Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-09-23 | s4: Handle DRSUAPI_DS_REPLICA_NEIGHBOUR_SPECIAL_SECRET_PROCESSING in ↵ | Anatoliy Atanasov | 3 | -4/+46 | |
getncchanges When this flag is specified in the request these attributes are treated as secret: currentValue, dBCSPwd, initialAuthIncoming, initialAuthOutgoing, lmPwdHistory, ntPwdHistory, priorValue, supplementalCredentials, trustAuthIncoming, trustAuthOutgoing, unicodePwd Their value is changed to NULL and the meta_data.originating_change_time to 0 | |||||
2009-09-23 | s4: Handle DRSUAPI_DS_REPLICA_NEIGHBOUR_ASYNC_REP in getncchanges | Anatoliy Atanasov | 1 | -1/+7 | |
When this flag is specified in the request we should return for ncRoot only and so scope of search is LDB_SCOPE_BASE. | |||||
2009-09-23 | s4: Handle DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_SYNC_PACKET in getncchanges | Anatoliy Atanasov | 1 | -0/+6 | |
When this flag is specified in the request we shouldn't use the uptodateness vector in the request. | |||||
2009-09-23 | s4: Handle DRSUAPI_DS_REPLICA_NEIGHBOUR_CRITICAL_ONLY req in getncchanges | Anatoliy Atanasov | 3 | -10/+15 | |
2009-09-23 | s4:ldif_handlers Fix memory leak in objectCategory LDIF handler | Andrew Bartlett | 1 | -0/+1 | |
2009-09-23 | s4-drs: fill in more guids and SIDs, plus filter rDN | Andrew Tridgell | 1 | -3/+48 | |
In DsGetNCChanges we need to fill in the parentGUID and objectGUID of each object, plus we need to filter out the rDN from the meta data, and always send the instanceType | |||||
2009-09-23 | s4-dsdb: cope with windows sending extra pad bytes | Andrew Tridgell | 1 | -4/+4 | |
2009-09-23 | s4-dsdb: added dsdb_find_sid_by_dn() | Andrew Tridgell | 1 | -0/+30 | |
2009-09-23 | s4-drsserver: fixed addition of sort control | Andrew Tridgell | 1 | -5/+7 | |
2009-09-23 | fixed spelling | Andrew Tridgell | 1 | -1/+1 | |
2009-09-23 | s4-drs: ignore zero value elements in DRS add operations | Andrew Tridgell | 1 | -0/+13 | |
w2k8 sometimes sends us a new object via DRS with an attribute with no values | |||||
2009-09-23 | s4-netlogon: always set the dNSHostName in GetDomainInfo | Andrew Tridgell | 1 | -3/+7 | |
This seems to be what w2k8 does | |||||
2009-09-23 | s4-netlogon: make GetDomainInfo response match w2k8 | Andrew Tridgell | 1 | -13/+21 | |
2009-09-23 | s4-cldap: return domainFunctionality from SAM | Andrew Tridgell | 1 | -0/+5 | |
2009-09-23 | Check for PyString_FromString being NULL. | Jelmer Vernooij | 1 | -4/+10 | |
2009-09-23 | provision: Avoid linking in multiple copies of security python module. | Jelmer Vernooij | 4 | -37/+30 | |
2009-09-22 | s4-drsserver: sort by DN to give tree order | Andrew Tridgell | 3 | -8/+29 | |
This might help the windows client with ordered requests. Later we need to support the "ancestors" mode flag. | |||||
2009-09-22 | s4-ldb: server side sort args are const char * | Andrew Tridgell | 1 | -2/+2 | |
2009-09-22 | s4-ldb: fixed call argument order for ldb_dn_from_ldb_val | Andrew Tridgell | 1 | -3/+3 | |
This caused _lots_ of problems, especially in server side sort | |||||
2009-09-22 | s4-ldb: added a bunch more debug for DC join | Andrew Tridgell | 6 | -0/+23 | |
These additional debug messages were added to help us track down w2k8->s4 domain join | |||||
2009-09-22 | s4-ldb: when tracing, show ldb_set_debug messages | Andrew Tridgell | 1 | -0/+3 | |
2009-09-22 | s4-ldbmodules: allow instanceType to be specified by clients | Andrew Tridgell | 1 | -0/+6 | |
This is needed for the WSPP ADS testsuite | |||||
2009-09-22 | s4-torture: add some debug info to RPC-HANDLES | Andrew Tridgell | 1 | -0/+5 | |
2009-09-22 | s4-rpcserver: added support for shared handles | Andrew Tridgell | 3 | -6/+49 | |
This supports shared RPC handles across connections on all RPC interfaces. It turns out that w2k3 and w2k8 don't actually support this on all pipes. We need to test which pipes we should enable this on. | |||||
2009-09-22 | s4-lsa: added support for QuerySecurity on LSA | Andrew Tridgell | 1 | -2/+85 | |
This follows the sd pattern from samba3 | |||||
2009-09-22 | s4-rpcserver: added shared association groups | Andrew Tridgell | 3 | -34/+111 | |
This patch allows us to share association groups and their rpc handles between connections. This is needed for some DRSUAPI behaviour when recent windows clients connect. | |||||
2009-09-22 | s4-rpcserver: run all RPC operations in a single task | Andrew Tridgell | 1 | -1/+8 | |
This will make it much easier to implement shared handles with association groups. It also means we can shared the ldb between RPC connections. | |||||
2009-09-22 | s4-rpc: remove two unused functions | Andrew Tridgell | 1 | -32/+3 | |
2009-09-22 | s4-ldb: only show the outer level of ldb ops when tracing | Andrew Tridgell | 3 | -4/+38 | |
2009-09-22 | s4-ldb: don't show timestamps on every line of ldb traces | Andrew Tridgell | 5 | -64/+100 | |
This adds ldb_debug_add() and ldb_debug_end() to format multiline messages | |||||
2009-09-22 | Move the check above the talloc | Anatoliy Atanasov | 1 | -5/+6 | |
2009-09-21 | s4:dsdb Fix of double addition of SD-s | Nadezhda Ivanova | 2 | -11/+25 | |
Also add error strings in descriptor module | |||||
2009-09-21 | s4:ldb Add 'single-value' support to LDB. | Andrew Bartlett | 3 | -2/+56 | |
This is currently only triggered via Samba4's schema code. | |||||
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 14 | -25/+358 | |
2009-09-21 | Initial Implementation of the DS objects access checks. | Nadezhda Ivanova | 9 | -1/+1441 | |
Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified. | |||||
2009-09-21 | Add support in the ldb_dn.c code for MS-ADTS:3.1.1.5.1.2 Naming Constraints | Anatoliy Atanasov | 1 | -0/+13 | |
2009-09-21 | Add tests for MS-ADTS:3.1.1.5.1.2 Naming Constraints | Anatoliy Atanasov | 1 | -0/+29 | |
2009-09-21 | s4:dsdb Run the new 'descriptor' module by default. | Andrew Bartlett | 1 | -6/+0 | |
This code was derived from the objectclass module, and we need the new code in the default provision, or else no ACL is set on each object. Andrew Bartlett | |||||
2009-09-21 | s4-ldb: bit prettier output | Andrew Tridgell | 1 | -7/+15 | |
2009-09-21 | s4-ldb: fixed O(n^2) string handling in ldif debug print | Andrew Tridgell | 1 | -3/+3 | |
2009-09-21 | s4-samdb: enable ldb tracing when log level >= 10 | Andrew Tridgell | 1 | -0/+4 | |
2009-09-21 | s4-schema: don't trace the schema load (too verbose) | Andrew Tridgell | 1 | -12/+24 | |
2009-09-21 | s4-ldb: add --trace command line option to ldb tools | Andrew Tridgell | 2 | -0/+6 | |
This enabled LDB_FLG_ENABLE_TRACING | |||||
2009-09-21 | s4-ldb: add a LDB_FLG_ENABLE_TRACING for full ldb tracing | Andrew Tridgell | 4 | -1/+135 | |
When LDB_FLG_ENABLE_TRACING is set ldb will send full traces of all operations and results | |||||
2009-09-21 | s4-ldap: default edn type is 0 | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | s4-ldb: add support for extended DNs in the rootDSE | Andrew Tridgell | 1 | -2/+135 | |
W2K8 join as a DC relies on being able to ask for the sid component of extended DNs from the rootDSE DNs | |||||
2009-09-21 | s4-dsdb: fixed a printf format warning | Andrew Tridgell | 1 | -1/+1 | |
2009-09-21 | Merge branch 'master' of git://git.samba.org/samba | Nadezhda Ivanova | 22 | -359/+618 | |
2009-09-21 | s4:kerberos Fix the salt to match Windows 2008. | Andrew Bartlett | 2 | -2/+2 | |
The previous commit changed the wrong end - we must fix our server, not our client. Andrew Bartlett | |||||
2009-09-21 | s4:provision Make our default salt match our server behaviour | Andrew Bartlett | 1 | -1/+1 | |
We need to look into salting algorithms further. Andrew Bartlett |