Age | Commit message (Collapse) | Author | Files | Lines |
|
We need to make sure replicated updates are handled differently
in some situations, e.g. we should bypass the schema checks.
metze
|
|
This is an odd place for an OID registry - we perhaps need a central
wiki page.
Andrew Bartlett
(This used to be commit 1c909973977ae117703c1ccf7589acc4625e76e5)
|
|
This attribute is used in a very similar way (virtual attribute
updating the password) in AD on Win2003, so eliminate the difference.
This should not cause a problem for on-disk passwords, as by default
we do not store the plaintext at all.
Andrew Bartlett
(This used to be commit 1cf0d751493b709ef6b2234ec8847a7499f48ab3)
|
|
Instead of extensibleObject, we use the new (more correct) ad2oLschema
tool, and a new objectClass called 'samba4Top', which we add and
remove in the same way we did extensibleObject.
Andrew Bartlett
(This used to be commit 5ab20aa8b43415751f77602fff3a3008bf2186db)
|
|
This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.
This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema
validation).
Andrew Bartlett
(This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402)
|
|
Recent changes to Samba4 have made the Fedora DS backend fail. This
is a start on fixing that.
Andrew Bartlett
(This used to be commit 48dc07902ffb792532ff216e507e53103d448b7b)
|
|
samdb before we start writing entries into it.
In doing so, I realised we still used 'dnsDomain', which is not part
of the standard schema (now removed).
We also set the 'wrong' side of the linked attributes for the
masteredBy on each partition - this is now set in provision_self_join
and backlinks via the linked attributes code.
When we have the schema loaded, we must also have a valid domain SID
loaded, so that the objectclass module works. This required some ejs
glue.
Andrew Bartlett
(This used to be commit b0de08916e8cb59ce6a2ea94bbc9ac0679830ac1)
|
|
Andrew Bartlett
(This used to be commit ef9320ae5b0b01bd39b60c22ff4e3698ac0ae9a7)
|
|
OpenLDAP is fussy about operational attributes in user-supplied
schema.
Andrew Bartlett
(This used to be commit d7cd4b768a7f56ced8ed94b9a63d01865ba7d10a)
|
|
partitions onto the target LDAP server.
Make the LDAP provision run before smbd starts, then stop the LDAP
server. This ensures this occurs synchronously, We then restart it
for the 'real run' (with slapd's stdin being the FIFO).
This required fixing a few things in the provision scripts, with more
containers being created via a add/modify pair.
Andrew Bartlett
(This used to be commit 860dfa4ea1ab2b62d4d4fe0644e0a9b882fdafa1)
|
|
are not used anymore
metze
(This used to be commit 9e91bd64492c45ee333f5e797d4d492378600356)
|
|
an oid for the
control
metze
(This used to be commit 684eee52e8812f6d104d8706ab059643ff4faa46)
|
|
because we now use DSDB_EXTENDED_REPLICATED_OBJECTS_OID extended operation
metze
(This used to be commit 4380cc9ed6ac2e6c133b5a36f922b341474a8e7e)
|
|
- allocate an OID for DSDB_EXTENDED_REPLICATED_OBJECTS_OID which
will replace the DSDB_CONTROL_REPLICATED_OBJECT_OID soon
metze
(This used to be commit 6397f014482172573facd3d87d1f9eec1b320ac5)
|
|
- allocate an OID for LDB Control that hold meta data when applying
replicated objects
metze
(This used to be commit 2660c5ab211f353324452694b4bd5fd8bd17745b)
|
|
under ${BASEDN}
metze
(This used to be commit 09ca6aae12d8e10b76971cf269f7c62f228a4c87)
|
|
Andrew Bartlett
(This used to be commit ac5abff4b66619c29357adb7e013700bdf686709)
|
|
Andrew Bartlett
(This used to be commit 0ceffb52eb218cd2beff0054679a07f137f0f23a)
|
|
(This used to be commit aca800bdcc5f402c1fc241e9e9c495933c85b715)
|
|
(This used to be commit 425fda84e2a4636c87b30df9df3f2c998202c933)
|
|
OIDs and skip built-in attributes.
Andrew Bartlett
(This used to be commit cb2b9d800d1228d41f7872a7b7c8ea5f07816c61)
|
|
This causes things to operate as just one transaction (locally), and
to make a minimum of TCP connections when connecting to a remote LDAP
server.
Taking advantage of this, create another file to handle loading the
Samba4 specific schema extensions. Also comment out 'middleName' and
reassign the OID to one in the Samba4 range, as it is 'stolen' from a
netscape range that is used in OpenLDAP and interenet standards for
'ref'.
Andrew Bartlett
(This used to be commit 009d0905947dec9bab81d8e6de5cb424807ffd35)
|