Age | Commit message (Collapse) | Author | Files | Lines |
|
Decode Attribute OID using prefixMap and
ATTID received during replication
Based on MS documentation. See MS-DRSR.pdf - 5.16.4
|
|
Drsuapi tests module registers two suites:
- DRS-RPC - tests to be executed against remote machine
- DRS-UNIT - unit test for internal testing
|
|
The biggest change is that 'oid' field is transmited in binary format.
Also the field name is changed to 'binary_oid' so that
field format to be clear for callers.
After those changes, Samba4 should work the way it works before -
i.e. no added value here but we should not fail when
partial-oid is part of prefixMap transmited from Win server.
Also, thre is a bug in this patch - partial-binary-OIDs are
not handled correctly. Partial-binary-OIDs received during
replication will be encoded, but not handled correctly.
|
|
Empty attributes are no longer allowed by ldb. This also fixes the
error checking in winsdb_message()
This fixes the samba4.nbt.winsreplication test
|
|
Guenther
|
|
This matches the sec_access_check() code
|
|
The correct answer depends on the users privileges.
|
|
"dcerpc_generic_session_key"
I don't think that this code needs to exist identically on the server and on the
client side. This patch leaves it on the client side (dcerpc lib) and calls it
from the server.
|
|
I think this is a better location for this script. Since the subdirectory
"script" of "source4" contains only scripts for "make install" and "make
uninstall".
|
|
This helps with the CIFS NTVFS backend, but doesn't solve all problems
|
|
The CIFS passthru NTVFS doesn't handle some options yet (eg. root_fid)
|
|
|
|
This one didn't matter until the root_fid changed the alignment of the
two structures.
|
|
It is annoying when you mistype a command line option and aren't told.
|
|
Construct the filename from the old handle and the new name.
|
|
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
|
|
The CREATEX_ACCESS test shows that this is used as a bit test, not a
equality test
|
|
This failed on one of my test boxes that has a group called
"testgroup". using "testgroupXX" should be a bit better.
|
|
|
|
This should fix bug #6755.
|
|
|
|
w2k8 imposes a limit of 64 characters on the rDN
|
|
This is a property of AD, not ldb, so should be in our ldb
modules.
|
|
This isn't the rDN !
|
|
|
|
This avoids having to do make install after each change when using the
drs devel scripts
|
|
The DRSUAPI_DRS_ADD_REF flag tells the DRS server to run an UpdateRefs
call on behalf of the client after the DsGetNCChanges call. The lack
of support for this option may explain why the repsTo attribute was
not being created for w2k8-r2 replication partners.
|
|
The DsUpdateRefs calls takes a set of flags that indicates if the
server should ignore specific add/delete error codes.
This patch also exposes the core UpdateRefs call into a public
function, so that it can be called from DsGetNCChanges
|
|
|
|
Check the validity of the requested options in DsGetNCChanges
|
|
Later we will need to make samdb_rodc() look in the database, but for
now we should at least have the function in a central place
|
|
|
|
And don't cut them out from the DNS hostname.
|
|
|
|
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
|
|
Change "lp_realm" behaviour to return the realm always upcased and add a
function "lp_dnsdomain" which returns it always lowcased.
|
|
This reverts commit 11a8a54c825a52d7dd6ab78bc7aeff2d719327d2.
The actual fix for bug 6801 is in hdb_end_seq_get() - this attempt
leaks 'db' instead.
Andrew Bartlett
|
|
The issue was that we would free the entry after the database, not
knowing that the entry was a talloc child of the database.
Andrew Bartlett
|
|
"db" is freed anyway after the destructor terminates so this does really make
no sense here (rather it makes code crash).
Should fix bug #6801.
|
|
|
|
In this code part under certain circumstances we can end up with an empty message.
Since our new behaviour denies them (like the real AD) we need to bypass them
on LDB modify calls.
|
|
|
|
Make more use of constants and add some braces around "if" blocks
|
|
I hope that this makes abartlet & simo happy again (consider mailing list).
|
|
When we indicate that a getncchanges request is not complete, we set
the more_data flag to true in the response. The client usually then
asks for the next block of data. If the client decides it wants to
skip that replication and do a different replication then we need to
make sure that the next call is in fact a continuation of the existing
call, and not a new call.
This relies on returning the results sorted by uSNChanged, as the
client uses the tmp_highest_usn in each result to see if progress is
being made.
|
|
(Remove unneeded "upper"s)
|
|
I think the check for empty messages fits best here.
|
|
operation"
This reverts commit f9990e9b391f330a8e6c5c158ee4e4eaa50f6176.
abartlet claims that this behaviour is too AD specific to put here. Btw I had
also some doubts if this is clean enough. I put it only here to make "ldap.py"
pass.
I'll try to find a new solution soon.
|
|
|
|
They are not stored, so we can ignore them (makes copying records much
easier)
Andrew Bartlett
|