summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-09-20s4:dsdb/common/util - Check for the right forest/domain function levelMatthias Dieter Wallnöfer1-0/+57
This adds a function which performs the check for the supported forest and domain function levels. On an unsuccessful result a textual error message can be created (parameter "errmsg" != NULL) which gives hints for the user to help him fixing the issue.
2009-09-20s4:server.c - add linespace (only cosmetic)Matthias Dieter Wallnöfer1-1/+2
2009-09-20s4:domainlevel - fixed another errorMatthias Dieter Wallnöfer1-26/+9
The second "nTMixedDomain" attribute (under Partitions/Domain-DN) is only a copy of the one under the directory root object. Therefore there doesn't exist the "Windows 2000 Mixed" forest level.
2009-09-20Fixed a difference in domain sid type when SID is provided by user.Nadezhda Ivanova1-1/+4
2009-09-20s4:ldb_parse - Fix the type of an array entryMatthias Dieter Wallnöfer1-1/+1
I found this through a compile warning. Hope that I got this right.
2009-09-20s4:provision_configuration - fix "sPNMappings"Matthias Dieter Wallnöfer1-2/+1
I reread some docs about this attributes and it seems that this as mapping attribute isn't host specific but in common for the whole domain. To allow Windows DCs to join our s4 domain sooner or later we have to provide the full attribute.
2009-09-20s4:domainlevel - further improvementsMatthias Dieter Wallnöfer1-9/+50
- The tool displays now also mixed/interim domain levels and warns about them (s4 isn't capable to run on them) - But it allows now also to raise/step-up from them - It displays now also levels higher than 2008 R2 (altough we don't support them yet) but to be able to get a correct output
2009-09-20s4:provision: add the 'resolve_oids' on the top of the module stackStefan Metzmacher1-1/+2
metze
2009-09-20dsdb/samdb: add resolve_oids moduleStefan Metzmacher2-0/+438
Windows Servers allow OID strings to be used instead of attribute/class names. For now we only resolve the OIDs in the search expressions, the rest will follow. metze
2009-09-20s4:build: require ldb 0.9.7Stefan Metzmacher1-1/+1
metze
2009-09-20s4:ldb: add ldb_parse_tree_copy_shallow() and change version to 0.9.7Stefan Metzmacher3-1/+65
metze
2009-09-19s4-auth: add SID_NT_ENTERPRISE_DCS is a server trust accountAndrew Tridgell1-1/+13
2009-09-19s4-drs: security checking on DRS needs to default to onAndrew Tridgell1-1/+2
2009-09-19s4-ldb: display an error if we can't decode a NDR blobAndrew Tridgell1-1/+3
2009-09-19s4-repl: need param.h for lp_parm_boolAndrew Tridgell1-0/+1
2009-09-19Handle dsdb_class_by_lDAPDisplayName returned values in schema_inferiors.cAnatoliy Atanasov1-0/+8
2009-09-19Move replmd_drsuapi_DsReplicaCursor2_compare to a common place.Anatoliy Atanasov3-14/+8
2009-09-19Add drs_security_level_check for dcesrv calls security checksAnatoliy Atanasov6-20/+36
There is also an option to disable the security check by specifying in the smb.conf file: drs:disable_sec_check = true
2009-09-20s4:provision_basedn_modify - fix the "auditPolicy" attributeMatthias Dieter Wallnöfer1-1/+2
I had to think about how to encode the string 0x0001 (taken from Windows Server). The problem is due to the "0" byte at the beginning of it. BASE64 encoding seems a good method to do it.
2009-09-19s4:utils Remove typo...Andrew Bartlett1-1/+0
2009-09-19s4:dsdb Print the partition we failed to suggest replication forAndrew Bartlett1-1/+2
2009-09-19s4:utils Explian fix for testparm -vAndrew Bartlett1-2/+6
The problem here was that we take an address of a bool, and then (via a void*) cast it to a int *, so put this in a comment. Andrew Bartlett
2009-09-19s4-ldb: bump minimum version in ldb tooAndrew Tridgell1-1/+1
2009-09-19more include minimisationAndrew Tridgell12-41/+0
2009-09-19tdb: increase minor versionAndrew Tridgell1-1/+1
we depend on reads in transactions for s4 replication
2009-09-19s4-smbd: removed unnecessary includesAndrew Tridgell5-11/+0
2009-09-19s4-scripts: make minimal_includes handle our -I overridesAndrew Tridgell1-10/+20
2009-09-19s4-smbd: minimise includes in smbd/ and smb_serverAndrew Tridgell21-40/+0
2009-09-19s4-testparm: fixed -v optionAndrew Tridgell1-1/+1
never pass a bool pointer to popt
2009-09-19s4-rpc_server: removed remaining unnecessary #includesAndrew Tridgell4-5/+2
2009-09-19s4-rpc: remove some unnecessary #include linesAndrew Tridgell4-8/+0
I should remember to run script/minimal_includes.pl more often
2009-09-19s4:samdb.py - further reworkMatthias Dieter Wallnöfer1-12/+9
- I added a comment to the "new user" operation to point out that this works only on s4, since we add also ID mapping entries for winbind there - The "new user" operation adds now the password through the "set password" operation which I find better due to the re-use principle - Remove the word "DC" after "SAMBA 4" in the comment over the "set password" operation since this note and operation applies also to s4 in standalone mode
2009-09-19s4-netlogon: implement dcesrv_netr_DsRAddressToSitenamesExWAndrew Tridgell1-2/+24
We don't implement sites properly at the moment so we just return Default-First-Site-Name
2009-09-19s4-resolve: fixed a crash bug on timeoutAndrew Tridgell9-11/+13
We were creating the name resolution context as a child of lp_ctx, which meant when we gave up on a connection the timer on name resolution kept running, and when it timed out the callback crashed as the socket was already removed.
2009-09-18s4-pipes: convert pipe names to lowercase and validateAndrew Tridgell1-0/+19
clients may provide arbitrary names, but we only want lowercase alnum names
2009-09-18s4-server: kill main daemon if a task fails to initialiseAndrew Tridgell25-77/+159
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state.
2009-09-18s4-kdc: ignore unknown keytypes Andrew Tridgell1-0/+6
don't fail hdb operations if one of the key types is unknown
2009-09-18s4-drs: cope with dupliate linked attributesAndrew Tridgell1-1/+41
With a w2k8-R2 DC, we sometimes get linked attribute updates via DRS which are duplicates of entries that we already have. We need to cope with this by using a remove/add pair in the ldb_modify() to avoid a "entry already exists" error
2009-09-18s4:provision_configuration - "sPNMappings": "http" missed on regenerationMatthias Dieter Wallnöfer1-1/+1
2009-09-18s4/provision_configuration - re-add the "sPNMappings"Matthias Dieter Wallnöfer1-0/+3
Accidentally removed by a previous commit.
2009-09-18s4:scripts - Cleans also the rest under the "setup" directory upMatthias Dieter Wallnöfer3-30/+43
- I removed also the "-H" parameter since those scripts are all thought for the use on a local s4 domain controller. Another reason is also the bind as SYSTEM account which itself is only possible on local binds.
2009-09-18s4:various scripts under "setup" - UnificationMatthias Dieter Wallnöfer4-73/+74
- This unified the shape of those four scripts (comments, command sequence, call of SamDB) - To consider the samdb.py changes regarding the filter: there is now always the possibility either to specify the username or the search filter
2009-09-18s4:domainlevel/pwsettings - Remove unused importMatthias Dieter Wallnöfer2-2/+0
2009-09-18s4:samdb.py - Unification of the interfacesMatthias Dieter Wallnöfer2-38/+54
- When a user account is requested by a call always the search filter will be passed as argument. This helps us to unify the API - Add/fix some comments; in particular new comments inform the developer which requirements exist if he wants to use calls which manipulate the "userPassword" attribute (On s4 no problem - but on certain domain levels on Windows Server)
2009-09-18s4:minschema/fullschema - add correct header commentsMatthias Dieter Wallnöfer2-2/+2
2009-09-18s4:rpc_server: remove some now unused codeStefan Metzmacher2-199/+0
metze
2009-09-18s4:ntvfs_ipc: add real named pipe supportStefan Metzmacher2-236/+652
We now open a named via the named_pipe_auth code and process IO via the tstream interface. This means we support byte mode and message mode named pipes. We also correctly issue NT_STATUS_PIPE_BUSY when a smb_trans request comes in and a read or smb_trans is already pending. We also have support for async dcerpc over ncacn_np now, and we now can remove the ncacn_np specific hacks from the rpc_server/ code. metze
2009-09-18s4:torture: the spoolss notify test should listen on the ncacn_np endpointStefan Metzmacher1-0/+20
metze
2009-09-18s4:rpc_server: export dcesrv_add_ep() so that torture tests can use itStefan Metzmacher2-5/+9
metze
2009-09-18s4:service_named_pipe: accept delegated credentialsStefan Metzmacher2-3/+101
metze