Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-06-15 | s4:dsdb Move linked attribute restrictions to objectclass_attrs | Andrew Bartlett | 1 | -0/+9 | |
This puts more of the schema restrictions in one place. Andrew Bartlett | |||||
2010-06-15 | s4:dsdb Add const to dsdb_dn functions that operate on an ldb_val. | Andrew Bartlett | 1 | -2/+2 | |
Andrew Bartlett | |||||
2010-06-15 | s4:selftest Remove becomedc tests from knownfail, these should now pass | Andrew Bartlett | 1 | -1/+0 | |
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Rework the vampire schema handling to convert 3 times. | Andrew Bartlett | 1 | -57/+117 | |
This seems like a lot of duplicate work, but by the end we should have, in normal LDB format, the remote DRS schema, having bootstrapped it with the locally loaded schema. The multiple steps are to resolve the problems with references to schema items that we don't 'yet' know about. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:provision Allow a specific prefix map to be loaded into a new schema ↵ | Andrew Bartlett | 5 | -6/+37 | |
provision This allows the prefixMap from a DRS server to be used when loading the schema from the local files. This helps us then import other schema with this map in place. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Keep the DRS-based prefix map for use in provision-based schema | Andrew Bartlett | 1 | -2/+13 | |
We need to use the remote prefix map for the provision schema, or else we can't decode new, non-standard attributes into OIDs. Then once we decode that schema, we can try again and get them properly translated. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Allow the setting an override on the schema | Andrew Bartlett | 3 | -6/+27 | |
The change here is to try and convert a per the previous rules, but if we don't know a particular OID as a attributeID, then store it as an OID (for example). This allows known values to be converted as before, but still copes with unknown values. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:dsdb Use the schema from our local provision to decode the schema | Andrew Bartlett | 2 | -445/+40 | |
This works on the assumption that the schema partition can only contain schema objects. We may need to pass down some kind of 'relax' to the DRS -> LDB conversion code, so that it allows incomplete conversions, so that we don't fail if a new attribute is present, and we can't decode it. This would then be resolved the second time we do the conversion. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:torture Rework NET-API-BECOMEDC test to use libnet_vampire callbacks. | Andrew Bartlett | 1 | -582/+59 | |
The libnet_vampire code was derived from this code in the first place, but has continued to evolve, while this code has often bitrotted. This avoids the needless duplication of the callbacks, while keeping the toture wrapper. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:libnet Steal ldb and lp_ctx from python result into correct structures. | Andrew Bartlett | 1 | -2/+2 | |
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-15 | s4:libnet Make the libnet_vampire default callbacks non-static | Andrew Bartlett | 2 | -40/+71 | |
These are intended to be called from the NET-API-BECOMEDC torture test to avoid duplication of code. Andrew Bartlett Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> | |||||
2010-06-14 | s4 torture: RAW-WRITE should check lockread_supported | Zachary Loafman | 1 | -0/+5 | |
Signed-off-by: Tim Prouty <tprouty@samba.org> | |||||
2010-06-14 | s4:Descriptor tests clean-up. | Nadezhda Ivanova | 1 | -153/+67 | |
A bit of refactoring and modified the tests to use encrypted connection so that they pass against Windows unconditionally. | |||||
2010-06-14 | s4:provision: Make gc._msdcs DNS entries A/AAAA records | Andrew Kroeger | 2 | -1/+8 | |
When adding an additional DC as a GC server, the new DC attempts to register its own gc._msdcs records. If the existing gc._msdcs record is a CNAME, BIND fails the update with the message "attempt to add non-CNAME alongside CNAME ignored", and the new DC is not registered as a GC server. The A & AAAA record types for gc._msdcs have been verified against the DNS server of a W2K8 DC. | |||||
2010-06-14 | s4:SAMR server - cosmetic fix | Matthias Dieter Wallnöfer | 1 | -1/+2 | |
2010-06-14 | s4:SAMR server - on alias search operations do never use the domain DN as ↵ | Matthias Dieter Wallnöfer | 1 | -10/+7 | |
base dn Aliases (especially in the "builtin" domain) are often domain-independant. | |||||
2010-06-13 | librpc: Install the right headers. | Jelmer Vernooij | 1 | -2/+2 | |
2010-06-13 | Support system talloc/tevent headers. | Jelmer Vernooij | 1 | -2/+2 | |
2010-06-13 | librpc: Fix netlogon.h file to install - not the torture one but the one | Jelmer Vernooij | 1 | -1/+1 | |
generated by pidl. | |||||
2010-06-13 | param/share: Use static prototypes. | Jelmer Vernooij | 2 | -2/+15 | |
2010-06-13 | s4:fix allocated control OIDs for "password_hash" LDB module | Matthias Dieter Wallnöfer | 2 | -6/+8 | |
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date. | |||||
2010-06-13 | s4-provision: Use logger in provision backends. | Jelmer Vernooij | 2 | -42/+38 | |
2010-06-13 | s4-test: Use smb.conf path set in environment rather than using | Jelmer Vernooij | 9 | -43/+47 | |
command-line options. This is the first step towards supporting custom test runners. | |||||
2010-06-13 | Remove unused version options for subunitrun. | Jelmer Vernooij | 1 | -1/+0 | |
2010-06-13 | Friendlier message. | Jelmer Vernooij | 1 | -2/+2 | |
2010-06-13 | upgradeprovision: Use logging infrastructure. | Jelmer Vernooij | 3 | -25/+32 | |
2010-06-13 | upgrade: Properly cancel/commit transactions in a couple more places. | Jelmer Vernooij | 2 | -123/+136 | |
2010-06-13 | s4-python: Start using standard python logging infrastructure rather | Jelmer Vernooij | 7 | -105/+108 | |
than simple messaging callbacks. | |||||
2010-06-12 | s4:dcesrv_samr_GetGroupsForUser - return error code if a SID wasn't found | Matthias Dieter Wallnöfer | 1 | -2/+1 | |
This shouldn't happen since SIDs are mandatory for security objects | |||||
2010-06-12 | s4:dcesrv_samr_QueryGroupMember/GetMembersInAlias - unify the structure | Matthias Dieter Wallnöfer | 1 | -30/+32 | |
Mostly cosmetic fixes | |||||
2010-06-12 | s4:password_hash LDB module - this does really deactivate the MS LAN manager ↵ | Matthias Dieter Wallnöfer | 1 | -5/+9 | |
hash Previously, only the conversion from cleartext to the LM hash was deactivated, and not when the user specified it directly through "dBCSPwd". | |||||
2010-06-12 | s4:password_hash LDB module - fix comment | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-06-12 | s4:torture - SAMR testsuite - now we do support "GetAliasMembership" as expected | Matthias Dieter Wallnöfer | 1 | -4/+0 | |
2010-06-12 | s4:dcesrv_samr_GetAliasMembership - provide a correct implementation | Matthias Dieter Wallnöfer | 1 | -31/+31 | |
We could also have no valid SID specified at all and also then we have to return an empty array with "NT_STATUS_OK". This shows the torture testsuite. | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainGroups/Aliases - when we don't get a SID then the ↵ | Matthias Dieter Wallnöfer | 1 | -4/+6 | |
database is corrupted Group/User/Alias entries do always have a SID (it's a mandatory attribute in the SAM directory)! | |||||
2010-06-12 | s4:dcesrv_samr_QueryAliasInfo - return "NT_STATUS_NO_SUCH_ALIAS" when it ↵ | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
wasn't found | |||||
2010-06-12 | s4:dcesrv_samr_QueryGroupInfo - make it more like "QueryAliasInfo" | Matthias Dieter Wallnöfer | 1 | -14/+7 | |
2010-06-12 | s4:dcesrv_samr_QueryUserInfo - minor fixes | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
Return "NT_STATUS_NO_SUCH_USER" when user account doesn't exist. | |||||
2010-06-12 | s4:dcesrv_samr_QueryDomainInfo - allocate the "info" structure only when ↵ | Matthias Dieter Wallnöfer | 1 | -7/+9 | |
really needed That means the allocation should move after the lookup (as it is on "QueryUserInfo"). Return "NT_STATUS_NO_SUCH_DOMAIN" on an invalid domain. | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainGroups - mostly small fixes | Matthias Dieter Wallnöfer | 1 | -3/+7 | |
2010-06-12 | s4:dcesrv_samr_EnumDomainAliases - return an empty array also when no entry ↵ | Matthias Dieter Wallnöfer | 1 | -3/+0 | |
was returned | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainAliases - mostly small fixes | Matthias Dieter Wallnöfer | 1 | -7/+10 | |
The biggest change consists in the implementation of the Windows Server return size formula MIN(*r->out.num_entries, 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER). | |||||
2010-06-12 | s4:dcesrv_samr_EnumDomainUsers - make this call look more similar to ↵ | Matthias Dieter Wallnöfer | 1 | -23/+28 | |
"EnumDomainGroups" and "EnumDomainAliases" That means that the lookup is now also done by "samdb_search_domain" to be more consistent. | |||||
2010-06-12 | s4:ldif_read_prefixMap - don't cause memory leaks on error conditions | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-06-12 | s4:dsdb Allow calling dsdb_convert_object_ex() directly | Andrew Bartlett | 1 | -6/+6 | |
This will allow the libnet_vampire code to manually convert individual schema objects. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Add debug | Andrew Bartlett | 1 | -0/+1 | |
2010-06-12 | s4:dsdb Simplfy match of objectclass in dsdb_schema_set_el_from_ldb_msg | Andrew Bartlett | 1 | -17/+4 | |
There is no need to do a full ldb_match_msg() for a simple case insensitive string. Andrew Bartlett | |||||
2010-06-12 | s4:provision Allow both additional and override prefixmaps in Schema | Andrew Bartlett | 2 | -5/+8 | |
The idea here is to allow some callers to specify a new prefixMap that will override the values loaded from the prefixMap.txt. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Allow a binary prefix map to be specified in the LDIF | Andrew Bartlett | 1 | -0/+14 | |
This allows it to be specified in either binary or as a string. Andrew Bartlett | |||||
2010-06-12 | s4:dsdb Provide a function to convert from DRS prefix maps to the LDB prefixmap | Andrew Bartlett | 1 | -12/+21 | |
This allows us to push a prefixmap directly into the schema we generate in the provision code. Andrew Bartlett |