Age | Commit message (Collapse) | Author | Files | Lines |
|
partitions onto the target LDAP server.
Make the LDAP provision run before smbd starts, then stop the LDAP
server. This ensures this occurs synchronously, We then restart it
for the 'real run' (with slapd's stdin being the FIFO).
This required fixing a few things in the provision scripts, with more
containers being created via a add/modify pair.
Andrew Bartlett
(This used to be commit 860dfa4ea1ab2b62d4d4fe0644e0a9b882fdafa1)
|
|
(This used to be commit fed42cf5a359e8dcbabd82dba5b18058260ddc07)
|
|
'phantom_root' flag in the search_options control
- Add in support for LDB controls to the js layer
- Test the behaviour
- Implement support for the 'phantom_root' flag in the partitions module
- Make the LDAP server set the 'phantom_root' flag in the search_options control
- This replaces the global_catalog flag passed down as an opaque pointer
- Rework the string-format control parsing function into
ldb_parse_control_strings(), returning errors by ldb_errorstring()
method, rather than with printf to stderr
- Rework some of the ldb_control handling logic
Andrew Bartlett
(This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
|
|
jelmer: what should this test really test?
metze
(This used to be commit c8d903b606afb5dd11b8f1048a36943db02370e0)
|
|
We were returning just true/false and discarding error number and string.
This checking probably breaks swat, will fix it in next round as swat
is what made me look into this as I had no way to get back error messages
to show to the users.
Simo.
(This used to be commit 35886b4ae68be475b0fc8b2689ca04d766661261)
|
|
default is dump everything
metze
(This used to be commit 4ceb12f5d3c750273bb6ad58cefb1fd1b47643d4)
|
|
objects
- use ${SCHEMADN} instead of CN=Schema,CN=Configuration,${BASEDN}
- do not include autogenerated values: instanceType, cn and name in the ldif output
- take care of the systemOnly attribute and a resulting NO-USER-MODIFICATION
metze
(This used to be commit 30a0e8b26e4b49927d733ac05e6032350fe22e9f)
|
|
(This used to be commit 0b7a5b7284f7820e5b2f48f40e85830243189b58)
|
|
rafal
(This used to be commit a20b05183d274a3a780ae197dc7014428739cc7a)
|
|
rafal
(This used to be commit 3cdd43ebcedfa7d1d59bd33b3bfed4e80560ec82)
|
|
rafal
(This used to be commit 2586958881f9be513e155d1e8fb9a34a8ccba3b6)
|
|
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
(This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
|
|
- and add some 'netlogon' attriubte related tests
metze
(This used to be commit d643c3cc5cd4547dbb7cead768993a9abee4e2eb)
|
|
servers
metze
(This used to be commit 463ed4c0040f52ef2b06337e122aac325ec01026)
|
|
module. I forgot to commit this last night.
Andrew Bartlett
(This used to be commit 6c5f4af01fea1e3b38d18d5b1491cb22701317cf)
|
|
(This used to be commit d062e101664a90f2f7bf0980449f920aa719ee76)
|
|
(This used to be commit 5c0451842b50e914bcc86ea59b066e86af5cae06)
|
|
Jelmer, we need to fix pidl to be able to handle the double pointers
in the ejs generated code
(This used to be commit 63760acbb7ef6bc32e82ac843adf4f0155f0cb0a)
|
|
Andrew Bartlett
(This used to be commit 5ff3f10d4fbd47419797890f87df3a50b3bb31fa)
|
|
trim duplicate may attributes
(This used to be commit 4975659fd70abdbae42ee378b7be766102f4df55)
|
|
with a nasty hack in minschema.js that I really hate
(This used to be commit 74c40719f2965e2bc055e539f0933d95df070fbf)
|
|
This commit extends the samba3sam test suite, which contains tests for
the samba3sam and ldb_map modules, with a lot of tests for inbound,
i.e. add, modify, rename and delete requests.
The tests each add a single record, modify it, rename it, and then
delete it, at each step checking that the operations were successful
and that the right data went into the right partitions.
They are run for an unmapped record, a mapped record with data only in
the remote partition, a mapped record with remote data that is later
modified to include local data, and a mapped record with data in both
the local and remote partitions.
It also adds a function to the backend objects that makes construction
of DNs for their respective partitions more comfortable.
Cheers,
Martin
(This used to be commit 1ddd06f24d71c606241863cf4fe047833c64a6d2)
|
|
and update the schema with the latest additions
(This used to be commit 09a32726111200e421b6fcacf1586bfbe6024fa6)
|
|
this version returns also oMSyntax and oMObjectClass and also
use the right value for the objects CNs
add a nasty hack to ejs' mprLdbMessage() to handle binary blobs situations
(This used to be commit 8dd1c1c05bc592d76d6e34b303048faf05c0fa6e)
|
|
Andrew Bartlett
(This used to be commit 67c9cd508ed9b28b4d605b79f6de421071177fa7)
|
|
suite, which contains tests for the samba3sam and ldb_map modules,
with a lot of tests for search requests.
The tests add a small set of known records to the database, half of
them with only remote data, half of them split across the local and
remote backends, and test searching these records by DN, by attribute
and with a range of parse trees.
This suite should be extensive enough to ensure that behaviour of
search requests doesn't break.
(This used to be commit 120f7891faf241057457db7234ce381bfe3fd847)
|
|
(This used to be commit 25cde0f7300f37fec6c4a897ba0a80a3e5c26e15)
|
|
Andrew Bartlett
(This used to be commit c2c72565e4efef44068c4f176619942f60a9cf6e)
|
|
Andrew Bartlett
(This used to be commit 1a5ade30dcdf40da8d0a6d7395f1a2e93388fca3)
|
|
Andrew Bartlett
(This used to be commit c1349cfd8d7e150489b94ccb005bfdffe88e4697)
|
|
samba3sam test cases for ldb_map, and to include this into our default
'make test'.
(This used to be commit f69a842314b3d5c57c3fa1f5b1bae3ee6d42da2b)
|
|
Martin Kühl
<mkhl@samba.org>.
Martin took over the work done last year by Jelmer, in last year's
SoC. This was a substanital task, as the the ldb modules API changed
significantly during the past year, with the addition of async calls.
This changeset reimplements and enables the ldb_map ldb module and
adapts the example module and test case, both named samba3sam, to the
implementation.
The ldb_map module supports splitting an ldb database into two parts
(called the "local" and "remote" part) and storing the data in one of
them (the remote database) in a different format while the other acts
as a fallback.
This allows ldb to e.g. store to and load data from a remote LDAP
server and present it according to the Samba4 schema while still
allowing the LDAP to present and modify its data separately.
A complex example of this is the samba3sam module (by Jelmer
Vernooij), which maps data between the samba3 and samba4 schemas.
A simpler example is given by the entryUUID module (by Andrew
Bartlett), which handles some of the differences between AD and
OpenLDAP in operational attributes. It principally maps objectGUID,
to and from entryUUID elements. This is also an example of a module
that doesn't use the local backend as fallback storage.
This merge also splits the ldb_map.c file into smaller, more
manageable parts.
(This used to be commit af2bece4d343a9f787b2e3628848b266cec2b9f0)
|
|
Andrew Bartlett
(This used to be commit eadc24ed291dcdb456139a206c6c8acf92bab6da)
|
|
This confirms that records are replicated into the correct databases,
and that the case insensitive flags really work.
Andrew Bartlett
(This used to be commit ad463c1a5243019548bdbeea3070ec2e6cbcfcdf)
|
|
partitions.
Test that we do that correctly.
Andrew Bartlett
(This used to be commit 90c07b88010b848423dee9556a24e8d181c365dd)
|
|
global USN and global transactions.
Andrew Bartlett
(This used to be commit 5abe3c4f5f31e369548640801435613421f2edac)
|
|
Andrew Bartlett
(This used to be commit 2728b60dfa50ded03e06f0bd53eee55fce5143bd)
|
|
commented out until we fix some more things on our server.
Andrew Bartlett
(This used to be commit ac9d3cb5b004ef1f8e06537634f8f5c33b6c0965)
|
|
Andrew Bartlett
(This used to be commit 0201f0df3f3768f0d831c84c573b27bff58d00c6)
|
|
Unfortunetly this didn't find the wildcard bug, but at least it tests
something...
Andrew Bartlett
(This used to be commit f763970caf37a9191abd9c40f297c3f413fe9a56)
|
|
Andrew Bartlett
(This used to be commit 52b4e83a1c2cd47bf2f8b6d65419dae12631725a)
|
|
both fully qualified and in the 'short' form. Now we test and support
this query format.
Andrew Bartlett
(This used to be commit 9ddcfacbcedc5eea2730d4bf902c0fcd02bcfa11)
|
|
things.
With this fix, we now correctly detect computers again, and get the
correct objectCategory, which is important for the OSX AD plugin.
Andrew Bartlett
(This used to be commit 4e39d7bb245bc337ac496c7e39a510d1c5611c71)
|
|
Add a test to show that we need this, and to prove it works (for add
at least).
Andrew Bartlett
(This used to be commit f72079029abb594677bf8c2b63e40c07e910004f)
|
|
(This used to be commit 7ddec83a602372765711bff7207657b73922aaea)
|
|
This updates the module to handle both SID allocation and nextRid
updating while importing users. (As imported users already have a
SID, so don't go via the allocation step). We also ensure that SIDs
in the database are unquie at create time.
Furthermore, at allocation time, we double-check the SID isn't already
in use, and that we don't create a foriegnSecurityPrincipal for a
'local' sid.
Also create random samAccountName entries for users without one (we
were setting $000000-000000000000).
We may want to seperate the uniqueness code from the rest of samldb,
and into a module with the objectguid code, which needs similar
checks. These checks also need to apply to modification, or those
modifications denied outright.
Also update part of the testsuite to validate this.
Andrew Bartlett
(This used to be commit 7a9c8eee4bea88f5f0bb7c62f701476384b7dc84)
|
|
Doing this required reworking ejsnet, particularly so it could take a
set of credentials, not just a username and password argument.
This required fixing the ejsnet.js test script, which now adds and
deletes a user, and is run from 'make test'. This should prevent it
being broken again.
Deleting a user from ejsnet required that the matching backend be
added to libnet, hooking fortunetly onto already existing code for the
actual deletion.
The js credentials interface now handles the 'set machine account' flag.
New functions have been added to provision.js to wrap the basic
operations (so we can write a command line version, as well as the web
based version).
Andrew Bartlett
(This used to be commit a5e7c17c348c45e61699cc1626a0d5eae2df4636)
|
|
(This used to be commit f4f99f9af33699ac8fe43b09fa7542aab72a031a)
|
|
subcontexts look like.
rafal
(This used to be commit 5a338b04f37f6160f4aaf7d9758aa2d817516eb1)
|
|
mappings right for the attributeTypes field of the aggregate schema
now to add the display specifiers and I won't need the proxy module
any more
(This used to be commit 69264362bd408f493487482a8d5e9779d9a0d475)
|