| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When a attribute is marked unique we know that if we find a match
it will be the only possible match. This means that in a list of
subtrees connected by an &, it is best to first load the index values
for the unique entries, as if they find something then we know we
won't have to look any further.
This helps with searches like this:
(&(objectclass=user)(samaccountname=tridge))
the old code would first have loaded the very large index for the
objectclass=user attribute, and then loaded the single entry for
samaccountname=tridge. Now we load the samaccountname=tridge entry
first, notice that it gives us a single result, and stop, thereby
skipping the load of the objectclass=user index record completely.
|
|
These attributes now use the unique indexing flag
|
|
|
|
When a attribute is marked as LDB_ATTR_FLAG_UNIQUE_INDEX then attempts
to add a 2nd record that has the same attribute value for this
attribute as another record will fail.
This provides a much more efficient mechanism for ensuring that
attributes like objectGUID are unique
|
|
|
|
This fixes a bug where we would look at an uninitialised
dn->linearized
|
|
|
|
|
|
|
|
This is surely the wrong fix, but I could not figure out why the samba4 build
system adds the init function although the m4 macro had switched off the torture
libnetapi subsystem when the headers and libs were not found.
Can one of the samba4 build gurus please have a look ?
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
validation level 6.
Guenther
|
|
|
|
|
|
|
|
Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
|
|
Incorrectly added in 95eeef91d3ed7daf8e19029eadcc610caf26db63, and
found by OpenLDAP backend tests run by Theodor Chirana <office@adaptcom.ro>
Andrew Bartlett
|
|
|
|
|
|
|
|
as slow
|
|
|
|
By using SamLogonEx we avoid setting up the credentials chain for each
request.
(Needs to be pushed further up the stack, to only connect to NETLOGON once).
Andrew Bartlett
|
|
|
|
When looking at performance problems with ldb it can be useful to see
which searches causes unindexed full searches. This makes it easy to
enable that.
|
|
one-level indexing was not always effective due to some broken logic
in the indexing code. This change means that if normal indexing fails,
we can still fall back on one-level indexing.
This reduces the number of full unindexed searches in s4 quite a lot
|
|
|
|
|
|
|
|
It turns out (seen in MS-SAMR 3.1.1.7.1 for example) that the primary
way the krbtgt account is recognised as special is that RID. This
should fix issues such as 'password expired' on the kpasswd service.
Andrew Bartlett
|
|
The sheer volume of messages generated by tevent when the trace level is set to
10 makes it difficult to debug issues in a level 10 log. Increasing this to
50 allows tevent tracing to be enabled if needed, but otherwise keeps the extra
chatter out of a level 10 log.
|
|
|
|
|
|
metze
|
|
We need to loop over all given dialects and check
if we can find SMB2_DIALECT_REVISION_202.
metze
|
|
Also send them in the order a windows client would
send them (the lowest first).
metze
|
|
metze
|
|
fixed up from previous patch that removed the use of crossref records
|
|
|
|
Without this entry, opening the COM+ tab under the properties of an OU within
ADUC results in the following error:
"Unable to retrieve all user properties, 0x80072030"
|
|
Without these entries, using the 'Delegate Control' option in ADUC results in
the following error message in the Delegation of Control Wizard:
"The templates could not be applied. One or more of the templates is not
applicable. Click Back and select different templates, and then try again."
|
|
The classDisplayName attribute controls the actual text displayed to the user
for the top-level menus, so added it to the existing entries.
The attributeDisplayNames attribute contains both the text displayed to the
user and a mapping to the internal directory attribute name for the particular
field, so added these to the existing entries as well.
Added new entries as appropriate to properly complete all menus and labels
within ADUC.
|
|
A single AD server can only host a single domain, so don't stuff about
with looking up our crossRef record in the cn=Partitions container.
We instead trust that lp_realm() and lp_workgroup() works correctly.
Andrew Bartlett
|
|
File descriptor leaks only when we use file instead of stdout.
Found by cppcheck:
[./source3/torture/smbiconv.c:219]: (error) Resource leak: out
[./source4/torture/smbiconv.c:211]: (error) Resource leak: out
|
|
This rather simple test creates 4500 objects on a domain controller and checks
the enum calls for the correct number of results.
Guenther
|
|
Guenther
|
