Age | Commit message (Collapse) | Author | Files | Lines |
|
sam_ctx_system may be NULL for non-privileged users
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 13 08:52:53 UTC 2010 on sn-devel-104
|
|
don't use it
metze
|
|
metze
|
|
DSDB_SECRET_ATTRIBUTES
We should replicate all secret attributes back to other DCs.
metze
|
|
|
|
this allows accounts (and in particular RODCs) to make SPN updates on
their own account if they take the form SERVICE/hostname
we may be able to remove this in the future after some changes in our
ACL checking for userPrincipalName
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 8 08:45:16 UTC 2010 on sn-devel-104
|
|
|
|
- Remove TODO comment: MS-SAMR 3.1.5.8.7 explicitly states:
"The SamrRemoveMemberFromForeignDomain method removes a member from all
aliases."
- Remove the search attributes since they aren't strictly needed.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 6 18:07:57 UTC 2010 on sn-devel-104
|
|
we now keep just a list of GUIDs around between getncchanges calls,
instead of an entire db search. This makes the overhead of having a
pending getncchanges call much smaller.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Otherwise it could remain uninitialised - should fix bug #7769.
|
|
|
|
the waf build now generates the prototype declarations for us
|
|
Those values are actually ATTID values and such, they are used
for ATTIDs for Attributes, Classes and Syntaxes.
|
|
codes
Plus some cosmetic indentation fixes
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 31 19:26:45 UTC 2010 on sn-devel-104
|
|
"servicePrincipalName" generation is still needed
|
|
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
member have changed
|
|
|
|
this allows us to remove a dependency on the dcerpc_server from code
that uses rpc forwarding
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this also removes the event_context parameter from process model
initialisation. It isn't needed, and is confusing when a process model
init can be called from more than one place, possibly with different
event contexts.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
name
As far as I can tell Windows SAMR never returns NULL on unknown values in this
call.
|
|
It's the content of the "domainReplica" attribute if it exists and has only a
meaning on interim/mixed domain function levels (with NT4 dcs).
|
|
This should represent a replication partner - never the DC iself
|
|
|
|
|
|
|
|
|
|
all type of groups
One pair are universal an global groups (on the SAMR pipe called "groups") and
the other one are the domain and builtin local groups (on the SAMR pipe called
"aliases").
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 25 19:37:27 UTC 2010 on sn-devel-104
|
|
Regardless if groups and users do exist in the builtin domain or not we do
count always all users, groups and aliases.
|
|
All other "samdb_search_*" calls do have one - why "samdb_search_count" doesn't?
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 25 17:42:33 UTC 2010 on sn-devel-104
|
|
strings
They can be substituted by "ldb_msg_add_string" if the string was already
talloc'ed.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 24 20:03:27 UTC 2010 on sn-devel-104
|
|
|
|
|
|
Only link to nss_wrapper when it is enabled.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
|
|
|
|
|
|
NO_TRUST_SAM_ACCOUNT
If we can't find the account we should return NT_STATUS_NO_TRUST_SAM_ACCOUNT
instead of NT_STATUS_ACCESS_DENIED.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 23 10:05:35 UTC 2010 on sn-devel-104
|
|
sec_channel_types early
metze
|
|
after the account
metze
|
|
metze
|
|
netr_DsRGetDCNameEx2()
metze
|
|
Thanks to Tarun Chopra for the help of looking up all the bits in
the docs.
metze
|
|
invalid names
Only netbios domain names are allowed.
metze
|
|
this avoids a problem with -Wl,-no-undefined in the ntvfs layer
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
The issue here is that we have not yet first cast to int32_t explicitly,
before we cast to an signed int to printf() into the %d or cast to a
int64_t before we then cast to a long long to printf into a %lld.
There are *no* unsigned integers in Active Directory LDAP, even the RID
allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities.
(See the schema, and the syntax definitions in schema_syntax.c).
The failure has been detected by Matthieu Patou on the buildfarm host "tridge"
due to a malformed "groupType" attribute.
The solution is to use the "%d" specifier. Either to use it directly - or better
(when possible) use the call "samdb_msg_add_uint" (which encapsulates it).
This patch changes such problematic situations.
|