Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 22 | -359/+618 | |
2009-09-21 | s4:kerberos Fix the salt to match Windows 2008. | Andrew Bartlett | 2 | -2/+2 | |
The previous commit changed the wrong end - we must fix our server, not our client. Andrew Bartlett | |||||
2009-09-21 | s4:provision Make our default salt match our server behaviour | Andrew Bartlett | 1 | -1/+1 | |
We need to look into salting algorithms further. Andrew Bartlett | |||||
2009-09-21 | s4:provision - Fix up ProvisioningError class as suggested by Jelmer | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
2009-09-21 | s4:samdb/tools - That should fix now the last failures | Matthias Dieter Wallnöfer | 3 | -3/+5 | |
2009-09-21 | s4:libnet_become_dc - bump down the level requested by abartlet | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2009-09-21 | s4:scripts - Reintroduce "-H" parameter | Matthias Dieter Wallnöfer | 6 | -12/+46 | |
I removed it since on some scripts it was present, on others not - so I thought it wouldn't be really needed. This was a bad decision (pointed out by abartlet). So I reintroduce it on all scripts (to have consistent parameters). | |||||
2009-09-20 | s4:provision Make us Windows 2008 level by defualt again | Andrew Bartlett | 1 | -4/+5 | |
Also add a note to clarify that this should not be changed without discussion and consensus. We don't want this bouncing around. Paramater support to allow optional selection of Win2003 mode welcomed. Andrew Bartlett | |||||
2009-09-21 | s4:dsdb/resolve_oids: add fast pathes for the common operations without oids | Stefan Metzmacher | 1 | -0/+217 | |
metze | |||||
2009-09-21 | s4:dsdb/resolve_oids: check return values in recursion | Stefan Metzmacher | 1 | -3/+6 | |
metze | |||||
2009-09-20 | s4:py_security Add missing header | Andrew Bartlett | 1 | -0/+23 | |
2009-09-20 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 9 | -52/+92 | |
2009-09-20 | s4:provision Use code to store domain join in 'net join' as well | Andrew Bartlett | 7 | -309/+283 | |
This ensures we only have one codepath to store the secret, and therefore that we have a single choke point for setting the saltPrincipal, which we were previously skipping. Andrew Bartlett | |||||
2009-09-20 | s4:ldb print out which LDB the transaction is still active on. | Andrew Bartlett | 1 | -2/+2 | |
2009-09-20 | s4:provision split provision of DNS zone and self join keytab | Andrew Bartlett | 4 | -28/+34 | |
2009-09-20 | s4-selftest: disable RAP-SCAN test | Andrew Tridgell | 1 | -0/+1 | |
also pointless now we have docs | |||||
2009-09-20 | s4-selftest: disable RPC-COUNTCALLS | Andrew Tridgell | 1 | -0/+1 | |
The RPC-COUNTCALLS was useful when we were working out IDL by hand | |||||
2009-09-20 | Initial implementation of security descriptor creation in DS | Nadezhda Ivanova | 6 | -14/+405 | |
TODO's: ACE sorting and clarifying the inheritance of object specific ace's. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Matthias Dieter Wallnöfer | 1 | -0/+29 | |
2009-09-20 | s4:python tools - try to fix some test problems | Matthias Dieter Wallnöfer | 3 | -14/+16 | |
2009-09-20 | s4:samba3sam.py test - remove the primary group ID attribute here | Matthias Dieter Wallnöfer | 1 | -7/+2 | |
This shouldn't be specified on creation time (Windows Server doesn't allow that). Hope this also fixes the test (see buildfarm). | |||||
2009-09-20 | s4:sec_descriptor - fix constant | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
2009-09-20 | Disable descriptor module unless enabled in smb.conf | Nadezhda Ivanova | 1 | -0/+29 | |
Since this code may still have some problems, it is not executed by default. To enable descriptor inheritance add: acl:inheritance = true in your smb.conf | |||||
2009-09-20 | s4:dsdb/common/util - Check for the right forest/domain function level | Matthias Dieter Wallnöfer | 1 | -0/+57 | |
This adds a function which performs the check for the supported forest and domain function levels. On an unsuccessful result a textual error message can be created (parameter "errmsg" != NULL) which gives hints for the user to help him fixing the issue. | |||||
2009-09-20 | s4:server.c - add linespace (only cosmetic) | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2009-09-20 | s4:domainlevel - fixed another error | Matthias Dieter Wallnöfer | 1 | -26/+9 | |
The second "nTMixedDomain" attribute (under Partitions/Domain-DN) is only a copy of the one under the directory root object. Therefore there doesn't exist the "Windows 2000 Mixed" forest level. | |||||
2009-09-20 | Fixed a difference in domain sid type when SID is provided by user. | Nadezhda Ivanova | 1 | -1/+4 | |
2009-09-20 | s4:ldb_parse - Fix the type of an array entry | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
I found this through a compile warning. Hope that I got this right. | |||||
2009-09-20 | s4:provision_configuration - fix "sPNMappings" | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
I reread some docs about this attributes and it seems that this as mapping attribute isn't host specific but in common for the whole domain. To allow Windows DCs to join our s4 domain sooner or later we have to provide the full attribute. | |||||
2009-09-20 | s4:domainlevel - further improvements | Matthias Dieter Wallnöfer | 1 | -9/+50 | |
- The tool displays now also mixed/interim domain levels and warns about them (s4 isn't capable to run on them) - But it allows now also to raise/step-up from them - It displays now also levels higher than 2008 R2 (altough we don't support them yet) but to be able to get a correct output | |||||
2009-09-20 | s4:provision: add the 'resolve_oids' on the top of the module stack | Stefan Metzmacher | 1 | -1/+2 | |
metze | |||||
2009-09-20 | dsdb/samdb: add resolve_oids module | Stefan Metzmacher | 2 | -0/+438 | |
Windows Servers allow OID strings to be used instead of attribute/class names. For now we only resolve the OIDs in the search expressions, the rest will follow. metze | |||||
2009-09-20 | s4:build: require ldb 0.9.7 | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2009-09-20 | s4:ldb: add ldb_parse_tree_copy_shallow() and change version to 0.9.7 | Stefan Metzmacher | 3 | -1/+65 | |
metze | |||||
2009-09-19 | s4-auth: add SID_NT_ENTERPRISE_DCS is a server trust account | Andrew Tridgell | 1 | -1/+13 | |
2009-09-19 | s4-drs: security checking on DRS needs to default to on | Andrew Tridgell | 1 | -1/+2 | |
2009-09-19 | s4-ldb: display an error if we can't decode a NDR blob | Andrew Tridgell | 1 | -1/+3 | |
2009-09-19 | s4-repl: need param.h for lp_parm_bool | Andrew Tridgell | 1 | -0/+1 | |
2009-09-19 | Handle dsdb_class_by_lDAPDisplayName returned values in schema_inferiors.c | Anatoliy Atanasov | 1 | -0/+8 | |
2009-09-19 | Move replmd_drsuapi_DsReplicaCursor2_compare to a common place. | Anatoliy Atanasov | 3 | -14/+8 | |
2009-09-19 | Add drs_security_level_check for dcesrv calls security checks | Anatoliy Atanasov | 6 | -20/+36 | |
There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true | |||||
2009-09-20 | s4:provision_basedn_modify - fix the "auditPolicy" attribute | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
I had to think about how to encode the string 0x0001 (taken from Windows Server). The problem is due to the "0" byte at the beginning of it. BASE64 encoding seems a good method to do it. | |||||
2009-09-19 | s4:utils Remove typo... | Andrew Bartlett | 1 | -1/+0 | |
2009-09-19 | s4:dsdb Print the partition we failed to suggest replication for | Andrew Bartlett | 1 | -1/+2 | |
2009-09-19 | s4:utils Explian fix for testparm -v | Andrew Bartlett | 1 | -2/+6 | |
The problem here was that we take an address of a bool, and then (via a void*) cast it to a int *, so put this in a comment. Andrew Bartlett | |||||
2009-09-19 | s4-ldb: bump minimum version in ldb too | Andrew Tridgell | 1 | -1/+1 | |
2009-09-19 | more include minimisation | Andrew Tridgell | 12 | -41/+0 | |
2009-09-19 | tdb: increase minor version | Andrew Tridgell | 1 | -1/+1 | |
we depend on reads in transactions for s4 replication | |||||
2009-09-19 | s4-smbd: removed unnecessary includes | Andrew Tridgell | 5 | -11/+0 | |
2009-09-19 | s4-scripts: make minimal_includes handle our -I overrides | Andrew Tridgell | 1 | -10/+20 | |