| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
kcc_service struct gets a intrasite_code
boolean that is filled in via parametric parameter
kccsrv:intrasite = [true/false] in smb.conf. This
will allow us to continue to utilize old simple
KCC topology as continuing default while newer
intra-site topology matures further.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Jul 14 00:19:12 CEST 2011 on sn-devel-104
|
|
We need the ability to utilize this function in a different
manner. KCC intra-site topology has already vetted the
replica as being appropriate to produce a repsFrom from.
We do not want kccsrv_add_repsFrom() to produce further
checking as was the case for simple topology. Thus if
we pass a NULL (res) parameter this extra check will
be skipped.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
kccsrv_replica_flags() and
kccsrv_add_repsFrom() need to be available to functions
outside kcc_periodic.c
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Utilized by KCC to carry the invocation id of the NTDSDSA
that we are replicating the name context from. Utilized
when NTDSConnection is created (much like dsa_guid tracks
the NTDSDSA objectGUID that we are replicating the name
context from).
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Previously this set an explicit (0x1) value whereas it
can now utilize NTDSCONN_OPT_IS_GENERATED from flags.h
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
A helper function for retrieving the ntds site settings
via standalone function call. Used within KCC
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Flags that were missing from flags.h or were incorrectly
defined inline to the kcc_topology.c code (and thus unusable
elsewhere). These are the NTDSConnection and NTDSDSA Site
settings flags.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this fixes the DN to have a full GUID for new objects
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Jul 13 14:03:30 CEST 2011 on sn-devel-104
|
|
thanks to Matthias for his great test suite work!
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We don't need to compare the delete against the primaryGroupID check
here - that test is for adds.
Andrew Bartlett
|
|
we can't convert 0 NTTIME via a unix time_t
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this is not available on an ldap samdb
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
subtree searches on these DNs don't work any more
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when in FILL_DRS mode, there are no objects to check yet
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
some DNs are are not setup with GUIDs during the provision because of
circular dependencies between objects. This adds a dbcheck pass to the
provision to fix those DNs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this is needed for the dbcheck code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
if we didn't find a replPropertyMetaData attribute at all then don't
try fixing it
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
this checks for missing backlinks or backlinks without a forward link
and optionally fixes them
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when dbcheck is fixing missing backlinks we don't want a DEBUG 0
message
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
this allows you to force a reindex of the database
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this avoids the need for access to the secrets database
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
the samldb checks failed to account for the possibility of a member
being removed and added in the same modify operation. This happens
(for example) when dbcheck is fixing a SID in a DN.
The repl_meta_data.c code already has this check, it just wasn't
giving the right specialised error code for the 'member' attribute
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
metze
|
|
It's not only a cache as we also support static records.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 12 16:16:45 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
this is better than doing a schema search inside the dbcheck code
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Jul 11 07:43:18 CEST 2011 on sn-devel-104
|
|
this allows conversion from a DRS attribute ID to a LDAP display name
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
when fixing missing attributes in replPropertyMetaData, allow user to
confirm changes, and check for exceptions
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
When an object is deleted, link pointed to it are marked as inactive.
When the same object is purged we do not remmove the link pointed to it
(we can't know them) so they stay in the database, it turns to be a
problem for Windows 2008.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
if we have the provision control, it's used by dbcheck
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
even if the data hasn't change
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
dn might be broken
The usual use case is that you have a not complete linked attribute (ie.
without the SID) if we keep using the old dn, then the SID will never be
added.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is needed because we can have more than 1 value in a single valued
attribute as we store also deleted values. So we do the check in repl_meta_data
and then indicate LDB to do the check.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this makes dbcheck search over all objects, deleted or not. This
matters because when another DC replicates from this DC it replicates
the deleted objects as well, so invalid attributes in deleted objects
can cause problems on the new DC (for example, windows can get stuck
or even crash during the replication)
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
the objectclass_attrs validation that an object contains all mandatory
attributes is incorrect for deleted objects, as they get stripped of
some mandatory attributes when deleted (for example, objectCategory
gets stripped)
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
when extended_dn_in fails to resolve a GUID extended DN component, the
debug code assumed that it was a search operation, and accessed
ac->req->op.search.base, which is not valid for non-search DN
expansions.
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
this allows the user to choose all/none for all the remaining database
checks
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
|
when connecting to a local database with -H we can use that databases
schema
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
|
