summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2010-11-03s4-ldb: expose some more ldb module functionsAndrew Tridgell7-22/+383
this exposes enough functions for s4 to not need ldb_private.h any more.
2010-11-02s4-selftest Run RPC-PAC against all the DC environments.Andrew Bartlett1-1/+3
This is important, as it will validate that the PAC handling is correct with the different encryption types. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Nov 2 11:45:50 UTC 2010 on sn-devel-104
2010-11-02s4-process_model Fix valgrind-found use of un-initialised variableAndrew Bartlett1-0/+1
The relloc didn't zero the structure for the new process modal, and so m->initialised wasn't initialised. Andrew Bartlett
2010-11-02s4-torture Add tests for DES-only accounts PAC behaviour/validation.Andrew Bartlett3-3/+83
Previously we didn't support DES-only in a Samba4 domain. This is important for some legacy systems that have not yet migrated from this weak crypto. Andrew Bartlett
2010-11-02heimdal Add handling for PAC signatures over all encryption typesAndrew Bartlett2-24/+89
There are exceptions from the expected behaviour of 'checksum type matches key type' that we must deal with here, or else we can't serve DES-only servers. Andrew Bartlett
2010-11-01s4-torture Remove torture/locktest2.c (no longer compiled and unused)Andrew Bartlett1-578/+0
This is a left-over of a speculative approach to lock testing that didn't go anywhere. Andrew Bartlett
2010-11-01s4-ldb: removed ldb_includes.hAndrew Tridgell19-29/+54
it causes problems with the openchange build as it is not installed Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 1 21:49:47 UTC 2010 on sn-devel-104
2010-11-01s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothingMatthias Dieter Wallnöfer2-2/+29
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 1 14:36:24 UTC 2010 on sn-devel-104
2010-11-01s4:sam.py - additional testing for "servicePrincipalName" updatesMatthias Dieter Wallnöfer1-12/+207
2010-11-01s4:samldb LDB module - support now the full "servicePrincipalName" update ↵Matthias Dieter Wallnöfer1-30/+96
trigger With "dNSHostName" and/or "sAMAccountName" updates
2010-11-01s4:samldb LDB module - "sAMAccountName" checkerMatthias Dieter Wallnöfer1-2/+2
We need a "talloc_steal" for the retrieved "sAMAccountName" since the memory is afterwards freed using the "talloc_free" call.
2010-11-01s4-ldb: use ldb_set_modules_dir() to load additional ldb modulesAndrew Tridgell2-8/+12
this allows ldb_wrap to enable s4 modules in a standalone ldb install without any additional installation Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 1 13:47:33 UTC 2010 on sn-devel-104
2010-11-01s4-ldb: enable version checking in dsdb ldb modulesAndrew Tridgell40-3/+44
2010-11-01s4-ldb: enable ldb module version checkingAndrew Tridgell10-6/+20
2010-11-01s4-ldb: added support for ldb module version checkingAndrew Tridgell2-2/+11
2010-11-01s4:setup/spn_update_list - the DNS SPN is only used in DNS modeMatthias Dieter Wallnöfer1-1/+3
Not all DCs are automatically DNS servers. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 1 12:20:36 UTC 2010 on sn-devel-104
2010-11-01s4:ldap.py/sam.py - simplify the objectclass specificationsMatthias Dieter Wallnöfer2-39/+39
- For user accounts we only need to specify "user" ("person" is an inherited objectclass) - Don't use the brackets when we have only one objectclass specified
2010-11-01s4:sam.py - test "objectSid" modification lockdownMatthias Dieter Wallnöfer1-0/+28
2010-11-01s4:samldb LDB module - unify objectSid assignment error messagesMatthias Dieter Wallnöfer1-3/+2
2010-11-01s4:samldb LDB module - deny "objectSid" modificationsMatthias Dieter Wallnöfer1-0/+7
The same as with Windows
2010-11-01s4:provision - adapt the "provision" so that SIDs are only set on entry creationMatthias Dieter Wallnöfer3-11/+5
SID modifications are denied.
2010-11-01s4:torture - suppress printf "%llu" on uint64_t variables warningsMatthias Dieter Wallnöfer4-29/+34
The signed/unsignedness does match (always unsigned). The bitlength (64 bit) on all regular platforms does also. Therefore simply add a cast to "unsigned long long".
2010-11-01ldb:tools/ldbtest.c - fix build warningMatthias Dieter Wallnöfer2-2/+3
Cause was an incomplete declaration.
2010-11-01s4-ldb: fixed build of paged searchesAndrew Tridgell1-1/+1
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 1 09:41:27 UTC 2010 on sn-devel-104
2010-11-01s4-ldb: fixed build of oLschema2ldifAndrew Tridgell1-1/+1
2010-11-01s4-ldb: convert existing ldb tools to use new command line hooksAndrew Tridgell8-76/+29
the usage() function needs to take a ldb context, as the popt_options is specific to the ldb context Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-01s4-ldb: added ldb command line hook supportAndrew Tridgell5-65/+273
ldb modules can now add hooks to the command line processing for ldb tools Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-01s4-ldb: added samba_extensions ldb moduleAndrew Tridgell2-0/+137
this module hooks into the ldb command line processing, to add extra command line options and initialisation of samba4 internal subsystems such as gensec Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-01s4-ldb: moved the ldb_ildap backend into lib/ldb-sambaAndrew Tridgell1-1/+1
this backend is samba4 specific
2010-11-01s4-ldb: added support for general ldb hooks in modulesAndrew Tridgell2-12/+65
this allows a ldb module to register a hook function called at various stages of processing. It will be initially used for ldb command line hooks, but should work generally. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-01s4-ldb: added an override flag to ldb_register_backend()Andrew Tridgell4-30/+33
this will be used to allow a system ldb build with an ldb backend to have its ldap handler overridden by the s4 one
2010-11-01s4-ldb: it is not an error for the modules directory to not existAndrew Tridgell1-0/+5
2010-11-01s4-modules: get rid of the remaining static prototypes for modulesAndrew Tridgell11-88/+22
the waf build now generates the prototype declarations for us
2010-11-01s4-dsdb: convert the rest of the ldb modules to the new module typeAndrew Tridgell42-79/+306
2010-11-01s4-test: we don't need to set LDB_MODULES_PATH any moreAndrew Tridgell3-5/+0
2010-11-01s4-ldb: removed the old ldb module loading styleAndrew Tridgell2-158/+34
this gets rid of some particularly obscure cpp macros for module lists
2010-11-01s4-ldb: convert the rest of the ldb modules to the new styleAndrew Tridgell9-22/+66
2010-11-01s4-process_model: use the static module prototypingAndrew Tridgell1-15/+14
remove the manual prototyping of static init functions
2010-11-01s4-dsdb: convert the simple_ldap_map module to the new module styleAndrew Tridgell2-9/+26
2010-11-01s4-dsdb: convert the extended_dn_out module to the new ldb module styleAndrew Tridgell2-10/+31
2010-11-01s4-ldb: convert the openldap ldb backend to the new style of moduleAndrew Tridgell2-16/+18
2010-11-01s4-ldb: convert the ildap module to the new type of ldb moduleAndrew Tridgell2-17/+17
this gets rid of the module aliases, which caused issues on some systems (eg. gentoo).
2010-11-01s4-ldb: support a new type of ldb module loadingAndrew Tridgell4-1/+199
this supports module loading in ldb which uses the approach of "load all modules in a directory". This is much more flexible than the current module loading, as it will allow us to load modules for command line parsing and authentication. Modules are loaded from a colon separated path, in the environment variable LDB_MODULES_PATH. If unset, it defaults to LDB_MODULESDIR. Within each directory modules are loaded recursively (traversing down the directory tree). The device/inode number of each module is remembered to prevent us loading a module twice. Each module is checked for a ldb_init_module() function with dlsym(). If found, it is called with the ldb module version as an argument.
2010-11-01s4-dsdb_schema: Use DRSUAPI_ATTID_INVALID instead of 0xFFFFFFFF magic valueKamen Mazdrashki2-28/+28
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Mon Nov 1 00:36:20 UTC 2010 on sn-devel-104
2010-10-31idl: Use DRSUAPI_ATTID_ prefix instead of DRSUAPI_ATTRIBUTE_ for ATTID valuesKamen Mazdrashki9-100/+100
Those values are actually ATTID values and such, they are used for ATTIDs for Attributes, Classes and Syntaxes.
2010-10-31s4-server: avoid using environ as it is not portableAndrew Tridgell1-2/+1
we can just use execv() instead, which passes through the environment, which is all we need Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Oct 31 23:53:49 UTC 2010 on sn-devel-104
2010-10-31s4:sam.py - test the "sAMAccountName" attributeMatthias Dieter Wallnöfer1-0/+59
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 31 21:02:48 UTC 2010 on sn-devel-104
2010-10-31s4:samldb LDB module - validate "sAMAccountName" modificationsMatthias Dieter Wallnöfer1-0/+74
Also the "sAMAccountName" attribute is protected against corruption (e.g. two accounts with the same name).
2010-10-31s4:netlogon RPC server - "LogonGetDomainInfo" - always check the LDB return ↵Matthias Dieter Wallnöfer1-31/+57
codes Plus some cosmetic indentation fixes Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 31 19:26:45 UTC 2010 on sn-devel-104
2010-10-31s4:libnet_join.c - only write the really essential SPNsMatthias Dieter Wallnöfer1-8/+7
If we are a DC then the others are added by the "samba_spnupdate" script. This fixes bug #7614.