summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24275: - setup the connection to the ctdb daemonAndrew Tridgell1-0/+17
- disable the brlock ctdb backend for now (This used to be commit b04bcf46e135af597b89994148a28275d29cdba6)
2007-10-10r24274: - merge from ctdb bzr treeAndrew Tridgell8-23/+200
- use ctdb_attach() instead of ctdb_db_handle() - make ctdb_attach() return an existing db handle if it exists (This used to be commit be85c48f8d4a22fd4ed922be6f7f1979f349d291)
2007-10-10r24273: Fix bug #4817 by <mwallnoefer@yahoo.de>. (Unable to add a computerAndrew Bartlett1-5/+10
from MMC Active Directory Users and Computers). Windows sets a 14 UCS2 char buffer as the password in this case. We need to allow random buffers to be accepted as complex passwords, even if they don't have ASCII upper or lower case characters. (If half the bytes are > 127, then it's likely a random buffer). Also make the test match the documented windows behaviour of '3 of the 4 classes: upper, lower, digit, special'. Andrew Bartlett (This used to be commit 5ef26a2ba3561580f0a73ee61eb707573cc98cd3)
2007-10-10r24263: Fix bug 4846 (unable to copy users in MMC Active Directory Users andAndrew Bartlett1-3/+47
Computers). We now generate a security descriptor for each object, when it is created. This seems to keep MMC happy. The next step is to honour it. Andrew Bartlett (This used to be commit 72f4ae82463c5c1f9f6b7f18f125c4c8fb56ae4f)
2007-10-10r24262: Set the objectCategory by default in the objectclass module, rather ↵Andrew Bartlett2-6/+10
than using templates. Modify the samba3sam test to be less fussy, and not use the objectclass module (which requires proper schema stuff now). Andrew Bartlett (This used to be commit 53c248c2645e86fbc8720860aed92a479483b528)
2007-10-10r24261: Fix the standalone ldb build after I moved the objectclass module out.Andrew Bartlett2-3/+0
Andrew Bartlett (This used to be commit c4c3afcdcb6ac5dc220f353b25689056484ac6c9)
2007-10-10r24260: Ensure we always override any existing values for these generatedAndrew Bartlett1-0/+4
attributes. Anything else leads to madness. Andrew Bartlett (This used to be commit af092a361df6b98e1890cbd3e2d1fed168701364)
2007-10-10r24259: Rework the objectclass module to use the new schema, rather than theAndrew Bartlett3-38/+37
ldb_subclass list. Next step will be to have this module also set the objectCategory and default ntSecurityDescriptor Andrew Bartlett (This used to be commit 0f7135a4685a1117a54c2f019df6c6de22b8dd32)
2007-10-10r24249: Thse generated attributes should not be pushed this far down the stackAndrew Bartlett1-69/+0
in any cse. Andrew Bartlett (This used to be commit 5f08a686a6b002a21803a0dd2f9ee0ae9ef928f5)
2007-10-10r24248: Attempt to fix bug #4830 by <mwallnoefer@yahoo.de>. If there is noAndrew Bartlett1-0/+1
payload to the control, we still need to inialise *value, as otherwise we read uninitialised data later. Andrew Bartlett (This used to be commit f6566480b7f1b4036b38284aa539f3a69f5c4573)
2007-10-10r24247: Remove extra newlines from ldb_debug() calls - it already adds one.Andrew Bartlett3-23/+23
Andrew Bartlett (This used to be commit e5fdcda2a1e97c587d48baf3521b18515277f6de)
2007-10-10r24246: Avoid the annoying 'probable memory leak in ldb' messages, by fixingAndrew Bartlett3-9/+11
some issues in the NBT server (this was a false positive, but easily worked around) and DRSUAPI server. We should take care not to use the ldb_context as a talloc pool, and to always ensure that any results from ldb_search() are moved off that pool with talloc_steal or talloc_free(). To work around the issue in provision, for which I can find no fault (other than a lot of work being done in provision), I've moved the detector trigger to 400 additional blocks. This fixes Bug #4810 by <mwallnoefer@yahoo.de> Andrew Bartlett (This used to be commit 42bcf856203ae3cf43130519904828a143ac8d18)
2007-10-10r24245: Fix bug #4828 - we need to set the samba LDB debug handler early, soAndrew Bartlett1-10/+20
we catch messages pushed out by modules during startup. This also sets an explict mapping between ldb and Samba debug levels. Andrew Bartlett (This used to be commit 50913a401dda9fb29a8c05f1926c41d3473efa93)
2007-10-10r24157: Merge from ↵Kai Blin1-1/+1
kai/samba4-gsoc.git;h=728deba680f8cf85cab168a6278a2cf657f65fdb Make WBSRV_SAMBA3_SET_STRING use safe_strcpy instead of strncpy. (This used to be commit 6b92b816fc70278d83d23f835275acf5f227dd74)
2007-10-10r24146: It is not an error for a Win2k3-only server not to support the NT4Andrew Bartlett3-0/+5
replication call. Andrew Bartlett (This used to be commit 59cba32c09f5b014788e4fb0479ed31f26a3d7e2)
2007-10-10r24127: Set the Domain SID into the libnet context, and have libnet_UserInfoAndrew Bartlett6-7/+20
return full SIDs for the user SID and primary group sid. This should help kai with his getpwnam work in winbind. Andrew Bartlett (This used to be commit 078671d5015c63e4bcd96815e150dae918763b83)
2007-10-10r24118: Start fixing #4842 (usrmgr polcies menu not working) by removing rangeAndrew Bartlett1-1/+1
restriction on the maximum returned size. There isn't a good reason to have a limit on this one. Andrew Bartlett (This used to be commit 9a8315019e20f736c6977451c1d1f1f3fcba16f2)
2007-10-10r24112: Complete initialistion of the libnet_ctx when setting up the domain.Andrew Bartlett1-0/+4
We need to set the access_mask and the domain name, or else libnet will try to do this itself. This seems to fix the issues Kai was having. Andrew Bartlett (This used to be commit 44c193272b05959c756ee0078d666bcdf1374023)
2007-10-10r24111: Untested code is broken code, untested code is broken code...Andrew Bartlett2-2/+2
Apologies for my previous commit, which should never have been commited untested. Andrew Bartlett (This used to be commit ec69f41d093df598cb3969be0efdd6b8b804d423)
2007-10-10r24110: I hate seeing callers manually filling in the composite context. UseAndrew Bartlett2-4/+3
the helper functions instead (and in kai's new code, which just copied the previous bad practice). Andrew Bartlett (This used to be commit 0908d8232e8621e5c7bce74b19e5d1e75fc115ab)
2007-10-10r24109: Add a wb_name2domain callKai Blin2-0/+132
(This used to be commit a6a45ab9706961ea2a9a7451d9a38cb8dea7baf2)
2007-10-10r24108: Split out samba3_parse_domuser to a seperate file and rename, so it ↵Kai Blin3-23/+51
can be used for a name2domain call. (This used to be commit 75e41da039e10127820635500e185e24ea55c777)
2007-10-10r24083: Don't fail the test (looking for the user in the enum) if we didn'tAndrew Bartlett1-3/+7
create the user in the first place. Andrew Bartlett (This used to be commit db0f81734d39b228dbfcf53b911edf83a2a2fd8c)
2007-10-10r24082: Following the removal of a fanstsy condition from the SAMR testsuite,Andrew Bartlett1-7/+0
allow the server side to enumerate all domain controllers and domain members... Andrew Bartlett (This used to be commit d42150ff0a05e891d36d1d3f1ec93952e6d4affd)
2007-10-10r24081: Domain Controllers are also shown in this enumeration.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 3e332ff77120003da2a23df8e0d30a330847f0f1)
2007-10-10r24080: Set the primary group (matching windows) when creating new users inAndrew Bartlett3-4/+30
SAMR. This can't be done in the ldb templates code, as it doesn't happen over direct LDAP. As noted in bug #4829. Andrew Bartlett (This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
2007-10-10r24075: As suggested by metze, match the behaviour of ntvfs_posix, and removeAndrew Bartlett1-0/+1
the backend data (effectivly closing the handle) when we close an IPC FD. This should fix #4821. Andrew Bartlett (This used to be commit efaf91b9d53c1d9b882c53e069e8e7c15394e0f3)
2007-10-10r24074: Test both permitted logon hours and permitted workstations in theAndrew Bartlett3-6/+73
RPC-SAMLOGON test. This showed that, as noted by bug #4823, we didn't test for invalid workstations. In fact, the code had been ported across, but because untested code is broken code, it never worked... Andrew Bartlett (This used to be commit 5e07417ada56d189a911ef888b0c87adebe60763)
2007-10-10r24061: Anther part of bug #4823, which is that until now Samba4 didn't parseAndrew Bartlett3-27/+72
the logon hours, even if set. This code happily stolen from the great work in Samba3 :-) Andrew Bartlett (This used to be commit a4939ab629e0af0615bcecf63c7cd55e6e833505)
2007-10-10r24060: Fix bug #4806 by Matthias Wallnöfer <mwallnoefer@yahoo.de>: We need toAndrew Bartlett4-10/+83
include the attribute allowedChildClassesEffective for MMC to allow the creation of containers. This may need further refinement, but it seems to work for now. Andrew Bartlett (This used to be commit d053b8e218767cb12e20a00fb18995e30869db11)
2007-10-10r24059: Fix bug 4822 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>.Andrew Bartlett2-155/+188
Any SAMR client (usrmgr.exe in this case) that attempted to set a property to a zero length string found instead the the old value was kept. In fixing this, rework the macros to be cleaner (add the always-present .string) to every macro, and remove the use of the samdb_modify() and samdb_replace() wrappers where possible. Andrew Bartlett (This used to be commit b05fe693047c09b85c7fc0e1ea8d931c99910375)
2007-10-10r24054: Fix some warningsVolker Lendecke1-2/+2
(This used to be commit b3473db397476d05e7ffca50a5f7a9b65e0a5b4a)
2007-10-10r24053: Ensure we filter EnumDomainUsers with the supplied mask.Andrew Bartlett2-34/+100
Should fix another part (list of domains in usrmgr incorrectly including accounts) of bug #4815 by mwallnoefer@yahoo.de. Andrew Bartlett (This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
2007-10-10r24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.Andrew Bartlett3-16/+209
- The icons in usermgr were incorrect, because the acct_flags were not filled in (due to missing attribute in ldb query) - The Full name was missing, and the description used as the full name (due to missing attributes in ldb query and incorrect IDL) To prove the correctness of these fixes, I added a substantial new test to RPC-SAMR-USERS, to ensure cross-consistancy between QueryDisplayInfo and QueryUserInfo on each user. This showed that for some reason, we must add ACB_NORMAL to the acct_flags on level 2 queries (for machine trust accounts)... Getting this right is important, because Samba3's RPC winbind methods uses these queries. Andrew Bartlett (This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)
2007-10-10r24051: more monitor function calls and monitor msg namesRafal Szczesniak7-44/+103
convention change. rafal (This used to be commit 6ab10b2ed256fa3c55d1af8ddcc9dfdaf4598a1e)
2007-10-10r24041: After metze's ack, check in torture_comment from Zack KrischVolker Lendecke1-2/+2
<zack.kirsch@isilon.com> (This used to be commit b1148b7ab84a18d4fea771c887ed7d535841982b)
2007-10-10r24012: Remove duplicate code block (from bad merge).Andrew Bartlett1-17/+0
Andrew Bartlett (This used to be commit 68bdbd732fc02ce5a8ef8eb0107459ff3b7eb723)
2007-10-10r24011: Keep the connect handle around in libnet, in case we want it.Andrew Bartlett2-0/+2
Andrew Bartlett (This used to be commit e6ccdb6cea267b992d1b586757f0b84afbc5e45f)
2007-10-10r24010: Fix warning for the function paramter to qsort().Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 51862c4c5299da02d3d781b3e9255823bc9b59af)
2007-10-10r23995: Work to allow mimir's libnet code to be called from winbind.Andrew Bartlett9-57/+53
We now setup a libnet_ctx for each domain. We should then be able to replace/merge some more of the winbind code with libnet calls, referencing domain->libnet_ctx. Andrew Bartlett (This used to be commit bad2dc14d704be59300f619c84694c11620559e0)
2007-10-10r23993: Attempt to fix bug #4808, reported by mwallnoefer@yahoo.de. The issueAndrew Bartlett1-1/+4
is that when we all ldb_msg_add_empty(), we might realloc() the msg->elements array. We need to ensure the source pointer (when copying an element from the same msg) is still valid, or the data copied. Andrew Bartlett (This used to be commit 0fbea30577233d00e7c6cdd4faaece0f99fc57b1)
2007-10-10r23982: Fix use-after-realloc() found by valgrind and mwallnoefer@yahoo.de.Andrew Bartlett1-1/+5
Should fix bug #4804. Andrew Bartlett (This used to be commit 848336dc617b72d189fe82e10c0b08a518d6d073)
2007-10-10r23980: Fix one more use of pwrite in expand_file.Michael Adam1-1/+10
Michael (This used to be commit b97acdc67b1a55529e69bb7b2b78a317a34b1eba)
2007-10-10r23979: Fix another occurence of (written != requested) as anMichael Adam1-5/+22
error condition to write. This is in tdb_new_database. Fix one call to tdb_new_database in tdb_open_ex to not overwrite the newly propagated errno (typically ENOSPC). Michael (This used to be commit eb524df0a52783de6c94a11b44f268e0f26fbb2c)
2007-10-10r23978: Merge r23161 from Samba3:Michael Adam2-0/+5
Add TDB_VOLATILE as open_flag to activate the per-hashchain dead record optimization. (This used to be commit 868cdb1781fe94afbc1658e72bf06de20193bcd7)
2007-10-10r23977: Im prove the pwrite-patch to tdb_expand_file of r23972:Michael Adam1-7/+20
* prevent infinite loops due to 0 bytes written: try once more. if we still get 0 as return, set errno to ENOSPC and return -1 (error) * replace int by correct types (ssize_t and size_t). * print a warning log message in case "written < requested to write" usually this means, that the next call to pwrite will fail with return value -1 and set errno accordingly. Note that the former error condition "written != requested to write" is not a correct error condition of write/pwrite. If this is due to an error, a subsequent call to (p)write will reveal the cause (typically "no space left on device" - ENOSPC). Michael (This used to be commit 7f415d12239fc67eb2c7894c6359b9507fe122c6)
2007-10-10r23972: Fix a bug in pwrite error detection in tdb_expand_file():Michael Adam1-3/+3
The proper error condition is (ret == -1) instead of (ret != number_of_byte_told_to_write). Michael (This used to be commit 4c3c6363f860ec01d3c789ef8ee2aa3eb77000dc)
2007-10-10r23966: It isn't great, but at least now we have some access control in SWATAndrew Bartlett2-0/+50
This patch prevents non-root and non-administrator users from running the provision, upgrade and vampire pages. *I think* the rest of SWAT is LDB operations, or otherwise authenticated, so we should now be secure. I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha. Andrew Bartlett (This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)
2007-10-10r23964: Update blackbox selftest scripts to cover more code, and to moreAndrew Bartlett1-3/+3
consistantly report errors. (Some were being lost due to the "echo foo | cmd" calling convention). Andrew Bartlett (This used to be commit d0a994d0ce7b1d4a33bbca5348c2da868401971f)
2007-10-10r23961: Allow SWAT to operate on x86_64 machines.Andrew Bartlett5-20/+29
On machines with a 4 byte int, and a 8 byte pointer, the ESP could would fail. The problem is that 0 != NULL. 0 is an int (4 bytes) and NULL is a pointer (8), and this matters critically to varargs functions. If a 0 was passed as the 'terminating' argument, then only 4 bytes would be written to the stack, but va_arg(ap, char *) would try and pull 8, reading uninitalised memory. Andrew Bartlett (This used to be commit 72ca8e3b2a45179b731790e6329b978b22ac1ec0)