Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-30 | s4-spn: don't try and send an empty SPN list | Andrew Tridgell | 1 | -0/+2 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-30 | s4-provision: wipe the old keytabs when provisioning | Andrew Tridgell | 2 | -7/+29 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-30 | s4-rodc: fixed the keyVersionNumber on the RODC account in secrets.keytab | Andrew Tridgell | 1 | -2/+5 | |
we need to fetch the msDS-keyVersionNumber from the writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-30 | LDAPCmp feature to compare nTSecurityDescriptors | Zahari Zahariev | 1 | -34/+252 | |
New feature that enables LDAPCmp users to find unmatched or missing ACEs in objects for the three naming contexts between DCs in one domain (default) or different domains. Comparing security descriptors is not the default action but attribute compatison. So to activate the new mode there is --sd switch. However there are two view modes to the new --sd action which are 'section' (default) or 'collision'. In 'section' mode you can only find differences connected to missing or value unmatched ACEs but not disorder unmatch if ACE values and count are the same. All of the mentioned differences plus disorder ACE unmatch you can observe under 'collision' view however it is more verbose. Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> | |||||
2010-09-30 | s4-dns: send A record updates via TKEY | Andrew Tridgell | 1 | -1/+6 | |
2010-09-29 | s4-devel: added new options to getncchanges script | Andrew Tridgell | 1 | -9/+65 | |
added --pas, --dest-dsa and --replica-flags options Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> | |||||
2010-09-29 | s4-spnupdate: when we are a RODC we need to use the WriteSPN DRS call | Andrew Tridgell | 1 | -10/+57 | |
we can't do SPN updates via sam writes and replication, as the sam is read-only | |||||
2010-09-29 | s4-drsutils: expose DsBind() call in drs_utils.py | Andrew Tridgell | 1 | -37/+38 | |
this will be used by samba_spnupdate | |||||
2010-09-29 | s4-kerberos: use TZ=GMT when we are invoking krb5 code in helpers | Andrew Tridgell | 2 | -0/+12 | |
Our helper scripts can fail on Fedora with the PDT timezone (Western USA). This is the same issue we found with Heimdal earlier today, the 24 second difference between GMT and UTC, but this time in MIT Kerberos as linked into bind9. By forcing TZ=GMT in these scripts we avoid the problem Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-27 | s4-dns: added --update-list option to samba_dnsupdate | Andrew Tridgell | 1 | -8/+14 | |
this allows us to use it for RODC netlogon updates | |||||
2010-09-27 | s4-dns: use the generated krb5.conf in samba_dnsupdate | Andrew Tridgell | 1 | -0/+5 | |
this gives one less thing that an admin can get wrong Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 02:35:29 UTC 2010 on sn-devel-104 | |||||
2010-09-27 | s4-provision: fixed the generation of the krb5.conf for vampire | Andrew Tridgell | 1 | -6/+6 | |
we need a correct krb5.conf for nsupdate from bind9 | |||||
2010-09-26 | s4-spn: don't try to do SPN updates as a RODC | Andrew Tridgell | 1 | -0/+4 | |
we don't have the permissions to do it | |||||
2010-09-26 | upgradeprovision: fix a typo | Matthieu Patou | 1 | -1/+1 | |
2010-09-26 | upgradeprovision: Fix a bug with renamed entries | Matthieu Patou | 1 | -2/+13 | |
The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one. | |||||
2010-09-26 | upgradeprovision: fix a bug with not updated links | Matthieu Patou | 1 | -0/+1 | |
2010-09-26 | s4 provision: start with gpo of version 0 and be consistent between ↵ | Matthieu Patou | 1 | -1/+1 | |
different policies | |||||
2010-09-26 | s4 upgradeprovision: fix a bug with empty reference objects | Matthieu Patou | 1 | -1/+9 | |
Thanks to lukas@eecs.qmul.ac.uk for poiting it to me | |||||
2010-09-26 | s4 upgradeprovision: Copy versionNumber if not present it helps to make gpo ↵ | Matthieu Patou | 1 | -3/+3 | |
valid | |||||
2010-09-26 | s4 provision: Make GPO folder group writable | Matthieu Patou | 1 | -3/+3 | |
The group of this folder is domain administrator and it seems sensible that all domain administrators have the right to modify the gpo (they have it at the NT ACLs level ...) | |||||
2010-09-26 | upgradeprovision: use the same case for hostname in reference provision as ↵ | Matthieu Patou | 1 | -1/+1 | |
in the current provision Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 01:21:52 UTC 2010 on sn-devel-104 | |||||
2010-09-26 | s4-provision: switch to dns-HOSTNAME instead of dns | Andrew Tridgell | 1 | -7/+23 | |
We now use a host specific account name for the DNS account, which is the account used for dynamic DNS updates. We also setup the servicePrincipalName for automatic update, and add both DNS/${DNSDOMAIN} and DNS/${DNSNAME} for compatibility with both the old and new SPNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-26 | s4-ldapcmp: Fix usage of 'paged_search' module for remote LDB connections | Kamen Mazdrashki | 1 | -2/+3 | |
2010-09-26 | s4-ldapcmp: Extend ldapcmp to be able to compare more than one context at a time | Kamen Mazdrashki | 1 | -20/+33 | |
If no arguments given, ldapcmp will compare all NCs | |||||
2010-09-25 | s4-net: added --ipaddress option to net commands | Andrew Tridgell | 6 | -6/+13 | |
this allows override of server IP address, bypassing NBT or DNS name resolution of DCs Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> | |||||
2010-09-24 | s4:provision - rootdse - remove static "ldapServiceName" attribute | Matthias Dieter Wallnöfer | 1 | -3/+0 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-24 | s4:provision - rootdse - remove static "dnsHostName" attribute | Matthias Dieter Wallnöfer | 1 | -1/+0 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-24 | s4:provision.py - support still not fully provisioned trees regarding the ↵ | Matthias Dieter Wallnöfer | 1 | -2/+11 | |
rootDSE module We simply override the NTDS settings path manually Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-24 | s4:provision.py - make more use of "names.serverdn" on NTDS settings location | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-24 | s4:python/samba/join.py - add a comment to point out that NCs have to be ↵ | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
assigned dynamically We could also have DNS partitions (only to make one example). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-24 | s4:python/samba/join.py - use constant for DC function level | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-23 | s4-drs: we don't need to decode to utf8 in python dcerpc strings any more | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-22 | s4-selftest: Move credentials tests to standard python directory. | Jelmer Vernooij | 1 | -0/+100 | |
2010-09-22 | s4-selftest: Move samba3sam test to standard python directory. | Jelmer Vernooij | 1 | -0/+1092 | |
2010-09-22 | selftest: Fix idlist running. | Jelmer Vernooij | 2 | -41/+65 | |
2010-09-22 | s4-param: Fix more memory leaks, invalid memory context. | Jelmer Vernooij | 2 | -2/+5 | |
2010-09-22 | s4-param: Check type when converting python object to lp_ctx, fix some | Jelmer Vernooij | 2 | -6/+4 | |
memory leaks. | |||||
2010-09-22 | pygensec: Implement start_mech_by_name(). | Jelmer Vernooij | 1 | -3/+10 | |
2010-09-22 | ndrdump: Move blackbox test to standard python namespace. | Jelmer Vernooij | 3 | -0/+41 | |
2010-09-22 | s4-ldapcmp: Enable comparisons between LDBs too | Kamen Mazdrashki | 1 | -3/+12 | |
This will enable us to compare two LDBs or and LDB with running AD server. Comparing LDB against running running server may come into handy when one want to see if 'net vampire' command does what it does the right way | |||||
2010-09-21 | s4-selftest: Move more tests to scripting/python, simplifies running of tests. | Jelmer Vernooij | 8 | -4/+394 | |
2010-09-21 | selftest: Fix run for systems without testtools installed. | Jelmer Vernooij | 2 | -2/+1 | |
2010-09-20 | rpc_talloc: Update test now that we create fewer references. | Jelmer Vernooij | 1 | -7/+4 | |
2010-09-20 | pytestrpc: Be more verbose. | Jelmer Vernooij | 1 | -4/+6 | |
2010-09-20 | testrpc: Convert from a single unit test to a simple test script, be | Jelmer Vernooij | 1 | -18/+32 | |
more verbose. | |||||
2010-09-20 | pidl: Fix segfault when accessing unicode objects. | Jelmer Vernooij | 1 | -1/+1 | |
2010-09-21 | s4-devel-getncchanges: Add common Samba options as a group to be displayed | Kamen Mazdrashki | 1 | -0/+1 | |
Those options are processed but never shown with --help argument | |||||
2010-09-19 | s4-rodc: override client site from cldap response | Andrew Tridgell | 1 | -0/+2 | |
2010-09-19 | s4-dns: fixed the dns_domain_info_type for netlogon DNS calls | Andrew Tridgell | 1 | -3/+14 | |
w2k8r2 does check this field (WSPP docs need an update) | |||||
2010-09-19 | s4-dns: added --all-names option to samba_dnsupdate | Andrew Tridgell | 1 | -1/+2 | |
this forces the re-registration of all names |