Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-04-27 | s4:torture - GetAnyDCName - adaptions | Matthias Dieter Wallnöfer | 1 | -2/+23 | |
- Check for the various domainname set modes (on NULL and "" the domain should be the default domain on the server) - support return value "WERR_NO_SUCH_DOMAIN" (the server is the PDC of the domain) Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:dcesrv_netr_GetAnyDCName - improve the call according to the MS-NRPC ↵ | Matthias Dieter Wallnöfer | 1 | -7/+55 | |
documentation This implementation checks if the domainname is valid for us or a trusted domain. Then I've also added the PDC location functionality. That means that we should return "WERR_NO_SUCH_DOMAIN" (MS-NRPC 3.5.5.2.5). Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:torture - DsRAddressesToSitenames - enhance the testsuite | Matthias Dieter Wallnöfer | 1 | -24/+264 | |
This shows the Windows behaviour of these two calls which we should match. Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:netr_DsRAddressToSitenames[Ex]W calls - implement them correctly with the ↵ | Matthias Dieter Wallnöfer | 1 | -16/+93 | |
client site information This behaviour should be similar to the one of Windows Server (in my case 2008) Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:CLDAP server - make use of the new "samdb_client_site_name" call | Matthias Dieter Wallnöfer | 1 | -2/+3 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4:util - add a function which finds the matching client site using the ↵ | Matthias Dieter Wallnöfer | 1 | -0/+90 | |
client address The lookup of the client site is done using the subnets in the configuration partition. If no one matches we use the Windows Server fallback mechansim. This means: if only one site is available just use it. If they're more set the output variable to "". Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-04-27 | s4-drsdevel: support sites in drs developer scripts | Andrew Tridgell | 3 | -3/+7 | |
2010-04-27 | s4-vampire: show main CLDAP response attributes during vampire | Andrew Tridgell | 1 | -0/+4 | |
2010-04-27 | s4-repl: added a workaround for WERR_DS_DRA_NO_REPLICA DsReplicaSync errors | Andrew Tridgell | 2 | -2/+19 | |
The 0xc0002104/WERR_DS_DRA_NO_REPLICA seems to be spurious, and can be avoided by setting DRSUAPI_DRS_SYNC_ALL in the DsReplicaSync request. We need to investigate this further, and find out from MS why this is sometimes being sent, even when the target DC has the right repsFrom entries | |||||
2010-04-27 | s4-dns: fixed dc.dc duplication in DNS update list | Andrew Tridgell | 1 | -2/+2 | |
2010-04-27 | s4-drs: add entries to repsTo based on calculated repsFrom | Andrew Tridgell | 1 | -2/+30 | |
This is based on the documentation: "the KCC will automatically create the Reps-To attributes on destination DSAs based on other DSAs Reps-From entries." | |||||
2010-04-27 | s4-drepl: don't setup a repsFrom from a DC that isn't a master for a NC | Andrew Tridgell | 1 | -5/+50 | |
use hasMasterNCs to see what NCs we should be pulling from each DC | |||||
2010-04-27 | s4-getncchanges: honor DRSUAPI_DRS_REF_GCSPN | Andrew Tridgell | 1 | -1/+3 | |
this is an alternative way of establishing repsTo | |||||
2010-04-27 | s4-repl: these messages are common, and don't deserve debug level 1 | Andrew Tridgell | 1 | -2/+2 | |
getting older attributes is quite common | |||||
2010-04-27 | s4-repl: on a failed request, clear the current ptr | Andrew Tridgell | 1 | -0/+1 | |
this prevents the queue being stuck on failure | |||||
2010-04-27 | s4-repl: end repl request when not doing an UpdateRefs | Andrew Tridgell | 1 | -0/+2 | |
otherwise the queue is stuck forever | |||||
2010-04-27 | s4-repl: don't delete repsTo entry on DsReplicaSync | Andrew Tridgell | 1 | -46/+12 | |
we rely on the highestUSN counters instead. W2K8 does not resend DsUpdateRefs each time, and the WSPP docs do not indicate that repsTo should be deleted | |||||
2010-04-26 | s4: remove unused rap.h. | Günther Deschner | 1 | -358/+0 | |
Guenther | |||||
2010-04-26 | s4: fix some build warnings. | Günther Deschner | 3 | -5/+5 | |
Guenther | |||||
2010-04-26 | s4: use generated rap header. | Günther Deschner | 6 | -6/+6 | |
Guenther | |||||
2010-04-26 | s4: rename RAP share_enum_info to share_info. | Günther Deschner | 4 | -28/+28 | |
Guenther | |||||
2010-04-26 | s4-ddb: don't create partitions with the UNINSTANT flag set | Andrew Tridgell | 1 | -1/+14 | |
these partitions and not on the server we are replicating from. Also check for deleted partitions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-26 | s4-drs: allow getncchanges requests to non WRIT_REP partitions for extended ops | Andrew Tridgell | 1 | -1/+2 | |
Needed for RID allocation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-26 | s4-drs: don't send uninstantiated objects in getncchanges | Andrew Tridgell | 1 | -0/+5 | |
This includes deleted partitions Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-26 | s4-drepl: don't send an UpdateRefs unless its a plain replication | Andrew Tridgell | 1 | -1/+3 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-26 | s4-drs: make links to foreign partitions non-fatal | Andrew Tridgell | 1 | -8/+6 | |
DN links outside the set of partitions we are replication should be allowed. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-26 | s4-heimdalbuild: remove LIBNETIF dependency from HEIMDAL_GSSAPI | Andrew Tridgell | 1 | -1/+1 | |
this avoids the s3compat layer from getting duplicate interfaces code | |||||
2010-04-24 | s4 dns: Allow to specify static grant entries to be added to the dynamicaly ↵ | Matthieu Patou | 1 | -3/+17 | |
generated named.conf.update Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2010-04-24 | s4-smbd: Fix compiler warning in prefork smbd. | Tim Potter | 1 | -1/+1 | |
My first patch in a while... Tim. Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2010-04-23 | s4-smbtorture: skip tests when no local driver directory is around. | Günther Deschner | 1 | -0/+4 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: use server_name for all printerdriver delete and enum operations. | Günther Deschner | 1 | -12/+16 | |
With this s3 passes the RPC-PRINTER-DRIVER test. Guenther | |||||
2010-04-23 | s4-smbtorture: allow to upload or remove any file belonging to a driver. | Günther Deschner | 1 | -0/+30 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: fix test_EnumPrinterDrivers_findone(). | Günther Deschner | 1 | -8/+8 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: samba currently supports level 3 and 6 driver adds. | Günther Deschner | 1 | -0/+25 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: test both 32bit and 64bit driver uploads in RPC-SPOOLSS-DRIVER. | Günther Deschner | 1 | -61/+71 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: allow to upload and later remove printer driver files in ↵ | Günther Deschner | 1 | -0/+230 | |
RPC-SPOOLSS-DRIVER. Guenther | |||||
2010-04-23 | s4-smbtorture: add RPC-SPOOLSS-DRIVER test. | Günther Deschner | 2 | -0/+752 | |
Guenther | |||||
2010-04-23 | s4-smbtorture: rework EnumPrinterDrivers tests a bit. | Günther Deschner | 1 | -68/+119 | |
Guenther | |||||
2010-04-22 | s4:provision Remove moduleload for 'hdb' (wrong name). | Andrew Bartlett | 1 | -1/+0 | |
The backends are not normally modules anyway | |||||
2010-04-22 | s4-cldap: we should set the w2k8 flags even if not the PDC emulator | Andrew Tridgell | 1 | -3/+4 | |
these two tests are independent Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: validate RODC credentials via the user_sid | Andrew Tridgell | 1 | -27/+12 | |
This checks whether a replication client is a RODC by inclusion of the the DOMAIN_RID_ENTERPRISE_READONLY_DCS sid in the users token Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level | Andrew Tridgell | 13 | -37/+69 | |
This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-04-22 | s4-net: fixed two compiler warnings | Andrew Tridgell | 1 | -6/+4 | |
2010-04-22 | s4-torture: fixed a initialiser | Andrew Tridgell | 1 | -1/+1 | |
we were not initialising the whole array Pair-Programmed-With: Rusty Russell <rusty@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-libnet: fixed two compiler warnings | Andrew Tridgell | 1 | -3/+2 | |
2010-04-22 | s4-drs: removed dsdb_validate_client_flags() | Andrew Tridgell | 2 | -37/+0 | |
This test is in the wrong place. We end up validating our own flags. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-drs: only allow replication with the right invocationId | Andrew Tridgell | 1 | -1/+20 | |
Non-administrator replication checks the invocationId matches the sid of the user token being used Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-dsdb: removed an unused variable | Andrew Tridgell | 1 | -1/+0 | |
2010-04-22 | s4-dsdb: added dsdb_validate_invocation_id() | Andrew Tridgell | 1 | -0/+87 | |
this validates that a invocationID matches an account sid This will be used to ensure that we don't allow DRS replication from someone a non-DC or administrator Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-04-22 | s4-dsdb: added dsdb_get_extended_dn_sid() | Andrew Tridgell | 2 | -12/+34 | |
This will be used by the RODC code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> |