Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-06-26 | s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool' | Stefan Metzmacher | 4 | -3/+13 | |
On Windows dcpromo imports nextRid from the local SAM, which means it's not hardcoded to 1000. The initlal rIDAvailablePool starts at nextRid + 100. I also found that the RID Set of the local dc should be created via provision and not at runtime, when the first rid is needed. (Tested with dcpromo on w2k8r2, while disabling the DNS check box). After provision we should have this (assuming nextRid=1000): rIDAllocationPool: 1100-1599 rIDPrevAllocationPool: 1100-1599 rIDUsedPool: 0 rIDNextRID: 1100 rIDAvailablePool: 1600-1073741823 Because provision sets rIDNextRid=1100, the first created account (typically DNS related accounts) will get 1101 as rid! metze | |||||
2010-06-24 | Revert "s4:provision.ldif - fix the number of available RIDs" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
This reverts commit 41cdcd54b7b7e3fb70fdb220e74a1daf30e1891a. As per request of metze revert this (cause written on the mailing list). | |||||
2010-06-24 | s4:provision.ldif - fix the number of available RIDs | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
There should be 4611686014132422209 and not 4611686014132422109. | |||||
2010-06-24 | s4:provision.ldif - this Win2003 revision level seems always to be "9" on ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Windows Server 2008 machines | |||||
2010-06-24 | s4:provision_users.ldif - change a group description to be correct | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-24 | s4:setup/provision.reg - raise version to Windows Server 2008 R2 | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-20 | selftest: Use scripted testparm. | Jelmer Vernooij | 1 | -1/+2 | |
2010-06-20 | make test modules for net group set of commands and modification to the ↵ | Lukasz Zalewski | 2 | -1/+82 | |
newuser to include additional parameters Signed-off-by: Jelmer Vernooij <jelmer@samba.org> | |||||
2010-06-20 | ldb: add a new control bypassioperationnal | Matthieu Patou | 1 | -0/+1 | |
Signed-off-by: Jelmer Vernooij <jelmer@samba.org> | |||||
2010-06-16 | s4:provision Add import for DS_DOMAIN_FUNCTION_2000 | Andrew Bartlett | 1 | -0/+1 | |
2010-06-16 | s4:provision Allow functional level 2000 to be chosen | Andrew Bartlett | 1 | -1/+3 | |
2010-06-16 | s4:dsdb Add control for signaling between repl_meta_data and linked_attributes | Andrew Bartlett | 1 | -0/+1 | |
This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett | |||||
2010-06-14 | s4:provision: Make gc._msdcs DNS entries A/AAAA records | Andrew Kroeger | 1 | -1/+2 | |
When adding an additional DC as a GC server, the new DC attempts to register its own gc._msdcs records. If the existing gc._msdcs record is a CNAME, BIND fails the update with the message "attempt to add non-CNAME alongside CNAME ignored", and the new DC is not registered as a GC server. The A & AAAA record types for gc._msdcs have been verified against the DNS server of a W2K8 DC. | |||||
2010-06-13 | s4:fix allocated control OIDs for "password_hash" LDB module | Matthias Dieter Wallnöfer | 1 | -3/+5 | |
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date. | |||||
2010-06-13 | Friendlier message. | Jelmer Vernooij | 1 | -2/+2 | |
2010-06-13 | upgradeprovision: Use logging infrastructure. | Jelmer Vernooij | 1 | -7/+11 | |
2010-06-13 | s4-python: Start using standard python logging infrastructure rather | Jelmer Vernooij | 1 | -8/+11 | |
than simple messaging callbacks. | |||||
2010-06-06 | s4:provision - fix typo in substitution variable | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-24 | s4:setup/*.ldif - remove unneeded "cn" attributes | Matthias Dieter Wallnöfer | 2 | -2/+0 | |
Should be generated automatically | |||||
2010-05-13 | s4:domain functional level - it is also specified in the domain object under ↵ | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
partitions Discovered by the "ldapcmp" tool | |||||
2010-05-13 | s4:provision_configuration.ldif - add more extended rights objects | Matthias Dieter Wallnöfer | 1 | -0/+60 | |
2010-05-13 | s4:provision_users.ldif - fix up and reorder the well-known security principals | Matthias Dieter Wallnöfer | 1 | -5/+10 | |
2010-05-13 | s4:provision_configuration.ldif - add more Windows 2008 forest operations | Matthias Dieter Wallnöfer | 1 | -0/+120 | |
2010-05-13 | s4:provision_configuration.ldif - the revision level of "Windows2003Update" ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
should obviously be 10 Compared against my Windows Server 2008 and Zahari's output. | |||||
2010-05-13 | s4:provision_configuration.ldif - "CN=94fdebc6-8eeb-4640-80de-ec52b9ca17fa" ↵ | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
operation is of version 3 | |||||
2010-05-13 | s4:provision*.ldif - always set the "msDS-NcType" attribute correctly | Matthias Dieter Wallnöfer | 2 | -1/+2 | |
2010-05-13 | s4:provision_configuration.ldif - set the right schedule on the default site ↵ | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
in the NTDS site settings | |||||
2010-05-13 | s4:provision_configuration.ldif - The "NTDS Quotas" object is system-critical | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-05-13 | s4:provision_configuration.ldif - "sites" object | Matthias Dieter Wallnöfer | 1 | -6/+2 | |
- The default site doesn't contain a licensing object - Adequate two other values (a "showInAdvancedViewOnly" and a "systemFlags" one) | |||||
2010-05-13 | s4:provision.ldif - add IP security objects as they exist on Windows Server | Matthias Dieter Wallnöfer | 1 | -0/+282 | |
2010-05-13 | s4:provision.ldif - add more Windows 2008 domain operations | Matthias Dieter Wallnöfer | 1 | -0/+72 | |
2010-05-13 | s4:provision_users.ldif - On Windows Server >= 2008 security principal ↵ | Matthias Dieter Wallnöfer | 1 | -6/+0 | |
S-1-5-20 doesn't exist anymore | |||||
2010-05-13 | s4:provision.ldif - "passwordSettingsContainer" add "showInAdvancedViewOnly" | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-05-13 | s4:provision.ldif - fix up "NTDS Quotas" "systemFlags" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-13 | s4:provision_users.ldif - fix up Administrator's "userAccountControl" | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-05-13 | s4:provision_basedn_modify.ldif - fix up "maxPwdAge" | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-05-13 | s4:provision_users.ldif - Fix typos in user/group objects | Matthias Dieter Wallnöfer | 1 | -13/+13 | |
2010-05-10 | s4:dsdb: add new controls | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
- Add a new control for getting status informations (domain informations, password change status) directly from the module - Add a new control for allowing direct hash changes - Introduce an addtional control "change_old password checked" for the password | |||||
2010-05-10 | s4:setup: mark DSDB_CONTROL_DN_STORAGE_FORMAT_OID 1.3.6.1.4.1.7165.4.3.4 as ↵ | Stefan Metzmacher | 1 | -2/+4 | |
allocated metze | |||||
2010-05-10 | s4:blackbox password tests - more complex passwords | Stefan Metzmacher | 2 | -5/+5 | |
2010-05-10 | s3:provision_basedn_modify.ldif - add "msDS-NcType" attribute and fix comments | Matthias Dieter Wallnöfer | 1 | -1/+5 | |
2010-04-27 | Install spn_update_list to setup/ dir | Marcel Ritter | 1 | -0/+1 | |
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> | |||||
2010-04-27 | s4-dsdb: added samba_spnupdate | Andrew Tridgell | 1 | -0/+27 | |
this script adds all our required servicePrincipalName entries at runtime. The admin can add more entries to spn_update_list as needed | |||||
2010-04-27 | s4-dns: explain what the file is for | Andrew Tridgell | 1 | -0/+2 | |
2010-04-27 | s4-dns: fixed dc.dc duplication in DNS update list | Andrew Tridgell | 1 | -2/+2 | |
2010-04-22 | s4:provision Remove moduleload for 'hdb' (wrong name). | Andrew Bartlett | 1 | -1/+0 | |
The backends are not normally modules anyway | |||||
2010-04-22 | s4:provision Make OpenLDAP backend more robust | Andrew Bartlett | 1 | -1/+11 | |
With the extra moduleload lines (which succeed if it's already staticly linked), we now work with OpenLDAP overlays as modules. Andrew Bartlett | |||||
2010-04-22 | s4:provison Pass nosync in for the OpenLDAP cn=config too | Andrew Bartlett | 1 | -0/+1 | |
2010-04-22 | s4:OpenLDAP-backend Use the new rdnval module in OpenLDAP | Andrew Bartlett | 2 | -2/+7 | |
This is rather than rdn_name, which tries to do the job on the client side. We need to leave this module in the stack for Fedora DS (and of course the LDB backend). Andrew Bartlett | |||||
2010-04-22 | s4:provision Use more reasonable values for DB_CONFIG | Andrew Bartlett | 1 | -5/+13 | |
With the OpenLDAP backend, the old DB_CONFIG caused OpenLDAP to abort on startup, and was very inefficient. This new one, kindly supplied by Matthew Backes <mbackes@symas.com> uses a more reasonable set of buffer sizes. Andrew Bartlett |