Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-01-13 | s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb() | Stefan Metzmacher | 1 | -1/+48 | |
metze | |||||
2010-01-13 | s4:dsdb/schema: add dsdb_syntax_BOOL_validate_ldb() | Stefan Metzmacher | 1 | -1/+30 | |
metze | |||||
2010-01-13 | s4:dsdb: add validate_update module | Stefan Metzmacher | 2 | -1/+130 | |
metze | |||||
2010-01-13 | s4:dsdb/schema: add inftrastructure for dsdb_validate_ldb() | Stefan Metzmacher | 2 | -0/+61 | |
metze | |||||
2010-01-13 | s4:dsdb/schema: add dsdb_syntax_DN_STRING_* wrappers | Stefan Metzmacher | 1 | -2/+30 | |
metze | |||||
2010-01-13 | s4:dsdb/resolve_oids: also resolve oid in search attribute list | Stefan Metzmacher | 1 | -4/+55 | |
metze | |||||
2010-01-13 | s4:dsdb/schema_load: add a TODO about schema reloading | Stefan Metzmacher | 1 | -1/+11 | |
metze | |||||
2010-01-13 | s4:ldb/tests: do a "schemaUpdateNow" after creating a new attribute in ↵ | Stefan Metzmacher | 1 | -0/+10 | |
ldap_schema.py It seems that windows doesn't need that. And we should think about a check for reloading the schema at the start of each "write" operation. metze | |||||
2010-01-13 | s4:dsdb/repl: reorder dreplsrv_op_notify* functions | Stefan Metzmacher | 1 | -53/+50 | |
This make the whole async dreplsrv_op_notify_send/recv() readable. metze | |||||
2010-01-13 | s4:dsdb/repl: change dreplsrv_op_notify_send/recv() to tevent_req | Stefan Metzmacher | 2 | -70/+74 | |
metze | |||||
2010-01-13 | s4:dsdb/common: fix major bug in lsa_BinaryString to ldb_val conversation. | Stefan Metzmacher | 1 | -2/+2 | |
In lsa_BinaryString length and size are byte counts! TODO: we may need to do byte order conversion in this functions too... metze | |||||
2010-01-13 | s4:ldb_msg: first try to decode integers as signed and then fallback to unsigned | Stefan Metzmacher | 1 | -0/+18 | |
LDAP only knowns about signed integers, so let ldb_msg_find_attr_as_uint() and ldb_msg_find_attr_as_uint64() cope with it. metze | |||||
2010-01-13 | s4:dsdb/common: let samdb_msg_add_uint() call samdb_msg_add_int() | Stefan Metzmacher | 1 | -2/+1 | |
This is important as LDAP servers always play with int32 values and we have to encode 0x80000000 as "-2147483648" instead of "2147483648". metze | |||||
2010-01-13 | s4:dsdb/common: let samdb_msg_add_uint64() call samdb_msg_add_int64() | Stefan Metzmacher | 1 | -2/+1 | |
This is important as LDAP servers always play with int64 values and we have to encode 0x8000000000000000LL as "-9223372036854775808" instead of "9223372036854775808". metze | |||||
2010-01-13 | s4:ldb: be more strict in parsing ldb time strings | Stefan Metzmacher | 1 | -4/+4 | |
metze | |||||
2010-01-13 | s4-ntp_signd: Migrate to tsocket. | Andreas Schneider | 2 | -132/+286 | |
Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2010-01-13 | Fixed a problem with incorrect default SD owner/group. | Nadezhda Ivanova | 1 | -1/+1 | |
2010-01-13 | Comparison tool for LDAP servers (using Ldb) | Zahari Zahariev | 2 | -0/+501 | |
This tool is integrated with Samba4 Ldb. It provides a useful output where you can find easy differences in objects or attributes within naming context (Domain, Configuration or Schema). Added functionality for two sets of credentials. | |||||
2010-01-12 | Strip trailing spaces | Simo Sorce | 2 | -82/+82 | |
2010-01-12 | s4-selftest: RPC-SAMR-PASSWORDS-BADPWDCOUNT fails against s4. | Günther Deschner | 1 | -0/+1 | |
Seems like account lockout is not implemented at all yet. Guenther | |||||
2010-01-12 | s4-smbtorture: fix GetAliasMembership test in RPC-SAMR. | Günther Deschner | 1 | -4/+6 | |
Guenther | |||||
2010-01-12 | s4-smbtorture: add RPC-SAMR-PASSWORDS-BADPWDCOUNT torture test. | Günther Deschner | 2 | -2/+489 | |
This test checks the behavior (since w2k3 sp1) of the badPwdCount samr attribute in relation to password history and successfull and unsucessful netlogon samlogons. Michael, please check. This should help verifiying Bug #4347. Guenther | |||||
2010-01-12 | s4-smbtorture: allow test_SamLogon to test interactive samlogon in RPC-SAMR ↵ | Günther Deschner | 1 | -34/+71 | |
family of tests. Guenther | |||||
2010-01-11 | Fix comment/debug messages | Simo Sorce | 1 | -4/+4 | |
2010-01-11 | Merge remote branch 'origin/master' into alpha11release | Andrew Bartlett | 3 | -47/+90 | |
2010-01-11 | and we move on towards Samba4 alpha12! | Andrew Bartlett | 1 | -2/+2 | |
2010-01-11 | This is Samba4 alpha11! | Andrew Bartlett | 1 | -1/+1 | |
2010-01-10 | s4/torture: Parameterize output in LOCK tests based off server support | Steven Danneman | 3 | -47/+90 | |
Two new torture parameters: * smbexit_pdu_support: if the Server supports the Exit command * range_not_locked_on_file_close: whether the server returns the NT_STATUS_RANGE_NOT_LOCKED error when a file is closed which has a pending lock request. Windows returns this error, though per the spec, this error should only be returned to an unlock request. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Import all essential groups for Windows ↵ | Andrew Tridgell | 1 | -113/+85 | |
Server 2008 mode" This reverts commit 5c174c68ccba7506147feab1d09ad676792139b3. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 ↵ | Andrew Tridgell | 1 | -0/+5 | |
for now" This reverts commit 61dfd3dc1dce2c0dd6693de80930af312ad3e39f. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Fix memberships regarding the denied ↵ | Andrew Tridgell | 1 | -8/+0 | |
password RODC replication group" This reverts commit 9ee895fcf6327b1c2f5ee09fa565bd62974e9c58. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-11 | Revert "s4:provision_users.ldif - Add objects for IIS" | Andrew Tridgell | 1 | -21/+0 | |
This reverts commit 91e210028790397996659116446e6add452707f6. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push. | |||||
2010-01-10 | s4:upgradeprovision - fix up the script regarding linked attributes | Matthias Dieter Wallnöfer | 1 | -12/+46 | |
We have to try to add new objects until between two iterations we didn't make any progress. Either we are then done (no objects remaining) or we are incapable to do this fully automatically. The latter can happen if important system objects (builtin groups, users...) moved (e.g. consider one of my recent comments). Then the new object can't be added if it contains the same "sAMAccountName" attribute as the old one. We have to let the user delete the old one (also to give him a chance to backup personal changes - if needed) and only then the script is capable to add the new one onto the right place. Make this clear with an exhaustive error output. I personally don't see a good way how to do this better for now so I would leave this as a manual step. | |||||
2010-01-10 | s4:upgradeprovision - Reformat comments | Matthias Dieter Wallnöfer | 1 | -28/+44 | |
Make them break at line 80 (better readability). | |||||
2010-01-10 | s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-01-10 | s4:provision_users.ldif - Add objects for IIS | Matthias Dieter Wallnöfer | 1 | -0/+21 | |
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too. | |||||
2010-01-10 | s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific | Matthias Dieter Wallnöfer | 1 | -0/+1 | |
2010-01-10 | s4:provision_users.ldif - Fix memberships regarding the denied password RODC ↵ | Matthias Dieter Wallnöfer | 1 | -0/+8 | |
replication group | |||||
2010-01-10 | s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
This belongs to the AD IIS stuff where I don't know yet if we should import it. | |||||
2010-01-10 | s4:provision_users.ldif - Import all essential groups for Windows Server ↵ | Matthias Dieter Wallnöfer | 1 | -85/+113 | |
2008 mode Additionally I had to fix some bugs (especially wrong "groupTypes") and reordered the objects using the SID (this is easier when enhancing the file). | |||||
2010-01-10 | s4-ldb: display security descriptors with correct SDL for known SIDs | Andrew Tridgell | 2 | -1/+7 | |
This makes it much easier to compare SDs | |||||
2010-01-10 | s4-dsdb: added samdb_domain_sid_cache_only() | Andrew Tridgell | 1 | -1/+8 | |
2010-01-09 | s4-drs: instanceType is always sent, regardless of UDV values | Andrew Tridgell | 1 | -4/+6 | |
2010-01-09 | s4-debug: lower the verbosity of a couple of common log messages | Andrew Tridgell | 2 | -2/+2 | |
2010-01-09 | s4-samldb: fixed primaryGroupID when promoting a machine to a DC | Andrew Tridgell | 1 | -17/+30 | |
The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done without changing the member attributes of its groups. | |||||
2010-01-09 | s4-schema: fixed the SDDL for the schema root security descriptor | Andrew Tridgell | 1 | -10/+14 | |
This was preventing a DCPROMO client from allowing outgoing replication | |||||
2010-01-09 | s4-drs: add a local UDV entry even when no replUpToDateVector present on NC | Andrew Tridgell | 1 | -3/+3 | |
This allows us to filter correctly for a NC that we have created but not pulled from anyone. | |||||
2010-01-09 | s4-drs: give DN of failed replication partition | Andrew Tridgell | 1 | -4/+5 | |
2010-01-09 | s4-drs: base is_nc_prefix on instanceType | Andrew Tridgell | 1 | -1/+3 | |
for extended operations comparing to the ncRoot_dn is not correct | |||||
2010-01-09 | s4-drs: having no SPNs to change is not an error | Andrew Tridgell | 1 | -0/+7 | |