summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2010-07-10s4 net: Add spn module to list/add/remove spn on objectsMatthieu Patou1-0/+33
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-07-05s4:dsdb: allocate DSDB_CONTROL_BYPASS_PASSWORD_HASH_OIDStefan Metzmacher1-0/+1
When importing users from Samba3 we need to control all values. metze
2010-07-03s4:setup/provision_basedn_modify.ldif - set "minPwdAge" to the right valueMatthias Dieter Wallnöfer1-2/+1
Now we should have fixed all password related tests to cooperate with this value
2010-06-26s4:provision: add entries for root dns serversStefan Metzmacher1-0/+72
metze
2010-06-26s4:provision: move Samba4 specific DNS stuff to its own fileStefan Metzmacher3-20/+31
metze
2010-06-26s4:provision: add --next-rid optionStefan Metzmacher1-1/+3
Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze
2010-06-26s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool'Stefan Metzmacher4-3/+13
On Windows dcpromo imports nextRid from the local SAM, which means it's not hardcoded to 1000. The initlal rIDAvailablePool starts at nextRid + 100. I also found that the RID Set of the local dc should be created via provision and not at runtime, when the first rid is needed. (Tested with dcpromo on w2k8r2, while disabling the DNS check box). After provision we should have this (assuming nextRid=1000): rIDAllocationPool: 1100-1599 rIDPrevAllocationPool: 1100-1599 rIDUsedPool: 0 rIDNextRID: 1100 rIDAvailablePool: 1600-1073741823 Because provision sets rIDNextRid=1100, the first created account (typically DNS related accounts) will get 1101 as rid! metze
2010-06-24Revert "s4:provision.ldif - fix the number of available RIDs"Matthias Dieter Wallnöfer1-1/+1
This reverts commit 41cdcd54b7b7e3fb70fdb220e74a1daf30e1891a. As per request of metze revert this (cause written on the mailing list).
2010-06-24s4:provision.ldif - fix the number of available RIDsMatthias Dieter Wallnöfer1-1/+1
There should be 4611686014132422209 and not 4611686014132422109.
2010-06-24s4:provision.ldif - this Win2003 revision level seems always to be "9" on ↵Matthias Dieter Wallnöfer1-1/+1
Windows Server 2008 machines
2010-06-24s4:provision_users.ldif - change a group description to be correctMatthias Dieter Wallnöfer1-1/+1
2010-06-24s4:setup/provision.reg - raise version to Windows Server 2008 R2Matthias Dieter Wallnöfer1-1/+1
2010-06-20selftest: Use scripted testparm.Jelmer Vernooij1-1/+2
2010-06-20make test modules for net group set of commands and modification to the ↵Lukasz Zalewski2-1/+82
newuser to include additional parameters Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-20ldb: add a new control bypassioperationnalMatthieu Patou1-0/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-16s4:provision Add import for DS_DOMAIN_FUNCTION_2000Andrew Bartlett1-0/+1
2010-06-16s4:provision Allow functional level 2000 to be chosenAndrew Bartlett1-1/+3
2010-06-16s4:dsdb Add control for signaling between repl_meta_data and linked_attributesAndrew Bartlett1-0/+1
This control will allow the linked_attributes module to know if repl_meta_data has already handled the creation of forward and back links. Andrew Bartlett
2010-06-14s4:provision: Make gc._msdcs DNS entries A/AAAA recordsAndrew Kroeger1-1/+2
When adding an additional DC as a GC server, the new DC attempts to register its own gc._msdcs records. If the existing gc._msdcs record is a CNAME, BIND fails the update with the message "attempt to add non-CNAME alongside CNAME ignored", and the new DC is not registered as a GC server. The A & AAAA record types for gc._msdcs have been verified against the DNS server of a W2K8 DC.
2010-06-13s4:fix allocated control OIDs for "password_hash" LDB moduleMatthias Dieter Wallnöfer1-3/+5
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date.
2010-06-13Friendlier message.Jelmer Vernooij1-2/+2
2010-06-13upgradeprovision: Use logging infrastructure.Jelmer Vernooij1-7/+11
2010-06-13s4-python: Start using standard python logging infrastructure ratherJelmer Vernooij1-8/+11
than simple messaging callbacks.
2010-06-06s4:provision - fix typo in substitution variableMatthias Dieter Wallnöfer1-1/+1
2010-05-24s4:setup/*.ldif - remove unneeded "cn" attributesMatthias Dieter Wallnöfer2-2/+0
Should be generated automatically
2010-05-13s4:domain functional level - it is also specified in the domain object under ↵Matthias Dieter Wallnöfer1-0/+1
partitions Discovered by the "ldapcmp" tool
2010-05-13s4:provision_configuration.ldif - add more extended rights objectsMatthias Dieter Wallnöfer1-0/+60
2010-05-13s4:provision_users.ldif - fix up and reorder the well-known security principalsMatthias Dieter Wallnöfer1-5/+10
2010-05-13s4:provision_configuration.ldif - add more Windows 2008 forest operationsMatthias Dieter Wallnöfer1-0/+120
2010-05-13s4:provision_configuration.ldif - the revision level of "Windows2003Update" ↵Matthias Dieter Wallnöfer1-1/+1
should obviously be 10 Compared against my Windows Server 2008 and Zahari's output.
2010-05-13s4:provision_configuration.ldif - "CN=94fdebc6-8eeb-4640-80de-ec52b9ca17fa" ↵Matthias Dieter Wallnöfer1-0/+1
operation is of version 3
2010-05-13s4:provision*.ldif - always set the "msDS-NcType" attribute correctlyMatthias Dieter Wallnöfer2-1/+2
2010-05-13s4:provision_configuration.ldif - set the right schedule on the default site ↵Matthias Dieter Wallnöfer1-0/+1
in the NTDS site settings
2010-05-13s4:provision_configuration.ldif - The "NTDS Quotas" object is system-criticalMatthias Dieter Wallnöfer1-0/+1
2010-05-13s4:provision_configuration.ldif - "sites" objectMatthias Dieter Wallnöfer1-6/+2
- The default site doesn't contain a licensing object - Adequate two other values (a "showInAdvancedViewOnly" and a "systemFlags" one)
2010-05-13s4:provision.ldif - add IP security objects as they exist on Windows ServerMatthias Dieter Wallnöfer1-0/+282
2010-05-13s4:provision.ldif - add more Windows 2008 domain operationsMatthias Dieter Wallnöfer1-0/+72
2010-05-13s4:provision_users.ldif - On Windows Server >= 2008 security principal ↵Matthias Dieter Wallnöfer1-6/+0
S-1-5-20 doesn't exist anymore
2010-05-13s4:provision.ldif - "passwordSettingsContainer" add "showInAdvancedViewOnly"Matthias Dieter Wallnöfer1-0/+1
2010-05-13s4:provision.ldif - fix up "NTDS Quotas" "systemFlags"Matthias Dieter Wallnöfer1-1/+1
2010-05-13s4:provision_users.ldif - fix up Administrator's "userAccountControl"Matthias Dieter Wallnöfer1-1/+1
2010-05-13s4:provision_basedn_modify.ldif - fix up "maxPwdAge"Matthias Dieter Wallnöfer1-2/+2
2010-05-13s4:provision_users.ldif - Fix typos in user/group objectsMatthias Dieter Wallnöfer1-13/+13
2010-05-10s4:dsdb: add new controlsMatthias Dieter Wallnöfer1-0/+3
- Add a new control for getting status informations (domain informations, password change status) directly from the module - Add a new control for allowing direct hash changes - Introduce an addtional control "change_old password checked" for the password
2010-05-10s4:setup: mark DSDB_CONTROL_DN_STORAGE_FORMAT_OID 1.3.6.1.4.1.7165.4.3.4 as ↵Stefan Metzmacher1-2/+4
allocated metze
2010-05-10s4:blackbox password tests - more complex passwordsStefan Metzmacher2-5/+5
2010-05-10s3:provision_basedn_modify.ldif - add "msDS-NcType" attribute and fix commentsMatthias Dieter Wallnöfer1-1/+5
2010-04-27Install spn_update_list to setup/ dirMarcel Ritter1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-04-27s4-dsdb: added samba_spnupdateAndrew Tridgell1-0/+27
this script adds all our required servicePrincipalName entries at runtime. The admin can add more entries to spn_update_list as needed
2010-04-27s4-dns: explain what the file is forAndrew Tridgell1-0/+2
generated by cgit (git 2.34.1) at 2024-06-29 01:57:10 +0000