Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
|
|
all EJS code.
(This used to be commit 184988866fe8e740f58e3683eefcaa70f8b51d11)
|
|
samdb before we start writing entries into it.
In doing so, I realised we still used 'dnsDomain', which is not part
of the standard schema (now removed).
We also set the 'wrong' side of the linked attributes for the
masteredBy on each partition - this is now set in provision_self_join
and backlinks via the linked attributes code.
When we have the schema loaded, we must also have a valid domain SID
loaded, so that the objectclass module works. This required some ejs
glue.
Andrew Bartlett
(This used to be commit b0de08916e8cb59ce6a2ea94bbc9ac0679830ac1)
|
|
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
|
|
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
|
|
2007-09-29 More higher-level passing around of lp_ctx.
2007-09-29 Fix warning.
2007-09-29 Pass loadparm contexts on a higher level.
2007-09-29 Avoid using global loadparm context.
(This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
|
|
(This used to be commit 5085c53fcfade614e83d21fc2c1a5bc43bb2a729)
|
|
have
been working on for at least half a year now. Contains the following
improvements:
* proper layering (finally!) for the registry library. Distinction is
now made between 'real' backends (local, remote, wine, etc) and
the low-level hive backends (regf, creg, ldb, ...) that are only used
by the local registry backend
* tests for all important hive and registry operations
* re-enable RPC-WINREG tests (still needs more work though, as
some return values aren't checked yet)
* write support for REGF files
* dir backend now supports setting/reading values, creating keys
* support for storing security descriptors
* remove CREG backend as it was incomplete, didn't match the data model
and wasn't used at all anyway
* support for parsing ADM files as used by the policy editor (see lib/policy)
* support for parsing PREG files (format used by .POL files)
* new streaming interface for registry diffs (improves speed and memory usage
for regdiff/regpatch significantly)
... and fixes a large number of bugs in the registry code
(This used to be commit 7a1eec6358bc863dfc671c542b7185d3e39d7b5a)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
- make it possible to set ntds_objectGUID and ntds_invocationId via the ejy bindings
metze
(This used to be commit df7863ea1c964ec58feedd0bf72ef64456e3a3d1)
|
|
'phantom_root' flag in the search_options control
- Add in support for LDB controls to the js layer
- Test the behaviour
- Implement support for the 'phantom_root' flag in the partitions module
- Make the LDAP server set the 'phantom_root' flag in the search_options control
- This replaces the global_catalog flag passed down as an opaque pointer
- Rework the string-format control parsing function into
ldb_parse_control_strings(), returning errors by ldb_errorstring()
method, rather than with printf to stderr
- Rework some of the ldb_control handling logic
Andrew Bartlett
(This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
|
|
We were returning just true/false and discarding error number and string.
This checking probably breaks swat, will fix it in next round as swat
is what made me look into this as I had no way to get back error messages
to show to the users.
Simo.
(This used to be commit 35886b4ae68be475b0fc8b2689ca04d766661261)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
This seems to show up (as an abort() from talloc) particularly under
ldb_ildap.
Andrew Bartlett
(This used to be commit 9890af534d845d471d2a98268c408a907b29e016)
|
|
(This used to be commit 6978225ffcc12ffdda0d3404e855219808c0597c)
|
|
This was very confusing until I really looked at it.
Andrew Bartlett
(This used to be commit 0053d06d9f85f2304191ab8f68eee7f48b2f2aa8)
|
|
(This used to be commit c6d20c22454b87b4dea3527f0efcecd373679848)
|
|
(This used to be commit b79092d7ee0c463e644ead2bfeb9692fc82d9c74)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
Andrew Bartlett
(This used to be commit a6028558dc19b0d105b1bfe4126a2b24afaf8dd2)
|
|
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
|
|
the cmdline credentials if we ask for it.
Andrew Bartlett
(This used to be commit 874dd09759eb0243988f39363c94785ae2e68485)
|
|
Andrew Bartlett
(This used to be commit 964f7fc6ca4ac7578ca0d467392d4e174211b6e2)
|
|
Gunderson).
this still doesn't work as a bug in ldb causes it to not understand
escaped characters in DNs when parsing DNs
(This used to be commit 10da56fb6cc57b6c0650a8dc81ded5faa643a96e)
|
|
(This used to be commit b27d81dca9fd07c83b11a5bb3a883ec3f28cca6a)
|
|
its own credentials element
(This used to be commit de8975bdd3dc9b4f4d65000e126bbd11c43b3f06)
|
|
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
- speed up provisioning a bit using a ldb transaction (also means you
can't end up with a ldb being half done)
(This used to be commit 91dfe304cf688bb81b69ff3192ac84b78b34b311)
|
|
- fixed a double free error in ldb.close()
(This used to be commit 7f797e7097cffa1f5b5bac34e100af77d4026f89)
|
|
searches in ldb to be more ldap compliant, but broke the wins server
and the ejs ldb code. This fixes those up so 'make test' passes again.
(This used to be commit dff660c23c97114d0c1be705f4d6a9c114b60456)
|
|
added a ldb.close() method in js. Useful for re-opening the db
(This used to be commit 1f12364a0f23ba39fd3d29b510fdef2423685f0d)
|
|
(This used to be commit 8ff1358f401e0086b941f4ff73af5d4c38a1f8bf)
|
|
(This used to be commit b7992de4b7d42a55e00509c887a269a07c19627d)
|
|
Update TODO-list
(This used to be commit d9541535e3f9e1c058410eeb0a54d60181572f2b)
|
|
Fix password support
Make base64 decode/encode functions available to EJS
(This used to be commit 1376a1fe44cd6b01709819095a711c14626b1d3e)
|
|
a NULL expression is valid in a ldb search
(This used to be commit a8748cab865c765f844336087a386c01e60add62)
|
|
(This used to be commit 7082440a70c5f85606538b7a35a1cc8f41eb7eeb)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
show up as strings
not binary blobs
(This used to be commit d2c29a5a51f68cabb9ef587376bf0a6b936cdd76)
|
|
callers to optionally supply an existing object to add the properties
to. So you can do:
var rpc = samr_init();
lsa_init(rpc);
and you end up with 'rpc' having both the samr and lsa functions and
constants available.
(This used to be commit 6a1ed328e27769bd52899fc2437a43fc17104eff)
|
|
(This used to be commit 4c1d6a97c0c9df2848a16afb1b4eed4b20963bef)
|
|
(This used to be commit 9af48b8fc201822e290a1071d9e61afe519558f5)
|
|
(This used to be commit 21ca972d06bbf4694569855f39a1649d799c05c7)
|
|
(This used to be commit e709e3792846e2bd48b55112c74395d1ab3a1b6a)
|
|
(This used to be commit 5a6c2170ff83c29ed1d7f0f5329f2d9aa00c223a)
|
|
(This used to be commit ccf20b2b13b11ac07b59988809b6c5160388a616)
|
|
don't need to keep
a 'db' variable around. The ldb object knows what it is connected to.
Added a simple ldb testsuite in testprogs/ldb.js
(This used to be commit cf35818648b5b649d0cd25f115a04b7b5b5311aa)
|
|
(a suggestion from simo)
(This used to be commit 98c9c4ecb87e1b140002390067892806464849da)
|
|
var ldb = ldb_init();
res = ldb.search(dbfile, "(objectClass=user)");
you can also do:
ldbSearch = ldb.search;
res = ldbSearch(dbfile, "(objectClass=user)");
if you want the old interface (ie. you can use this to import
functions into the global or local namespace).
(This used to be commit 3093057d9735cbb62f57e7159264d5a28b85320f)
|