Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-01-10 | s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-01-10 | s4:provision_users.ldif - Fix memberships regarding the denied password RODC ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
replication group | |||||
2010-01-10 | s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
This belongs to the AD IIS stuff where I don't know yet if we should import it. | |||||
2010-01-10 | s4:provision_users.ldif - Import all essential groups for Windows Server ↵ | Matthias Dieter Wallnöfer | 1 | -85/+113 | |
2008 mode Additionally I had to fix some bugs (especially wrong "groupTypes") and reordered the objects using the SID (this is easier when enhancing the file). | |||||
2010-01-08 | s4:provision_self_join.ldif - Adapt comment after implementation of ↵ | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
distributed RIDs | |||||
2010-01-08 | s4-schema: fixes for W2K8-R2 schema | Andrew Tridgell | 2 | -35/+143 | |
The schema from WSPP had a number of typos that prevented it from working. These changes allow it to work with Samba, and allow w2k8r2 to run DCPROMO against Samba successfully Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-schema: added msDS-NcType to schema container | Andrew Tridgell | 1 | -0/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-schema: fixed attributes of aggregate schema | Andrew Tridgell | 1 | -0/+2 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: added W2K8-R2 schema as provided by WSPP | Andrew Tridgell | 2 | -0/+19529 | |
2010-01-08 | s4-provision: RID 1000 is consumed by the machine account | Andrew Tridgell | 1 | -1/+1 | |
2010-01-08 | s4-dsdb: added an extended operation for allocating a new RID pool | Andrew Tridgell | 1 | -0/+1 | |
This will be called by getncchanges when a client asks for a DRSUAPI_EXOP_FSMO_RID_ALLOC operation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: don't hard wire the creation of the RID Set object | Andrew Tridgell | 3 | -27/+16 | |
We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: the DC object itself needs a fixed objectSID | Andrew Tridgell | 1 | -1/+2 | |
We can't allocate a objectSID until we have rIDSetReferences, but that is in the DC object, so we have to force the objectSID of the DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-01-08 | s4-provision: added an initial RID Set | Andrew Tridgell | 2 | -2/+12 | |
We will allocate RIDs from this set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2009-12-31 | net: Move 'newuser' to 'net newuser' | Jelmer Vernooij | 3 | -78/+12 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-12-31 | net: Fix tests and documentation of setexpiry. | Jelmer Vernooij | 1 | -65/+0 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-12-31 | net: Move setexpiry to 'net setexpiry' | Jelmer Vernooij | 1 | -72/+0 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-12-31 | net: Move 'setpassword' to 'net setpassword'. | Jelmer Vernooij | 1 | -74/+0 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-12-29 | s4/net: Add domainlevel subcommand. | Jelmer Vernooij | 1 | -250/+0 | |
2009-12-29 | s4/net: Make pwsettings a net subcommand. | Jelmer Vernooij | 1 | -198/+0 | |
2009-12-15 | s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's. | Endi Sukma Dewata | 2 | -0/+8 | |
2009-12-01 | s4:setup Adjust upgradeprovision blackbox test now we don't have --targetdir | Andrew Bartlett | 1 | -2/+2 | |
2009-11-28 | s4:upgrade_from_s3 - Move it back to "setup" | Matthias Dieter Wallnöfer | 1 | -0/+86 | |
Suggested by Jelmer | |||||
2009-11-28 | s4:setup/provision - Rework | Matthias Dieter Wallnöfer | 1 | -5/+24 | |
- Revert change in "ask" - was previously correct - Readd accidentally removed checks for non-null realm and domainname - On interactive mode perform only one "ask" call per question - Inform the user about the unset administrator password | |||||
2009-11-28 | s4: fix SD update and password change in upgrade script | Matthieu Patou | 1 | -1/+1 | |
- reserve a new Samba OID for recalculate SD control - fix the update SD function - fix handling of kvno in the update_machine_account_password function - fix handling of handles in RPC winreg server Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2009-11-27 | s4:setup/provision - make the interactive mode work again | Matthias Dieter Wallnöfer | 1 | -13/+3 | |
2009-11-27 | s4:upgrade script - rename it to "upgrade_from_s3" and do some rework | Matthias Dieter Wallnöfer | 1 | -83/+0 | |
- Give a better name to the script - Move it to the location where also "upgradeprovision" resides - Fix up trailing whitespaces and tabs | |||||
2009-11-27 | s4:upgradeprovision add 'exit $failed' to blackbox test | Andrew Bartlett | 1 | -0/+2 | |
2009-11-27 | s4:selftest Add tests for upgradeprovision | Andrew Bartlett | 1 | -0/+26 | |
2009-11-24 | s4:provision Don't bother with a template for the LDAP backend startup script. | Andrew Bartlett | 1 | -2/+0 | |
2009-11-24 | s4:provision Move secrets.ldb over to .c file module lists, like sam.ldb | Andrew Bartlett | 1 | -1/+1 | |
2009-11-24 | s4:provision Remove 'operational' from secrets.ldb module list | Andrew Bartlett | 1 | -1/+1 | |
2009-11-23 | s4:dsdb Move module configuration from each ldb into samba_dsdb.c | Andrew Bartlett | 2 | -6/+7 | |
This makes getting the module order correct, the obligation of Samba4 developers, and not system administrators. In particular, once an ldb is updated to use only the 'samba_dsdb' module, no further changes to the ldb should be required when upgrading to later Samba4 versions. (thanks to metze for the suggestion of samba_dsdb as a long-term stable name for the module) Andrew Bartlett | |||||
2009-11-23 | s4:provision Simplify the module list | Andrew Bartlett | 1 | -1/+1 | |
This makes the member server much more like the DC, the objectGUID module replaces the repl_meta_data module. We also generally rework the construction of the list, building a full list in python, and then transforming it into a string, rather than playing string concatonation games Andrew Bartlett | |||||
2009-11-17 | s4:provision_users.ldif - Descriptions generally begin with a majuscle | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2009-11-17 | s4:provision Split up reference creation, load schema earlier in the stack | Andrew Bartlett | 2 | -13/+23 | |
The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett | |||||
2009-11-17 | s4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used features | Andrew Bartlett | 1 | -0/+0 | |
These flags, also on dsdb_module_search_dn() allow us to add commonly set controls to this pre-packaged blocking search, without rebuilding the whole function in each caller. Andrew Bartlett | |||||
2009-11-16 | s4:provision - Removed dependency on full Samba 3 schema from FDS | Endi S. Dewata | 3 | -39/+14 | |
2009-11-04 | Added security descriptor for the domain NC to provisioning. | Nadezhda Ivanova | 1 | -0/+1 | |
Necessary for correct descriptor inheritance. Based on the default state of a single DC. Will be modified later when we support multiple DCs. | |||||
2009-11-02 | s4:provision Rework provision to always have a ProvisionBackend | Andrew Bartlett | 1 | -1/+1 | |
Rather than treat the LDAP backend as a special case, treat all backends the same, with different callbacks. Andrew Bartlett | |||||
2009-11-02 | s4 - SID allocation using FDS DNA plugin | Endi S. Dewata | 6 | -0/+32 | |
2009-11-02 | s4:dsdb - Store SID as string in FDS. | Endi S. Dewata | 1 | -0/+2 | |
2009-11-02 | s4 - Mapped AD schema to existing FDS schema. | Endi S. Dewata | 3 | -1/+68 | |
2009-10-23 | s4:setup Mark 'cn' in secrets as case insensitive | Andrew Bartlett | 1 | -0/+1 | |
While this does not matter very much, others may later expect 'cn' to be case insensitive. Andrew Bartlett | |||||
2009-10-21 | s4:provision - rework the "guess_names" and "make_smbconf" method | Matthias Dieter Wallnöfer | 3 | -3/+3 | |
- Cleans it up from unnecessary "lower()/upper()" and parameters which can be derived through "lp" calls. - Substitute the "HOSTNAME" caption in the "smb.conf" templates with "NETBIOS_NAME" which fits better. - Now the "realm" and "domain" parameter of the provision are totally case insensitive and the script itself up/downcases them appropriately depending on the use (e.g. "realm" upcase for KERBEROS, lowcase for DNS domainname). | |||||
2009-10-21 | s4:provision Test ability to set GUIDs from provision command line | Andrew Bartlett | 1 | -0/+1 | |
2009-10-21 | s4:provison Allow the NTDS guid on the command line (for testing) | Andrew Bartlett | 1 | -0/+3 | |
This allows a blackbox test to confirm this can be set. Andrew Bartlett | |||||
2009-10-21 | s4:provision Set @OPTIONS in the provision_init.ldif | Andrew Bartlett | 2 | -3/+3 | |
The new partitions code knows to copy these items in when creating a new parition, so we can set it from the start. Andrew Bartlett | |||||
2009-10-21 | s4:dsdb Rework modules create new partitions at runtime | Andrew Bartlett | 2 | -3/+3 | |
This is done by passing an extended operation to the partitions module to extend the @PARTITION record and to extend the in-memory list of partitions. This also splits things up into module parts that belong above and below repl_meta_data Also slit the partitions module into two files due to the complexity of the code Andrew Barltett | |||||
2009-10-19 | s4-idmap: the idmap database should be indexed | Andrew Tridgell | 1 | -0/+4 | |