summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-10-03s4:dsdb Add objectClass and RDN constraints to objectClass moduleAndrew Bartlett1-8/+35
These additional constraints are applied, found by the Microsoft testsuite. - When the parent is not present, we now return 'NO_SUCH_OBJECT'. - Restrict the choice of RDN to the correct one per the schema - Honour the allowedChildClasses attribute from the parent's objectClass. Andrew Bartlett
2009-10-03s4:ldap.py - add a test for the "systemOnly" classesMatthias Dieter Wallnöfer1-1/+16
2009-10-03s4:dsdb Don't allow creation of systemOnly objectclassesMatthias Dieter Wallnöfer2-4/+10
(except as part of the provision, which specifies the 'relax' control) Andrew Bartlett
2009-10-03s4:rdn_name - fix up the rename operationMatthias Dieter Wallnöfer1-4/+4
A function call was wrong ("ldb_request" rathen than "ldb_next_request").
2009-10-03Revert "s4:LDB/LDAP - Re-allow renames"Matthias Dieter Wallnöfer1-49/+4
This reverts commit 767fce6fccf484b547219abd5e6abc941eacaf92. Simo pointed out that the patch generates race conditions. We need to solve this using a new control.
2009-10-02s4:repl_meta_data - variousMatthias Dieter Wallnöfer1-9/+38
- Add more "talloc_free"s and right error values where needed - Add a pre-lookup for entries before searching for metadata attribute (also suggested by TODO list) - Now the most part of "ldap.py" works again
2009-10-02s4:ldap.py - add a very special rename test (with invalid - empty RDN)Matthias Dieter Wallnöfer1-9/+23
2009-10-02s4:ldb_ildap - Don't segfault on a empty RDNMatthias Dieter Wallnöfer1-4/+12
2009-10-02s4:LDB/LDAP - Re-allow renamesMatthias Dieter Wallnöfer2-7/+47
The main problem is that the "rdn_name" module launches on a rename request also a modification one with the "special attributes" which can't be changed directly. An introduced flag helps to bypass the restriction.
2009-10-02s4:ldap.py - major enhancementsMatthias Dieter Wallnöfer1-102/+187
- Clean up and reorder it a bit - Test which adds invalid attributes - Test which makes sure that the 'distinguishedName' attribute cannot be modified - Test which makes sure that we cannot change the RDN/'name' attribute through a modify request
2009-10-02s4:ldb Don't allow RDN to be modified with an LDB modify messageAndrew Bartlett1-1/+30
Found by the Microsoft testsuite at the AD interop event. Andrew Bartlett
2009-10-02s4:rdn_name module - a normal error message should be enough for this failureMatthias Dieter Wallnöfer1-7/+9
I don't think that we really want to have this error printed out on the server console (stdout) since this hasn't serious results as DB or data corruption and similar.
2009-10-02s4:ldb Don't allow modifcation of distinguishedNameAndrew Bartlett1-1/+7
2009-10-02s4:dsdb Return correct error on invalid attributeAndrew Bartlett1-1/+2
This error per the Microsoft testsuite
2009-10-02s4:dsdb Pass down the exact error code on failure in repl_meta_dataAndrew Bartlett1-5/+5
2009-10-02s4:samdb_set_password - Return the maximum password age when requested (not ↵Matthias Dieter Wallnöfer1-2/+3
the minimum one)
2009-10-02s4:samdb_set_password - cosmetic fixesMatthias Dieter Wallnöfer1-44/+58
2009-10-02s4: fix various warnings (not "const" related ones)Matthias Dieter Wallnöfer27-71/+72
2009-10-02s4/srvsvc: deactivate a "ntvfs_connect" with a wrong parameterMatthias Dieter Wallnöfer1-1/+3
In the srvsvc code for s4 (NTVFS module) there exists a call to "ntvfs_connect" which is performed with a totally wrong argument. Since I'm not able to fix this, I commented it out and added a "FIXME" comment.
2009-10-02s4:provision_users.ldif - Put potential primary groups in front of the fileMatthias Dieter Wallnöfer1-19/+20
(So they can be always found by the SAMLDB module)
2009-10-02Revert "s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks."Andrew Tridgell1-47/+12
This reverts commit 38f87f40bfd7892043d49009067ae28431279580.
2009-10-02Revert "s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA"Andrew Tridgell1-4/+10
This reverts commit f0c2c9854c7659221fe9480110a7d9b2b48afbf9.
2009-10-02Revert "s4:ldb always talloc_free() the ldb_ldif_write context, even on success"Andrew Tridgell1-1/+0
This reverts commit a610843e9f21ee77fd29356313d2ef05fe25a1ed.
2009-10-02Revert "s4:ldb Remove LTDB_PACKING_FORMAT_NODN"Andrew Tridgell2-0/+16
This reverts commit bcbf0ae1e707c2355824800dc213d364070f070a.
2009-10-02Revert "s4-ldb: merged with master"Andrew Tridgell5-623/+523
This reverts commit 14c9070322d089dd96b389e8087c4f4bf1a6c7cc.
2009-10-02Revert "s4-ldb: overallocate idxptr to reduce memory fragmentation"Andrew Tridgell1-3/+1
This reverts commit e7846f69cacdd0551fcd777a71bf833a2fc9ca2b.
2009-10-02Revert "s4-ldb: fixed a memory leak"Andrew Tridgell1-6/+1
This reverts commit c7358d989034c9d936c04f2a7e4f89db252b798e.
2009-10-02s4-winbind: support the s3 response flags on krb5 auth tooAndrew Tridgell2-8/+65
This fixes the samba4.blackbox.wbinfo test, which was failing on a wbinfo -K command
2009-10-02s4-winbind: support the Samba3 TXT form of the info3 for wbinfo -aAndrew Tridgell1-0/+112
This sends the info3 as hand marshalled data
2009-10-02s4:ldb.h - cosmetic - add whitespaceMatthias Dieter Wallnöfer1-1/+1
2009-10-02s4:provision - Cosmetic - right indentationsMatthias Dieter Wallnöfer1-5/+6
2009-10-02s4:dsdb Fix crash from LDAP login of DOM\\Andrew Bartlett1-5/+3
The issue here is that when we resolve DOM\\ into an NT4 name, we would not initilise the nt4_account output. Andrew Bartlett
2009-10-02s4:dsdb rework instanceType module - put instanceType in provisionAndrew Bartlett5-33/+17
The instanceType needs to be specified in future because that's how the partitions are actually created.
2009-10-02s4:dsdb Don't allow creating of new objects with an isDefunct schema classAndrew Bartlett1-1/+7
2009-10-02s4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OIDAndrew Bartlett4-0/+154
This allows this control to be specified as critical. We support the control because we choose to always be durable in our transactions. We really, really need a 'duplicate request' API, as at the moment we can't do this without a large, error-prone set of code that cannot cope with new request fields or types. Andrew Bartlett
2009-10-02s4:ldap_server Ensure we don't segfault when sent a NULL new RDNAndrew Bartlett1-4/+7
The Microsoft testsuite tried to rename cn=administrator,cn=users,... into "",cn=users... which didn't go so well. Andrew Bartlett
2009-10-02s4:provision Ensure we add the schema with the 'relax' controlAndrew Bartlett1-2/+4
(allows addition of systemOnly classes)
2009-10-02s4-ldb: fixed a memory leakAndrew Tridgell1-1/+6
2009-10-02s4-ldb: overallocate idxptr to reduce memory fragmentationAndrew Tridgell1-1/+3
2009-10-02s4-ldb: merged with masterAndrew Bartlett5-523/+623
2009-10-02s4:ldb Remove LTDB_PACKING_FORMAT_NODNAndrew Bartlett2-16/+0
The restructured code makes this hader to support, and we have not had this kind of LDB for a very long time now. Andrew Bartlett
2009-10-02s4:ldb always talloc_free() the ldb_ldif_write context, even on successAndrew Bartlett1-0/+1
2009-10-02s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATAAndrew Bartlett1-10/+4
(The format of index records in the internal manipulation changed) Andrew Bartlett
2009-10-02s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks.Andrew Bartlett1-12/+47
We would use the mem_ctx for internal work, but previously we did not clean it up on exit. Andrew Bartlett
2009-10-02s4: Improve provisioning: use relax controlMatthieu Patou5-20/+24
Give the possibility to specify controls when loading ldif files. Relax control is specified by default for all ldb_add_diff (request Andrew B). Set domainguid if specified at the creation of object instead of modifying afterward Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade.
2009-10-02pythonbindings: allow add() to have an array of controls as second parameterMatthieu Patou1-0/+1
2009-10-02s4-ldb: Use relax control to check in replace metadata module if we accept ↵Matthieu Patou1-5/+38
request that specify objectGUID attribute.
2009-10-02s4-ldb: Add new relax controls that allow relaxed x500 constraints checksMatthieu Patou2-0/+35
2009-10-02s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()Andrew Bartlett1-1/+4
This segfault occoured in cases where we rejected (or never attempted) the tree connect, so had an invalid private pointer for the logoff codepath. Andrew Bartlett
2009-10-02s4:Ensure the selected RDN is the right one per the schemaAndrew Bartlett1-1/+7
The relative DN must be the one that the most specific structural objectclass specifies. Andrew Bartlett