Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-19 | s4 upgradeprovision: Deal with bootstrap indexing attribute to avoid useless ↵ | Matthieu Patou | 1 | -13/+65 | |
reindexing | |||||
2010-08-19 | s4 upgradeprovision: Add a function for schema reloading | Matthieu Patou | 1 | -1/+31 | |
Full schema reloading is needed when we modify exisiting elements that have attributes that comes from not from the default schema (ie. openchange schema, user schema ..) | |||||
2010-08-19 | s4 upgradeprovision: upgrade_delta_samdb return a msg_diff of @ATTRIBUTES | Matthieu Patou | 1 | -9/+14 | |
This is used by upgradeprovision to readd this delta just before loading a merged schema | |||||
2010-08-19 | s4 upgradeprovision: Fixes for increment_keyversion | Matthieu Patou | 3 | -3/+22 | |
fix | |||||
2010-08-19 | s4 upgradeprovision: fix a typo and pass correct parameter to ↵ | Matthieu Patou | 2 | -4/+5 | |
increment_calculated_keyversion | |||||
2010-08-19 | s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if ↵ | Kamen Mazdrashki | 2 | -3/+4 | |
it exists | |||||
2010-08-19 | s4-test: make better error message for ATTID checks | Kamen Mazdrashki | 1 | -4/+20 | |
2010-08-19 | s4-test: Change attribute syntax and value for readability | Kamen Mazdrashki | 1 | -3/+3 | |
When it comes to read logs and dumping data received Octet String syntax comes in handy | |||||
2010-08-19 | s4-test: Enable drs.rpc.msdsintid test case - it should be passing now | Kamen Mazdrashki | 1 | -1/+0 | |
2010-08-19 | s4-dsdb: No need for dsdb_syntax_one_DN_drsuapi_to_ldb() to be public | Kamen Mazdrashki | 1 | -3/+3 | |
It is intended to be used in schema_syntax.c module | |||||
2010-08-19 | s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDs | Kamen Mazdrashki | 1 | -3/+16 | |
Depending on which NC is being replicated, GetNCChanges() returns either ATTID based on local prefixMap or msDs-IntId value of the attributeSchema class for the attribute being replicated. If set, msDs-IntId value is always returned when replicating object form NC other than Schema NC. Objects in Schema NC replica always use prefixMap based ATTIDs. | |||||
2010-08-19 | s4-dsdb-syntax: ATTID should be msDs-IntId value for the attributeSchema object | Kamen Mazdrashki | 2 | -14/+55 | |
in case object replicated is not in Schema NC and attributeSchema object has msDs-IntId attribute value set | |||||
2010-08-19 | s4: fix few comment typos | Kamen Mazdrashki | 2 | -3/+3 | |
2010-08-19 | s4-schema_syntax.c: Fix white spaces and alignment | Kamen Mazdrashki | 1 | -55/+56 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functions | Kamen Mazdrashki | 4 | -57/+45 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functions | Kamen Mazdrashki | 4 | -55/+47 | |
2010-08-19 | s4-dsdb: Use dsdb_syntax_ctx in *_validate_ldb functions | Kamen Mazdrashki | 3 | -62/+41 | |
2010-08-19 | s4-dsdb: Add context structure for dsdb_syntax conversion functions | Kamen Mazdrashki | 2 | -0/+19 | |
This structure is intended to hold context-dependent data. Syntax-conversion and object-conversion functions need that data to convert objects and attributes from drs-to-ldb and ldb-to-drs correctly. For instance: ATTID value depends on whether we are converting object from partition different that Schema partition. | |||||
2010-08-19 | s4-test-dssync: remove unused variable | Kamen Mazdrashki | 1 | -1/+0 | |
2010-08-17 | smbtorture: Make SAMBA3CASEINSENSITIVE report failures properly. | James Peach | 1 | -4/+6 | |
2010-08-17 | smbtorture: Ensure that the RPC setup returns correct status. | James Peach | 1 | -4/+4 | |
2010-08-18 | s4:ldap_server use talloc_unlink() to avoid talloc_free() with references | Andrew Bartlett | 1 | -4/+4 | |
Both the session_info and the ldb can have references. Andrew Bartlett | |||||
2010-08-18 | s4:auth Change {anonymous,system}_session to use common session_info generation | Andrew Bartlett | 2 | -6/+8 | |
This also changes the primary group for anonymous to be the anonymous SID, and adds code to detect and ignore this when constructing the token. Andrew Bartlett | |||||
2010-08-18 | s4:auth Avoid doing database lookups for NT AUTHORITY users | Andrew Bartlett | 2 | -108/+122 | |
2010-08-18 | s4:auth Remove system_session_anon() from python bindings | Andrew Bartlett | 5 | -58/+4 | |
2010-08-18 | s4:auth Remove the system:anonymous parameter used for the LDAP backend | Andrew Bartlett | 1 | -10/+4 | |
This isn't needed any more, and just introduces complexity. | |||||
2010-08-18 | s4:auth Remove special case constructor for admin_session() | Andrew Bartlett | 1 | -63/+13 | |
There isn't a good reason why this code is duplicated. Andrew Bartlett | |||||
2010-08-18 | s4:security Remove use of user_sid and group_sid from struct security_token | Andrew Bartlett | 12 | -35/+29 | |
This makes the structure more like Samba3's NT_USER_TOKEN | |||||
2010-08-18 | s4:ntvfs Don't treat the user SID and primary group SID special for idmap | Andrew Bartlett | 1 | -12/+4 | |
This simply askes IDMAP about all the user SIDs, rather than the user and group sid, followed by all but the first two sids from the token. Andrew Bartlett | |||||
2010-08-18 | s4:security Bring in #defines for the user and primary group token location | Andrew Bartlett | 1 | -0/+3 | |
This will allow us to stop duplicating the user and primary group SID in the struct security_token, and therefore make it more like the NT_USER_TOKEN in Samba3. Andrew Bartlett | |||||
2010-08-17 | s4:netlogon RPC server - "ServerPasswordSet" operations - introduce also ↵ | Matthias Dieter Wallnöfer | 1 | -2/+43 | |
here the new password change syntax | |||||
2010-08-17 | s4:kdc/kpasswdd.c - let the user change his own password with his own rights | Matthias Dieter Wallnöfer | 1 | -3/+44 | |
Now it's finally possible that the user can change his password with a DSDB connection using his credentials. NOTICE: I had to extract the old password from the SAMDB since I was unable to find it somewhere else (authinfo for example). | |||||
2010-08-17 | s4:samr RPC server - samr_password.c - make real user password changes work | Matthias Dieter Wallnöfer | 1 | -50/+74 | |
Now it's finally possible that the user can change his password with a DSDB connection using his credentials. | |||||
2010-08-17 | s4:kdc/rpc server - adapt the "samdb_set_password" calls which perform ↵ | Matthias Dieter Wallnöfer | 2 | -4/+4 | |
password sets | |||||
2010-08-17 | s4:samdb_set_password/samdb_set_password_sid - make more arguments "const" | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
2010-08-17 | s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support ↵ | Matthias Dieter Wallnöfer | 1 | -13/+27 | |
the password change control And introduce parameters to pass the old password hashes. | |||||
2010-08-17 | s4:password_hash LDB module - perform the adaptions to understand the new ↵ | Matthias Dieter Wallnöfer | 1 | -8/+26 | |
password change control | |||||
2010-08-17 | s4:acl LDB module - support password changes over the ↵ | Matthias Dieter Wallnöfer | 1 | -1/+15 | |
DSDB_CONTROL_PASSWORD_CHANGE_OID control This control is used from the SAMR and "kpasswd" password changes. It is strictly private and means "this is a password change and not a password set". | |||||
2010-08-17 | s4:DSDB - DSDB_CONTROL_PASSWORD_CHANGE_OID - add a structure as value to the ↵ | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
control This contains the NT and/or LM hash of the password specified by the user. | |||||
2010-08-17 | s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID" | Matthias Dieter Wallnöfer | 4 | -11/+10 | |
Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash. | |||||
2010-08-17 | s4:selftest: recreate $SELFTEST_PREFIX/s4client with each make test run | Stefan Metzmacher | 1 | -3/+3 | |
Otherwise just fill the disks of the build-farm hosts. metze | |||||
2010-08-17 | s4:selftest: run ldapi tests in 'dc:local' environment | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2010-08-17 | s4-tests: Added tests for acl checks on search requests | Nadezhda Ivanova | 1 | -0/+218 | |
2010-08-17 | s4-ldb: ensure element flags are zero in ldb search return | Andrew Tridgell | 1 | -0/+2 | |
the distinguishedName element was getting an uninitialised flags value | |||||
2010-08-17 | s4-ldbwrap: ensure session_info in ldb opaque remains valid | Andrew Tridgell | 1 | -0/+15 | |
A DRS DsBind handle can be re-used in a later connection. This implies reuse of the session_info for the connection. If the first connection is shutdown then the session_info in the sam context on the 2nd connection must remain valid. | |||||
2010-08-17 | s4-rpcserver: log unknown RPC calls at debug level 3 | Andrew Tridgell | 1 | -0/+6 | |
This was added as we are occasionally getting an encrypted unknown netlogon call, and I'm having trouble looking at it in wireshark | |||||
2010-08-17 | s4-netlogon: added SEC_CHAN_RODC | Andrew Tridgell | 1 | -0/+5 | |
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs | |||||
2010-08-17 | s4-net: use an encrypted ldap session when setting passwords | Andrew Tridgell | 1 | -0/+3 | |
this allows for "net setpassword -H ldap://server -Uusername%password USERNAME" to set a password remotely on a windows DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-dsdb: check the type of session_info from the opaque | Andrew Tridgell | 1 | -2/+2 | |
we saw a crash with a bad pointer here, and this may help track it down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-17 | s4-drs: allow getncchanges from RODC with WRIT_REP set | Andrew Tridgell | 1 | -2/+2 | |
w2k8r2 is setting this bit as a RODC. Instead of refusing the replication, we now remove the bit from req8, which means other places in the code that check this bit can stay the same Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> |