Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-10-03 | s4:dsdb Add objectClass and RDN constraints to objectClass module | Andrew Bartlett | 1 | -8/+35 | |
These additional constraints are applied, found by the Microsoft testsuite. - When the parent is not present, we now return 'NO_SUCH_OBJECT'. - Restrict the choice of RDN to the correct one per the schema - Honour the allowedChildClasses attribute from the parent's objectClass. Andrew Bartlett | |||||
2009-10-03 | s4:ldap.py - add a test for the "systemOnly" classes | Matthias Dieter Wallnöfer | 1 | -1/+16 | |
2009-10-03 | s4:dsdb Don't allow creation of systemOnly objectclasses | Matthias Dieter Wallnöfer | 2 | -4/+10 | |
(except as part of the provision, which specifies the 'relax' control) Andrew Bartlett | |||||
2009-10-03 | s4:rdn_name - fix up the rename operation | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
A function call was wrong ("ldb_request" rathen than "ldb_next_request"). | |||||
2009-10-03 | Revert "s4:LDB/LDAP - Re-allow renames" | Matthias Dieter Wallnöfer | 1 | -49/+4 | |
This reverts commit 767fce6fccf484b547219abd5e6abc941eacaf92. Simo pointed out that the patch generates race conditions. We need to solve this using a new control. | |||||
2009-10-02 | s4:repl_meta_data - various | Matthias Dieter Wallnöfer | 1 | -9/+38 | |
- Add more "talloc_free"s and right error values where needed - Add a pre-lookup for entries before searching for metadata attribute (also suggested by TODO list) - Now the most part of "ldap.py" works again | |||||
2009-10-02 | s4:ldap.py - add a very special rename test (with invalid - empty RDN) | Matthias Dieter Wallnöfer | 1 | -9/+23 | |
2009-10-02 | s4:ldb_ildap - Don't segfault on a empty RDN | Matthias Dieter Wallnöfer | 1 | -4/+12 | |
2009-10-02 | s4:LDB/LDAP - Re-allow renames | Matthias Dieter Wallnöfer | 2 | -7/+47 | |
The main problem is that the "rdn_name" module launches on a rename request also a modification one with the "special attributes" which can't be changed directly. An introduced flag helps to bypass the restriction. | |||||
2009-10-02 | s4:ldap.py - major enhancements | Matthias Dieter Wallnöfer | 1 | -102/+187 | |
- Clean up and reorder it a bit - Test which adds invalid attributes - Test which makes sure that the 'distinguishedName' attribute cannot be modified - Test which makes sure that we cannot change the RDN/'name' attribute through a modify request | |||||
2009-10-02 | s4:ldb Don't allow RDN to be modified with an LDB modify message | Andrew Bartlett | 1 | -1/+30 | |
Found by the Microsoft testsuite at the AD interop event. Andrew Bartlett | |||||
2009-10-02 | s4:rdn_name module - a normal error message should be enough for this failure | Matthias Dieter Wallnöfer | 1 | -7/+9 | |
I don't think that we really want to have this error printed out on the server console (stdout) since this hasn't serious results as DB or data corruption and similar. | |||||
2009-10-02 | s4:ldb Don't allow modifcation of distinguishedName | Andrew Bartlett | 1 | -1/+7 | |
2009-10-02 | s4:dsdb Return correct error on invalid attribute | Andrew Bartlett | 1 | -1/+2 | |
This error per the Microsoft testsuite | |||||
2009-10-02 | s4:dsdb Pass down the exact error code on failure in repl_meta_data | Andrew Bartlett | 1 | -5/+5 | |
2009-10-02 | s4:samdb_set_password - Return the maximum password age when requested (not ↵ | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
the minimum one) | |||||
2009-10-02 | s4:samdb_set_password - cosmetic fixes | Matthias Dieter Wallnöfer | 1 | -44/+58 | |
2009-10-02 | s4: fix various warnings (not "const" related ones) | Matthias Dieter Wallnöfer | 27 | -71/+72 | |
2009-10-02 | s4/srvsvc: deactivate a "ntvfs_connect" with a wrong parameter | Matthias Dieter Wallnöfer | 1 | -1/+3 | |
In the srvsvc code for s4 (NTVFS module) there exists a call to "ntvfs_connect" which is performed with a totally wrong argument. Since I'm not able to fix this, I commented it out and added a "FIXME" comment. | |||||
2009-10-02 | s4:provision_users.ldif - Put potential primary groups in front of the file | Matthias Dieter Wallnöfer | 1 | -19/+20 | |
(So they can be always found by the SAMLDB module) | |||||
2009-10-02 | Revert "s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks." | Andrew Tridgell | 1 | -47/+12 | |
This reverts commit 38f87f40bfd7892043d49009067ae28431279580. | |||||
2009-10-02 | Revert "s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA" | Andrew Tridgell | 1 | -4/+10 | |
This reverts commit f0c2c9854c7659221fe9480110a7d9b2b48afbf9. | |||||
2009-10-02 | Revert "s4:ldb always talloc_free() the ldb_ldif_write context, even on success" | Andrew Tridgell | 1 | -1/+0 | |
This reverts commit a610843e9f21ee77fd29356313d2ef05fe25a1ed. | |||||
2009-10-02 | Revert "s4:ldb Remove LTDB_PACKING_FORMAT_NODN" | Andrew Tridgell | 2 | -0/+16 | |
This reverts commit bcbf0ae1e707c2355824800dc213d364070f070a. | |||||
2009-10-02 | Revert "s4-ldb: merged with master" | Andrew Tridgell | 5 | -623/+523 | |
This reverts commit 14c9070322d089dd96b389e8087c4f4bf1a6c7cc. | |||||
2009-10-02 | Revert "s4-ldb: overallocate idxptr to reduce memory fragmentation" | Andrew Tridgell | 1 | -3/+1 | |
This reverts commit e7846f69cacdd0551fcd777a71bf833a2fc9ca2b. | |||||
2009-10-02 | Revert "s4-ldb: fixed a memory leak" | Andrew Tridgell | 1 | -6/+1 | |
This reverts commit c7358d989034c9d936c04f2a7e4f89db252b798e. | |||||
2009-10-02 | s4-winbind: support the s3 response flags on krb5 auth too | Andrew Tridgell | 2 | -8/+65 | |
This fixes the samba4.blackbox.wbinfo test, which was failing on a wbinfo -K command | |||||
2009-10-02 | s4-winbind: support the Samba3 TXT form of the info3 for wbinfo -a | Andrew Tridgell | 1 | -0/+112 | |
This sends the info3 as hand marshalled data | |||||
2009-10-02 | s4:ldb.h - cosmetic - add whitespace | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2009-10-02 | s4:provision - Cosmetic - right indentations | Matthias Dieter Wallnöfer | 1 | -5/+6 | |
2009-10-02 | s4:dsdb Fix crash from LDAP login of DOM\\ | Andrew Bartlett | 1 | -5/+3 | |
The issue here is that when we resolve DOM\\ into an NT4 name, we would not initilise the nt4_account output. Andrew Bartlett | |||||
2009-10-02 | s4:dsdb rework instanceType module - put instanceType in provision | Andrew Bartlett | 5 | -33/+17 | |
The instanceType needs to be specified in future because that's how the partitions are actually created. | |||||
2009-10-02 | s4:dsdb Don't allow creating of new objects with an isDefunct schema class | Andrew Bartlett | 1 | -1/+7 | |
2009-10-02 | s4:dsdb Add 'lazy_commit' module to swallow the 'lazy commit' OID | Andrew Bartlett | 4 | -0/+154 | |
This allows this control to be specified as critical. We support the control because we choose to always be durable in our transactions. We really, really need a 'duplicate request' API, as at the moment we can't do this without a large, error-prone set of code that cannot cope with new request fields or types. Andrew Bartlett | |||||
2009-10-02 | s4:ldap_server Ensure we don't segfault when sent a NULL new RDN | Andrew Bartlett | 1 | -4/+7 | |
The Microsoft testsuite tried to rename cn=administrator,cn=users,... into "",cn=users... which didn't go so well. Andrew Bartlett | |||||
2009-10-02 | s4:provision Ensure we add the schema with the 'relax' control | Andrew Bartlett | 1 | -2/+4 | |
(allows addition of systemOnly classes) | |||||
2009-10-02 | s4-ldb: fixed a memory leak | Andrew Tridgell | 1 | -1/+6 | |
2009-10-02 | s4-ldb: overallocate idxptr to reduce memory fragmentation | Andrew Tridgell | 1 | -1/+3 | |
2009-10-02 | s4-ldb: merged with master | Andrew Bartlett | 5 | -523/+623 | |
2009-10-02 | s4:ldb Remove LTDB_PACKING_FORMAT_NODN | Andrew Bartlett | 2 | -16/+0 | |
The restructured code makes this hader to support, and we have not had this kind of LDB for a very long time now. Andrew Bartlett | |||||
2009-10-02 | s4:ldb always talloc_free() the ldb_ldif_write context, even on success | Andrew Bartlett | 1 | -0/+1 | |
2009-10-02 | s4:ldb Fix ldb_list_find() folowing the change from char * to TDB_DATA | Andrew Bartlett | 1 | -10/+4 | |
(The format of index records in the internal manipulation changed) Andrew Bartlett | |||||
2009-10-02 | s4:ldb-samba Use temp talloc contexts and talloc_steal avoid leaks. | Andrew Bartlett | 1 | -12/+47 | |
We would use the mem_ctx for internal work, but previously we did not clean it up on exit. Andrew Bartlett | |||||
2009-10-02 | s4: Improve provisioning: use relax control | Matthieu Patou | 5 | -20/+24 | |
Give the possibility to specify controls when loading ldif files. Relax control is specified by default for all ldb_add_diff (request Andrew B). Set domainguid if specified at the creation of object instead of modifying afterward Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade. | |||||
2009-10-02 | pythonbindings: allow add() to have an array of controls as second parameter | Matthieu Patou | 1 | -0/+1 | |
2009-10-02 | s4-ldb: Use relax control to check in replace metadata module if we accept ↵ | Matthieu Patou | 1 | -5/+38 | |
request that specify objectGUID attribute. | |||||
2009-10-02 | s4-ldb: Add new relax controls that allow relaxed x500 constraints checks | Matthieu Patou | 2 | -0/+35 | |
2009-10-02 | s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security() | Andrew Bartlett | 1 | -1/+4 | |
This segfault occoured in cases where we rejected (or never attempted) the tree connect, so had an invalid private pointer for the logoff codepath. Andrew Bartlett | |||||
2009-10-02 | s4:Ensure the selected RDN is the right one per the schema | Andrew Bartlett | 1 | -1/+7 | |
The relative DN must be the one that the most specific structural objectclass specifies. Andrew Bartlett |