summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2010-01-14s4-torture: switch smbtorture to the generic DRS optionsAndrew Tridgell1-4/+4
2010-01-14s4-drs: switch the DRS server to the generic DRS options flagsAndrew Tridgell2-8/+8
2010-01-14s4-torture: switch to generic DRS options flagsAndrew Tridgell1-3/+2
2010-01-14s4-drepl: switch drepl over to using the generic DRS options flagsAndrew Tridgell2-7/+5
WSPP uses a single set of flags for all these DRS operations.
2010-01-14s4-drs: Uses dsdb_load_partition_usn() with urgent_uSN in s4 codeFernando J V da Silva1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-14s4-drs: Store uSNUrgent for Urgent ReplicationFernando J V da Silva4-18/+121
When a object or attribute is created/updated/deleted, according to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED for the partitions that it belongs. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-01-13s4:dsdb: use validate_update moduleStefan Metzmacher1-0/+1
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_OID_validate_ldb()Stefan Metzmacher1-13/+50
This is a very heavy weight way of checking this syntax, but it's very complex and using the existing function should be ok for now. We can optimize it later. metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_DN_STRING_validate_ldb()Stefan Metzmacher1-1/+48
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_DN_BINARY_validate_ldb()Stefan Metzmacher1-2/+49
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_DN_validate_ldb()Stefan Metzmacher1-1/+139
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_PRESENTATION_ADDRESS_validate_ldb()Stefan Metzmacher1-1/+12
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_UNICODE_validate_ldb()Stefan Metzmacher1-1/+69
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_DATA_BLOB_validate_ldb()Stefan Metzmacher1-8/+61
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_NTTIME_validate_ldb()Stefan Metzmacher1-1/+37
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_NTTIME_UTC_validate_ldb()Stefan Metzmacher1-1/+49
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_INT64_validate_ldb()Stefan Metzmacher1-1/+47
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()Stefan Metzmacher1-1/+48
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb()Stefan Metzmacher1-1/+30
metze
2010-01-13s4:dsdb: add validate_update moduleStefan Metzmacher2-1/+130
metze
2010-01-13s4:dsdb/schema: add inftrastructure for dsdb_validate_ldb()Stefan Metzmacher2-0/+61
metze
2010-01-13s4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappersStefan Metzmacher1-2/+30
metze
2010-01-13s4:dsdb/resolve_oids: also resolve oid in search attribute listStefan Metzmacher1-4/+55
metze
2010-01-13s4:dsdb/schema_load: add a TODO about schema reloadingStefan Metzmacher1-1/+11
metze
2010-01-13s4:ldb/tests: do a "schemaUpdateNow" after creating a new attribute in ↵Stefan Metzmacher1-0/+10
ldap_schema.py It seems that windows doesn't need that. And we should think about a check for reloading the schema at the start of each "write" operation. metze
2010-01-13s4:dsdb/repl: reorder dreplsrv_op_notify* functionsStefan Metzmacher1-53/+50
This make the whole async dreplsrv_op_notify_send/recv() readable. metze
2010-01-13s4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_reqStefan Metzmacher2-70/+74
metze
2010-01-13s4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation.Stefan Metzmacher1-2/+2
In lsa_BinaryString length and size are byte counts! TODO: we may need to do byte order conversion in this functions too... metze
2010-01-13s4:ldb_msg: first try to decode integers as signed and then fallback to unsignedStefan Metzmacher1-0/+18
LDAP only knowns about signed integers, so let ldb_msg_find_attr_as_uint() and ldb_msg_find_attr_as_uint64() cope with it. metze
2010-01-13s4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int()Stefan Metzmacher1-2/+1
This is important as LDAP servers always play with int32 values and we have to encode 0x80000000 as "-2147483648" instead of "2147483648". metze
2010-01-13s4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64()Stefan Metzmacher1-2/+1
This is important as LDAP servers always play with int64 values and we have to encode 0x8000000000000000LL as "-9223372036854775808" instead of "9223372036854775808". metze
2010-01-13s4:ldb: be more strict in parsing ldb time stringsStefan Metzmacher1-4/+4
metze
2010-01-13s4-ntp_signd: Migrate to tsocket.Andreas Schneider2-132/+286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-13Fixed a problem with incorrect default SD owner/group.Nadezhda Ivanova1-1/+1
2010-01-13Comparison tool for LDAP servers (using Ldb)Zahari Zahariev2-0/+501
This tool is integrated with Samba4 Ldb. It provides a useful output where you can find easy differences in objects or attributes within naming context (Domain, Configuration or Schema). Added functionality for two sets of credentials.
2010-01-12Strip trailing spacesSimo Sorce2-82/+82
2010-01-12s4-selftest: RPC-SAMR-PASSWORDS-BADPWDCOUNT fails against s4.Günther Deschner1-0/+1
Seems like account lockout is not implemented at all yet. Guenther
2010-01-12s4-smbtorture: fix GetAliasMembership test in RPC-SAMR.Günther Deschner1-4/+6
Guenther
2010-01-12s4-smbtorture: add RPC-SAMR-PASSWORDS-BADPWDCOUNT torture test.Günther Deschner2-2/+489
This test checks the behavior (since w2k3 sp1) of the badPwdCount samr attribute in relation to password history and successfull and unsucessful netlogon samlogons. Michael, please check. This should help verifiying Bug #4347. Guenther
2010-01-12s4-smbtorture: allow test_SamLogon to test interactive samlogon in RPC-SAMR ↵Günther Deschner1-34/+71
family of tests. Guenther
2010-01-11Fix comment/debug messagesSimo Sorce1-4/+4
2010-01-11Merge remote branch 'origin/master' into alpha11releaseAndrew Bartlett3-47/+90
2010-01-11and we move on towards Samba4 alpha12!Andrew Bartlett1-2/+2
2010-01-11This is Samba4 alpha11!Andrew Bartlett1-1/+1
2010-01-10s4/torture: Parameterize output in LOCK tests based off server supportSteven Danneman3-47/+90
Two new torture parameters: * smbexit_pdu_support: if the Server supports the Exit command * range_not_locked_on_file_close: whether the server returns the NT_STATUS_RANGE_NOT_LOCKED error when a file is closed which has a pending lock request. Windows returns this error, though per the spec, this error should only be returned to an unlock request.
2010-01-11Revert "s4:provision_users.ldif - Import all essential groups for Windows ↵Andrew Tridgell1-113/+85
Server 2008 mode" This reverts commit 5c174c68ccba7506147feab1d09ad676792139b3. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 ↵Andrew Tridgell1-0/+5
for now" This reverts commit 61dfd3dc1dce2c0dd6693de80930af312ad3e39f. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Fix memberships regarding the denied ↵Andrew Tridgell1-8/+0
password RODC replication group" This reverts commit 9ee895fcf6327b1c2f5ee09fa565bd62974e9c58. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Add objects for IIS"Andrew Tridgell1-21/+0
This reverts commit 91e210028790397996659116446e6add452707f6. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-10s4:upgradeprovision - fix up the script regarding linked attributesMatthias Dieter Wallnöfer1-12/+46
We have to try to add new objects until between two iterations we didn't make any progress. Either we are then done (no objects remaining) or we are incapable to do this fully automatically. The latter can happen if important system objects (builtin groups, users...) moved (e.g. consider one of my recent comments). Then the new object can't be added if it contains the same "sAMAccountName" attribute as the old one. We have to let the user delete the old one (also to give him a chance to backup personal changes - if needed) and only then the script is capable to add the new one onto the right place. Make this clear with an exhaustive error output. I personally don't see a good way how to do this better for now so I would leave this as a manual step.