we now handle and report better.
The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain. This function also returns better errors.
dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()
Andrew Bartlett
(This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
|
|
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/
metze
(This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
|
|
Guenther
(This used to be commit 2f8b8c046010c54d708a8e109b78fbd6e1958f40)
|
|
--enable-nss-wrapper or --enable-developer is given
metze
(This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
|
|
(This used to be commit b7371f1a191fb86834c0d586d094f39f0b04544b)
|
|
Guenther
(This used to be commit 3f6cc36a1b7ac8c2c65cd19a08ec06314653cfd2)
|
|
2007-09-29 More higher-level passing around of lp_ctx.
2007-09-29 Fix warning.
2007-09-29 Pass loadparm contexts on a higher level.
2007-09-29 Avoid using global loadparm context.
(This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
patch.
Andrew Bartlett
(This used to be commit 99e013207e4a10a97fe3b37eb901bc33805731a9)
|
|
a new torture suite to match.
This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de>
Previously we had no knowlege of BUILTIN or well-known names.
This code needs expansion to check with winbind for trusted domains.
Andrew Bartlett
(This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
|
|
alignment of the union.
Sorry for the time it took to test and fix this.
Andrew Bartlett
(This used to be commit 5b893fc6f59aa9324360ca1af4b504a2c140e806)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit 3aa7ee4a0d8837471deeaa1c5a1f4a0d2a14aa6e)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
secrets.ldb
Andrew Bartlett
(This used to be commit 17a61bd5690f60d762b9c7171f1269fe1a311bab)
|
|
Andrew Bartlett
(This used to be commit 9aae9b1d243c23b96c0d8d28603b7e0ba25ac1c9)
|
|
to prove it is correct.
This should fix bug #4824: User Manager for Domains - Account Expires.
Thanks!
Andrew Bartlett
(This used to be commit e5f0744d627ccfcc2e301fc38d139742f0ea5934)
|
|
(This used to be commit 9b256a0ca232ea6e89771bf73a1adf877273a752)
|
|
and improve error strings returned from samdb.c
Andrew Bartlett
(This used to be commit a42d0eb531e663304bea840d614b2f91f95dd818)
|
|
Andrew Kroeger <andrew@sprocks.gotdns.com>
(This used to be commit ff81ea3f5aa8a93cf96914f03c26f8c86ec1e912)
|
|
(This used to be commit 9647f860bdd5c0a74583e886182bd041a45e7655)
|
|
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
|
|
(This used to be commit 925fcc336621250a8e45adf3ce8d2ff42307c066)
|
|
the moment)
(This used to be commit ecdfaf56c09e75dc3ca37a3599c89661ad3485ff)
|
|
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
|
|
have
been working on for at least half a year now. Contains the following
improvements:
* proper layering (finally!) for the registry library. Distinction is
now made between 'real' backends (local, remote, wine, etc) and
the low-level hive backends (regf, creg, ldb, ...) that are only used
by the local registry backend
* tests for all important hive and registry operations
* re-enable RPC-WINREG tests (still needs more work though, as
some return values aren't checked yet)
* write support for REGF files
* dir backend now supports setting/reading values, creating keys
* support for storing security descriptors
* remove CREG backend as it was incomplete, didn't match the data model
and wasn't used at all anyway
* support for parsing ADM files as used by the policy editor (see lib/policy)
* support for parsing PREG files (format used by .POL files)
* new streaming interface for registry diffs (improves speed and memory usage
for regdiff/regpatch significantly)
... and fixes a large number of bugs in the registry code
(This used to be commit 7a1eec6358bc863dfc671c542b7185d3e39d7b5a)
|
|
work, but to an odd bind failure I noticed in a trace. I need to
commit this with changes to the torture suite.
Andrew Bartlett
(This used to be commit 3ab90ad312b85b5a887090418e9cb7594f519b2f)
|
|
machine accounts are not subject to password policy in Win2k3 R2 (at
least in terms of password quality).
In testing this, I found that Win2k3 R2 has changed the way the old
ChangePassword RPC call is handled - the 'cross-checks' between new LM
and NT passwords are not required.
Andrew Bartlett
(This used to be commit 417ea885b41cc097a0bb3a10ffbffb31f234f25d)
|
|
and rename the containing functions to have a ndr_
prefix
metze
(This used to be commit cb234d43ae693af5d8a921a15c9bcac3c6f0359a)
|
|
metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
|
|
rename dcerpc_interface_list -> ndr_interface_list
and move them to libndr.h
metze
(This used to be commit 4adbebef5df2f833d2d4bfcdda72a34179d52f5c)
|
|
and move it to librpc/ndr/libndr.h
metze
(This used to be commit abd5551aabae1820baaa52a963e8c7aa9605914e)
|
|
and move it into misc.idl
The goal is to get rid a all dcerpc specific stuff in the
generated ndr layer.
metze
(This used to be commit 2ed014cfb894cccab1654e3f7d5876393e2b52d7)
|
|
Note that the correct return for a failed alter_context is a fault,
not a bind_nak.
Andrew Bartlett
(This used to be commit 52cce94532edf1dd7f26e39bf3377f0077ea6792)
|
|
some issues in the NBT server (this was a false positive, but easily
worked around) and DRSUAPI server.
We should take care not to use the ldb_context as a talloc pool, and
to always ensure that any results from ldb_search() are moved off that
pool with talloc_steal or talloc_free().
To work around the issue in provision, for which I can find no fault
(other than a lot of work being done in provision), I've moved the
detector trigger to 400 additional blocks.
This fixes Bug #4810 by <mwallnoefer@yahoo.de>
Andrew Bartlett
(This used to be commit 42bcf856203ae3cf43130519904828a143ac8d18)
|
|
allow the server side to enumerate all domain controllers and domain
members...
Andrew Bartlett
(This used to be commit d42150ff0a05e891d36d1d3f1ec93952e6d4affd)
|
|
SAMR. This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.
As noted in bug #4829.
Andrew Bartlett
(This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
|
|
Any SAMR client (usrmgr.exe in this case) that attempted to set a
property to a zero length string found instead the the old value was
kept.
In fixing this, rework the macros to be cleaner (add the
always-present .string) to every macro, and remove the use of the
samdb_modify() and samdb_replace() wrappers where possible.
Andrew Bartlett
(This used to be commit b05fe693047c09b85c7fc0e1ea8d931c99910375)
|
|
Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by mwallnoefer@yahoo.de.
Andrew Bartlett
(This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
|
|
- The icons in usermgr were incorrect, because the acct_flags were
not filled in (due to missing attribute in ldb query)
- The Full name was missing, and the description used as the full
name (due to missing attributes in ldb query and incorrect IDL)
To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.
This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...
Getting this right is important, because Samba3's RPC winbind methods
uses these queries.
Andrew Bartlett
(This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)
|
|
that we had the wrong objectClass for OU=Domain
Controllers,${DOMAINDN} (was CN=Domain Controllers,${DOMAINDN})
This fixes both the SAMR server and the LDIF templates.
Andrew Bartlett
(This used to be commit 625a9e6c041bedc93925bdebb3a60af1dbdde317)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
will now control the auth methods, but an override is still available,
ex:
auth methods:domain controller = <methods>
Andrew Bartlett
(This used to be commit b7e727186ed8eda6a68c873e089f655dc24fe8ae)
|
|
qsort().
Andrew Bartlett
(This used to be commit 96ef5259c63ad6245c94c40d6059d736b1534183)
|
|
Guenther
(This used to be commit 82477b311e2a7a51906d0c00d8714f545b12b0bd)
|
|
Guenther
(This used to be commit 54fa6d453c628039e5ec9053b0693229efdbe011)
|
|
WERROR_DOMAIN_CONTROLLER_NOT_FOUND from
SAMBA_3_0.
Guenther
(This used to be commit 841ad140a34648ff52d5e44a6642f346ef9eee02)
|
|
wants to check for an existing domain join account, and fails. This
test shows that we need to return NT_STATUS_NONE_MAPPED when nothing
matches. (not yet tested if this helps vista).
Andrew Bartlett
(This used to be commit 7f3671bf11cab36a5c795d7db86f85081b73bc71)
|
|
Guenther
(This used to be commit 9c2b9642336ed954c8f9fc0ccce95547d7c18aa8)
|