Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
domains in samba3upgrade
|
|
This commit changes the default file server to be s3fs. Existing
installs wishing to keep the ntvfs file server need to set this in
their smb.conf:
server services = +smb -s3fs
dcerpc endpoint services = +winreg +srvsvc
Andrew Bartlett
|
|
root if it is -500
Many upgraded installations have root as -1000, and so that account needs to be kept.
Andrew Bartlett
|
|
The issue was that the numbers at the end of the lines are space
padded.
Andrew Bartlett
|
|
|
|
This will then allow us to make schema modifications, overriding the default ban.
Andrew Bartlett
|
|
member server
standalne is left as an alias.
Andrew Bartlett
|
|
controller"
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.
To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.
Andrew Bartlett
|
|
|
|
|
|
When an A/AAAA lookup is made for a name that actually is a CNAME
record, we need to return the CNAME record, and then do the A/AAAA
lookup for the name the CNAME points at.
This still fails for CNAMEs pointing at records for domains we need to
ask our forwarders for.
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
|
|
|
|
This avoids issues in the previous location where lp may not be initialised at this point
and instead simply waits until we have a known sysvol path, and test for ACL support
there.
Andrew Bartlett
|
|
This patch does two things: it fixes up the spelling of "state dir" to
"state directory" so that we actually find the smb.conf parameter, and
we move it to after we process the global settings in case this is
changed in the future.
Andrew Bartlett
|
|
|
|
This covers both migrations from s3 and joining a domain as a new DC.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed May 30 14:57:22 CEST 2012 on sn-devel-104
|
|
This means that *no* fixing will be done, also the first possible one
will be omitted as well.
Reviewed-by: abartlet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue May 29 21:36:25 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun May 27 16:13:34 CEST 2012 on sn-devel-104
|
|
|
|
System MIT krb5 build also enabled by specifying --without-ad-dc
When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.
Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
* Samba 4 client libraries and their Python bindings
* Samba 3 server (smbd, nmbd, winbindd from source3/)
* Samba 3 client libraries
In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
|
|
not break
When export_keytab is not compiled in (pure client-side Samba 4 build as with
system MIT krb5), export-keytab command of samba-tool will not be available.
Make sure it is not provided but its absence does not break the Python tool.
|
|
This replaces "bin/python" with the correct path for python libraries. The
pattern requires double quotes (") instead of single quotes (').
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue May 15 05:19:46 CEST 2012 on sn-devel-104
|
|
samAccountName is not available
|
|
to be configured
|
|
This cases upgraded domains to have a too-long password expiry, which in extreme
cases can cause the KDC to misfunction.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun May 6 14:49:39 CEST 2012 on sn-devel-104
|
|
|
|
This is the unique username value.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu May 3 01:57:41 CEST 2012 on sn-devel-104
|
|
While this setting is not the default in Samba3, any domain that is
in a suitable condition to upgrade to Samba4 should already be in the
layout that ldapsam:trusted uses. It can be turned off by setting
ldapsam:trusted=false in the smb.conf.
Many upgrades to Samba4 happen on a different host to the old Samba3 domain
and this avoids the need to configure nss_ldap only for the duration of
the upgrade.
Andrew Bartlett
|
|
of the members of an AD group
|
|
This fixes an issue where some group types were not upgraded, as we
did not upgrade alias memberships.
It also uses enum_group_memberships() to try and find the memberships
from the other direction, by asking which groups a user is a member
of. As Samba3 (and NT4) does not implement nested groups, this should
be safe.
Andrew Bartlett
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed May 2 04:45:05 CEST 2012 on sn-devel-104
|
|
The VFS objects are now set in the fileserver.conf, but this is only read by smbd, so
the provision-time smb.conf needs to turn off the extra Samba4 DCE/RPC services.
Andrew Bartlett
|
|
This fixes the issue of ldb 'Operations Error' when trying to modify
hasPartialReplicaNCs attribute.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue May 1 05:28:04 CEST 2012 on sn-devel-104
|
|
This gives more information on why a group membership lookup failed.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Apr 24 04:34:44 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Apr 19 20:51:16 CEST 2012 on sn-devel-104
|
|
|
|
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Apr 19 17:36:41 CEST 2012 on sn-devel-104
|
|
mastering the NC
For RW DC the impact is pretty small but for RODC the whole SPN set is
rejected by the target DC as RODC hasn't the right to register DNS SPN
if it is not mastering this NC.
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Apr 19 07:49:54 CEST 2012 on sn-devel-104
|
|
This is currently untested, and a restructure broke it.
Andrew Bartlett
|
|
This means no-expiry in s3, and so we must treat it like -1.
Andrew Bartlett
|
|
list members for
|
|
this fixes the case where a DN link has RMD_FLAGS=0 for a link inside
a deleted object
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Apr 18 09:19:41 CEST 2012 on sn-devel-104
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Apr 18 05:39:01 CEST 2012 on sn-devel-104
|
|
This uses the format used by the vfs_xattr_tdb module. The s4
posix:eadb format is kept, just in a new file and module.
Andrew Bartlett
|
|
Not all classes are derived from class 'Command'.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Apr 17 10:06:47 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Apr 16 09:38:18 CEST 2012 on sn-devel-104
|
|
This adds configuration lines for BIND versions 9.8.x and 9.9.x.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Mon Apr 16 03:52:14 CEST 2012 on sn-devel-104
|