Age | Commit message (Collapse) | Author | Files | Lines |
|
objectClass to a user
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This is done by sorting the classes by subClass_order, which will
check if the last structural class is valid to add (in
objectclass_do_add instead checking the last class in the list).
They were being sorted by building a class tree, and adding the
classes to the list in that order. However, AUX classes usually don't
fit into that tree, so LDB_ERR_OBJECT_CLASS_VIOLATION was returned. I
have changed the behavior to sort the classes by subClass_order
instead.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
user.
Makes sure samAccountName has been specified before adding a
user. This happened while I was trying to add a user with the
posixAccount objectclass. I forgot to specify the user objectClass,
and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
It can now also be used by objectclass.c
get_last_structural_class now ignores AUX classes, because they are
not structural
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Check to see if there were any messages passed to acl_modify before
debugging the first one. I think I caused this by some malformed
LDIF.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
The problem here is that as we start to get 'real users' they still
decide to do silly things, like load empty but existing smb.conf
files. Let's give them a better chance to discover what they did
wrong.
Andrew Bartlett
|
|
different from the base file
|
|
stream with an open handle
A normal file overwrite in this case would return NT_STATUS_ACCESS_DENIED,
but if a stream is the target NT_STATUS_INVALID_PARAMETER is returned.
|
|
the check.
|
|
|
|
|
|
They won't work when the LDB change is done using "samdb_replace"
(consider "samr_password.c" functions).
I think this has been a relict which has been useful before the "password_hash"
module existed. Basically it itself does now the updates.
|
|
It returns NT_STATUS_INTERNAL_DB_CORRUPTION for unknown sids and I could not
figure out why.
Guenther
|
|
If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with
the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights
to an account over itself.
|
|
Guenther
|
|
There is no reason to have the message non-const here.
|
|
Guenther
|
|
pvfs can be NULL if the directory a share points to does not exist. In
this case, there would be no open files, so it is safe to just return
from the function.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
metze
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
removing a control means it can't be seen by any other modules, which
is usually not what is wanted. Better to just mark it non-critical,
which means anyone else who wants to look at it can, but if nobody
does its not an error.
|
|
|
|
For controls that need to be seen by more than one module, it is best
to just mark them non-critical when handled, instead of removing
them. Otherwise lower modules can't see them.
In this case we want the operational module to see the SD_FLAGS
control
|
|
It isn't very useful just saying that a control is not supported,
without saying which one is the problem
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when a prepare commit fails, we need to give a cancel to all modules,
not a commit!
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this adds the SHOW_DEACTIVATED_LINK control
|
|
This is based on the code from Eduardo Lima <eduardoll@gmail.com>, but
uses the new helper functions added in the last couple of commits
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is based on the function of the same name from Eduardo Lima
<eduardoll@gmail.com>, but using ldb_dn_compare, to give us
comparisons consistent with what the rest of the code uses.
We will use this function in combination with dsdb_wellknown_dn() to
find the Deleted Objects container for any object.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This finds a wellknown object given its GUID
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This will be used by the replmd_delete() code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is used to do a sync modify in a module
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
needs to ask for the DN in storage format, plus fix compilation errors
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This function will be used for non-search controls, like relax
|
|
This finds a DN given a GUID, searching below the current module in
the module stack.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This also moves the check to before we parse the DN, which saves some
unnecessary work
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is used to determine if a extedned DN has the 'DELETED=1'
component
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
bug 6989 is a rare crash that has occurred in production. My best
guess as to the cause is the talloc_free() not being specific enough
as to which parent needs to be freed.
|
|
- Reorder them as specified in "operational.c"
- Add also the lan manager hash password attribute
|
|
Guenther
|
|
|
|
|
|
|
|
Signed-off-by: Tim Prouty <tprouty@samba.org>
|