Age | Commit message (Collapse) | Author | Files | Lines |
|
a distinction between PDC and BDC in the configuration files, only as
an entry in the ldb.
Andrew Bartlett
(This used to be commit dc9eee7cb37e4a6828c2cba23b0d836df9eac7b5)
|
|
Andrew Bartlett
(This used to be commit ac5abff4b66619c29357adb7e013700bdf686709)
|
|
Andrew Bartlett
(This used to be commit 0ceffb52eb218cd2beff0054679a07f137f0f23a)
|
|
bugs).
Andrew Bartlett
(This used to be commit a1f14d10fd0779eba244d63529600556ba9e9292)
|
|
Cope with there being no attributes to skip in the ad2oLscheam tool
Andrew Bartlett
(This used to be commit 942d7ad0c3534770ad05977b180e1c8111a5b6a6)
|
|
don't delete their contents until we have specified the new partition
locations.
However, preserve the important part of tridge's change, that is to
ensure that no database index is present when the mass delete occours.
In my testing, it is best to leave the index until the provision is
compleated.
Andrew Bartlett
(This used to be commit 962219df7dc53ce6f6889f4b71ee19850c7ff7b5)
|
|
objectCategory
provision now takes 2.4 secs, down from 24s on my laptop
(This used to be commit 3d3144cc06b9987adb3f17e43f2858e7c416b6ae)
|
|
Move default for subobj.LDAPMODULES into scripting/libjs/provision.js
so that SWAT can provision again.
Andrew Bartlett
(This used to be commit a4aafe307d6d1396fa79b0c48b0a36cbf682f0ce)
|
|
Fedora DS can support.
Andrew Bartlett
(This used to be commit bdeb10de2e751e7f0b12d5658ad55a4e7827bbd5)
|
|
DB_CONFIG file, we now get reasonable enought performance to pass
'make test' against OpenLDAP.
We do have to double the maximum runtime for the torture client however.
Andrew Bartlett
(This used to be commit 5b3c8cc036c1180c9e96d9aaacd3f2e0a83460e5)
|
|
(This used to be commit 5fd53ea6a3a6d7638a9f542f46623a19143ff81d)
|
|
(This used to be commit b34646f202d4e8016e627c4bb88842c21d6b2e10)
|
|
(This used to be commit 1fcf725bc0a10454be8d276920ac14f346eb4a21)
|
|
When against a real, schema-checking LDAP backend, we need
extensibleObject on the baseDN entry (as entryUUID isn't run for
creating this basic ldif) output.
(This used to be commit befac43f59c4688f6c6827eb2e4e916c1056a740)
|
|
(This used to be commit 43e95f4572778fec70ea4a62b6b4d20d8f96a2f8)
|
|
This lets the modules or backend generate the host and domain GUID,
rather than the randguid() function. These can still be specified
from the command line.
Andrew Bartlett
(This used to be commit 32996ca9d62568006f8bee85a1f2f37c64c04fb5)
|
|
trim duplicate may attributes
(This used to be commit 4975659fd70abdbae42ee378b7be766102f4df55)
|
|
selected.
Andrew Bartlett
(This used to be commit 3bb0a0d91eeb64db1ad2eeb13eab50f338caeb46)
|
|
(This used to be commit 0e97b71386601a80f4bc264ee54e90a3a8a5841d)
|
|
with a nasty hack in minschema.js that I really hate
(This used to be commit 74c40719f2965e2bc055e539f0933d95df070fbf)
|
|
(This used to be commit aca800bdcc5f402c1fc241e9e9c495933c85b715)
|
|
(This used to be commit 425fda84e2a4636c87b30df9df3f2c998202c933)
|
|
and update the schema with the latest additions
(This used to be commit 09a32726111200e421b6fcacf1586bfbe6024fa6)
|
|
OIDs and skip built-in attributes.
Andrew Bartlett
(This used to be commit cb2b9d800d1228d41f7872a7b7c8ea5f07816c61)
|
|
Where is the script we used to create this schema file in the first
place?
Andrew Bartlett
(This used to be commit dec2b6961ab28ecf84daa6ef329f98e6ee0927b9)
|
|
needs to be renamed (operation_add?).
This allows me to match the behaviour and substitute with the
entryUUID module for remote LDAP connections.
Andrew Bartlett
(This used to be commit af02b4d7c631bb15bf5a5f73f9fdc23075d50f60)
|
|
gidNumber attributes instead
Do not change unixName right now, we don't have an attribute to use in the posixGroup class,
and I think we should remove its usage altogether and look up users and groups by their uid/gid only.
Simo.
(This used to be commit d57b521aadf24a277152ec1ff1dac3210bd14316)
|
|
This causes things to operate as just one transaction (locally), and
to make a minimum of TCP connections when connecting to a remote LDAP
server.
Taking advantage of this, create another file to handle loading the
Samba4 specific schema extensions. Also comment out 'middleName' and
reassign the OID to one in the Samba4 range, as it is 'stolen' from a
netscape range that is used in OpenLDAP and interenet standards for
'ref'.
Andrew Bartlett
(This used to be commit 009d0905947dec9bab81d8e6de5cb424807ffd35)
|
|
Andrew Bartlett
(This used to be commit d942a8b2b6dcdc8d406d2c5b00983f0191e2a30d)
|
|
this. Instead, handle this one in the add.
Andrew Bartlett
(This used to be commit ab355e1f5f0747225b4c3fc2e65ffb044fe03040)
|
|
main database, under cn=templates).
Andrew Bartlett
(This used to be commit b1d061d36a4e8715576dc8cb1c4216c111d09035)
|
|
This module redirects various samdb requests into different modules,
depending on the prefix. It also makes moving to an LDAP backend
easier, as it is just a different partition backend.
This adds yet another stage to the provision process, as we must setup
the partitions before we setup the magic attributes.
Andrew Bartlett
(This used to be commit 31225b9cb6ef6fcb7bd831043999b1b44ef1b128)
|
|
Actually you can't test both classic and ldb together, but you can replace the standard
script/tests/mktestsetup.sh file with this one and run make test to see share_ldb in action
(This used to be commit d4c2b893504feb3a232e74d14584405b3aaaf942)
|
|
real smbpasswd command some day.
Andrew Bartlett
(This used to be commit 8d0582796608b757fde776e69ea5d70b2b13eb36)
|
|
This required changes to the rootDSE module, to allow registration of
partitions. In doing so I renamed the 'register' operation to
'register_control' and 'register_partition', which changed a few more
modules.
Due to the behaviour of certain LDAP servers, we create the baseDN
entry in two parts: Firstly, we allow the admin to export a simple
LDIF file to add to their server. Then we perform a modify to add the
remaining attributes.
To delete all users in partitions, we must now search and delete all
objects in the partition, rather than a simple search from the root.
Against LDAP, this might not delete all objects, so we allow this to
fail.
In testing, we found that the 'Domain Controllers' container was
misnamed, and should be 'CN=', rather than 'OU='.
To avoid the Templates being found in default searches, they have been
moved to CN=Templates from CN=Templates,${BASEDN}.
Andrew Bartlett
(This used to be commit b49a4fbb57f10726bd288fdc9fc95c0cbbe9094a)
|
|
This change is required for compatibility with the OSX client, in
particular, but returning 0x80000002 rather than -2147483646 violates
what LDAP clients expect in general.
Andrew Bartlett
(This used to be commit 81f3cd1c4592d2108d521acd701ed4a70a23c465)
|
|
Andrew Bartlett
(This used to be commit 954785db03455daf2ff9b2828e31cb7efffe4f11)
|
|
Add a test to show that we need this, and to prove it works (for add
at least).
Andrew Bartlett
(This used to be commit f72079029abb594677bf8c2b63e40c07e910004f)
|
|
This means that some modules have been disabled as well as they
have not been ported to the async interface
One of them is the ugly objectclass module.
I hope that the change in samldb module will make the MMC happy
without the need of this crappy module, we need proper handling
in a decent schema module.
proxy and ldb_map have also been disabled
ldb_sqlite3 need to be ported as well (currenlty just broken).
(This used to be commit 51083de795bdcbf649de926e86969adc20239b6d)
|
|
It passess all my tests, but I still need to work on a lot of stuff.
Shouldn't impact anybody else work, so I want to commit now and see what happens
Will work to remove the old code from modules and backends soon, and make some
more restyling in ldb internals.
So, if there is something you don't like in this desgin please speak now.
Simo.
(This used to be commit 8b2a563e716a789ea77cbfbf2f372724de5361ce)
|
|
the password option in newuser. Move the local options above the
global options to fix.
(This used to be commit 2adcd4ff4ec1ef867b91274d994c39e7c0fdaad2)
|
|
Andrew Bartlett
(This used to be commit a79a185b6a8a0ac81a380ff6df5a11e45a19cb16)
|
|
scripts.
This tests the real module, and avoids duplication.
Andrew Bartlett
(This used to be commit 0859ba59ae00029177cd63366fc59efe8b19c973)
|
|
the pwdLastSet time on new users (with passwords) correctly.
Andrew Bartlett
(This used to be commit e1b346b8e096130328440fa388de3474fadc7332)
|
|
and use it in provisioning to fullfill rfc 3045 requirements
(This used to be commit 3fb9571a76481560304a826fc945983d52123299)
|
|
'no filename' instead.
Andrew Bartlett
(This used to be commit 7de385dca4c40e98a40ef1e769826de8bff64323)
|
|
of use.
(This used to be commit 2b605cf22c7567e1171bf73cbbd37a5f0c1a4274)
|
|
case) as the keytab.
This avoids issues in replicated setups, as we will replicate the
kpasswd key correctly (including from windows, which is why I care at
the moment).
Andrew Bartlett
(This used to be commit 849500d1aa658817052423051b1f5d0b7a1db8e0)
|
|
the main provision logic, so it can also be used as part of the
vampire process
(This used to be commit 95e90169f4e5887ee88116179d96f28f9e06796e)
|
|
(This used to be commit e6aa4e92f044712ecaa4bd7099d53d9c7d083c42)
|