summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2009-11-17s4:SAMLDB DSDB module - Remove "\n" in LDB error messagesMatthias Dieter Wallnöfer1-25/+31
abartlet suggested me to not use anymore "\n"s in those kind of outputs. Plus, enhance a search filter to consider also "builtinDomain" objects which are basically domain objects too.
2009-11-17Fixed incorrect SID for RAS Servers.Nadezhda Ivanova2-1/+2
2009-11-17s4:dsdb/schema: let schema_supclasses() return the correct pointerStefan Metzmacher1-2/+2
str_list_unique() changes the pointer via talloc_realloc(). metze
2009-11-17s4:selftest: use "dc:local" instead of a hardcoded config fileStefan Metzmacher1-3/+3
If a tests needs access to the dc's config, it should run as "dc:local", then it can also access unix named pipes... If we pass a hardcoded config file the test fails if you use a selftest_prefix. metze
2009-11-17s4:selftest: allways start with $(ST_RM)Stefan Metzmacher1-2/+2
metze
2009-11-17s4:selftest: place summary file into selftest-prefixStefan Metzmacher1-1/+2
metze
2009-11-17s4:heimdal: import lorikeet-heimdal-200911170333 (commit ↵Andrew Bartlett9-25/+8
b532c294d974cead40a1183c71be644c6ccc2832) This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
2009-11-17s4/drs(tort): Convert DSSYNC test to a test case fixtureKamen Mazdrashki2-24/+68
Now it should be much more clear why and where a test in DSSYNC test case has failed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4/drs(tort): replace DEBUG with torture_asert/comment/failKamen Mazdrashki1-45/+49
I left dumping of decrypted attributes values 'as is' (using DEBUG and DEBUGADD) as it uses dump_data() function. dump_data() uses DEBUGADD internally, so I have no way to redirect its output to torture_context at this point. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4/drs(tort): use torture_drsuapi_assert_call() macro for error checkingKamen Mazdrashki1-11/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4/drs(tort): replace 'printf' with 'torture_...' callsKamen Mazdrashki1-14/+15
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4/drs(tort): 'DsSyncBindInfo.pipe' renamed - 'pipe' is a system callKamen Mazdrashki1-11/+11
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4/drs(tort): 'DsPrivate.pipe' renamed - 'pipe' is a system callKamen Mazdrashki3-13/+13
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-17s4:dsdb With these workarounds, we now pass the RPC-DSSYNC testAndrew Bartlett2-3/+15
2009-11-17s4:provision Split up reference creation, load schema earlier in the stackAndrew Bartlett3-19/+31
The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett
2009-11-17s4:schema Add the GUID to each defaultObjectCategory when loading from LDIFAndrew Bartlett1-0/+49
This makes these full extended DNs, so we set the right values into the database, even before we actually set the schema objects themselves. Andrew Bartlett
2009-11-17s4:dsdb Rework samdb code to use 'storage format' DNs for defaultObjectCategoryAndrew Bartlett4-1/+67
It is important to always ensure that this attribute has an extended DN if the rest of the database stores things that way. The knowlege of what format the DN is stored on disk with is passed around in an LDB opaque. Andrew Bartlett
2009-11-17s4:provision Generate a random objectGUID for each schema recordAndrew Bartlett1-0/+2
This is needed to then create extended DNs with GUID attributes in them, when importing from the LDIF Andrew Bartlett
2009-11-17s4:dsdb Load objectGUID and extended DN defaultObjectCategory into the schemaAndrew Bartlett4-37/+29
The load of defaultObjectCategory as an extended DN means we need to use the common parsing functions I just split out, rather than the GET_DS_DN macro. The objectGUIDs are loaded so that we can create the extended DN when we load from LDIF (and are loaded for the other cases for consistency). Also adapt callers to API changes needed for common parsing code Andrew Bartlett
2009-11-17s4:dsdb Use the new flags to dsdb_module_search in schema_loadAndrew Bartlett1-1/+3
This loads the defaultObjectCategory DN as an extended DN, so we can apply it, with the associated GUID, when setting this on records in the objectClass module. Previously we would not store the extended DN components for objectCategory. Andrew Bartlett
2009-11-17s4:dsdb Break up 'parse a DN from DRSUAPI' into a subfunctionAndrew Bartlett1-73/+91
This should make it easier to call this function from the DRS schema load code, rather than duplicate it. (we may do the same with other functions in future). Andrew Bartlett
2009-11-17s4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used featuresAndrew Bartlett7-11/+84
These flags, also on dsdb_module_search_dn() allow us to add commonly set controls to this pre-packaged blocking search, without rebuilding the whole function in each caller. Andrew Bartlett
2009-11-16s4:SAMLDB moduleMatthias Dieter Wallnöfer1-14/+14
- Add more "\n" to make sure that error messages are displayed immediately - Add a "NULL" in a attribute list
2009-11-16Revert "s4:dsdb/repl/replicated_objects - Applicate also here the new ↵Matthias Dieter Wallnöfer1-4/+1
"lDAPDisplayName" generator" This reverts commit df95d5c29292968b465bff24c3cf78800677a4d4. abartlet pointed out in a post on the samba-technical list that this isn't necessary at all (lDAPDisplayName normalisation algorithm). Rather it breaks functionality of the replication.
2009-11-16s4:dsdb LDB attribute lists must always be a static const char **.Andrew Bartlett1-1/+1
(If they are not, then due to the async code, they will cause a segfault as they reference a reclaimed portion of the stack). Andrew Bartlett
2009-11-16s4:provision - Removed dependency on full Samba 3 schema from FDSEndi S. Dewata9-152/+170
2009-11-15Fixed some major bugs in inheritance and access checks.Nadezhda Ivanova5-120/+274
Fixed sd creation not working on LDAP modify. Fixed incorrect replacement of CO and CG. Fixed incorrect access check on modify for SD modification. Fixed failing sec_descriptor test and enabled it. Fixed failing sd add test in ldap.python
2009-11-15Fix writing corrupt registries because of hardcoded version string in IDL.Wilco Baan Hofman1-1/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-11-15Fix writing corrupt REG_SZ to the registry.Wilco Baan Hofman1-1/+2
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-11-15Fix trailing garbage in the hbin block.Wilco Baan Hofman1-0/+5
This specifically fixes a problem showing extra bytes of garbage in list and print in regshell, even though the vk.data_length has the correct size. Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-11-15Added tests for descriptor inheritance on ldap modify.Zahari Zahariev1-121/+207
Fixed some expected owners and groups. Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com>
2009-11-15ldb:python bindings - add a context on "py_ldb_delete"Matthias Dieter Wallnöfer1-2/+10
So the converted DN will be freed after usage.
2009-11-15s4:ldap.py - enhance schema addition testMatthias Dieter Wallnöfer1-12/+40
Don't add only a new objectclass but also a new attribute. Plus let now the server itself calculate the "lDAPDisplayName" attribute and compare the result.
2009-11-15s4:dsdb/repl/replicated_objects - Applicate also here the new ↵Matthias Dieter Wallnöfer1-1/+4
"lDAPDisplayName" generator Also here we've to be sure to generate the attribute correctly if it doesn't exist yet.
2009-11-15s4:SAMLDB module - Add support for required and generated schema attributesAndrew Bartlett1-7/+285
This missing support found by Microsoft test suite at AD interop event. Patch by Andrew Bartlett Enhancements by Matthias Dieter Wallnöfer
2009-11-15s4:samdb util - add a call for generating a correct "lDAPDisplayName"Matthias Dieter Wallnöfer1-0/+28
This is needed for the SAMLDB module enhancement regarding schema objects. The algorithm in pseudo code is located in MS-ADTS 3.1.1.2.3.4.
2009-11-15s4:ldap.py - Deactivates some at the moment pointless test partsMatthias Dieter Wallnöfer1-6/+6
I think those parts should be deactivated since they're result set checks for lookups which are commented out already.
2009-11-14s4-drs: DsExecuteKCC() implementationErick Nascimento3-2/+31
I implemented the DsExecuteKCC() handling code on kccsrv_execute_kcc(). Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-13s4:heimdal Import generated files from heimdal treeAndrew Bartlett9-827/+1185
We should be able to rebuild these, but a cp is easier :-)
2009-11-13s4:heimdal: import lorikeet-heimdal-200911122202 (commit ↵Andrew Bartlett59-646/+1168
9291fd2d101f3eecec550178634faa94ead3e9a1)
2009-11-13s4:heimdal: import lorikeet-heimdal-200909210500 (commit ↵Andrew Bartlett139-2179/+4119
290db8d23647a27c39b97c189a0b2ef6ec21ca69)
2009-11-13s4-ldb: changed the DN checks for \n to warningsAndrew Tridgell2-6/+11
a \n is sometimes allowed in AD (eg in deleted DNs). Until we know when is really is allowed, treat it as a warning only.
2009-11-13s4-ldb: make DN escaping/unescaping consistentAndrew Tridgell1-20/+54
The DN escape function was using the form \c where c is any character. The unescape function was using \XX where XX is a 2 digit hex number. The asymmetry led to quite a few problems when we start to deal with DNs containing escape chars, such as CN=foo\0ADEL:XXX. The result was a DN that was not accessible. This patch changes the escaping to follow RFC2253 much more closely. We accept either type of escape, and produce the two types of escape, depending on the character being escaped
2009-11-12s4:heimdal_build: allow flex-2.5.35 with bison-2.3Stefan Metzmacher1-0/+1
metze
2009-11-12s4:dsdb Make callbacks in extended_dn_out clearer to followAndrew Bartlett1-1/+6
2009-11-12s4:selftest Mark the RPC-DSSYNC test as knownfail for nowAndrew Bartlett1-0/+1
We need to work on the provision or LDB modules to avoid DN attributes without GUIDs (caused because the target does not exist at creation time). Andrew Bartlett
2009-11-12s4:libcli/ldap Add 'relax' OID to known network representationsAndrew Bartlett1-0/+2
This patch, inspired by a patche by Endi S. Dewata <edewata@redhat.com>, allows this control to be passed to the LDAP backend. Andrew Bartlett
2009-11-12s4:provision - Added LDBBackend and ExistingBackend.Endi S. Dewata2-32/+62
2009-11-12s4:provision - Added constructors for FDSBackend and OpenLDAPBackend.Endi S. Dewata2-43/+95
2009-11-12s4:provision - Added setup() method in LDAPBackend.Endi S. Dewata2-26/+32