| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
we should not set posix:eadb in lp in the acl native test code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
the getaddrinfo() method of finding an IPv6 address is incorrect. We
could do it via the Samba interfaces code, but until we have that it
is better to not try to auto-detect IPv6
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows it to override a setting made during the automatic testing
of xattr support
|
|
the IPv6 lookup can be very slow if a DNS server in the search list is
unavailable. It's good to let the user know what its doing.
|
|
The password in secrets.ldb is UTF8, while clearTextPassword in
sam.ldb is UTF16.
This corrects commit bd5039546e520b6d6897a658bc0a358f0511f7c7, which
had these the wrong way around.
Andrew Bartlett
|
|
this saves the smb.conf using lp.dump_globals() to ensure that any
command line options (for example directory overrides) are saved in
the generated smb.conf
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows a join with an empty smb.conf to override locations of
files correctly with --option
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This is the default password set/change attribute for s4 specific purposes
(otherwise in respect to Windows it's "unicodePwd"). We move away from
"userPassword" since on Windows it's not activated by default - and s4 will
follow soon.
|
|
of samba 4 is installed in the system.
|
|
SID modifications are denied.
|
|
This is now done by the "samba_spnupdate" script.
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Oct 30 17:31:23 UTC 2010 on sn-devel-104
|
|
be compliant
It means no space/_/-/@.... and less than 16 chars.
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Oct 30 14:26:22 UTC 2010 on sn-devel-104
|
|
This should help to fix bug #7403.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 23 20:16:59 UTC 2010 on sn-devel-104
|
|
This is added to make the 'existing' LDAP backend class more useful,
and to allow debuging of our OpenLDAP backend class with wireshark, by
forcing the traffic over loopback TCP, which is much easier to sniff.
Andrew Bartlett
|
|
We don't need to know the server DN here any more, and it
makes no sense for many callers.
Andrew Bartlett
|
|
Otherwise "provision" resets our current debug level and
we don't get debug messages we may expect onwards
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Oct 5 11:32:50 UTC 2010 on sn-devel-104
|
|
|
|
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
we need a correct krb5.conf for nsupdate from bind9
|
|
different policies
|
|
The group of this folder is domain administrator and it seems sensible
that all domain administrators have the right to modify the gpo (they
have it at the NT ACLs level ...)
|
|
We now use a host specific account name for the DNS account, which is
the account used for dynamic DNS updates. We also setup the
servicePrincipalName for automatic update, and add both DNS/${DNSDOMAIN}
and DNS/${DNSNAME} for compatibility with both the old and new SPNs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
rootDSE module
We simply override the NTDS settings path manually
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This fixes make test without a make install.
metze
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
The challenge here is to update the existing record if it already
exists, rather than deleting the old record. This ensures that the
secrets.keytab handling code keeps the previous password in the
keytab.
Andrew Bartlett
|
|
The value of GUID for policy is not random for default policies, it is
described here ("How Core Group Policy Works"):
http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx
at paragraph System\Policies Container.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This ensures that our DC will use all the available encyption types.
(The KDC reads this entry to determine what the server supports)
Andrew Bartlett
|
|
I think this should mean partially Samba4 specified (all beside the "dns"
account is standard)
|
|
metze
|
|
Make it possible to provision a domain with a given next rid counter.
This will be useful for upgrades, where we want to import users
with already given SIDs.
metze
|
|
On Windows dcpromo imports nextRid from the local SAM,
which means it's not hardcoded to 1000.
The initlal rIDAvailablePool starts at nextRid + 100.
I also found that the RID Set of the local dc
should be created via provision and not at runtime,
when the first rid is needed.
(Tested with dcpromo on w2k8r2, while disabling the DNS
check box).
After provision we should have this (assuming nextRid=1000):
rIDAllocationPool: 1100-1599
rIDPrevAllocationPool: 1100-1599
rIDUsedPool: 0
rIDNextRID: 1100
rIDAvailablePool: 1600-1073741823
Because provision sets rIDNextRid=1100, the first created account
(typically DNS related accounts) will get 1101 as rid!
metze
|
|
metze
|
|
We don't support many of the extra features, but that applies across many
other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants.
This also makes it possible to test 2008R2 domain code in 'make test'
Andrew Bartlett
|
|
The SamDB created in the schema code isn't real enough to care if it's an
rodc or not.
|
|
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set.
Andrew Bartlett
|
|
|
|
|
