Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-03-02 | s4:provision - Moved default FDS SASL mappings deletion from post_setup() to ↵ | Endi S. Dewata | 1 | -0/+11 | |
init(). Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-03-02 | s4:provision - Use netbios name for FDS instance name. | Endi S. Dewata | 1 | -12/+12 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-26 | s4:provision.zone - fix port of "_ldap._tcp.gc._msdcs" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-02-26 | s4-provision: added dns_update_list | Andrew Tridgell | 1 | -0/+20 | |
This contains the list of DNS names we should have as a DC | |||||
2010-02-26 | s4-provision: fixed port number for gc ldap DNS SRV entry | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-26 | Revert "s4:AD content - adequate some revision levels to match Windows ↵ | Andrew Tridgell | 2 | -5/+5 | |
Server 2008" This reverts commit 973ea198677c581064fad62cdac30baac7103ef8. This change breaks DRS dcpromo. | |||||
2010-02-21 | s4:AD content - Implement the new password settings container | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
2010-02-21 | s4:AD content - adequate some revision levels to match Windows Server 2008 | Matthias Dieter Wallnöfer | 2 | -5/+5 | |
2010-02-21 | s4:AD content - Add the DFSR objects which exist on Windows Server >= 2008 | Matthias Dieter Wallnöfer | 2 | -4/+22 | |
Those replace the FRS ones. | |||||
2010-02-16 | s4-drs: enable the recyclebin optional feature | Eduardo Lima | 1 | -0/+12 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-02-12 | s4-provision: fixed --function-level option to provision | Andrew Tridgell | 1 | -0/+1 | |
we need the DS_DOMAIN_* levels imported | |||||
2010-02-11 | s4-provision: pre-create a named.conf.update file | Andrew Tridgell | 2 | -35/+8 | |
The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain. | |||||
2010-02-11 | s4-provision: move zone file to dns subdirectory | Andrew Tridgell | 1 | -2/+2 | |
This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-10 | s4:provision Just 'do the right thing' with empty smb.conf files | Andrew Bartlett | 1 | -0/+16 | |
For some reason, JHT keeps on creating an empty smb.conf file, expecting it to be the same as a non-existant one. It is easier to just realise what he meant. Andrew Bartlett | |||||
2010-01-25 | upgrade_from_s3: Remove unused imports. | Jelmer Vernooij | 1 | -2/+0 | |
2010-01-23 | s4-provision: Added msDS-NcType into samba4Top object class | Endi S. Dewata | 1 | -0/+1 | |
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | |||||
2010-01-23 | s4-provision: Disable populating FDS during instance creation. | Endi S. Dewata | 1 | -0/+1 | |
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | |||||
2010-01-21 | provision: use message and do not display warning if the user choosed ↵ | Matthieu Patou | 1 | -3/+4 | |
delibarately posix:eadb | |||||
2010-01-21 | provision: introduce use-xattr parameter for defining where to store attributes | Matthieu Patou | 4 | -6/+24 | |
This option allow simple user (non root) to invoke provision without facing an error while insuring that ACL on shared files will always be set | |||||
2010-01-21 | s4: Set acls correctly on all sysvol and scripts shares | Matthieu Patou | 1 | -2/+7 | |
2010-01-21 | s4: regroup gpo modification in one function, set acl on files accordingly ↵ | Matthieu Patou | 1 | -1/+2 | |
with ACL in LDAP | |||||
2010-01-16 | s4-provision: added w2k8r2 ldap capabilities | Andrew Tridgell | 1 | -0/+2 | |
2010-01-16 | s4-provision: added "check-names ignore;" to allow for _msdcs A records | Andrew Tridgell | 1 | -0/+3 | |
2010-01-14 | s4:provision_users.ldif - Add a comment that some objects under "Users" are ↵ | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
now located elsewhere This is needed due to the new RID/SID distribution system | |||||
2010-01-14 | s4:provision_users.ldif - Add objects for IIS | Matthias Dieter Wallnöfer | 1 | -0/+21 | |
Some WSPP locations point out that beginning with Windows Server 2008 they're also per default present. Compared against Windows Server 2008 | |||||
2010-01-14 | s4:provision_users.ldif - Add additional BUILTIN objects | Matthias Dieter Wallnöfer | 1 | -0/+30 | |
Compared against Windows Server 2008 | |||||
2010-01-14 | s4:provision_users.ldif - add the restant part of the objects needing for ↵ | Matthias Dieter Wallnöfer | 1 | -0/+26 | |
RODC support RODC = Read Only Domain Controllers Compared against Windows Server 2008 | |||||
2010-01-14 | s4:provision_users.ldif - Fix up errors on existing entries | Matthias Dieter Wallnöfer | 1 | -6/+8 | |
Compared against Windows Server 2008 | |||||
2010-01-14 | s4:provision_users.ldif - Simple reordering | Matthias Dieter Wallnöfer | 1 | -70/+70 | |
Sorted according the SID - easier for later enhancements. | |||||
2010-01-14 | s4:provision_users.ldif - Remove system objects from the wrong place | Matthias Dieter Wallnöfer | 1 | -27/+0 | |
Objects like the "Cryptographic Operators", "Event Log Readers" don't belong here but into the builtin domain. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Import all essential groups for Windows ↵ | Andrew Tridgell | 1 | -113/+85 | |
Server 2008 mode" This reverts commit 5c174c68ccba7506147feab1d09ad676792139b3. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 ↵ | Andrew Tridgell | 1 | -0/+5 | |
for now" This reverts commit 61dfd3dc1dce2c0dd6693de80930af312ad3e39f. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Fix memberships regarding the denied ↵ | Andrew Tridgell | 1 | -8/+0 | |
password RODC replication group" This reverts commit 9ee895fcf6327b1c2f5ee09fa565bd62974e9c58. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Add objects for IIS" | Andrew Tridgell | 1 | -21/+0 | |
This reverts commit 91e210028790397996659116446e6add452707f6. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-10 | s4:provision_users.ldif - Add objects for IIS | Matthias Dieter Wallnöfer | 1 | -0/+21 | |
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too. | |||||
2010-01-10 | s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-01-10 | s4:provision_users.ldif - Fix memberships regarding the denied password RODC ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
replication group | |||||
2010-01-10 | s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
This belongs to the AD IIS stuff where I don't know yet if we should import it. | |||||
2010-01-10 | s4:provision_users.ldif - Import all essential groups for Windows Server ↵ | Matthias Dieter Wallnöfer | 1 | -85/+113 | |
2008 mode Additionally I had to fix some bugs (especially wrong "groupTypes") and reordered the objects using the SID (this is easier when enhancing the file). | |||||
2010-01-08 | s4:provision_self_join.ldif - Adapt comment after implementation of ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
distributed RIDs | |||||
2010-01-08 | s4-schema: fixes for W2K8-R2 schema | Andrew Tridgell | 2 | -35/+143 | |
The schema from WSPP had a number of typos that prevented it from working. These changes allow it to work with Samba, and allow w2k8r2 to run DCPROMO against Samba successfully Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-schema: added msDS-NcType to schema container | Andrew Tridgell | 1 | -0/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-schema: fixed attributes of aggregate schema | Andrew Tridgell | 1 | -0/+2 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: added W2K8-R2 schema as provided by WSPP | Andrew Tridgell | 2 | -0/+19529 | |
2010-01-08 | s4-provision: RID 1000 is consumed by the machine account | Andrew Tridgell | 1 | -1/+1 | |
2010-01-08 | s4-dsdb: added an extended operation for allocating a new RID pool | Andrew Tridgell | 1 | -0/+1 | |
This will be called by getncchanges when a client asks for a DRSUAPI_EXOP_FSMO_RID_ALLOC operation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: don't hard wire the creation of the RID Set object | Andrew Tridgell | 3 | -27/+16 | |
We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: the DC object itself needs a fixed objectSID | Andrew Tridgell | 1 | -1/+2 | |
We can't allocate a objectSID until we have rIDSetReferences, but that is in the DC object, so we have to force the objectSID of the DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: added an initial RID Set | Andrew Tridgell | 2 | -2/+12 | |
We will allocate RIDs from this set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2009-12-31 | net: Move 'newuser' to 'net newuser' | Jelmer Vernooij | 3 | -78/+12 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> |