From afa0d6b0b14e0ef2293bd8468ffc1d6330abdb5b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 3 Dec 2008 09:07:00 +0100 Subject: libwbclient: avoid usage talloc_init() in library code talloc_init() is a compat function for the old samba3 non-hierachical talloc implementation. It enables the talloc null tracking which should never be done by library code. metze --- source3/nsswitch/libwbclient/wbc_sid.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index ac929b1dd5..92de22e901 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -40,22 +40,18 @@ wbcErr wbcSidToString(const struct wbcDomainSid *sid, uint32_t id_auth; int i; char *tmp = NULL; - TALLOC_CTX *ctx = NULL; if (!sid) { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } - ctx = talloc_init("wbcSidToString"); - BAIL_ON_PTR_ERROR(ctx, wbc_status); - id_auth = sid->id_auth[5] + (sid->id_auth[4] << 8) + (sid->id_auth[3] << 16) + (sid->id_auth[2] << 24); - tmp = talloc_asprintf(ctx, "S-%d-%d", sid->sid_rev_num, id_auth); + tmp = talloc_asprintf(NULL, "S-%d-%d", sid->sid_rev_num, id_auth); BAIL_ON_PTR_ERROR(tmp, wbc_status); for (i=0; inum_auths; i++) { @@ -66,13 +62,13 @@ wbcErr wbcSidToString(const struct wbcDomainSid *sid, tmp = tmp2; } - *sid_string=talloc_strdup(NULL, tmp); - BAIL_ON_PTR_ERROR((*sid_string), wbc_status); + *sid_string = tmp; + tmp = NULL; wbc_status = WBC_ERR_SUCCESS; done: - talloc_free(ctx); + talloc_free(tmp); return wbc_status; } -- cgit From fcbf88115c217cfe5090f8d60ab7627681c648c8 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 3 Dec 2008 17:41:09 +0100 Subject: s4: add some useful link and the patch for the ntp_signd support metze --- source4/ntp_signd/README | 7 + source4/ntp_signd/ntp-dev-4.2.5p125.diff | 579 +++++++++++++++++++++++++++++++ 2 files changed, 586 insertions(+) create mode 100644 source4/ntp_signd/README create mode 100644 source4/ntp_signd/ntp-dev-4.2.5p125.diff diff --git a/source4/ntp_signd/README b/source4/ntp_signd/README new file mode 100644 index 0000000000..585459b7cb --- /dev/null +++ b/source4/ntp_signd/README @@ -0,0 +1,7 @@ +Here are some pointers to the needed ntp version. + +https://support.ntp.org/bugs/show_bug.cgi?id=1028 + +The patch against ntp-dev-4.2.5p125 +https://support.ntp.org/bugs/attachment.cgi?id=457 + diff --git a/source4/ntp_signd/ntp-dev-4.2.5p125.diff b/source4/ntp_signd/ntp-dev-4.2.5p125.diff new file mode 100644 index 0000000000..40669fb3cc --- /dev/null +++ b/source4/ntp_signd/ntp-dev-4.2.5p125.diff @@ -0,0 +1,579 @@ +Only in ntp-samba: autom4te.cache +Only in ntp-samba: config.h +Only in ntp-samba: config.log +Only in ntp-samba: config.status +Only in ntp-samba/ElectricFence: .deps +Only in ntp-samba/ElectricFence: Makefile +Only in ntp-samba: .gcc-warning +Only in ntp-samba/include/isc: Makefile +Only in ntp-samba/include: Makefile +diff -ur ntp-dev-4.2.5p125/include/ntp_config.h ntp-samba/include/ntp_config.h +--- ntp-dev-4.2.5p125/include/ntp_config.h 2008-07-17 07:20:58.000000000 +1000 ++++ ntp-samba/include/ntp_config.h 2008-08-28 21:59:06.000000000 +1000 +@@ -92,6 +92,7 @@ + int requested_key; + int revoke; + queue *trusted_key_list; ++ char *ntp_signd_socket; + }; + + struct filegen_node { +diff -ur ntp-dev-4.2.5p125/include/ntpd.h ntp-samba/include/ntpd.h +--- ntp-dev-4.2.5p125/include/ntpd.h 2008-05-18 21:11:28.000000000 +1000 ++++ ntp-samba/include/ntpd.h 2008-08-28 21:59:06.000000000 +1000 +@@ -259,6 +259,8 @@ + extern int config_priority; + #endif + ++extern char const *ntp_signd_socket; ++ + /* ntp_control.c */ + extern int num_ctl_traps; + extern keyid_t ctl_auth_keyid; /* keyid used for authenticating write requests */ +@@ -471,3 +473,15 @@ + extern struct refclock *refclock_conf[]; /* refclock configuration table */ + extern u_char num_refclock_conf; + #endif ++ ++/* ntp_signd.c */ ++#ifdef HAVE_NTP_SIGND ++extern void ++send_via_ntp_signd( ++ struct recvbuf *rbufp, /* receive packet pointer */ ++ int xmode, ++ keyid_t xkeyid, ++ int flags, ++ struct pkt *xpkt ++ ); ++#endif +diff -ur ntp-dev-4.2.5p125/include/ntp.h ntp-samba/include/ntp.h +--- ntp-dev-4.2.5p125/include/ntp.h 2008-08-10 22:37:56.000000000 +1000 ++++ ntp-samba/include/ntp.h 2008-08-28 21:59:06.000000000 +1000 +@@ -447,6 +447,7 @@ + #ifdef OPENSSL + #define FLAG_ASSOC 0x4000 /* autokey request */ + #endif /* OPENSSL */ ++#define FLAG_ADKEY 0x00010000 /* Authenticated (or wants reply to be authenticated) using AD authentication */ + + /* + * Definitions for the clear() routine. We use memset() to clear +Only in ntp-samba/include: ntp.h.orig +Only in ntp-samba: libtool +Only in ntp-samba: Makefile +diff -ur ntp-dev-4.2.5p125/ntpd/Makefile.am ntp-samba/ntpd/Makefile.am +--- ntp-dev-4.2.5p125/ntpd/Makefile.am 2008-05-18 21:11:29.000000000 +1000 ++++ ntp-samba/ntpd/Makefile.am 2008-08-28 21:59:06.000000000 +1000 +@@ -65,7 +65,7 @@ + ntp_crypto.c ntp_filegen.c \ + ntp_intres.c ntp_loopfilter.c ntp_monitor.c ntp_peer.c \ + ntp_proto.c ntp_refclock.c ntp_request.c \ +- ntp_restrict.c ntp_timer.c ntp_util.c \ ++ ntp_restrict.c ntp_timer.c ntp_util.c ntp_signd.c \ + ppsapi_timepps.h \ + refclock_acts.c refclock_arbiter.c refclock_arc.c refclock_as2201.c \ + refclock_atom.c refclock_bancomm.c refclock_chronolog.c \ +diff -ur ntp-dev-4.2.5p125/ntpd/ntp_config.c ntp-samba/ntpd/ntp_config.c +--- ntp-dev-4.2.5p125/ntpd/ntp_config.c 2008-08-10 22:37:54.000000000 +1000 ++++ ntp-samba/ntpd/ntp_config.c 2008-08-28 22:03:52.000000000 +1000 +@@ -148,6 +148,7 @@ + #endif + + const char *config_file; ++const char *ntp_signd_socket; + #ifdef HAVE_NETINFO + struct netinfo_config_state *config_netinfo = NULL; + int check_netinfo = 1; +@@ -276,6 +277,11 @@ + my_config.auth.crypto_cmd_list = NULL; + my_config.auth.keys = NULL; + my_config.auth.keysdir = NULL; ++#ifdef NTP_SIGND_PATH ++ my_config.auth.ntp_signd_socket = NTP_SIGND_PATH; ++#else ++ my_config.auth.ntp_signd_socket = NULL; ++#endif + my_config.auth.requested_key = 0; + my_config.auth.revoke = 0; + my_config.auth.trusted_key_list = NULL; +@@ -795,6 +801,7 @@ + { "crypto", T_Crypto, NO_ARG }, + { "keys", T_Keys, SINGLE_ARG }, + { "keysdir", T_Keysdir, SINGLE_ARG }, ++ { "ntpsigndsocket", T_NtpSignDsocket, SINGLE_ARG }, + { "requestkey", T_Requestkey, NO_ARG }, + { "revoke", T_Revoke, NO_ARG }, + { "trustedkey", T_Trustedkey, NO_ARG }, +@@ -1000,6 +1007,10 @@ + if (my_config.auth.keysdir) + keysdir = my_config.auth.keysdir; + ++ /* ntp_signd_socket Command */ ++ if (my_config.auth.ntp_signd_socket) ++ ntp_signd_socket = my_config.auth.ntp_signd_socket; ++ + #ifdef OPENSSL + if (cryptosw) { + crypto_setup(); +Only in ntp-samba/ntpd: ntp_config.c~ +Only in ntp-samba/ntpd: ntp_config.c.orig +diff -ur ntp-dev-4.2.5p125/ntpd/ntp_parser.y ntp-samba/ntpd/ntp_parser.y +--- ntp-dev-4.2.5p125/ntpd/ntp_parser.y 2008-07-17 07:21:06.000000000 +1000 ++++ ntp-samba/ntpd/ntp_parser.y 2008-08-28 21:59:06.000000000 +1000 +@@ -155,6 +155,7 @@ + %token T_Novolley + %token T_Ntp + %token T_Ntpport ++%token T_NtpSignDsocket + %token T_Orphan + %token T_Panic + %token T_Peer +@@ -432,6 +433,8 @@ + { my_config.auth.requested_key = $2; } + | T_Trustedkey integer_list + { my_config.auth.trusted_key_list = $2; } ++ | T_NtpSignDsocket T_String ++ { my_config.auth.ntp_signd_socket = $2; } + ; + + crypto_command_line +diff -ur ntp-dev-4.2.5p125/ntpd/ntp_proto.c ntp-samba/ntpd/ntp_proto.c +--- ntp-dev-4.2.5p125/ntpd/ntp_proto.c 2008-07-17 07:21:02.000000000 +1000 ++++ ntp-samba/ntpd/ntp_proto.c 2008-08-28 21:59:06.000000000 +1000 +@@ -128,7 +128,7 @@ + static void clock_combine (struct peer **, int); + static void peer_xmit (struct peer *); + static void fast_xmit (struct recvbuf *, int, keyid_t, +- char *); ++ char *, int); + static void clock_update (struct peer *); + static int default_get_precision (void); + static int peer_unfit (struct peer *); +@@ -311,6 +311,7 @@ + int authlen; /* offset of MAC field */ + int is_authentic = 0; /* cryptosum ok */ + int retcode = AM_NOMATCH; /* match code */ ++ int flags = 0; /* flags with details about the authentication */ + keyid_t skeyid = 0; /* key IDs */ + u_int32 opcode = 0; /* extension field opcode */ + struct sockaddr_storage *dstadr_sin; /* active runway */ +@@ -324,6 +325,8 @@ + keyid_t pkeyid = 0, tkeyid = 0; /* key IDs */ + #endif /* OPENSSL */ + ++ static unsigned char zero_key[16]; ++ + /* + * Monitor the packet and get restrictions. Note that the packet + * length for control and private mode packets must be checked +@@ -480,9 +483,9 @@ + return; /* rate exceeded */ + + if (hismode == MODE_CLIENT) +- fast_xmit(rbufp, MODE_SERVER, skeyid, "RATE"); ++ fast_xmit(rbufp, MODE_SERVER, skeyid, "RATE", 0); + else +- fast_xmit(rbufp, MODE_ACTIVE, skeyid, "RATE"); ++ fast_xmit(rbufp, MODE_ACTIVE, skeyid, "RATE", 0); + return; /* rate exceeded */ + } + +@@ -535,6 +538,7 @@ + * is zero, acceptable outcomes of y are NONE and OK. If x is + * one, the only acceptable outcome of y is OK. + */ ++ + if (has_mac == 0) { + is_authentic = AUTH_NONE; /* not required */ + #ifdef DEBUG +@@ -555,6 +559,25 @@ + stoa(&rbufp->recv_srcadr), hismode, skeyid, + authlen + has_mac, is_authentic); + #endif ++ ++ /* If the signature is 20 bytes long, the last 16 of ++ * which are zero, then this is a Microsoft client ++ * wanting AD-style authentication of the server's ++ * reply. ++ * ++ * This is described in Microsoft's WSPP docs, in MS-SNTP: ++ * http://msdn.microsoft.com/en-us/library/cc212930.aspx ++ */ ++ } else if (has_mac == MAX_MAC_LEN ++ && (retcode == AM_FXMIT || retcode == AM_NEWPASS) ++ && (memcmp(zero_key, (char *)pkt + authlen + 4, MAX_MAC_LEN - 4) == 0)) { ++ ++ /* Don't try to verify the zeros, just set a ++ * flag and otherwise pretend we never saw the signature */ ++ is_authentic = AUTH_NONE; ++ ++ flags = FLAG_ADKEY; ++ + } else { + #ifdef OPENSSL + /* +@@ -696,9 +719,9 @@ + if (AUTH(restrict_mask & RES_DONTTRUST, + is_authentic)) { + fast_xmit(rbufp, MODE_SERVER, skeyid, +- NULL); ++ NULL, flags); + } else if (is_authentic == AUTH_ERROR) { +- fast_xmit(rbufp, MODE_SERVER, 0, NULL); ++ fast_xmit(rbufp, MODE_SERVER, 0, NULL, 0); + sys_badauth++; + } else { + sys_restricted++; +@@ -733,7 +756,7 @@ + * crypto-NAK, as that would not be useful. + */ + if (AUTH(restrict_mask & RES_DONTTRUST, is_authentic)) +- fast_xmit(rbufp, MODE_SERVER, skeyid, NULL); ++ fast_xmit(rbufp, MODE_SERVER, skeyid, NULL, 0); + return; /* hooray */ + + /* +@@ -888,7 +911,7 @@ + is_authentic)) { + #ifdef OPENSSL + if (crypto_flags && skeyid > NTP_MAXKEY) +- fast_xmit(rbufp, MODE_ACTIVE, 0, NULL); ++ fast_xmit(rbufp, MODE_ACTIVE, 0, NULL, 0); + #endif /* OPENSSL */ + sys_restricted++; + return; /* access denied */ +@@ -904,7 +927,7 @@ + * This is for drat broken Windows clients. See + * Microsoft KB 875424 for preferred workaround. + */ +- fast_xmit(rbufp, MODE_PASSIVE, skeyid, NULL); ++ fast_xmit(rbufp, MODE_PASSIVE, skeyid, NULL, flags); + #else /* WINTIME */ + sys_restricted++; + #endif /* WINTIME */ +@@ -938,6 +961,7 @@ + } + break; + ++ + /* + * Process regular packet. Nothing special. + */ +@@ -1090,7 +1114,7 @@ + peer->flash |= TEST5; /* bad auth */ + peer->badauth++; + if (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE) +- fast_xmit(rbufp, MODE_ACTIVE, 0, NULL); ++ fast_xmit(rbufp, MODE_ACTIVE, 0, NULL, 0); + if (peer->flags & FLAG_PREEMPT) { + unpeer(peer); + return; +@@ -3159,7 +3183,8 @@ + struct recvbuf *rbufp, /* receive packet pointer */ + int xmode, /* receive mode */ + keyid_t xkeyid, /* transmit key ID */ +- char *mask /* kiss code */ ++ char *mask, /* kiss code */ ++ int flags /* Flags to indicate signing behaviour */ + ) + { + struct pkt xpkt; /* transmit packet structure */ +@@ -3220,6 +3245,19 @@ + HTONL_FP(&rbufp->recv_time, &xpkt.rec); + } + ++ if (flags & FLAG_ADKEY) { ++#ifdef HAVE_NTP_SIGND ++ get_systime(&xmt_tx); ++ if (mask == NULL) { ++ HTONL_FP(&xmt_tx, &xpkt.xmt); ++ } ++ send_via_ntp_signd(rbufp, xmode, xkeyid, flags, &xpkt); ++#endif ++ /* If we don't have the support, drop the packet on the floor. ++ An all zero sig is compleatly bogus anyway */ ++ return; ++ } ++ + /* + * If the received packet contains a MAC, the transmitted packet + * is authenticated and contains a MAC. If not, the transmitted +@@ -3252,7 +3290,7 @@ + * source-destination-key ID combination. + */ + #ifdef OPENSSL +- if (xkeyid > NTP_MAXKEY) { ++ if (!(flags & FLAG_ADKEY) && (xkeyid > NTP_MAXKEY)) { + keyid_t cookie; + + /* +@@ -3284,8 +3322,10 @@ + if (mask == NULL) { + HTONL_FP(&xmt_tx, &xpkt.xmt); + } ++ + authlen = authencrypt(xkeyid, (u_int32 *)&xpkt, sendlen); + sendlen += authlen; ++ + #ifdef OPENSSL + if (xkeyid > NTP_MAXKEY) + authtrust(xkeyid, 0); +Only in ntp-samba/ntpd: ntp_signd.c +Only in ntp-dev-4.2.5p125/ntpdc: nl.pl +Only in ntp-samba/scripts: calc_tickadj +Only in ntp-samba/scripts: checktime +Only in ntp-samba/scripts: freq_adj +Only in ntp-samba/scripts: html2man +Only in ntp-samba/scripts: Makefile +Only in ntp-samba/scripts: mkver +Only in ntp-samba/scripts: ntpsweep +Only in ntp-samba/scripts: ntptrace +Only in ntp-samba/scripts: ntpver +Only in ntp-samba/scripts: ntp-wait +Only in ntp-samba/scripts: plot_summary +Only in ntp-samba/scripts: summary +Only in ntp-samba: stamp-h1 +--- /dev/null 2008-08-25 07:28:22.036002925 +1000 ++++ ntp-samba/ntpd/ntp_signd.c 2008-08-28 21:59:06.000000000 +1000 +@@ -0,0 +1,242 @@ ++/* Copyright 2008, Red Hat, Inc. ++ Copyright 2008, Andrew Tridgell. ++ Licenced under the same terms as NTP itself. ++ */ ++#ifdef HAVE_CONFIG_H ++#include ++#endif ++ ++#ifdef HAVE_NTP_SIGND ++ ++#include "ntpd.h" ++#include "ntp_io.h" ++#include "ntp_stdlib.h" ++#include "ntp_unixtime.h" ++#include "ntp_control.h" ++#include "ntp_string.h" ++ ++#include ++#include ++#ifdef HAVE_LIBSCF_H ++#include ++#include ++#endif /* HAVE_LIBSCF_H */ ++ ++#include ++ ++/* socket routines by tridge - from junkcode.samba.org */ ++ ++/* ++ connect to a unix domain socket ++*/ ++static int ++ux_socket_connect(const char *name) ++{ ++ int fd; ++ struct sockaddr_un addr; ++ if (!name) { ++ return -1; ++ } ++ ++ memset(&addr, 0, sizeof(addr)); ++ addr.sun_family = AF_UNIX; ++ strncpy(addr.sun_path, name, sizeof(addr.sun_path)); ++ ++ fd = socket(AF_UNIX, SOCK_STREAM, 0); ++ if (fd == -1) { ++ return -1; ++ } ++ ++ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) { ++ close(fd); ++ return -1; ++ } ++ ++ return fd; ++} ++ ++ ++/* ++ keep writing until its all sent ++*/ ++static int ++write_all(int fd, const void *buf, size_t len) ++{ ++ size_t total = 0; ++ while (len) { ++ int n = write(fd, buf, len); ++ if (n <= 0) return total; ++ buf = n + (char *)buf; ++ len -= n; ++ total += n; ++ } ++ return total; ++} ++ ++/* ++ keep reading until its all read ++*/ ++static int ++read_all(int fd, void *buf, size_t len) ++{ ++ size_t total = 0; ++ while (len) { ++ int n = read(fd, buf, len); ++ if (n <= 0) return total; ++ buf = n + (char *)buf; ++ len -= n; ++ total += n; ++ } ++ return total; ++} ++ ++/* ++ send a packet in length prefix format ++*/ ++static int ++send_packet(int fd, const char *buf, uint32_t len) ++{ ++ uint32_t net_len = htonl(len); ++ if (write_all(fd, &net_len, sizeof(net_len)) != sizeof(net_len)) return -1; ++ if (write_all(fd, buf, len) != len) return -1; ++ return 0; ++} ++ ++/* ++ receive a packet in length prefix format ++*/ ++static int ++recv_packet(int fd, char **buf, uint32_t *len) ++{ ++ if (read_all(fd, len, sizeof(*len)) != sizeof(*len)) return -1; ++ *len = ntohl(*len); ++ (*buf) = malloc(*len); ++ if (!*buf) { ++ return -1; ++ } ++ if (read_all(fd, *buf, *len) != *len) { ++ free(*buf); ++ return -1; ++ } ++ return 0; ++} ++ ++void ++send_via_ntp_signd( ++ struct recvbuf *rbufp, /* receive packet pointer */ ++ int xmode, ++ keyid_t xkeyid, ++ int flags, ++ struct pkt *xpkt ++ ) ++{ ++ ++ /* We are here because it was detected that the client ++ * sent an all-zero signature, and we therefore know ++ * it's windows trying to talk to an AD server ++ * ++ * Because we don't want to dive into Samba's secrets ++ * database just to find the long-term kerberos key ++ * that is re-used as the NTP key, we instead hand the ++ * packet over to Samba to sign, and return to us. ++ * ++ * The signing method Samba will use is described by ++ * Microsoft in MS-SNTP, found here: ++ * http://msdn.microsoft.com/en-us/library/cc212930.aspx ++ */ ++ ++ int fd, sendlen; ++ struct samba_key_in { ++ uint32_t version; ++ uint32_t op; ++ uint32_t packet_id; ++ uint32_t key_id_le; ++ struct pkt pkt; ++ } samba_pkt; ++ ++ struct samba_key_out { ++ uint32_t version; ++ uint32_t op; ++ uint32_t packet_id; ++ struct pkt pkt; ++ } samba_reply; ++ ++ char full_socket[256]; ++ ++ char *reply = NULL; ++ uint32_t reply_len; ++ ++ memset(&samba_pkt, 0, sizeof(samba_pkt)); ++ samba_pkt.op = 0; /* Sign message */ ++ /* This will be echoed into the reply - a different ++ * impelementation might want multiple packets ++ * awaiting signing */ ++ ++ samba_pkt.packet_id = 1; ++ ++ /* Swap the byte order back - it's actually little ++ * endian on the wire, but it was read above as ++ * network byte order */ ++ samba_pkt.key_id_le = htonl(xkeyid); ++ samba_pkt.pkt = *xpkt; ++ ++ snprintf(full_socket, sizeof(full_socket), "%s/socket", ntp_signd_socket); ++ ++ fd = ux_socket_connect(full_socket); ++ /* Only continue with this if we can talk to Samba */ ++ if (fd != -1) { ++ /* Send old packet to Samba, expect response */ ++ /* Packet to Samba is quite simple: ++ All values BIG endian except key ID as noted ++ [packet size as BE] - 4 bytes ++ [protocol version (0)] - 4 bytes ++ [packet ID] - 4 bytes ++ [operation (sign message=0)] - 4 bytes ++ [key id] - LITTLE endian (as on wire) - 4 bytes ++ [message to sign] - as marshalled, without signature ++ */ ++ ++ if (send_packet(fd, (char *)&samba_pkt, offsetof(struct samba_key_in, pkt) + LEN_PKT_NOMAC) != 0) { ++ /* Huh? could not talk to Samba... */ ++ close(fd); ++ return; ++ } ++ ++ if (recv_packet(fd, &reply, &reply_len) != 0) { ++ if (reply) { ++ free(reply); ++ } ++ close(fd); ++ return; ++ } ++ /* Return packet is also simple: ++ [packet size] - network byte order - 4 bytes ++ [protocol version (0)] network byte order - - 4 bytes ++ [operation (signed success=3, failure=4)] network byte order - - 4 byte ++ (optional) [signed message] - as provided before, with signature appended ++ */ ++ ++ if (reply_len <= sizeof(samba_reply)) { ++ memcpy(&samba_reply, reply, reply_len); ++ if (ntohl(samba_reply.op) == 3 && reply_len > offsetof(struct samba_key_out, pkt)) { ++ sendlen = reply_len - offsetof(struct samba_key_out, pkt); ++ xpkt = &samba_reply.pkt; ++ sendpkt(&rbufp->recv_srcadr, rbufp->dstadr, 0, xpkt, sendlen); ++#ifdef DEBUG ++ if (debug) ++ printf( ++ "transmit ntp_signd packet: at %ld %s->%s mode %d keyid %08x len %d\n", ++ current_time, ntoa(&rbufp->dstadr->sin), ++ ntoa(&rbufp->recv_srcadr), xmode, xkeyid, sendlen); ++#endif ++ } ++ } ++ ++ if (reply) { ++ free(reply); ++ } ++ close(fd); ++ ++ } ++} ++#endif -- cgit From 1eb743ab8e8b1141f99fabd3e4a46895c6dcc17e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 2 Dec 2008 23:29:57 -0800 Subject: s3: Change sockaddr util function names for consistency Also eliminates name conflicts with OneFS system libraries --- lib/util/util_net.c | 2 +- source3/client/client.c | 2 +- source3/include/proto.h | 4 ++-- source3/lib/interface.c | 12 ++++++------ source3/lib/util_sock.c | 10 +++++----- source3/libads/kerberos.c | 6 +++--- source3/libsmb/cliconnect.c | 2 +- source3/libsmb/clidfs.c | 4 ++-- source3/libsmb/libsmb_server.c | 6 +++--- source3/libsmb/namequery.c | 10 +++++----- source3/libsmb/namequery_dc.c | 4 ++-- source3/rpcclient/rpcclient.c | 2 +- source3/torture/locktest.c | 4 ++-- source3/torture/masktest.c | 4 ++-- source3/torture/torture.c | 2 +- source3/utils/net.c | 2 +- source3/utils/smbcacls.c | 2 +- source3/utils/smbcquotas.c | 2 +- source3/utils/smbfilter.c | 2 +- source3/winbindd/winbindd_cm.c | 2 +- 20 files changed, 42 insertions(+), 42 deletions(-) diff --git a/lib/util/util_net.c b/lib/util/util_net.c index 228393a2bb..d1dadc2494 100644 --- a/lib/util/util_net.c +++ b/lib/util/util_net.c @@ -360,7 +360,7 @@ bool same_net(const struct sockaddr *ip1, * Are two sockaddr 's the same family and address ? Ignore port etc. */ -bool addr_equal(const struct sockaddr *ip1, +bool sockaddr_equal(const struct sockaddr *ip1, const struct sockaddr *ip2) { if (ip1->sa_family != ip2->sa_family) { diff --git a/source3/client/client.c b/source3/client/client.c index 39f8f90bba..da789161c9 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4623,7 +4623,7 @@ static int do_message_op(void) snprintf(name_type_hex, sizeof(name_type_hex), "#%X", name_type); fstrcat(server_name, name_type_hex); - zero_addr(&ss); + zero_sockaddr(&ss); if (have_ip) ss = dest_ss; diff --git a/source3/include/proto.h b/source3/include/proto.h index f2bbb07f92..d9430e2909 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1396,13 +1396,13 @@ bool is_loopback_ip_v4(struct in_addr ip); bool is_loopback_addr(const struct sockaddr *pss); bool is_zero_addr(const struct sockaddr *pss); void zero_ip_v4(struct in_addr *ip); -void zero_addr(struct sockaddr_storage *pss); +void zero_sockaddr(struct sockaddr_storage *pss); void in_addr_to_sockaddr_storage(struct sockaddr_storage *ss, struct in_addr ip); bool same_net(const struct sockaddr *ip1, const struct sockaddr *ip2, const struct sockaddr *mask); -bool addr_equal(const struct sockaddr *ip1, +bool sockaddr_equal(const struct sockaddr *ip1, const struct sockaddr *ip2); bool is_address_any(const struct sockaddr *psa); uint16_t get_sockaddr_port(const struct sockaddr_storage *pss); diff --git a/source3/lib/interface.c b/source3/lib/interface.c index f533ec92c7..48fa4d32a9 100644 --- a/source3/lib/interface.c +++ b/source3/lib/interface.c @@ -33,7 +33,7 @@ bool ismyaddr(const struct sockaddr *ip) { struct interface *i; for (i=local_interfaces;i;i=i->next) { - if (addr_equal((struct sockaddr *)&i->ip,ip)) { + if (sockaddr_equal((struct sockaddr *)&i->ip,ip)) { return true; } } @@ -65,7 +65,7 @@ static struct interface *iface_find(const struct sockaddr *ip, if (same_net(ip, (struct sockaddr *)&i->ip, (struct sockaddr *)&i->netmask)) { return i; } - } else if (addr_equal((struct sockaddr *)&i->ip, ip)) { + } else if (sockaddr_equal((struct sockaddr *)&i->ip, ip)) { return i; } } @@ -93,7 +93,7 @@ void setup_linklocal_scope_id(struct sockaddr *pss) { struct interface *i; for (i=local_interfaces;i;i=i->next) { - if (addr_equal((struct sockaddr *)&i->ip,pss)) { + if (sockaddr_equal((struct sockaddr *)&i->ip,pss)) { struct sockaddr_in6 *psa6 = (struct sockaddr_in6 *)pss; psa6->sin6_scope_id = if_nametoindex(i->name); @@ -388,7 +388,7 @@ static void interpret_interface(char *token) } for (i=0;iai_addr) { continue; } - if (addr_equal((const struct sockaddr *)res->ai_addr, + if (sockaddr_equal((const struct sockaddr *)res->ai_addr, (struct sockaddr *)pss)) { freeaddrinfo(ailist); return true; @@ -1367,7 +1367,7 @@ const char *get_peer_name(int fd, bool force_lookup) p = get_peer_addr_internal(fd, addr_buf, sizeof(addr_buf), (struct sockaddr *)&ss, &length); /* it might be the same as the last one - save some DNS work */ - if (addr_equal((struct sockaddr *)&ss, (struct sockaddr *)&nc.ss)) { + if (sockaddr_equal((struct sockaddr *)&ss, (struct sockaddr *)&nc.ss)) { return nc.name ? nc.name : "UNKNOWN"; } @@ -1687,7 +1687,7 @@ bool is_myname_or_ipaddr(const char *s) } n = get_interfaces(nics, MAX_INTERFACES); for (i=0; ildap.ss; #else - zero_addr(dc_ss); + zero_sockaddr(dc_ss); #endif ads_destroy(&ads); @@ -217,7 +217,7 @@ bool get_dc_name(const char *domain, bool ret; bool our_domain = False; - zero_addr(&dc_ss); + zero_sockaddr(&dc_ss); ret = False; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 61d8d7c485..e8ffddb6dc 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -776,7 +776,7 @@ out_free: load_case_tables(); - zero_addr(&server_ss); + zero_sockaddr(&server_ss); setlinebuf(stdout); diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c index b58cb3deec..247c9abcc1 100644 --- a/source3/torture/locktest.c +++ b/source3/torture/locktest.c @@ -176,7 +176,7 @@ static struct cli_state *connect_one(char *share, int snum) server_n = server; - zero_addr(&ss); + zero_sockaddr(&ss); slprintf(myname,sizeof(myname), "lock-%lu-%u", (unsigned long)getpid(), count++); @@ -184,7 +184,7 @@ static struct cli_state *connect_one(char *share, int snum) make_nmb_name(&called , server, 0x20); again: - zero_addr(&ss); + zero_sockaddr(&ss); /* have to open a new connection */ if (!(c=cli_initialise())) { diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index c5612fefaa..8fea15877f 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -178,13 +178,13 @@ static struct cli_state *connect_one(char *share) server_n = server; - zero_addr(&ss); + zero_sockaddr(&ss); make_nmb_name(&calling, "masktest", 0x0); make_nmb_name(&called , server, 0x20); again: - zero_addr(&ss); + zero_sockaddr(&ss); /* have to open a new connection */ if (!(c=cli_initialise())) { diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 603426b67c..382b3b65eb 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -158,7 +158,7 @@ static struct cli_state *open_nbt_connection(void) make_nmb_name(&calling, myname, 0x0); make_nmb_name(&called , host, 0x20); - zero_addr(&ss); + zero_sockaddr(&ss); if (!(c = cli_initialise())) { printf("Failed initialize cli_struct to connect with %s\n", host); diff --git a/source3/utils/net.c b/source3/utils/net.c index bab2f41d11..f1a5be1876 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -662,7 +662,7 @@ static struct functable net_func[] = { }; - zero_addr(&c->opt_dest_ip); + zero_sockaddr(&c->opt_dest_ip); load_case_tables(); diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 10b55014c2..1bfc4757da 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -956,7 +956,7 @@ static struct cli_state *connect_one(const char *server, const char *share) NTSTATUS nt_status; uint32_t flags = 0; - zero_addr(&ss); + zero_sockaddr(&ss); if (get_cmdline_auth_info_use_kerberos()) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index b769c2bce0..8938cc5e65 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -371,7 +371,7 @@ static struct cli_state *connect_one(const char *share) NTSTATUS nt_status; uint32_t flags = 0; - zero_addr(&ss); + zero_sockaddr(&ss); if (get_cmdline_auth_info_use_machine_account() && !set_cmdline_auth_info_machine_account_creds()) { diff --git a/source3/utils/smbfilter.c b/source3/utils/smbfilter.c index d274e09299..1e22a40201 100644 --- a/source3/utils/smbfilter.c +++ b/source3/utils/smbfilter.c @@ -212,7 +212,7 @@ static void start_filter(char *desthost) /* start listening on port 445 locally */ - zero_addr(&my_ss); + zero_sockaddr(&my_ss); s = open_socket_in(SOCK_STREAM, 445, 0, &my_ss, True); if (s == -1) { diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 3c69859731..5f592fc6b7 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1038,7 +1038,7 @@ static bool add_one_dc_unique(TALLOC_CTX *mem_ctx, const char *domain_name, /* Make sure there's no duplicates in the list */ for (i=0; i<*num; i++) - if (addr_equal((struct sockaddr *)&(*dcs)[i].ss, (struct sockaddr *)pss)) + if (sockaddr_equal((struct sockaddr *)&(*dcs)[i].ss, (struct sockaddr *)pss)) return False; *dcs = TALLOC_REALLOC_ARRAY(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); -- cgit From f38d7f20a865b1ff5f7b039dd284d91b2ba7ec26 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 20 Oct 2008 17:43:45 -0700 Subject: s3: Add SMB_VFS_CREATE_FILE to the vfs layer Modify all callers of create_file to go through SMB_VFS_CREATE_FILE --- source3/include/proto.h | 34 ++++++------- source3/include/vfs.h | 21 ++++++++ source3/include/vfs_macros.h | 3 ++ source3/modules/vfs_default.c | 27 +++++++++++ source3/rpc_server/srv_srvsvc_nt.c | 4 +- source3/smbd/nttrans.c | 42 +++++++++++++--- source3/smbd/open.c | 34 ++++++------- source3/smbd/reply.c | 99 ++++++++++++++++++++------------------ source3/smbd/trans2.c | 33 +++++++------ 9 files changed, 189 insertions(+), 108 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index d9430e2909..05ef17b51c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8150,23 +8150,23 @@ NTSTATUS create_file_unixpath(connection_struct *conn, files_struct **result, int *pinfo, SMB_STRUCT_STAT *psbuf); -NTSTATUS create_file(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); /* The following definitions come from smbd/oplock.c */ diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 4cedb4a9c6..03b4b8e706 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -110,6 +110,7 @@ open handle. JRA. */ /* Changed to version 24 - make security descriptor const in fset_nt_acl. JRA. */ /* Changed to version 25 - Jelmer's change from SMB_BIG_UINT to uint64_t. */ +/* Leave at 25 - not yet released. Add create_file call. -- tprouty. */ #define SMB_VFS_INTERFACE_VERSION 25 @@ -134,6 +135,8 @@ struct connection_struct; struct files_struct; struct security_descriptor; struct vfs_statvfs_struct; +struct smb_request; +struct ea_list; /* Available VFS operations. These values must be in sync with vfs_ops struct @@ -170,6 +173,7 @@ typedef enum _vfs_op_type { /* File operations */ SMB_VFS_OP_OPEN, + SMB_VFS_OP_CREATE_FILE, SMB_VFS_OP_CLOSE, SMB_VFS_OP_READ, SMB_VFS_OP_PREAD, @@ -305,6 +309,22 @@ struct vfs_ops { /* File operations */ int (*open)(struct vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode); + NTSTATUS (*create_file)(struct vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); int (*close_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp); ssize_t (*vfs_read)(struct vfs_handle_struct *handle, struct files_struct *fsp, void *data, size_t n); ssize_t (*pread)(struct vfs_handle_struct *handle, struct files_struct *fsp, void *data, size_t n, SMB_OFF_T offset); @@ -452,6 +472,7 @@ struct vfs_ops { /* File operations */ struct vfs_handle_struct *open; + struct vfs_handle_struct *create_file; struct vfs_handle_struct *close_hnd; struct vfs_handle_struct *vfs_read; struct vfs_handle_struct *pread; diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 8fbc21b12d..5c57e92899 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,6 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -173,6 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -299,6 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index d972828ba9..bca06dfaf7 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -208,6 +208,31 @@ static int vfswrap_open(vfs_handle_struct *handle, const char *fname, return result; } +static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + return create_file_default(handle->conn, req, root_dir_fid, fname, + access_mask, share_access, + create_disposition, create_options, + file_attributes, oplock_request, + allocation_size, sd, ea_list, result, pinfo, + psbuf); +} + static int vfswrap_close(vfs_handle_struct *handle, files_struct *fsp) { int result; @@ -1359,6 +1384,8 @@ static vfs_op_tuple vfs_default_ops[] = { {SMB_VFS_OP(vfswrap_open), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(vfswrap_create_file), SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_close), SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_read), SMB_VFS_OP_READ, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index bf3669022d..b1a31f1761 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2048,7 +2048,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, goto error_exit; } - nt_status = create_file( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ @@ -2162,7 +2162,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, goto error_exit; } - nt_status = create_file( + nt_status = SMB_VFS_CREATE_FILE( conn, /* conn */ NULL, /* req */ 0, /* root_dir_fid */ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 777073e6ba..f2c6eaccca 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -474,10 +474,23 @@ void reply_ntcreate_and_X(struct smb_request *req) ? BATCH_OPLOCK : 0; } - status = create_file(conn, req, root_dir_fid, fname, - access_mask, share_access, create_disposition, - create_options, file_attributes, oplock_request, - allocation_size, NULL, NULL, &fsp, &info, &sbuf); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { @@ -932,10 +945,23 @@ static void call_nt_transact_create(connection_struct *conn, ? BATCH_OPLOCK : 0; } - status = create_file(conn, req, root_dir_fid, fname, - access_mask, share_access, create_disposition, - create_options, file_attributes, oplock_request, - allocation_size, sd, ea_list, &fsp, &info, &sbuf); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if(!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { diff --git a/source3/smbd/open.c b/source3/smbd/open.c index f98415ee33..924b6c5905 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3082,23 +3082,23 @@ NTSTATUS create_file_unixpath(connection_struct *conn, return status; } -NTSTATUS create_file(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { struct case_semantics_state *case_state = NULL; SMB_STRUCT_STAT sbuf; diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 11c713ab4a..dfd4b47608 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1630,22 +1630,23 @@ void reply_open(struct smb_request *req) return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - dos_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - &info, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + dos_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { @@ -1774,22 +1775,23 @@ void reply_open_and_X(struct smb_request *req) return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - smb_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - &smb_action, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + smb_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &smb_action, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); @@ -1972,22 +1974,23 @@ void reply_mknew(struct smb_request *req) create_disposition = FILE_OVERWRITE_IF; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - fattr, /* file_attributes */ - oplock_request, /* oplock_request */ - 0, /* allocation_size */ - NULL, /* sd */ - NULL, /* ea_list */ - &fsp, /* result */ - NULL, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + fattr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 7b051d389f..4669e883fd 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1006,22 +1006,23 @@ static void call_trans2open(connection_struct *conn, return; } - status = create_file(conn, /* conn */ - req, /* req */ - 0, /* root_dir_fid */ - fname, /* fname */ - access_mask, /* access_mask */ - share_mode, /* share_access */ - create_disposition, /* create_disposition*/ - create_options, /* create_options */ - open_attr, /* file_attributes */ - oplock_request, /* oplock_request */ - open_size, /* allocation_size */ - NULL, /* sd */ - ea_list, /* ea_list */ - &fsp, /* result */ - &smb_action, /* pinfo */ - &sbuf); /* psbuf */ + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + open_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + open_size, /* allocation_size */ + NULL, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &smb_action, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { -- cgit From f995a7af2a06ccff29f23f1b099e0a84bc948f6e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 17:55:28 -0800 Subject: s3: Add new "is_dos_path" argument to SMB_VFS_CREATE_FILE Now unix paths can be differentiated from windows paths so the underlying create_file implementations can convert paths correctly. --- source3/include/proto.h | 1 + source3/include/vfs.h | 1 + source3/include/vfs_macros.h | 6 +++--- source3/modules/vfs_default.c | 3 ++- source3/rpc_server/srv_srvsvc_nt.c | 2 ++ source3/smbd/nttrans.c | 2 ++ source3/smbd/open.c | 7 ++++--- source3/smbd/reply.c | 3 +++ source3/smbd/trans2.c | 1 + 9 files changed, 19 insertions(+), 7 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 05ef17b51c..258139b877 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8154,6 +8154,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 03b4b8e706..5f6851a7bc 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -313,6 +313,7 @@ struct vfs_ops { struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 5c57e92899..97107f3f60 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,7 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -174,7 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -301,7 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index bca06dfaf7..fde899d1af 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -212,6 +212,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -226,7 +227,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, SMB_STRUCT_STAT *psbuf) { return create_file_default(handle->conn, req, root_dir_fid, fname, - access_mask, share_access, + is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index b1a31f1761..0febfbca06 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2053,6 +2053,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ + true, /* is_dos_path */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2167,6 +2168,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ + true, /* is_dos_path */ FILE_WRITE_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index f2c6eaccca..b66aba5aac 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -479,6 +479,7 @@ void reply_ntcreate_and_X(struct smb_request *req) req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -950,6 +951,7 @@ static void call_nt_transact_create(connection_struct *conn, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 924b6c5905..d8f5548883 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3086,6 +3086,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, + bool is_dos_path, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -3111,7 +3112,7 @@ NTSTATUS create_file_default(connection_struct *conn, "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " - "fname = %s\n", + "is_dos_path = %s, fname = %s\n", (unsigned int)access_mask, (unsigned int)file_attributes, (unsigned int)share_access, @@ -3119,7 +3120,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)create_options, (unsigned int)oplock_request, (unsigned int)root_dir_fid, - ea_list, sd, fname)); + ea_list, sd, fname, is_dos_path ? "true" : "false")); /* * Get the file name. @@ -3275,7 +3276,7 @@ NTSTATUS create_file_default(connection_struct *conn, file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } - { + if (is_dos_path) { char *converted_fname; SET_STAT_INVALID(sbuf); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dfd4b47608..80292636a6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1635,6 +1635,7 @@ void reply_open(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1780,6 +1781,7 @@ void reply_open_and_X(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1979,6 +1981,7 @@ void reply_mknew(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 4669e883fd..9ba6d198c4 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1011,6 +1011,7 @@ static void call_trans2open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ + true, /* is_dos_path */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ -- cgit From 61b4597e3c9016b3fdd540857abf3b72963ad4b2 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sun, 23 Nov 2008 14:37:37 -0800 Subject: s3: Add SMB_VFS_CREATE_FILE to vfs_full_audit module --- source3/modules/vfs_full_audit.c | 64 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 6342c4a14e..fd97a4ccff 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -109,6 +109,23 @@ static int smb_full_audit_closedir(vfs_handle_struct *handle, SMB_STRUCT_DIR *dirp); static int smb_full_audit_open(vfs_handle_struct *handle, const char *fname, files_struct *fsp, int flags, mode_t mode); +static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + bool is_dos_path, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp); static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp, void *data, size_t n); @@ -353,6 +370,8 @@ static vfs_op_tuple audit_op_tuples[] = { {SMB_VFS_OP(smb_full_audit_open), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_full_audit_create_file),SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_close), SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_read), SMB_VFS_OP_READ, @@ -1087,6 +1106,51 @@ static int smb_full_audit_open(vfs_handle_struct *handle, return result; } +static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + bool is_dos_path, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result_fsp, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + NTSTATUS result; + + result = SMB_VFS_NEXT_CREATE_FILE( + handle, /* handle */ + req, /* req */ + root_dir_fid, /* root_dir_fid */ + fname, /* fname */ + is_dos_path, /* is_dos_path */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + result_fsp, /* result */ + pinfo, /* pinfo */ + psbuf); /* psbuf */ + + do_log(SMB_VFS_OP_CREATE_FILE, (NT_STATUS_IS_OK(result)), handle, "0x%x|%s", + access_mask, fname); + + return result; +} + static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp) { int result; -- cgit From 2caa4fe08e157a01012b425a68cc25c381d5f354 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 18:03:27 -0800 Subject: s3: Modify direct callers of create_file_unix_path to call SMB_VFS_CREATE_FILE --- source3/include/proto.h | 16 -------------- source3/smbd/open.c | 58 +++++++++++++++++++++++++++++++++++-------------- source3/smbd/reply.c | 6 +++-- 3 files changed, 46 insertions(+), 34 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 258139b877..c32234a1d8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8134,22 +8134,6 @@ void msg_file_was_renamed(struct messaging_context *msg, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); -NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d8f5548883..989024f553 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -29,6 +29,23 @@ struct deferred_open_record { struct file_id id; }; +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + /**************************************************************************** SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES. ****************************************************************************/ @@ -2708,22 +2725,22 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, * Wrapper around open_file_ntcreate and open_directory */ -NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; @@ -3287,6 +3304,15 @@ NTSTATUS create_file_default(connection_struct *conn, goto fail; } fname = converted_fname; + } else { + if (psbuf != NULL) { + sbuf = *psbuf; + } else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + } TALLOC_FREE(case_state); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 80292636a6..2465e73a18 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2315,10 +2315,12 @@ static NTSTATUS do_unlink(connection_struct *conn, /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ - status = create_file_unixpath + status = SMB_VFS_CREATE_FILE (conn, /* conn */ req, /* req */ + 0, /* root_dir_fid */ fname, /* fname */ + false, /* is_dos_path */ DELETE_ACCESS, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2333,7 +2335,7 @@ static NTSTATUS do_unlink(connection_struct *conn, &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath failed: %s\n", + DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n", nt_errstr(status))); return status; } -- cgit From 08ce0604757315367f26a2c0869d59dd229c3ffe Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Thu, 20 Nov 2008 18:55:24 -0800 Subject: s3: Modify direct callers of open_file_ntcreate and open_directory to call SMB_VFS_CREATE_FILE --- source3/printing/nt_printing.c | 78 +++++++++++++------- source3/smbd/nttrans.c | 54 +++++++++----- source3/smbd/open.c | 26 ++++--- source3/smbd/posix_acls.c | 29 +++++--- source3/smbd/reply.c | 151 ++++++++++++++++++++++++++------------ source3/smbd/trans2.c | 159 +++++++++++++++++++++++++---------------- 6 files changed, 330 insertions(+), 167 deletions(-) diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 244b3aee03..0c54c6452a 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1344,14 +1344,24 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr goto error_exit; } - status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + filepath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &stat_buf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* Old file not found, so by definition new file is in fact newer */ @@ -1385,14 +1395,24 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr goto error_exit; } - status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + filepath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &stat_buf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* New file not found, this shouldn't occur if the caller did its job */ @@ -1528,14 +1548,24 @@ static uint32 get_correct_cversion(struct pipes_struct *p, goto error_exit; } - status = open_file_ntcreate(conn, NULL, driverpath, &st, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + driverpath, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &st); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("get_correct_cversion: Can't open file [%s], errno = %d\n", diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index b66aba5aac..a7b2cb6c31 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1186,27 +1186,49 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, DEBUG(10,("copy_internals: doing file copy %s to %s\n", oldname, newname)); - status = open_file_ntcreate(conn, req, oldname, &sbuf1, - FILE_READ_DATA, /* Read-only. */ - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, /* No create options. */ - FILE_ATTRIBUTE_NORMAL, - NO_OPLOCK, - &info, &fsp1); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + oldname, /* fname */ + false, /* is_dos_path */ + FILE_READ_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp1, /* result */ + &info, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; } - status = open_file_ntcreate(conn, req, newname, &sbuf2, - FILE_WRITE_DATA, /* Read-only. */ - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_CREATE, - 0, /* No create options. */ - fattr, - NO_OPLOCK, - &info, &fsp2); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + newname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_CREATE, /* create_disposition*/ + 0, /* create_options */ + fattr, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp2, /* result */ + &info, /* pinfo */ + &sbuf2); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { close_file(NULL, fsp1, ERROR_CLOSE); diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 989024f553..62d4827bb2 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2493,14 +2493,24 @@ NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, cons SET_STAT_INVALID(sbuf); - status = open_directory(conn, req, directory, &sbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_CREATE, - 0, - FILE_ATTRIBUTE_DIRECTORY, - NULL, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + directory, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_CREATE, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (NT_STATUS_IS_OK(status)) { close_file(req, fsp, NORMAL_CLOSE); diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 97fd3b2bbe..78a5d548c2 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3248,17 +3248,24 @@ NTSTATUS append_parent_acl(files_struct *fsp, return NT_STATUS_NO_MEMORY; } - status = open_directory(fsp->conn, - NULL, - parent_name, - &sbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_OPEN, - 0, - INTERNAL_OPEN_ONLY, - &info, - &parent_fsp); + status = SMB_VFS_CREATE_FILE( + fsp->conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + parent_name, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + 0, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &parent_fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2465e73a18..728753bc3b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2123,14 +2123,24 @@ void reply_ctemp(struct smb_request *req) SMB_VFS_STAT(conn,fname,&sbuf); /* We should fail if file does not exist. */ - status = open_file_ntcreate(conn, req, fname, &sbuf, - FILE_GENERIC_READ | FILE_GENERIC_WRITE, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - fattr, - oplock_request, - NULL, &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + fattr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ /* close fd from smb_mkstemp() */ close(tmpfd); @@ -5631,6 +5641,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, struct smb_Dir *dir_hnd = NULL; const char *dname; long offset = 0; + int create_options = 0; ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); @@ -5744,17 +5755,29 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, directory, &sbuf1); - status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, req, directory, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, NULL, - &fsp) - : open_file_ntcreate(conn, req, directory, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, 0, NULL, - &fsp); + if (S_ISDIR(sbuf1.st_mode)) { + create_options |= FILE_DIRECTORY_FILE; + } + + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + directory, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | /* share_access */ + FILE_SHARE_WRITE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("Could not open rename source %s: %s\n", @@ -5848,20 +5871,34 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, fname, &sbuf1); - status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, req, fname, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, NULL, - &fsp) - : open_file_ntcreate(conn, req, fname, &sbuf1, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, 0, 0, 0, NULL, - &fsp); + create_options = 0; + + if (S_ISDIR(sbuf1.st_mode)) { + create_options |= FILE_DIRECTORY_FILE; + } + + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | /* share_access */ + FILE_SHARE_WRITE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf1); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: open_file_ntcreate " + DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE " "returned %s rename %s -> %s\n", nt_errstr(status), directory, newname)); break; @@ -6052,14 +6089,24 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, } } - status = open_file_ntcreate(conn, NULL, src, &src_sbuf, - FILE_GENERIC_READ, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - INTERNAL_OPEN_ONLY, - NULL, &fsp1); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + src, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_READ, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp1, /* result */ + NULL, /* pinfo */ + &src_sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(dest); @@ -6071,14 +6118,24 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, ZERO_STRUCTP(&sbuf2); } - status = open_file_ntcreate(conn, NULL, dest, &sbuf2, - FILE_GENERIC_WRITE, - FILE_SHARE_READ|FILE_SHARE_WRITE, - new_create_disposition, - 0, - dosattrs, - INTERNAL_OPEN_ONLY, - NULL, &fsp2); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + dest, /* fname */ + false, /* is_dos_path */ + FILE_GENERIC_WRITE, /* access_mask */ + FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ + new_create_disposition, /* create_disposition*/ + 0, /* create_options */ + dosattrs, /* file_attributes */ + INTERNAL_OPEN_ONLY, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp2, /* result */ + NULL, /* pinfo */ + &sbuf2); /* psbuf */ TALLOC_FREE(dest); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 9ba6d198c4..b9a04e9b4f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5059,15 +5059,26 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, return NT_STATUS_OK; } - status = open_file_ntcreate(conn, req, fname, psbuf, - FILE_WRITE_ATTRIBUTES, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - FORCE_OPLOCK_BREAK_TO_NONE, - NULL, &new_fsp); - + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_ATTRIBUTES, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + FORCE_OPLOCK_BREAK_TO_NONE, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &new_fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { /* NB. We check for open_was_deferred in the caller. */ return status; @@ -5828,14 +5839,25 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, /* Pathname or stat or directory file. */ - status = open_file_ntcreate(conn, req, fname, psbuf, - FILE_WRITE_DATA, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - FORCE_OPLOCK_BREAK_TO_NONE, - NULL, &new_fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + FORCE_OPLOCK_BREAK_TO_NONE, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &new_fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { /* NB. We check for open_was_deferred in the caller. */ @@ -6259,16 +6281,24 @@ static NTSTATUS smb_posix_mkdir(connection_struct *conn, DEBUG(10,("smb_posix_mkdir: file %s, mode 0%o\n", fname, (unsigned int)unixmode )); - status = open_directory(conn, req, - fname, - psbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_CREATE, - 0, - mod_unixmode, - &info, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_READ_ATTRIBUTES, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_CREATE, /* create_disposition*/ + FILE_DIRECTORY_FILE, /* create_options */ + mod_unixmode, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ if (NT_STATUS_IS_OK(status)) { close_file(req, fsp, NORMAL_CLOSE); @@ -6425,17 +6455,25 @@ static NTSTATUS smb_posix_open(connection_struct *conn, (unsigned int)wire_open_mode, (unsigned int)unixmode )); - status = open_file_ntcreate(conn, req, - fname, - psbuf, - access_mask, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - create_disp, - 0, /* no create options yet. */ - mod_unixmode, - oplock_request, - &info, - &fsp); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + access_mask, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + create_disp, /* create_disposition*/ + 0, /* create_options */ + mod_unixmode, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { return status; @@ -6520,6 +6558,7 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, uint16 flags = 0; char del = 1; int info = 0; + int create_options = 0; int i; struct share_mode_lock *lck = NULL; @@ -6543,31 +6582,29 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, fname)); if (VALID_STAT_OF_DIR(*psbuf)) { - status = open_directory(conn, req, - fname, - psbuf, - DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_FLAG_POSIX_SEMANTICS|0777, - &info, - &fsp); - } else { - - status = open_file_ntcreate(conn, req, - fname, - psbuf, - DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, - 0, - FILE_FLAG_POSIX_SEMANTICS|0777, - 0, /* No oplock, but break existing ones. */ - &info, - &fsp); + create_options |= FILE_DIRECTORY_FILE; } + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + DELETE_ACCESS, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + create_options, /* create_options */ + FILE_FLAG_POSIX_SEMANTICS|0777, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + psbuf); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { return status; } -- cgit From 6f7f4b428a86921e9532c62856873a19202f286d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 22 Nov 2008 19:37:24 -0800 Subject: s3: Modify direct caller of open_file to call SMB_VFS_CREATE_FILE --- source3/smbd/open.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 62d4827bb2..2e34115071 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2143,10 +2143,25 @@ NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, return status; } - /* note! we must use a non-zero desired access or we don't get - a real file descriptor. Oh what a twisted web we weave. */ - status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY, - 0, FILE_WRITE_DATA, FILE_WRITE_DATA); + status = SMB_VFS_CREATE_FILE( + conn, /* conn */ + NULL, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + false, /* is_dos_path */ + FILE_WRITE_DATA, /* access_mask */ + (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ + FILE_SHARE_DELETE), + FILE_OPEN, /* create_disposition*/ + 0, /* create_options */ + 0, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + psbuf); /* psbuf */ /* * This is not a user visible file open. -- cgit From f79aae70dd10877311243b5b2a55e1f130bd54b6 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 22 Nov 2008 19:40:09 -0800 Subject: s3: Simplify the create_file_unix_path->open_file_ntcreate path Also removed open_file_ntcreate/open_file from proto.h so they can no longer be called directly. --- source3/include/proto.h | 24 --------- source3/smbd/open.c | 131 ++++++++++++++---------------------------------- 2 files changed, 38 insertions(+), 117 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index c32234a1d8..08ecbfd1e5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8100,34 +8100,10 @@ bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func uint32 *pshare_mode, uint32 *pcreate_disposition, uint32 *pcreate_options); -NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct **result); NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf, files_struct **result); NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp); -NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result); NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory); void msg_file_was_renamed(struct messaging_context *msg, void *private_data, diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 2e34115071..d2068dde47 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1277,7 +1277,7 @@ static NTSTATUS calculate_access_mask(connection_struct *conn, Open a file with a share mode. Passed in an already created files_struct *. ****************************************************************************/ -static NTSTATUS open_file_ntcreate_internal(connection_struct *conn, +static NTSTATUS open_file_ntcreate(connection_struct *conn, struct smb_request *req, const char *fname, SMB_STRUCT_STAT *psbuf, @@ -2073,55 +2073,6 @@ static NTSTATUS open_file_ntcreate_internal(connection_struct *conn, return NT_STATUS_OK; } -/**************************************************************************** - Open a file with a share mode. -****************************************************************************/ - -NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct **result) -{ - NTSTATUS status; - files_struct *fsp = NULL; - - *result = NULL; - - status = file_new(req, conn, &fsp); - if(!NT_STATUS_IS_OK(status)) { - return status; - } - - status = open_file_ntcreate_internal(conn, - req, - fname, - psbuf, - access_mask, - share_access, - create_disposition, - create_options, - new_dos_attributes, - oplock_request, - pinfo, - fsp); - - if(!NT_STATUS_IS_OK(status)) { - file_free(req, fsp); - return status; - } - - *result = fsp; - return status; -} /**************************************************************************** Open a file for for write to ensure that we can fchmod it. @@ -2282,17 +2233,17 @@ static NTSTATUS mkdir_internal(connection_struct *conn, Open a directory from an NT SMB call. ****************************************************************************/ -NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result) +static NTSTATUS open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + int *pinfo, + files_struct **result) { files_struct *fsp = NULL; bool dir_existed = VALID_STAT(*psbuf) ? True : False; @@ -2932,41 +2883,35 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, * Ordinary file case. */ - if (base_fsp) { - /* - * We're opening the stream element of a base_fsp - * we already opened. We need to initialize - * the fsp first, and set up the base_fsp pointer. - */ - status = file_new(req, conn, &fsp); - if(!NT_STATUS_IS_OK(status)) { - goto fail; - } + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + goto fail; + } + /* + * We're opening the stream element of a base_fsp + * we already opened. Set up the base_fsp pointer. + */ + if (base_fsp) { fsp->base_fsp = base_fsp; + } - status = open_file_ntcreate_internal(conn, - req, - fname, - &sbuf, - access_mask, - share_access, - create_disposition, - create_options, - file_attributes, - oplock_request, - &info, - fsp); - - if(!NT_STATUS_IS_OK(status)) { - file_free(req, fsp); - fsp = NULL; - } - } else { - status = open_file_ntcreate( - conn, req, fname, &sbuf, access_mask, share_access, - create_disposition, create_options, file_attributes, - oplock_request, &info, &fsp); + status = open_file_ntcreate(conn, + req, + fname, + &sbuf, + access_mask, + share_access, + create_disposition, + create_options, + file_attributes, + oplock_request, + &info, + fsp); + + if(!NT_STATUS_IS_OK(status)) { + file_free(req, fsp); + fsp = NULL; } if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) { -- cgit From 58440122853b65048793efd90ee45916e25c08c1 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 1 Dec 2008 12:47:31 -0800 Subject: s3: Change SMB_VFS_CREATE_FILE to take a create_file_flags argument This replaces the is_dos_path bool with a more future-proof argument. The next step is to plumb INTERNAL_OPEN_ONLY through this flag instead of overridding the oplock_request. --- source3/include/proto.h | 2 +- source3/include/smb.h | 5 +++++ source3/include/vfs.h | 2 +- source3/include/vfs_macros.h | 6 +++--- source3/modules/vfs_default.c | 4 ++-- source3/modules/vfs_full_audit.c | 6 +++--- source3/printing/nt_printing.c | 6 +++--- source3/rpc_server/srv_srvsvc_nt.c | 4 ++-- source3/smbd/nttrans.c | 8 ++++---- source3/smbd/open.c | 12 ++++++------ source3/smbd/posix_acls.c | 2 +- source3/smbd/reply.c | 18 +++++++++--------- source3/smbd/trans2.c | 12 ++++++------ 13 files changed, 46 insertions(+), 41 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 08ecbfd1e5..63fe4d47c5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8114,7 +8114,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/smb.h b/source3/include/smb.h index bcf605ee53..39673e1ff7 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1895,4 +1895,9 @@ struct smb_extended_info { char samba_version_string[SAMBA_EXTENDED_INFO_VERSION_STRING_LENGTH]; }; +/* + * create_file_flags + */ +#define CFF_DOS_PATH 0x00000001 + #endif /* _SMB_H */ diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 5f6851a7bc..383cd327ae 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -313,7 +313,7 @@ struct vfs_ops { struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index 97107f3f60..fa5dad8781 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -48,7 +48,7 @@ /* File operations */ #define SMB_VFS_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs.ops.open)((conn)->vfs.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_CREATE_FILE(conn, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs.ops.create_file)((conn)->vfs.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_CLOSE(fsp) ((fsp)->conn->vfs.ops.close_fn((fsp)->conn->vfs.handles.close_hnd, (fsp))) #define SMB_VFS_READ(fsp, data, n) ((fsp)->conn->vfs.ops.vfs_read((fsp)->conn->vfs.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_PREAD(fsp, data, n, off) ((fsp)->conn->vfs.ops.pread((fsp)->conn->vfs.handles.pread, (fsp), (data), (n), (off))) @@ -174,7 +174,7 @@ /* File operations */ #define SMB_VFS_OPAQUE_OPEN(conn, fname, fsp, flags, mode) (((conn)->vfs_opaque.ops.open)((conn)->vfs_opaque.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_OPAQUE_CREATE_FILE(conn, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((conn)->vfs_opaque.ops.create_file)((conn)->vfs_opaque.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_OPAQUE_CLOSE(fsp) ((fsp)->conn->vfs_opaque.ops.close_fn((fsp)->conn->vfs_opaque.handles.close_hnd, (fsp))) #define SMB_VFS_OPAQUE_READ(fsp, data, n) ((fsp)->conn->vfs_opaque.ops.vfs_read((fsp)->conn->vfs_opaque.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_OPAQUE_PREAD(fsp, data, n, off) ((fsp)->conn->vfs_opaque.ops.pread((fsp)->conn->vfs_opaque.handles.pread, (fsp), (data), (n), (off))) @@ -301,7 +301,7 @@ /* File operations */ #define SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode) (((handle)->vfs_next.ops.open)((handle)->vfs_next.handles.open, (fname), (fsp), (flags), (mode))) -#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, is_dos_path, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (is_dos_path), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) +#define SMB_VFS_NEXT_CREATE_FILE(handle, req, root_dir_fid, fname, create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, psbuf) (((handle)->vfs_next.ops.create_file)((handle)->vfs_next.handles.create_file, (req), (root_dir_fid), (fname), (create_file_flags), (access_mask), (share_access), (create_disposition), (create_options), (file_attributes), (oplock_request), (allocation_size), (sd), (ea_list), (result), (pinfo), (psbuf))) #define SMB_VFS_NEXT_CLOSE(handle, fsp) ((handle)->vfs_next.ops.close_fn((handle)->vfs_next.handles.close_hnd, (fsp))) #define SMB_VFS_NEXT_READ(handle, fsp, data, n) ((handle)->vfs_next.ops.vfs_read((handle)->vfs_next.handles.vfs_read, (fsp), (data), (n))) #define SMB_VFS_NEXT_PREAD(handle, fsp, data, n, off) ((handle)->vfs_next.ops.pread((handle)->vfs_next.handles.pread, (fsp), (data), (n), (off))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index fde899d1af..6d8d8f8065 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -212,7 +212,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -227,7 +227,7 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct *handle, SMB_STRUCT_STAT *psbuf) { return create_file_default(handle->conn, req, root_dir_fid, fname, - is_dos_path, access_mask, share_access, + create_file_flags, access_mask, share_access, create_disposition, create_options, file_attributes, oplock_request, allocation_size, sd, ea_list, result, pinfo, diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index fd97a4ccff..7970bf2644 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -113,7 +113,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -1110,7 +1110,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -1131,7 +1131,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - is_dos_path, /* is_dos_path */ + create_file_flags, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 0c54c6452a..ba1fb4352c 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1349,7 +1349,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr NULL, /* req */ 0, /* root_dir_fid */ filepath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -1400,7 +1400,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr NULL, /* req */ 0, /* root_dir_fid */ filepath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -1553,7 +1553,7 @@ static uint32 get_correct_cversion(struct pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ driverpath, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 0febfbca06..76b475120d 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2053,7 +2053,7 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2168,7 +2168,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, NULL, /* req */ 0, /* root_dir_fid */ r->in.file, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ FILE_WRITE_ATTRIBUTES, /* access_mask */ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index a7b2cb6c31..24a14a8c1b 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -479,7 +479,7 @@ void reply_ntcreate_and_X(struct smb_request *req) req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -951,7 +951,7 @@ static void call_nt_transact_create(connection_struct *conn, req, /* req */ root_dir_fid, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_access, /* share_access */ create_disposition, /* create_disposition*/ @@ -1191,7 +1191,7 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ oldname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -1215,7 +1215,7 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ newname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d2068dde47..55aec16840 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2099,7 +2099,7 @@ NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn, NULL, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -2464,7 +2464,7 @@ NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, cons req, /* req */ 0, /* root_dir_fid */ directory, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_CREATE, /* create_disposition*/ @@ -3073,7 +3073,7 @@ NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, const char *fname, - bool is_dos_path, + uint32_t create_file_flags, uint32_t access_mask, uint32_t share_access, uint32_t create_disposition, @@ -3099,7 +3099,7 @@ NTSTATUS create_file_default(connection_struct *conn, "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " - "is_dos_path = %s, fname = %s\n", + "create_file_flags = 0x%x, fname = %s\n", (unsigned int)access_mask, (unsigned int)file_attributes, (unsigned int)share_access, @@ -3107,7 +3107,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)create_options, (unsigned int)oplock_request, (unsigned int)root_dir_fid, - ea_list, sd, fname, is_dos_path ? "true" : "false")); + ea_list, sd, create_file_flags, fname)); /* * Get the file name. @@ -3263,7 +3263,7 @@ NTSTATUS create_file_default(connection_struct *conn, file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } - if (is_dos_path) { + if (create_file_flags & CFF_DOS_PATH) { char *converted_fname; SET_STAT_INVALID(sbuf); diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 78a5d548c2..b184279259 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3253,7 +3253,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, NULL, /* req */ 0, /* root_dir_fid */ parent_name, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 728753bc3b..00c744ce1a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1635,7 +1635,7 @@ void reply_open(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1781,7 +1781,7 @@ void reply_open_and_X(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -1981,7 +1981,7 @@ void reply_mknew(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -2128,7 +2128,7 @@ void reply_ctemp(struct smb_request *req) req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -2330,7 +2330,7 @@ static NTSTATUS do_unlink(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ DELETE_ACCESS, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -5764,7 +5764,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ directory, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | /* share_access */ FILE_SHARE_WRITE), @@ -5882,7 +5882,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | /* share_access */ FILE_SHARE_WRITE), @@ -6094,7 +6094,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, NULL, /* req */ 0, /* root_dir_fid */ src, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_READ, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ FILE_OPEN, /* create_disposition*/ @@ -6123,7 +6123,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, NULL, /* req */ 0, /* root_dir_fid */ dest, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_GENERIC_WRITE, /* access_mask */ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ new_create_disposition, /* create_disposition*/ diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index b9a04e9b4f..f41210b2e1 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1011,7 +1011,7 @@ static void call_trans2open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - true, /* is_dos_path */ + CFF_DOS_PATH, /* create_file_flags */ access_mask, /* access_mask */ share_mode, /* share_access */ create_disposition, /* create_disposition*/ @@ -5064,7 +5064,7 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_ATTRIBUTES, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -5844,7 +5844,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_WRITE_DATA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -6286,7 +6286,7 @@ static NTSTATUS smb_posix_mkdir(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ FILE_READ_ATTRIBUTES, /* access_mask */ FILE_SHARE_NONE, /* share_access */ FILE_CREATE, /* create_disposition*/ @@ -6460,7 +6460,7 @@ static NTSTATUS smb_posix_open(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ access_mask, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), @@ -6590,7 +6590,7 @@ static NTSTATUS smb_posix_unlink(connection_struct *conn, req, /* req */ 0, /* root_dir_fid */ fname, /* fname */ - false, /* is_dos_path */ + 0, /* create_file_flags */ DELETE_ACCESS, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), -- cgit From dbfcd3f97c02a19c48360b4f477570997f8aa870 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 1 Dec 2008 14:13:14 -0800 Subject: s3: Fix FILE_FLAG_POSIX_SEMANTICS handling underneath SMB_VFS_CREATE_FILE --- source3/smbd/open.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 55aec16840..41a1fb371d 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2861,7 +2861,8 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } /* Can't open a temp directory. IFS kit test. */ - if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) { + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) { status = NT_STATUS_INVALID_PARAMETER; goto fail; } @@ -3260,7 +3261,6 @@ NTSTATUS create_file_default(connection_struct *conn, if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { case_state = set_posix_case_semantics(talloc_tos(), conn); - file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; } if (create_file_flags & CFF_DOS_PATH) { -- cgit From 2b8f3e253d3a56aac996287f5ce265d0c915b3c8 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 12:26:03 +0100 Subject: s3:net: fix password set of 'net rpc trustdom add' metze --- source3/utils/net_rpc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 3c8ce0326e..0c34972a29 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5250,7 +5250,8 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, notime, notime, notime, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, ¶meters, - 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS, + 0, 0, ACB_DOMTRUST, + SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD, hours, 0, 0, 0, 0, 0, 0, 0, &crypt_pwd); -- cgit From 885a1be8b932a212b6234a2a0c990975eb16e9e8 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 11:56:51 +0100 Subject: s4:netlogon: Implement netr_GetDcName() similar to netr_DsGetDCName() metze --- source4/rpc_server/netlogon/dcerpc_netlogon.c | 35 ++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index ccc1fc515f..2854980284 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -803,7 +803,40 @@ static NTSTATUS dcesrv_netr_AccountSync(struct dcesrv_call_state *dce_call, TALL static WERROR dcesrv_netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct netr_GetDcName *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + const char * const attrs[] = { NULL }; + void *sam_ctx; + struct ldb_message **res; + struct ldb_dn *domain_dn; + int ret; + const char *dcname; + + sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, + dce_call->conn->dce_ctx->lp_ctx, + dce_call->conn->auth_state.session_info); + if (sam_ctx == NULL) { + return WERR_DS_SERVICE_UNAVAILABLE; + } + + domain_dn = samdb_domain_to_dn(sam_ctx, mem_ctx, + r->in.domainname); + if (domain_dn == NULL) { + return WERR_DS_SERVICE_UNAVAILABLE; + } + + ret = gendb_search_dn(sam_ctx, mem_ctx, domain_dn, &res, attrs); + if (ret != 1) { + return WERR_NO_SUCH_DOMAIN; + } + + /* TODO: - return real IP address + * - check all r->in.* parameters (server_unc is ignored by w2k3!) + */ + dcname = talloc_asprintf(mem_ctx, "\\\\%s", + lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx)); + W_ERROR_HAVE_NO_MEMORY(dcname); + + *r->out.dcname = dcname; + return WERR_OK; } -- cgit From 9d44600470e2f2444a09d91d5d6b36515454c919 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 12:03:01 +0100 Subject: s4:netlogon: for now implement netr_GetAnyDCName() as wrapper of netr_GetDcName() metze --- source4/rpc_server/netlogon/dcerpc_netlogon.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 2854980284..2806802e63 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -856,7 +856,18 @@ static WERROR dcesrv_netr_LogonControl(struct dcesrv_call_state *dce_call, TALLO static WERROR dcesrv_netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct netr_GetAnyDCName *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct netr_GetDcName r2; + WERROR werr; + + ZERO_STRUCT(r2); + + r2.in.logon_server = r->in.logon_server; + r2.in.domainname = r->in.domainname; + r2.out.dcname = r->out.dcname; + + werr = dcesrv_netr_GetDcName(dce_call, mem_ctx, &r2); + + return werr; } -- cgit From e9d1c3e7eab7cbc14fa54d7df1ae7da52d483a7c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 12:46:30 +0100 Subject: RAW-NETLOGON: check netr_GetAnyDCName() result metze --- source4/torture/rpc/netlogon.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 953f9d126d..5fb36079d6 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -1523,6 +1523,7 @@ static bool test_GetAnyDCName(struct torture_context *tctx, status = dcerpc_netr_GetAnyDCName(p, tctx, &r); torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName"); + torture_assert_werr_ok(tctx, r.out.result, "GetAnyDCName"); if (dcname) { torture_comment(tctx, "\tDC is at '%s'\n", dcname); -- cgit From 6c9b0298a99ba14d832b30d9396bed64ae4ebd3e Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 12:47:43 +0100 Subject: s4:selftest: we have netr_GetDcName() and netr_GetAnyDCName() implementations now metze --- source4/selftest/knownfail | 2 -- 1 file changed, 2 deletions(-) diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 9649a1f644..abc69785cb 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -23,10 +23,8 @@ rpc.netlogon.*.LogonUasLogon rpc.netlogon.*.LogonUasLogoff rpc.netlogon.*.DatabaseSync rpc.netlogon.*.DatabaseSync2 -rpc.netlogon.*.GetDcName rpc.netlogon.*.LogonControl rpc.netlogon.*.LogonControl2 -rpc.netlogon.*.GetAnyDCName rpc.netlogon.*.DsrEnumerateDomainTrusts rpc.netlogon.*.NetrEnumerateTrustedDomains rpc.netlogon.*.NetrEnumerateTrustedDomainsEx -- cgit From db59cbfba8018d5b8eaf71d6a4441c5914baca4c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 3 Dec 2008 15:59:17 +0100 Subject: s3:winbindd: don't open a new dc connection in winbindd_getgrnam (main winbindd) This is just to find the corresponding domain struct. Actual connection is handled by the domain child. Michael --- source3/winbindd/winbindd_group.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 3422fdba1c..8b4d4d6dec 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -800,7 +800,7 @@ void winbindd_getgrnam(struct winbindd_cli_state *state) /* Get info for the domain */ - if ((domain = find_domain_from_name(name_domain)) == NULL) { + if ((domain = find_domain_from_name_noinit(name_domain)) == NULL) { DEBUG(3, ("could not get domain sid for domain %s\n", name_domain)); request_error(state); -- cgit From 95b4baf5adc61e823a83044e9a679a6200d2f6af Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 3 Dec 2008 16:38:55 +0100 Subject: s3:winbindd: don't open a new dc connection in winbindd_getpwnam (main winbindd) This is just to find the corresponding domain struct. Actual connection is handled by the domain child. Michael --- source3/winbindd/winbindd_user.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c index e5d0a22a73..fd1fdd3699 100644 --- a/source3/winbindd/winbindd_user.c +++ b/source3/winbindd/winbindd_user.c @@ -456,7 +456,7 @@ void winbindd_getpwnam(struct winbindd_cli_state *state) /* Get info for the domain */ - domain = find_domain_from_name(domname); + domain = find_domain_from_name_noinit(domname); if (domain == NULL) { DEBUG(7, ("could not find domain entry for domain %s. " -- cgit From 0f38bd90722469c6dbf1bcc7f56d3fbf6db3a8e8 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 4 Dec 2008 14:00:44 +0100 Subject: s3:winbindd: fix horrible mis-indentation of toplvl braces in getgrsid_sid2gid_recv to make code more readble Michael --- source3/winbindd/winbindd_group.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 8b4d4d6dec..7432bda451 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -833,7 +833,7 @@ struct getgrsid_state { }; static void getgrsid_sid2gid_recv(void *private_data, bool success, gid_t gid) - { +{ struct getgrsid_state *s = (struct getgrsid_state *)private_data; struct winbindd_domain *domain; @@ -884,7 +884,7 @@ static void getgrsid_sid2gid_recv(void *private_data, bool success, gid_t gid) s->state->response.extra_data.data = gr_mem; request_ok(s->state); - } +} static void getgrsid_lookupsid_recv( void *private_data, bool success, const char *dom_name, const char *name, -- cgit From 180245fce0f0d73d924ca6a25db3fc78934c40d1 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 15:09:21 +0100 Subject: s4:kdc: allow a trusted domain to get kerberos tickets metze --- source4/auth/auth.h | 3 ++- source4/auth/ntlm/auth_sam.c | 3 ++- source4/auth/sam.c | 12 +++++++----- source4/kdc/pac-glue.c | 3 ++- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/source4/auth/auth.h b/source4/auth/auth.h index af9ed52f78..360da50f70 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -204,7 +204,8 @@ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, struct ldb_message *msg, struct ldb_message *msg_domain_ref, const char *logon_workstation, - const char *name_for_logs); + const char *name_for_logs, + bool allow_domain_trust); struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, const char *netbios_name, diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c index d1be5b6e30..384d342e00 100644 --- a/source4/auth/ntlm/auth_sam.c +++ b/source4/auth/ntlm/auth_sam.c @@ -262,7 +262,8 @@ static NTSTATUS authsam_authenticate(struct auth_context *auth_context, msgs[0], msgs_domain_ref[0], user_info->workstation_name, - user_info->mapped.account_name); + user_info->mapped.account_name, + false); return nt_status; } diff --git a/source4/auth/sam.c b/source4/auth/sam.c index f6a998ae0f..4b848cffe0 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -144,7 +144,8 @@ _PUBLIC_ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, struct ldb_message *msg, struct ldb_message *msg_domain_ref, const char *logon_workstation, - const char *name_for_logs) + const char *name_for_logs, + bool allow_domain_trust) { uint16_t acct_flags; const char *workstation_list; @@ -231,11 +232,12 @@ _PUBLIC_ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_LOGON_HOURS; } - if (acct_flags & ACB_DOMTRUST) { - DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", name_for_logs)); - return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT; + if (!allow_domain_trust) { + if (acct_flags & ACB_DOMTRUST) { + DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", name_for_logs)); + return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT; + } } - if (!(logon_parameters & MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT)) { if (acct_flags & ACB_SVRTRUST) { DEBUG(2,("sam_account_ok: Server trust account %s denied by server\n", name_for_logs)); diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 3f1c1fc63e..74bec85d02 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -270,13 +270,14 @@ krb5_error_code samba_kdc_check_client_access(void *priv, } } + /* we allow all kinds of trusts here */ nt_status = authsam_account_ok(tmp_ctx, private->samdb, MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT, private->msg, private->realm_ref_msg, workstation, - name); + name, true); free(name); if (NT_STATUS_IS_OK(nt_status)) -- cgit From 677e0fb9659abe1ad684dd980d61b88caad9f8a2 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 4 Dec 2008 15:40:31 +0100 Subject: s4:kludge_acl: allow everybody to read the sequence number metze --- source4/dsdb/samdb/ldb_modules/kludge_acl.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index 6acbf45afd..97179a8126 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -417,6 +417,32 @@ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req) } } +static int kludge_acl_extended(struct ldb_module *module, struct ldb_request *req) +{ + enum security_user_level user_type; + + /* allow everybody to read the sequence number */ + if (strcmp(req->op.extended.oid, + LDB_EXTENDED_SEQUENCE_NUMBER) == 0) { + return ldb_next_request(module, req); + } + + user_type = what_is_user(module); + + switch (user_type) { + case SECURITY_SYSTEM: + case SECURITY_ADMINISTRATOR: + return ldb_next_request(module, req); + default: + ldb_asprintf_errstring(module->ldb, + "kludge_acl_change: " + "attempted database modify not permitted. " + "User %s is not SYSTEM or an administrator", + user_name(req, module)); + return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS; + } +} + static int kludge_acl_init(struct ldb_module *module) { int ret, i; @@ -494,6 +520,6 @@ _PUBLIC_ const struct ldb_module_ops ldb_kludge_acl_module_ops = { .modify = kludge_acl_change, .del = kludge_acl_change, .rename = kludge_acl_change, - .extended = kludge_acl_change, + .extended = kludge_acl_extended, .init_context = kludge_acl_init }; -- cgit From 15e1fd7c540ab47dffdfbd4cfad3a8c18a3f62dc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Dec 2008 11:20:57 -0800 Subject: Fix bug #1254 - write list not working under share-level security A somewhat more elegant fix than I could use for 3.2.x or 3.0.x. Turns out the only part of check_user_ok() that needs to change for share level security is the VUID cache pieces, so I can just always use check_user_ok() for all lp_security() cases. Jeremy --- source3/auth/auth_util.c | 2 +- source3/include/proto.h | 6 ++-- source3/smbd/share_access.c | 4 +-- source3/smbd/uid.c | 81 +++++++++++++++++++++++++-------------------- 4 files changed, 52 insertions(+), 41 deletions(-) diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 9220df01c0..d2a8591ae6 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1294,7 +1294,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, - auth_serversupplied_info *src) + const auth_serversupplied_info *src) { auth_serversupplied_info *dst; diff --git a/source3/include/proto.h b/source3/include/proto.h index 63fe4d47c5..89b443e9db 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -123,7 +123,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, bool is_guest, struct auth_serversupplied_info **presult); struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, - auth_serversupplied_info *src); + const auth_serversupplied_info *src); bool init_guest_info(void); bool server_info_set_session_key(struct auth_serversupplied_info *info, DATA_BLOB session_key); @@ -8462,10 +8462,10 @@ bool token_contains_name_in_list(const char *username, const struct nt_user_token *token, const char **list); bool user_ok_token(const char *username, const char *domain, - struct nt_user_token *token, int snum); + const struct nt_user_token *token, int snum); bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, + const struct nt_user_token *token, connection_struct *conn); /* The following definitions come from smbd/srvstr.c */ diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 9dbacc2998..c72251b5a7 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -192,7 +192,7 @@ bool token_contains_name_in_list(const char *username, */ bool user_ok_token(const char *username, const char *domain, - struct nt_user_token *token, int snum) + const struct nt_user_token *token, int snum) { if (lp_invalid_users(snum) != NULL) { if (token_contains_name_in_list(username, domain, @@ -252,7 +252,7 @@ bool user_ok_token(const char *username, const char *domain, bool is_share_read_only_for_token(const char *username, const char *domain, - struct nt_user_token *token, + const struct nt_user_token *token, connection_struct *conn) { int snum = SNUM(conn); diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index ca7df264e2..5a4b8a52e7 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -61,22 +61,27 @@ bool change_to_guest(void) later code can then mess with. ********************************************************************/ -static bool check_user_ok(connection_struct *conn, uint16_t vuid, - struct auth_serversupplied_info *server_info, - int snum) +static bool check_user_ok(connection_struct *conn, + uint16_t vuid, + const struct auth_serversupplied_info *server_info, + int snum) { + bool valid_vuid = (vuid != UID_FIELD_INVALID); unsigned int i; - struct vuid_cache_entry *ent = NULL; bool readonly_share; bool admin_user; - for (i=0; ivuid_cache.array[i]; - if (ent->vuid == vuid) { - conn->server_info = ent->server_info; - conn->read_only = ent->read_only; - conn->admin_user = ent->admin_user; - return(True); + if (valid_vuid) { + struct vuid_cache_entry *ent; + + for (i=0; ivuid_cache.array[i]; + if (ent->vuid == vuid) { + conn->server_info = ent->server_info; + conn->read_only = ent->read_only; + conn->admin_user = ent->admin_user; + return(True); + } } } @@ -112,33 +117,36 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid, pdb_get_domain(server_info->sam_account), NULL, server_info->ptok, lp_admin_users(snum)); - ent = &conn->vuid_cache.array[conn->vuid_cache.next_entry]; + if (valid_vuid) { + struct vuid_cache_entry *ent = + &conn->vuid_cache.array[conn->vuid_cache.next_entry]; - conn->vuid_cache.next_entry = - (conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE; + conn->vuid_cache.next_entry = + (conn->vuid_cache.next_entry + 1) % VUID_CACHE_SIZE; - TALLOC_FREE(ent->server_info); + TALLOC_FREE(ent->server_info); - /* - * If force_user was set, all server_info's are based on the same - * username-based faked one. - */ + /* + * If force_user was set, all server_info's are based on the same + * username-based faked one. + */ - ent->server_info = copy_serverinfo( - conn, conn->force_user ? conn->server_info : server_info); + ent->server_info = copy_serverinfo( + conn, conn->force_user ? conn->server_info : server_info); - if (ent->server_info == NULL) { - ent->vuid = UID_FIELD_INVALID; - return false; - } + if (ent->server_info == NULL) { + ent->vuid = UID_FIELD_INVALID; + return false; + } - ent->vuid = vuid; - ent->read_only = readonly_share; - ent->admin_user = admin_user; + ent->vuid = vuid; + ent->read_only = readonly_share; + ent->admin_user = admin_user; + conn->server_info = ent->server_info; + } - conn->read_only = ent->read_only; - conn->admin_user = ent->admin_user; - conn->server_info = ent->server_info; + conn->read_only = readonly_share; + conn->admin_user = admin_user; return(True); } @@ -172,6 +180,7 @@ void conn_clear_vuid_cache(connection_struct *conn, uint16_t vuid) bool change_to_user(connection_struct *conn, uint16 vuid) { + const struct auth_serversupplied_info *server_info = NULL; user_struct *vuser = get_valid_user_struct(vuid); int snum; gid_t gid; @@ -207,13 +216,15 @@ bool change_to_user(connection_struct *conn, uint16 vuid) snum = SNUM(conn); - if ((vuser) && !check_user_ok(conn, vuid, vuser->server_info, snum)) { + server_info = vuser ? vuser->server_info : conn->server_info; + + if (!check_user_ok(conn, vuid, server_info, snum)) { DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) " "not permitted access to share %s.\n", - vuser->server_info->sanitized_username, - vuser->server_info->unix_name, vuid, + server_info->sanitized_username, + server_info->unix_name, vuid, lp_servicename(snum))); - return False; + return false; } /* -- cgit From 09b4a9513cf0be52dcd43660ae384b8f7c398287 Mon Sep 17 00:00:00 2001 From: Henning Henkel Date: Thu, 4 Dec 2008 13:55:12 -0800 Subject: Fix bug #5929 - vfs_prealloc does not build with option --with-cluster-support and GPFS --- source3/modules/vfs_prealloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/modules/vfs_prealloc.c b/source3/modules/vfs_prealloc.c index 2a06e3d81b..5a339dbf8d 100644 --- a/source3/modules/vfs_prealloc.c +++ b/source3/modules/vfs_prealloc.c @@ -56,9 +56,9 @@ static int module_debug; static int preallocate_space(int fd, SMB_OFF_T size) { + int err; #ifndef HAVE_GPFS lock_type fl = {0}; - int err; if (size <= 0) { return 0; -- cgit From 0e723d8f7d918d2d1a1e9e26d976f016d5d97c94 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Dec 2008 15:35:32 -0800 Subject: Fix bug #5937 - filenames with "*" char hide other files Jeremy. --- source3/smbd/trans2.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index f41210b2e1..606e656795 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1095,15 +1095,13 @@ static bool exact_match(connection_struct *conn, { if (mask[0] == '.' && mask[1] == 0) return False; - if (conn->case_sensitive) - return strcmp(str,mask)==0; - if (StrCaseCmp(str,mask) != 0) { - return False; - } if (dptr_has_wild(conn->dirptr)) { return False; } - return True; + if (conn->case_sensitive) + return strcmp(str,mask)==0; + else + return StrCaseCmp(str,mask) == 0; } /**************************************************************************** -- cgit From 7d8f3cdbfc741aa680f23018a434ae9409b69ef0 Mon Sep 17 00:00:00 2001 From: Sam Liddicott Date: Fri, 5 Dec 2008 09:04:55 +0000 Subject: Let ntvfs request transport close via ntvfs_request state [I can't swear that this covers all the smb2 cases, there are some reply functions that I can't trace properly] Add NTVFS_ASYNC_STATE_CLOSE bit to ntvfs_request->async_states->state so that the ntvfs layer can signify that the client transport should be closed, most useful for proxy servies, and most likely due to a forwarding transport having been closed. Signed-off-by: Sam Liddicott Signed-off-by: Stefan Metzmacher --- source4/ntvfs/ntvfs.h | 1 + source4/smb_server/smb2/smb2_server.h | 10 ++++++++++ source4/smb_server/smb_server.h | 12 ++++++++++++ 3 files changed, 23 insertions(+) diff --git a/source4/ntvfs/ntvfs.h b/source4/ntvfs/ntvfs.h index 0d5738d9f0..fc04d976f4 100644 --- a/source4/ntvfs/ntvfs.h +++ b/source4/ntvfs/ntvfs.h @@ -226,6 +226,7 @@ struct ntvfs_context { /* a set of flags to control handling of request structures */ #define NTVFS_ASYNC_STATE_ASYNC (1<<1) /* the backend will answer this one later */ #define NTVFS_ASYNC_STATE_MAY_ASYNC (1<<2) /* the backend is allowed to answer async */ +#define NTVFS_ASYNC_STATE_CLOSE (1<<3) /* the backend session should be closed */ /* the ntvfs_async_state structure allows backend functions to delay replying to requests. To use this, the front end must diff --git a/source4/smb_server/smb2/smb2_server.h b/source4/smb_server/smb2/smb2_server.h index 431add4ed9..ba3021a3a9 100644 --- a/source4/smb_server/smb2/smb2_server.h +++ b/source4/smb_server/smb2/smb2_server.h @@ -153,6 +153,11 @@ struct smbsrv_request; /* check req->ntvfs->async_states->status and if not OK then send an error reply */ #define SMB2SRV_CHECK_ASYNC_STATUS_ERR_SIMPLE do { \ req = talloc_get_type(ntvfs->async_states->private_data, struct smb2srv_request); \ + if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \ + smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \ + talloc_free(req); \ + return; \ + } \ req->status = ntvfs->async_states->status; \ if (NT_STATUS_IS_ERR(ntvfs->async_states->status)) { \ smb2srv_send_error(req, ntvfs->async_states->status); \ @@ -165,6 +170,11 @@ struct smbsrv_request; } while (0) #define SMB2SRV_CHECK_ASYNC_STATUS_SIMPLE do { \ req = talloc_get_type(ntvfs->async_states->private_data, struct smb2srv_request); \ + if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \ + smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \ + talloc_free(req); \ + return; \ + } \ req->status = ntvfs->async_states->status; \ if (!NT_STATUS_IS_OK(ntvfs->async_states->status)) { \ smb2srv_send_error(req, ntvfs->async_states->status); \ diff --git a/source4/smb_server/smb_server.h b/source4/smb_server/smb_server.h index e3e55ae040..227c298008 100644 --- a/source4/smb_server/smb_server.h +++ b/source4/smb_server/smb_server.h @@ -483,6 +483,11 @@ struct loadparm_context; /* check req->ntvfs->async_states->status and if not OK then send an error reply */ #define SMBSRV_CHECK_ASYNC_STATUS_ERR_SIMPLE do { \ req = talloc_get_type(ntvfs->async_states->private_data, struct smbsrv_request); \ + if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \ + smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \ + talloc_free(req); \ + return; \ + } \ if (NT_STATUS_IS_ERR(ntvfs->async_states->status)) { \ smbsrv_send_error(req, ntvfs->async_states->status); \ return; \ @@ -494,6 +499,11 @@ struct loadparm_context; } while (0) #define SMBSRV_CHECK_ASYNC_STATUS_SIMPLE do { \ req = talloc_get_type(ntvfs->async_states->private_data, struct smbsrv_request); \ + if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \ + smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \ + talloc_free(req); \ + return; \ + } \ if (!NT_STATUS_IS_OK(ntvfs->async_states->status)) { \ smbsrv_send_error(req, ntvfs->async_states->status); \ return; \ @@ -506,3 +516,5 @@ struct loadparm_context; /* zero out some reserved fields in a reply */ #define SMBSRV_VWV_RESERVED(start, count) memset(req->out.vwv + VWV(start), 0, (count)*2) + +#include "smb_server/service_smb_proto.h" -- cgit From 39e468f55859c01f7bdaab4086df371d3375099f Mon Sep 17 00:00:00 2001 From: Sam Liddicott Date: Fri, 5 Dec 2008 09:05:47 +0000 Subject: vfs_cifs - Use ntvfs request transport close to close downstream session When upstream session closes, close the downstream session Signed-off-by: Sam Liddicott Signed-off-by: Stefan Metzmacher --- source4/ntvfs/cifs/vfs_cifs.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/source4/ntvfs/cifs/vfs_cifs.c b/source4/ntvfs/cifs/vfs_cifs.c index d133bbc480..e615401e51 100644 --- a/source4/ntvfs/cifs/vfs_cifs.c +++ b/source4/ntvfs/cifs/vfs_cifs.c @@ -63,7 +63,17 @@ struct async_info { void *parms; }; -#define SETUP_PID private->tree->session->pid = req->smbpid +#define CHECK_UPSTREAM_OPEN do { \ + if (! private->transport->socket->sock) { \ + req->async_states->state|=NTVFS_ASYNC_STATE_CLOSE; \ + return NT_STATUS_CONNECTION_DISCONNECTED; \ + } \ +} while(0) + +#define SETUP_PID do { \ + private->tree->session->pid = req->smbpid; \ + CHECK_UPSTREAM_OPEN; \ +} while(0) #define SETUP_FILE_HERE(f) do { \ f = ntvfs_handle_get_backend_data(io->generic.in.file.ntvfs, ntvfs); \ -- cgit From 0f74de3d37cdb03f622d9cdc1cdcc4aa6ede5ce3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 5 Dec 2008 13:29:58 +0100 Subject: s4:password_hash: really catch the clearTextPasswordAttr case... This fixes the creation of the user object for incoming trusts in dcesrv_lsa_CreateTrustedDomain_base(). And now w2k3 trust samba4 just fine:-) metze --- source4/dsdb/samdb/ldb_modules/password_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index cef1bf79f7..1707baba58 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1641,7 +1641,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) ntAttr = ldb_msg_find_element(req->op.mod.message, "unicodePwd"); lmAttr = ldb_msg_find_element(req->op.mod.message, "dBCSPwd"); - if ((!sambaAttr) && (!ntAttr) && (!lmAttr)) { + if ((!sambaAttr) && (!clearTextPasswordAttr) && (!ntAttr) && (!lmAttr)) { return ldb_next_request(module, req); } -- cgit From e9269e57fce69a4ad9dcf19444e60ff3cd489d18 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:27:28 +0100 Subject: s3-rpcclient: add get_domain_handle for samr commands. Guenther --- source3/rpcclient/cmd_samr.c | 168 +++++++++++++++++-------------------------- 1 file changed, 64 insertions(+), 104 deletions(-) diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index eaf5adbfa5..139702cc74 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -264,6 +264,35 @@ static void display_sam_info_5(struct samr_DispEntryAscii *r) printf("Account: %s\n", r->account_name.string); } +/**************************************************************************** + ****************************************************************************/ + +static NTSTATUS get_domain_handle(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *sam, + struct policy_handle *connect_pol, + uint32_t access_mask, + struct dom_sid *_domain_sid, + struct policy_handle *domain_pol) +{ + + if (StrCaseCmp(sam, "domain") == 0) { + return rpccli_samr_OpenDomain(cli, mem_ctx, + connect_pol, + access_mask, + _domain_sid, + domain_pol); + } else if (StrCaseCmp(sam, "builtin") == 0) { + return rpccli_samr_OpenDomain(cli, mem_ctx, + connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + domain_pol); + } + + return NT_STATUS_INVALID_PARAMETER; +} + /********************************************************************** * Query user information */ @@ -649,21 +678,11 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - &domain_sid, &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else { - printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); - return NT_STATUS_INVALID_PARAMETER; - } + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -955,20 +974,11 @@ static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - access_mask, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1107,20 +1117,11 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1197,25 +1198,11 @@ static NTSTATUS cmd_samr_query_aliasinfo(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (strequal(argv[1], "domain")) { - - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - SEC_FLAG_MAXIMUM_ALLOWED, - &domain_sid, - &domain_pol); - - } else if (strequal(argv[1], "builtin")) { - - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - SEC_FLAG_MAXIMUM_ALLOWED, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - - } else { - return NT_STATUS_OK; - } + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + SEC_FLAG_MAXIMUM_ALLOWED, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1294,20 +1281,11 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on domain */ - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_INVALID_PARAMETER; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1890,20 +1868,11 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1973,20 +1942,11 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, - &domain_pol); - else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_OpenDomain(cli, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), - &domain_pol); - else - return NT_STATUS_OK; + result = get_domain_handle(cli, mem_ctx, argv[1], + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; -- cgit From de443a42404a8aab47baa70a123c32435854b2eb Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:29:47 +0100 Subject: samr: fix samr_UserInfo21 (order of lm_password_set and nt_password_set). Guenther --- librpc/idl/samr.idl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 46478ee9e8..39173e418e 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -959,8 +959,8 @@ import "misc.idl", "lsa.idl", "security.idl"; uint16 logon_count; uint16 country_code; uint16 code_page; - uint8 nt_password_set; uint8 lm_password_set; + uint8 nt_password_set; uint8 password_expired; uint8 unknown4; } samr_UserInfo21; -- cgit From 809d44e3db1e0b86d754a2c7f38eb1ec061adaad Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Dec 2008 23:25:16 +0100 Subject: samr: fill in two unknowns in samr_DomInfo13. Guenther --- librpc/idl/samr.idl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 39173e418e..d4492aadc0 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -410,8 +410,7 @@ import "misc.idl", "lsa.idl", "security.idl"; typedef struct { hyper sequence_num; NTTIME domain_create_time; - uint32 unknown1; - uint32 unknown2; + hyper modified_count_at_last_promotion; } samr_DomInfo13; typedef [switch_type(uint16)] union { -- cgit From 8210177ea4079dcdc6d87851ac2f629591075040 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 13:09:38 +0100 Subject: samr: fill in two unknowns in samr_UserInfo21. Guenther --- librpc/idl/samr.idl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index d4492aadc0..072504c3d3 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -944,8 +944,8 @@ import "misc.idl", "lsa.idl", "security.idl"; lsa_String workstations; lsa_String comment; lsa_BinaryString parameters; - lsa_String unknown1; - lsa_String unknown2; + lsa_BinaryString lm_owf_password; + lsa_BinaryString nt_owf_password; lsa_String unknown3; uint32 buf_count; [size_is(buf_count)] uint8 *buffer; -- cgit From b0e813d28c6d98c333bf6f48a4ae3738b45af0f2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:12:45 +0100 Subject: samr: make more explicit what SAMR_FIELD_PASSWORD{2} means. Guenther --- librpc/idl/samr.idl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 072504c3d3..151e76eae1 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -915,8 +915,8 @@ import "misc.idl", "lsa.idl", "security.idl"; SAMR_FIELD_PARAMETERS = 0x00200000, SAMR_FIELD_COUNTRY_CODE = 0x00400000, SAMR_FIELD_CODE_PAGE = 0x00800000, - SAMR_FIELD_PASSWORD = 0x01000000, /* either of these */ - SAMR_FIELD_PASSWORD2 = 0x02000000, /* two bits seems to work */ + SAMR_FIELD_NT_PASSWORD_PRESENT = 0x01000000, /* either of these */ + SAMR_FIELD_LM_PASSWORD_PRESENT = 0x02000000, /* two bits seems to work */ SAMR_FIELD_PRIVATE_DATA = 0x04000000, SAMR_FIELD_EXPIRED_FLAG = 0x08000000, SAMR_FIELD_SEC_DESC = 0x10000000, -- cgit From 1e90c5773cf23414666d0ee585c9aac48edcc632 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:19:29 +0100 Subject: samr: fix samr_UserInfo18. It also contains password_expired, thanks metze. Guenther --- librpc/idl/samr.idl | 1 + 1 file changed, 1 insertion(+) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 151e76eae1..91764e3e9a 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -883,6 +883,7 @@ import "misc.idl", "lsa.idl", "security.idl"; samr_Password nt_pwd; boolean8 lm_pwd_active; boolean8 nt_pwd_active; + uint8 password_expired; } samr_UserInfo18; typedef struct { -- cgit From 9bb1f4ca0e0f882484212d9daa7ec1abe344232c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 12:40:19 +0100 Subject: samr: fix samr_UserInfo18, lm/nt pwd mixup. Guenther --- librpc/idl/samr.idl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 91764e3e9a..7d5d877bb1 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -879,10 +879,10 @@ import "misc.idl", "lsa.idl", "security.idl"; } samr_Password; typedef struct { - samr_Password lm_pwd; samr_Password nt_pwd; - boolean8 lm_pwd_active; + samr_Password lm_pwd; boolean8 nt_pwd_active; + boolean8 lm_pwd_active; uint8 password_expired; } samr_UserInfo18; -- cgit From 98ea2b12c4c0f77c81ba5fb3689ddb056204fcf5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:30:21 +0100 Subject: s3-build: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/ndr_samr.c | 54 +++++++++++++++++++-------------------- source3/librpc/gen_ndr/samr.h | 18 ++++++------- 2 files changed, 36 insertions(+), 36 deletions(-) diff --git a/source3/librpc/gen_ndr/ndr_samr.c b/source3/librpc/gen_ndr/ndr_samr.c index 975bde3340..83db0faaef 100644 --- a/source3/librpc/gen_ndr/ndr_samr.c +++ b/source3/librpc/gen_ndr/ndr_samr.c @@ -852,8 +852,7 @@ static enum ndr_err_code ndr_push_samr_DomInfo13(struct ndr_push *ndr, int ndr_f NDR_CHECK(ndr_push_align(ndr, 8)); NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->sequence_num)); NDR_CHECK(ndr_push_NTTIME(ndr, NDR_SCALARS, r->domain_create_time)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown1)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown2)); + NDR_CHECK(ndr_push_hyper(ndr, NDR_SCALARS, r->modified_count_at_last_promotion)); } if (ndr_flags & NDR_BUFFERS) { } @@ -866,8 +865,7 @@ static enum ndr_err_code ndr_pull_samr_DomInfo13(struct ndr_pull *ndr, int ndr_f NDR_CHECK(ndr_pull_align(ndr, 8)); NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->sequence_num)); NDR_CHECK(ndr_pull_NTTIME(ndr, NDR_SCALARS, &r->domain_create_time)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_pull_hyper(ndr, NDR_SCALARS, &r->modified_count_at_last_promotion)); } if (ndr_flags & NDR_BUFFERS) { } @@ -880,8 +878,7 @@ _PUBLIC_ void ndr_print_samr_DomInfo13(struct ndr_print *ndr, const char *name, ndr->depth++; ndr_print_hyper(ndr, "sequence_num", r->sequence_num); ndr_print_NTTIME(ndr, "domain_create_time", r->domain_create_time); - ndr_print_uint32(ndr, "unknown1", r->unknown1); - ndr_print_uint32(ndr, "unknown2", r->unknown2); + ndr_print_hyper(ndr, "modified_count_at_last_promotion", r->modified_count_at_last_promotion); ndr->depth--; } @@ -2652,10 +2649,11 @@ static enum ndr_err_code ndr_push_samr_UserInfo18(struct ndr_push *ndr, int ndr_ { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 1)); - NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->nt_pwd)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_pwd_active)); + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_pwd_active)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_pwd_active)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired)); } if (ndr_flags & NDR_BUFFERS) { } @@ -2666,10 +2664,11 @@ static enum ndr_err_code ndr_pull_samr_UserInfo18(struct ndr_pull *ndr, int ndr_ { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 1)); - NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->nt_pwd)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_pwd_active)); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->lm_pwd)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_pwd_active)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_pwd_active)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired)); } if (ndr_flags & NDR_BUFFERS) { } @@ -2680,10 +2679,11 @@ _PUBLIC_ void ndr_print_samr_UserInfo18(struct ndr_print *ndr, const char *name, { ndr_print_struct(ndr, name, "samr_UserInfo18"); ndr->depth++; - ndr_print_samr_Password(ndr, "lm_pwd", &r->lm_pwd); ndr_print_samr_Password(ndr, "nt_pwd", &r->nt_pwd); - ndr_print_uint8(ndr, "lm_pwd_active", r->lm_pwd_active); + ndr_print_samr_Password(ndr, "lm_pwd", &r->lm_pwd); ndr_print_uint8(ndr, "nt_pwd_active", r->nt_pwd_active); + ndr_print_uint8(ndr, "lm_pwd_active", r->lm_pwd_active); + ndr_print_uint8(ndr, "password_expired", r->password_expired); ndr->depth--; } @@ -2761,8 +2761,8 @@ _PUBLIC_ void ndr_print_samr_FieldsPresent(struct ndr_print *ndr, const char *na ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PARAMETERS", SAMR_FIELD_PARAMETERS, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_COUNTRY_CODE", SAMR_FIELD_COUNTRY_CODE, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_CODE_PAGE", SAMR_FIELD_CODE_PAGE, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PASSWORD", SAMR_FIELD_PASSWORD, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PASSWORD2", SAMR_FIELD_PASSWORD2, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_NT_PASSWORD_PRESENT", SAMR_FIELD_NT_PASSWORD_PRESENT, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_LM_PASSWORD_PRESENT", SAMR_FIELD_LM_PASSWORD_PRESENT, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_PRIVATE_DATA", SAMR_FIELD_PRIVATE_DATA, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_EXPIRED_FLAG", SAMR_FIELD_EXPIRED_FLAG, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_FIELD_SEC_DESC", SAMR_FIELD_SEC_DESC, r); @@ -2790,8 +2790,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->workstations)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->comment)); NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->parameters)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->lm_owf_password)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_SCALARS, &r->nt_owf_password)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->unknown3)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->buf_count)); NDR_CHECK(ndr_push_unique_ptr(ndr, r->buffer)); @@ -2804,8 +2804,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->logon_count)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->country_code)); NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->code_page)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_password_set)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->lm_password_set)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->nt_password_set)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired)); NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->unknown4)); } @@ -2820,8 +2820,8 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->workstations)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->comment)); NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->parameters)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown2)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->lm_owf_password)); + NDR_CHECK(ndr_push_lsa_BinaryString(ndr, NDR_BUFFERS, &r->nt_owf_password)); NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->unknown3)); if (r->buffer) { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->buf_count)); @@ -2854,8 +2854,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->workstations)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->comment)); NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->parameters)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown2)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->lm_owf_password)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_SCALARS, &r->nt_owf_password)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown3)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->buf_count)); NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_buffer)); @@ -2873,8 +2873,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->logon_count)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->country_code)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->code_page)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_password_set)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->lm_password_set)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->nt_password_set)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired)); NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->unknown4)); } @@ -2889,8 +2889,8 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->workstations)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->comment)); NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->parameters)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown2)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->lm_owf_password)); + NDR_CHECK(ndr_pull_lsa_BinaryString(ndr, NDR_BUFFERS, &r->nt_owf_password)); NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown3)); if (r->buffer) { _mem_save_buffer_0 = NDR_PULL_GET_MEM_CTX(ndr); @@ -2928,8 +2928,8 @@ _PUBLIC_ void ndr_print_samr_UserInfo21(struct ndr_print *ndr, const char *name, ndr_print_lsa_String(ndr, "workstations", &r->workstations); ndr_print_lsa_String(ndr, "comment", &r->comment); ndr_print_lsa_BinaryString(ndr, "parameters", &r->parameters); - ndr_print_lsa_String(ndr, "unknown1", &r->unknown1); - ndr_print_lsa_String(ndr, "unknown2", &r->unknown2); + ndr_print_lsa_BinaryString(ndr, "lm_owf_password", &r->lm_owf_password); + ndr_print_lsa_BinaryString(ndr, "nt_owf_password", &r->nt_owf_password); ndr_print_lsa_String(ndr, "unknown3", &r->unknown3); ndr_print_uint32(ndr, "buf_count", r->buf_count); ndr_print_ptr(ndr, "buffer", r->buffer); @@ -2947,8 +2947,8 @@ _PUBLIC_ void ndr_print_samr_UserInfo21(struct ndr_print *ndr, const char *name, ndr_print_uint16(ndr, "logon_count", r->logon_count); ndr_print_uint16(ndr, "country_code", r->country_code); ndr_print_uint16(ndr, "code_page", r->code_page); - ndr_print_uint8(ndr, "nt_password_set", r->nt_password_set); ndr_print_uint8(ndr, "lm_password_set", r->lm_password_set); + ndr_print_uint8(ndr, "nt_password_set", r->nt_password_set); ndr_print_uint8(ndr, "password_expired", r->password_expired); ndr_print_uint8(ndr, "unknown4", r->unknown4); ndr->depth--; diff --git a/source3/librpc/gen_ndr/samr.h b/source3/librpc/gen_ndr/samr.h index 537f144940..3116f26d8c 100644 --- a/source3/librpc/gen_ndr/samr.h +++ b/source3/librpc/gen_ndr/samr.h @@ -252,8 +252,7 @@ struct samr_DomInfo12 { struct samr_DomInfo13 { uint64_t sequence_num; NTTIME domain_create_time; - uint32_t unknown1; - uint32_t unknown2; + uint64_t modified_count_at_last_promotion; }; union samr_DomainInfo { @@ -477,10 +476,11 @@ struct samr_Password { }/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */; struct samr_UserInfo18 { - struct samr_Password lm_pwd; struct samr_Password nt_pwd; - uint8_t lm_pwd_active; + struct samr_Password lm_pwd; uint8_t nt_pwd_active; + uint8_t lm_pwd_active; + uint8_t password_expired; }; struct samr_UserInfo20 { @@ -512,8 +512,8 @@ struct samr_UserInfo20 { #define SAMR_FIELD_PARAMETERS ( 0x00200000 ) #define SAMR_FIELD_COUNTRY_CODE ( 0x00400000 ) #define SAMR_FIELD_CODE_PAGE ( 0x00800000 ) -#define SAMR_FIELD_PASSWORD ( 0x01000000 ) -#define SAMR_FIELD_PASSWORD2 ( 0x02000000 ) +#define SAMR_FIELD_NT_PASSWORD_PRESENT ( 0x01000000 ) +#define SAMR_FIELD_LM_PASSWORD_PRESENT ( 0x02000000 ) #define SAMR_FIELD_PRIVATE_DATA ( 0x04000000 ) #define SAMR_FIELD_EXPIRED_FLAG ( 0x08000000 ) #define SAMR_FIELD_SEC_DESC ( 0x10000000 ) @@ -536,8 +536,8 @@ struct samr_UserInfo21 { struct lsa_String workstations; struct lsa_String comment; struct lsa_BinaryString parameters; - struct lsa_String unknown1; - struct lsa_String unknown2; + struct lsa_BinaryString lm_owf_password; + struct lsa_BinaryString nt_owf_password; struct lsa_String unknown3; uint32_t buf_count; uint8_t *buffer;/* [unique,size_is(buf_count)] */ @@ -550,8 +550,8 @@ struct samr_UserInfo21 { uint16_t logon_count; uint16_t country_code; uint16_t code_page; - uint8_t nt_password_set; uint8_t lm_password_set; + uint8_t nt_password_set; uint8_t password_expired; uint8_t unknown4; }; -- cgit From eb906e1d2d61325487fa7e0bcd50fcf4a1b623a3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 29 Nov 2008 00:36:23 +0100 Subject: s3-samr: fix init_samr_user_info2{1,3,5} callers. Guenther --- source3/rpc_client/init_samr.c | 12 ++++++------ source3/rpc_server/srv_samr_nt.c | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 6a9e6d1682..7f48b1fdf9 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -391,8 +391,8 @@ void init_samr_user_info21(struct samr_UserInfo21 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired) { r->last_logon = last_logon; @@ -420,8 +420,8 @@ void init_samr_user_info21(struct samr_UserInfo21 *r, r->logon_count = logon_count; r->country_code = country_code; r->code_page = code_page; - r->nt_password_set = nt_password_set; r->lm_password_set = lm_password_set; + r->nt_password_set = nt_password_set; r->password_expired = password_expired; } @@ -455,8 +455,8 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired, struct samr_CryptPassword *pwd_buf) { @@ -487,8 +487,8 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, logon_count, country_code, code_page, - nt_password_set, lm_password_set, + nt_password_set, password_expired); r->password = *pwd_buf; @@ -538,8 +538,8 @@ void init_samr_user_info25(struct samr_UserInfo25 *r, uint16_t logon_count, uint16_t country_code, uint16_t code_page, - uint8_t nt_password_set, uint8_t lm_password_set, + uint8_t nt_password_set, uint8_t password_expired, struct samr_CryptPasswordEx *pwd_buf) { @@ -572,8 +572,8 @@ void init_samr_user_info25(struct samr_UserInfo25 *r, logon_count, country_code, code_page, - nt_password_set, lm_password_set, + nt_password_set, password_expired); r->password = *pwd_buf; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index cbcd4de60c..f5e477f668 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2607,8 +2607,8 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, pdb_get_logon_count(pw), 0, /* country_code */ 0, /* code_page */ - 0, /* nt_password_set */ 0, /* lm_password_set */ + 0, /* nt_password_set */ password_expired); return NT_STATUS_OK; -- cgit From e97149087ac45d178e18f648c8c25bb8c2d9759c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Dec 2008 23:26:48 +0100 Subject: s3-samr: fix rpcclient after idl change. Guenther --- source3/rpcclient/cmd_samr.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 139702cc74..979941193f 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -219,9 +219,8 @@ static void display_sam_dom_info_13(struct samr_DomInfo13 *info13) printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num); printf("Domain Create Time:\t%s\n", http_timestring(talloc_tos(), nt_time_to_unix(info13->domain_create_time))); - printf("Unknown1:\t%d\n", info13->unknown1); - printf("Unknown2:\t%d\n", info13->unknown2); - + printf("Sequence No at last promotion:\t%llu\n", + (unsigned long long)info13->modified_count_at_last_promotion); } static void display_sam_info_1(struct samr_DispEntryGeneral *r) -- cgit From ce0116815852ddf261954c6df89039ebee24aa87 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Dec 2008 23:27:08 +0100 Subject: s4-samr: fix s4 samr server after idl change. Guenther --- source4/rpc_server/samr/dcesrv_samr.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index e1fb187c52..b68fe1a6d9 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -763,8 +763,7 @@ static NTSTATUS dcesrv_samr_info_DomInfo13(struct samr_domain_state *state, info->domain_create_time = ldb_msg_find_attr_as_uint(dom_msgs[0], "creationTime", 0x0LL); - info->unknown1 = 0; - info->unknown2 = 0; + info->modified_count_at_last_promotion = 0; return NT_STATUS_OK; } -- cgit From 7423b6a4b8aadd12fde2f348d8637099b4171848 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:15:03 +0100 Subject: s3-samr: fix SAMR_FIELD_PASSWORD callers. Guenther --- source3/lib/netapi/user.c | 2 +- source3/rpc_server/srv_samr_nt.c | 4 ++-- source3/utils/net_rpc.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 2e319cf23c..1f4b03f677 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -46,7 +46,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, fields_present |= SAMR_FIELD_ACCOUNT_NAME; } if (infoX->usriX_password) { - fields_present |= SAMR_FIELD_PASSWORD; + fields_present |= SAMR_FIELD_NT_PASSWORD_PRESENT; } if (infoX->usriX_flags) { fields_present |= SAMR_FIELD_ACCT_FLAGS; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index f5e477f668..bff168bf2f 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3856,8 +3856,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, return NT_STATUS_ACCESS_DENIED; } - if ((id23->info.fields_present & SAMR_FIELD_PASSWORD) || - (id23->info.fields_present & SAMR_FIELD_PASSWORD2)) { + if ((id23->info.fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (id23->info.fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)) { DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n", pdb_get_username(pwd))); diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 0c34972a29..f69d3f9012 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5251,7 +5251,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, ¶meters, 0, 0, ACB_DOMTRUST, - SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD, + SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT, hours, 0, 0, 0, 0, 0, 0, 0, &crypt_pwd); -- cgit From 4bcf8edcf82d378686035e4ef451ca8ab777be4c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:18:06 +0100 Subject: s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change. Guenther --- source4/libnet/libnet_passwd.c | 4 ++-- source4/rpc_server/samr/dcesrv_samr.c | 8 ++++---- source4/torture/rpc/samba3rpc.c | 6 +++--- source4/torture/rpc/samr.c | 20 ++++++++++---------- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c index 80de6134b5..c2db219a06 100644 --- a/source4/libnet/libnet_passwd.c +++ b/source4/libnet/libnet_passwd.c @@ -360,7 +360,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_25(struct libnet_context *ctx, TA /* prepare samr_SetUserInfo2 level 25 */ ZERO_STRUCT(u_info); u_info.info25.info = *r->samr_handle.in.info21; - u_info.info25.info.fields_present |= SAMR_FIELD_PASSWORD; + u_info.info25.info.fields_present |= SAMR_FIELD_NT_PASSWORD_PRESENT; encode_pw_buffer(u_info.info25.password.data, r->samr_handle.in.newpassword, STR_UNICODE); status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key); @@ -451,7 +451,7 @@ static NTSTATUS libnet_SetPassword_samr_handle_23(struct libnet_context *ctx, TA /* prepare samr_SetUserInfo2 level 23 */ ZERO_STRUCT(u_info); u_info.info23.info = *r->samr_handle.in.info21; - u_info.info23.info.fields_present |= SAMR_FIELD_PASSWORD; + u_info.info23.info.fields_present |= SAMR_FIELD_NT_PASSWORD_PRESENT; encode_pw_buffer(u_info.info23.password.data, r->samr_handle.in.newpassword, STR_UNICODE); status = dcerpc_fetch_session_key(r->samr_handle.in.dcerpc_pipe, &session_key); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index b68fe1a6d9..680fb77659 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -3511,14 +3511,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL SET_UINT (msg, info23.info.country_code, "countryCode"); IFSET(SAMR_FIELD_CODE_PAGE) SET_UINT (msg, info23.info.code_page, "codePage"); - IFSET(SAMR_FIELD_PASSWORD) { + IFSET(SAMR_FIELD_NT_PASSWORD_PRESENT) { status = samr_set_password(dce_call, a_state->sam_ctx, a_state->account_dn, a_state->domain_state->domain_dn, mem_ctx, msg, &r->in.info->info23.password); - } else IFSET(SAMR_FIELD_PASSWORD2) { + } else IFSET(SAMR_FIELD_LM_PASSWORD_PRESENT) { status = samr_set_password(dce_call, a_state->sam_ctx, a_state->account_dn, @@ -3567,14 +3567,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL SET_UINT (msg, info25.info.country_code, "countryCode"); IFSET(SAMR_FIELD_CODE_PAGE) SET_UINT (msg, info25.info.code_page, "codePage"); - IFSET(SAMR_FIELD_PASSWORD) { + IFSET(SAMR_FIELD_NT_PASSWORD_PRESENT) { status = samr_set_password_ex(dce_call, a_state->sam_ctx, a_state->account_dn, a_state->domain_state->domain_dn, mem_ctx, msg, &r->in.info->info25.password); - } else IFSET(SAMR_FIELD_PASSWORD2) { + } else IFSET(SAMR_FIELD_LM_PASSWORD_PRESENT) { status = samr_set_password_ex(dce_call, a_state->sam_ctx, a_state->account_dn, diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index f1e7e5a367..2207786f17 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -580,8 +580,8 @@ static bool create_user(TALLOC_CTX *mem_ctx, struct smbcli_state *cli, arcfour_crypt_blob(u_info.info23.password.data, 516, &session_key); u_info.info23.info.password_expired = 0; - u_info.info23.info.fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2 | + u_info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG; sui2.in.user_handle = wks_handle; sui2.in.info = &u_info; @@ -767,7 +767,7 @@ static bool join3(struct smbcli_state *cli, cli_credentials_get_workstation(wks_creds)); i21->acct_flags = ACB_WSTRUST; i21->fields_present = SAMR_FIELD_FULL_NAME | - SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD; + SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT; /* this would break the test result expectations i21->fields_present |= SAMR_FIELD_EXPIRED_FLAG; i21->password_expired = 1; diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 01ff01674c..cc3c4156ba 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -2074,7 +2074,7 @@ bool test_ChangePasswordRandomBytes(struct dcerpc_pipe *p, struct torture_contex ZERO_STRUCT(u); - u.info25.info.fields_present = SAMR_FIELD_PASSWORD; + u.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT; set_pw_in_buffer(u.info25.password.data, &new_random_pass); @@ -2669,9 +2669,9 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, * password has been changed, old and new pwdlastset * need to be the same value */ - if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) && - !((pwd_tests[i].fields_present & SAMR_FIELD_PASSWORD) || - (pwd_tests[i].fields_present & SAMR_FIELD_PASSWORD2))) + if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) && + !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT))) { torture_assert_int_equal(tctx, pwdlastset_old, pwdlastset_new, "pwdlastset must be equal"); @@ -2732,9 +2732,9 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, * password has been changed, old and new pwdlastset * need to be the same value */ - if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) && - !((pwd_tests[i].fields_present & SAMR_FIELD_PASSWORD) || - (pwd_tests[i].fields_present & SAMR_FIELD_PASSWORD2))) + if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) && + !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT))) { torture_assert_int_equal(tctx, pwdlastset_old, pwdlastset_new, "pwdlastset must be equal"); @@ -2787,9 +2787,9 @@ static bool test_user_ops(struct dcerpc_pipe *p, int i; uint32_t rid; const uint32_t password_fields[] = { - SAMR_FIELD_PASSWORD, - SAMR_FIELD_PASSWORD2, - SAMR_FIELD_PASSWORD | SAMR_FIELD_PASSWORD2, + SAMR_FIELD_NT_PASSWORD_PRESENT, + SAMR_FIELD_LM_PASSWORD_PRESENT, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT, 0 }; -- cgit From b8204ffd03ccadf795978670e1c20247ab6aecc2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:21:10 +0100 Subject: s3-samr: fix samr callers of samr_UserInfo18. Guenther --- source3/include/proto.h | 3 ++- source3/rpc_client/init_samr.c | 4 +++- source3/rpc_server/srv_samr_nt.c | 6 ++++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 89b443e9db..f985fe25b7 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5672,7 +5672,8 @@ void init_samr_user_info16(struct samr_UserInfo16 *r, uint32_t acct_flags); void init_samr_user_info18(struct samr_UserInfo18 *r, const uint8 lm_pwd[16], - const uint8 nt_pwd[16]); + const uint8 nt_pwd[16], + uint8_t password_expired); void init_samr_user_info20(struct samr_UserInfo20 *r, struct lsa_BinaryString *parameters); void init_samr_user_info21(struct samr_UserInfo21 *r, diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 7f48b1fdf9..a6e4ad8a33 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -341,7 +341,8 @@ void init_samr_user_info16(struct samr_UserInfo16 *r, void init_samr_user_info18(struct samr_UserInfo18 *r, const uint8 lm_pwd[16], - const uint8 nt_pwd[16]) + const uint8 nt_pwd[16], + uint8_t password_expired) { DEBUG(5, ("init_samr_user_info18\n")); @@ -349,6 +350,7 @@ void init_samr_user_info18(struct samr_UserInfo18 *r, memcpy(r->lm_pwd.hash, lm_pwd, sizeof(r->lm_pwd.hash)) ? true : false; r->nt_pwd_active = memcpy(r->nt_pwd.hash, nt_pwd, sizeof(r->nt_pwd.hash)) ? true : false; + r->password_expired = password_expired; } /******************************************************************* diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index bff168bf2f..54aa534311 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2430,8 +2430,10 @@ static NTSTATUS get_user_info_18(pipes_struct *p, return NT_STATUS_ACCOUNT_DISABLED; } - init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass), - pdb_get_nt_passwd(smbpass)); + init_samr_user_info18(r, + pdb_get_lanman_passwd(smbpass), + pdb_get_nt_passwd(smbpass), + 0 /* FIXME */); TALLOC_FREE(smbpass); -- cgit From b883bcd4ff5fcde8db74564cadb540c9452d501c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 4 Dec 2008 18:23:45 +0100 Subject: s3: store user session key in cli_rpc_pipe_open_noauth(). Guenther --- source3/include/client.h | 1 + source3/rpc_client/cli_pipe.c | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/source3/include/client.h b/source3/include/client.h index 8d57fe1eed..587f3f6c67 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -52,6 +52,7 @@ struct cli_pipe_auth_data { char *domain; char *user_name; + DATA_BLOB user_session_key; union { struct schannel_auth_struct *schannel_auth; diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index f0c2f6709e..a2d334230d 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2979,6 +2979,9 @@ NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, auth->user_name = talloc_strdup(auth, cli->user_name); auth->domain = talloc_strdup(auth, cli->domain); + auth->user_session_key = data_blob_talloc(auth, + cli->user_session_key.data, + cli->user_session_key.length); if ((auth->user_name == NULL) || (auth->domain == NULL)) { TALLOC_FREE(result); @@ -3443,6 +3446,10 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, cli->auth->a_u.kerberos_auth->session_key.length); break; case PIPE_AUTH_TYPE_NONE: + *session_key = data_blob_talloc(mem_ctx, + cli->auth->user_session_key.data, + cli->auth->user_session_key.length); + break; default: return NT_STATUS_NO_USER_SESSION_KEY; } -- cgit From 8be38511a3d87f4debbdc3a827b6ca898ccdde02 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 12:59:07 +0100 Subject: s3-rpcclient: add setuserinfo to set passwords using level 18,21,23,24,25,26. Guenther --- source3/rpcclient/cmd_samr.c | 237 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 237 insertions(+) diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 979941193f..426e7e9744 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -2617,6 +2617,241 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, return result; } +static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv, + int opcode) +{ + POLICY_HND connect_pol, domain_pol, user_pol; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + const char *user, *param; + uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t level; + uint32_t user_rid; + union samr_UserInfo info; + struct samr_CryptPassword pwd_buf; + struct samr_CryptPasswordEx pwd_buf_ex; + uint8_t nt_hash[16]; + uint8_t lm_hash[16]; + DATA_BLOB session_key; + uint8_t password_expired = 0; + + if (argc < 4) { + printf("Usage: %s username level password [password_expired]\n", + argv[0]); + return NT_STATUS_INVALID_PARAMETER; + } + + user = argv[1]; + level = atoi(argv[2]); + param = argv[3]; + + if (argc >= 5) { + password_expired = atoi(argv[4]); + } + + status = cli_get_session_key(mem_ctx, cli, &session_key); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + init_samr_CryptPassword(param, &session_key, &pwd_buf); + init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex); + nt_lm_owf_gen(param, nt_hash, lm_hash); + + switch (level) { + case 18: + { + DATA_BLOB in,out; + in = data_blob_const(nt_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(nt_hash, out.data, out.length); + } + { + DATA_BLOB in,out; + in = data_blob_const(lm_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(lm_hash, out.data, out.length); + } + + init_samr_user_info18(&info.info18, + lm_hash, + nt_hash, + password_expired); + break; + case 21: + ZERO_STRUCT(info.info21); + + info.info21.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info21.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info21.password_expired = password_expired; + } + + info.info21.lm_password_set = true; + info.info21.lm_owf_password.length = 16; + info.info21.lm_owf_password.size = 16; + + info.info21.nt_password_set = true; + info.info21.nt_owf_password.length = 16; + info.info21.nt_owf_password.size = 16; + + { + DATA_BLOB in,out; + in = data_blob_const(nt_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + info.info21.nt_owf_password.array = + (uint16_t *)talloc_memdup(mem_ctx, out.data, 16); + } + { + DATA_BLOB in,out; + in = data_blob_const(lm_hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + info.info21.lm_owf_password.array = + (uint16_t *)talloc_memdup(mem_ctx, out.data, 16); + } + + break; + case 23: + ZERO_STRUCT(info.info23); + + info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info23.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info23.info.password_expired = password_expired; + } + + info.info23.password = pwd_buf; + + break; + case 24: + init_samr_user_info24(&info.info24, + &pwd_buf, + password_expired); + break; + case 25: + ZERO_STRUCT(info.info25); + + info.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT; + if (argc >= 5) { + info.info25.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG; + info.info25.info.password_expired = password_expired; + } + + info.info25.password = pwd_buf_ex; + + break; + case 26: + init_samr_user_info26(&info.info26, + &pwd_buf_ex, + password_expired); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + /* Get sam policy handle */ + + status = rpccli_try_samr_connects(cli, mem_ctx, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); + + if (!NT_STATUS_IS_OK(status)) + goto done; + + /* Get domain policy handle */ + + status = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); + + if (!NT_STATUS_IS_OK(status)) + goto done; + + user_rid = strtol(user, NULL, 0); + if (user_rid) { + status = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) || + (user_rid == 0)) { + + /* Probably this was a user name, try lookupnames */ + struct samr_Ids rids, types; + struct lsa_String lsa_acct_name; + + init_lsa_String(&lsa_acct_name, user); + + status = rpccli_samr_LookupNames(cli, mem_ctx, + &domain_pol, + 1, + &lsa_acct_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + rids.ids[0], + &user_pol); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + switch (opcode) { + case NDR_SAMR_SETUSERINFO: + status = rpccli_samr_SetUserInfo(cli, mem_ctx, + &user_pol, + level, + &info); + break; + case NDR_SAMR_SETUSERINFO2: + status = rpccli_samr_SetUserInfo2(cli, mem_ctx, + &user_pol, + level, + &info); + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + done: + return status; +} + +static NTSTATUS cmd_samr_setuserinfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv, + NDR_SAMR_SETUSERINFO); +} + +static NTSTATUS cmd_samr_setuserinfo2(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv, + NDR_SAMR_SETUSERINFO2); +} + static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2718,5 +2953,7 @@ struct cmd_set samr_commands[] = { { "chgpasswd2", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" }, { "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" }, { "getdispinfoidx", RPC_RTYPE_NTSTATUS, cmd_samr_get_dispinfo_idx, NULL, &ndr_table_samr.syntax_id, NULL, "Get Display Information Index", "" }, + { "setuserinfo", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info", "" }, + { "setuserinfo2", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo2, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info2", "" }, { NULL } }; -- cgit From 420a9071e1227435aada2a52c83ee44fda7180ed Mon Sep 17 00:00:00 2001 From: Steve French Date: Fri, 5 Dec 2008 08:09:08 -0600 Subject: mount.cifs: if mount user not specified use USER environment variable smbfs also would use the USER environment variable if the user was not specified on the mount command and no credential file specified, and mount.cifs man page says that we will use this environment variable (in most cases this will not cause a behavior change, because we were doing getuid of the current process which will usually be the same name). Fixes Samba bug #5934 Acked-by: Jeff Layton --- source3/client/mount.cifs.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index da2f98bff8..0bc61ae38f 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -1293,7 +1293,13 @@ int main(int argc, char ** argv) } if(got_user == 0) { - user_name = getusername(); + /* Note that the password will not be retrieved from the + USER env variable (ie user%password form) as there is + already a PASSWD environment varaible */ + if (getenv("USER")) + user_name = strdup(getenv("USER")); + if (user_name == NULL) + user_name = getusername(); got_user = 1; } -- cgit From 58102a366baa605cee013697d9e78b5fd8a39a9f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 15:47:48 +0100 Subject: s4-smbtorture: fix build of samr test (bad git merge). Guenther --- source4/torture/rpc/samr.c | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index cc3c4156ba..dc1be429d9 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -2463,8 +2463,8 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, },{ .level = 21, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2 | + .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE, .query_info2 = false, .set_error = NT_STATUS_ACCESS_DENIED @@ -2484,28 +2484,28 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, .level = 23, .password_expired_nonzero = 1, .fields_present = SAMR_FIELD_LAST_PWD_CHANGE | - SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2, + SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT, .set_error = NT_STATUS_ACCESS_DENIED },{ .level = 23, .password_expired_nonzero = 1, .fields_present = SAMR_FIELD_LAST_PWD_CHANGE | - SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2 | + SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG, .set_error = NT_STATUS_ACCESS_DENIED },{ .level = 23, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2 | + .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG },{ .level = 23, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2, + .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT, },{ .level = 23, .password_expired_nonzero = 1, @@ -2539,14 +2539,14 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, },{ .level = 25, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2 | + .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG },{ .level = 25, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_PASSWORD | - SAMR_FIELD_PASSWORD2, + .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | + SAMR_FIELD_LM_PASSWORD_PRESENT, },{ .level = 25, .password_expired_nonzero = 1, @@ -2669,9 +2669,9 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, * password has been changed, old and new pwdlastset * need to be the same value */ - if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) && - !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || - (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT))) + if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) && + !((pwd_tests[i].fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (pwd_tests[i].fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT))) { torture_assert_int_equal(tctx, pwdlastset_old, pwdlastset_new, "pwdlastset must be equal"); @@ -2732,9 +2732,9 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, * password has been changed, old and new pwdlastset * need to be the same value */ - if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) && - !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || - (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT))) + if (!(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG) && + !((pwd_tests[i].fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (pwd_tests[i].fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT))) { torture_assert_int_equal(tctx, pwdlastset_old, pwdlastset_new, "pwdlastset must be equal"); -- cgit From 985d9b10999da50099e72e6723a5c8460eee4ee2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 15:19:22 +0100 Subject: s4-smbtorture: add test for setting passwords via samr_UserInfo18. Guenther --- source4/libcli/auth/session.c | 2 +- source4/torture/rpc/samr.c | 84 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+), 1 deletion(-) diff --git a/source4/libcli/auth/session.c b/source4/libcli/auth/session.c index 29af7fafe8..10c728662d 100644 --- a/source4/libcli/auth/session.c +++ b/source4/libcli/auth/session.c @@ -29,7 +29,7 @@ before calling, the out blob must be initialised to be the same size as the in blob */ -static void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, +void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, bool forward) { int i, k; diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index dc1be429d9..373b4dac20 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -849,6 +849,77 @@ static bool test_SetUserPass_25(struct dcerpc_pipe *p, struct torture_context *t return ret; } +static bool test_SetUserPass_18(struct dcerpc_pipe *p, struct torture_context *tctx, + struct policy_handle *handle, char **password) +{ + NTSTATUS status; + struct samr_SetUserInfo s; + union samr_UserInfo u; + bool ret = true; + DATA_BLOB session_key; + char *newpass; + struct samr_GetUserPwInfo pwp; + struct samr_PwInfo info; + int policy_min_pw_len = 0; + uint8_t lm_hash[16], nt_hash[16]; + + pwp.in.user_handle = handle; + pwp.out.info = &info; + + status = dcerpc_samr_GetUserPwInfo(p, tctx, &pwp); + if (NT_STATUS_IS_OK(status)) { + policy_min_pw_len = pwp.out.info->min_password_length; + } + newpass = samr_rand_pass(tctx, policy_min_pw_len); + + s.in.user_handle = handle; + s.in.info = &u; + s.in.level = 18; + + ZERO_STRUCT(u); + + u.info18.nt_pwd_active = true; + u.info18.lm_pwd_active = true; + + E_md4hash(newpass, nt_hash); + E_deshash(newpass, lm_hash); + + status = dcerpc_fetch_session_key(p, &session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u - no session key - %s\n", + s.in.level, nt_errstr(status)); + return false; + } + + { + DATA_BLOB in,out; + in = data_blob_const(nt_hash, 16); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(u.info18.nt_pwd.hash, out.data, out.length); + } + { + DATA_BLOB in,out; + in = data_blob_const(lm_hash, 16); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(u.info18.lm_pwd.hash, out.data, out.length); + } + + torture_comment(tctx, "Testing SetUserInfo level 18 (set password hash)\n"); + + status = dcerpc_samr_SetUserInfo(p, tctx, &s); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u failed - %s\n", + s.in.level, nt_errstr(status)); + ret = false; + } else { + *password = newpass; + } + + return ret; +} + static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle, @@ -2894,6 +2965,19 @@ static bool test_user_ops(struct dcerpc_pipe *p, ret = false; } + if (torture_setting_bool(tctx, "samba4", false)) { + printf("skipping Set Password level 18 against Samba4\n"); + } else { + + if (!test_SetUserPass_18(p, tctx, user_handle, &password)) { + ret = false; + } + + if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) { + ret = false; + } + } + q.in.user_handle = user_handle; q.in.level = 5; q.out.info = &info; -- cgit From b514da4afd73251dfcce24162f33803d5d0ca616 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 15:43:33 +0100 Subject: s4-smbtorture: add test for setting passwords via samr_UserInfo21. Guenther --- source4/torture/rpc/samr.c | 135 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 134 insertions(+), 1 deletion(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 373b4dac20..2e59a06f98 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -920,6 +920,121 @@ static bool test_SetUserPass_18(struct dcerpc_pipe *p, struct torture_context *t return ret; } +static bool test_SetUserPass_21(struct dcerpc_pipe *p, struct torture_context *tctx, + struct policy_handle *handle, uint32_t fields_present, + char **password) +{ + NTSTATUS status; + struct samr_SetUserInfo s; + union samr_UserInfo u; + bool ret = true; + DATA_BLOB session_key; + char *newpass; + struct samr_GetUserPwInfo pwp; + struct samr_PwInfo info; + int policy_min_pw_len = 0; + uint8_t lm_hash[16], nt_hash[16]; + + pwp.in.user_handle = handle; + pwp.out.info = &info; + + status = dcerpc_samr_GetUserPwInfo(p, tctx, &pwp); + if (NT_STATUS_IS_OK(status)) { + policy_min_pw_len = pwp.out.info->min_password_length; + } + newpass = samr_rand_pass(tctx, policy_min_pw_len); + + s.in.user_handle = handle; + s.in.info = &u; + s.in.level = 21; + + E_md4hash(newpass, nt_hash); + E_deshash(newpass, lm_hash); + + ZERO_STRUCT(u); + + u.info21.fields_present = fields_present; + + if (fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) { + u.info21.lm_owf_password.length = 16; + u.info21.lm_owf_password.size = 16; + u.info21.lm_owf_password.array = (uint16_t *)lm_hash; + u.info21.lm_password_set = true; + } + + if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) { + u.info21.nt_owf_password.length = 16; + u.info21.nt_owf_password.size = 16; + u.info21.nt_owf_password.array = (uint16_t *)nt_hash; + u.info21.nt_password_set = true; + } + + status = dcerpc_fetch_session_key(p, &session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u - no session key - %s\n", + s.in.level, nt_errstr(status)); + return false; + } + + if (fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) { + DATA_BLOB in,out; + in = data_blob_const(u.info21.lm_owf_password.array, + u.info21.lm_owf_password.length); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + u.info21.lm_owf_password.array = (uint16_t *)out.data; + } + + if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) { + DATA_BLOB in,out; + in = data_blob_const(u.info21.nt_owf_password.array, + u.info21.nt_owf_password.length); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + u.info21.nt_owf_password.array = (uint16_t *)out.data; + } + + torture_comment(tctx, "Testing SetUserInfo level 21 (set password hash)\n"); + + status = dcerpc_samr_SetUserInfo(p, tctx, &s); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u failed - %s\n", + s.in.level, nt_errstr(status)); + ret = false; + } else { + *password = newpass; + } + + /* try invalid length */ + if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) { + + u.info21.nt_owf_password.length++; + + status = dcerpc_samr_SetUserInfo(p, tctx, &s); + + if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { + printf("SetUserInfo level %u should have failed with NT_STATUS_INVALID_PARAMETER - %s\n", + s.in.level, nt_errstr(status)); + ret = false; + } + } + + if (fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) { + + u.info21.lm_owf_password.length++; + + status = dcerpc_samr_SetUserInfo(p, tctx, &s); + + if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { + printf("SetUserInfo level %u should have failed with NT_STATUS_INVALID_PARAMETER - %s\n", + s.in.level, nt_errstr(status)); + ret = false; + } + } + + return ret; +} + static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle, @@ -2966,7 +3081,7 @@ static bool test_user_ops(struct dcerpc_pipe *p, } if (torture_setting_bool(tctx, "samba4", false)) { - printf("skipping Set Password level 18 against Samba4\n"); + printf("skipping Set Password level 18 and 21 against Samba4\n"); } else { if (!test_SetUserPass_18(p, tctx, user_handle, &password)) { @@ -2976,6 +3091,24 @@ static bool test_user_ops(struct dcerpc_pipe *p, if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) { ret = false; } + + for (i = 0; password_fields[i]; i++) { + + if (password_fields[i] == SAMR_FIELD_LM_PASSWORD_PRESENT) { + /* we need to skip as that would break + * the ChangePasswordUser3 verify */ + continue; + } + + if (!test_SetUserPass_21(p, tctx, user_handle, password_fields[i], &password)) { + ret = false; + } + + /* check it was set right */ + if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) { + ret = false; + } + } } q.in.user_handle = user_handle; -- cgit From 97c3ae12cff3d301d0bb0b259d7bcee4a55a6e4d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Dec 2008 23:22:14 +0100 Subject: s4-smbtorture: more tests for RPC-SAMR-PASSWORDS-PWDLASTSET. Guenther --- source4/torture/rpc/samr.c | 289 ++++++++++++++++++++++++++++----------------- 1 file changed, 181 insertions(+), 108 deletions(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 2e59a06f98..b9fa778fa7 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -1041,9 +1041,11 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, uint16_t level, uint32_t fields_present, char **password, uint8_t password_expired, - bool use_setinfo2, NTSTATUS expected_error) + bool use_setinfo2, + bool *matched_expected_error) { NTSTATUS status; + NTSTATUS expected_error = NT_STATUS_OK; struct samr_SetUserInfo s; struct samr_SetUserInfo2 s2; union samr_UserInfo u; @@ -1157,6 +1159,15 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, status = dcerpc_samr_SetUserInfo(p, tctx, &s); } + if (!NT_STATUS_IS_OK(status)) { + if (fields_present == 0) { + expected_error = NT_STATUS_INVALID_PARAMETER; + } + if (fields_present & SAMR_FIELD_LAST_PWD_CHANGE) { + expected_error = NT_STATUS_ACCESS_DENIED; + } + } + if (!NT_STATUS_IS_OK(expected_error)) { if (use_setinfo2) { torture_assert_ntstatus_equal(tctx, @@ -1167,6 +1178,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, s.out.result, expected_error, "SetUserInfo failed"); } + *matched_expected_error = true; return true; } @@ -2550,7 +2562,7 @@ static bool test_SetPassword_level(struct dcerpc_pipe *p, uint16_t level, uint32_t fields_present, uint8_t password_expired, - NTSTATUS expected_error, + bool *matched_expected_error, bool use_setinfo2, char **password, bool use_queryinfo2, @@ -2586,7 +2598,7 @@ static bool test_SetPassword_level(struct dcerpc_pipe *p, password, password_expired, use_setinfo2, - expected_error)) { + matched_expected_error)) { ret = false; } break; @@ -2609,143 +2621,73 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, struct policy_handle *handle, char **password) { - int i, s = 0, q = 0; + int i, s = 0, q = 0, f = 0; bool ret = true; int delay = 500000; bool set_levels[] = { false, true }; bool query_levels[] = { false, true }; + uint32_t fields_present[] = { + 0, + SAMR_FIELD_EXPIRED_FLAG, + SAMR_FIELD_LAST_PWD_CHANGE, + SAMR_FIELD_EXPIRED_FLAG | SAMR_FIELD_LAST_PWD_CHANGE, + SAMR_FIELD_COMMENT, + SAMR_FIELD_NT_PASSWORD_PRESENT, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_EXPIRED_FLAG, + SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE | SAMR_FIELD_EXPIRED_FLAG + }; struct { uint16_t level; uint8_t password_expired_nonzero; - uint32_t fields_present; - bool query_info2; - bool set_info2; - NTSTATUS set_error; } pwd_tests[] = { /* level 21 */ { .level = 21, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_EXPIRED_FLAG - },{ - .level = 21, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_LAST_PWD_CHANGE, - .set_error = NT_STATUS_ACCESS_DENIED - },{ - .level = 21, - .password_expired_nonzero = 1, - .fields_present = 0, - .set_error = NT_STATUS_INVALID_PARAMETER - },{ - .level = 21, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_COMMENT, - -#if 0 - /* FIXME */ },{ .level = 21, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT | - SAMR_FIELD_LAST_PWD_CHANGE, - .query_info2 = false, - .set_error = NT_STATUS_ACCESS_DENIED -#endif + .password_expired_nonzero = 24, /* level 23 */ },{ .level = 23, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_EXPIRED_FLAG - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_LAST_PWD_CHANGE, - .set_error = NT_STATUS_ACCESS_DENIED - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_LAST_PWD_CHANGE | - SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT, - .set_error = NT_STATUS_ACCESS_DENIED - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_LAST_PWD_CHANGE | - SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT | - SAMR_FIELD_EXPIRED_FLAG, - .set_error = NT_STATUS_ACCESS_DENIED },{ .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT | - SAMR_FIELD_EXPIRED_FLAG - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT, - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_COMMENT, - },{ - .level = 23, - .password_expired_nonzero = 1, - .fields_present = 0, - .set_error = NT_STATUS_INVALID_PARAMETER + .password_expired_nonzero = 24, },{ /* level 24 */ .level = 24, - .password_expired_nonzero = 1 + .password_expired_nonzero = 1, },{ .level = 24, - .password_expired_nonzero = 24 + .password_expired_nonzero = 24, },{ /* level 25 */ .level = 25, .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_LAST_PWD_CHANGE, - .set_error = NT_STATUS_ACCESS_DENIED - },{ - .level = 25, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_EXPIRED_FLAG, - },{ - .level = 25, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT | - SAMR_FIELD_EXPIRED_FLAG - },{ - .level = 25, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT | - SAMR_FIELD_LM_PASSWORD_PRESENT, },{ .level = 25, - .password_expired_nonzero = 1, - .fields_present = SAMR_FIELD_COMMENT, + .password_expired_nonzero = 24 },{ /* level 26 */ .level = 26, - .password_expired_nonzero = 1 + .password_expired_nonzero = 1, },{ .level = 26, - .password_expired_nonzero = 24 + .password_expired_nonzero = 24, } }; @@ -2763,6 +2705,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, #define TEST_QUERY_LEVELS 1 #endif for (i=0; i 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + default: + if ((pwdlastset_old > 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + } + usleep(delay); /* set #2 */ @@ -2831,15 +2796,15 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, /* set a password, pwdlastset needs to get updated (increased * value), password_expired value used here is 0 */ - if (!test_SetPassword_level(p, tctx, handle, pwd_tests[i].level, - pwd_tests[i].fields_present, + if (!test_SetPassword_level(p, tctx, handle, + pwd_tests[i].level, + fields_present[f], 0, - pwd_tests[i].set_error, + &matched_expected_error, set_levels[s], password, query_levels[q], &pwdlastset_new)) { - ret = false; } @@ -2878,19 +2843,91 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, } } + switch (pwd_tests[i].level) { + case 21: + case 23: + case 25: + if (((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)) && + (pwdlastset_old > 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + default: + if ((pwdlastset_old > 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + } + pwdlastset_old = pwdlastset_new; usleep(delay); + /* set #2b */ + + /* set a password, pwdlastset needs to get updated (increased + * value), password_expired value used here is 0 */ + + if (!test_SetPassword_level(p, tctx, handle, + pwd_tests[i].level, + fields_present[f], + 0, + &matched_expected_error, + set_levels[s], + password, + query_levels[q], + &pwdlastset_new)) { + ret = false; + } + + /* when a password has been changed, pwdlastset must not be 0 afterwards + * and must be larger then the old value */ + + switch (pwd_tests[i].level) { + case 21: + case 23: + case 25: + + /* if no password has been changed, old and new pwdlastset + * need to be the same value */ + + if (!((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT))) + { + torture_assert_int_equal(tctx, pwdlastset_old, + pwdlastset_new, "pwdlastset must be equal"); + break; + } + default: + if (pwdlastset_old >= pwdlastset_new) { + torture_warning(tctx, "pwdLastSet test failed: " + "expected last pwdlastset (%lld) < new pwdlastset (%lld)\n", + pwdlastset_old, pwdlastset_new); + ret = false; + } + if (pwdlastset_new == 0) { + torture_warning(tctx, "pwdLastSet test failed: " + "expected non-0 pwdlastset, got: %lld\n", + pwdlastset_new); + ret = false; + } + } + /* set #3 */ /* set a password and force password change (pwdlastset 0) by * setting the password expired flag to a non-0 value */ - if (!test_SetPassword_level(p, tctx, handle, pwd_tests[i].level, - pwd_tests[i].fields_present, + if (!test_SetPassword_level(p, tctx, handle, + pwd_tests[i].level, + fields_present[f], pwd_tests[i].password_expired_nonzero, - pwd_tests[i].set_error, + &matched_expected_error, set_levels[s], password, query_levels[q], @@ -2906,7 +2943,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, case 23: case 25: if ((pwdlastset_new != 0) && - !(pwd_tests[i].fields_present & SAMR_FIELD_EXPIRED_FLAG)) { + !(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG)) { torture_comment(tctx, "not considering a non-0 " "pwdLastSet as a an error as the " "SAMR_FIELD_EXPIRED_FLAG has not " @@ -2943,6 +2980,35 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, } break; } + + switch (pwd_tests[i].level) { + case 21: + case 23: + case 25: + if (((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) || + (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)) && + (pwdlastset_old > 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + default: + if ((pwdlastset_old > 0) && (pwdlastset_new > 0) && + (pwdlastset_old >= pwdlastset_new)) { + torture_warning(tctx, "pwdlastset not increasing\n"); + ret = false; + } + break; + } + + switch (pwd_tests[i].level) { + case 24: + case 26: + f = ARRAY_SIZE(fields_present); + break; + } + #ifdef TEST_QUERY_LEVELS } #endif @@ -2950,6 +3016,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, } #endif } + } #undef TEST_SET_LEVELS #undef TEST_QUERY_LEVELS @@ -5370,7 +5437,6 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, switch (which_ops) { case TORTURE_SAMR_USER_ATTRIBUTES: case TORTURE_SAMR_PASSWORDS: - case TORTURE_SAMR_PASSWORDS_PWDLASTSET: ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops); ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops); /* This test needs 'complex' users to validate */ @@ -5379,6 +5445,13 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, printf("Testing PASSWORDS or ATTRIBUTES on domain %s failed!\n", dom_sid_string(tctx, sid)); } break; + case TORTURE_SAMR_PASSWORDS_PWDLASTSET: + ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops); + ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops); + if (!ret) { + printf("Testing PASSWORDS PWDLASTSET on domain %s failed!\n", dom_sid_string(tctx, sid)); + } + break; case TORTURE_SAMR_OTHER: ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops); if (!ret) { -- cgit From c0b67b4aa6253434ebbb71bf78f599ace351803f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 16:07:06 +0100 Subject: s4-smbtorture: add support for level 18 and 21 in test_SetUserPass_level_ex. Guenther --- source4/torture/rpc/samr.c | 93 ++++++++++++++++++++++++++++++++++++---------- 1 file changed, 73 insertions(+), 20 deletions(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index b9fa778fa7..e92f1d0156 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -1059,6 +1059,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, struct samr_PwInfo info; int policy_min_pw_len = 0; const char *comment = NULL; + uint8_t lm_hash[16], nt_hash[16]; pwp.in.user_handle = handle; pwp.out.info = &info; @@ -1086,11 +1087,40 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, ZERO_STRUCT(u); switch (level) { + case 18: + E_md4hash(newpass, nt_hash); + E_deshash(newpass, lm_hash); + + u.info18.nt_pwd_active = true; + u.info18.lm_pwd_active = true; + u.info18.password_expired = password_expired; + + memcpy(u.info18.lm_pwd.hash, lm_hash, 16); + memcpy(u.info18.nt_pwd.hash, nt_hash, 16); + + break; case 21: + E_md4hash(newpass, nt_hash); + E_deshash(newpass, lm_hash); + u.info21.fields_present = fields_present; u.info21.password_expired = password_expired; u.info21.comment.string = comment; + if (fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) { + u.info21.lm_owf_password.length = 16; + u.info21.lm_owf_password.size = 16; + u.info21.lm_owf_password.array = (uint16_t *)lm_hash; + u.info21.lm_password_set = true; + } + + if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) { + u.info21.nt_owf_password.length = 16; + u.info21.nt_owf_password.size = 16; + u.info21.nt_owf_password.array = (uint16_t *)nt_hash; + u.info21.nt_password_set = true; + } + break; case 23: u.info23.info.fields_present = fields_present; @@ -1137,6 +1167,41 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, MD5Final(confounded_session_key.data, &ctx); switch (level) { + case 18: + { + DATA_BLOB in,out; + in = data_blob_const(u.info18.nt_pwd.hash, 16); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(u.info18.nt_pwd.hash, out.data, out.length); + } + { + DATA_BLOB in,out; + in = data_blob_const(u.info18.lm_pwd.hash, 16); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + memcpy(u.info18.lm_pwd.hash, out.data, out.length); + } + + break; + case 21: + if (fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) { + DATA_BLOB in,out; + in = data_blob_const(u.info21.lm_owf_password.array, + u.info21.lm_owf_password.length); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + u.info21.lm_owf_password.array = (uint16_t *)out.data; + } + if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) { + DATA_BLOB in,out; + in = data_blob_const(u.info21.nt_owf_password.array, + u.info21.nt_owf_password.length); + out = data_blob_talloc_zero(tctx, 16); + sess_crypt_blob(&out, &in, &session_key, true); + u.info21.nt_owf_password.array = (uint16_t *)out.data; + } + break; case 23: arcfour_crypt_blob(u.info23.password.data, 516, &session_key); break; @@ -1187,9 +1252,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p, use_setinfo2 ? "2":"", level, nt_errstr(status)); ret = false; } else { - if (level != 21) { - *password = newpass; - } + *password = newpass; } return ret; @@ -2587,23 +2650,13 @@ static bool test_SetPassword_level(struct dcerpc_pipe *p, use_setinfo2 ? "2":"", level, password_expired, fields ? fields : ""); - switch (level) { - case 21: - case 23: - case 24: - case 25: - case 26: - if (!test_SetUserPass_level_ex(p, tctx, handle, level, - fields_present, - password, - password_expired, - use_setinfo2, - matched_expected_error)) { - ret = false; - } - break; - default: - return false; + if (!test_SetUserPass_level_ex(p, tctx, handle, level, + fields_present, + password, + password_expired, + use_setinfo2, + matched_expected_error)) { + ret = false; } if (!test_QueryUserInfo_pwdlastset(p, tctx, handle, -- cgit From f29d31a7e0f7b397cbcbb83d1b1c0ce233e948e9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Dec 2008 16:11:15 +0100 Subject: s4-smbtorture: do full level 18, 21, 23, 24, 25, 26 testing in pwdlastset test. Guenther --- source4/torture/rpc/samr.c | 108 ++++++++++++++------------------------------- 1 file changed, 33 insertions(+), 75 deletions(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index e92f1d0156..d29c864b92 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -2674,11 +2674,13 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, struct policy_handle *handle, char **password) { - int i, s = 0, q = 0, f = 0; + int i, s = 0, q = 0, f = 0, l = 0, z = 0; bool ret = true; int delay = 500000; bool set_levels[] = { false, true }; bool query_levels[] = { false, true }; + uint32_t levels[] = { 18, 21, 23, 24, 25, 26 }; + uint32_t nonzeros[] = { 1, 24 }; uint32_t fields_present[] = { 0, SAMR_FIELD_EXPIRED_FLAG, @@ -2694,56 +2696,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, SAMR_FIELD_NT_PASSWORD_PRESENT | SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_LAST_PWD_CHANGE | SAMR_FIELD_EXPIRED_FLAG }; - struct { - uint16_t level; - uint8_t password_expired_nonzero; - } pwd_tests[] = { - - /* level 21 */ - { - .level = 21, - .password_expired_nonzero = 1, - },{ - .level = 21, - .password_expired_nonzero = 24, - - /* level 23 */ - },{ - .level = 23, - .password_expired_nonzero = 1, - },{ - .level = 23, - .password_expired_nonzero = 24, - },{ - - /* level 24 */ - - .level = 24, - .password_expired_nonzero = 1, - },{ - .level = 24, - .password_expired_nonzero = 24, - },{ - - /* level 25 */ - - .level = 25, - .password_expired_nonzero = 1, - },{ - .level = 25, - .password_expired_nonzero = 24 - },{ - - /* level 26 */ - - .level = 26, - .password_expired_nonzero = 1, - },{ - .level = 26, - .password_expired_nonzero = 24, - } - }; - if (torture_setting_bool(tctx, "samba3", false)) { delay = 1000000; printf("Samba3 has second granularity, setting delay to: %d\n", @@ -2757,7 +2709,8 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, #define TEST_SET_LEVELS 1 #define TEST_QUERY_LEVELS 1 #endif - for (i=0; i Date: Fri, 5 Dec 2008 16:13:28 +0100 Subject: s3-samr: fix samr_SetUserInfo level 18 server-side. Guenther --- source3/rpc_server/srv_samr_nt.c | 62 +++++++++++++++++++++++++++++----------- 1 file changed, 46 insertions(+), 16 deletions(-) diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 54aa534311..513634019b 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3701,29 +3701,58 @@ static bool set_user_info_16(struct samr_UserInfo16 *id16, set_user_info_18 ********************************************************************/ -static bool set_user_info_18(struct samr_UserInfo18 *id18, - struct samu *pwd) +static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, + TALLOC_CTX *mem_ctx, + DATA_BLOB *session_key, + struct samu *pwd) { if (id18 == NULL) { DEBUG(2, ("set_user_info_18: id18 is NULL\n")); - return False; + return NT_STATUS_INVALID_PARAMETER; } - if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd.hash, PDB_CHANGED)) { - return False; + if (id18->nt_pwd_active || id18->lm_pwd_active) { + if (!session_key->length) { + return NT_STATUS_NO_USER_SESSION_KEY; + } } - if (!pdb_set_nt_passwd (pwd, id18->nt_pwd.hash, PDB_CHANGED)) { - return False; + + if (id18->nt_pwd_active) { + + DATA_BLOB in, out; + + in = data_blob_const(id18->nt_pwd.hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + + sess_crypt_blob(&out, &in, session_key, false); + + if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) { + return NT_STATUS_ACCESS_DENIED; + } } - if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) { - return False; + + if (id18->lm_pwd_active) { + + DATA_BLOB in, out; + + in = data_blob_const(id18->lm_pwd.hash, 16); + out = data_blob_talloc_zero(mem_ctx, 16); + + sess_crypt_blob(&out, &in, session_key, false); + + if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) { + return NT_STATUS_ACCESS_DENIED; + } } - if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { - return False; - } + if (id18->password_expired) { + pdb_set_pass_last_set_time(pwd, 0, PDB_CHANGED); + } else { + /* FIXME */ + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); + } - return True; + return pdb_update_sam_account(pwd); } /******************************************************************* @@ -4180,9 +4209,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p, case 18: /* Used by AS/U JRA. */ - if (!set_user_info_18(&info->info18, pwd)) { - status = NT_STATUS_ACCESS_DENIED; - } + status = set_user_info_18(&info->info18, + p->mem_ctx, + &p->server_info->user_session_key, + pwd); break; case 20: -- cgit From ac4a77ccca08b73f828938a0cfaece66b1c9deea Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 5 Dec 2008 13:20:55 -0800 Subject: Fix for crash bug freeing a non-malloc'ed buffer if the client sends a non-encrypted packet with the crypto state set. --- source3/libsmb/smb_seal.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c index a81ae9afd5..795c8bc14c 100644 --- a/source3/libsmb/smb_seal.c +++ b/source3/libsmb/smb_seal.c @@ -388,10 +388,17 @@ void common_free_encryption_state(struct smb_trans_enc_state **pp_es) void common_free_enc_buffer(struct smb_trans_enc_state *es, char *buf) { + uint16_t enc_ctx_num; + if (!common_encryption_on(es)) { return; } + if (!NT_STATUS_IS_OK(get_enc_ctx_num((const uint8_t *)buf, + &enc_ctx_num))) { + return; + } + if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) { SAFE_FREE(buf); return; -- cgit From 611ef42053eb99f4c29d4efa86eaea9f1ca06286 Mon Sep 17 00:00:00 2001 From: Yasuma Takeda Date: Fri, 5 Dec 2008 13:37:51 -0800 Subject: Fix bug #5944 - nmbd does not boot if socket adress = "" is defined in smb.conf --- source3/param/loadparm.c | 16 +++++++++++++++- source3/smbd/server.c | 5 ++--- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 217957ab37..c743b89680 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5063,7 +5063,6 @@ FN_GLOBAL_STRING(lp_remote_announce, &Globals.szRemoteAnnounce) FN_GLOBAL_STRING(lp_remote_browse_sync, &Globals.szRemoteBrowseSync) FN_GLOBAL_LIST(lp_wins_server_list, &Globals.szWINSservers) FN_GLOBAL_LIST(lp_interfaces, &Globals.szInterfaces) -FN_GLOBAL_STRING(lp_socket_address, &Globals.szSocketAddress) FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName) static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion) FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases) @@ -9468,3 +9467,18 @@ int lp_min_receive_file_size(void) } return MIN(Globals.iminreceivefile, BUFFER_SIZE); } + +/******************************************************************* + If socket address is an empty character string, it is necessary to + define it as "0.0.0.0". +********************************************************************/ + +const char *lp_socket_address(void) +{ + char *sock_addr = Globals.szSocketAddress; + + if (sock_addr[0] == '\0'){ + string_set(&Globals.szSocketAddress, "0.0.0.0"); + } + return Globals.szSocketAddress; +} diff --git a/source3/smbd/server.c b/source3/smbd/server.c index fff05a3aac..f7bdb58288 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -469,9 +469,8 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ char *sock_tok; const char *sock_ptr; - if (sock_addr[0] == '\0' || - strequal(sock_addr, "0.0.0.0") || - strequal(sock_addr, "::")) { + if (strequal(sock_addr, "0.0.0.0") || + strequal(sock_addr, "::")) { #if HAVE_IPV6 sock_addr = "::,0.0.0.0"; #else -- cgit From 3b6e5e6cc8b00912d24c8e1fc59eaa21068db91a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 5 Dec 2008 14:04:51 -0800 Subject: Fix lp_socket_address() prototype. Jeremy. --- source3/include/proto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index f985fe25b7..d0e64f7f14 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3922,7 +3922,7 @@ char *lp_remote_announce(void); char *lp_remote_browse_sync(void); const char **lp_wins_server_list(void); const char **lp_interfaces(void); -char *lp_socket_address(void); +const char *lp_socket_address(void); char *lp_nis_home_map_name(void); const char **lp_netbios_aliases(void); const char *lp_passdb_backend(void); -- cgit From 33193c2bb78f8903aa430f8153f74a68682ddec3 Mon Sep 17 00:00:00 2001 From: Tomasz Krasuski Date: Fri, 5 Dec 2008 16:30:39 -0800 Subject: Fix bug #5928 - Option --version in testparm does not work. --- source3/lib/popt_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 2e6d3b3cb1..9e67c5257d 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -166,7 +166,7 @@ struct poptOption popt_common_configfile[] = { }; struct poptOption popt_common_version[] = { - { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback }, + { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback }, { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" }, POPT_TABLEEND }; -- cgit From f9172a2af558262a6993059114813daf24c9e173 Mon Sep 17 00:00:00 2001 From: Dan Sledz Date: Fri, 5 Dec 2008 17:29:38 -0800 Subject: Fix logging to syslog --- source3/lib/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/debug.c b/source3/lib/debug.c index d64fcb66d9..193e9efc96 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -851,7 +851,7 @@ void check_log_size( void ) ret = vasprintf(&msgbuf, format_str, ap); va_end(ap); - if (ret == -1) { + if (ret != -1) { syslog(priority, "%s", msgbuf); } SAFE_FREE(msgbuf); -- cgit From ba0facd688d2b0d864364031a373abea73e9154f Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 5 Dec 2008 16:53:44 +0100 Subject: s4:winbind: move setting up the primary_sid into a new function wbsrv_setup_domains() metze --- source4/winbind/config.mk | 1 + source4/winbind/wb_server.c | 10 +++------ source4/winbind/wb_setup_domains.c | 42 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 46 insertions(+), 7 deletions(-) create mode 100644 source4/winbind/wb_setup_domains.c diff --git a/source4/winbind/config.mk b/source4/winbind/config.mk index f719f00853..865ff90567 100644 --- a/source4/winbind/config.mk +++ b/source4/winbind/config.mk @@ -20,6 +20,7 @@ PRIVATE_DEPENDENCIES = \ WINBIND_OBJ_FILES = $(addprefix $(winbindsrcdir)/, \ wb_server.o \ + wb_setup_domains.o \ wb_irpc.o \ wb_samba3_protocol.o \ wb_samba3_cmd.o \ diff --git a/source4/winbind/wb_server.c b/source4/winbind/wb_server.c index b8309597d7..9ffcd467ee 100644 --- a/source4/winbind/wb_server.c +++ b/source4/winbind/wb_server.c @@ -147,13 +147,9 @@ static void winbind_task_init(struct task_server *task) if (!service) goto nomem; service->task = task; - service->primary_sid = secrets_get_domain_sid(service, - task->event_ctx, - task->lp_ctx, - lp_workgroup(task->lp_ctx)); - if (service->primary_sid == NULL) { - task_server_terminate( - task, nt_errstr(NT_STATUS_CANT_ACCESS_DOMAIN_INFO)); + status = wbsrv_setup_domains(service); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, nt_errstr(status)); return; } diff --git a/source4/winbind/wb_setup_domains.c b/source4/winbind/wb_setup_domains.c new file mode 100644 index 0000000000..92b91c182f --- /dev/null +++ b/source4/winbind/wb_setup_domains.c @@ -0,0 +1,42 @@ +/* + Unix SMB/CIFS implementation. + + Copyright (C) Stefan Metzmacher 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "winbind/wb_server.h" +#include "smbd/service_task.h" +#include "auth/credentials/credentials.h" +#include "param/secrets.h" +#include "param/param.h" + +NTSTATUS wbsrv_setup_domains(struct wbsrv_service *service) +{ + const struct dom_sid *primary_sid; + + primary_sid = secrets_get_domain_sid(service, + service->task->event_ctx, + service->task->lp_ctx, + lp_workgroup(service->task->lp_ctx)); + if (!primary_sid) { + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + + service->primary_sid = primary_sid; + + return NT_STATUS_OK; +} -- cgit From 3e1cd3dda7a6de9a46ecac9cf1518470203e4e12 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 10:11:30 +0100 Subject: s4:brwoser.idl: add idl for BrowserrQueryOtherDomains() metze --- librpc/idl/browser.idl | 54 ++++++++++++++++++++++++++++++++++++++------------ librpc/idl/srvsvc.idl | 4 ++-- 2 files changed, 43 insertions(+), 15 deletions(-) diff --git a/librpc/idl/browser.idl b/librpc/idl/browser.idl index 5b05be9cbb..94d4ce6b62 100644 --- a/librpc/idl/browser.idl +++ b/librpc/idl/browser.idl @@ -1,4 +1,6 @@ -[ +import "srvsvc.idl"; + +[ uuid("6bffd098-a112-3610-9833-012892020162"), version(0.0), helpstring("Browsing"), @@ -9,50 +11,76 @@ interface browser { /******************/ /* Function 0x00 */ - [todo] NTSTATUS BrowserrServerEnum(); + [todo] void BrowserrServerEnum(); /******************/ /* Function 0x01 */ - [todo] NTSTATUS BrowserrDebugCall(); + [todo] void BrowserrDebugCall(); /******************/ /* Function 0x02 */ - [todo] NTSTATUS BrowserrQueryOtherDomains(); + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] srvsvc_NetSrvInfo100 *entries; + } BrowserrSrvInfo100Ctr; + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] srvsvc_NetSrvInfo101 *entries; + } BrowserrSrvInfo101Ctr; + + typedef [switch_type(uint32)] union { + [case(100)] BrowserrSrvInfo100Ctr *info100; + [case(101)] BrowserrSrvInfo101Ctr *info101; + [default] ; + } BrowserrSrvInfoUnion; + + typedef struct { + uint32 level; + [switch_is(level)] BrowserrSrvInfoUnion info; + } BrowserrSrvInfo; + + WERROR BrowserrQueryOtherDomains( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out,ref] BrowserrSrvInfo *info, + [out,ref] uint32 *total_entries + ); /******************/ /* Function 0x03 */ - [todo] NTSTATUS BrowserrResetNetlogonState(); + [todo] void BrowserrResetNetlogonState(); /******************/ /* Function 0x04 */ - [todo] NTSTATUS BrowserrDebugTrace(); + [todo] void BrowserrDebugTrace(); /******************/ /* Function 0x05 */ - [todo] NTSTATUS BrowserrQueryStatistics(); + [todo] void BrowserrQueryStatistics(); /******************/ /* Function 0x06 */ - [todo] NTSTATUS BrowserResetStatistics(); + [todo] void BrowserResetStatistics(); /******************/ /* Function 0x07 */ - [todo] NTSTATUS NetrBrowserStatisticsClear(); + [todo] void NetrBrowserStatisticsClear(); /******************/ /* Function 0x08 */ - [todo] NTSTATUS NetrBrowserStatisticsGet(); + [todo] void NetrBrowserStatisticsGet(); /******************/ /* Function 0x09 */ - [todo] NTSTATUS BrowserrSetNetlogonState(); + [todo] void BrowserrSetNetlogonState(); /******************/ /* Function 0x0a */ - [todo] NTSTATUS BrowserrQueryEmulatedDomains(); + [todo] void BrowserrQueryEmulatedDomains(); /******************/ /* Function 0x0b */ - [todo] NTSTATUS BrowserrServerEnumEx(); + [todo] void BrowserrServerEnumEx(); } diff --git a/librpc/idl/srvsvc.idl b/librpc/idl/srvsvc.idl index 3f24402c3f..153d8cfbbe 100644 --- a/librpc/idl/srvsvc.idl +++ b/librpc/idl/srvsvc.idl @@ -638,12 +638,12 @@ import "security.idl", "svcctl.idl"; PLATFORM_ID_VMS = 700 } srvsvc_PlatformId; - typedef struct { + typedef [public] struct { srvsvc_PlatformId platform_id; [string,charset(UTF16)] uint16 *server_name; } srvsvc_NetSrvInfo100; - typedef struct { + typedef [public] struct { srvsvc_PlatformId platform_id; [string,charset(UTF16)] uint16 *server_name; uint32 version_major; -- cgit From 6627080e0015acff5cfaf283f342c18fcba59117 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 10:21:11 +0100 Subject: s4:rpc_server: add dcesrv_browser template metze --- source4/rpc_server/browser/dcesrv_browser.c | 149 ++++++++++++++++++++++++++++ source4/rpc_server/config.mk | 13 +++ source4/rpc_server/service_rpc.c | 1 + 3 files changed, 163 insertions(+) create mode 100644 source4/rpc_server/browser/dcesrv_browser.c diff --git a/source4/rpc_server/browser/dcesrv_browser.c b/source4/rpc_server/browser/dcesrv_browser.c new file mode 100644 index 0000000000..b67bfa398f --- /dev/null +++ b/source4/rpc_server/browser/dcesrv_browser.c @@ -0,0 +1,149 @@ +/* + Unix SMB/CIFS implementation. + + endpoint server for the browser pipe + + Copyright (C) Stefan Metzmacher 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "rpc_server/dcerpc_server.h" +#include "librpc/gen_ndr/ndr_browser.h" +#include "rpc_server/common/common.h" + + +/* + BrowserrServerEnum +*/ +static void dcesrv_BrowserrServerEnum(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrServerEnum *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrDebugCall +*/ +static void dcesrv_BrowserrDebugCall(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrDebugCall *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrQueryOtherDomains +*/ +static WERROR dcesrv_BrowserrQueryOtherDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrQueryOtherDomains *r) +{ + DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrResetNetlogonState +*/ +static void dcesrv_BrowserrResetNetlogonState(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrResetNetlogonState *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrDebugTrace +*/ +static void dcesrv_BrowserrDebugTrace(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrDebugTrace *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrQueryStatistics +*/ +static void dcesrv_BrowserrQueryStatistics(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrQueryStatistics *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserResetStatistics +*/ +static void dcesrv_BrowserResetStatistics(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserResetStatistics *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + NetrBrowserStatisticsClear +*/ +static void dcesrv_NetrBrowserStatisticsClear(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct NetrBrowserStatisticsClear *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + NetrBrowserStatisticsGet +*/ +static void dcesrv_NetrBrowserStatisticsGet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct NetrBrowserStatisticsGet *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrSetNetlogonState +*/ +static void dcesrv_BrowserrSetNetlogonState(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrSetNetlogonState *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrQueryEmulatedDomains +*/ +static void dcesrv_BrowserrQueryEmulatedDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrQueryEmulatedDomains *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* + BrowserrServerEnumEx +*/ +static void dcesrv_BrowserrServerEnumEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct BrowserrServerEnumEx *r) +{ + DCESRV_FAULT_VOID(DCERPC_FAULT_OP_RNG_ERROR); +} + + +/* include the generated boilerplate */ +#include "librpc/gen_ndr/ndr_browser_s.c" diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk index fb697d0c0f..2149d682aa 100644 --- a/source4/rpc_server/config.mk +++ b/source4/rpc_server/config.mk @@ -183,6 +183,19 @@ PRIVATE_DEPENDENCIES = \ dcerpc_drsuapi_OBJ_FILES = $(rpc_serversrcdir)/drsuapi/dcesrv_drsuapi.o +################################################ +# Start MODULE dcerpc_browser +[MODULE::dcerpc_browser] +INIT_FUNCTION = dcerpc_server_browser_init +SUBSYSTEM = DCESRV +PRIVATE_DEPENDENCIES = \ + DCERPC_COMMON \ + NDR_BROWSER +# End MODULE dcerpc_browser +################################################ + +dcerpc_browser_OBJ_FILES = $(rpc_serversrcdir)/browser/dcesrv_browser.o + ################################################ # Start SUBSYSTEM dcerpc_server [SUBSYSTEM::dcerpc_server] diff --git a/source4/rpc_server/service_rpc.c b/source4/rpc_server/service_rpc.c index bb4d6bdaf2..8b9020d8e7 100644 --- a/source4/rpc_server/service_rpc.c +++ b/source4/rpc_server/service_rpc.c @@ -437,6 +437,7 @@ static void dcesrv_task_init(struct task_server *task) extern NTSTATUS dcerpc_server_samr_init(void); extern NTSTATUS dcerpc_server_remote_init(void); extern NTSTATUS dcerpc_server_lsa_init(void); + extern NTSTATUS dcerpc_server_browser_init(void); init_module_fn static_init[] = { STATIC_DCESRV_MODULES }; init_module_fn *shared_init = load_samba_modules(NULL, task->lp_ctx, "dcerpc_server"); -- cgit From f8bbdb100ba9293e45f345d12e92d693e079e6e1 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 14:19:58 +0100 Subject: s4:dcesrv_browser: implement dcesrv_BrowserrQueryOtherDomains() metze --- source4/rpc_server/browser/dcesrv_browser.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/source4/rpc_server/browser/dcesrv_browser.c b/source4/rpc_server/browser/dcesrv_browser.c index b67bfa398f..33fed50857 100644 --- a/source4/rpc_server/browser/dcesrv_browser.c +++ b/source4/rpc_server/browser/dcesrv_browser.c @@ -51,7 +51,30 @@ static void dcesrv_BrowserrDebugCall(struct dcesrv_call_state *dce_call, TALLOC_ static WERROR dcesrv_BrowserrQueryOtherDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct BrowserrQueryOtherDomains *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct BrowserrSrvInfo100Ctr *ctr100; + + switch (r->in.info->level) { + case 100: + if (!r->in.info->info.info100) { + return WERR_INVALID_PARAM; + } + + ctr100 = talloc(mem_ctx, struct BrowserrSrvInfo100Ctr); + W_ERROR_HAVE_NO_MEMORY(ctr100); + + ctr100->entries_read = 0; + ctr100->entries = talloc_zero_array(ctr100, struct srvsvc_NetSrvInfo100, + ctr100->entries_read); + W_ERROR_HAVE_NO_MEMORY(ctr100->entries); + + r->out.info->info.info100 = ctr100; + *r->out.total_entries = ctr100->entries_read; + return WERR_OK; + default: + return WERR_UNKNOWN_LEVEL; + } + + return WERR_INVALID_PARAM; } -- cgit From b7a1dd9a94771c781efee0f0f4180024b2efe18b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 14:20:45 +0100 Subject: s4:loadparm: start 'browser' rpc_server metze --- source4/param/loadparm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index d660141efc..ab7d209d10 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -2296,7 +2296,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lp_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default"); lp_do_global_parameter(lp_ctx, "max connections", "-1"); - lp_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo"); + lp_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo browser"); lp_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd"); lp_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb"); lp_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain"); -- cgit From d595844891026b9adeb3fd44157a9bae2b3ec645 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 14:18:13 +0100 Subject: s4:librpc: add SUBSYSTEM::RPC_NDR_BROWSER metze --- source4/librpc/config.mk | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk index 97da760832..adea071185 100644 --- a/source4/librpc/config.mk +++ b/source4/librpc/config.mk @@ -448,6 +448,11 @@ PUBLIC_DEPENDENCIES = dcerpc NDR_UNIXINFO RPC_NDR_UNIXINFO_OBJ_FILES = $(gen_ndrsrcdir)/ndr_unixinfo_c.o +[SUBSYSTEM::RPC_NDR_BROWSER] +PUBLIC_DEPENDENCIES = dcerpc NDR_BROWSER + +RPC_NDR_BROWSER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_browser_c.o + [SUBSYSTEM::RPC_NDR_IRPC] PUBLIC_DEPENDENCIES = dcerpc NDR_IRPC -- cgit From 2c31b7975daba0e7b12a2eaf8dfe6501dde9b937 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 12:39:58 +0100 Subject: s4:torture: add simple RPC-BROWSER test metze --- source4/torture/config.mk | 4 +- source4/torture/rpc/browser.c | 122 ++++++++++++++++++++++++++++++++++++++++++ source4/torture/rpc/rpc.c | 1 + 3 files changed, 125 insertions(+), 2 deletions(-) create mode 100644 source4/torture/rpc/browser.c diff --git a/source4/torture/config.mk b/source4/torture/config.mk index 4b4664f101..eaff5d5fda 100644 --- a/source4/torture/config.mk +++ b/source4/torture/config.mk @@ -108,7 +108,7 @@ PRIVATE_DEPENDENCIES = \ RPC_NDR_SRVSVC RPC_NDR_WKSSVC RPC_NDR_ROT RPC_NDR_DSSETUP \ RPC_NDR_REMACT RPC_NDR_OXIDRESOLVER RPC_NDR_NTSVCS WB_HELPER LIBSAMBA-NET \ LIBCLI_AUTH POPT_CREDENTIALS TORTURE_LDAP TORTURE_UTIL TORTURE_RAP \ - dcerpc_server service process_model ntvfs SERVICE_SMB + dcerpc_server service process_model ntvfs SERVICE_SMB RPC_NDR_BROWSER torture_rpc_OBJ_FILES = $(addprefix $(torturesrcdir)/rpc/, \ join.o lsa.o lsa_lookup.o session_key.o echo.o dfs.o drsuapi.o \ @@ -117,7 +117,7 @@ torture_rpc_OBJ_FILES = $(addprefix $(torturesrcdir)/rpc/, \ eventlog.o epmapper.o winreg.o initshutdown.o oxidresolve.o remact.o mgmt.o \ scanner.o autoidl.o countcalls.o testjoin.o schannel.o netlogon.o remote_pac.o samlogon.o \ samsync.o bind.o dssetup.o alter_context.o bench.o samba3rpc.o rpc.o async_bind.o \ - handles.o frsapi.o object_uuid.o ntsvcs.o) + handles.o frsapi.o object_uuid.o ntsvcs.o browser.o) $(eval $(call proto_header_template,$(torturesrcdir)/rpc/proto.h,$(torture_rpc_OBJ_FILES:.o=.c))) diff --git a/source4/torture/rpc/browser.c b/source4/torture/rpc/browser.c new file mode 100644 index 0000000000..7c5479ab74 --- /dev/null +++ b/source4/torture/rpc/browser.c @@ -0,0 +1,122 @@ +/* + Unix SMB/CIFS implementation. + + test suite for browser rpc operations + + Copyright (C) Stefan Metzmacher 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "torture/torture.h" +#include "librpc/gen_ndr/ndr_browser_c.h" +#include "torture/rpc/rpc.h" + +bool test_BrowserrQueryOtherDomains(struct torture_context *tctx, + struct dcerpc_pipe *p) +{ + struct BrowserrQueryOtherDomains r; + struct BrowserrSrvInfo info; + struct BrowserrSrvInfo100Ctr ctr100; + struct srvsvc_NetSrvInfo100 entries100[1]; + struct BrowserrSrvInfo101Ctr ctr101; + struct srvsvc_NetSrvInfo101 entries101[1]; + uint32_t total_entries; + NTSTATUS status; + + torture_comment(tctx, "dcerpc_BrowserrQueryOtherDomains\n"); + + ZERO_STRUCT(r); + ZERO_STRUCT(info); + ZERO_STRUCT(ctr100); + ZERO_STRUCT(entries100); + ZERO_STRUCT(ctr101); + ZERO_STRUCT(entries101); + total_entries = 0; + + r.in.server_unc = talloc_asprintf(tctx,"\\\\%s",dcerpc_server_name(p)); + r.in.info = &info; + r.out.info = &info; + r.out.total_entries = &total_entries; + + info.level = 100; + info.info.info100 = &ctr100; + + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_ok(tctx, r.out.result, "BrowserrQueryOtherDomains failed"); + torture_assert_int_equal(tctx, *r.out.total_entries, 0, "BrowserrQueryOtherDomains"); + + ctr100.entries_read = ARRAY_SIZE(entries100); + ctr100.entries = entries100; + + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_ok(tctx, r.out.result, "BrowserrQueryOtherDomains failed"); + torture_assert_int_equal(tctx, *r.out.total_entries, 0, "BrowserrQueryOtherDomains"); + + info.info.info100 = NULL; + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_INVALID_PARAM, r.out.result, + "BrowserrQueryOtherDomains failed"); + + info.level = 101; + info.info.info101 = &ctr101; + + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, + "BrowserrQueryOtherDomains"); + + ctr101.entries_read = ARRAY_SIZE(entries101); + ctr101.entries = entries101; + + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, + "BrowserrQueryOtherDomains"); + + info.info.info101 = NULL; + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, + "BrowserrQueryOtherDomains"); + + info.level = 102; + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, + "BrowserrQueryOtherDomains"); + + info.level = 0; + status = dcerpc_BrowserrQueryOtherDomains(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "BrowserrQueryOtherDomains failed"); + torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, + "BrowserrQueryOtherDomains"); + + return true; +} + +struct torture_suite *torture_rpc_browser(TALLOC_CTX *mem_ctx) +{ + struct torture_suite *suite = torture_suite_create(mem_ctx, "BROWSER"); + struct torture_rpc_tcase *tcase = torture_suite_add_rpc_iface_tcase(suite, "browser", &ndr_table_browser); + + torture_rpc_tcase_add_test(tcase, "BrowserrQueryOtherDomains", test_BrowserrQueryOtherDomains); + + return suite; +} + diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index 7f6b06d000..f3ed3fdeb0 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -433,6 +433,7 @@ NTSTATUS torture_rpc_init(void) torture_suite_add_simple_test(suite, "DRSUAPI", torture_rpc_drsuapi); torture_suite_add_simple_test(suite, "CRACKNAMES", torture_rpc_drsuapi_cracknames); torture_suite_add_suite(suite, torture_rpc_dssetup(suite)); + torture_suite_add_suite(suite, torture_rpc_browser(suite)); torture_suite_add_simple_test(suite, "SAMBA3-REGCONFIG", torture_samba3_regconfig); torture_suite_add_simple_test(suite, "ALTERCONTEXT", torture_rpc_alter_context); torture_suite_add_simple_test(suite, "JOIN", torture_rpc_join); -- cgit From e9215c97133bc059339af31946ebbcea08d13098 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 15:04:34 +0100 Subject: RPC-BROWSER: send the correct data in later requests metze --- source4/torture/rpc/browser.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source4/torture/rpc/browser.c b/source4/torture/rpc/browser.c index 7c5479ab74..32b552acc8 100644 --- a/source4/torture/rpc/browser.c +++ b/source4/torture/rpc/browser.c @@ -59,6 +59,7 @@ bool test_BrowserrQueryOtherDomains(struct torture_context *tctx, torture_assert_werr_ok(tctx, r.out.result, "BrowserrQueryOtherDomains failed"); torture_assert_int_equal(tctx, *r.out.total_entries, 0, "BrowserrQueryOtherDomains"); + info.info.info100 = &ctr100; ctr100.entries_read = ARRAY_SIZE(entries100); ctr100.entries = entries100; @@ -81,6 +82,7 @@ bool test_BrowserrQueryOtherDomains(struct torture_context *tctx, torture_assert_werr_equal(tctx, WERR_UNKNOWN_LEVEL, r.out.result, "BrowserrQueryOtherDomains"); + info.info.info101 = &ctr101; ctr101.entries_read = ARRAY_SIZE(entries101); ctr101.entries = entries101; -- cgit From a2700f37310880a67a5371fda3d14072ca2a51a6 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 15:38:49 +0100 Subject: s4:secrets: remove unused structure metze --- source4/param/secrets.h | 7 ------- 1 file changed, 7 deletions(-) diff --git a/source4/param/secrets.h b/source4/param/secrets.h index 83b6dc7fdc..558a796967 100644 --- a/source4/param/secrets.h +++ b/source4/param/secrets.h @@ -20,13 +20,6 @@ #ifndef _SECRETS_H #define _SECRETS_H -/* structure for storing machine account password - (ie. when samba server is member of a domain */ -struct machine_acct_pass { - uint8_t hash[16]; - time_t mod_time; -}; - #define SECRETS_PRIMARY_DOMAIN_DN "cn=Primary Domains" #define SECRETS_PRINCIPALS_DN "cn=Principals" #define SECRETS_PRIMARY_DOMAIN_FILTER "(&(flatname=%s)(objectclass=primaryDomain))" -- cgit From 54b90cd1da7368b4c51dce1ae80714d72dd8bf7f Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 6 Dec 2008 15:48:10 +0100 Subject: s4:winbind: fill in the correct variable... metze --- source4/winbind/wb_init_domain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c index 531647def8..8011cba19c 100644 --- a/source4/winbind/wb_init_domain.c +++ b/source4/winbind/wb_init_domain.c @@ -396,7 +396,7 @@ static void init_domain_recv_samr(struct composite_context *ctx) state->ctx->status = wb_connect_samr_recv( ctx, state->domain, &state->domain->libnet_ctx->samr.pipe, - &state->domain->libnet_ctx->samr.handle, + &state->domain->libnet_ctx->samr.connect_handle, &state->domain->libnet_ctx->samr.handle); if (!composite_is_ok(state->ctx)) return; -- cgit From 691cf386fbc5d57a35a5838b99ef5cca1bfbf944 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 30 Nov 2008 13:49:14 +0100 Subject: Slightly simplify cli_session_setup_ntlmssp Remove three pointless variables --- source3/libsmb/cliconnect.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index b063475f4e..d33775fbb8 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -748,19 +748,11 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use if (NT_STATUS_IS_OK(nt_status)) { - DATA_BLOB key = data_blob(ntlmssp_state->session_key.data, - ntlmssp_state->session_key.length); - DATA_BLOB null_blob = data_blob_null; - bool res; - fstrcpy(cli->server_domain, ntlmssp_state->server_domain); cli_set_session_key(cli, ntlmssp_state->session_key); - res = cli_simple_set_signing(cli, key, null_blob); - - data_blob_free(&key); - - if (res) { + if (cli_simple_set_signing( + cli, ntlmssp_state->session_key, data_blob_null)) { /* 'resign' the last message, so we get the right sequence numbers for checking the first reply from the server */ -- cgit From 1db7076b8e96eaf5046455b4d21a00f9636e4cd9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 26 Nov 2008 14:01:22 +0100 Subject: Fix nonempty blank lines --- source3/printing/printing.c | 10 ++++---- source3/winbindd/winbindd.c | 54 +++++++++++++++++++-------------------- source3/winbindd/winbindd_async.c | 24 ++++++++--------- 3 files changed, 44 insertions(+), 44 deletions(-) diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 3c8c60f0e0..4051a6ca34 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -335,7 +335,7 @@ static struct printjob *print_job_find(const char *sharename, uint32 jobid) uint32_t tmp; TDB_DATA ret; struct tdb_print_db *pdb = get_print_db_byname(sharename); - + DEBUG(10,("print_job_find: looking up job %u for share %s\n", (unsigned int)jobid, sharename )); @@ -350,19 +350,19 @@ static struct printjob *print_job_find(const char *sharename, uint32 jobid) DEBUG(10,("print_job_find: failed to find jobid %u.\n", (unsigned int)jobid )); return NULL; } - + if ( pjob.nt_devmode ) { free_nt_devicemode( &pjob.nt_devmode ); } - + ZERO_STRUCT( pjob ); - + if ( unpack_pjob( ret.dptr, ret.dsize, &pjob ) == -1 ) { DEBUG(10,("print_job_find: failed to unpack jobid %u.\n", (unsigned int)jobid )); SAFE_FREE(ret.dptr); return NULL; } - + SAFE_FREE(ret.dptr); DEBUG(10,("print_job_find: returning system job %d for jobid %u.\n", diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 82af55800f..1dcc70adae 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -7,17 +7,17 @@ Copyright (C) Andrew Tridgell 2002 Copyright (C) Jelmer Vernooij 2003 Copyright (C) Volker Lendecke 2004 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -103,9 +103,9 @@ static void winbindd_status(void) DEBUG(0, ("winbindd status:\n")); /* Print client state information */ - + DEBUG(0, ("\t%d clients currently active\n", winbindd_num_clients())); - + if (DEBUGLEVEL >= 2 && winbindd_num_clients()) { DEBUG(2, ("\tclient list:\n")); for(tmp = winbindd_client_list(); tmp; tmp = tmp->next) { @@ -157,7 +157,7 @@ static void terminate(bool is_parent) } idmap_close(); - + trustdom_cache_shutdown(); #if 0 @@ -288,7 +288,7 @@ static struct winbindd_dispatch_table { void (*fn)(struct winbindd_cli_state *state); const char *winbindd_cmd_name; } dispatch_table[] = { - + /* User functions */ { WINBINDD_GETPWNAM, winbindd_getpwnam, "GETPWNAM" }, @@ -685,9 +685,9 @@ static void new_connection(int listen_sock, bool privileged) struct winbindd_cli_state *state; socklen_t len; int sock; - + /* Accept connection */ - + len = sizeof(sunaddr); do { @@ -696,16 +696,16 @@ static void new_connection(int listen_sock, bool privileged) if (sock == -1) return; - + DEBUG(6,("accepted socket %d\n", sock)); - + /* Create new connection structure */ - + if ((state = TALLOC_ZERO_P(NULL, struct winbindd_cli_state)) == NULL) { close(sock); return; } - + state->sock = sock; state->last_access = time(NULL); @@ -720,7 +720,7 @@ static void new_connection(int listen_sock, bool privileged) request_len_recv, state); /* Add to connection list */ - + winbindd_add_client(state); } @@ -731,7 +731,7 @@ static void remove_client(struct winbindd_cli_state *state) char c = 0; /* It's a dead client - hold a funeral */ - + if (state == NULL) { return; } @@ -740,14 +740,14 @@ static void remove_client(struct winbindd_cli_state *state) write(state->sock, &c, sizeof(c)); /* Close socket */ - + close(state->sock); - + /* Free any getent state */ - + free_getent_state(state->getpwent_state); free_getent_state(state->getgrent_state); - + /* We may have some extra data that was not freed if the client was killed unexpectedly */ @@ -756,9 +756,9 @@ static void remove_client(struct winbindd_cli_state *state) TALLOC_FREE(state->mem_ctx); remove_fd_event(&state->fd_event); - + /* Remove from list and free */ - + winbindd_remove_client(state); TALLOC_FREE(state); } @@ -893,7 +893,7 @@ static void process_loop(void) } /* Call select */ - + selret = sys_select(maxfd + 1, &r_fds, &w_fds, NULL, &timeout); if (selret == 0) { @@ -944,7 +944,7 @@ static void process_loop(void) /* new, non-privileged connection */ new_connection(listen_sock, False); } - + if (FD_ISSET(listen_priv_sock, &r_fds)) { while (winbindd_num_clients() > WINBINDD_MAX_SIMULTANEOUS_CLIENTS - 1) { @@ -1159,7 +1159,7 @@ int main(int argc, char **argv, char **envp) BlockSignals(False, SIGCHLD); /* Setup signal handlers */ - + CatchSignal(SIGINT, termination_handler); /* Exit on these sigs */ CatchSignal(SIGQUIT, termination_handler); CatchSignal(SIGTERM, termination_handler); @@ -1232,13 +1232,13 @@ int main(int argc, char **argv, char **envp) messaging_register(winbind_messaging_context(), NULL, MSG_DEBUG, winbind_msg_debug); - + netsamlogon_cache_init(); /* Non-critical */ - + /* clear the cached list of trusted domains */ wcache_tdc_clear(); - + if (!init_domain_list()) { DEBUG(0,("unable to initialize domain list\n")); exit(1); diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c index 7500bcbe5b..7b93f963b4 100644 --- a/source3/winbindd/winbindd_async.c +++ b/source3/winbindd/winbindd_async.c @@ -5,7 +5,7 @@ Copyright (C) Volker Lendecke 2005 Copyright (C) Gerald Carter 2006 - + The helpers always consist of three functions: * A request setup function that takes the necessary parameters together @@ -21,12 +21,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -166,7 +166,7 @@ static void lookupsid_recv(TALLOC_CTX *mem_ctx, bool success, /* Try again using the forest root */ struct winbindd_domain *root_domain = find_root_domain(); struct winbindd_request request; - + if ( !root_domain ) { DEBUG(5,("lookupsid_recv: unable to determine forest root\n")); cont(s->caller_private_data, False, NULL, NULL, SID_NAME_UNKNOWN); @@ -491,7 +491,7 @@ void winbindd_listent_async(TALLOC_CTX *mem_ctx, do_async_domain(mem_ctx, domain, &request, listent_recv, (void *)cont, private_data); } - + enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, struct winbindd_cli_state *state) { @@ -509,7 +509,7 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, methods = domain->methods; status = methods->query_user_list(domain, state->mem_ctx, &num_entries, &info); - + if (!NT_STATUS_IS_OK(status)) return WINBINDD_ERROR; @@ -521,7 +521,7 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, +1 for the ',' between group names */ extra_data = (char *)SMB_REALLOC(extra_data, (sizeof(fstring) + 1) * num_entries); - + if (!extra_data) { DEBUG(0,("failed to enlarge buffer!\n")); return WINBINDD_ERROR; @@ -530,12 +530,12 @@ enum winbindd_result winbindd_dual_list_users(struct winbindd_domain *domain, /* Pack user list into extra data fields */ for (i = 0; i < num_entries; i++) { fstring acct_name, name; - + if (info[i].acct_name == NULL) fstrcpy(acct_name, ""); else fstrcpy(acct_name, info[i].acct_name); - + fill_domain_username(name, domain->name, acct_name, True); /* Append to extra data */ memcpy(&extra_data[extra_data_len], name, strlen(name)); @@ -904,7 +904,7 @@ enum winbindd_result winbindd_dual_getsidaliases(struct winbindd_domain *domain, (char *)state->response.extra_data.data)); state->response.length += len+1; } - + return WINBINDD_OK; } @@ -926,7 +926,7 @@ static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, bool success, static void gettoken_recvaliases(void *private_data, bool success, const DOM_SID *aliases, size_t num_aliases); - + void winbindd_gettoken_async(TALLOC_CTX *mem_ctx, const DOM_SID *user_sid, void (*cont)(void *private_data, bool success, @@ -975,7 +975,7 @@ static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, bool success, struct gettoken_state *state = talloc_get_type_abort(private_data, struct gettoken_state); char *sids_str; - + if (!success) { DEBUG(10, ("Could not get domain groups\n")); state->cont(state->private_data, False, NULL, 0); -- cgit From e3eb94ef8ec820ad4155c5abb26528302ef7abf4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 9 Nov 2008 19:57:10 +0100 Subject: Replace some pointless variables in reply_open_pipe_and_X by comments --- source3/smbd/pipes.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index 261f12cb08..faabdd795b 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -43,7 +43,6 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) const char *fname = NULL; char *pipe_name = NULL; files_struct *fsp; - int size=0,fmode=0,mtime=0,rmode=0; TALLOC_CTX *ctx = talloc_tos(); NTSTATUS status; @@ -96,17 +95,12 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) SSVAL(req->outbuf,smb_vwv9,2); SSVAL(req->outbuf,smb_vwv10,0xc700); - if (rmode == 2) { - DEBUG(4,("Resetting open result to open from create.\n")); - rmode = 1; - } - - SSVAL(req->outbuf,smb_vwv2, fsp->fnum); - SSVAL(req->outbuf,smb_vwv3,fmode); - srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime); - SIVAL(req->outbuf,smb_vwv6,size); - SSVAL(req->outbuf,smb_vwv8,rmode); - SSVAL(req->outbuf,smb_vwv11,0x0001); + SSVAL(req->outbuf, smb_vwv2, fsp->fnum); + SSVAL(req->outbuf, smb_vwv3, 0); /* fmode */ + srv_put_dos_date3((char *)req->outbuf, smb_vwv4, 0); /* mtime */ + SIVAL(req->outbuf, smb_vwv6, 0); /* size */ + SSVAL(req->outbuf, smb_vwv8, 0); /* rmode */ + SSVAL(req->outbuf, smb_vwv11, 0x0001); chain_reply(req); return; -- cgit From 26200f4fb1db81be7a9da51f317e46405351b170 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 5 Dec 2008 15:06:57 +0100 Subject: s4:rpc_server: make it possible for iface->bind() to specify the assoc_group_id This helps the openchange mapiproxy plugin to work correctly. metze --- source4/rpc_server/dcerpc_server.c | 28 +++++++++++++++++++++++----- source4/rpc_server/dcerpc_server.h | 2 ++ 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 6e888e5259..533dd16263 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -36,7 +36,7 @@ #include "libcli/security/security.h" #include "param/param.h" -#define SAMBA_ACCOC_GROUP 0x12345678 +#define SAMBA_ASSOC_GROUP 0x12345678 extern const struct dcesrv_interface dcesrv_mgmt_interface; @@ -558,7 +558,8 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) * assoc_group_id back to the clients */ if (call->pkt.u.bind.assoc_group_id != 0 && - call->pkt.u.bind.assoc_group_id != SAMBA_ACCOC_GROUP) { + lp_parm_bool(call->conn->dce_ctx->lp_ctx, NULL, "dcesrv","assoc group checking", true) && + call->pkt.u.bind.assoc_group_id != SAMBA_ASSOC_GROUP) { return dcesrv_bind_nak(call, 0); } @@ -609,6 +610,11 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) context->conn = call->conn; context->iface = iface; context->context_id = context_id; + /* + * we need to send a non zero assoc_group_id here to make longhorn happy, + * it also matches samba3 + */ + context->assoc_group_id = SAMBA_ASSOC_GROUP; context->private = NULL; context->handles = NULL; DLIST_ADD(call->conn->contexts, context); @@ -638,8 +644,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags; pkt.u.bind_ack.max_xmit_frag = 0x2000; pkt.u.bind_ack.max_recv_frag = 0x2000; - /* we need to send a non zero assoc_group_id here to make longhorn happy, it also matches samba3 */ - pkt.u.bind_ack.assoc_group_id = SAMBA_ACCOC_GROUP; + pkt.u.bind_ack.assoc_group_id = call->context->assoc_group_id; if (iface) { /* FIXME: Use pipe name as specified by endpoint instead of interface name */ pkt.u.bind_ack.secondary_address = talloc_asprintf(call, "\\PIPE\\%s", iface->name); @@ -672,6 +677,9 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) } } + /* the iface->bind() might change the assoc_group_id */ + pkt.u.bind_ack.assoc_group_id = call->context->assoc_group_id; + rep = talloc(call, struct data_blob_list_item); if (!rep) { return NT_STATUS_NO_MEMORY; @@ -747,6 +755,7 @@ static NTSTATUS dcesrv_alter_new_context(struct dcesrv_call_state *call, uint32_ context->conn = call->conn; context->iface = iface; context->context_id = context_id; + context->assoc_group_id = SAMBA_ASSOC_GROUP; context->private = NULL; context->handles = NULL; DLIST_ADD(call->conn->contexts, context); @@ -793,6 +802,15 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call) } } + if (result == 0 && + call->pkt.u.alter.assoc_group_id != 0 && + lp_parm_bool(call->conn->dce_ctx->lp_ctx, NULL, "dcesrv","assoc group checking", true) && + call->pkt.u.alter.assoc_group_id != call->context->assoc_group_id) { + /* TODO: work out what to return here */ + result = DCERPC_BIND_PROVIDER_REJECT; + reason = DCERPC_BIND_REASON_ASYNTAX; + } + /* setup a alter_resp */ dcesrv_init_hdr(&pkt, lp_rpc_big_endian(call->conn->dce_ctx->lp_ctx)); pkt.auth_length = 0; @@ -801,7 +819,7 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call) pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; pkt.u.alter_resp.max_xmit_frag = 0x2000; pkt.u.alter_resp.max_recv_frag = 0x2000; - pkt.u.alter_resp.assoc_group_id = call->pkt.u.alter.assoc_group_id; + pkt.u.alter_resp.assoc_group_id = call->context->assoc_group_id; pkt.u.alter_resp.num_results = 1; pkt.u.alter_resp.ctx_list = talloc_array(call, struct dcerpc_ack_ctx, 1); if (!pkt.u.alter_resp.ctx_list) { diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h index 4788fb3a51..bcd3d61f13 100644 --- a/source4/rpc_server/dcerpc_server.h +++ b/source4/rpc_server/dcerpc_server.h @@ -153,6 +153,8 @@ struct dcesrv_connection_context { struct dcesrv_connection_context *next, *prev; uint32_t context_id; + uint32_t assoc_group_id; + /* the connection this is on */ struct dcesrv_connection *conn; -- cgit From 53c41661bd9692c7bdba04b7de6adc3887ab529f Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 8 Dec 2008 15:51:01 +0100 Subject: s4:rpc_server: fix crash bugs in 26200f4fb1db81be7a9da51f317e46405351b170 call->context needs to be valid. metze --- source4/rpc_server/dcerpc_server.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 533dd16263..063e3ff3bd 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -793,12 +793,14 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call) context_id = call->pkt.u.alter.ctx_list[0].context_id; /* see if they are asking for a new interface */ - if (result == 0 && - dcesrv_find_context(call->conn, context_id) == NULL) { - status = dcesrv_alter_new_context(call, context_id); - if (!NT_STATUS_IS_OK(status)) { - result = DCERPC_BIND_PROVIDER_REJECT; - reason = DCERPC_BIND_REASON_ASYNTAX; + if (result == 0) { + call->context = dcesrv_find_context(call->conn, context_id); + if (!call->context) { + status = dcesrv_alter_new_context(call, context_id); + if (!NT_STATUS_IS_OK(status)) { + result = DCERPC_BIND_PROVIDER_REJECT; + reason = DCERPC_BIND_REASON_ASYNTAX; + } } } @@ -819,7 +821,11 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call) pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; pkt.u.alter_resp.max_xmit_frag = 0x2000; pkt.u.alter_resp.max_recv_frag = 0x2000; - pkt.u.alter_resp.assoc_group_id = call->context->assoc_group_id; + if (result == 0) { + pkt.u.alter_resp.assoc_group_id = call->context->assoc_group_id; + } else { + pkt.u.alter_resp.assoc_group_id = 0; + } pkt.u.alter_resp.num_results = 1; pkt.u.alter_resp.ctx_list = talloc_array(call, struct dcerpc_ack_ctx, 1); if (!pkt.u.alter_resp.ctx_list) { -- cgit From f0bb53dd0fc0d8b2191eda7fc857f146093e0f83 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 12 Nov 2008 18:43:34 +0100 Subject: Factor out smb_splice_chain(), to be used by chain_reply() in smbd --- source3/include/async_smb.h | 3 + source3/libsmb/async_smb.c | 144 ++++++++++++++++++++++++++++++-------------- 2 files changed, 101 insertions(+), 46 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 4e2061813f..24ea6649d9 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -125,6 +125,9 @@ bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, size_t size_hint); void cli_chain_uncork(struct cli_state *cli); bool cli_in_chain(struct cli_state *cli); +bool smb_splice_chain(char **poutbuf, uint8_t smb_command, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes); NTSTATUS cli_pull_reply(struct async_req *req, uint8_t *pwct, uint16_t **pvwv, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index d371e057e3..cf6886ff19 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -217,6 +217,102 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) return true; } +/** + * @brief Do the smb chaining at a buffer level + * @param[in] poutbuf Pointer to the talloc'ed buffer to be modified + * @param[in] smb_command The command that we want to issue + * @param[in] wct How many words? + * @param[in] vwv The words, already in network order + * @param[in] num_bytes How many bytes? + * @param[in] bytes The data the request ships + * + * smb_splice_chain() adds the vwv and bytes to the request already present in + * *poutbuf. + */ + +bool smb_splice_chain(char **poutbuf, uint8_t smb_command, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes) +{ + char *outbuf; + size_t old_size, new_size; + size_t ofs; + size_t padding = 0; + bool first_request; + + old_size = talloc_get_size(*poutbuf); + + /* + * old_size == smb_wct means we're pushing the first request in for + * libsmb/ + */ + + first_request = (old_size == smb_wct); + + if (!first_request && ((old_size % 4) != 0)) { + /* + * Align subsequent requests to a 4-byte boundary + */ + padding = 4 - (old_size % 4); + } + + /* + * We need space for the wct field, the words, the byte count field + * and the bytes themselves. + */ + new_size = old_size + padding + + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; + + if (new_size > 0xffff) { + DEBUG(1, ("splice_chain: %u bytes won't fit\n", + (unsigned)new_size)); + return false; + } + + outbuf = TALLOC_REALLOC_ARRAY(NULL, *poutbuf, char, new_size); + if (outbuf == NULL) { + DEBUG(0, ("talloc failed\n")); + return false; + } + *poutbuf = outbuf; + + if (first_request) { + SCVAL(outbuf, smb_com, smb_command); + } else { + size_t andx_cmd_ofs; + + if (!find_andx_cmd_ofs(outbuf, &andx_cmd_ofs)) { + DEBUG(1, ("invalid command chain\n")); + *poutbuf = TALLOC_REALLOC_ARRAY( + NULL, *poutbuf, char, old_size); + return false; + } + + if (padding != 0) { + memset(outbuf + old_size, 0, padding); + old_size += padding; + } + + SCVAL(outbuf, andx_cmd_ofs, smb_command); + SSVAL(outbuf, andx_cmd_ofs + 2, old_size - 4); + } + + ofs = old_size; + + SCVAL(outbuf, ofs, wct); + ofs += 1; + + memcpy(outbuf + ofs, vwv, sizeof(uint16_t) * wct); + ofs += sizeof(uint16_t) * wct; + + SSVAL(outbuf, ofs, num_bytes); + ofs += sizeof(uint16_t); + + memcpy(outbuf + ofs, bytes, num_bytes); + + return true; +} + /** * @brief Destroy an async_req that is the visible part of a cli_request * @param[in] req The request to kill @@ -286,10 +382,7 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, const uint8_t *bytes) { struct async_req **tmp_reqs; - char *tmp_buf; struct cli_request *req; - size_t old_size, new_size; - size_t ofs; req = cli->chain_accumulator; @@ -313,52 +406,11 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, talloc_set_destructor(req->async[req->num_async-1], cli_async_req_destructor); - old_size = talloc_get_size(req->outbuf); - - /* - * We need space for the wct field, the words, the byte count field - * and the bytes themselves. - */ - new_size = old_size + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; - - if (new_size > 0xffff) { - DEBUG(1, ("cli_request_chain: %u bytes won't fit\n", - (unsigned)new_size)); + if (!smb_splice_chain(&req->outbuf, smb_command, wct, vwv, + num_bytes, bytes)) { goto fail; } - tmp_buf = TALLOC_REALLOC_ARRAY(NULL, req->outbuf, char, new_size); - if (tmp_buf == NULL) { - DEBUG(0, ("talloc failed\n")); - goto fail; - } - req->outbuf = tmp_buf; - - if (old_size == smb_wct) { - SCVAL(req->outbuf, smb_com, smb_command); - } else { - size_t andx_cmd_ofs; - if (!find_andx_cmd_ofs(req->outbuf, &andx_cmd_ofs)) { - DEBUG(1, ("invalid command chain\n")); - goto fail; - } - SCVAL(req->outbuf, andx_cmd_ofs, smb_command); - SSVAL(req->outbuf, andx_cmd_ofs + 2, old_size - 4); - } - - ofs = old_size; - - SCVAL(req->outbuf, ofs, wct); - ofs += 1; - - memcpy(req->outbuf + ofs, vwv, sizeof(uint16_t) * wct); - ofs += sizeof(uint16_t) * wct; - - SSVAL(req->outbuf, ofs, num_bytes); - ofs += sizeof(uint16_t); - - memcpy(req->outbuf + ofs, bytes, num_bytes); - return req->async[req->num_async-1]; fail: -- cgit From ed25c6c287ca4f5d019d5f0012b1ff40d5e8e328 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 16 Nov 2008 18:02:17 +0100 Subject: Add a "bytes_padding" parameter to smb_splice_chain For example open&x and write&x needs the bytes to be aligned relative to the SMB header. In particular for write&x we should not have to move stuff around. --- source3/include/async_smb.h | 1 + source3/libsmb/async_smb.c | 40 ++++++++++++++++++++++++++++------------ 2 files changed, 29 insertions(+), 12 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 24ea6649d9..25fd353632 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -127,6 +127,7 @@ void cli_chain_uncork(struct cli_state *cli); bool cli_in_chain(struct cli_state *cli); bool smb_splice_chain(char **poutbuf, uint8_t smb_command, uint8_t wct, const uint16_t *vwv, + size_t bytes_alignment, uint16_t num_bytes, const uint8_t *bytes); NTSTATUS cli_pull_reply(struct async_req *req, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index cf6886ff19..fd2fe930f8 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -223,6 +223,7 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) * @param[in] smb_command The command that we want to issue * @param[in] wct How many words? * @param[in] vwv The words, already in network order + * @param[in] bytes_alignment How shall we align "bytes"? * @param[in] num_bytes How many bytes? * @param[in] bytes The data the request ships * @@ -232,12 +233,14 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) bool smb_splice_chain(char **poutbuf, uint8_t smb_command, uint8_t wct, const uint16_t *vwv, + size_t bytes_alignment, uint16_t num_bytes, const uint8_t *bytes) { char *outbuf; size_t old_size, new_size; size_t ofs; - size_t padding = 0; + size_t chain_padding = 0; + size_t bytes_padding = 0; bool first_request; old_size = talloc_get_size(*poutbuf); @@ -251,17 +254,25 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, if (!first_request && ((old_size % 4) != 0)) { /* - * Align subsequent requests to a 4-byte boundary + * Align the wct field of subsequent requests to a 4-byte + * boundary */ - padding = 4 - (old_size % 4); + chain_padding = 4 - (old_size % 4); } /* - * We need space for the wct field, the words, the byte count field - * and the bytes themselves. + * After the old request comes the new wct field (1 byte), the vwv's + * and the num_bytes field. After at we might need to align the bytes + * given to us to "bytes_alignment", increasing the num_bytes value. */ - new_size = old_size + padding - + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; + + new_size = old_size + chain_padding + 1 + wct * sizeof(uint16_t) + 2; + + if ((bytes_alignment != 0) && ((new_size % bytes_alignment) != 0)) { + bytes_padding = bytes_alignment + (new_size % bytes_alignment); + } + + new_size += bytes_padding + num_bytes; if (new_size > 0xffff) { DEBUG(1, ("splice_chain: %u bytes won't fit\n", @@ -288,9 +299,9 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, return false; } - if (padding != 0) { - memset(outbuf + old_size, 0, padding); - old_size += padding; + if (chain_padding != 0) { + memset(outbuf + old_size, 0, chain_padding); + old_size += chain_padding; } SCVAL(outbuf, andx_cmd_ofs, smb_command); @@ -305,9 +316,14 @@ bool smb_splice_chain(char **poutbuf, uint8_t smb_command, memcpy(outbuf + ofs, vwv, sizeof(uint16_t) * wct); ofs += sizeof(uint16_t) * wct; - SSVAL(outbuf, ofs, num_bytes); + SSVAL(outbuf, ofs, num_bytes + bytes_padding); ofs += sizeof(uint16_t); + if (bytes_padding != 0) { + memset(outbuf + ofs, 0, bytes_padding); + ofs += bytes_padding; + } + memcpy(outbuf + ofs, bytes, num_bytes); return true; @@ -407,7 +423,7 @@ static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, cli_async_req_destructor); if (!smb_splice_chain(&req->outbuf, smb_command, wct, vwv, - num_bytes, bytes)) { + 0, num_bytes, bytes)) { goto fail; } -- cgit From f9aa69ae352f7f441b04976575b96ecc8b844dbd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 28 Nov 2008 19:52:52 +0100 Subject: Streamline the async_sock API a bit --- source3/include/async_sock.h | 22 ++++++++------ source3/lib/async_sock.c | 69 +++++++++++++++++++++++--------------------- 2 files changed, 49 insertions(+), 42 deletions(-) diff --git a/source3/include/async_sock.h b/source3/include/async_sock.h index 3c90453601..f0cd5fdaa4 100644 --- a/source3/include/async_sock.h +++ b/source3/include/async_sock.h @@ -22,24 +22,28 @@ #include "includes.h" -ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno); -size_t async_syscall_result_size_t (struct async_req **req, int *perrno); -ssize_t async_syscall_result_int (struct async_req **req, int *perrno); +ssize_t async_syscall_result_ssize_t(struct async_req *req, int *perrno); +size_t async_syscall_result_size_t(struct async_req *req, int *perrno); +ssize_t async_syscall_result_int(struct async_req *req, int *perrno); struct async_req *async_send(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, const void *buffer, size_t length, int flags); -struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, const void *buffer, size_t length, - int flags); struct async_req *async_recv(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, void *buffer, size_t length, int flags); -struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, void *buffer, size_t length, - int flags); struct async_req *async_connect(TALLOC_CTX *mem_ctx, struct event_context *ev, int fd, const struct sockaddr *address, socklen_t address_len); +struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, const void *buffer, size_t length, + int flags); +NTSTATUS sendall_recv(struct async_req *req); + +struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, void *buffer, size_t length, + int flags); +NTSTATUS recvall_recv(struct async_req *req); + #endif diff --git a/source3/lib/async_sock.c b/source3/lib/async_sock.c index ffba6de832..ba860e8e78 100644 --- a/source3/lib/async_sock.c +++ b/source3/lib/async_sock.c @@ -177,18 +177,13 @@ static struct async_req *async_fde_syscall_new( * @retval The return value from the asynchronously called syscall */ -ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno) +ssize_t async_syscall_result_ssize_t(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - ssize_t result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_ssize_t; } /** @@ -198,18 +193,13 @@ ssize_t async_syscall_result_ssize_t(struct async_req **req, int *perrno) * @retval The return value from the asynchronously called syscall */ -size_t async_syscall_result_size_t(struct async_req **req, int *perrno) +size_t async_syscall_result_size_t(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - size_t result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_size_t; } /** @@ -219,18 +209,13 @@ size_t async_syscall_result_size_t(struct async_req **req, int *perrno) * @retval The return value from the asynchronously called syscall */ -ssize_t async_syscall_result_int(struct async_req **req, int *perrno) +ssize_t async_syscall_result_int(struct async_req *req, int *perrno) { struct async_syscall_state *state = talloc_get_type_abort( - (*req)->private_data, struct async_syscall_state); - - int sys_errno = state->sys_errno; - int result = state->result.result_ssize_t; - - TALLOC_FREE(*req); + req->private_data, struct async_syscall_state); - *perrno = sys_errno; - return result; + *perrno = state->sys_errno; + return state->result.result_int; } /** @@ -353,9 +338,9 @@ static void async_sendall_callback(struct event_context *ev, * "length" bytes */ -struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, const void *buffer, size_t length, - int flags) +struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, const void *buffer, size_t length, + int flags) { struct async_req *result; struct async_syscall_state *state; @@ -377,6 +362,15 @@ struct async_req *async_sendall(TALLOC_CTX *mem_ctx, struct event_context *ev, return result; } +NTSTATUS sendall_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + return NT_STATUS_OK; +} + /** * fde event handler for the "recv" syscall * @param[in] ev The event context that sent us here @@ -498,9 +492,9 @@ static void async_recvall_callback(struct event_context *ev, * async_recvall will call recv(2) until "length" bytes are received */ -struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, - int fd, void *buffer, size_t length, - int flags) +struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + int fd, void *buffer, size_t length, + int flags) { struct async_req *result; struct async_syscall_state *state; @@ -522,6 +516,15 @@ struct async_req *async_recvall(TALLOC_CTX *mem_ctx, struct event_context *ev, return result; } +NTSTATUS recvall_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + return NT_STATUS_OK; +} + /** * fde event handler for connect(2) * @param[in] ev The event context that sent us here -- cgit From 7fbb64d726f23da49cd2f07e1a678ed575b70bfa Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Dec 2008 08:23:35 +0100 Subject: Simplify async programming a bit with helper routines Introduce async_req_is_error() and async_req_simple_recv() --- source3/include/async_req.h | 4 ++++ source3/lib/async_req.c | 23 +++++++++++++++++++++++ source3/lib/async_sock.c | 12 ++---------- source3/libsmb/clientgen.c | 7 +------ source3/libsmb/clifile.c | 11 +++++------ source3/libsmb/clireadwrite.c | 11 +++++------ source3/libsmb/clitrans.c | 6 +++--- 7 files changed, 43 insertions(+), 31 deletions(-) diff --git a/source3/include/async_req.h b/source3/include/async_req.h index 2d01b53814..14a30696c4 100644 --- a/source3/include/async_req.h +++ b/source3/include/async_req.h @@ -134,4 +134,8 @@ bool async_post_status(struct async_req *req, NTSTATUS status); bool async_req_nomem(const void *p, struct async_req *req); +bool async_req_is_error(struct async_req *req, NTSTATUS *status); + +NTSTATUS async_req_simple_recv(struct async_req *req); + #endif diff --git a/source3/lib/async_req.c b/source3/lib/async_req.c index 501a6b5524..159666f15c 100644 --- a/source3/lib/async_req.c +++ b/source3/lib/async_req.c @@ -172,3 +172,26 @@ bool async_req_nomem(const void *p, struct async_req *req) async_req_error(req, NT_STATUS_NO_MEMORY); return true; } + +bool async_req_is_error(struct async_req *req, NTSTATUS *status) +{ + if (req->state < ASYNC_REQ_DONE) { + *status = NT_STATUS_INTERNAL_ERROR; + return true; + } + if (req->state == ASYNC_REQ_ERROR) { + *status = req->status; + return true; + } + return false; +} + +NTSTATUS async_req_simple_recv(struct async_req *req) +{ + NTSTATUS status; + + if (async_req_is_error(req, &status)) { + return status; + } + return NT_STATUS_OK; +} diff --git a/source3/lib/async_sock.c b/source3/lib/async_sock.c index ba860e8e78..225cc7b195 100644 --- a/source3/lib/async_sock.c +++ b/source3/lib/async_sock.c @@ -364,11 +364,7 @@ struct async_req *sendall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS sendall_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** @@ -518,11 +514,7 @@ struct async_req *recvall_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS recvall_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 8a5aedfde5..d94427809c 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -732,12 +732,7 @@ struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS cli_echo_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - - return NT_STATUS_OK; + return async_req_simple_recv(req); } /** diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index a9e81082ea..733abb6510 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -908,9 +908,8 @@ NTSTATUS cli_open_recv(struct async_req *req, int *fnum) uint8_t *bytes; NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); @@ -985,10 +984,10 @@ NTSTATUS cli_close_recv(struct async_req *req) uint16_t *vwv; uint16_t num_bytes; uint8_t *bytes; + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } return cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index cc982683d0..ecf49396d1 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -112,9 +112,8 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, NTSTATUS status; size_t size; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); @@ -405,10 +404,10 @@ NTSTATUS cli_pull_recv(struct async_req *req, SMB_OFF_T *received) { struct cli_pull_state *state = talloc_get_type_abort( req->private_data, struct cli_pull_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } *received = state->pushed; return NT_STATUS_OK; diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c index bbdfb75fcd..120b6c0e29 100644 --- a/source3/libsmb/clitrans.c +++ b/source3/libsmb/clitrans.c @@ -1316,10 +1316,10 @@ NTSTATUS cli_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, req->private_data, struct cli_request); struct cli_trans_state *state = talloc_get_type_abort( cli_req->recv_helper.priv, struct cli_trans_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } if (setup != NULL) { -- cgit From 2bd8a6e21ed9e52373bc04b12e2d4b80881edb8b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 28 Nov 2008 19:54:46 +0100 Subject: Add infrastructure to transfer winbindd_request/response asynchronously --- source3/Makefile.in | 1 + source3/winbindd/winbindd_proto.h | 21 ++ source3/winbindd/winbindd_reqtrans.c | 561 +++++++++++++++++++++++++++++++++++ 3 files changed, 583 insertions(+) create mode 100644 source3/winbindd/winbindd_reqtrans.c diff --git a/source3/Makefile.in b/source3/Makefile.in index 83e94a4382..bf79a7dfda 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1036,6 +1036,7 @@ IDMAP_ADEX_OBJ = \ WINBINDD_OBJ1 = \ winbindd/winbindd.o \ + winbindd/winbindd_reqtrans.o \ winbindd/winbindd_user.o \ winbindd/winbindd_group.o \ winbindd/winbindd_util.o \ diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 9de385e3b3..3869ac5771 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -67,6 +67,27 @@ void winbind_check_sighup(const char *lfile); void winbind_check_sigterm(bool in_parent); int main(int argc, char **argv, char **envp); +/* The following definitions come from winbindd/winbindd_reqtrans.c */ + +struct async_req *wb_req_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, size_t max_extra_data); +NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_request **preq); +struct async_req *wb_req_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_request *wb_req); +NTSTATUS wb_req_write_recv(struct async_req *req); + +struct async_req *wb_resp_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd); +NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp); +struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_response *wb_resp); +NTSTATUS wb_resp_write_recv(struct async_req *req); + /* The following definitions come from winbindd/winbindd_ads.c */ diff --git a/source3/winbindd/winbindd_reqtrans.c b/source3/winbindd/winbindd_reqtrans.c new file mode 100644 index 0000000000..e9901e173f --- /dev/null +++ b/source3/winbindd/winbindd_reqtrans.c @@ -0,0 +1,561 @@ +/* + Unix SMB/CIFS implementation. + + Async transfer of winbindd_request and _response structs + + Copyright (C) Volker Lendecke 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "winbindd.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_WINBIND + +struct req_read_state { + struct winbindd_request *wb_req; + struct event_context *ev; + size_t max_extra_data; + int fd; +}; + +static void wb_req_read_len(struct async_req *subreq); +static void wb_req_read_main(struct async_req *subreq); +static void wb_req_read_extra(struct async_req *subreq); + +struct async_req *wb_req_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, size_t max_extra_data) +{ + struct async_req *result, *subreq; + struct req_read_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct req_read_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->max_extra_data = max_extra_data; + state->wb_req = talloc(state, struct winbindd_request); + if (state->wb_req == NULL) { + goto nomem; + } + + subreq = recvall_send(state, ev, state->fd, &(state->wb_req->length), + sizeof(state->wb_req->length), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_req_read_len; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_req_read_len(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_req->length != sizeof(struct winbindd_request)) { + DEBUG(0, ("wb_req_read_len: Invalid request size received: " + "%d (expected %d)\n", (int)state->wb_req->length, + (int)sizeof(struct winbindd_request))); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + subreq = recvall_send( + req, state->ev, state->fd, (uint32 *)(state->wb_req)+1, + sizeof(struct winbindd_request) - sizeof(uint32), 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_read_main; + subreq->async.priv = req; +} + +static void wb_req_read_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if ((state->max_extra_data != 0) + && (state->wb_req->extra_len > state->max_extra_data)) { + DEBUG(3, ("Got request with %d bytes extra data on " + "unprivileged socket\n", + (int)state->wb_req->extra_len)); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + if (state->wb_req->extra_len == 0) { + async_req_done(req); + return; + } + + state->wb_req->extra_data.data = TALLOC_ARRAY( + state->wb_req, char, state->wb_req->extra_len + 1); + if (state->wb_req->extra_data.data == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + state->wb_req->extra_data.data[state->wb_req->extra_len] = 0; + + subreq = recvall_send( + req, state->ev, state->fd, state->wb_req->extra_data.data, + state->wb_req->extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_read_extra; + subreq->async.priv = req; +} + +static void wb_req_read_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + async_req_done(req); +} + + +NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_request **preq) +{ + struct req_read_state *state = talloc_get_type_abort( + req->private_data, struct req_read_state); + + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + *preq = talloc_move(mem_ctx, &state->wb_req); + return NT_STATUS_OK; +} + +struct req_write_state { + struct winbindd_request *wb_req; + struct event_context *ev; + int fd; +}; + +static void wb_req_write_main(struct async_req *subreq); +static void wb_req_write_extra(struct async_req *subreq); + +struct async_req *wb_req_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_request *wb_req) +{ + struct async_req *result, *subreq; + struct req_write_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct req_write_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_req = wb_req; + + subreq = sendall_send(state, state->ev, state->fd, state->wb_req, + sizeof(struct winbindd_request), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_req_write_main; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_req_write_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct req_write_state *state = talloc_get_type_abort( + req->private_data, struct req_write_state); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_req->extra_len == 0) { + async_req_done(req); + return; + } + + subreq = sendall_send(state, state->ev, state->fd, + state->wb_req->extra_data.data, + state->wb_req->extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_req_write_extra; + subreq->async.priv = req; +} + +static void wb_req_write_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + async_req_done(req); +} + +NTSTATUS wb_req_write_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + return NT_STATUS_OK; +} + +struct resp_read_state { + struct winbindd_response *wb_resp; + struct event_context *ev; + size_t max_extra_data; + int fd; +}; + +static void wb_resp_read_len(struct async_req *subreq); +static void wb_resp_read_main(struct async_req *subreq); +static void wb_resp_read_extra(struct async_req *subreq); + +struct async_req *wb_resp_read_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd) +{ + struct async_req *result, *subreq; + struct resp_read_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct resp_read_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_resp = talloc(state, struct winbindd_response); + if (state->wb_resp == NULL) { + goto nomem; + } + + subreq = recvall_send(state, ev, state->fd, &(state->wb_resp->length), + sizeof(state->wb_resp->length), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_resp_read_len; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_resp_read_len(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_resp->length < sizeof(struct winbindd_response)) { + DEBUG(0, ("wb_resp_read_len: Invalid response size received: " + "%d (expected at least%d)\n", + (int)state->wb_resp->length, + (int)sizeof(struct winbindd_response))); + async_req_error(req, NT_STATUS_INVALID_BUFFER_SIZE); + return; + } + + subreq = recvall_send( + req, state->ev, state->fd, (uint32 *)(state->wb_resp)+1, + sizeof(struct winbindd_response) - sizeof(uint32), 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_read_main; + subreq->async.priv = req; +} + +static void wb_resp_read_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + NTSTATUS status; + size_t extra_len; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + extra_len = state->wb_resp->length - sizeof(struct winbindd_response); + if (extra_len == 0) { + async_req_done(req); + return; + } + + state->wb_resp->extra_data.data = TALLOC_ARRAY( + state->wb_resp, char, extra_len+1); + if (state->wb_resp->extra_data.data == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + ((char *)state->wb_resp->extra_data.data)[extra_len] = 0; + + subreq = recvall_send( + req, state->ev, state->fd, state->wb_resp->extra_data.data, + extra_len, 0); + if (subreq == NULL) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_read_extra; + subreq->async.priv = req; +} + +static void wb_resp_read_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = recvall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + async_req_done(req); +} + + +NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp) +{ + struct resp_read_state *state = talloc_get_type_abort( + req->private_data, struct resp_read_state); + + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + *presp = talloc_move(mem_ctx, &state->wb_resp); + return NT_STATUS_OK; +} + +struct resp_write_state { + struct winbindd_response *wb_resp; + struct event_context *ev; + int fd; +}; + +static void wb_resp_write_main(struct async_req *subreq); +static void wb_resp_write_extra(struct async_req *subreq); + +struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, int fd, + struct winbindd_response *wb_resp) +{ + struct async_req *result, *subreq; + struct resp_write_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct resp_write_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->fd = fd; + state->ev = ev; + state->wb_resp = wb_resp; + + subreq = sendall_send(state, state->ev, state->fd, state->wb_resp, + sizeof(struct winbindd_response), 0); + if (subreq == NULL) { + goto nomem; + } + + subreq->async.fn = wb_resp_write_main; + subreq->async.priv = result; + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_resp_write_main(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct resp_write_state *state = talloc_get_type_abort( + req->private_data, struct resp_write_state); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + if (state->wb_resp->length == sizeof(struct winbindd_response)) { + async_req_done(req); + return; + } + + subreq = sendall_send( + state, state->ev, state->fd, + state->wb_resp->extra_data.data, + state->wb_resp->length - sizeof(struct winbindd_response), 0); + if (subreq == 0) { + async_req_error(req, NT_STATUS_NO_MEMORY); + return; + } + + subreq->async.fn = wb_resp_write_extra; + subreq->async.priv = req; +} + +static void wb_resp_write_extra(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + NTSTATUS status; + + status = sendall_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + async_req_done(req); +} + +NTSTATUS wb_resp_write_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; + } + + return NT_STATUS_OK; +} -- cgit From 15c942657d4767663d2164a3089253f8dde8b413 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Dec 2008 08:25:25 +0100 Subject: Add wb_trans_send/revc --- source3/winbindd/winbindd_proto.h | 9 ++ source3/winbindd/winbindd_reqtrans.c | 190 +++++++++++++++++++++++++++++------ 2 files changed, 166 insertions(+), 33 deletions(-) diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 3869ac5771..92ce1f9850 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -88,6 +88,15 @@ struct async_req *wb_resp_write_send(TALLOC_CTX *mem_ctx, struct winbindd_response *wb_resp); NTSTATUS wb_resp_write_recv(struct async_req *req); +struct async_req *wb_trans_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, + struct winbindd_request *wb_req, + struct timeval timeout, + size_t reply_max_extra_data); +NTSTATUS wb_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp); + /* The following definitions come from winbindd/winbindd_ads.c */ diff --git a/source3/winbindd/winbindd_reqtrans.c b/source3/winbindd/winbindd_reqtrans.c index e9901e173f..ea16c5f81e 100644 --- a/source3/winbindd/winbindd_reqtrans.c +++ b/source3/winbindd/winbindd_reqtrans.c @@ -103,8 +103,7 @@ static void wb_req_read_len(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, (uint32 *)(state->wb_req)+1, sizeof(struct winbindd_request) - sizeof(uint32), 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -143,17 +142,16 @@ static void wb_req_read_main(struct async_req *subreq) state->wb_req->extra_data.data = TALLOC_ARRAY( state->wb_req, char, state->wb_req->extra_len + 1); - if (state->wb_req->extra_data.data == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(state->wb_req->extra_data.data, req)) { return; } + state->wb_req->extra_data.data[state->wb_req->extra_len] = 0; subreq = recvall_send( req, state->ev, state->fd, state->wb_req->extra_data.data, state->wb_req->extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -182,12 +180,11 @@ NTSTATUS wb_req_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, { struct req_read_state *state = talloc_get_type_abort( req->private_data, struct req_read_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } - *preq = talloc_move(mem_ctx, &state->wb_req); return NT_STATUS_OK; } @@ -261,8 +258,7 @@ static void wb_req_write_main(struct async_req *subreq) subreq = sendall_send(state, state->ev, state->fd, state->wb_req->extra_data.data, state->wb_req->extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -288,12 +284,7 @@ static void wb_req_write_extra(struct async_req *subreq) NTSTATUS wb_req_write_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; - } - - return NT_STATUS_OK; + return async_req_simple_recv(req); } struct resp_read_state { @@ -373,8 +364,7 @@ static void wb_resp_read_len(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, (uint32 *)(state->wb_resp)+1, sizeof(struct winbindd_response) - sizeof(uint32), 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -406,8 +396,7 @@ static void wb_resp_read_main(struct async_req *subreq) state->wb_resp->extra_data.data = TALLOC_ARRAY( state->wb_resp, char, extra_len+1); - if (state->wb_resp->extra_data.data == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(state->wb_resp->extra_data.data, req)) { return; } ((char *)state->wb_resp->extra_data.data)[extra_len] = 0; @@ -415,8 +404,7 @@ static void wb_resp_read_main(struct async_req *subreq) subreq = recvall_send( req, state->ev, state->fd, state->wb_resp->extra_data.data, extra_len, 0); - if (subreq == NULL) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -445,12 +433,11 @@ NTSTATUS wb_resp_read_recv(struct async_req *req, TALLOC_CTX *mem_ctx, { struct resp_read_state *state = talloc_get_type_abort( req->private_data, struct resp_read_state); + NTSTATUS status; - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + if (async_req_is_error(req, &status)) { + return status; } - *presp = talloc_move(mem_ctx, &state->wb_resp); return NT_STATUS_OK; } @@ -525,8 +512,7 @@ static void wb_resp_write_main(struct async_req *subreq) state, state->ev, state->fd, state->wb_resp->extra_data.data, state->wb_resp->length - sizeof(struct winbindd_response), 0); - if (subreq == 0) { - async_req_error(req, NT_STATUS_NO_MEMORY); + if (async_req_nomem(subreq, req)) { return; } @@ -552,10 +538,148 @@ static void wb_resp_write_extra(struct async_req *subreq) NTSTATUS wb_resp_write_recv(struct async_req *req) { - SMB_ASSERT(req->state >= ASYNC_REQ_DONE); - if (req->state == ASYNC_REQ_ERROR) { - return req->status; + return async_req_simple_recv(req); +} + +struct wb_trans_state { + struct event_context *ev; + struct timed_event *te; + int fd; + struct winbindd_response *wb_resp; + size_t reply_max_extra_data; +}; + +static void wb_trans_timeout(struct event_context *ev, struct timed_event *te, + const struct timeval *now, void *priv); +static void wb_trans_sent(struct async_req *req); +static void wb_trans_received(struct async_req *req); + +struct async_req *wb_trans_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + int fd, + struct winbindd_request *wb_req, + struct timeval timeout, + size_t reply_max_extra_data) +{ + struct async_req *result, *subreq; + struct wb_trans_state *state; + + result = async_req_new(mem_ctx, ev); + if (result == NULL) { + return NULL; + } + + state = talloc(result, struct wb_trans_state); + if (state == NULL) { + goto nomem; + } + result->private_data = state; + + state->ev = ev; + state->fd = fd; + state->reply_max_extra_data = reply_max_extra_data; + + state->te = event_add_timed( + ev, state, + timeval_current_ofs(timeout.tv_sec, timeout.tv_usec), + "wb_trans_timeout", wb_trans_timeout, result); + if (state->te == NULL) { + goto nomem; + } + + subreq = wb_req_write_send(state, state->ev, state->fd, wb_req); + if (subreq == NULL) { + goto nomem; + } + subreq->async.fn = wb_trans_sent; + subreq->async.priv = result; + + return result; + + nomem: + TALLOC_FREE(result); + return NULL; +} + +static void wb_trans_timeout(struct event_context *ev, struct timed_event *te, + const struct timeval *now, void *priv) +{ + struct async_req *req = talloc_get_type_abort( + priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + + TALLOC_FREE(state->te); + async_req_error(req, NT_STATUS_IO_TIMEOUT); +} + +static void wb_trans_sent(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + status = wb_req_write_recv(subreq); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + subreq = wb_resp_read_send(state, state->ev, state->fd); + if (async_req_nomem(subreq, req)) { + return; + } + + subreq->async.fn = wb_trans_received; + subreq->async.priv = req; +}; + +static void wb_trans_received(struct async_req *subreq) +{ + struct async_req *req = talloc_get_type_abort( + subreq->async.priv, struct async_req); + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + TALLOC_FREE(state->te); + + status = wb_resp_read_recv(subreq, state, &state->wb_resp); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; } + async_req_done(req); +} + +NTSTATUS wb_trans_recv(struct async_req *req, TALLOC_CTX *mem_ctx, + struct winbindd_response **presp) +{ + struct wb_trans_state *state = talloc_get_type_abort( + req->private_data, struct wb_trans_state); + NTSTATUS status; + + if (async_req_is_error(req, &status)) { + return status; + } + *presp = talloc_move(mem_ctx, &state->wb_resp); return NT_STATUS_OK; } + +struct wb_trans_queue_state { + struct wb_trans_queue_state *prev, *next; + struct wb_trans_queue *queue; + struct winbindd_request *req; +}; + +struct wb_trans_queue { + int fd; + struct timeval timeout; + size_t max_resp_extra_data; + struct wb_trans_queue_state *queued_requests; +}; -- cgit From 3878dad0c68884c941b1d6a428f21928014fbc3e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 8 Dec 2008 14:24:38 -0800 Subject: Fix bug #5953 - smbclient crashes: cli_list_new segmentation fault. Jeremy. --- source3/libsmb/clilist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 50918458b0..cebafc6919 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -417,7 +417,7 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute, } SAFE_FREE(mask); - if (ff_searchcount > 0) { + if (ff_searchcount > 0 && ff_eos == 0 && finfo.name) { mask = SMB_STRDUP(finfo.name); } else { mask = SMB_STRDUP(""); -- cgit From 9985898e94e4aa4476c87ed34e0899a5f4117752 Mon Sep 17 00:00:00 2001 From: Todd Stecher Date: Thu, 4 Dec 2008 11:33:32 -0800 Subject: s3: Add support for access based share enumeration --- .../smbdotconf/security/accessbasedshareenum.xml | 18 +++++++ source3/include/proto.h | 1 + source3/param/loadparm.c | 13 +++++ source3/rpc_server/srv_srvsvc_nt.c | 58 +++++++++++++++------- 4 files changed, 71 insertions(+), 19 deletions(-) create mode 100644 docs-xml/smbdotconf/security/accessbasedshareenum.xml diff --git a/docs-xml/smbdotconf/security/accessbasedshareenum.xml b/docs-xml/smbdotconf/security/accessbasedshareenum.xml new file mode 100644 index 0000000000..c2977c47ae --- /dev/null +++ b/docs-xml/smbdotconf/security/accessbasedshareenum.xml @@ -0,0 +1,18 @@ + + public + + If this parameter is yes for a + service, then the share hosted by the service will only be visible + to users who have read or write access to the share during share + enumeration (for example net view \\sambaserver). This has + parallels to access based enumeration, the main difference being + that only share permissions are evaluated, and security + descriptors on files contained on the share are not used in + computing enumeration access rights. + + no + diff --git a/source3/include/proto.h b/source3/include/proto.h index d0e64f7f14..ed79ad03ec 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4136,6 +4136,7 @@ bool lp_hide_special_files(int ); bool lp_hideunreadable(int ); bool lp_hideunwriteable_files(int ); bool lp_browseable(int ); +bool lp_access_based_share_enum(int ); bool lp_readonly(int ); bool lp_no_set_dir(int ); bool lp_guest_ok(int ); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c743b89680..7e7a1e505e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -425,6 +425,7 @@ struct service { bool bHideUnReadable; bool bHideUnWriteableFiles; bool bBrowseable; + bool bAccessBasedShareEnum; bool bAvailable; bool bRead_only; bool bNo_set_dir; @@ -568,6 +569,7 @@ static struct service sDefault = { False, /* bHideUnReadable */ False, /* bHideUnWriteableFiles */ True, /* bBrowseable */ + False, /* bAccessBasedShareEnum */ True, /* bAvailable */ True, /* bRead_only */ True, /* bNo_set_dir */ @@ -3303,6 +3305,15 @@ static struct parm_struct parm_table[] = { .enum_list = NULL, .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT, }, + { + .label = "access based share enum", + .type = P_BOOL, + .p_class = P_LOCAL, + .ptr = &sDefault.bAccessBasedShareEnum, + .special = NULL, + .enum_list = NULL, + .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE + }, { .label = "browsable", .type = P_BOOL, @@ -5331,6 +5342,7 @@ FN_LOCAL_BOOL(lp_hide_special_files, bHideSpecialFiles) FN_LOCAL_BOOL(lp_hideunreadable, bHideUnReadable) FN_LOCAL_BOOL(lp_hideunwriteable_files, bHideUnWriteableFiles) FN_LOCAL_BOOL(lp_browseable, bBrowseable) +FN_LOCAL_BOOL(lp_access_based_share_enum, bAccessBasedShareEnum) FN_LOCAL_BOOL(lp_readonly, bRead_only) FN_LOCAL_BOOL(lp_no_set_dir, bNo_set_dir) FN_LOCAL_BOOL(lp_guest_ok, bGuest_ok) @@ -5925,6 +5937,7 @@ bool lp_add_home(const char *pszHomename, int iDefaultService, /* set the browseable flag from the global default */ ServicePtrs[i]->bBrowseable = sDefault.bBrowseable; + ServicePtrs[i]->bAccessBasedShareEnum = sDefault.bAccessBasedShareEnum; ServicePtrs[i]->autoloaded = True; diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 76b475120d..67ff1fecf6 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -492,6 +492,19 @@ static bool is_hidden_share(int snum) return (net_name[strlen(net_name) - 1] == '$') ? True : False; } +/******************************************************************* + Verify user is allowed to view share, access based enumeration +********************************************************************/ +static bool is_enumeration_allowed(pipes_struct *p, + int snum) +{ + if (!lp_access_based_share_enum(snum)) + return true; + + return share_access_check(p->server_info->ptok, lp_servicename(snum), + FILE_READ_DATA); +} + /******************************************************************* Fill in a share info structure. ********************************************************************/ @@ -509,6 +522,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, TALLOC_CTX *ctx = p->mem_ctx; int i = 0; int valid_share_count = 0; + bool *allowed = 0; union srvsvc_NetShareCtr ctr; uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0; @@ -521,15 +535,21 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, num_services = lp_numservices(); unbecome_root(); - /* Count the number of entries. */ - for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) ) { - DEBUG(10, ("counting service %s\n", lp_servicename(snum))); - num_entries++; - } else { - DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum))); - } - } + allowed = TALLOC_ZERO_ARRAY(ctx, int, num_services); + W_ERROR_HAVE_NO_MEMORY(allowed); + + /* Count the number of entries. */ + for (snum = 0; snum < num_services; snum++) { + if (lp_browseable(snum) && lp_snum_ok(snum) && + is_enumeration_allowed(p, snum) && + (all_shares || !is_hidden_share(snum)) ) { + DEBUG(10, ("counting service %s\n", lp_servicename(snum))); + allowed[snum] = true; + num_entries++; + } else { + DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum))); + } + } if (!num_entries || (resume_handle >= num_entries)) { return WERR_OK; @@ -547,7 +567,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr0->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_0(p, &ctr.ctr0->array[i++], snum); } @@ -564,7 +584,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1(p, &ctr.ctr1->array[i++], snum); } @@ -581,7 +601,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr2->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_2(p, &ctr.ctr2->array[i++], snum); } @@ -598,7 +618,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr501->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_501(p, &ctr.ctr501->array[i++], snum); } @@ -615,7 +635,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr502->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_502(p, &ctr.ctr502->array[i++], snum); } @@ -632,7 +652,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1004->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1004(p, &ctr.ctr1004->array[i++], snum); } @@ -649,7 +669,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1005->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1005(p, &ctr.ctr1005->array[i++], snum); } @@ -666,7 +686,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1006->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1006(p, &ctr.ctr1006->array[i++], snum); } @@ -683,7 +703,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1007->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1007(p, &ctr.ctr1007->array[i++], snum); } @@ -700,7 +720,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, W_ERROR_HAVE_NO_MEMORY(ctr.ctr1501->array); for (snum = 0; snum < num_services; snum++) { - if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) && + if (allowed[snum] && (resume_handle <= (i + valid_share_count++)) ) { init_srv_share_info_1501(p, &ctr.ctr1501->array[i++], snum); } -- cgit From 89e57a8fad2be4e36a726822072548d7a64bf68f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 12:39:14 +0100 Subject: s3-srvsvc: fix build warning. Guenther --- source3/rpc_server/srv_srvsvc_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 67ff1fecf6..15af963c4c 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -522,7 +522,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, TALLOC_CTX *ctx = p->mem_ctx; int i = 0; int valid_share_count = 0; - bool *allowed = 0; + bool *allowed = 0; union srvsvc_NetShareCtr ctr; uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0; @@ -535,7 +535,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p, num_services = lp_numservices(); unbecome_root(); - allowed = TALLOC_ZERO_ARRAY(ctx, int, num_services); + allowed = TALLOC_ZERO_ARRAY(ctx, bool, num_services); W_ERROR_HAVE_NO_MEMORY(allowed); /* Count the number of entries. */ -- cgit From 8608fd87b0ba43e128b984e314047589e607f377 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 12:39:47 +0100 Subject: s3-samr: a level 18 password set needs to set the pwdlastset as well. Guenther --- source3/rpc_server/srv_samr_nt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 513634019b..25bbc6eeac 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3729,6 +3729,8 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) { return NT_STATUS_ACCESS_DENIED; } + + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); } if (id18->lm_pwd_active) { @@ -3743,6 +3745,8 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18, if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) { return NT_STATUS_ACCESS_DENIED; } + + pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED); } if (id18->password_expired) { -- cgit From 03dba698a01e5562bf961a8948fb6e5b2d61fa40 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 9 Dec 2008 09:22:31 +0100 Subject: s4:rpc_server: initialize rpc server module also for the named pipe case This fixes bug #5878. metze --- source4/rpc_server/config.mk | 26 +++++++++++++------------- source4/rpc_server/dcerpc_server.c | 34 ++++++++++++++++++++++++++++++++++ source4/rpc_server/service_rpc.c | 22 ++-------------------- 3 files changed, 49 insertions(+), 33 deletions(-) diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk index 2149d682aa..76aa6b938a 100644 --- a/source4/rpc_server/config.mk +++ b/source4/rpc_server/config.mk @@ -17,7 +17,7 @@ PUBLIC_HEADERS += $(rpc_serversrcdir)/common/common.h # Start MODULE dcerpc_rpcecho [MODULE::dcerpc_rpcecho] INIT_FUNCTION = dcerpc_server_rpcecho_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = NDR_ECHO # End MODULE dcerpc_rpcecho ################################################ @@ -28,7 +28,7 @@ dcerpc_rpcecho_OBJ_FILES = $(rpc_serversrcdir)/echo/rpc_echo.o # Start MODULE dcerpc_epmapper [MODULE::dcerpc_epmapper] INIT_FUNCTION = dcerpc_server_epmapper_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = NDR_EPMAPPER # End MODULE dcerpc_epmapper ################################################ @@ -39,7 +39,7 @@ dcerpc_epmapper_OBJ_FILES = $(rpc_serversrcdir)/epmapper/rpc_epmapper.o # Start MODULE dcerpc_remote [MODULE::dcerpc_remote] INIT_FUNCTION = dcerpc_server_remote_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ LIBCLI_SMB NDR_TABLE # End MODULE dcerpc_remote @@ -51,7 +51,7 @@ dcerpc_remote_OBJ_FILES = $(rpc_serversrcdir)/remote/dcesrv_remote.o # Start MODULE dcerpc_srvsvc [MODULE::dcerpc_srvsvc] INIT_FUNCTION = dcerpc_server_srvsvc_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ DCERPC_COMMON NDR_SRVSVC share # End MODULE dcerpc_srvsvc @@ -66,7 +66,7 @@ $(eval $(call proto_header_template,$(rpc_serversrcdir)/srvsvc/proto.h,$(dcerpc_ # Start MODULE dcerpc_wkssvc [MODULE::dcerpc_wkssvc] INIT_FUNCTION = dcerpc_server_wkssvc_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ DCERPC_COMMON NDR_WKSSVC # End MODULE dcerpc_wkssvc @@ -78,7 +78,7 @@ dcerpc_wkssvc_OBJ_FILES = $(rpc_serversrcdir)/wkssvc/dcesrv_wkssvc.o # Start MODULE dcerpc_unixinfo [MODULE::dcerpc_unixinfo] INIT_FUNCTION = dcerpc_server_unixinfo_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ DCERPC_COMMON \ SAMDB \ @@ -94,7 +94,7 @@ dcerpc_unixinfo_OBJ_FILES = $(rpc_serversrcdir)/unixinfo/dcesrv_unixinfo.o # Start MODULE dcesrv_samr [MODULE::dcesrv_samr] INIT_FUNCTION = dcerpc_server_samr_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ SAMDB \ DCERPC_COMMON \ @@ -110,7 +110,7 @@ $(eval $(call proto_header_template,$(rpc_serversrcdir)/samr/proto.h,$(dcesrv_sa # Start MODULE dcerpc_winreg [MODULE::dcerpc_winreg] INIT_FUNCTION = dcerpc_server_winreg_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server OUTPUT_TYPE = MERGED_OBJ PRIVATE_DEPENDENCIES = \ registry NDR_WINREG @@ -123,7 +123,7 @@ dcerpc_winreg_OBJ_FILES = $(rpc_serversrcdir)/winreg/rpc_winreg.o # Start MODULE dcerpc_netlogon [MODULE::dcerpc_netlogon] INIT_FUNCTION = dcerpc_server_netlogon_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ DCERPC_COMMON \ SCHANNELDB \ @@ -138,7 +138,7 @@ dcerpc_netlogon_OBJ_FILES = $(rpc_serversrcdir)/netlogon/dcerpc_netlogon.o # Start MODULE dcerpc_lsa [MODULE::dcerpc_lsarpc] INIT_FUNCTION = dcerpc_server_lsa_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ SAMDB \ DCERPC_COMMON \ @@ -157,7 +157,7 @@ $(eval $(call proto_header_template,$(rpc_serversrcdir)/lsa/proto.h,$(dcerpc_lsa # Start MODULE dcerpc_spoolss [MODULE::dcerpc_spoolss] INIT_FUNCTION = dcerpc_server_spoolss_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server OUTPUT_TYPE = MERGED_OBJ PRIVATE_DEPENDENCIES = \ DCERPC_COMMON \ @@ -173,7 +173,7 @@ dcerpc_spoolss_OBJ_FILES = $(rpc_serversrcdir)/spoolss/dcesrv_spoolss.o # Start MODULE dcerpc_drsuapi [MODULE::dcerpc_drsuapi] INIT_FUNCTION = dcerpc_server_drsuapi_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ SAMDB \ DCERPC_COMMON \ @@ -187,7 +187,7 @@ dcerpc_drsuapi_OBJ_FILES = $(rpc_serversrcdir)/drsuapi/dcesrv_drsuapi.o # Start MODULE dcerpc_browser [MODULE::dcerpc_browser] INIT_FUNCTION = dcerpc_server_browser_init -SUBSYSTEM = DCESRV +SUBSYSTEM = dcerpc_server PRIVATE_DEPENDENCIES = \ DCERPC_COMMON \ NDR_BROWSER diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 063e3ff3bd..5d95cb8c87 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -1422,6 +1422,38 @@ const struct dcesrv_endpoint_server *dcesrv_ep_server_byname(const char *name) return NULL; } +void dcerpc_server_init(struct loadparm_context *lp_ctx) +{ + static bool initialized; + extern NTSTATUS dcerpc_server_wkssvc_init(void); + extern NTSTATUS dcerpc_server_drsuapi_init(void); + extern NTSTATUS dcerpc_server_winreg_init(void); + extern NTSTATUS dcerpc_server_spoolss_init(void); + extern NTSTATUS dcerpc_server_epmapper_init(void); + extern NTSTATUS dcerpc_server_srvsvc_init(void); + extern NTSTATUS dcerpc_server_netlogon_init(void); + extern NTSTATUS dcerpc_server_rpcecho_init(void); + extern NTSTATUS dcerpc_server_unixinfo_init(void); + extern NTSTATUS dcerpc_server_samr_init(void); + extern NTSTATUS dcerpc_server_remote_init(void); + extern NTSTATUS dcerpc_server_lsa_init(void); + extern NTSTATUS dcerpc_server_browser_init(void); + init_module_fn static_init[] = { STATIC_dcerpc_server_MODULES }; + init_module_fn *shared_init; + + if (initialized) { + return; + } + initialized = true; + + shared_init = load_samba_modules(NULL, lp_ctx, "dcerpc_server"); + + run_init_functions(static_init); + run_init_functions(shared_init); + + talloc_free(shared_init); +} + /* return the DCERPC module version, and the size of some critical types This can be used by endpoint server modules to either detect compilation errors, or provide @@ -1454,6 +1486,8 @@ _PUBLIC_ NTSTATUS dcesrv_init_ipc_context(TALLOC_CTX *mem_ctx, struct loadparm_c NTSTATUS status; struct dcesrv_context *dce_ctx; + dcerpc_server_init(lp_ctx); + status = dcesrv_init_context(mem_ctx, lp_ctx, lp_dcerpc_endpoint_servers(lp_ctx), &dce_ctx); NT_STATUS_NOT_OK_RETURN(status); diff --git a/source4/rpc_server/service_rpc.c b/source4/rpc_server/service_rpc.c index 8b9020d8e7..6c19b2346b 100644 --- a/source4/rpc_server/service_rpc.c +++ b/source4/rpc_server/service_rpc.c @@ -425,26 +425,8 @@ static void dcesrv_task_init(struct task_server *task) NTSTATUS status; struct dcesrv_context *dce_ctx; struct dcesrv_endpoint *e; - extern NTSTATUS dcerpc_server_wkssvc_init(void); - extern NTSTATUS dcerpc_server_drsuapi_init(void); - extern NTSTATUS dcerpc_server_winreg_init(void); - extern NTSTATUS dcerpc_server_spoolss_init(void); - extern NTSTATUS dcerpc_server_epmapper_init(void); - extern NTSTATUS dcerpc_server_srvsvc_init(void); - extern NTSTATUS dcerpc_server_netlogon_init(void); - extern NTSTATUS dcerpc_server_rpcecho_init(void); - extern NTSTATUS dcerpc_server_unixinfo_init(void); - extern NTSTATUS dcerpc_server_samr_init(void); - extern NTSTATUS dcerpc_server_remote_init(void); - extern NTSTATUS dcerpc_server_lsa_init(void); - extern NTSTATUS dcerpc_server_browser_init(void); - init_module_fn static_init[] = { STATIC_DCESRV_MODULES }; - init_module_fn *shared_init = load_samba_modules(NULL, task->lp_ctx, "dcerpc_server"); - - run_init_functions(static_init); - run_init_functions(shared_init); - - talloc_free(shared_init); + + dcerpc_server_init(task->lp_ctx); task_server_set_title(task, "task[dcesrv]"); -- cgit From c8b0196c958b454a58d342df531c6f859381c78b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 14:48:10 +0100 Subject: s3-libnet: fix build warning (missing prototype). Guenther --- source3/libnet/libnet_samsync.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/libnet/libnet_samsync.c b/source3/libnet/libnet_samsync.c index 4351810169..73d4439743 100644 --- a/source3/libnet/libnet_samsync.c +++ b/source3/libnet/libnet_samsync.c @@ -282,8 +282,8 @@ static const char *samsync_debug_str(TALLOC_CTX *mem_ctx, * libnet_samsync */ -void libnet_init_netr_ChangeLogEntry(struct samsync_object *o, - struct netr_ChangeLogEntry *e) +static void libnet_init_netr_ChangeLogEntry(struct samsync_object *o, + struct netr_ChangeLogEntry *e) { ZERO_STRUCTP(e); -- cgit From 3508a66fcd1ddf0f1743a3e2816651746a3b95de Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 9 Dec 2008 16:16:31 +0100 Subject: s4:rpc_server: don't keep half finished dcesrv_connection_contexts metze --- source4/rpc_server/dcerpc_server.c | 83 +++++++++++++++++++------------------- 1 file changed, 42 insertions(+), 41 deletions(-) diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 5d95cb8c87..2c218bdc8d 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -288,26 +288,6 @@ _PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, return NT_STATUS_OK; } - -/* - destroy a link to an endpoint -*/ -static int dcesrv_endpoint_destructor(struct dcesrv_connection *p) -{ - while (p->contexts) { - struct dcesrv_connection_context *c = p->contexts; - - DLIST_REMOVE(p->contexts, c); - - if (c->iface) { - c->iface->unbind(c, c->iface); - } - } - - return 0; -} - - /* connect to a dcerpc endpoint */ @@ -355,8 +335,6 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, p->state_flags = state_flags; ZERO_STRUCT(p->transport); - talloc_set_destructor(p, dcesrv_endpoint_destructor); - *_p = p; return NT_STATUS_OK; } @@ -531,6 +509,16 @@ static NTSTATUS dcesrv_bind_nak(struct dcesrv_call_state *call, uint32_t reason) return NT_STATUS_OK; } +static int dcesrv_connection_context_destructor(struct dcesrv_connection_context *c) +{ + DLIST_REMOVE(c->conn->contexts, c); + + if (c->iface) { + c->iface->unbind(c, c->iface); + } + + return 0; +} /* handle a bind request @@ -619,6 +607,20 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) context->handles = NULL; DLIST_ADD(call->conn->contexts, context); call->context = context; + talloc_set_destructor(context, dcesrv_connection_context_destructor); + + status = iface->bind(call, iface); + if (!NT_STATUS_IS_OK(status)) { + char *uuid_str = GUID_string(call, &uuid); + DEBUG(2,("Request for dcerpc interface %s/%d rejected: %s\n", + uuid_str, if_version, nt_errstr(status))); + talloc_free(uuid_str); + /* we don't want to trigger the iface->unbind() hook */ + context->iface = NULL; + talloc_free(call->context); + call->context = NULL; + return dcesrv_bind_nak(call, 0); + } } if (call->conn->cli_max_recv_frag == 0) { @@ -633,6 +635,8 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) /* handle any authentication that is being requested */ if (!dcesrv_auth_bind(call)) { + talloc_free(call->context); + call->context = NULL; return dcesrv_bind_nak(call, DCERPC_BIND_REASON_INVALID_AUTH_TYPE); } @@ -654,6 +658,8 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) pkt.u.bind_ack.num_results = 1; pkt.u.bind_ack.ctx_list = talloc(call, struct dcerpc_ack_ctx); if (!pkt.u.bind_ack.ctx_list) { + talloc_free(call->context); + call->context = NULL; return NT_STATUS_NO_MEMORY; } pkt.u.bind_ack.ctx_list[0].result = result; @@ -663,30 +669,22 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) status = dcesrv_auth_bind_ack(call, &pkt); if (!NT_STATUS_IS_OK(status)) { + talloc_free(call->context); + call->context = NULL; return dcesrv_bind_nak(call, 0); } - if (iface) { - status = iface->bind(call, iface); - if (!NT_STATUS_IS_OK(status)) { - char *uuid_str = GUID_string(call, &uuid); - DEBUG(2,("Request for dcerpc interface %s/%d rejected: %s\n", - uuid_str, if_version, nt_errstr(status))); - talloc_free(uuid_str); - return dcesrv_bind_nak(call, 0); - } - } - - /* the iface->bind() might change the assoc_group_id */ - pkt.u.bind_ack.assoc_group_id = call->context->assoc_group_id; - rep = talloc(call, struct data_blob_list_item); if (!rep) { + talloc_free(call->context); + call->context = NULL; return NT_STATUS_NO_MEMORY; } status = ncacn_push_auth(&rep->blob, call, lp_iconv_convenience(call->conn->dce_ctx->lp_ctx), &pkt, call->conn->auth_state.auth_info); if (!NT_STATUS_IS_OK(status)) { + talloc_free(call->context); + call->context = NULL; return status; } @@ -760,12 +758,15 @@ static NTSTATUS dcesrv_alter_new_context(struct dcesrv_call_state *call, uint32_ context->handles = NULL; DLIST_ADD(call->conn->contexts, context); call->context = context; + talloc_set_destructor(context, dcesrv_connection_context_destructor); - if (iface) { - status = iface->bind(call, iface); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + status = iface->bind(call, iface); + if (!NT_STATUS_IS_OK(status)) { + /* we don't want to trigger the iface->unbind() hook */ + context->iface = NULL; + talloc_free(context); + call->context = NULL; + return status; } return NT_STATUS_OK; -- cgit From 920395442869d5d32f80e48d211047450f274aba Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Dec 2008 17:28:15 +0100 Subject: s3-ldapsam: Fix Bug 5957: do not abort rename process on valid rename script. Guenther (cherry picked from commit 26139344fd0fac4fdd2a6752628b252fbd9b7450) (cherry picked from commit 866efa63a26f75bbf17cd4bebf639594e2feafba) --- source3/passdb/pdb_ldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index ddbb53a9b9..95e9a01ba3 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -2014,7 +2014,7 @@ static NTSTATUS ldapsam_rename_sam_account(struct pdb_methods *my_methods, newname_lower, true, true); - if (rename_script) { + if (!rename_script) { return NT_STATUS_NO_MEMORY; } rename_script = realloc_string_sub2(rename_script, -- cgit From f62e0d6c96519a04f29df91c9c8722843e51be44 Mon Sep 17 00:00:00 2001 From: SATOH Fumiyasu Date: Tue, 9 Dec 2008 14:26:22 -0800 Subject: Fix bug #5688 LPQ process is orphaned if socket address parameter is invalid --- source3/printing/printing.c | 39 +++++++++++++++++++++++++++++++++------ 1 file changed, 33 insertions(+), 6 deletions(-) diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 4051a6ca34..ba88f8ee56 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -1394,7 +1394,19 @@ main thread of the background lpq updater ****************************************************************************/ void start_background_queue(void) { + /* Use local variables for this as we don't + * need to save the parent side of this, just + * ensure it closes when the process exits. + */ + int pause_pipe[2]; + DEBUG(3,("start_background_queue: Starting background LPQ thread\n")); + + if (pipe(pause_pipe) == -1) { + DEBUG(5,("start_background_queue: cannot create pipe. %s\n", strerror(errno) )); + exit(1); + } + background_lpq_updater_pid = sys_fork(); if (background_lpq_updater_pid == -1) { @@ -1406,6 +1418,9 @@ void start_background_queue(void) /* Child. */ DEBUG(5,("start_background_queue: background LPQ thread started\n")); + close(pause_pipe[0]); + pause_pipe[0] = -1; + if (!reinit_after_fork(smbd_messaging_context(), true)) { DEBUG(0,("reinit_after_fork() failed\n")); smb_panic("reinit_after_fork() failed"); @@ -1420,13 +1435,23 @@ void start_background_queue(void) messaging_register(smbd_messaging_context(), NULL, MSG_PRINTER_UPDATE, print_queue_receive); - + DEBUG(5,("start_background_queue: background LPQ thread waiting for messages\n")); while (1) { - pause(); - + fd_set pause_fds; + int pause_select; + + FD_ZERO(&pause_fds); + FD_SET(pause_pipe[1], &pause_fds); + pause_select = sys_select(pause_pipe[1]+1, &pause_fds, NULL, NULL, NULL); + /* If pause_pipe[0] is closed it means the parent smbd + * and children exited or aborted. */ + if (pause_select == 1) { + exit_server_cleanly(NULL); + } + /* check for some essential signals first */ - + if (got_sig_term) { exit_server_cleanly(NULL); } @@ -1437,9 +1462,9 @@ void start_background_queue(void) reload_services(False); reload_after_sighup = 0; } - + /* now check for messages */ - + DEBUG(10,("start_background_queue: background LPQ thread got a message\n")); message_dispatch(smbd_messaging_context()); @@ -1449,6 +1474,8 @@ void start_background_queue(void) 0); } } + + close(pause_pipe[1]); } /**************************************************************************** -- cgit From d5d9d3dc0e2c85ab608972cfa8e41122504fb75e Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 29 Oct 2008 17:28:19 -0700 Subject: s3: Make a few open utility functions non-static This allows vfs modules that implement SMB_VFS_CREATE_FILE to access some of the useful utility functions. --- source3/include/proto.h | 32 ++++++++++++++++++++++++++++++++ source3/smbd/dosmode.c | 2 +- source3/smbd/open.c | 32 ++++++++++++++++---------------- 3 files changed, 49 insertions(+), 17 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index ed79ad03ec..9de64d018c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7821,6 +7821,7 @@ bool dns_register_smbd_reply(struct dns_reg_state *dns_state, mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname, const char *inherit_from_dir); uint32 dos_mode_msdfs(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf); +int dos_attributes_to_stat_dos_flags(uint32_t dosmode); uint32 dos_mode(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf); int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, SMB_STRUCT_STAT *st, @@ -8097,6 +8098,34 @@ NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd, uint32_t access_desired, uint32_t *access_granted); NTSTATUS fd_close(files_struct *fsp); +void change_file_owner_to_parent(connection_struct *conn, + const char *inherit_from_dir, + files_struct *fsp); +NTSTATUS change_dir_owner_to_parent(connection_struct *conn, + const char *inherit_from_dir, + const char *fname, + SMB_STRUCT_STAT *psbuf); +bool is_executable(const char *fname); +bool is_stat_open(uint32 access_mask); +bool request_timed_out(struct timeval request_time, + struct timeval timeout); +bool open_match_attributes(connection_struct *conn, + const char *path, + uint32 old_dos_attr, + uint32 new_dos_attr, + mode_t existing_unx_mode, + mode_t new_unx_mode, + mode_t *returned_unx_mode); +NTSTATUS fcb_or_dos_open(struct smb_request *req, + connection_struct *conn, + files_struct *fsp_to_dup_into, + const char *fname, + struct file_id id, + uint16 file_pid, + uint16 vuid, + uint32 access_mask, + uint32 share_access, + uint32 create_options); bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func, uint32 *paccess_mask, uint32 *pshare_mode, @@ -8112,6 +8141,9 @@ void msg_file_was_renamed(struct messaging_context *msg, uint32_t msg_type, struct server_id server_id, DATA_BLOB *data); +struct case_semantics_state; +struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, + connection_struct *conn); NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 954cd5a4d2..de07482369 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -353,7 +353,7 @@ uint32 dos_mode_msdfs(connection_struct *conn, const char *path,SMB_STRUCT_STAT Convert dos attributes (FILE_ATTRIBUTE_*) to dos stat flags (UF_*) ****************************************************************************/ -static int dos_attributes_to_stat_dos_flags(uint32_t dosmode) +int dos_attributes_to_stat_dos_flags(uint32_t dosmode) { uint32_t dos_stat_flags = 0; diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 41a1fb371d..5bd28862e1 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -159,7 +159,7 @@ NTSTATUS fd_close(files_struct *fsp) Do this by fd if possible. ****************************************************************************/ -static void change_file_owner_to_parent(connection_struct *conn, +void change_file_owner_to_parent(connection_struct *conn, const char *inherit_from_dir, files_struct *fsp) { @@ -190,7 +190,7 @@ static void change_file_owner_to_parent(connection_struct *conn, (unsigned int)parent_st.st_uid )); } -static NTSTATUS change_dir_owner_to_parent(connection_struct *conn, +NTSTATUS change_dir_owner_to_parent(connection_struct *conn, const char *inherit_from_dir, const char *fname, SMB_STRUCT_STAT *psbuf) @@ -499,7 +499,7 @@ static NTSTATUS open_file(files_struct *fsp, Return True if the filename is one of the special executable types. ********************************************************************/ -static bool is_executable(const char *fname) +bool is_executable(const char *fname) { if ((fname = strrchr_m(fname,'.'))) { if (strequal(fname,".com") || @@ -661,7 +661,7 @@ static void validate_my_share_entries(int num, } #endif -static bool is_stat_open(uint32 access_mask) +bool is_stat_open(uint32 access_mask) { return (access_mask && ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES| @@ -862,8 +862,8 @@ static bool delay_for_oplocks(struct share_mode_lock *lck, return True; } -static bool request_timed_out(struct timeval request_time, - struct timeval timeout) +bool request_timed_out(struct timeval request_time, + struct timeval timeout) { struct timeval now, end_time; GetTimeOfDay(&now); @@ -928,13 +928,13 @@ static void defer_open(struct share_mode_lock *lck, On overwrite open ensure that the attributes match. ****************************************************************************/ -static bool open_match_attributes(connection_struct *conn, - const char *path, - uint32 old_dos_attr, - uint32 new_dos_attr, - mode_t existing_unx_mode, - mode_t new_unx_mode, - mode_t *returned_unx_mode) +bool open_match_attributes(connection_struct *conn, + const char *path, + uint32 old_dos_attr, + uint32 new_dos_attr, + mode_t existing_unx_mode, + mode_t new_unx_mode, + mode_t *returned_unx_mode) { uint32 noarch_old_dos_attr, noarch_new_dos_attr; @@ -978,7 +978,7 @@ static bool open_match_attributes(connection_struct *conn, Try and find a duplicated file handle. ****************************************************************************/ -static NTSTATUS fcb_or_dos_open(struct smb_request *req, +NTSTATUS fcb_or_dos_open(struct smb_request *req, connection_struct *conn, files_struct *fsp_to_dup_into, const char *fname, @@ -2562,8 +2562,8 @@ static int restore_case_semantics(struct case_semantics_state *state) /**************************************************************************** Save case semantics. ****************************************************************************/ -static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, - connection_struct *conn) +struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx, + connection_struct *conn) { struct case_semantics_state *result; -- cgit From 6153f622af0cd7855ca349f73307988c1b9478b8 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 4 Nov 2008 18:08:03 -0800 Subject: s3: Refactor getting sec_info from a security_descriptor into separate function --- source3/include/proto.h | 1 + source3/lib/secdesc.c | 27 +++++++++++++++++++++++++++ source3/smbd/open.c | 15 ++------------- 3 files changed, 30 insertions(+), 13 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 9de64d018c..26d131e393 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -723,6 +723,7 @@ bool sec_acl_equal(SEC_ACL *s1, SEC_ACL *s2); /* The following definitions come from lib/secdesc.c */ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2); +uint32_t get_sec_info(const SEC_DESC *sd); SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BUF *old_sdb); SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, enum security_descriptor_revision revision, diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index df85336603..400f5f31b0 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -99,6 +99,33 @@ bool sec_desc_equal(SEC_DESC *s1, SEC_DESC *s2) return True; } +/******************************************************************* + Given a security_descriptor return the sec_info. +********************************************************************/ + +uint32_t get_sec_info(const SEC_DESC *sd) +{ + uint32_t sec_info = ALL_SECURITY_INFORMATION; + + SMB_ASSERT(sd); + + if (sd->owner_sid == NULL) { + sec_info &= ~OWNER_SECURITY_INFORMATION; + } + if (sd->group_sid == NULL) { + sec_info &= ~GROUP_SECURITY_INFORMATION; + } + if (sd->sacl == NULL) { + sec_info &= ~SACL_SECURITY_INFORMATION; + } + if (sd->dacl == NULL) { + sec_info &= ~DACL_SECURITY_INFORMATION; + } + + return sec_info; +} + + /******************************************************************* Merge part of security descriptor old_sec in to the empty sections of security descriptor new_sec. diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 5bd28862e1..d59f018cfb 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2963,21 +2963,10 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, if ((sd != NULL) && (info == FILE_WAS_CREATED) && lp_nt_acl_support(SNUM(conn))) { - uint32_t sec_info_sent = ALL_SECURITY_INFORMATION; + uint32_t sec_info_sent; uint32_t saved_access_mask = fsp->access_mask; - if (sd->owner_sid == NULL) { - sec_info_sent &= ~OWNER_SECURITY_INFORMATION; - } - if (sd->group_sid == NULL) { - sec_info_sent &= ~GROUP_SECURITY_INFORMATION; - } - if (sd->sacl == NULL) { - sec_info_sent &= ~SACL_SECURITY_INFORMATION; - } - if (sd->dacl == NULL) { - sec_info_sent &= ~DACL_SECURITY_INFORMATION; - } + sec_info_sent = get_sec_info(sd); fsp->access_mask = FILE_GENERIC_ALL; -- cgit From 2053f77b3c71ad40a875614b98e547fd558375ad Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 19 Nov 2008 21:26:42 -0800 Subject: s3: Refactor calculating path from relative_fid into a separate function --- source3/include/proto.h | 4 ++ source3/smbd/open.c | 174 ++++++++++++++++++++++++++---------------------- 2 files changed, 100 insertions(+), 78 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 26d131e393..d0ad361701 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8163,6 +8163,10 @@ NTSTATUS create_file_default(connection_struct *conn, files_struct **result, int *pinfo, SMB_STRUCT_STAT *psbuf); +NTSTATUS get_relative_fid_filename(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, char **new_fname); /* The following definitions come from smbd/oplock.c */ diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d59f018cfb..078b47a1a7 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3059,6 +3059,96 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, return status; } +/* + * Calculate the full path name given a relative fid. + */ +NTSTATUS get_relative_fid_filename(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, char **new_fname) +{ + files_struct *dir_fsp; + char *parent_fname = NULL; + + if (root_dir_fid == 0 || !fname || !new_fname || !*new_fname) { + return NT_STATUS_INTERNAL_ERROR; + } + + dir_fsp = file_fsp(req, root_dir_fid); + + if (dir_fsp == NULL) { + return NT_STATUS_INVALID_HANDLE; + } + + if (!dir_fsp->is_directory) { + + /* + * Check to see if this is a mac fork of some kind. + */ + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + + /* + we need to handle the case when we get a + relative open relative to a file and the + pathname is blank - this is a reopen! + (hint from demyn plantenberg) + */ + + return NT_STATUS_INVALID_HANDLE; + } + + if (ISDOT(dir_fsp->fsp_name)) { + /* + * We're at the toplevel dir, the final file name + * must not contain ./, as this is filtered out + * normally by srvstr_get_path and unix_convert + * explicitly rejects paths containing ./. + */ + parent_fname = talloc_strdup(talloc_tos(), ""); + if (parent_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + } else { + size_t dir_name_len = strlen(dir_fsp->fsp_name); + + /* + * Copy in the base directory name. + */ + + parent_fname = TALLOC_ARRAY(talloc_tos(), char, + dir_name_len+2); + if (parent_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + memcpy(parent_fname, dir_fsp->fsp_name, + dir_name_len+1); + + /* + * Ensure it ends in a '/'. + * We used TALLOC_SIZE +2 to add space for the '/'. + */ + + if(dir_name_len + && (parent_fname[dir_name_len-1] != '\\') + && (parent_fname[dir_name_len-1] != '/')) { + parent_fname[dir_name_len] = '/'; + parent_fname[dir_name_len+1] = '\0'; + } + } + + *new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname, + fname); + if (*new_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + NTSTATUS create_file_default(connection_struct *conn, struct smb_request *req, uint16_t root_dir_fid, @@ -3100,91 +3190,19 @@ NTSTATUS create_file_default(connection_struct *conn, ea_list, sd, create_file_flags, fname)); /* - * Get the file name. + * Calculate the filename from the root_dir_if if necessary. */ if (root_dir_fid != 0) { - /* - * This filename is relative to a directory fid. - */ - char *parent_fname = NULL; - files_struct *dir_fsp = file_fsp(req, root_dir_fid); - - if (dir_fsp == NULL) { - status = NT_STATUS_INVALID_HANDLE; - goto fail; - } - - if (!dir_fsp->is_directory) { - - /* - * Check to see if this is a mac fork of some kind. - */ - - if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && - is_ntfs_stream_name(fname)) { - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - goto fail; - } - - /* - we need to handle the case when we get a - relative open relative to a file and the - pathname is blank - this is a reopen! - (hint from demyn plantenberg) - */ + char *new_fname; - status = NT_STATUS_INVALID_HANDLE; + status = get_relative_fid_filename(conn, req, root_dir_fid, + fname, &new_fname); + if (!NT_STATUS_IS_OK(status)) { goto fail; } - if (ISDOT(dir_fsp->fsp_name)) { - /* - * We're at the toplevel dir, the final file name - * must not contain ./, as this is filtered out - * normally by srvstr_get_path and unix_convert - * explicitly rejects paths containing ./. - */ - parent_fname = talloc_strdup(talloc_tos(), ""); - if (parent_fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } else { - size_t dir_name_len = strlen(dir_fsp->fsp_name); - - /* - * Copy in the base directory name. - */ - - parent_fname = TALLOC_ARRAY(talloc_tos(), char, - dir_name_len+2); - if (parent_fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - memcpy(parent_fname, dir_fsp->fsp_name, - dir_name_len+1); - - /* - * Ensure it ends in a '/'. - * We used TALLOC_SIZE +2 to add space for the '/'. - */ - - if(dir_name_len - && (parent_fname[dir_name_len-1] != '\\') - && (parent_fname[dir_name_len-1] != '/')) { - parent_fname[dir_name_len] = '/'; - parent_fname[dir_name_len+1] = '\0'; - } - } - - fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname, - fname); - if (fname == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } + fname = new_fname; } /* -- cgit From b3c785f22edeff5f731af95ec1252517c4677451 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Wed, 26 Nov 2008 16:47:14 -0800 Subject: s3: Call fd_close from close_directory Some implementations of SMB_VFS_CREATE_FILE implementations actually keep an fd open for directories just as files. In this case it is necessary to call fd_close when closing directories. This is safe because fd_close is a no-op when fd == -1, which is true for directory opens originating from open.c (the default SMB_VFS_CREATE_FILE implementation). --- source3/smbd/close.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/source3/smbd/close.c b/source3/smbd/close.c index ce918ab6a3..f91f1fcf8f 100644 --- a/source3/smbd/close.c +++ b/source3/smbd/close.c @@ -694,6 +694,13 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp, fsp, NT_STATUS_OK); } + status = fd_close(fsp); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Could not close dir! fname=%s, fd=%d, err=%d=%s\n", + fsp->fsp_name, fsp->fh->fd, errno, strerror(errno))); + } + /* * Do the code common to files and directories. */ -- cgit From 51e7f79b3b4ae0fa830ac176df5ba8229e14f32d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 8 Dec 2008 16:42:45 -0800 Subject: s3: Add onefs_open.c with code copied verbatim from smbd/open.c This is an intermediate step that makes it much easier to see how the OneFS SMB_VFS_CREATE_FILE implementation diverges from stock samba. The goal is that more common code can be refactored into utility functions. --- source3/modules/onefs_open.c | 2028 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 2028 insertions(+) create mode 100644 source3/modules/onefs_open.c diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c new file mode 100644 index 0000000000..f45cc471ce --- /dev/null +++ b/source3/modules/onefs_open.c @@ -0,0 +1,2028 @@ +/* + Unix SMB/CIFS implementation. + file opening and share modes + Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 2001-2004 + Copyright (C) Volker Lendecke 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" + +extern const struct generic_mapping file_generic_mapping; +extern bool global_client_failed_oplock_break; + +struct deferred_open_record { + bool delayed_for_oplocks; + struct file_id id; +}; + +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + +/**************************************************************************** + Open a file. +****************************************************************************/ + +static NTSTATUS open_file(files_struct *fsp, + connection_struct *conn, + struct smb_request *req, + const char *parent_dir, + const char *name, + const char *path, + SMB_STRUCT_STAT *psbuf, + int flags, + mode_t unx_mode, + uint32 access_mask, /* client requested access mask. */ + uint32 open_access_mask) /* what we're actually using in the open. */ +{ + NTSTATUS status = NT_STATUS_OK; + int accmode = (flags & O_ACCMODE); + int local_flags = flags; + bool file_existed = VALID_STAT(*psbuf); + + fsp->fh->fd = -1; + errno = EPERM; + + /* Check permissions */ + + /* + * This code was changed after seeing a client open request + * containing the open mode of (DENY_WRITE/read-only) with + * the 'create if not exist' bit set. The previous code + * would fail to open the file read only on a read-only share + * as it was checking the flags parameter directly against O_RDONLY, + * this was failing as the flags parameter was set to O_RDONLY|O_CREAT. + * JRA. + */ + + if (!CAN_WRITE(conn)) { + /* It's a read-only share - fail if we wanted to write. */ + if(accmode != O_RDONLY) { + DEBUG(3,("Permission denied opening %s\n", path)); + return NT_STATUS_ACCESS_DENIED; + } else if(flags & O_CREAT) { + /* We don't want to write - but we must make sure that + O_CREAT doesn't create the file if we have write + access into the directory. + */ + flags &= ~O_CREAT; + local_flags &= ~O_CREAT; + } + } + + /* + * This little piece of insanity is inspired by the + * fact that an NT client can open a file for O_RDONLY, + * but set the create disposition to FILE_EXISTS_TRUNCATE. + * If the client *can* write to the file, then it expects to + * truncate the file, even though it is opening for readonly. + * Quicken uses this stupid trick in backup file creation... + * Thanks *greatly* to "David W. Chapman Jr." + * for helping track this one down. It didn't bite us in 2.0.x + * as we always opened files read-write in that release. JRA. + */ + + if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) { + DEBUG(10,("open_file: truncate requested on read-only open " + "for file %s\n", path)); + local_flags = (flags & ~O_ACCMODE)|O_RDWR; + } + + if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || + (!file_existed && (local_flags & O_CREAT)) || + ((local_flags & O_TRUNC) == O_TRUNC) ) { + const char *wild; + + /* + * We can't actually truncate here as the file may be locked. + * open_file_ntcreate will take care of the truncate later. JRA. + */ + + local_flags &= ~O_TRUNC; + +#if defined(O_NONBLOCK) && defined(S_ISFIFO) + /* + * We would block on opening a FIFO with no one else on the + * other end. Do what we used to do and add O_NONBLOCK to the + * open flags. JRA. + */ + + if (file_existed && S_ISFIFO(psbuf->st_mode)) { + local_flags |= O_NONBLOCK; + } +#endif + + /* Don't create files with Microsoft wildcard characters. */ + if (fsp->base_fsp) { + /* + * wildcard characters are allowed in stream names + * only test the basefilename + */ + wild = fsp->base_fsp->fsp_name; + } else { + wild = path; + } + if ((local_flags & O_CREAT) && !file_existed && + ms_has_wild(wild)) { + return NT_STATUS_OBJECT_NAME_INVALID; + } + + /* Actually do the open */ + status = fd_open(conn, path, fsp, local_flags, unx_mode); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " + "(flags=%d)\n", + path,nt_errstr(status),local_flags,flags)); + return status; + } + + if ((local_flags & O_CREAT) && !file_existed) { + + /* Inherit the ACL if required */ + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_posix_acl(conn, parent_dir, path, + unx_mode); + } + + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_file_owner_to_parent(conn, parent_dir, + fsp); + } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_FILE_NAME, path); + } + + } else { + fsp->fh->fd = -1; /* What we used to call a stat open. */ + if (file_existed) { + status = check_open_rights(conn, + path, + access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file: Access denied on " + "file %s\n", + path)); + return status; + } + } + } + + if (!file_existed) { + int ret; + + if (fsp->fh->fd == -1) { + ret = SMB_VFS_STAT(conn, path, psbuf); + } else { + ret = SMB_VFS_FSTAT(fsp, psbuf); + /* If we have an fd, this stat should succeed. */ + if (ret == -1) { + DEBUG(0,("Error doing fstat on open file %s " + "(%s)\n", path,strerror(errno) )); + } + } + + /* For a non-io open, this stat failing means file not found. JRA */ + if (ret == -1) { + status = map_nt_error_from_unix(errno); + fd_close(fsp); + return status; + } + } + + /* + * POSIX allows read-only opens of directories. We don't + * want to do this (we use a different code path for this) + * so catch a directory open and return an EISDIR. JRA. + */ + + if(S_ISDIR(psbuf->st_mode)) { + fd_close(fsp); + errno = EISDIR; + return NT_STATUS_FILE_IS_A_DIRECTORY; + } + + fsp->mode = psbuf->st_mode; + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; + fsp->file_pid = req ? req->smbpid : 0; + fsp->can_lock = True; + fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False; + if (!CAN_WRITE(conn)) { + fsp->can_write = False; + } else { + fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ? + True : False; + } + fsp->print_file = False; + fsp->modified = False; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = False; + if (conn->aio_write_behind_list && + is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) { + fsp->aio_write_behind = True; + } + + string_set(&fsp->fsp_name, path); + fsp->wcp = NULL; /* Write cache pointer. */ + + DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n", + conn->server_info->unix_name, + fsp->fsp_name, + BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write), + conn->num_files_open)); + + errno = 0; + return NT_STATUS_OK; +} + +/**************************************************************************** + Handle the 1 second delay in returning a SHARING_VIOLATION error. +****************************************************************************/ + +static void defer_open(struct share_mode_lock *lck, + struct timeval request_time, + struct timeval timeout, + struct smb_request *req, + struct deferred_open_record *state) +{ + int i; + + /* Paranoia check */ + + for (i=0; inum_share_modes; i++) { + struct share_mode_entry *e = &lck->share_modes[i]; + + if (!is_deferred_open_entry(e)) { + continue; + } + + if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) { + DEBUG(0, ("Trying to defer an already deferred " + "request: mid=%d, exiting\n", req->mid)); + exit_server("attempt to defer a deferred request"); + } + } + + /* End paranoia check */ + + DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred " + "open entry for mid %u\n", + (unsigned int)request_time.tv_sec, + (unsigned int)request_time.tv_usec, + (unsigned int)req->mid)); + + if (!push_deferred_smb_message(req, request_time, timeout, + (char *)state, sizeof(*state))) { + exit_server("push_deferred_smb_message failed"); + } + add_deferred_open(lck, req->mid, request_time, state->id); + + /* + * Push the MID of this packet on the signing queue. + * We only do this once, the first time we push the packet + * onto the deferred open queue, as this has a side effect + * of incrementing the response sequence number. + */ + + srv_defer_sign_response(req->mid); +} + +static void schedule_defer_open(struct share_mode_lock *lck, + struct timeval request_time, + struct smb_request *req) +{ + struct deferred_open_record state; + + /* This is a relative time, added to the absolute + request_time value to get the absolute timeout time. + Note that if this is the second or greater time we enter + this codepath for this particular request mid then + request_time is left as the absolute time of the *first* + time this request mid was processed. This is what allows + the request to eventually time out. */ + + struct timeval timeout; + + /* Normally the smbd we asked should respond within + * OPLOCK_BREAK_TIMEOUT seconds regardless of whether + * the client did, give twice the timeout as a safety + * measure here in case the other smbd is stuck + * somewhere else. */ + + timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0); + + /* Nothing actually uses state.delayed_for_oplocks + but it's handy to differentiate in debug messages + between a 30 second delay due to oplock break, and + a 1 second delay for share mode conflicts. */ + + state.delayed_for_oplocks = True; + state.id = lck->id; + + if (!request_timed_out(request_time, timeout)) { + defer_open(lck, request_time, timeout, req, &state); + } +} + +/**************************************************************************** + Open a file with a share mode. Passed in an already created files_struct *. +****************************************************************************/ + +static NTSTATUS open_file_ntcreate(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ + uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ + uint32 create_disposition, /* FILE_OPEN_IF etc. */ + uint32 create_options, /* options such as delete on close. */ + uint32 new_dos_attributes, /* attributes used for new file. */ + int oplock_request, /* internal Samba oplock codes. */ + /* Information (FILE_EXISTS etc.) */ + int *pinfo, + files_struct *fsp) +{ + int flags=0; + int flags2=0; + bool file_existed = VALID_STAT(*psbuf); + bool def_acl = False; + bool posix_open = False; + bool new_file_created = False; + struct file_id id; + NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED; + mode_t new_unx_mode = (mode_t)0; + mode_t unx_mode = (mode_t)0; + int info; + uint32 existing_dos_attributes = 0; + struct pending_message_list *pml = NULL; + struct timeval request_time = timeval_zero(); + struct share_mode_lock *lck = NULL; + uint32 open_access_mask = access_mask; + NTSTATUS status; + int ret_flock; + char *parent_dir; + const char *newname; + + ZERO_STRUCT(id); + + if (conn->printer) { + /* + * Printers are handled completely differently. + * Most of the passed parameters are ignored. + */ + + if (pinfo) { + *pinfo = FILE_WAS_CREATED; + } + + DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname)); + + return print_fsp_open(req, conn, fname, req->vuid, fsp); + } + + if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir, + &newname)) { + return NT_STATUS_NO_MEMORY; + } + + if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) { + posix_open = True; + unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS); + new_dos_attributes = 0; + } else { + /* We add aARCH to this as this mode is only used if the file is + * created new. */ + unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname, + parent_dir); + } + + DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x " + "access_mask=0x%x share_access=0x%x " + "create_disposition = 0x%x create_options=0x%x " + "unix mode=0%o oplock_request=%d\n", + fname, new_dos_attributes, access_mask, share_access, + create_disposition, create_options, unx_mode, + oplock_request)); + + if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) { + DEBUG(0, ("No smb request but not an internal only open!\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + /* + * Only non-internal opens can be deferred at all + */ + + if ((req != NULL) + && ((pml = get_open_deferred_message(req->mid)) != NULL)) { + struct deferred_open_record *state = + (struct deferred_open_record *)pml->private_data.data; + + /* Remember the absolute time of the original + request with this mid. We'll use it later to + see if this has timed out. */ + + request_time = pml->request_time; + + /* Remove the deferred open entry under lock. */ + lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL, + NULL); + if (lck == NULL) { + DEBUG(0, ("could not get share mode lock\n")); + } else { + del_deferred_open_entry(lck, req->mid); + TALLOC_FREE(lck); + } + + /* Ensure we don't reprocess this message. */ + remove_deferred_open_smb_message(req->mid); + } + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (!posix_open) { + new_dos_attributes &= SAMBA_ATTRIBUTES_MASK; + if (file_existed) { + existing_dos_attributes = dos_mode(conn, fname, psbuf); + } + } + + /* ignore any oplock requests if oplocks are disabled */ + if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break || + IS_VETO_OPLOCK_PATH(conn, fname)) { + /* Mask off everything except the private Samba bits. */ + oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK; + } + + /* this is for OS/2 long file names - say we don't support them */ + if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) { + /* OS/2 Workplace shell fix may be main code stream in a later + * release. */ + DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not " + "supported.\n")); + if (use_nt_status()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + return NT_STATUS_DOS(ERRDOS, ERRcannotopen); + } + + switch( create_disposition ) { + /* + * Currently we're using FILE_SUPERSEDE as the same as + * FILE_OVERWRITE_IF but they really are + * different. FILE_SUPERSEDE deletes an existing file + * (requiring delete access) then recreates it. + */ + case FILE_SUPERSEDE: + /* If file exists replace/overwrite. If file doesn't + * exist create. */ + flags2 |= (O_CREAT | O_TRUNC); + break; + + case FILE_OVERWRITE_IF: + /* If file exists replace/overwrite. If file doesn't + * exist create. */ + flags2 |= (O_CREAT | O_TRUNC); + break; + + case FILE_OPEN: + /* If file exists open. If file doesn't exist error. */ + if (!file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_OPEN " + "requested for file %s and file " + "doesn't exist.\n", fname )); + errno = ENOENT; + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + break; + + case FILE_OVERWRITE: + /* If file exists overwrite. If file doesn't exist + * error. */ + if (!file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE " + "requested for file %s and file " + "doesn't exist.\n", fname )); + errno = ENOENT; + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + flags2 |= O_TRUNC; + break; + + case FILE_CREATE: + /* If file exists error. If file doesn't exist + * create. */ + if (file_existed) { + DEBUG(5,("open_file_ntcreate: FILE_CREATE " + "requested for file %s and file " + "already exists.\n", fname )); + if (S_ISDIR(psbuf->st_mode)) { + errno = EISDIR; + } else { + errno = EEXIST; + } + return map_nt_error_from_unix(errno); + } + flags2 |= (O_CREAT|O_EXCL); + break; + + case FILE_OPEN_IF: + /* If file exists open. If file doesn't exist + * create. */ + flags2 |= O_CREAT; + break; + + default: + return NT_STATUS_INVALID_PARAMETER; + } + + /* We only care about matching attributes on file exists and + * overwrite. */ + + if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) || + (create_disposition == FILE_OVERWRITE_IF))) { + if (!open_match_attributes(conn, fname, + existing_dos_attributes, + new_dos_attributes, psbuf->st_mode, + unx_mode, &new_unx_mode)) { + DEBUG(5,("open_file_ntcreate: attributes missmatch " + "for file %s (%x %x) (0%o, 0%o)\n", + fname, existing_dos_attributes, + new_dos_attributes, + (unsigned int)psbuf->st_mode, + (unsigned int)unx_mode )); + errno = EACCES; + return NT_STATUS_ACCESS_DENIED; + } + } + + status = calculate_access_mask(conn, fname, file_existed, + access_mask, + &access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file_ntcreate: calculate_access_mask " + "on file %s returned %s\n", + fname, + nt_errstr(status))); + return status; + } + + open_access_mask = access_mask; + + if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */ + } + + DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping " + "access_mask=0x%x\n", fname, access_mask )); + + /* + * Note that we ignore the append flag as append does not + * mean the same thing under DOS and Unix. + */ + + if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) || + (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + /* DENY_DOS opens are always underlying read-write on the + file handle, no matter what the requested access mask + says. */ + if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) || + access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) { + flags = O_RDWR; + } else { + flags = O_WRONLY; + } + } else { + flags = O_RDONLY; + } + + /* + * Currently we only look at FILE_WRITE_THROUGH for create options. + */ + +#if defined(O_SYNC) + if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) { + flags2 |= O_SYNC; + } +#endif /* O_SYNC */ + + if (posix_open && (access_mask & FILE_APPEND_DATA)) { + flags2 |= O_APPEND; + } + + if (!posix_open && !CAN_WRITE(conn)) { + /* + * We should really return a permission denied error if either + * O_CREAT or O_TRUNC are set, but for compatibility with + * older versions of Samba we just AND them out. + */ + flags2 &= ~(O_CREAT|O_TRUNC); + } + + /* + * Ensure we can't write on a read-only share or file. + */ + + if (flags != O_RDONLY && file_existed && + (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) { + DEBUG(5,("open_file_ntcreate: write access requested for " + "file %s on read only %s\n", + fname, !CAN_WRITE(conn) ? "share" : "file" )); + errno = EACCES; + return NT_STATUS_ACCESS_DENIED; + } + + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + fsp->access_mask = open_access_mask; /* We change this to the + * requested access_mask after + * the open is done. */ + fsp->posix_open = posix_open; + + /* Ensure no SAMBA_PRIVATE bits can be set. */ + fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK); + + if (timeval_is_zero(&request_time)) { + request_time = fsp->open_time; + } + + if (file_existed) { + struct timespec old_write_time = get_mtimespec(psbuf); + id = vfs_file_id_from_sbuf(conn, psbuf); + + lck = get_share_mode_lock(talloc_tos(), id, + conn->connectpath, + fname, &old_write_time); + + if (lck == NULL) { + DEBUG(0, ("Could not get share mode lock\n")); + return NT_STATUS_SHARING_VIOLATION; + } + + /* First pass - send break only on batch oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 1, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + return NT_STATUS_SHARING_VIOLATION; + } + + /* Use the client requested access mask here, not the one we + * open with. */ + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &file_existed); + + if (NT_STATUS_IS_OK(status)) { + /* We might be going to allow this open. Check oplock + * status again. */ + /* Second pass - send break for both batch or + * exclusive oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 2, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + return NT_STATUS_SHARING_VIOLATION; + } + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) { + /* DELETE_PENDING is not deferred for a second */ + TALLOC_FREE(lck); + return status; + } + + if (!NT_STATUS_IS_OK(status)) { + uint32 can_access_mask; + bool can_access = True; + + SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)); + + /* Check if this can be done with the deny_dos and fcb + * calls. */ + if (create_options & + (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS| + NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) { + if (req == NULL) { + DEBUG(0, ("DOS open without an SMB " + "request!\n")); + TALLOC_FREE(lck); + return NT_STATUS_INTERNAL_ERROR; + } + + /* Use the client requested access mask here, + * not the one we open with. */ + status = fcb_or_dos_open(req, + conn, + fsp, + fname, + id, + req->smbpid, + req->vuid, + access_mask, + share_access, + create_options); + + if (NT_STATUS_IS_OK(status)) { + TALLOC_FREE(lck); + if (pinfo) { + *pinfo = FILE_WAS_OPENED; + } + return NT_STATUS_OK; + } + } + + /* + * This next line is a subtlety we need for + * MS-Access. If a file open will fail due to share + * permissions and also for security (access) reasons, + * we need to return the access failed error, not the + * share error. We can't open the file due to kernel + * oplock deadlock (it's possible we failed above on + * the open_mode_check()) so use a userspace check. + */ + + if (flags & O_RDWR) { + can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA; + } else if (flags & O_WRONLY) { + can_access_mask = FILE_WRITE_DATA; + } else { + can_access_mask = FILE_READ_DATA; + } + + if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) || + !can_access_file_data(conn,fname,psbuf,can_access_mask)) { + can_access = False; + } + + /* + * If we're returning a share violation, ensure we + * cope with the braindead 1 second delay. + */ + + if (!(oplock_request & INTERNAL_OPEN_ONLY) && + lp_defer_sharing_violations()) { + struct timeval timeout; + struct deferred_open_record state; + int timeout_usecs; + + /* this is a hack to speed up torture tests + in 'make test' */ + timeout_usecs = lp_parm_int(SNUM(conn), + "smbd","sharedelay", + SHARING_VIOLATION_USEC_WAIT); + + /* This is a relative time, added to the absolute + request_time value to get the absolute timeout time. + Note that if this is the second or greater time we enter + this codepath for this particular request mid then + request_time is left as the absolute time of the *first* + time this request mid was processed. This is what allows + the request to eventually time out. */ + + timeout = timeval_set(0, timeout_usecs); + + /* Nothing actually uses state.delayed_for_oplocks + but it's handy to differentiate in debug messages + between a 30 second delay due to oplock break, and + a 1 second delay for share mode conflicts. */ + + state.delayed_for_oplocks = False; + state.id = id; + + if ((req != NULL) + && !request_timed_out(request_time, + timeout)) { + defer_open(lck, request_time, timeout, + req, &state); + } + } + + TALLOC_FREE(lck); + if (can_access) { + /* + * We have detected a sharing violation here + * so return the correct error code + */ + status = NT_STATUS_SHARING_VIOLATION; + } else { + status = NT_STATUS_ACCESS_DENIED; + } + return status; + } + + /* + * We exit this block with the share entry *locked*..... + */ + } + + SMB_ASSERT(!file_existed || (lck != NULL)); + + /* + * Ensure we pay attention to default ACLs on directories if required. + */ + + if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && + (def_acl = directory_has_default_acl(conn, parent_dir))) { + unx_mode = 0777; + } + + DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, " + "access_mask = 0x%x, open_access_mask = 0x%x\n", + (unsigned int)flags, (unsigned int)flags2, + (unsigned int)unx_mode, (unsigned int)access_mask, + (unsigned int)open_access_mask)); + + /* + * open_file strips any O_TRUNC flags itself. + */ + + fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf, + flags|flags2, unx_mode, access_mask, + open_access_mask); + + if (!NT_STATUS_IS_OK(fsp_open)) { + if (lck != NULL) { + TALLOC_FREE(lck); + } + return fsp_open; + } + + if (!file_existed) { + struct timespec old_write_time = get_mtimespec(psbuf); + /* + * Deal with the race condition where two smbd's detect the + * file doesn't exist and do the create at the same time. One + * of them will win and set a share mode, the other (ie. this + * one) should check if the requested share mode for this + * create is allowed. + */ + + /* + * Now the file exists and fsp is successfully opened, + * fsp->dev and fsp->inode are valid and should replace the + * dev=0,inode=0 from a non existent file. Spotted by + * Nadav Danieli . JRA. + */ + + id = fsp->file_id; + + lck = get_share_mode_lock(talloc_tos(), id, + conn->connectpath, + fname, &old_write_time); + + if (lck == NULL) { + DEBUG(0, ("open_file_ntcreate: Could not get share " + "mode lock for %s\n", fname)); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + /* First pass - send break only on batch oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 1, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &file_existed); + + if (NT_STATUS_IS_OK(status)) { + /* We might be going to allow this open. Check oplock + * status again. */ + /* Second pass - send break for both batch or + * exclusive oplocks. */ + if ((req != NULL) + && delay_for_oplocks(lck, fsp, req->mid, 2, + oplock_request)) { + schedule_defer_open(lck, request_time, req); + TALLOC_FREE(lck); + fd_close(fsp); + return NT_STATUS_SHARING_VIOLATION; + } + } + + if (!NT_STATUS_IS_OK(status)) { + struct deferred_open_record state; + + fd_close(fsp); + + state.delayed_for_oplocks = False; + state.id = id; + + /* Do it all over again immediately. In the second + * round we will find that the file existed and handle + * the DELETE_PENDING and FCB cases correctly. No need + * to duplicate the code here. Essentially this is a + * "goto top of this function", but don't tell + * anybody... */ + + if (req != NULL) { + defer_open(lck, request_time, timeval_zero(), + req, &state); + } + TALLOC_FREE(lck); + return status; + } + + /* + * We exit this block with the share entry *locked*..... + */ + + } + + SMB_ASSERT(lck != NULL); + + /* note that we ignore failure for the following. It is + basically a hack for NFS, and NFS will never set one of + these only read them. Nobody but Samba can ever set a deny + mode and we have already checked our more authoritative + locking database for permission to set this deny mode. If + the kernel refuses the operations then the kernel is wrong. + note that GPFS supports it as well - jmcd */ + + if (fsp->fh->fd != -1) { + ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access); + if(ret_flock == -1 ){ + + TALLOC_FREE(lck); + fd_close(fsp); + + return NT_STATUS_SHARING_VIOLATION; + } + } + + /* + * At this point onwards, we can guarentee that the share entry + * is locked, whether we created the file or not, and that the + * deny mode is compatible with all current opens. + */ + + /* + * If requested, truncate the file. + */ + + if (flags2&O_TRUNC) { + /* + * We are modifing the file after open - update the stat + * struct.. + */ + if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) || + (SMB_VFS_FSTAT(fsp, psbuf)==-1)) { + status = map_nt_error_from_unix(errno); + TALLOC_FREE(lck); + fd_close(fsp); + return status; + } + } + + /* Record the options we were opened with. */ + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + /* + * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted, + */ + fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES; + + if (file_existed) { + /* stat opens on existing files don't get oplocks. */ + if (is_stat_open(open_access_mask)) { + fsp->oplock_type = NO_OPLOCK; + } + + if (!(flags2 & O_TRUNC)) { + info = FILE_WAS_OPENED; + } else { + info = FILE_WAS_OVERWRITTEN; + } + } else { + info = FILE_WAS_CREATED; + } + + if (pinfo) { + *pinfo = info; + } + + /* + * Setup the oplock info in both the shared memory and + * file structs. + */ + + if ((fsp->oplock_type != NO_OPLOCK) && + (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) { + if (!set_file_oplock(fsp, fsp->oplock_type)) { + /* Could not get the kernel oplock */ + fsp->oplock_type = NO_OPLOCK; + } + } + + if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) { + new_file_created = True; + } + + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, + fsp->oplock_type); + + /* Handle strange delete on close create semantics. */ + if (create_options & FILE_DELETE_ON_CLOSE) { + + status = can_set_delete_on_close(fsp, True, new_dos_attributes); + + if (!NT_STATUS_IS_OK(status)) { + /* Remember to delete the mode we just added. */ + del_share_mode(lck, fsp); + TALLOC_FREE(lck); + fd_close(fsp); + return status; + } + /* Note that here we set the *inital* delete on close flag, + not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + + if (new_file_created) { + /* Files should be initially set as archive */ + if (lp_map_archive(SNUM(conn)) || + lp_store_dos_attributes(SNUM(conn))) { + if (!posix_open) { + SMB_STRUCT_STAT tmp_sbuf; + SET_STAT_INVALID(tmp_sbuf); + if (file_set_dosmode( + conn, fname, + new_dos_attributes | aARCH, + &tmp_sbuf, parent_dir, + true) == 0) { + unx_mode = tmp_sbuf.st_mode; + } + } + } + } + + /* + * Take care of inherited ACLs on created files - if default ACL not + * selected. + */ + + if (!posix_open && !file_existed && !def_acl) { + + int saved_errno = errno; /* We might get ENOSYS in the next + * call.. */ + + if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 && + errno == ENOSYS) { + errno = saved_errno; /* Ignore ENOSYS */ + } + + } else if (new_unx_mode) { + + int ret = -1; + + /* Attributes need changing. File already existed. */ + + { + int saved_errno = errno; /* We might get ENOSYS in the + * next call.. */ + ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode); + + if (ret == -1 && errno == ENOSYS) { + errno = saved_errno; /* Ignore ENOSYS */ + } else { + DEBUG(5, ("open_file_ntcreate: reset " + "attributes of file %s to 0%o\n", + fname, (unsigned int)new_unx_mode)); + ret = 0; /* Don't do the fchmod below. */ + } + } + + if ((ret == -1) && + (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1)) + DEBUG(5, ("open_file_ntcreate: failed to reset " + "attributes of file %s to 0%o\n", + fname, (unsigned int)new_unx_mode)); + } + + /* If this is a successful open, we must remove any deferred open + * records. */ + if (req != NULL) { + del_deferred_open_entry(lck, req->mid); + } + TALLOC_FREE(lck); + + return NT_STATUS_OK; +} + +/**************************************************************************** + Open a directory from an NT SMB call. +****************************************************************************/ + +static NTSTATUS open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + SMB_STRUCT_STAT *psbuf, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + int *pinfo, + files_struct **result) +{ + files_struct *fsp = NULL; + bool dir_existed = VALID_STAT(*psbuf) ? True : False; + struct share_mode_lock *lck = NULL; + NTSTATUS status; + struct timespec mtimespec; + int info = 0; + + DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, " + "share_access = 0x%x create_options = 0x%x, " + "create_disposition = 0x%x, file_attributes = 0x%x\n", + fname, + (unsigned int)access_mask, + (unsigned int)share_access, + (unsigned int)create_options, + (unsigned int)create_disposition, + (unsigned int)file_attributes)); + + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + DEBUG(2, ("open_directory: %s is a stream name!\n", fname)); + return NT_STATUS_NOT_A_DIRECTORY; + } + + status = calculate_access_mask(conn, fname, dir_existed, + access_mask, + &access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_directory: calculate_access_mask " + "on file %s returned %s\n", + fname, + nt_errstr(status))); + return status; + } + + switch( create_disposition ) { + case FILE_OPEN: + + info = FILE_WAS_OPENED; + + /* + * We want to follow symlinks here. + */ + + if (SMB_VFS_STAT(conn, fname, psbuf) != 0) { + return map_nt_error_from_unix(errno); + } + + break; + + case FILE_CREATE: + + /* If directory exists error. If directory doesn't + * exist create. */ + + status = mkdir_internal(conn, + fname, + file_attributes, + psbuf); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("open_directory: unable to create " + "%s. Error was %s\n", fname, + nt_errstr(status))); + return status; + } + + info = FILE_WAS_CREATED; + break; + + case FILE_OPEN_IF: + /* + * If directory exists open. If directory doesn't + * exist create. + */ + + status = mkdir_internal(conn, + fname, + file_attributes, + psbuf); + + if (NT_STATUS_IS_OK(status)) { + info = FILE_WAS_CREATED; + } + + if (NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_NAME_COLLISION)) { + info = FILE_WAS_OPENED; + status = NT_STATUS_OK; + } + + break; + + case FILE_SUPERSEDE: + case FILE_OVERWRITE: + case FILE_OVERWRITE_IF: + default: + DEBUG(5,("open_directory: invalid create_disposition " + "0x%x for directory %s\n", + (unsigned int)create_disposition, fname)); + return NT_STATUS_INVALID_PARAMETER; + } + + if(!S_ISDIR(psbuf->st_mode)) { + DEBUG(5,("open_directory: %s is not a directory !\n", + fname )); + return NT_STATUS_NOT_A_DIRECTORY; + } + + if (info == FILE_WAS_OPENED) { + status = check_open_rights(conn, + fname, + access_mask); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_directory: check_open_rights on " + "file %s failed with %s\n", + fname, + nt_errstr(status))); + return status; + } + } + + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + return status; + } + + /* + * Setup the files_struct for it. + */ + + fsp->mode = psbuf->st_mode; + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); + fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; + fsp->file_pid = req ? req->smbpid : 0; + fsp->can_lock = False; + fsp->can_read = False; + fsp->can_write = False; + + fsp->share_access = share_access; + fsp->fh->private_options = create_options; + /* + * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted, + */ + fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES; + fsp->print_file = False; + fsp->modified = False; + fsp->oplock_type = NO_OPLOCK; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = True; + fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False; + + string_set(&fsp->fsp_name,fname); + + mtimespec = get_mtimespec(psbuf); + + lck = get_share_mode_lock(talloc_tos(), fsp->file_id, + conn->connectpath, + fname, &mtimespec); + + if (lck == NULL) { + DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname)); + file_free(req, fsp); + return NT_STATUS_SHARING_VIOLATION; + } + + status = open_mode_check(conn, fname, lck, + access_mask, share_access, + create_options, &dir_existed); + + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(lck); + file_free(req, fsp); + return status; + } + + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); + + /* For directories the delete on close bit at open time seems + always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, 0); + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { + TALLOC_FREE(lck); + file_free(req, fsp); + return status; + } + + if (NT_STATUS_IS_OK(status)) { + /* Note that here we set the *inital* delete on close flag, + not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + } + + TALLOC_FREE(lck); + + if (pinfo) { + *pinfo = info; + } + + *result = fsp; + return NT_STATUS_OK; +} + +/* + * If a main file is opened for delete, all streams need to be checked for + * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS. + * If that works, delete them all by setting the delete on close and close. + */ + +static NTSTATUS open_streams_for_delete(connection_struct *conn, + const char *fname) +{ + struct stream_struct *stream_info; + files_struct **streams; + int i; + unsigned int num_streams; + TALLOC_CTX *frame = talloc_stackframe(); + NTSTATUS status; + + status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(), + &num_streams, &stream_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED) + || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { + DEBUG(10, ("no streams around\n")); + TALLOC_FREE(frame); + return NT_STATUS_OK; + } + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n", + nt_errstr(status))); + goto fail; + } + + DEBUG(10, ("open_streams_for_delete found %d streams\n", + num_streams)); + + if (num_streams == 0) { + TALLOC_FREE(frame); + return NT_STATUS_OK; + } + + streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams); + if (streams == NULL) { + DEBUG(0, ("talloc failed\n")); + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + for (i=0; i= 0; i--) { + if (streams[i] == NULL) { + continue; + } + + DEBUG(10, ("Closing stream # %d, %s\n", i, + streams[i]->fsp_name)); + close_file(NULL, streams[i], NORMAL_CLOSE); + } + + fail: + TALLOC_FREE(frame); + return status; +} + +/* + * Wrapper around open_file_ntcreate and open_directory + */ + +static NTSTATUS create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + SMB_STRUCT_STAT sbuf; + int info = FILE_WAS_OPENED; + files_struct *base_fsp = NULL; + files_struct *fsp = NULL; + NTSTATUS status; + + DEBUG(10,("create_file_unixpath: access_mask = 0x%x " + "file_attributes = 0x%x, share_access = 0x%x, " + "create_disposition = 0x%x create_options = 0x%x " + "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, " + "fname = %s\n", + (unsigned int)access_mask, + (unsigned int)file_attributes, + (unsigned int)share_access, + (unsigned int)create_disposition, + (unsigned int)create_options, + (unsigned int)oplock_request, + ea_list, sd, fname)); + + if (create_options & FILE_OPEN_BY_FILE_ID) { + status = NT_STATUS_NOT_SUPPORTED; + goto fail; + } + + if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + if (req == NULL) { + oplock_request |= INTERNAL_OPEN_ONLY; + } + + if (psbuf != NULL) { + sbuf = *psbuf; + } + else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) + && (access_mask & DELETE_ACCESS) + && !is_ntfs_stream_name(fname)) { + /* + * We can't open a file with DELETE access if any of the + * streams is open without FILE_SHARE_DELETE + */ + status = open_streams_for_delete(conn, fname); + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + /* This is the correct thing to do (check every time) but can_delete + * is expensive (it may have to read the parent directory + * permissions). So for now we're not doing it unless we have a strong + * hint the client is really going to delete this file. If the client + * is forcing FILE_CREATE let the filesystem take care of the + * permissions. */ + + /* Setting FILE_SHARE_DELETE is the hint. */ + + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) + && (share_access & FILE_SHARE_DELETE) + && (access_mask & DELETE_ACCESS) + && (!can_delete_file_in_directory(conn, fname))) { + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + +#if 0 + /* We need to support SeSecurityPrivilege for this. */ + if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) && + !user_has_privileges(current_user.nt_user_token, + &se_security)) { + status = NT_STATUS_PRIVILEGE_NOT_HELD; + goto fail; + } +#endif + + if ((conn->fs_capabilities & FILE_NAMED_STREAMS) + && is_ntfs_stream_name(fname) + && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { + char *base; + uint32 base_create_disposition; + + if (create_options & FILE_DIRECTORY_FILE) { + status = NT_STATUS_NOT_A_DIRECTORY; + goto fail; + } + + status = split_ntfs_stream_name(talloc_tos(), fname, + &base, NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("create_file_unixpath: " + "split_ntfs_stream_name failed: %s\n", + nt_errstr(status))); + goto fail; + } + + SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */ + + switch (create_disposition) { + case FILE_OPEN: + base_create_disposition = FILE_OPEN; + break; + default: + base_create_disposition = FILE_OPEN_IF; + break; + } + + status = create_file_unixpath(conn, NULL, base, 0, + FILE_SHARE_READ + | FILE_SHARE_WRITE + | FILE_SHARE_DELETE, + base_create_disposition, + 0, 0, 0, 0, NULL, NULL, + &base_fsp, NULL, NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("create_file_unixpath for base %s failed: " + "%s\n", base, nt_errstr(status))); + goto fail; + } + /* we don't need to low level fd */ + fd_close(base_fsp); + } + + /* + * If it's a request for a directory open, deal with it separately. + */ + + if (create_options & FILE_DIRECTORY_FILE) { + + if (create_options & FILE_NON_DIRECTORY_FILE) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + /* Can't open a temp directory. IFS kit test. */ + if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && + (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + /* + * We will get a create directory here if the Win32 + * app specified a security descriptor in the + * CreateDirectory() call. + */ + + oplock_request = 0; + status = open_directory( + conn, req, fname, &sbuf, access_mask, share_access, + create_disposition, create_options, file_attributes, + &info, &fsp); + } else { + + /* + * Ordinary file case. + */ + + status = file_new(req, conn, &fsp); + if(!NT_STATUS_IS_OK(status)) { + goto fail; + } + + /* + * We're opening the stream element of a base_fsp + * we already opened. Set up the base_fsp pointer. + */ + if (base_fsp) { + fsp->base_fsp = base_fsp; + } + + status = open_file_ntcreate(conn, + req, + fname, + &sbuf, + access_mask, + share_access, + create_disposition, + create_options, + file_attributes, + oplock_request, + &info, + fsp); + + if(!NT_STATUS_IS_OK(status)) { + file_free(req, fsp); + fsp = NULL; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) { + + /* A stream open never opens a directory */ + + if (base_fsp) { + status = NT_STATUS_FILE_IS_A_DIRECTORY; + goto fail; + } + + /* + * Fail the open if it was explicitly a non-directory + * file. + */ + + if (create_options & FILE_NON_DIRECTORY_FILE) { + status = NT_STATUS_FILE_IS_A_DIRECTORY; + goto fail; + } + + oplock_request = 0; + status = open_directory( + conn, req, fname, &sbuf, access_mask, + share_access, create_disposition, + create_options, file_attributes, + &info, &fsp); + } + } + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + fsp->base_fsp = base_fsp; + + /* + * According to the MS documentation, the only time the security + * descriptor is applied to the opened file is iff we *created* the + * file; an existing file stays the same. + * + * Also, it seems (from observation) that you can open the file with + * any access mask but you can still write the sd. We need to override + * the granted access before we call set_sd + * Patch for bug #2242 from Tom Lackemann . + */ + + if ((sd != NULL) && (info == FILE_WAS_CREATED) + && lp_nt_acl_support(SNUM(conn))) { + + uint32_t sec_info_sent; + uint32_t saved_access_mask = fsp->access_mask; + + sec_info_sent = get_sec_info(sd); + + fsp->access_mask = FILE_GENERIC_ALL; + + /* Convert all the generic bits. */ + security_acl_map_generic(sd->dacl, &file_generic_mapping); + security_acl_map_generic(sd->sacl, &file_generic_mapping); + + if (sec_info_sent & (OWNER_SECURITY_INFORMATION| + GROUP_SECURITY_INFORMATION| + DACL_SECURITY_INFORMATION| + SACL_SECURITY_INFORMATION)) { + status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd); + } + + fsp->access_mask = saved_access_mask; + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) { + status = set_ea(conn, fsp, fname, ea_list); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + } + + if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) { + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + + /* Save the requested allocation size. */ + if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) { + if (allocation_size + && (allocation_size > sbuf.st_size)) { + fsp->initial_allocation_size = smb_roundup( + fsp->conn, allocation_size); + if (fsp->is_directory) { + /* Can't set allocation size on a directory. */ + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } + if (vfs_allocate_file_space( + fsp, fsp->initial_allocation_size) == -1) { + status = NT_STATUS_DISK_FULL; + goto fail; + } + } else { + fsp->initial_allocation_size = smb_roundup( + fsp->conn, (uint64_t)sbuf.st_size); + } + } + + DEBUG(10, ("create_file_unixpath: info=%d\n", info)); + + *result = fsp; + if (pinfo != NULL) { + *pinfo = info; + } + if (psbuf != NULL) { + if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) { + *psbuf = sbuf; + } + else { + SMB_VFS_FSTAT(fsp, psbuf); + } + } + return NT_STATUS_OK; + + fail: + DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status))); + + if (fsp != NULL) { + if (base_fsp && fsp->base_fsp == base_fsp) { + /* + * The close_file below will close + * fsp->base_fsp. + */ + base_fsp = NULL; + } + close_file(req, fsp, ERROR_CLOSE); + fsp = NULL; + } + if (base_fsp != NULL) { + close_file(req, base_fsp, ERROR_CLOSE); + base_fsp = NULL; + } + return status; +} +NTSTATUS create_file_default(connection_struct *conn, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) +{ + struct case_semantics_state *case_state = NULL; + SMB_STRUCT_STAT sbuf; + int info = FILE_WAS_OPENED; + files_struct *fsp = NULL; + NTSTATUS status; + + DEBUG(10,("create_file: access_mask = 0x%x " + "file_attributes = 0x%x, share_access = 0x%x, " + "create_disposition = 0x%x create_options = 0x%x " + "oplock_request = 0x%x " + "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, " + "create_file_flags = 0x%x, fname = %s\n", + (unsigned int)access_mask, + (unsigned int)file_attributes, + (unsigned int)share_access, + (unsigned int)create_disposition, + (unsigned int)create_options, + (unsigned int)oplock_request, + (unsigned int)root_dir_fid, + ea_list, sd, create_file_flags, fname)); + + /* + * Calculate the filename from the root_dir_if if necessary. + */ + + if (root_dir_fid != 0) { + char *new_fname; + + status = get_relative_fid_filename(conn, req, root_dir_fid, + fname, &new_fname); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + fname = new_fname; + } + + /* + * Check to see if this is a mac fork of some kind. + */ + + if (is_ntfs_stream_name(fname)) { + enum FAKE_FILE_TYPE fake_file_type; + + fake_file_type = is_fake_file(fname); + + if (fake_file_type != FAKE_FILE_TYPE_NONE) { + + /* + * Here we go! support for changing the disk quotas + * --metze + * + * We need to fake up to open this MAGIC QUOTA file + * and return a valid FID. + * + * w2k close this file directly after openening xp + * also tries a QUERY_FILE_INFO on the file and then + * close it + */ + status = open_fake_file(req, conn, req->vuid, + fake_file_type, fname, + access_mask, &fsp); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + ZERO_STRUCT(sbuf); + goto done; + } + + if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) { + status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + goto fail; + } + } + + if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) { + char *resolved_fname; + + status = resolve_dfspath(talloc_tos(), conn, true, fname, + &resolved_fname); + + if (!NT_STATUS_IS_OK(status)) { + /* + * For PATH_NOT_COVERED we had + * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + * ERRSRV, ERRbadpath); + * Need to fix in callers + */ + goto fail; + } + fname = resolved_fname; + } + + /* + * Check if POSIX semantics are wanted. + */ + + if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { + case_state = set_posix_case_semantics(talloc_tos(), conn); + } + + if (create_file_flags & CFF_DOS_PATH) { + char *converted_fname; + + SET_STAT_INVALID(sbuf); + + status = unix_convert(talloc_tos(), conn, fname, False, + &converted_fname, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + fname = converted_fname; + } else { + if (psbuf != NULL) { + sbuf = *psbuf; + } else { + if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) { + SET_STAT_INVALID(sbuf); + } + } + + } + + TALLOC_FREE(case_state); + + /* All file access must go through check_name() */ + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + status = create_file_unixpath( + conn, req, fname, access_mask, share_access, + create_disposition, create_options, file_attributes, + oplock_request, allocation_size, sd, ea_list, + &fsp, &info, &sbuf); + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + done: + DEBUG(10, ("create_file: info=%d\n", info)); + + *result = fsp; + if (pinfo != NULL) { + *pinfo = info; + } + if (psbuf != NULL) { + *psbuf = sbuf; + } + return NT_STATUS_OK; + + fail: + DEBUG(10, ("create_file: %s\n", nt_errstr(status))); + + if (fsp != NULL) { + close_file(req, fsp, ERROR_CLOSE); + fsp = NULL; + } + return status; +} -- cgit From e0711ffa526e22e3ffe483319ce5d7725d578647 Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Mon, 8 Dec 2008 16:57:58 -0800 Subject: s3: Add the OneFS SMB_VFS_CREATE_FILE implementation This is the first pass at extending the onefs vfs module to support the CIFS-specific enhancements available on OneFS. Most of this patch is massaging the sama open path to work with ifs_createfile. ifs_createfile is a CIFS-specific syscall for opening/files and directories. It adds support for: - Full in-kernel access checks using a windows access_mask - Cluster-coherent share mode locks - Cluster-coherent oplocks - Streams - Setting security descriptors at create time - Setting dos_attributes at create time This patch does not implement the samba side of the streams support or oplocks support. Tests that expect oplocks to be granted or streams to be supported will fail. This will be remedied in upcoming patches. --- source3/Makefile.in | 3 +- source3/modules/onefs.h | 68 +- source3/modules/onefs_acl.c | 119 ++-- source3/modules/onefs_open.c | 1442 ++++++++++++++++++++++------------------ source3/modules/onefs_system.c | 214 ++++++ source3/modules/vfs_onefs.c | 27 +- 6 files changed, 1162 insertions(+), 711 deletions(-) create mode 100644 source3/modules/onefs_system.c diff --git a/source3/Makefile.in b/source3/Makefile.in index bf79a7dfda..f53406c39e 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -650,7 +650,8 @@ VFS_SYNCOPS_OBJ = modules/vfs_syncops.o VFS_ACL_XATTR_OBJ = modules/vfs_acl_xattr.o VFS_ACL_TDB_OBJ = modules/vfs_acl_tdb.o VFS_SMB_TRAFFIC_ANALYZER_OBJ = modules/vfs_smb_traffic_analyzer.o -VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o +VFS_ONEFS_OBJ = modules/vfs_onefs.o modules/onefs_acl.o modules/onefs_system.o \ + modules/onefs_open.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h index 965f39509a..8d0f45abdb 100644 --- a/source3/modules/onefs.h +++ b/source3/modules/onefs.h @@ -21,6 +21,10 @@ #ifndef _ONEFS_H #define _ONEFS_H +#include "includes.h" + +#include + /* OneFS Module smb.conf parameters and defaults */ /** @@ -34,13 +38,6 @@ enum onefs_acl_wire_format ACL_FORMAT_ALWAYS /**< Always canonicalize */ }; -const struct enum_list enum_onefs_acl_wire_format[] = { - {ACL_FORMAT_RAW, "No Format"}, - {ACL_FORMAT_WINDOWS_SD, "Format Windows SD"}, - {ACL_FORMAT_ALWAYS, "Always Format SD"}, - {-1, NULL} -}; - #define PARM_ONEFS_TYPE "onefs" #define PARM_ACL_WIRE_FORMAT "acl wire format" #define PARM_ACL_WIRE_FORMAT_DEFAULT ACL_FORMAT_WINDOWS_SD @@ -49,4 +46,61 @@ const struct enum_list enum_onefs_acl_wire_format[] = { #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL "creator owner gets full control" #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL_DEFAULT true +/* + * vfs interface handlers + */ +NTSTATUS onefs_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); + +NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info, SEC_DESC **ppdesc); + +NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, + uint32 security_info, SEC_DESC **ppdesc); + +NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info_sent, SEC_DESC *psd); + + +/* + * Utility functions + */ +NTSTATUS onefs_setup_sd(uint32 security_info_sent, SEC_DESC *psd, + struct ifs_security_descriptor *sd); + +/* + * System Interfaces + */ +int onefs_sys_create_file(connection_struct *conn, + int base_fd, + const char *path, + uint32_t access_mask, + uint32_t open_access_mask, + uint32_t share_access, + uint32_t create_options, + int flags, + mode_t mode, + int oplock_request, + uint64_t id, + struct security_descriptor *sd, + uint32_t ntfs_flags, + int *granted_oplock); + + + #endif /* _ONEFS_H */ diff --git a/source3/modules/onefs_acl.c b/source3/modules/onefs_acl.c index 3a692c95ab..5351118a87 100644 --- a/source3/modules/onefs_acl.c +++ b/source3/modules/onefs_acl.c @@ -19,20 +19,23 @@ * along with this program; if not, see . */ -#include "includes.h" +#include "onefs.h" -#include #include -#include #include -#include "onefs.h" +const struct enum_list enum_onefs_acl_wire_format[] = { + {ACL_FORMAT_RAW, "No Format"}, + {ACL_FORMAT_WINDOWS_SD, "Format Windows SD"}, + {ACL_FORMAT_ALWAYS, "Always Format SD"}, + {-1, NULL} +}; /** * Turn SID into UID/GID and setup a struct ifs_identity */ static bool -onefs_sid_to_identity(DOM_SID *sid, struct ifs_identity *id, bool is_group) +onefs_sid_to_identity(const DOM_SID *sid, struct ifs_identity *id, bool is_group) { enum ifs_identity_type type = IFS_ID_TYPE_LAST+1; uid_t uid = 0; @@ -514,15 +517,22 @@ onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, if (security_info & SACL_SECURITY_INFORMATION) desired_access |= IFS_RTS_SACL_ACCESS; - if ((fsp->fh->fd = ifs_createfile(-1, - fsp->fsp_name, - desired_access, - 0, 0, - OPLOCK_NONE, - 0, NULL, 0, - NULL, 0, NULL)) == -1) { - DEBUG(0, ("Error opening file %s. errno=%d\n", - fsp->fsp_name, errno)); + if ((fsp->fh->fd = onefs_sys_create_file(handle->conn, + -1, + fsp->fsp_name, + desired_access, + desired_access, + 0, + 0, + 0, + 0, + INTERNAL_OPEN_ONLY, + 0, + NULL, + 0, + NULL)) == -1) { + DEBUG(0, ("Error opening file %s. errno=%d (%s)\n", + fsp->fsp_name, errno, strerror(errno))); status = map_nt_error_from_unix(errno); goto out; } @@ -679,22 +689,18 @@ onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, } /** - * Isilon-specific function for setting an NTFS ACL on an open file. + * Isilon-specific function for setting up an ifs_security_descriptor, given a + * samba SEC_DESC. * - * @return NT_STATUS_UNSUCCESSFUL for userspace errors, NTSTATUS based off - * errno on syscall errors + * @param[out] sd ifs_security_descriptor to fill in + * + * @return NTSTATUS_OK if successful */ -NTSTATUS -onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd) +NTSTATUS onefs_setup_sd(uint32 security_info_sent, SEC_DESC *psd, + struct ifs_security_descriptor *sd) { - struct ifs_security_descriptor sd = {}; struct ifs_security_acl dacl, sacl, *daclp, *saclp; struct ifs_identity owner, group, *ownerp, *groupp; - int fd; - bool fopened = false; - - DEBUG(5,("Setting SD on file %s.\n", fsp->fsp_name )); ownerp = NULL; groupp = NULL; @@ -759,10 +765,37 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, /* Setup ifs_security_descriptor */ DEBUG(5,("Setting up SD\n")); - if (aclu_initialize_sd(&sd, psd->type, ownerp, groupp, - (daclp ? &daclp : NULL), (saclp ? &saclp : NULL), false)) + if (aclu_initialize_sd(sd, psd->type, ownerp, groupp, + (daclp ? &daclp : NULL), (saclp ? &saclp : NULL), false)) return NT_STATUS_UNSUCCESSFUL; + return NT_STATUS_OK; +} + +/** + * Isilon-specific function for setting an NTFS ACL on an open file. + * + * @return NT_STATUS_UNSUCCESSFUL for userspace errors, NTSTATUS based off + * errno on syscall errors + */ +NTSTATUS +onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, + uint32 security_info_sent, SEC_DESC *psd) +{ + struct ifs_security_descriptor sd = {}; + int fd; + bool fopened = false; + NTSTATUS status; + + DEBUG(5,("Setting SD on file %s.\n", fsp->fsp_name )); + + status = onefs_setup_sd(security_info_sent, psd, &sd); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("SD initialization failure: %s", nt_errstr(status))); + return status; + } + fd = fsp->fh->fd; if (fd == -1) { enum ifs_ace_rights desired_access = 0; @@ -775,16 +808,24 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, if (security_info_sent & SACL_SECURITY_INFORMATION) desired_access |= IFS_RTS_SACL_ACCESS; - if ((fd = ifs_createfile(-1, - fsp->fsp_name, - desired_access, - 0, 0, - OPLOCK_NONE, - 0, NULL, 0, - NULL, 0, NULL)) == -1) { - DEBUG(0, ("Error opening file %s. errno=%d\n", - fsp->fsp_name, errno)); - return map_nt_error_from_unix(errno); + if ((fd = onefs_sys_create_file(handle->conn, + -1, + fsp->fsp_name, + desired_access, + desired_access, + 0, + 0, + 0, + 0, + INTERNAL_OPEN_ONLY, + 0, + NULL, + 0, + NULL)) == -1) { + DEBUG(0, ("Error opening file %s. errno=%d (%s)\n", + fsp->fsp_name, errno, strerror(errno))); + status = map_nt_error_from_unix(errno); + goto out; } fopened = true; } @@ -792,10 +833,12 @@ onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, errno = 0; if (ifs_set_security_descriptor(fd, security_info_sent, &sd)) { DEBUG(0, ("Error setting security descriptor = %d\n", errno)); + status = map_nt_error_from_unix(errno); goto out; } DEBUG(5, ("Security descriptor set correctly!\n")); + status = NT_STATUS_OK; /* FALLTHROUGH */ out: @@ -803,5 +846,5 @@ out: close(fd); aclu_free_sd(&sd, false); - return errno ? map_nt_error_from_unix(errno) : NT_STATUS_OK; + return status; } diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index f45cc471ce..bda5e7e91a 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -1,71 +1,93 @@ /* - Unix SMB/CIFS implementation. - file opening and share modes - Copyright (C) Andrew Tridgell 1992-1998 - Copyright (C) Jeremy Allison 2001-2004 - Copyright (C) Volker Lendecke 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ + * Unix SMB/CIFS implementation. + * + * This file began with some code from source3/smbd/open.c and modified it to + * work with ifs_createfile. + * + * ifs_createfile is a CIFS-specific syscall for opening/files and + * directories. It adds support for: + * - Full in-kernel access checks using a windows access_mask + * - Cluster-coherent share mode locks + * - Cluster-coherent oplocks + * - Streams + * - Setting security descriptors at create time + * - Setting dos_attributes at create time + * + * Copyright (C) Andrew Tridgell 1992-1998 + * Copyright (C) Jeremy Allison 2001-2004 + * Copyright (C) Volker Lendecke 2005 + * Copyright (C) Tim Prouty, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ -#include "includes.h" +#include "onefs.h" extern const struct generic_mapping file_generic_mapping; extern bool global_client_failed_oplock_break; struct deferred_open_record { bool delayed_for_oplocks; + bool failed; /* added for onefs_oplocks */ struct file_id id; }; -static NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf); +static NTSTATUS onefs_create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf); /**************************************************************************** Open a file. ****************************************************************************/ -static NTSTATUS open_file(files_struct *fsp, - connection_struct *conn, - struct smb_request *req, - const char *parent_dir, - const char *name, - const char *path, - SMB_STRUCT_STAT *psbuf, - int flags, - mode_t unx_mode, - uint32 access_mask, /* client requested access mask. */ - uint32 open_access_mask) /* what we're actually using in the open. */ +static NTSTATUS onefs_open_file(files_struct *fsp, + connection_struct *conn, + struct smb_request *req, + const char *parent_dir, + const char *name, + const char *path, + SMB_STRUCT_STAT *psbuf, + int flags, + mode_t unx_mode, + uint32 access_mask, + uint32 open_access_mask, + int oplock_request, + uint64 id, + uint32 share_access, + uint32 create_options, + uint32_t new_dos_attributes, + struct security_descriptor *sd, + int *granted_oplock) { NTSTATUS status = NT_STATUS_OK; int accmode = (flags & O_ACCMODE); int local_flags = flags; bool file_existed = VALID_STAT(*psbuf); + const char *wild; fsp->fh->fd = -1; errno = EPERM; @@ -110,90 +132,118 @@ static NTSTATUS open_file(files_struct *fsp, */ if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) { - DEBUG(10,("open_file: truncate requested on read-only open " - "for file %s\n", path)); + DEBUG(10,("onefs_open_file: truncate requested on read-only " + "open for file %s\n", path)); local_flags = (flags & ~O_ACCMODE)|O_RDWR; } - if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || - (!file_existed && (local_flags & O_CREAT)) || - ((local_flags & O_TRUNC) == O_TRUNC) ) { - const char *wild; +#if defined(O_NONBLOCK) && defined(S_ISFIFO) + /* + * We would block on opening a FIFO with no one else on the + * other end. Do what we used to do and add O_NONBLOCK to the + * open flags. JRA. + */ + + if (file_existed && S_ISFIFO(psbuf->st_mode)) { + local_flags |= O_NONBLOCK; + } +#endif + /* Don't create files with Microsoft wildcard characters. */ + if (fsp->base_fsp) { /* - * We can't actually truncate here as the file may be locked. - * open_file_ntcreate will take care of the truncate later. JRA. + * wildcard characters are allowed in stream names + * only test the basefilename */ - - local_flags &= ~O_TRUNC; - -#if defined(O_NONBLOCK) && defined(S_ISFIFO) + wild = fsp->base_fsp->fsp_name; + } else { + wild = path; + } + if ((local_flags & O_CREAT) && !file_existed && + ms_has_wild(wild)) { /* - * We would block on opening a FIFO with no one else on the - * other end. Do what we used to do and add O_NONBLOCK to the - * open flags. JRA. + * XXX: may need to remvoe this return... + * + * We dont think this check needs to exist. All it does is + * block creating files with Microsoft wildcards, which is + * fine if the creation originated from NFS or locally and + * then was copied via Samba. */ + DEBUG(1, ("onefs_open_file: creating file with wildcard: %s\n", + path)); + return NT_STATUS_OBJECT_NAME_INVALID; + } - if (file_existed && S_ISFIFO(psbuf->st_mode)) { - local_flags |= O_NONBLOCK; - } -#endif - - /* Don't create files with Microsoft wildcard characters. */ - if (fsp->base_fsp) { - /* - * wildcard characters are allowed in stream names - * only test the basefilename - */ - wild = fsp->base_fsp->fsp_name; - } else { - wild = path; - } - if ((local_flags & O_CREAT) && !file_existed && - ms_has_wild(wild)) { - return NT_STATUS_OBJECT_NAME_INVALID; - } + /* Actually do the open */ - /* Actually do the open */ - status = fd_open(conn, path, fsp, local_flags, unx_mode); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " - "(flags=%d)\n", - path,nt_errstr(status),local_flags,flags)); - return status; - } +#ifdef O_NOFOLLOW + /* + * Never follow symlinks on a POSIX client. The + * client should be doing this. + */ - if ((local_flags & O_CREAT) && !file_existed) { + if (fsp->posix_open || !lp_symlinks(SNUM(conn))) { + flags |= O_NOFOLLOW; + } +#endif + /* Don't request an oplock if oplocks are turned off for the + * share. */ + if (!lp_oplocks(SNUM(conn))) + oplock_request = 0; - /* Inherit the ACL if required */ - if (lp_inherit_perms(SNUM(conn))) { - inherit_access_posix_acl(conn, parent_dir, path, - unx_mode); + fsp->fh->fd = onefs_sys_create_file(conn, + -1, + path, + access_mask, + open_access_mask, + share_access, + create_options, + flags, + unx_mode, + oplock_request, + id, + sd, + new_dos_attributes, + granted_oplock); + + if (fsp->fh->fd == -1) { + if (errno == EMFILE) { + static time_t last_warned = 0L; + + if (time((time_t *) NULL) > last_warned) { + DEBUG(0, ("Too many open files, unable " + "to open more! smbd's max " + "open files = %d, also check " + "sysctl kern.maxfiles and " + "sysctl kern.maxfilesperproc\n", + lp_max_open_files())); + last_warned = time((time_t *) NULL); } + } - /* Change the owner if required. */ - if (lp_inherit_owner(SNUM(conn))) { - change_file_owner_to_parent(conn, parent_dir, - fsp); - } + status = map_nt_error_from_unix(errno); + DEBUG(3,("Error opening file %s (%s) (local_flags=%d) " + "(flags=%d)\n", + path,nt_errstr(status),local_flags,flags)); + return status; + } + + if ((local_flags & O_CREAT) && !file_existed) { - notify_fname(conn, NOTIFY_ACTION_ADDED, - FILE_NOTIFY_CHANGE_FILE_NAME, path); + /* Inherit the ACL if required */ + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_posix_acl(conn, parent_dir, path, + unx_mode); } - } else { - fsp->fh->fd = -1; /* What we used to call a stat open. */ - if (file_existed) { - status = check_open_rights(conn, - path, - access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file: Access denied on " - "file %s\n", - path)); - return status; - } + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_file_owner_to_parent(conn, parent_dir, + fsp); } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_FILE_NAME, path); } if (!file_existed) { @@ -346,6 +396,7 @@ static void schedule_defer_open(struct share_mode_lock *lck, a 1 second delay for share mode conflicts. */ state.delayed_for_oplocks = True; + state.failed = False; state.id = lck->id; if (!request_timed_out(request_time, timeout)) { @@ -354,22 +405,21 @@ static void schedule_defer_open(struct share_mode_lock *lck, } /**************************************************************************** - Open a file with a share mode. Passed in an already created files_struct *. + Open a file with a share mode. Passed in an already created files_struct. ****************************************************************************/ - -static NTSTATUS open_file_ntcreate(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */ - uint32 share_access, /* share constants (FILE_SHARE_READ etc) */ - uint32 create_disposition, /* FILE_OPEN_IF etc. */ - uint32 create_options, /* options such as delete on close. */ - uint32 new_dos_attributes, /* attributes used for new file. */ - int oplock_request, /* internal Samba oplock codes. */ - /* Information (FILE_EXISTS etc.) */ - int *pinfo, - files_struct *fsp) +NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 new_dos_attributes, + int oplock_request, + struct security_descriptor *sd, + files_struct *fsp, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { int flags=0; int flags2=0; @@ -378,7 +428,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, bool posix_open = False; bool new_file_created = False; struct file_id id; - NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED; mode_t new_unx_mode = (mode_t)0; mode_t unx_mode = (mode_t)0; int info; @@ -391,6 +440,9 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, int ret_flock; char *parent_dir; const char *newname; + int granted_oplock; + uint64 oplock_waiter; + uint32 createfile_attributes = 0; ZERO_STRUCT(id); @@ -404,7 +456,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, *pinfo = FILE_WAS_CREATED; } - DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname)); + DEBUG(10, ("onefs_open_file_ntcreate: printer open fname=%s\n", + fname)); return print_fsp_open(req, conn, fname, req->vuid, fsp); } @@ -425,13 +478,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, parent_dir); } - DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x " - "access_mask=0x%x share_access=0x%x " - "create_disposition = 0x%x create_options=0x%x " - "unix mode=0%o oplock_request=%d\n", - fname, new_dos_attributes, access_mask, share_access, - create_disposition, create_options, unx_mode, - oplock_request)); + DEBUG(10,("onefs_open_file_ntcreate: fname=%s, dos_attrs=0x%x " + "access_mask=0x%x share_access=0x%x " + "create_disposition = 0x%x create_options=0x%x " + "unix mode=0%o oplock_request=0x%x\n", + fname, new_dos_attributes, access_mask, share_access, + create_disposition, create_options, unx_mode, + oplock_request)); if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) { DEBUG(0, ("No smb request but not an internal only open!\n")); @@ -465,6 +518,17 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* Ensure we don't reprocess this message. */ remove_deferred_open_smb_message(req->mid); + + /* + * When receiving a semlock_async_failure message, the + * deferred open will be marked as "failed". Returning + * INTERNAL_ERROR. + */ + if (state->failed) { + DEBUG(0, ("onefs_open_file_ntcreate: " + "semlock_async_failure detected!\n")); + return NT_STATUS_INTERNAL_ERROR; + } } status = check_name(conn, fname); @@ -479,7 +543,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - /* ignore any oplock requests if oplocks are disabled */ + /* Setup dos_attributes to be set by ifs_createfile */ + if (lp_store_dos_attributes(SNUM(conn))) { + createfile_attributes = (new_dos_attributes | aARCH) & + ~(FILE_ATTRIBUTE_NONINDEXED | FILE_ATTRIBUTE_COMPRESSED); + } + + /* Ignore oplock requests if oplocks are disabled. */ if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break || IS_VETO_OPLOCK_PATH(conn, fname)) { /* Mask off everything except the private Samba bits. */ @@ -490,8 +560,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) { /* OS/2 Workplace shell fix may be main code stream in a later * release. */ - DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not " - "supported.\n")); + DEBUG(5,("onefs_open_file_ntcreate: OS/2 long filenames are " + "not supported.\n")); if (use_nt_status()) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -508,6 +578,14 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, case FILE_SUPERSEDE: /* If file exists replace/overwrite. If file doesn't * exist create. */ + /** + * @todo: Clear all file attributes? + * http://www.osronline.com/article.cfm?article=302 + * create if not exist, trunc if exist + * + * If file exists replace/overwrite. If file doesn't + * exist create. + */ flags2 |= (O_CREAT | O_TRUNC); break; @@ -520,7 +598,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, case FILE_OPEN: /* If file exists open. If file doesn't exist error. */ if (!file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_OPEN " + DEBUG(5,("onefs_open_file_ntcreate: FILE_OPEN " "requested for file %s and file " "doesn't exist.\n", fname )); errno = ENOENT; @@ -532,9 +610,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* If file exists overwrite. If file doesn't exist * error. */ if (!file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE " - "requested for file %s and file " - "doesn't exist.\n", fname )); + DEBUG(5, ("onefs_open_file_ntcreate: " + "FILE_OVERWRITE requested for file " + "%s and file doesn't exist.\n", + fname)); errno = ENOENT; return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -545,9 +624,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* If file exists error. If file doesn't exist * create. */ if (file_existed) { - DEBUG(5,("open_file_ntcreate: FILE_CREATE " - "requested for file %s and file " - "already exists.\n", fname )); + DEBUG(5, ("onefs_open_file_ntcreate: " + "FILE_CREATE requested for file %s " + "and file already exists.\n", + fname)); if (S_ISDIR(psbuf->st_mode)) { errno = EISDIR; } else { @@ -568,45 +648,47 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } - /* We only care about matching attributes on file exists and - * overwrite. */ - - if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) || - (create_disposition == FILE_OVERWRITE_IF))) { + /* Match attributes on file exists and overwrite. */ + if (!posix_open && file_existed && + ((create_disposition == FILE_OVERWRITE) || + (create_disposition == FILE_OVERWRITE_IF))) { if (!open_match_attributes(conn, fname, existing_dos_attributes, new_dos_attributes, psbuf->st_mode, unx_mode, &new_unx_mode)) { - DEBUG(5,("open_file_ntcreate: attributes missmatch " - "for file %s (%x %x) (0%o, 0%o)\n", - fname, existing_dos_attributes, - new_dos_attributes, - (unsigned int)psbuf->st_mode, - (unsigned int)unx_mode )); + DEBUG(5, ("onefs_open_file_ntcreate: attributes " + "missmatch for file %s (%x %x) (0%o, 0%o)\n", + fname, existing_dos_attributes, + new_dos_attributes, + (unsigned int)psbuf->st_mode, + (unsigned int)unx_mode )); errno = EACCES; return NT_STATUS_ACCESS_DENIED; } } - status = calculate_access_mask(conn, fname, file_existed, - access_mask, - &access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file_ntcreate: calculate_access_mask " - "on file %s returned %s\n", - fname, - nt_errstr(status))); - return status; + /* + * OneFS understands MAXIMUM_ALLOWED_ACCESS, so only hack the + * access_mask, but leave the MAA for the actual open in + * open_access_mask. + */ + open_access_mask = access_mask; + if (open_access_mask & MAXIMUM_ALLOWED_ACCESS) { + access_mask |= FILE_GENERIC_ALL; } - open_access_mask = access_mask; + /* Convert GENERIC bits to specific bits. */ + se_map_generic(&access_mask, &file_generic_mapping); + se_map_generic(&open_access_mask, &file_generic_mapping); if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { - open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */ + /* This will cause oplock breaks. */ + open_access_mask |= FILE_WRITE_DATA; } - DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping " - "access_mask=0x%x\n", fname, access_mask )); + DEBUG(10, ("onefs_open_file_ntcreate: fname=%s, after mapping " + "open_access_mask=%#x, access_mask=0x%x\n", + fname, open_access_mask, access_mask)); /* * Note that we ignore the append flag as append does not @@ -614,12 +696,31 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, */ if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) || - (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { - /* DENY_DOS opens are always underlying read-write on the - file handle, no matter what the requested access mask - says. */ - if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) || - access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) { + (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) { + + /* + * DENY_DOS opens are always underlying read-write on the + * file handle, no matter what the requested access mask + * says. Stock samba just sets the flags, but since + * ifs_createfile uses the access_mask, it must be updated as + * well. This allows BASE-DENY* to pass. + */ + if (create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) { + + DEBUG(10,("onefs_open_file_ntcreate: deny_dos: " + "Adding O_RDWR to flags " + "(0x%x) and some READ bits to " + "open_access_mask (0x%x)\n", + flags, open_access_mask)); + + flags = O_RDWR; + open_access_mask |= (FILE_READ_ATTRIBUTES | + FILE_READ_DATA | FILE_READ_EA | FILE_EXECUTE); + + } else if (access_mask & (FILE_READ_ATTRIBUTES | + FILE_READ_DATA | + FILE_READ_EA | + FILE_EXECUTE)) { flags = O_RDWR; } else { flags = O_WRONLY; @@ -628,12 +729,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, flags = O_RDONLY; } - /* - * Currently we only look at FILE_WRITE_THROUGH for create options. - */ - + /* Currently we only look at FILE_WRITE_THROUGH for create options. */ #if defined(O_SYNC) - if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) { + if ((create_options & FILE_WRITE_THROUGH) && + lp_strict_sync(SNUM(conn))) { flags2 |= O_SYNC; } #endif /* O_SYNC */ @@ -649,21 +748,36 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * older versions of Samba we just AND them out. */ flags2 &= ~(O_CREAT|O_TRUNC); - } - /* - * Ensure we can't write on a read-only share or file. - */ + /** + * XXX: TODO + * Apparently this is necessary because we ship with + * lp_acl_check_permissions = no. It is set to no because our + * ifs_createfile does the access check correctly. This check + * was added in the last merge, and the question is why is it + * necessary? Check out Bug 25547 and Bug 14596. The key is + * to figure out what case this is covering, and do some + * testing to see if it's actually necessary. If it is, maybe + * it should go upstream in open.c. + */ + if (!lp_acl_check_permissions(SNUM(conn)) && + (access_mask & DELETE_ACCESS)) { + return map_nt_error_from_unix(EACCES); + } + } + /* Ensure we can't write on a read-only share or file. */ if (flags != O_RDONLY && file_existed && (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) { - DEBUG(5,("open_file_ntcreate: write access requested for " - "file %s on read only %s\n", - fname, !CAN_WRITE(conn) ? "share" : "file" )); + DEBUG(5, ("onefs_open_file_ntcreate: write access requested " + "for file %s on read only %s\n", + fname, !CAN_WRITE(conn) ? "share" : "file" )); errno = EACCES; return NT_STATUS_ACCESS_DENIED; } + DEBUG(10, ("fsp = %p\n", fsp)); + fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); fsp->share_access = share_access; fsp->fh->private_options = create_options; @@ -692,57 +806,124 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - /* First pass - send break only on batch oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 1, - oplock_request)) { - schedule_defer_open(lck, request_time, req); + if (lck->delete_on_close) { + /* DELETE_PENDING is not deferred for a second */ TALLOC_FREE(lck); - return NT_STATUS_SHARING_VIOLATION; + return NT_STATUS_DELETE_PENDING; } + } - /* Use the client requested access mask here, not the one we - * open with. */ - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &file_existed); + SMB_ASSERT(!file_existed || (lck != NULL)); - if (NT_STATUS_IS_OK(status)) { - /* We might be going to allow this open. Check oplock - * status again. */ - /* Second pass - send break for both batch or - * exclusive oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 2, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - return NT_STATUS_SHARING_VIOLATION; - } - } + /* + * Ensure we pay attention to default ACLs on directories. May be + * neccessary depending on ACL policies. + */ + if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && + (def_acl = directory_has_default_acl(conn, parent_dir))) { + unx_mode = 0777; + } - if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) { - /* DELETE_PENDING is not deferred for a second */ - TALLOC_FREE(lck); - return status; + DEBUG(4,("calling onefs_open_file with flags=0x%X flags2=0x%X " + "mode=0%o, access_mask = 0x%x, open_access_mask = 0x%x\n", + (unsigned int)flags, (unsigned int)flags2, + (unsigned int)unx_mode, (unsigned int)access_mask, + (unsigned int)open_access_mask)); + + oplock_waiter = 1; //ifs_oplock_wait_record(mid); + + if (oplock_waiter == 0) { + return NT_STATUS_NO_MEMORY; + } + + /* Do the open. */ + status = onefs_open_file(fsp, + conn, + req, + parent_dir, + newname, + fname, + psbuf, + flags|flags2, + unx_mode, + access_mask, + open_access_mask, + fsp->oplock_type, + oplock_waiter, + share_access, + create_options, + createfile_attributes, + sd, + &granted_oplock); + + if (!NT_STATUS_IS_OK(status)) { + + /* OneFS Oplock Handling */ + if (errno == EINPROGRESS) { + + if (lck == NULL) { + + struct deferred_open_record state; + struct timespec old_write_time; + + old_write_time = get_mtimespec(psbuf); + + DEBUG(3, ("Someone created file %s with an " + "oplock after we looked: Retrying\n", + fname)); + /* + * We hit the race that when we did the stat + * on the file it did not exist, and someone + * has created it in between the stat and the + * open_file() call. Just retry immediately. + */ + id = vfs_file_id_from_sbuf(conn, psbuf); + if (!(lck = get_share_mode_lock(talloc_tos(), + id, conn->connectpath, fname, + &old_write_time))) { + /* + * Emergency exit + */ + DEBUG(0, ("onefs_open_file_ntcreate: " + "Could not get share mode " + "lock for %s\n", fname)); + status = NT_STATUS_SHARING_VIOLATION; + goto cleanup_destroy; + } + + state.delayed_for_oplocks = False; + state.id = id; + + if (req != NULL) { + defer_open(lck, request_time, + timeval_zero(), req, &state); + } + goto cleanup_destroy; + } + /* Waiting for an oplock */ + SMB_ASSERT(req); + schedule_defer_open(lck, request_time, req); + goto cleanup; } - if (!NT_STATUS_IS_OK(status)) { + /* Check for a sharing violation */ + if ((errno == EAGAIN) || (errno == EWOULDBLOCK)) { uint32 can_access_mask; bool can_access = True; - SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)); - /* Check if this can be done with the deny_dos and fcb * calls. */ + + /* Try to find dup fsp if possible. */ if (create_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS| NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) { + if (req == NULL) { DEBUG(0, ("DOS open without an SMB " "request!\n")); - TALLOC_FREE(lck); - return NT_STATUS_INTERNAL_ERROR; + status = NT_STATUS_INTERNAL_ERROR; + goto cleanup_destroy; } /* Use the client requested access mask here, @@ -763,7 +944,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (pinfo) { *pinfo = FILE_WAS_OPENED; } - return NT_STATUS_OK; + status = NT_STATUS_OK; + goto cleanup; } } @@ -794,7 +976,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * If we're returning a share violation, ensure we * cope with the braindead 1 second delay. */ - if (!(oplock_request & INTERNAL_OPEN_ONLY) && lp_defer_sharing_violations()) { struct timeval timeout; @@ -804,26 +985,30 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* this is a hack to speed up torture tests in 'make test' */ timeout_usecs = lp_parm_int(SNUM(conn), - "smbd","sharedelay", - SHARING_VIOLATION_USEC_WAIT); - - /* This is a relative time, added to the absolute - request_time value to get the absolute timeout time. - Note that if this is the second or greater time we enter - this codepath for this particular request mid then - request_time is left as the absolute time of the *first* - time this request mid was processed. This is what allows - the request to eventually time out. */ + "smbd","sharedelay", + SHARING_VIOLATION_USEC_WAIT); + + /* This is a relative time, added to the + absolute request_time value to get the + absolute timeout time. Note that if this + is the second or greater time we enter this + codepath for this particular request mid + then request_time is left as the absolute + time of the *first* time this request mid + was processed. This is what allows the + request to eventually time out. */ timeout = timeval_set(0, timeout_usecs); - /* Nothing actually uses state.delayed_for_oplocks - but it's handy to differentiate in debug messages - between a 30 second delay due to oplock break, and - a 1 second delay for share mode conflicts. */ + /* Nothing actually uses + state.delayed_for_oplocks but it's handy to + differentiate in debug messages between a + 30 second delay due to oplock break, and a + 1 second delay for share mode conflicts. */ state.delayed_for_oplocks = False; state.id = id; + state.failed = false; if ((req != NULL) && !request_timed_out(request_time, @@ -833,7 +1018,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - TALLOC_FREE(lck); if (can_access) { /* * We have detected a sharing violation here @@ -843,45 +1027,25 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } else { status = NT_STATUS_ACCESS_DENIED; } - return status; + + goto cleanup_destroy; } /* - * We exit this block with the share entry *locked*..... + * Normal error, for example EACCES */ + cleanup_destroy: + //destroy_ifs_callback_record(oplock_waiter); + cleanup: + TALLOC_FREE(lck); + return status; } - SMB_ASSERT(!file_existed || (lck != NULL)); - - /* - * Ensure we pay attention to default ACLs on directories if required. - */ - - if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && - (def_acl = directory_has_default_acl(conn, parent_dir))) { - unx_mode = 0777; - } - - DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, " - "access_mask = 0x%x, open_access_mask = 0x%x\n", - (unsigned int)flags, (unsigned int)flags2, - (unsigned int)unx_mode, (unsigned int)access_mask, - (unsigned int)open_access_mask)); - - /* - * open_file strips any O_TRUNC flags itself. - */ - - fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf, - flags|flags2, unx_mode, access_mask, - open_access_mask); + fsp->oplock_type = granted_oplock; - if (!NT_STATUS_IS_OK(fsp_open)) { - if (lck != NULL) { - TALLOC_FREE(lck); - } - return fsp_open; - } + /* XXX uncomment for oplocks */ + //ifs_set_oplock_callback(oplock_waiter, fsp); + //fsp->oplock_callback_id = oplock_waiter; if (!file_existed) { struct timespec old_write_time = get_mtimespec(psbuf); @@ -907,39 +1071,14 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fname, &old_write_time); if (lck == NULL) { - DEBUG(0, ("open_file_ntcreate: Could not get share " - "mode lock for %s\n", fname)); + DEBUG(0, ("onefs_open_file_ntcreate: Could not get " + "share mode lock for %s\n", fname)); fd_close(fsp); return NT_STATUS_SHARING_VIOLATION; } - /* First pass - send break only on batch oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 1, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; - } - - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &file_existed); - - if (NT_STATUS_IS_OK(status)) { - /* We might be going to allow this open. Check oplock - * status again. */ - /* Second pass - send break for both batch or - * exclusive oplocks. */ - if ((req != NULL) - && delay_for_oplocks(lck, fsp, req->mid, 2, - oplock_request)) { - schedule_defer_open(lck, request_time, req); - TALLOC_FREE(lck); - fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; - } + if (lck->delete_on_close) { + status = NT_STATUS_DELETE_PENDING; } if (!NT_STATUS_IS_OK(status)) { @@ -987,7 +1126,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, TALLOC_FREE(lck); fd_close(fsp); - return NT_STATUS_SHARING_VIOLATION; } } @@ -998,24 +1136,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, * deny mode is compatible with all current opens. */ - /* - * If requested, truncate the file. - */ - - if (flags2&O_TRUNC) { - /* - * We are modifing the file after open - update the stat - * struct.. - */ - if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) || - (SMB_VFS_FSTAT(fsp, psbuf)==-1)) { - status = map_nt_error_from_unix(errno); - TALLOC_FREE(lck); - fd_close(fsp); - return status; - } - } - /* Record the options we were opened with. */ fsp->share_access = share_access; fsp->fh->private_options = create_options; @@ -1056,16 +1176,16 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } } - if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) { + if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || + info == FILE_WAS_SUPERSEDED) { new_file_created = True; } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type); + fsp->oplock_type, true); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { - status = can_set_delete_on_close(fsp, True, new_dos_attributes); if (!NT_STATUS_IS_OK(status)) { @@ -1080,30 +1200,13 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fsp->initial_delete_on_close = True; } - if (new_file_created) { - /* Files should be initially set as archive */ - if (lp_map_archive(SNUM(conn)) || - lp_store_dos_attributes(SNUM(conn))) { - if (!posix_open) { - SMB_STRUCT_STAT tmp_sbuf; - SET_STAT_INVALID(tmp_sbuf); - if (file_set_dosmode( - conn, fname, - new_dos_attributes | aARCH, - &tmp_sbuf, parent_dir, - true) == 0) { - unx_mode = tmp_sbuf.st_mode; - } - } - } - } - /* * Take care of inherited ACLs on created files - if default ACL not * selected. + * May be necessary depending on acl policies. */ - - if (!posix_open && !file_existed && !def_acl) { + if (!posix_open && !file_existed && !def_acl && !(VALID_STAT(*psbuf) + && (psbuf->st_flags & SF_HASNTFSACL))) { int saved_errno = errno; /* We might get ENOSYS in the next * call.. */ @@ -1127,7 +1230,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (ret == -1 && errno == ENOSYS) { errno = saved_errno; /* Ignore ENOSYS */ } else { - DEBUG(5, ("open_file_ntcreate: reset " + DEBUG(5, ("onefs_open_file_ntcreate: reset " "attributes of file %s to 0%o\n", fname, (unsigned int)new_unx_mode)); ret = 0; /* Don't do the fchmod below. */ @@ -1136,7 +1239,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if ((ret == -1) && (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1)) - DEBUG(5, ("open_file_ntcreate: failed to reset " + DEBUG(5, ("onefs_open_file_ntcreate: failed to reset " "attributes of file %s to 0%o\n", fname, (unsigned int)new_unx_mode)); } @@ -1151,153 +1254,225 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_OK; } + /**************************************************************************** Open a directory from an NT SMB call. ****************************************************************************/ - -static NTSTATUS open_directory(connection_struct *conn, - struct smb_request *req, - const char *fname, - SMB_STRUCT_STAT *psbuf, - uint32 access_mask, - uint32 share_access, - uint32 create_disposition, - uint32 create_options, - uint32 file_attributes, - int *pinfo, - files_struct **result) +static NTSTATUS onefs_open_directory(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32 access_mask, + uint32 share_access, + uint32 create_disposition, + uint32 create_options, + uint32 file_attributes, + struct security_descriptor *sd, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { files_struct *fsp = NULL; - bool dir_existed = VALID_STAT(*psbuf) ? True : False; struct share_mode_lock *lck = NULL; NTSTATUS status; struct timespec mtimespec; int info = 0; - - DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, " - "share_access = 0x%x create_options = 0x%x, " - "create_disposition = 0x%x, file_attributes = 0x%x\n", - fname, - (unsigned int)access_mask, - (unsigned int)share_access, - (unsigned int)create_options, - (unsigned int)create_disposition, - (unsigned int)file_attributes)); + char *parent_dir; + const char *dirname; + bool posix_open = false; + uint32 create_flags = 0; + uint32 mode = lp_dir_mask(SNUM(conn)); + + DEBUG(5, ("onefs_open_directory: opening directory %s, " + "access_mask = 0x%x, " + "share_access = 0x%x create_options = 0x%x, " + "create_disposition = 0x%x, file_attributes = 0x%x\n", + fname, (unsigned int)access_mask, (unsigned int)share_access, + (unsigned int)create_options, (unsigned int)create_disposition, + (unsigned int)file_attributes)); if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) && - (conn->fs_capabilities & FILE_NAMED_STREAMS) && - is_ntfs_stream_name(fname)) { - DEBUG(2, ("open_directory: %s is a stream name!\n", fname)); + (conn->fs_capabilities & FILE_NAMED_STREAMS) && + is_ntfs_stream_name(fname)) { + DEBUG(2, ("onefs_open_directory: %s is a stream name!\n", fname)); return NT_STATUS_NOT_A_DIRECTORY; } - status = calculate_access_mask(conn, fname, dir_existed, - access_mask, - &access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_directory: calculate_access_mask " - "on file %s returned %s\n", - fname, - nt_errstr(status))); - return status; - } - - switch( create_disposition ) { + switch (create_disposition) { case FILE_OPEN: - + /* If directory exists open. If directory doesn't + * exist error. */ + create_flags = 0; info = FILE_WAS_OPENED; - - /* - * We want to follow symlinks here. - */ - - if (SMB_VFS_STAT(conn, fname, psbuf) != 0) { - return map_nt_error_from_unix(errno); - } - break; - case FILE_CREATE: - /* If directory exists error. If directory doesn't * exist create. */ - - status = mkdir_internal(conn, - fname, - file_attributes, - psbuf); - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("open_directory: unable to create " - "%s. Error was %s\n", fname, - nt_errstr(status))); - return status; - } - + create_flags = O_CREAT | O_EXCL; info = FILE_WAS_CREATED; break; - case FILE_OPEN_IF: - /* - * If directory exists open. If directory doesn't - * exist create. - */ - - status = mkdir_internal(conn, - fname, - file_attributes, - psbuf); - - if (NT_STATUS_IS_OK(status)) { - info = FILE_WAS_CREATED; - } - - if (NT_STATUS_EQUAL(status, - NT_STATUS_OBJECT_NAME_COLLISION)) { - info = FILE_WAS_OPENED; - status = NT_STATUS_OK; - } + /* If directory exists open. If directory doesn't + * exist create. */ + /* Note: in order to return whether the directory was + * opened or created, we first try to open and then try + * to create. */ + create_flags = 0; + info = FILE_WAS_OPENED; break; - case FILE_SUPERSEDE: case FILE_OVERWRITE: case FILE_OVERWRITE_IF: default: - DEBUG(5,("open_directory: invalid create_disposition " - "0x%x for directory %s\n", - (unsigned int)create_disposition, fname)); + DEBUG(5, ("onefs_open_directory: invalid " + "create_disposition 0x%x for directory %s\n", + (unsigned int)create_disposition, fname)); return NT_STATUS_INVALID_PARAMETER; } - if(!S_ISDIR(psbuf->st_mode)) { - DEBUG(5,("open_directory: %s is not a directory !\n", - fname )); - return NT_STATUS_NOT_A_DIRECTORY; + /* + * Check for write access to the share. Done in mkdir_internal() in + * mainline samba. + */ + if (!CAN_WRITE(conn) && (create_flags & O_CREAT)) { + return NT_STATUS_ACCESS_DENIED; } - if (info == FILE_WAS_OPENED) { - status = check_open_rights(conn, - fname, - access_mask); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_directory: check_open_rights on " - "file %s failed with %s\n", - fname, - nt_errstr(status))); - return status; - } + /* Get parent dirname */ + if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir, + &dirname)) { + return NT_STATUS_NO_MEMORY; } + if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { + posix_open = true; + mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS); + file_attributes = 0; + } else { + mode = unix_mode(conn, aDIR, fname, parent_dir); + } + + /* + * The NONINDEXED and COMPRESSED bits seem to always be cleared on + * directories, no matter if you specify that they should be set. + */ + file_attributes &= + ~(FILE_ATTRIBUTE_NONINDEXED | FILE_ATTRIBUTE_COMPRESSED); + status = file_new(req, conn, &fsp); if(!NT_STATUS_IS_OK(status)) { return status; } /* - * Setup the files_struct for it. + * Actual open with retry magic to handle FILE_OPEN_IF which is + * unique because the kernel won't tell us if the file was opened or + * created. */ + retry_open: + fsp->fh->fd = onefs_sys_create_file(conn, + -1, + fname, + access_mask, + access_mask, + share_access, + create_options, + create_flags | O_DIRECTORY, + mode, + 0, + 0, + sd, + file_attributes, + NULL); + + if (fsp->fh->fd == -1) { + DEBUG(3, ("Error opening %s. Errno=%d (%s).\n", fname, errno, + strerror(errno))); + SMB_ASSERT(errno != EINPROGRESS); + + if (create_disposition == FILE_OPEN_IF) { + if (errno == ENOENT) { + /* Try again, creating it this time. */ + create_flags = O_CREAT | O_EXCL; + info = FILE_WAS_CREATED; + goto retry_open; + } else if (errno == EEXIST) { + /* Uggh. Try again again. */ + create_flags = 0; + info = FILE_WAS_OPENED; + goto retry_open; + } + } + + /* Error cases below: */ + file_free(req, fsp); + + if ((errno == ENOENT) && (create_disposition == FILE_OPEN)) { + DEBUG(5,("onefs_open_directory: FILE_OPEN requested " + "for directory %s and it doesn't " + "exist.\n", fname )); + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } else if ((errno == EEXIST) && + (create_disposition == FILE_CREATE)) { + DEBUG(5,("onefs_open_directory: FILE_CREATE " + "requested for directory %s and it " + "already exists.\n", fname )); + return NT_STATUS_OBJECT_NAME_COLLISION; + } else if ((errno == EAGAIN) || (errno == EWOULDBLOCK)) { + /* Catch sharing violations. */ + return NT_STATUS_SHARING_VIOLATION; + } + + return map_nt_error_from_unix(errno); + } + + if (info == FILE_WAS_CREATED) { + + /* Pulled from mkdir_internal() */ + if (SMB_VFS_LSTAT(conn, fname, psbuf) == -1) { + DEBUG(2, ("Could not stat directory '%s' just " + "created: %s\n",fname, strerror(errno))); + return map_nt_error_from_unix(errno); + } + + if (!S_ISDIR(psbuf->st_mode)) { + DEBUG(0, ("Directory just '%s' created is not a " + "directory\n", fname)); + return NT_STATUS_ACCESS_DENIED; + } + + if (!posix_open) { + /* + * Check if high bits should have been set, then (if + * bits are missing): add them. Consider bits + * automagically set by UNIX, i.e. SGID bit from + * parent dir. + */ + if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && + (mode & ~psbuf->st_mode)) { + SMB_VFS_CHMOD(conn, fname, (psbuf->st_mode | + (mode & ~psbuf->st_mode))); + } + } + + /* Change the owner if required. */ + if (lp_inherit_owner(SNUM(conn))) { + change_dir_owner_to_parent(conn, parent_dir, fname, + psbuf); + } + + notify_fname(conn, NOTIFY_ACTION_ADDED, + FILE_NOTIFY_CHANGE_DIR_NAME, fname); + } + + /* Stat the fd for Samba bookkeeping. */ + if(SMB_VFS_FSTAT(fsp, psbuf) != 0) { + fd_close(fsp); + file_free(req, fsp); + return map_nt_error_from_unix(errno); + } + /* Setup the files_struct for it. */ fsp->mode = psbuf->st_mode; fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf); fsp->vuid = req ? req->vuid : UID_FIELD_INVALID; @@ -1317,40 +1492,48 @@ static NTSTATUS open_directory(connection_struct *conn, fsp->oplock_type = NO_OPLOCK; fsp->sent_oplock_break = NO_BREAK_SENT; fsp->is_directory = True; - fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False; + fsp->posix_open = posix_open; string_set(&fsp->fsp_name,fname); mtimespec = get_mtimespec(psbuf); + /* + * Still set the samba share mode lock for correct delete-on-close + * semantics and to make smbstatus more useful. + */ lck = get_share_mode_lock(talloc_tos(), fsp->file_id, conn->connectpath, fname, &mtimespec); if (lck == NULL) { - DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname)); + DEBUG(0, ("onefs_open_directory: Could not get share mode " + "lock for %s\n", fname)); + fd_close(fsp); file_free(req, fsp); return NT_STATUS_SHARING_VIOLATION; } - status = open_mode_check(conn, fname, lck, - access_mask, share_access, - create_options, &dir_existed); - - if (!NT_STATUS_IS_OK(status)) { + if (lck->delete_on_close) { TALLOC_FREE(lck); + fd_close(fsp); file_free(req, fsp); - return status; + return NT_STATUS_DELETE_PENDING; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, + true); - /* For directories the delete on close bit at open time seems - always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ + /* + * For directories the delete on close bit at open time seems + * always to be honored on close... See test 19 in Samba4 BASE-DELETE. + */ if (create_options & FILE_DELETE_ON_CLOSE) { status = can_set_delete_on_close(fsp, True, 0); - if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { + if (!NT_STATUS_IS_OK(status) && + !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) { TALLOC_FREE(lck); + fd_close(fsp); file_free(req, fsp); return status; } @@ -1436,7 +1619,7 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, goto fail; } - status = create_file_unixpath + status = onefs_create_file_unixpath (conn, /* conn */ NULL, /* req */ streamname, /* fname */ @@ -1483,25 +1666,23 @@ static NTSTATUS open_streams_for_delete(connection_struct *conn, } /* - * Wrapper around open_file_ntcreate and open_directory + * Wrapper around onefs_open_file_ntcreate and onefs_open_directory. */ - -static NTSTATUS create_file_unixpath(connection_struct *conn, - struct smb_request *req, - const char *fname, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) +static NTSTATUS onefs_create_file_unixpath(connection_struct *conn, + struct smb_request *req, + const char *fname, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; @@ -1509,7 +1690,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, files_struct *fsp = NULL; NTSTATUS status; - DEBUG(10,("create_file_unixpath: access_mask = 0x%x " + DEBUG(10,("onefs_create_file_unixpath: access_mask = 0x%x " "file_attributes = 0x%x, share_access = 0x%x, " "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, " @@ -1559,34 +1740,6 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } } - /* This is the correct thing to do (check every time) but can_delete - * is expensive (it may have to read the parent directory - * permissions). So for now we're not doing it unless we have a strong - * hint the client is really going to delete this file. If the client - * is forcing FILE_CREATE let the filesystem take care of the - * permissions. */ - - /* Setting FILE_SHARE_DELETE is the hint. */ - - if (lp_acl_check_permissions(SNUM(conn)) - && (create_disposition != FILE_CREATE) - && (share_access & FILE_SHARE_DELETE) - && (access_mask & DELETE_ACCESS) - && (!can_delete_file_in_directory(conn, fname))) { - status = NT_STATUS_ACCESS_DENIED; - goto fail; - } - -#if 0 - /* We need to support SeSecurityPrivilege for this. */ - if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) && - !user_has_privileges(current_user.nt_user_token, - &se_security)) { - status = NT_STATUS_PRIVILEGE_NOT_HELD; - goto fail; - } -#endif - if ((conn->fs_capabilities & FILE_NAMED_STREAMS) && is_ntfs_stream_name(fname) && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { @@ -1601,9 +1754,9 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, status = split_ntfs_stream_name(talloc_tos(), fname, &base, NULL); if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath: " - "split_ntfs_stream_name failed: %s\n", - nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath: " + "split_ntfs_stream_name failed: %s\n", + nt_errstr(status))); goto fail; } @@ -1618,22 +1771,43 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, break; } - status = create_file_unixpath(conn, NULL, base, 0, - FILE_SHARE_READ - | FILE_SHARE_WRITE - | FILE_SHARE_DELETE, - base_create_disposition, - 0, 0, 0, 0, NULL, NULL, - &base_fsp, NULL, NULL); + status = onefs_create_file_unixpath( + conn, /* conn */ + NULL, /* req */ + base, /* fname */ + 0, /* access_mask */ + (FILE_SHARE_READ | + FILE_SHARE_WRITE | + FILE_SHARE_DELETE), /* share_access */ + base_create_disposition, /* create_disposition*/ + 0, /* create_options */ + 0, /* file_attributes */ + NO_OPLOCK, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &base_fsp, /* result */ + NULL, /* pinfo */ + NULL); /* psbuf */ + if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("create_file_unixpath for base %s failed: " - "%s\n", base, nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath for base %s " + "failed: %s\n", base, nt_errstr(status))); goto fail; } - /* we don't need to low level fd */ + /* + * we don't need to low level fd: This might conflict with + * OneFS streams. + */ fd_close(base_fsp); } + /* Covert generic bits in the security descriptor. */ + if (sd != NULL) { + security_acl_map_generic(sd->dacl, &file_generic_mapping); + security_acl_map_generic(sd->sacl, &file_generic_mapping); + } + /* * If it's a request for a directory open, deal with it separately. */ @@ -1658,11 +1832,19 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, * CreateDirectory() call. */ - oplock_request = 0; - status = open_directory( - conn, req, fname, &sbuf, access_mask, share_access, - create_disposition, create_options, file_attributes, - &info, &fsp); + status = onefs_open_directory( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + sd, /* sd */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ } else { /* @@ -1682,18 +1864,20 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, fsp->base_fsp = base_fsp; } - status = open_file_ntcreate(conn, - req, - fname, - &sbuf, - access_mask, - share_access, - create_disposition, - create_options, - file_attributes, - oplock_request, - &info, - fsp); + status = onefs_open_file_ntcreate( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + sd, /* sd */ + fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if(!NT_STATUS_IS_OK(status)) { file_free(req, fsp); @@ -1719,12 +1903,21 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } - oplock_request = 0; - status = open_directory( - conn, req, fname, &sbuf, access_mask, - share_access, create_disposition, - create_options, file_attributes, - &info, &fsp); + create_options |= FILE_DIRECTORY_FILE; + + status = onefs_open_directory( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + sd, /* sd */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ } } @@ -1734,44 +1927,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, fsp->base_fsp = base_fsp; - /* - * According to the MS documentation, the only time the security - * descriptor is applied to the opened file is iff we *created* the - * file; an existing file stays the same. - * - * Also, it seems (from observation) that you can open the file with - * any access mask but you can still write the sd. We need to override - * the granted access before we call set_sd - * Patch for bug #2242 from Tom Lackemann . - */ - - if ((sd != NULL) && (info == FILE_WAS_CREATED) - && lp_nt_acl_support(SNUM(conn))) { - - uint32_t sec_info_sent; - uint32_t saved_access_mask = fsp->access_mask; - - sec_info_sent = get_sec_info(sd); - - fsp->access_mask = FILE_GENERIC_ALL; - - /* Convert all the generic bits. */ - security_acl_map_generic(sd->dacl, &file_generic_mapping); - security_acl_map_generic(sd->sacl, &file_generic_mapping); - - if (sec_info_sent & (OWNER_SECURITY_INFORMATION| - GROUP_SECURITY_INFORMATION| - DACL_SECURITY_INFORMATION| - SACL_SECURITY_INFORMATION)) { - status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd); - } - - fsp->access_mask = saved_access_mask; - - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - } + SMB_ASSERT(fsp); if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) { status = set_ea(conn, fsp, fname, ea_list); @@ -1807,7 +1963,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } } - DEBUG(10, ("create_file_unixpath: info=%d\n", info)); + DEBUG(10, ("onefs_create_file_unixpath: info=%d\n", info)); *result = fsp; if (pinfo != NULL) { @@ -1824,7 +1980,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, return NT_STATUS_OK; fail: - DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status))); + DEBUG(10, ("onefs_create_file_unixpath: %s\n", nt_errstr(status))); if (fsp != NULL) { if (base_fsp && fsp->base_fsp == base_fsp) { @@ -1843,32 +1999,36 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } return status; } -NTSTATUS create_file_default(connection_struct *conn, - struct smb_request *req, - uint16_t root_dir_fid, - const char *fname, - uint32_t create_file_flags, - uint32_t access_mask, - uint32_t share_access, - uint32_t create_disposition, - uint32_t create_options, - uint32_t file_attributes, - uint32_t oplock_request, - uint64_t allocation_size, - struct security_descriptor *sd, - struct ea_list *ea_list, - - files_struct **result, - int *pinfo, - SMB_STRUCT_STAT *psbuf) + +/** + * SMB_VFS_CREATE_FILE interface to onefs. + */ +NTSTATUS onefs_create_file(vfs_handle_struct *handle, + struct smb_request *req, + uint16_t root_dir_fid, + const char *fname, + uint32_t create_file_flags, + uint32_t access_mask, + uint32_t share_access, + uint32_t create_disposition, + uint32_t create_options, + uint32_t file_attributes, + uint32_t oplock_request, + uint64_t allocation_size, + struct security_descriptor *sd, + struct ea_list *ea_list, + files_struct **result, + int *pinfo, + SMB_STRUCT_STAT *psbuf) { + connection_struct *conn = handle->conn; struct case_semantics_state *case_state = NULL; SMB_STRUCT_STAT sbuf; int info = FILE_WAS_OPENED; files_struct *fsp = NULL; NTSTATUS status; - DEBUG(10,("create_file: access_mask = 0x%x " + DEBUG(10,("onefs_create_file: access_mask = 0x%x " "file_attributes = 0x%x, share_access = 0x%x, " "create_disposition = 0x%x create_options = 0x%x " "oplock_request = 0x%x " @@ -1883,10 +2043,7 @@ NTSTATUS create_file_default(connection_struct *conn, (unsigned int)root_dir_fid, ea_list, sd, create_file_flags, fname)); - /* - * Calculate the filename from the root_dir_if if necessary. - */ - + /* Get the file name if root_dir_fid was specified. */ if (root_dir_fid != 0) { char *new_fname; @@ -1899,45 +2056,7 @@ NTSTATUS create_file_default(connection_struct *conn, fname = new_fname; } - /* - * Check to see if this is a mac fork of some kind. - */ - - if (is_ntfs_stream_name(fname)) { - enum FAKE_FILE_TYPE fake_file_type; - - fake_file_type = is_fake_file(fname); - - if (fake_file_type != FAKE_FILE_TYPE_NONE) { - - /* - * Here we go! support for changing the disk quotas - * --metze - * - * We need to fake up to open this MAGIC QUOTA file - * and return a valid FID. - * - * w2k close this file directly after openening xp - * also tries a QUERY_FILE_INFO on the file and then - * close it - */ - status = open_fake_file(req, conn, req->vuid, - fake_file_type, fname, - access_mask, &fsp); - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - - ZERO_STRUCT(sbuf); - goto done; - } - - if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) { - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - goto fail; - } - } - + /* Resolve the file name if this was a DFS pathname. */ if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) { char *resolved_fname; @@ -1956,14 +2075,12 @@ NTSTATUS create_file_default(connection_struct *conn, fname = resolved_fname; } - /* - * Check if POSIX semantics are wanted. - */ - + /* Check if POSIX semantics are wanted. */ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) { case_state = set_posix_case_semantics(talloc_tos(), conn); } + /* Convert dos path to unix path if it hasn't already been done. */ if (create_file_flags & CFF_DOS_PATH) { char *converted_fname; @@ -1989,24 +2106,33 @@ NTSTATUS create_file_default(connection_struct *conn, TALLOC_FREE(case_state); /* All file access must go through check_name() */ - status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { goto fail; } - status = create_file_unixpath( - conn, req, fname, access_mask, share_access, - create_disposition, create_options, file_attributes, - oplock_request, allocation_size, sd, ea_list, - &fsp, &info, &sbuf); + status = onefs_create_file_unixpath( + conn, /* conn */ + req, /* req */ + fname, /* fname */ + access_mask, /* access_mask */ + share_access, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + file_attributes, /* file_attributes */ + oplock_request, /* oplock_request */ + allocation_size, /* allocation_size */ + sd, /* sd */ + ea_list, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { goto fail; } - done: - DEBUG(10, ("create_file: info=%d\n", info)); + DEBUG(10, ("onefs_create_file: info=%d\n", info)); *result = fsp; if (pinfo != NULL) { @@ -2018,7 +2144,7 @@ NTSTATUS create_file_default(connection_struct *conn, return NT_STATUS_OK; fail: - DEBUG(10, ("create_file: %s\n", nt_errstr(status))); + DEBUG(10, ("onefs_create_file: %s\n", nt_errstr(status))); if (fsp != NULL) { close_file(req, fsp, ERROR_CLOSE); diff --git a/source3/modules/onefs_system.c b/source3/modules/onefs_system.c new file mode 100644 index 0000000000..485e7f56ac --- /dev/null +++ b/source3/modules/onefs_system.c @@ -0,0 +1,214 @@ +/* + * Unix SMB/CIFS implementation. + * Support for OneFS system interfaces. + * + * Copyright (C) Tim Prouty, 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "onefs.h" + +#include +#include + +/* + * Initialize the sm_lock struct before passing it to ifs_createfile. + */ +static void smlock_init(connection_struct *conn, struct sm_lock *sml, + bool isexe, uint32_t access_mask, uint32_t share_access, + uint32_t create_options) +{ + sml->sm_type.doc = false; + sml->sm_type.isexe = isexe; + sml->sm_type.statonly = is_stat_open(access_mask); + sml->sm_type.access_mask = access_mask; + sml->sm_type.share_access = share_access; + + /* + * private_options was previously used for DENY_DOS/DENY_FCB checks in + * the kernel, but are now properly handled by fcb_or_dos_open. In + * these cases, ifs_createfile will return a sharing violation, which + * gives fcb_or_dos_open the chance to open a duplicate file handle. + */ + sml->sm_type.private_options = 0; + + /* 1 second delay is handled in onefs_open.c by deferring the open */ + sml->sm_timeout = timeval_set(0, 0); +} + +static void smlock_dump(int debuglevel, const struct sm_lock *sml) +{ + if (sml == NULL) { + DEBUG(debuglevel, ("sml == NULL\n")); + return; + } + + DEBUG(debuglevel, + ("smlock: doc=%s, isexec=%s, statonly=%s, access_mask=0x%x, " + "share_access=0x%x, private_options=0x%x timeout=%d/%d\n", + sml->sm_type.doc ? "True" : "False", + sml->sm_type.isexe ? "True" : "False", + sml->sm_type.statonly ? "True" : "False", + sml->sm_type.access_mask, + sml->sm_type.share_access, + sml->sm_type.private_options, + (int)sml->sm_timeout.tv_sec, + (int)sml->sm_timeout.tv_usec)); +} + +/* + * Return string value of onefs oplock types. + */ +static const char *onefs_oplock_str(enum oplock_type onefs_oplock_type) +{ + switch (onefs_oplock_type) { + case OPLOCK_NONE: + return "OPLOCK_NONE"; + case OPLOCK_EXCLUSIVE: + return "OPLOCK_EXCLUSIVE"; + case OPLOCK_BATCH: + return "OPLOCK_BATCH"; + case OPLOCK_SHARED: + return "OPLOCK_SHARED"; + default: + break; + } + return "UNKNOWN"; +} + +/* + * Convert from onefs to samba oplock. + */ +static int onefs_to_samba_oplock(enum oplock_type onefs_oplock) +{ + switch (onefs_oplock) { + case OPLOCK_NONE: + return NO_OPLOCK; + case OPLOCK_EXCLUSIVE: + return EXCLUSIVE_OPLOCK; + case OPLOCK_BATCH: + return BATCH_OPLOCK; + case OPLOCK_SHARED: + return LEVEL_II_OPLOCK; + default: + DEBUG(0, ("unknown oplock type %d found\n", onefs_oplock)); + break; + } + return NO_OPLOCK; +} + +/* + * Convert from samba to onefs oplock. + */ +static enum oplock_type samba_to_onefs_oplock(int samba_oplock_type) +{ + if (BATCH_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_BATCH; + if (EXCLUSIVE_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_EXCLUSIVE; + if (LEVEL_II_OPLOCK_TYPE(samba_oplock_type)) return OPLOCK_SHARED; + return OPLOCK_NONE; +} + +/** + * External interface to ifs_createfile + */ +int onefs_sys_create_file(connection_struct *conn, + int base_fd, + const char *path, + uint32_t access_mask, + uint32_t open_access_mask, + uint32_t share_access, + uint32_t create_options, + int flags, + mode_t mode, + int oplock_request, + uint64_t id, + struct security_descriptor *sd, + uint32_t dos_flags, + int *granted_oplock) +{ + struct sm_lock sml, *psml = NULL; + enum oplock_type onefs_oplock; + enum oplock_type onefs_granted_oplock = OPLOCK_NONE; + struct ifs_security_descriptor ifs_sd = {}, *pifs_sd = NULL; + int secinfo = 0; + int ret_fd = -1; + uint32_t onefs_dos_attributes; + + /* Setup security descriptor and get secinfo. */ + if (sd != NULL) { + NTSTATUS status; + + secinfo = (get_sec_info(sd) & IFS_SEC_INFO_KNOWN_MASK); + + status = onefs_setup_sd(secinfo, sd, &ifs_sd); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("SD initialization failure: %s", + nt_errstr(status))); + errno = EINVAL; + goto out; + } + + pifs_sd = &ifs_sd; + } + + onefs_oplock = samba_to_onefs_oplock(oplock_request); + + /* Temporary until oplock work is added to vfs_onefs */ + onefs_oplock = OPLOCK_NONE; + + /* Convert samba dos flags to UF_DOS_* attributes. */ + onefs_dos_attributes = dos_attributes_to_stat_dos_flags(dos_flags); + + DEBUG(10,("onefs_sys_create_file: base_fd = %d, " + "open_access_mask = 0x%x, flags = 0x%x, mode = 0x%x, " + "desired_oplock = %s, id = 0x%x, secinfo = 0x%x, sd = %p, " + "dos_attributes = 0x%x, path = %s\n", base_fd, + (unsigned int)open_access_mask, + (unsigned int)flags, + (unsigned int)mode, + onefs_oplock_str(onefs_oplock), + (unsigned int)id, + (unsigned int)secinfo, sd, + (unsigned int)onefs_dos_attributes, path)); + + /* Initialize smlock struct for files/dirs but not internal opens */ + if (!(oplock_request & INTERNAL_OPEN_ONLY)) { + smlock_init(conn, &sml, is_executable(path), access_mask, + share_access, create_options); + psml = &sml; + } + + smlock_dump(10, psml); + + ret_fd = ifs_createfile(base_fd, path, + (enum ifs_ace_rights)open_access_mask, flags & ~O_ACCMODE, mode, + onefs_oplock, id, psml, secinfo, pifs_sd, onefs_dos_attributes, + &onefs_granted_oplock); + + DEBUG(10,("onefs_sys_create_file(%s): ret_fd = %d, " + "onefs_granted_oplock = %s\n", + ret_fd < 0 ? strerror(errno) : "success", ret_fd, + onefs_oplock_str(onefs_granted_oplock))); + + if (granted_oplock) { + *granted_oplock = onefs_to_samba_oplock(onefs_granted_oplock); + } + + out: + aclu_free_sd(pifs_sd, false); + + return ret_fd; +} diff --git a/source3/modules/vfs_onefs.c b/source3/modules/vfs_onefs.c index 193a986cf6..b51858fbae 100644 --- a/source3/modules/vfs_onefs.c +++ b/source3/modules/vfs_onefs.c @@ -1,4 +1,5 @@ /* + * Unix SMB/CIFS implementation. * Support for OneFS * * Copyright (C) Tim Prouty, 2008 @@ -18,20 +19,32 @@ */ #include "includes.h" +#include "onefs.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_VFS -NTSTATUS onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info, SEC_DESC **ppdesc); - -NTSTATUS onefs_get_nt_acl(vfs_handle_struct *handle, const char* name, - uint32 security_info, SEC_DESC **ppdesc); +static int onefs_mkdir(vfs_handle_struct *handle, const char *path, + mode_t mode) +{ + DEBUG(0, ("SMB_VFS_MKDIR should never be called in vfs_onefs")); + return SMB_VFS_NEXT_MKDIR(handle, path, mode); +} -NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - uint32 security_info_sent, SEC_DESC *psd); +static int onefs_open(vfs_handle_struct *handle, const char *fname, + files_struct *fsp, int flags, mode_t mode) +{ + DEBUG(0, ("SMB_VFS_OPEN should never be called in vfs_onefs")); + return SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode); +} static vfs_op_tuple onefs_ops[] = { + {SMB_VFS_OP(onefs_mkdir), SMB_VFS_OP_MKDIR, + SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(onefs_open), SMB_VFS_OP_OPEN, + SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(onefs_create_file), SMB_VFS_OP_CREATE_FILE, + SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(onefs_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(onefs_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, -- cgit From 91bfd5f201f302156fac7f1bc7a685e6f3c22cf3 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Tue, 9 Dec 2008 23:31:15 +0100 Subject: s4-samr: Fix Bug #5946. userparameters handling in samr server. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Günther Deschner --- source4/rpc_server/samr/dcesrv_samr.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 680fb77659..df23e11a67 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -140,11 +140,13 @@ #define SET_PARAMETERS(msg, field, attr) do { \ struct ldb_message_element *set_el; \ - if (samdb_msg_add_parameters(sam_ctx, mem_ctx, msg, attr, &r->in.info->field) != 0) { \ - return NT_STATUS_NO_MEMORY; \ + if (r->in.info->field.length != 0) { \ + if (samdb_msg_add_parameters(sam_ctx, mem_ctx, msg, attr, &r->in.info->field) != 0) { \ + return NT_STATUS_NO_MEMORY; \ + } \ + set_el = ldb_msg_find_element(msg, attr); \ + set_el->flags = LDB_FLAG_MOD_REPLACE; \ } \ - set_el = ldb_msg_find_element(msg, attr); \ - set_el->flags = LDB_FLAG_MOD_REPLACE; \ } while (0) -- cgit From 6e4cc12604f6bcf53961326d497f118dfe5da139 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Tue, 9 Dec 2008 23:32:04 +0100 Subject: s4-samr: Fix Bug #5946. userparameters handling in torture test. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Günther Deschner --- source4/torture/rpc/samr.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index d29c864b92..2912628744 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -409,6 +409,12 @@ static bool test_SetUserInfo(struct dcerpc_pipe *p, struct torture_context *tctx SAMR_FIELD_PARAMETERS); TEST_USERINFO_BINARYSTRING(21, parameters, 20, parameters, "xx21-20 parameters", SAMR_FIELD_PARAMETERS); + /* also empty user parameters are allowed */ + TEST_USERINFO_BINARYSTRING(20, parameters, 21, parameters, "", 0); + TEST_USERINFO_BINARYSTRING(21, parameters, 21, parameters, "", + SAMR_FIELD_PARAMETERS); + TEST_USERINFO_BINARYSTRING(21, parameters, 20, parameters, "", + SAMR_FIELD_PARAMETERS); TEST_USERINFO_INT(2, country_code, 2, country_code, __LINE__, 0); TEST_USERINFO_INT(2, country_code, 21, country_code, __LINE__, 0); @@ -2674,7 +2680,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, struct policy_handle *handle, char **password) { - int i, s = 0, q = 0, f = 0, l = 0, z = 0; + int s = 0, q = 0, f = 0, l = 0, z = 0; bool ret = true; int delay = 500000; bool set_levels[] = { false, true }; -- cgit From a5651848b26719b7f9c06fbc996a369a5d97461d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sun, 7 Dec 2008 10:30:01 -0800 Subject: s3: [1/3] Fix a delete on close divergence from windows and the associated torture test smbtorture4's BASE-DELETE:deltest17 was failing against win2k8, win2k3, and winXPsp2 but passing against samba. deltest17 does the following: 1. open file -> file is created 2. closes file 3. open file with DOC -> fnum1 4. check that DOC is not reported as being set from fnum1 5. opens file again Read Only -> fnum2 6. check that DOC is not reported as being set from either file handle 7. close fnum1 (the file handle that requested DOC to be set) 8. check if DOC is reported as being set from fnum2 * This is where windows and samba begin to diverge. Windows reports that the DOC bit is set, while samba reports that it is not set. 9. close fnum2 (the last remaining open handle for the file) 10.See if the file has been deleted. * On samba the file still exists. On windows the file was deleted. The way open_file_ntcreate is written now, if an open has the DOC bit set on the wire, DOC (fsp->initial_delete_on_close) is not set unless: a. the open creates the file, or b. there is an open file handle with a share_entry in the struct lck that has the SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE bit set (let's call it SM_AIDOC). My understanding of SM_AIDOC is that it was added to differentiate between DOC being set on an open that creates a file vs an open that opens an existing. As described in step 8/10 above, it appears that windows does not make this differentiation. To resolve this issue there are three patches. This first patch is a simple proof of concept change that is sufficient to fix the bug. It removes the differentiation in open_file_ntcreate, and updates deltest17 to allow it to pass against win2k3/xp. This makes open_file_ntcreate more closely match the semantics in open_directory and rename_internals_fsp. This change also does not break any other tests in BASE-DELETE or "make test". Specifically test deltest20b which verifies the CIFSFS rename DOC semantics still passes :). --- source3/smbd/open.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 078b47a1a7..8882e5438b 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1984,10 +1984,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, fsp->oplock_type, new_file_created); /* Handle strange delete on close create semantics. */ - if ((create_options & FILE_DELETE_ON_CLOSE) - && (((conn->fs_capabilities & FILE_NAMED_STREAMS) - && is_ntfs_stream_name(fname)) - || can_set_initial_delete_on_close(lck))) { + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, new_dos_attributes); if (!NT_STATUS_IS_OK(status)) { -- cgit From 4a9b092eb43603bae6190b8a5fdee20c9ebae26c Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sun, 7 Dec 2008 10:34:37 -0800 Subject: s4: [2/3] Fix a delete on close divergence from windows and the associated torture test This second patch fixes the deltest17 BASE-DELETE torture test to pass against win2k3/win2k8/winXPsp2 --- source4/torture/basic/delete.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/source4/torture/basic/delete.c b/source4/torture/basic/delete.c index b71c85aeb8..c1ac62f1b1 100644 --- a/source4/torture/basic/delete.c +++ b/source4/torture/basic/delete.c @@ -950,15 +950,18 @@ static bool deltest17(struct torture_context *tctx, struct smbcli_state *cli1, s smbcli_close(cli1->tree, fnum1); - correct &= check_delete_on_close(tctx, cli1, fnum2, fname, false, __location__); + /* After the first close, the files has the delete on close bit set. */ + correct &= check_delete_on_close(tctx, cli1, fnum2, fname, true, __location__); smbcli_close(cli1->tree, fnum2); - /* See if the file is deleted - shouldn't be.... */ + /* Make sure the file has been deleted */ fnum1 = smbcli_open(cli1->tree, fname, O_RDWR, DENY_NONE); - torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx, "open of %s failed (should succeed) - %s", + torture_assert(tctx, fnum1 == -1, talloc_asprintf(tctx, "open of %s failed (should succeed) - %s", fname, smbcli_errstr(cli1->tree))); + CHECK_STATUS(cli1, NT_STATUS_OBJECT_NAME_NOT_FOUND); + return correct; } @@ -994,7 +997,12 @@ static bool deltest18(struct torture_context *tctx, struct smbcli_state *cli1, s torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx, "open - 1 of %s failed (%s)", dname, smbcli_errstr(cli1->tree))); - /* The delete on close bit is *not* reported as being set. */ + /* + * The delete on close bit is *not* reported as being set. + * Win2k3/win2k8 should pass this check, but WinXPsp2 reports delete on + * close as being set. This causes the subsequent create to fail with + * NT_STATUS_DELETE_PENDING. + */ correct &= check_delete_on_close(tctx, cli1, fnum1, dname, false, __location__); /* Now try opening again for read-only. */ @@ -1082,7 +1090,12 @@ static bool deltest19(struct torture_context *tctx, struct smbcli_state *cli1, s torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx, "open - 1 of %s failed (%s)", fname, smbcli_errstr(cli1->tree))); - /* The delete on close bit is *not* reported as being set. */ + /* + * The delete on close bit is *not* reported as being set. + * Win2k3/win2k8 should pass this check, but WinXPsp2 reports delete on + * close as being set. This causes the subsequent create to fail with + * NT_STATUS_DELETE_PENDING. + */ correct &= check_delete_on_close(tctx, cli1, fnum1, dname, false, __location__); /* Now try opening again for read-only. */ -- cgit From 7b9f6dda131f471ae61c12e7eb06d67b8f02b1cf Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Sat, 6 Dec 2008 16:08:35 -0800 Subject: s3: [3/3]: Fix a delete on close divergence from windows and the associated torture test This third patch cleans up by removing all of the code that is made obsolete by the first patch. It should cause no functional changes. --- source3/include/proto.h | 4 +--- source3/include/smb.h | 1 - source3/locking/locking.c | 46 +------------------------------------------- source3/modules/onefs_open.c | 5 ++--- source3/smbd/open.c | 5 ++--- source3/smbd/reply.c | 2 -- 6 files changed, 6 insertions(+), 57 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index d0ad361701..2ba01b30ed 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3455,7 +3455,7 @@ bool is_valid_share_mode_entry(const struct share_mode_entry *e); bool is_deferred_open_entry(const struct share_mode_entry *e); bool is_unused_share_mode_entry(const struct share_mode_entry *e); void set_share_mode(struct share_mode_lock *lck, files_struct *fsp, - uid_t uid, uint16 mid, uint16 op_type, bool initial_delete_on_close_allowed); + uid_t uid, uint16 mid, uint16 op_type); void add_deferred_open(struct share_mode_lock *lck, uint16 mid, struct timeval request_time, struct file_id id); @@ -3465,11 +3465,9 @@ bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp); bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp); NTSTATUS can_set_delete_on_close(files_struct *fsp, bool delete_on_close, uint32 dosmode); -bool can_set_initial_delete_on_close(const struct share_mode_lock *lck); void set_delete_on_close_token(struct share_mode_lock *lck, UNIX_USER_TOKEN *tok); void set_delete_on_close_lck(struct share_mode_lock *lck, bool delete_on_close, UNIX_USER_TOKEN *tok); bool set_delete_on_close(files_struct *fsp, bool delete_on_close, UNIX_USER_TOKEN *tok); -bool set_allow_initial_delete_on_close(struct share_mode_lock *lck, files_struct *fsp, bool delete_on_close); bool set_sticky_write_time(struct file_id fileid, struct timespec write_time); bool set_write_time(struct file_id fileid, struct timespec write_time); int share_mode_forall(void (*fn)(const struct share_mode_entry *, const char *, diff --git a/source3/include/smb.h b/source3/include/smb.h index 39673e1ff7..112b4e0f91 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -710,7 +710,6 @@ struct pending_message_list { }; #define SHARE_MODE_FLAG_POSIX_OPEN 0x1 -#define SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE 0x2 /* struct returned by get_share_modes */ struct share_mode_entry { diff --git a/source3/locking/locking.c b/source3/locking/locking.c index 33717f1bb9..a70f9d20fe 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -1067,13 +1067,10 @@ static void add_share_mode_entry(struct share_mode_lock *lck, } void set_share_mode(struct share_mode_lock *lck, files_struct *fsp, - uid_t uid, uint16 mid, uint16 op_type, bool initial_delete_on_close_allowed) + uid_t uid, uint16 mid, uint16 op_type) { struct share_mode_entry entry; fill_share_mode_entry(&entry, fsp, uid, mid, op_type); - if (initial_delete_on_close_allowed) { - entry.flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } add_share_mode_entry(lck, &entry); } @@ -1271,22 +1268,6 @@ NTSTATUS can_set_delete_on_close(files_struct *fsp, bool delete_on_close, return NT_STATUS_OK; } -/**************************************************************************** - Do we have an open file handle that created this entry ? -****************************************************************************/ - -bool can_set_initial_delete_on_close(const struct share_mode_lock *lck) -{ - int i; - - for (i=0; inum_share_modes; i++) { - if (lck->share_modes[i].flags & SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE) { - return True; - } - } - return False; -} - /************************************************************************* Return a talloced copy of a UNIX_USER_TOKEN. NULL on fail. (Should this be in locking.c.... ?). @@ -1380,31 +1361,6 @@ bool set_delete_on_close(files_struct *fsp, bool delete_on_close, UNIX_USER_TOKE return True; } -/**************************************************************************** - Sets the allow initial delete on close flag for this share mode. -****************************************************************************/ - -bool set_allow_initial_delete_on_close(struct share_mode_lock *lck, files_struct *fsp, bool delete_on_close) -{ - struct share_mode_entry entry, *e; - - /* Don't care about the pid owner being correct here - just a search. */ - fill_share_mode_entry(&entry, fsp, (uid_t)-1, 0, NO_OPLOCK); - - e = find_share_mode_entry(lck, &entry); - if (e == NULL) { - return False; - } - - if (delete_on_close) { - e->flags |= SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } else { - e->flags &= ~SHARE_MODE_ALLOW_INITIAL_DELETE_ON_CLOSE; - } - lck->modified = True; - return True; -} - bool set_sticky_write_time(struct file_id fileid, struct timespec write_time) { struct share_mode_lock *lck; diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index bda5e7e91a..d0310d0174 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -1182,7 +1182,7 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type, true); + fsp->oplock_type); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { @@ -1521,8 +1521,7 @@ static NTSTATUS onefs_open_directory(connection_struct *conn, return NT_STATUS_DELETE_PENDING; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, - true); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); /* * For directories the delete on close bit at open time seems diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 8882e5438b..77ad1664ef 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1981,7 +1981,7 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, } set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, - fsp->oplock_type, new_file_created); + fsp->oplock_type); /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { @@ -2419,8 +2419,7 @@ static NTSTATUS open_directory(connection_struct *conn, return status; } - set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK, - True); + set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK); /* For directories the delete on close bit at open time seems always to be honored on close... See test 19 in Samba4 BASE-DELETE. */ diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00c744ce1a..9f7a1896b8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5583,8 +5583,6 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, * depends on these semantics. JRA. */ - set_allow_initial_delete_on_close(lck, fsp, True); - if (create_options & FILE_DELETE_ON_CLOSE) { status = can_set_delete_on_close(fsp, True, 0); -- cgit From cbe6e2a77602a802ad1f8b1ffd9f38c3119f3000 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 10 Dec 2008 17:54:06 +1100 Subject: Add AD schema from Microsoft's WSPP documentation. This schema is *NOT* licenced under a standard Free Software licence, but does provide us the freedoms we need to use the schema, and the requirement to distribute as 'part of an implemenation' is similar to common Free font licences that are accepted by major linux distributions. Andrew Bartlett --- .../MS-AD_Schema_Attributes_v20080618.txt | 15652 +++++++++++++++++++ .../ad-schema/MS-AD_Schema_Classes_v20080618.txt | 3418 ++++ source4/setup/ad-schema/licence.txt | 54 + 3 files changed, 19124 insertions(+) create mode 100644 source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt create mode 100644 source4/setup/ad-schema/MS-AD_Schema_Classes_v20080618.txt create mode 100644 source4/setup/ad-schema/licence.txt diff --git a/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt new file mode 100644 index 0000000000..324a5bf3f9 --- /dev/null +++ b/source4/setup/ad-schema/MS-AD_Schema_Attributes_v20080618.txt @@ -0,0 +1,15652 @@ +# © 2008 Microsoft Corporation. All rights reserved +# +# Intellectual Property Rights Notice for Protocol Documentation +# +# Copyrights. +# This protocol documentation is covered by Microsoft +# copyrights. Regardless of any other terms that are contained in the +# terms of use for the Microsoft website that hosts this documentation, +# you may make copies of it in order to develop implementations of the +# protocols, and may distribute portions of it in your implementations +# of the protocols or your documentation as necessary to properly +# document the implementation. You may also distribute in your +# implementation, with or without modification, any schema, IDL's, or +# code samples that are included in the documentation. This permission +# also applies to any documents that are referenced in the protocol +# documentation. +# +# No Trade Secrets. +# Microsoft does not claim any trade secret rights in this documentation. +# +# Patents. +# Microsoft has patents that may cover your implementations of the +# protocols. Neither this notice nor Microsoft's delivery of the +# documentation grants any licenses under those or any other Microsoft +# patents. However, the protocols may be covered by MicrosoftÂ’s Open +# Specification Promise (available here: +# http://www.microsoft.com/interop/osp). If you would prefer a written +# license, or if the protocols are not covered by the OSP, patent +# licenses are available by contacting protocol@microsoft.com. +# +# Trademarks. +# The names of companies and products contained in this documentation +# may be covered by trademarks or similar intellectual property +# rights. This notice does not grant any licenses under those +# rights.Reservation of Rights. All other rights are reserved, and this +# notice does not grant any rights other than specifically described +# above, whether by implication, estoppel, or otherwise. +# +# Tools. +# This protocol documentation is intended for use in conjunction with +# publicly available standard specifications and network programming +# art, and assumes that the reader either is familiar with the +# aforementioned material or has immediate access to it. A protocol +# specification does not require the use of Microsoft programming tools +# or programming environments in order for you to develop an +# implementation. If you have access to Microsoft programming tools and +# environments you are free to take advantage of them. + +cn: Account-Expires +ldapDisplayName: accountExpires +attributeId: 1.2.840.113556.1.4.159 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967915-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Enable-ACS-Service +ldapDisplayName: aCSEnableACSService +attributeId: 1.2.840.113556.1.4.770 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7f561287-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Catalogs +ldapDisplayName: catalogs +attributeId: 1.2.840.113556.1.4.675 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb81-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Categories +ldapDisplayName: categories +attributeId: 1.2.840.113556.1.4.672 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7e-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Category-Id +ldapDisplayName: categoryId +attributeId: 1.2.840.113556.1.4.322 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e94-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Usages +ldapDisplayName: cAUsages +attributeId: 1.2.840.113556.1.4.690 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d2738-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-WEB-URL +ldapDisplayName: cAWEBURL +attributeId: 1.2.840.113556.1.4.688 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2736-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Authority-Object +ldapDisplayName: certificateAuthorityObject +attributeId: 1.2.840.113556.1.4.684 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2732-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Revocation-List +ldapDisplayName: certificateRevocationList +attributeId: 2.5.4.39 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1677579f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 32790 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Templates +ldapDisplayName: certificateTemplates +attributeId: 1.2.840.113556.1.4.823 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2a39c5b1-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Display-Name +ldapDisplayName: classDisplayName +attributeId: 1.2.840.113556.1.4.610 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 548e1c22-dea6-11d0-b010-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Common-Name +ldapDisplayName: cn +attributeId: 2.5.4.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96793f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14863 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Enable-RSVP-Accounting +ldapDisplayName: aCSEnableRSVPAccounting +attributeId: 1.2.840.113556.1.4.899 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f072230e-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Text-Country +ldapDisplayName: co +attributeId: 1.2.840.113556.1.2.131 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa7-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14886 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Code-Page +ldapDisplayName: codePage +attributeId: 1.2.840.113556.1.4.16 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967938-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: COM-ClassID +ldapDisplayName: cOMClassID +attributeId: 1.2.840.113556.1.4.19 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-CLSID +ldapDisplayName: cOMCLSID +attributeId: 1.2.840.113556.1.4.249 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416d9-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-InterfaceID +ldapDisplayName: cOMInterfaceID +attributeId: 1.2.840.113556.1.4.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User-Comment +ldapDisplayName: comment +attributeId: 1.2.840.113556.1.4.156 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a6a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: COM-Other-Prog-Id +ldapDisplayName: cOMOtherProgId +attributeId: 1.2.840.113556.1.4.253 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416dd-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Company +ldapDisplayName: company +attributeId: 1.2.840.113556.1.2.146 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff88-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14870 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-ProgID +ldapDisplayName: cOMProgID +attributeId: 1.2.840.113556.1.4.21 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Treat-As-Class-Id +ldapDisplayName: cOMTreatAsClassId +attributeId: 1.2.840.113556.1.4.251 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416db-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Enable-RSVP-Message-Logging +ldapDisplayName: aCSEnableRSVPMessageLogging +attributeId: 1.2.840.113556.1.4.768 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7f561285-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Typelib-Id +ldapDisplayName: cOMTypelibId +attributeId: 1.2.840.113556.1.4.254 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416de-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Unique-LIBID +ldapDisplayName: cOMUniqueLIBID +attributeId: 1.2.840.113556.1.4.250 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416da-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Content-Indexing-Allowed +ldapDisplayName: contentIndexingAllowed +attributeId: 1.2.840.113556.1.4.24 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967943-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Context-Menu +ldapDisplayName: contextMenu +attributeId: 1.2.840.113556.1.4.499 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4d8601ee-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Control-Access-Rights +ldapDisplayName: controlAccessRights +attributeId: 1.2.840.113556.1.4.200 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 6da8a4fc-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cost +ldapDisplayName: cost +attributeId: 1.2.840.113556.1.2.135 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967944-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32872 +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Country-Code +ldapDisplayName: countryCode +attributeId: 1.2.840.113556.1.4.25 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5fd42471-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Create-Dialog +ldapDisplayName: createDialog +attributeId: 1.2.840.113556.1.4.810 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2b09958a-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Create-Time-Stamp +ldapDisplayName: createTimeStamp +attributeId: 2.5.18.1 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 2df90d73-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Create-Wizard-Ext +ldapDisplayName: createWizardExt +attributeId: 1.2.840.113556.1.4.812 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2b09958b-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Event-Log-Level +ldapDisplayName: aCSEventLogLevel +attributeId: 1.2.840.113556.1.4.769 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561286-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Creation-Time +ldapDisplayName: creationTime +attributeId: 1.2.840.113556.1.4.26 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967946-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Creation-Wizard +ldapDisplayName: creationWizard +attributeId: 1.2.840.113556.1.4.498 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4d8601ed-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Creator +ldapDisplayName: creator +attributeId: 1.2.840.113556.1.4.679 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb85-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Object +ldapDisplayName: cRLObject +attributeId: 1.2.840.113556.1.4.689 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2737-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Partitioned-Revocation-List +ldapDisplayName: cRLPartitionedRevocationList +attributeId: 1.2.840.113556.1.4.683 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2731-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Certificate-Pair +ldapDisplayName: crossCertificatePair +attributeId: 2.5.4.40 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 167757b2-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +mapiID: 32805 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Location +ldapDisplayName: currentLocation +attributeId: 1.2.840.113556.1.4.335 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fc-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 32 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Parent-CA +ldapDisplayName: currentParentCA +attributeId: 1.2.840.113556.1.4.696 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273f-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Value +ldapDisplayName: currentValue +attributeId: 1.2.840.113556.1.4.27 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967947-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Curr-Machine-Id +ldapDisplayName: currMachineId +attributeId: 1.2.840.113556.1.4.337 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fe-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Identity-Name +ldapDisplayName: aCSIdentityName +attributeId: 1.2.840.113556.1.4.784 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: dab029b6-ddf7-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DBCS-Pwd +ldapDisplayName: dBCSPwd +attributeId: 1.2.840.113556.1.4.55 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf96799c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-Component +ldapDisplayName: dc +attributeId: 0.9.2342.19200300.100.1.25 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 19195a55-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Class-Store +ldapDisplayName: defaultClassStore +attributeId: 1.2.840.113556.1.4.213 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967948-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Group +ldapDisplayName: defaultGroup +attributeId: 1.2.840.113556.1.4.480 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 720bc4e2-a54a-11d0-afdf-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Hiding-Value +ldapDisplayName: defaultHidingValue +attributeId: 1.2.840.113556.1.4.518 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: b7b13116-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Local-Policy-Object +ldapDisplayName: defaultLocalPolicyObject +attributeId: 1.2.840.113556.1.4.57 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf96799f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Object-Category +ldapDisplayName: defaultObjectCategory +attributeId: 1.2.840.113556.1.4.783 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97367-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Priority +ldapDisplayName: defaultPriority +attributeId: 1.2.840.113556.1.4.232 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c8-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Security-Descriptor +ldapDisplayName: defaultSecurityDescriptor +attributeId: 1.2.840.113556.1.4.224 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 807a6d30-1669-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Delta-Revocation-List +ldapDisplayName: deltaRevocationList +attributeId: 2.5.4.53 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 167757b5-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 35910 + +cn: ACS-Max-Aggregate-Peak-Rate-Per-User +ldapDisplayName: aCSMaxAggregatePeakRatePerUser +attributeId: 1.2.840.113556.1.4.897 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f072230c-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Department +ldapDisplayName: department +attributeId: 1.2.840.113556.1.2.141 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96794f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14872 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: departmentNumber +ldapDisplayName: departmentNumber +attributeId: 2.16.840.1.113730.3.1.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: be9ef6ee-cbc7-4f22-b27b-96967e7ee585 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: Description +ldapDisplayName: description +attributeId: 2.5.4.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967950-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32879 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Desktop-Profile +ldapDisplayName: desktopProfile +attributeId: 1.2.840.113556.1.4.346 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: eea65906-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Destination-Indicator +ldapDisplayName: destinationIndicator +attributeId: 2.5.4.27 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: bf967951-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 32880 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Classes +ldapDisplayName: dhcpClasses +attributeId: 1.2.840.113556.1.4.715 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d2750-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Flags +ldapDisplayName: dhcpFlags +attributeId: 1.2.840.113556.1.4.700 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2741-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Identification +ldapDisplayName: dhcpIdentification +attributeId: 1.2.840.113556.1.4.701 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2742-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Mask +ldapDisplayName: dhcpMask +attributeId: 1.2.840.113556.1.4.706 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2747-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-MaxKey +ldapDisplayName: dhcpMaxKey +attributeId: 1.2.840.113556.1.4.719 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2754-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Duration-Per-Flow +ldapDisplayName: aCSMaxDurationPerFlow +attributeId: 1.2.840.113556.1.4.761 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127e-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Obj-Description +ldapDisplayName: dhcpObjDescription +attributeId: 1.2.840.113556.1.4.703 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2744-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Obj-Name +ldapDisplayName: dhcpObjName +attributeId: 1.2.840.113556.1.4.702 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2743-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Options +ldapDisplayName: dhcpOptions +attributeId: 1.2.840.113556.1.4.714 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d274f-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Properties +ldapDisplayName: dhcpProperties +attributeId: 1.2.840.113556.1.4.718 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d2753-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Ranges +ldapDisplayName: dhcpRanges +attributeId: 1.2.840.113556.1.4.707 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2748-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Reservations +ldapDisplayName: dhcpReservations +attributeId: 1.2.840.113556.1.4.709 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274a-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Servers +ldapDisplayName: dhcpServers +attributeId: 1.2.840.113556.1.4.704 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2745-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +extendedCharsAllowed: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Sites +ldapDisplayName: dhcpSites +attributeId: 1.2.840.113556.1.4.708 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2749-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-State +ldapDisplayName: dhcpState +attributeId: 1.2.840.113556.1.4.717 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2752-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Subnets +ldapDisplayName: dhcpSubnets +attributeId: 1.2.840.113556.1.4.705 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2746-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Maximum-SDU-Size +ldapDisplayName: aCSMaximumSDUSize +attributeId: 1.2.840.113556.1.4.1314 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 87a2d8f9-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Type +ldapDisplayName: dhcpType +attributeId: 1.2.840.113556.1.4.699 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 963d273b-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Unique-Key +ldapDisplayName: dhcpUniqueKey +attributeId: 1.2.840.113556.1.4.698 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d273a-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Update-Time +ldapDisplayName: dhcpUpdateTime +attributeId: 1.2.840.113556.1.4.720 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2755-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Reports +ldapDisplayName: directReports +attributeId: 1.2.840.113556.1.2.436 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a1c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +linkID: 43 +mapiID: 32782 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Display-Name +ldapDisplayName: displayName +attributeId: 1.2.840.113556.1.2.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967953-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Display-Name-Printable +ldapDisplayName: displayNamePrintable +attributeId: 1.2.840.113556.1.2.353 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: TRUE +schemaIdGuid: bf967954-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14847 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Obj-Dist-Name +ldapDisplayName: distinguishedName +attributeId: 2.5.4.49 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679e4-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32828 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DIT-Content-Rules +ldapDisplayName: dITContentRules +attributeId: 2.5.21.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad946-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Division +ldapDisplayName: division +attributeId: 1.2.840.113556.1.4.261 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: fe6136a0-2073-11d0-a9c2-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DMD-Location +ldapDisplayName: dMDLocation +attributeId: 1.2.840.113556.1.2.36 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: f0f8ff8b-1191-11d0-a060-00aa006c33ed +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Max-No-Of-Account-Files +ldapDisplayName: aCSMaxNoOfAccountFiles +attributeId: 1.2.840.113556.1.4.901 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0722310-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DMD-Name +ldapDisplayName: dmdName +attributeId: 1.2.840.113556.1.2.598 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 167757b9-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35926 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DN-Reference-Update +ldapDisplayName: dNReferenceUpdate +attributeId: 1.2.840.113556.1.4.1242 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2df90d86-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Allow-Dynamic +ldapDisplayName: dnsAllowDynamic +attributeId: 1.2.840.113556.1.4.378 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e0fa1e65-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Allow-XFR +ldapDisplayName: dnsAllowXFR +attributeId: 1.2.840.113556.1.4.379 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e0fa1e66-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Host-Name +ldapDisplayName: dNSHostName +attributeId: 1.2.840.113556.1.4.619 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +attributeSecurityGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Notify-Secondaries +ldapDisplayName: dnsNotifySecondaries +attributeId: 1.2.840.113556.1.4.381 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: e0fa1e68-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Property +ldapDisplayName: dNSProperty +attributeId: 1.2.840.113556.1.4.1306 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 675a15fe-3b70-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Record +ldapDisplayName: dnsRecord +attributeId: 1.2.840.113556.1.4.382 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e0fa1e69-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Root +ldapDisplayName: dnsRoot +attributeId: 1.2.840.113556.1.4.28 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967959-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Secure-Secondaries +ldapDisplayName: dnsSecureSecondaries +attributeId: 1.2.840.113556.1.4.380 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: e0fa1e67-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-No-Of-Log-Files +ldapDisplayName: aCSMaxNoOfLogFiles +attributeId: 1.2.840.113556.1.4.774 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559c-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Tombstoned +ldapDisplayName: dNSTombstoned +attributeId: 1.2.840.113556.1.4.1414 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: d5eb2eb7-be4e-463b-a214-634a44d7392e +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: documentAuthor +ldapDisplayName: documentAuthor +attributeId: 0.9.2342.19200300.100.1.14 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f18a8e19-af5f-4478-b096-6f35c27eb83f +systemOnly: FALSE +searchFlags: 0 + +cn: documentIdentifier +ldapDisplayName: documentIdentifier +attributeId: 0.9.2342.19200300.100.1.11 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0b21ce82-ff63-46d9-90fb-c8b9f24e97b9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentLocation +ldapDisplayName: documentLocation +attributeId: 0.9.2342.19200300.100.1.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b958b14e-ac6d-4ec4-8892-be70b69f7281 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentPublisher +ldapDisplayName: documentPublisher +attributeId: 0.9.2342.19200300.100.1.56 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 170f09d7-eb69-448a-9a30-f1afecfd32d7 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentTitle +ldapDisplayName: documentTitle +attributeId: 0.9.2342.19200300.100.1.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: de265a9c-ff2c-47b9-91dc-6e6fe2c43062 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentVersion +ldapDisplayName: documentVersion +attributeId: 0.9.2342.19200300.100.1.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 94b3a8a9-d613-4cec-9aad-5fbcc1046b43 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Domain-Certificate-Authorities +ldapDisplayName: domainCAs +attributeId: 1.2.840.113556.1.4.668 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7a-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Cross-Ref +ldapDisplayName: domainCrossRef +attributeId: 1.2.840.113556.1.4.472 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b000ea7b-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-ID +ldapDisplayName: domainID +attributeId: 1.2.840.113556.1.4.686 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2734-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Account-Name-History +ldapDisplayName: accountNameHistory +attributeId: 1.2.840.113556.1.4.1307 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 031952ec-3b72-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Peak-Bandwidth +ldapDisplayName: aCSMaxPeakBandwidth +attributeId: 1.2.840.113556.1.4.767 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561284-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Identifier +ldapDisplayName: domainIdentifier +attributeId: 1.2.840.113556.1.4.755 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561278-5301-11d1-a9c5-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy-Object +ldapDisplayName: domainPolicyObject +attributeId: 1.2.840.113556.1.4.32 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf96795d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy-Reference +ldapDisplayName: domainPolicyReference +attributeId: 1.2.840.113556.1.4.422 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 80a67e2a-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fe-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Replica +ldapDisplayName: domainReplica +attributeId: 1.2.840.113556.1.4.158 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96795e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-Wide-Policy +ldapDisplayName: domainWidePolicy +attributeId: 1.2.840.113556.1.4.421 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 80a67e29-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: drink +ldapDisplayName: drink +attributeId: 0.9.2342.19200300.100.1.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 1a1aa5b5-262e-4df6-af04-2cf6b0d80048 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Driver-Name +ldapDisplayName: driverName +attributeId: 1.2.840.113556.1.4.229 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416c5-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Driver-Version +ldapDisplayName: driverVersion +attributeId: 1.2.840.113556.1.4.276 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f6e-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DSA-Signature +ldapDisplayName: dSASignature +attributeId: 1.2.840.113556.1.2.74 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 167757bc-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32887 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DS-Core-Propagation-Data +ldapDisplayName: dSCorePropagationData +attributeId: 1.2.840.113556.1.4.1357 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: FALSE +schemaIdGuid: d167aa4b-8b08-11d2-9939-0000f87a57d4 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Max-Peak-Bandwidth-Per-Flow +ldapDisplayName: aCSMaxPeakBandwidthPerFlow +attributeId: 1.2.840.113556.1.4.759 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127c-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-Heuristics +ldapDisplayName: dSHeuristics +attributeId: 1.2.840.113556.1.2.212 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff86-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DS-UI-Admin-Maximum +ldapDisplayName: dSUIAdminMaximum +attributeId: 1.2.840.113556.1.4.1344 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ee8d0ae0-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Admin-Notification +ldapDisplayName: dSUIAdminNotification +attributeId: 1.2.840.113556.1.4.1343 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f6ea0a94-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Shell-Maximum +ldapDisplayName: dSUIShellMaximum +attributeId: 1.2.840.113556.1.4.1345 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fcca766a-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dynamic-LDAP-Server +ldapDisplayName: dynamicLDAPServer +attributeId: 1.2.840.113556.1.4.537 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 52458021-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: EFSPolicy +ldapDisplayName: eFSPolicy +attributeId: 1.2.840.113556.1.4.268 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 8e4eb2ec-4712-11d0-a1a0-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Employee-ID +ldapDisplayName: employeeID +attributeId: 1.2.840.113556.1.4.35 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967962-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Employee-Number +ldapDisplayName: employeeNumber +attributeId: 1.2.840.113556.1.2.610 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df73ef-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 512 +mapiID: 35943 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Employee-Type +ldapDisplayName: employeeType +attributeId: 1.2.840.113556.1.2.613 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df73f0-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 256 +mapiID: 35945 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Enabled +ldapDisplayName: Enabled +attributeId: 1.2.840.113556.1.2.557 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: a8df73f2-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +mapiID: 35873 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Max-Size-Of-RSVP-Account-File +ldapDisplayName: aCSMaxSizeOfRSVPAccountFile +attributeId: 1.2.840.113556.1.4.902 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0722311-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Enabled-Connection +ldapDisplayName: enabledConnection +attributeId: 1.2.840.113556.1.4.36 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967963-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Enrollment-Providers +ldapDisplayName: enrollmentProviders +attributeId: 1.2.840.113556.1.4.825 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b3-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Entry-TTL +ldapDisplayName: entryTTL +attributeId: 1.3.6.1.4.1.1466.101.119.3 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d213decc-d81a-4384-aac2-dcfcfd631cf8 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 31557600 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED + +cn: Extended-Attribute-Info +ldapDisplayName: extendedAttributeInfo +attributeId: 1.2.840.113556.1.4.909 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad947-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Extended-Chars-Allowed +ldapDisplayName: extendedCharsAllowed +attributeId: 1.2.840.113556.1.2.380 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967966-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32935 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemOnly: TRUE + +cn: Extended-Class-Info +ldapDisplayName: extendedClassInfo +attributeId: 1.2.840.113556.1.4.908 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad948-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Extension-Name +ldapDisplayName: extensionName +attributeId: 1.2.840.113556.1.2.227 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967972-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +mapiID: 32937 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Extra-Columns +ldapDisplayName: extraColumns +attributeId: 1.2.840.113556.1.4.1687 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d24e2846-1dd9-4bcf-99d7-a6227cc86da7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Facsimile-Telephone-Number +ldapDisplayName: facsimileTelephoneNumber +attributeId: 2.5.4.23 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967974-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14883 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Ext-Priority +ldapDisplayName: fileExtPriority +attributeId: 1.2.840.113556.1.4.816 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18315-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Size-Of-RSVP-Log-File +ldapDisplayName: aCSMaxSizeOfRSVPLogFile +attributeId: 1.2.840.113556.1.4.775 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559d-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Flags +ldapDisplayName: flags +attributeId: 1.2.840.113556.1.4.38 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967976-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Flat-Name +ldapDisplayName: flatName +attributeId: 1.2.840.113556.1.4.511 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b13117-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Force-Logoff +ldapDisplayName: forceLogoff +attributeId: 1.2.840.113556.1.4.39 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967977-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Foreign-Identifier +ldapDisplayName: foreignIdentifier +attributeId: 1.2.840.113556.1.4.356 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e97891e-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Friendly-Names +ldapDisplayName: friendlyNames +attributeId: 1.2.840.113556.1.4.682 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb88-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: From-Entry +ldapDisplayName: fromEntry +attributeId: 1.2.840.113556.1.4.910 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: FALSE +schemaIdGuid: 9a7ad949-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: From-Server +ldapDisplayName: fromServer +attributeId: 1.2.840.113556.1.4.40 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf967979-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Frs-Computer-Reference +ldapDisplayName: frsComputerReference +attributeId: 1.2.840.113556.1.4.869 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a132578-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 102 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: Frs-Computer-Reference-BL +ldapDisplayName: frsComputerReferenceBL +attributeId: 1.2.840.113556.1.4.870 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a132579-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 103 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: FRS-Control-Data-Creation +ldapDisplayName: fRSControlDataCreation +attributeId: 1.2.840.113556.1.4.871 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257a-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Token-Bucket-Per-Flow +ldapDisplayName: aCSMaxTokenBucketPerFlow +attributeId: 1.2.840.113556.1.4.1313 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 81f6e0df-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Control-Inbound-Backlog +ldapDisplayName: fRSControlInboundBacklog +attributeId: 1.2.840.113556.1.4.872 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257b-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Control-Outbound-Backlog +ldapDisplayName: fRSControlOutboundBacklog +attributeId: 1.2.840.113556.1.4.873 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257c-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Directory-Filter +ldapDisplayName: fRSDirectoryFilter +attributeId: 1.2.840.113556.1.4.484 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f171-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-DS-Poll +ldapDisplayName: fRSDSPoll +attributeId: 1.2.840.113556.1.4.490 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1be8f177-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Extensions +ldapDisplayName: fRSExtensions +attributeId: 1.2.840.113556.1.4.536 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 52458020-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Fault-Condition +ldapDisplayName: fRSFaultCondition +attributeId: 1.2.840.113556.1.4.491 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f178-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-File-Filter +ldapDisplayName: fRSFileFilter +attributeId: 1.2.840.113556.1.4.483 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f170-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Flags +ldapDisplayName: fRSFlags +attributeId: 1.2.840.113556.1.4.874 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2a13257d-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Level-Limit +ldapDisplayName: fRSLevelLimit +attributeId: 1.2.840.113556.1.4.534 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5245801e-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Member-Reference +ldapDisplayName: fRSMemberReference +attributeId: 1.2.840.113556.1.4.875 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a13257e-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 104 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: ACS-Max-Token-Rate-Per-Flow +ldapDisplayName: aCSMaxTokenRatePerFlow +attributeId: 1.2.840.113556.1.4.758 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127b-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Member-Reference-BL +ldapDisplayName: fRSMemberReferenceBL +attributeId: 1.2.840.113556.1.4.876 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a13257f-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 105 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: FRS-Partner-Auth-Level +ldapDisplayName: fRSPartnerAuthLevel +attributeId: 1.2.840.113556.1.4.877 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2a132580-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Primary-Member +ldapDisplayName: fRSPrimaryMember +attributeId: 1.2.840.113556.1.4.878 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a132581-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 106 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Replica-Set-GUID +ldapDisplayName: fRSReplicaSetGUID +attributeId: 1.2.840.113556.1.4.533 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5245801a-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Replica-Set-Type +ldapDisplayName: fRSReplicaSetType +attributeId: 1.2.840.113556.1.4.31 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 26d9736b-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Root-Path +ldapDisplayName: fRSRootPath +attributeId: 1.2.840.113556.1.4.487 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f174-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Root-Security +ldapDisplayName: fRSRootSecurity +attributeId: 1.2.840.113556.1.4.535 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: 5245801f-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Service-Command +ldapDisplayName: fRSServiceCommand +attributeId: 1.2.840.113556.1.4.500 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ddac0cee-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Service-Command-Status +ldapDisplayName: fRSServiceCommandStatus +attributeId: 1.2.840.113556.1.4.879 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a132582-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Staging-Path +ldapDisplayName: fRSStagingPath +attributeId: 1.2.840.113556.1.4.488 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f175-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Delay-Variation +ldapDisplayName: aCSMinimumDelayVariation +attributeId: 1.2.840.113556.1.4.1317 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9c65329b-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Time-Last-Command +ldapDisplayName: fRSTimeLastCommand +attributeId: 1.2.840.113556.1.4.880 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: TRUE +schemaIdGuid: 2a132583-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Time-Last-Config-Change +ldapDisplayName: fRSTimeLastConfigChange +attributeId: 1.2.840.113556.1.4.881 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: TRUE +schemaIdGuid: 2a132584-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Update-Timeout +ldapDisplayName: fRSUpdateTimeout +attributeId: 1.2.840.113556.1.4.485 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1be8f172-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Version +ldapDisplayName: fRSVersion +attributeId: 1.2.840.113556.1.4.882 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a132585-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Version-GUID +ldapDisplayName: fRSVersionGUID +attributeId: 1.2.840.113556.1.4.43 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 26d9736c-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Working-Path +ldapDisplayName: fRSWorkingPath +attributeId: 1.2.840.113556.1.4.486 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f173-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FSMO-Role-Owner +ldapDisplayName: fSMORoleOwner +attributeId: 1.2.840.113556.1.4.369 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 66171887-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Garbage-Coll-Period +ldapDisplayName: garbageCollPeriod +attributeId: 1.2.840.113556.1.2.301 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5fd424a1-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 32943 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Gecos +ldapDisplayName: gecos +attributeId: 1.3.6.1.1.1.1.2 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a3e03f1f-1d55-4253-a0af-30c2a784e46e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: Generated-Connection +ldapDisplayName: generatedConnection +attributeId: 1.2.840.113556.1.4.41 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf96797a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Latency +ldapDisplayName: aCSMinimumLatency +attributeId: 1.2.840.113556.1.4.1316 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9517fefb-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Generation-Qualifier +ldapDisplayName: generationQualifier +attributeId: 2.5.4.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775804-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +mapiID: 35923 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GidNumber +ldapDisplayName: gidNumber +attributeId: 1.3.6.1.1.1.1.1 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c5b95f0c-ec9e-41c4-849c-b46597ed6696 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: Given-Name +ldapDisplayName: givenName +attributeId: 2.5.4.42 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff8e-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14854 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Global-Address-List +ldapDisplayName: globalAddressList +attributeId: 1.2.840.113556.1.4.1245 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f754c748-06f4-11d2-aa53-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Governs-ID +ldapDisplayName: governsID +attributeId: 1.2.840.113556.1.2.22 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf96797d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: GPC-File-Sys-Path +ldapDisplayName: gPCFileSysPath +attributeId: 1.2.840.113556.1.4.894 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f30e3bc1-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-Functionality-Version +ldapDisplayName: gPCFunctionalityVersion +attributeId: 1.2.840.113556.1.4.893 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f30e3bc0-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-Machine-Extension-Names +ldapDisplayName: gPCMachineExtensionNames +attributeId: 1.2.840.113556.1.4.1348 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 32ff8ecc-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-User-Extension-Names +ldapDisplayName: gPCUserExtensionNames +attributeId: 1.2.840.113556.1.4.1349 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 42a75fc6-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-WQL-Filter +ldapDisplayName: gPCWQLFilter +attributeId: 1.2.840.113556.1.4.1694 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bd4c7a6-1add-4436-8c04-3999a880154c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Policed-Size +ldapDisplayName: aCSMinimumPolicedSize +attributeId: 1.2.840.113556.1.4.1315 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 8d0e7195-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GP-Link +ldapDisplayName: gPLink +attributeId: 1.2.840.113556.1.4.891 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f30e3bbe-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GP-Options +ldapDisplayName: gPOptions +attributeId: 1.2.840.113556.1.4.892 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f30e3bbf-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Attributes +ldapDisplayName: groupAttributes +attributeId: 1.2.840.113556.1.4.152 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96797e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Membership-SAM +ldapDisplayName: groupMembershipSAM +attributeId: 1.2.840.113556.1.4.166 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967980-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Priority +ldapDisplayName: groupPriority +attributeId: 1.2.840.113556.1.4.345 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eea65905-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Groups-to-Ignore +ldapDisplayName: groupsToIgnore +attributeId: 1.2.840.113556.1.4.344 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eea65904-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Type +ldapDisplayName: groupType +attributeId: 1.2.840.113556.1.4.750 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a9a021e-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE | fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Has-Master-NCs +ldapDisplayName: hasMasterNCs +attributeId: 1.2.840.113556.1.2.14 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967982-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 76 +mapiID: 32950 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Has-Partial-Replica-NCs +ldapDisplayName: hasPartialReplicaNCs +attributeId: 1.2.840.113556.1.2.15 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967981-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 74 +mapiID: 32949 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Help-Data16 +ldapDisplayName: helpData16 +attributeId: 1.2.840.113556.1.2.402 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424a7-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32826 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Non-Reserved-Max-SDU-Size +ldapDisplayName: aCSNonReservedMaxSDUSize +attributeId: 1.2.840.113556.1.4.1320 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: aec2cfe3-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Help-Data32 +ldapDisplayName: helpData32 +attributeId: 1.2.840.113556.1.2.9 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424a8-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32784 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Help-File-Name +ldapDisplayName: helpFileName +attributeId: 1.2.840.113556.1.2.327 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5fd424a9-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 13 +mapiID: 32827 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Hide-From-AB +ldapDisplayName: hideFromAB +attributeId: 1.2.840.113556.1.4.1780 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ec05b750-a977-4efe-8e8d-ba6c1a6e33a8 +systemOnly: FALSE +searchFlags: 0 + +cn: Home-Directory +ldapDisplayName: homeDirectory +attributeId: 1.2.840.113556.1.4.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967985-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Home-Drive +ldapDisplayName: homeDrive +attributeId: 1.2.840.113556.1.4.45 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967986-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Phone-Home-Primary +ldapDisplayName: homePhone +attributeId: 0.9.2342.19200300.100.1.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa1-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14857 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +systemFlags: 0 + +cn: Address-Home +ldapDisplayName: homePostalAddress +attributeId: 1.2.840.113556.1.2.617 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775781-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14941 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: host +ldapDisplayName: host +attributeId: 0.9.2342.19200300.100.1.9 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 6043df71-fa48-46cf-ab7c-cbd54644b22d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: houseIdentifier +ldapDisplayName: houseIdentifier +attributeId: 2.5.4.51 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: a45398b7-c44a-4eb6-82d3-13c10946dbfe +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 + +cn: Icon-Path +ldapDisplayName: iconPath +attributeId: 1.2.840.113556.1.4.219 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ff83-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Aggregate-Token-Rate-Per-User +ldapDisplayName: aCSAggregateTokenRatePerUser +attributeId: 1.2.840.113556.1.4.760 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127d-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Min-Policed-Size +ldapDisplayName: aCSNonReservedMinPolicedSize +attributeId: 1.2.840.113556.1.4.1321 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: b6873917-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Implemented-Categories +ldapDisplayName: implementedCategories +attributeId: 1.2.840.113556.1.4.320 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7d6c0e92-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IndexedScopes +ldapDisplayName: indexedScopes +attributeId: 1.2.840.113556.1.4.681 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb87-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Comment +ldapDisplayName: info +attributeId: 1.2.840.113556.1.2.81 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96793e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 12292 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Initial-Auth-Incoming +ldapDisplayName: initialAuthIncoming +attributeId: 1.2.840.113556.1.4.539 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52458023-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Initial-Auth-Outgoing +ldapDisplayName: initialAuthOutgoing +attributeId: 1.2.840.113556.1.4.540 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52458024-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Initials +ldapDisplayName: initials +attributeId: 2.5.4.43 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff90-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 6 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14858 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Install-Ui-Level +ldapDisplayName: installUiLevel +attributeId: 1.2.840.113556.1.4.847 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd64-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Instance-Type +ldapDisplayName: instanceType +attributeId: 1.2.840.113556.1.2.1 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96798c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +mapiID: 32957 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: International-ISDN-Number +ldapDisplayName: internationalISDNNumber +attributeId: 2.5.4.25 +attributeSyntax: 2.5.5.6 +omSyntax: 18 +isSingleValued: FALSE +schemaIdGuid: bf96798d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 16 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 32958 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Topology-Failover +ldapDisplayName: interSiteTopologyFailover +attributeId: 1.2.840.113556.1.4.1248 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b7c69e60-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Non-Reserved-Peak-Rate +ldapDisplayName: aCSNonReservedPeakRate +attributeId: 1.2.840.113556.1.4.1318 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: a331a73f-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Topology-Generator +ldapDisplayName: interSiteTopologyGenerator +attributeId: 1.2.840.113556.1.4.1246 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7c69e5e-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Inter-Site-Topology-Renew +ldapDisplayName: interSiteTopologyRenew +attributeId: 1.2.840.113556.1.4.1247 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b7c69e5f-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Invocation-Id +ldapDisplayName: invocationId +attributeId: 1.2.840.113556.1.2.115 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf96798e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fATTINDEX +mapiID: 32959 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +searchFlags: 0 + +cn: IpHostNumber +ldapDisplayName: ipHostNumber +attributeId: 1.3.6.1.1.1.1.19 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: de8bb721-85dc-4fde-b687-9657688e667e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: IpNetmaskNumber +ldapDisplayName: ipNetmaskNumber +attributeId: 1.3.6.1.1.1.1.21 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 6ff64fcd-462e-4f62-b44a-9a5347659eb9 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: IpNetworkNumber +ldapDisplayName: ipNetworkNumber +attributeId: 1.3.6.1.1.1.1.20 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4e3854f4-3087-42a4-a813-bb0c528958d3 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: Phone-Ip-Primary +ldapDisplayName: ipPhone +attributeId: 1.2.840.113556.1.4.721 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4d146e4a-48d4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpProtocolNumber +ldapDisplayName: ipProtocolNumber +attributeId: 1.3.6.1.1.1.1.17 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ebf5c6eb-0e2d-4415-9670-1081993b4211 +systemOnly: FALSE +searchFlags: 0 + +cn: Ipsec-Data +ldapDisplayName: ipsecData +attributeId: 1.2.840.113556.1.4.623 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: b40ff81f-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Data-Type +ldapDisplayName: ipsecDataType +attributeId: 1.2.840.113556.1.4.622 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b40ff81e-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Token-Size +ldapDisplayName: aCSNonReservedTokenSize +attributeId: 1.2.840.113556.1.4.1319 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: a916d7c9-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Filter-Reference +ldapDisplayName: ipsecFilterReference +attributeId: 1.2.840.113556.1.4.629 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff823-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ID +ldapDisplayName: ipsecID +attributeId: 1.2.840.113556.1.4.621 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b40ff81d-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ISAKMP-Reference +ldapDisplayName: ipsecISAKMPReference +attributeId: 1.2.840.113556.1.4.626 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b40ff820-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Name +ldapDisplayName: ipsecName +attributeId: 1.2.840.113556.1.4.620 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b40ff81c-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IPSEC-Negotiation-Policy-Action +ldapDisplayName: iPSECNegotiationPolicyAction +attributeId: 1.2.840.113556.1.4.888 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 07383075-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Negotiation-Policy-Reference +ldapDisplayName: ipsecNegotiationPolicyReference +attributeId: 1.2.840.113556.1.4.628 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b40ff822-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IPSEC-Negotiation-Policy-Type +ldapDisplayName: iPSECNegotiationPolicyType +attributeId: 1.2.840.113556.1.4.887 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 07383074-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-NFA-Reference +ldapDisplayName: ipsecNFAReference +attributeId: 1.2.840.113556.1.4.627 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff821-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Owners-Reference +ldapDisplayName: ipsecOwnersReference +attributeId: 1.2.840.113556.1.4.624 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff824-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Policy-Reference +ldapDisplayName: ipsecPolicyReference +attributeId: 1.2.840.113556.1.4.517 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7b13118-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Tx-Limit +ldapDisplayName: aCSNonReservedTxLimit +attributeId: 1.2.840.113556.1.4.780 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 1cb355a2-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpServicePort +ldapDisplayName: ipServicePort +attributeId: 1.3.6.1.1.1.1.15 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ff2daebf-f463-495a-8405-3e483641eaa2 +systemOnly: FALSE +searchFlags: 0 + +cn: IpServiceProtocol +ldapDisplayName: ipServiceProtocol +attributeId: 1.3.6.1.1.1.1.16 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: cd96ec0b-1ed6-43b4-b26b-f170b645883f +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: Is-Critical-System-Object +ldapDisplayName: isCriticalSystemObject +attributeId: 1.2.840.113556.1.4.868 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 00fbf30d-91fe-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Defunct +ldapDisplayName: isDefunct +attributeId: 1.2.840.113556.1.4.661 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 28630ebe-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Deleted +ldapDisplayName: isDeleted +attributeId: 1.2.840.113556.1.2.48 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf96798f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32960 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Ephemeral +ldapDisplayName: isEphemeral +attributeId: 1.2.840.113556.1.4.1212 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f4c453f0-c5f1-11d1-bbcb-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Is-Member-Of-Partial-Attribute-Set +ldapDisplayName: isMemberOfPartialAttributeSet +attributeId: 1.2.840.113556.1.4.639 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 19405b9d-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Privilege-Holder +ldapDisplayName: isPrivilegeHolder +attributeId: 1.2.840.113556.1.4.638 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 19405b9c-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 71 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Is-Single-Valued +ldapDisplayName: isSingleValued +attributeId: 1.2.840.113556.1.2.33 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967992-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32961 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: jpegPhoto +ldapDisplayName: jpegPhoto +attributeId: 0.9.2342.19200300.100.1.60 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bac80572-09c4-4fa9-9ae6-7628d7adbe0e +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: ACS-Non-Reserved-Tx-Size +ldapDisplayName: aCSNonReservedTxSize +attributeId: 1.2.840.113556.1.4.898 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f072230d-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Keywords +ldapDisplayName: keywords +attributeId: 1.2.840.113556.1.4.48 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967993-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 256 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Knowledge-Information +ldapDisplayName: knowledgeInformation +attributeId: 2.5.4.2 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: FALSE +schemaIdGuid: 1677581f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32963 + +cn: Locality-Name +ldapDisplayName: l +attributeId: 2.5.4.7 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679a2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY | fATTINDEX +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14887 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: labeledURI +ldapDisplayName: labeledURI +attributeId: 1.3.6.1.4.1.250.1.57 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: c569bb46-c680-44bc-a273-e6c227d71b45 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: Last-Backup-Restoration-Time +ldapDisplayName: lastBackupRestorationTime +attributeId: 1.2.840.113556.1.4.519 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 1fbb0be8-ba63-11d0-afef-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Last-Content-Indexed +ldapDisplayName: lastContentIndexed +attributeId: 1.2.840.113556.1.4.50 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967995-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Last-Known-Parent +ldapDisplayName: lastKnownParent +attributeId: 1.2.840.113556.1.4.781 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 52ab8670-5709-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logoff +ldapDisplayName: lastLogoff +attributeId: 1.2.840.113556.1.4.51 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967996-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logon +ldapDisplayName: lastLogon +attributeId: 1.2.840.113556.1.4.52 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967997-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logon-Timestamp +ldapDisplayName: lastLogonTimestamp +attributeId: 1.2.840.113556.1.4.1696 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c0e20a04-0e5a-4ff3-9482-5efeaecd7060 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Permission-Bits +ldapDisplayName: aCSPermissionBits +attributeId: 1.2.840.113556.1.4.765 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561282-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Last-Set-Time +ldapDisplayName: lastSetTime +attributeId: 1.2.840.113556.1.4.53 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967998-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Update-Sequence +ldapDisplayName: lastUpdateSequence +attributeId: 1.2.840.113556.1.4.330 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9c-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: LDAP-Admin-Limits +ldapDisplayName: lDAPAdminLimits +attributeId: 1.2.840.113556.1.4.843 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7359a352-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LDAP-Display-Name +ldapDisplayName: lDAPDisplayName +attributeId: 1.2.840.113556.1.2.460 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96799a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE | fATTINDEX +rangeLower: 1 +rangeUpper: 256 +mapiID: 33137 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LDAP-IPDeny-List +ldapDisplayName: lDAPIPDenyList +attributeId: 1.2.840.113556.1.4.844 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7359a353-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LSA-Creation-Time +ldapDisplayName: lSACreationTime +attributeId: 1.2.840.113556.1.4.66 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679ad-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: LSA-Modified-Count +ldapDisplayName: lSAModifiedCount +attributeId: 1.2.840.113556.1.4.67 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679ae-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Legacy-Exchange-DN +ldapDisplayName: legacyExchangeDN +attributeId: 1.2.840.113556.1.4.655 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 28630ebc-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE| fANR | fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Link-ID +ldapDisplayName: linkID +attributeId: 1.2.840.113556.1.2.50 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96799b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32965 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Link-Track-Secret +ldapDisplayName: linkTrackSecret +attributeId: 1.2.840.113556.1.4.269 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2ae80fe2-47b4-11d0-a1a4-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Policy-Name +ldapDisplayName: aCSPolicyName +attributeId: 1.2.840.113556.1.4.772 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1cb3559a-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lm-Pwd-History +ldapDisplayName: lmPwdHistory +attributeId: 1.2.840.113556.1.4.160 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf96799d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Locale-ID +ldapDisplayName: localeID +attributeId: 1.2.840.113556.1.4.58 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf9679a1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Localization-Display-Id +ldapDisplayName: localizationDisplayId +attributeId: 1.2.840.113556.1.4.1353 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a746f0d1-78d0-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Localized-Description +ldapDisplayName: localizedDescription +attributeId: 1.2.840.113556.1.4.817 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18316-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Local-Policy-Flags +ldapDisplayName: localPolicyFlags +attributeId: 1.2.840.113556.1.4.56 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96799e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Local-Policy-Reference +ldapDisplayName: localPolicyReference +attributeId: 1.2.840.113556.1.4.457 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 80a67e4d-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Location +ldapDisplayName: location +attributeId: 1.2.840.113556.1.4.222 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 09dcb79f-165f-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lockout-Duration +ldapDisplayName: lockoutDuration +attributeId: 1.2.840.113556.1.4.60 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679a5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Lock-Out-Observation-Window +ldapDisplayName: lockOutObservationWindow +attributeId: 1.2.840.113556.1.4.61 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679a4-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Lockout-Threshold +ldapDisplayName: lockoutThreshold +attributeId: 1.2.840.113556.1.4.73 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679a6-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 65535 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Priority +ldapDisplayName: aCSPriority +attributeId: 1.2.840.113556.1.4.764 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561281-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lockout-Time +ldapDisplayName: lockoutTime +attributeId: 1.2.840.113556.1.4.662 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 28630ebf-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LoginShell +ldapDisplayName: loginShell +attributeId: 1.3.6.1.1.1.1.4 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a553d12c-3231-4c5e-8adf-8d189697721e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: Logon-Count +ldapDisplayName: logonCount +attributeId: 1.2.840.113556.1.4.169 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679aa-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Logon-Hours +ldapDisplayName: logonHours +attributeId: 1.2.840.113556.1.4.64 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ab-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Logon-Workstation +ldapDisplayName: logonWorkstation +attributeId: 1.2.840.113556.1.4.65 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ac-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-RSVP-Account-Files-Location +ldapDisplayName: aCSRSVPAccountFilesLocation +attributeId: 1.2.840.113556.1.4.900 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f072230f-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-RSVP-Log-Files-Location +ldapDisplayName: aCSRSVPLogFilesLocation +attributeId: 1.2.840.113556.1.4.773 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1cb3559b-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Allocable-RSVP-Bandwidth +ldapDisplayName: aCSAllocableRSVPBandwidth +attributeId: 1.2.840.113556.1.4.766 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561283-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Server-List +ldapDisplayName: aCSServerList +attributeId: 1.2.840.113556.1.4.1312 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7cbd59a5-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Service-Type +ldapDisplayName: aCSServiceType +attributeId: 1.2.840.113556.1.4.762 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127f-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Time-Of-Day +ldapDisplayName: aCSTimeOfDay +attributeId: 1.2.840.113556.1.4.756 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7f561279-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Total-No-Of-Flows +ldapDisplayName: aCSTotalNoOfFlows +attributeId: 1.2.840.113556.1.4.763 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561280-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Additional-Trusted-Service-Names +ldapDisplayName: additionalTrustedServiceNames +attributeId: 1.2.840.113556.1.4.889 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 032160be-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Address-Book-Roots +ldapDisplayName: addressBookRoots +attributeId: 1.2.840.113556.1.4.1244 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f70b6e48-06f4-11d2-aa53-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Entry-Display-Table +ldapDisplayName: addressEntryDisplayTable +attributeId: 1.2.840.113556.1.2.324 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42461-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32791 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Entry-Display-Table-MSDOS +ldapDisplayName: addressEntryDisplayTableMSDOS +attributeId: 1.2.840.113556.1.2.400 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42462-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32839 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Syntax +ldapDisplayName: addressSyntax +attributeId: 1.2.840.113556.1.2.255 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42463-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +mapiID: 32792 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Type +ldapDisplayName: addressType +attributeId: 1.2.840.113556.1.2.350 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 5fd42464-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32 +mapiID: 32840 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Cache-Timeout +ldapDisplayName: aCSCacheTimeout +attributeId: 1.2.840.113556.1.4.779 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb355a1-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Context-Menu +ldapDisplayName: adminContextMenu +attributeId: 1.2.840.113556.1.4.614 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 553fd038-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Count +ldapDisplayName: adminCount +attributeId: 1.2.840.113556.1.4.150 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967918-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Admin-Description +ldapDisplayName: adminDescription +attributeId: 1.2.840.113556.1.2.226 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967919-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +mapiID: 32842 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Display-Name +ldapDisplayName: adminDisplayName +attributeId: 1.2.840.113556.1.2.194 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96791a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +mapiID: 32843 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Admin-Multiselect-Property-Pages +ldapDisplayName: adminMultiselectPropertyPages +attributeId: 1.2.840.113556.1.4.1690 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 18f9b67d-5ac6-4b3b-97db-d0a406afb7ba +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Property-Pages +ldapDisplayName: adminPropertyPages +attributeId: 1.2.840.113556.1.4.562 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 52458038-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Allowed-Attributes +ldapDisplayName: allowedAttributes +attributeId: 1.2.840.113556.1.4.913 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad940-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Attributes-Effective +ldapDisplayName: allowedAttributesEffective +attributeId: 1.2.840.113556.1.4.914 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad941-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Child-Classes +ldapDisplayName: allowedChildClasses +attributeId: 1.2.840.113556.1.4.911 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad942-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Child-Classes-Effective +ldapDisplayName: allowedChildClassesEffective +attributeId: 1.2.840.113556.1.4.912 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad943-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ACS-Direction +ldapDisplayName: aCSDirection +attributeId: 1.2.840.113556.1.4.757 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127a-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Alt-Security-Identities +ldapDisplayName: altSecurityIdentities +attributeId: 1.2.840.113556.1.4.867 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 00fbf30c-91fe-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ANR +ldapDisplayName: aNR +attributeId: 1.2.840.113556.1.4.1208 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45b01500-c419-11d1-bbc9-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Application-Name +ldapDisplayName: applicationName +attributeId: 1.2.840.113556.1.4.218 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: dd712226-10e4-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Applies-To +ldapDisplayName: appliesTo +attributeId: 1.2.840.113556.1.4.341 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8297931d-86d3-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: App-Schema-Version +ldapDisplayName: appSchemaVersion +attributeId: 1.2.840.113556.1.4.848 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd65-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Asset-Number +ldapDisplayName: assetNumber +attributeId: 1.2.840.113556.1.4.283 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f75-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Assistant +ldapDisplayName: assistant +attributeId: 1.2.840.113556.1.4.652 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0296c11c-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: associatedDomain +ldapDisplayName: associatedDomain +attributeId: 0.9.2342.19200300.100.1.37 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 3320fc38-c379-4c17-a510-1bdf6133c5da +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 + +cn: associatedName +ldapDisplayName: associatedName +attributeId: 0.9.2342.19200300.100.1.38 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f7fbfc45-85ab-42a4-a435-780e62f7858b +systemOnly: FALSE +searchFlags: 0 + +cn: Assoc-NT-Account +ldapDisplayName: assocNTAccount +attributeId: 1.2.840.113556.1.4.1213 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 398f63c0-ca60-11d1-bbd1-0000f81f10c0 +systemOnly: FALSE +searchFlags: 0 + +cn: ACS-DSBM-DeadTime +ldapDisplayName: aCSDSBMDeadTime +attributeId: 1.2.840.113556.1.4.778 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb355a0-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: attributeCertificateAttribute +ldapDisplayName: attributeCertificateAttribute +attributeId: 2.5.4.58 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: fa4693bb-7bc2-4cb9-81a8-c99c43b7905e +systemOnly: FALSE +searchFlags: 0 + +cn: Attribute-Display-Names +ldapDisplayName: attributeDisplayNames +attributeId: 1.2.840.113556.1.4.748 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: cb843f80-48d9-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Attribute-ID +ldapDisplayName: attributeID +attributeId: 1.2.840.113556.1.2.30 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967922-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Security-GUID +ldapDisplayName: attributeSecurityGUID +attributeId: 1.2.840.113556.1.4.149 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967924-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Syntax +ldapDisplayName: attributeSyntax +attributeId: 1.2.840.113556.1.2.32 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967925-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Types +ldapDisplayName: attributeTypes +attributeId: 2.5.21.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad944-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: audio +ldapDisplayName: audio +attributeId: 0.9.2342.19200300.100.1.55 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d0e1d224-e1a0-42ce-a2da-793ba5244f35 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 250000 +showInAdvancedViewOnly: FALSE + +cn: Auditing-Policy +ldapDisplayName: auditingPolicy +attributeId: 1.2.840.113556.1.4.202 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6da8a4fe-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Authentication-Options +ldapDisplayName: authenticationOptions +attributeId: 1.2.840.113556.1.4.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967928-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Authority-Revocation-List +ldapDisplayName: authorityRevocationList +attributeId: 2.5.4.38 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1677578d-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 32806 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-DSBM-Priority +ldapDisplayName: aCSDSBMPriority +attributeId: 1.2.840.113556.1.4.776 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559e-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Auxiliary-Class +ldapDisplayName: auxiliaryClass +attributeId: 1.2.840.113556.1.2.351 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf96792c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bad-Password-Time +ldapDisplayName: badPasswordTime +attributeId: 1.2.840.113556.1.4.49 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf96792d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bad-Pwd-Count +ldapDisplayName: badPwdCount +attributeId: 1.2.840.113556.1.4.12 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96792e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Birth-Location +ldapDisplayName: birthLocation +attributeId: 1.2.840.113556.1.4.332 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075f9-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 32 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: BootFile +ldapDisplayName: bootFile +attributeId: 1.3.6.1.1.1.1.24 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: e3f3cb4e-0f20-42eb-9703-d2ff26e52667 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: BootParameter +ldapDisplayName: bootParameter +attributeId: 1.3.6.1.1.1.1.23 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: d72a0750-8c7c-416e-8714-e65f11e908be +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: Bridgehead-Server-List-BL +ldapDisplayName: bridgeheadServerListBL +attributeId: 1.2.840.113556.1.4.820 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdb-8951-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 99 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bridgehead-Transport-List +ldapDisplayName: bridgeheadTransportList +attributeId: 1.2.840.113556.1.4.819 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cda-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 98 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: buildingName +ldapDisplayName: buildingName +attributeId: 0.9.2342.19200300.100.1.48 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f87fa54b-b2c5-4fd7-88c0-daccb21d93c5 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Builtin-Creation-Time +ldapDisplayName: builtinCreationTime +attributeId: 1.2.840.113556.1.4.13 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf96792f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-DSBM-Refresh +ldapDisplayName: aCSDSBMRefresh +attributeId: 1.2.840.113556.1.4.777 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559f-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Builtin-Modified-Count +ldapDisplayName: builtinModifiedCount +attributeId: 1.2.840.113556.1.4.14 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967930-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Business-Category +ldapDisplayName: businessCategory +attributeId: 2.5.4.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967931-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 32855 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Bytes-Per-Minute +ldapDisplayName: bytesPerMinute +attributeId: 1.2.840.113556.1.4.284 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f76-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Country-Name +ldapDisplayName: c +attributeId: 2.5.4.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967945-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 3 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 32873 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: CA-Certificate +ldapDisplayName: cACertificate +attributeId: 2.5.4.37 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967932-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32771 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Certificate-DN +ldapDisplayName: cACertificateDN +attributeId: 1.2.840.113556.1.4.697 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2740-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Connect +ldapDisplayName: cAConnect +attributeId: 1.2.840.113556.1.4.687 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2735-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Canonical-Name +ldapDisplayName: canonicalName +attributeId: 1.2.840.113556.1.4.916 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad945-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Can-Upgrade-Script +ldapDisplayName: canUpgradeScript +attributeId: 1.2.840.113556.1.4.815 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18314-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: carLicense +ldapDisplayName: carLicense +attributeId: 2.16.840.1.113730.3.1.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d4159c92-957d-4a87-8a67-8d2934e01649 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: MacAddress +ldapDisplayName: macAddress +attributeId: 1.3.6.1.1.1.1.22 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: e6a522dd-9770-43e1-89de-1de5044328f7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: Manager +ldapDisplayName: manager +attributeId: 0.9.2342.19200300.100.1.10 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679b5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +linkID: 42 +mapiID: 32773 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-NamedPipe +ldapDisplayName: mS-SQL-NamedPipe +attributeId: 1.2.840.113556.1.4.1374 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7b91c840-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-PublicationURL +ldapDisplayName: mS-SQL-PublicationURL +attributeId: 1.2.840.113556.1.4.1384 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ae0c11b8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Publisher +ldapDisplayName: mS-SQL-Publisher +attributeId: 1.2.840.113556.1.4.1402 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c1676858-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-RegisteredOwner +ldapDisplayName: mS-SQL-RegisteredOwner +attributeId: 1.2.840.113556.1.4.1364 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 48fd44ea-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-ServiceAccount +ldapDisplayName: mS-SQL-ServiceAccount +attributeId: 1.2.840.113556.1.4.1369 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 64933a3e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Size +ldapDisplayName: mS-SQL-Size +attributeId: 1.2.840.113556.1.4.1396 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: e9098084-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SortOrder +ldapDisplayName: mS-SQL-SortOrder +attributeId: 1.2.840.113556.1.4.1371 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6ddc42c0-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SPX +ldapDisplayName: mS-SQL-SPX +attributeId: 1.2.840.113556.1.4.1376 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 86b08004-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Status +ldapDisplayName: mS-SQL-Status +attributeId: 1.2.840.113556.1.4.1380 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9a7d4770-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-TCPIP +ldapDisplayName: mS-SQL-TCPIP +attributeId: 1.2.840.113556.1.4.1377 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8ac263a6-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MAPI-ID +ldapDisplayName: mAPIID +attributeId: 1.2.840.113556.1.2.49 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679b7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32974 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-SQL-ThirdParty +ldapDisplayName: mS-SQL-ThirdParty +attributeId: 1.2.840.113556.1.4.1407 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c4e311fc-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Type +ldapDisplayName: mS-SQL-Type +attributeId: 1.2.840.113556.1.4.1391 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ca48eba8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-UnicodeSortOrder +ldapDisplayName: mS-SQL-UnicodeSortOrder +attributeId: 1.2.840.113556.1.4.1372 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 72dc918a-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Version +ldapDisplayName: mS-SQL-Version +attributeId: 1.2.840.113556.1.4.1388 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c07cc1d0-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Vines +ldapDisplayName: mS-SQL-Vines +attributeId: 1.2.840.113556.1.4.1379 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 94c56394-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-DefaultPartitionLink +ldapDisplayName: msCOM-DefaultPartitionLink +attributeId: 1.2.840.113556.1.4.1427 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 998b10f7-aa1a-4364-b867-753d197fe670 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-ObjectId +ldapDisplayName: msCOM-ObjectId +attributeId: 1.2.840.113556.1.4.1428 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 430f678b-889f-41f2-9843-203b5a65572f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionLink +ldapDisplayName: msCOM-PartitionLink +attributeId: 1.2.840.113556.1.4.1423 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 09abac62-043f-4702-ac2b-6ca15eee5754 +systemOnly: FALSE +searchFlags: 0 +linkID: 1040 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionSetLink +ldapDisplayName: msCOM-PartitionSetLink +attributeId: 1.2.840.113556.1.4.1424 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 67f121dc-7d02-4c7d-82f5-9ad4c950ac34 +systemOnly: TRUE +searchFlags: 0 +linkID: 1041 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-COM-UserLink +ldapDisplayName: msCOM-UserLink +attributeId: 1.2.840.113556.1.4.1425 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9e6f3a4d-242c-4f37-b068-36b57f9fc852 +systemOnly: TRUE +searchFlags: 0 +linkID: 1049 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Marshalled-Interface +ldapDisplayName: marshalledInterface +attributeId: 1.2.840.113556.1.4.72 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679b9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-UserPartitionSetLink +ldapDisplayName: msCOM-UserPartitionSetLink +attributeId: 1.2.840.113556.1.4.1426 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 8e940c8a-e477-4367-b08d-ff2ff942dcd7 +systemOnly: FALSE +searchFlags: 0 +linkID: 1048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Mscope-Id +ldapDisplayName: mscopeId +attributeId: 1.2.840.113556.1.4.716 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: TRUE +schemaIdGuid: 963d2751-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFSR-CachePolicy +ldapDisplayName: msDFSR-CachePolicy +attributeId: 1.2.840.113556.1.6.13.3.29 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db7a08e7-fc76-4569-a45f-f5ecb66a88b5 +searchFlags: 0 + +cn: ms-DFSR-CommonStagingPath +ldapDisplayName: msDFSR-CommonStagingPath +attributeId: 1.2.840.113556.1.6.13.3.38 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 936eac41-d257-4bb9-bd55-f310a3cf09ad +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-CommonStagingSizeInMb +ldapDisplayName: msDFSR-CommonStagingSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.39 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 135eb00e-4846-458b-8ea2-a37559afd405 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ComputerReference +ldapDisplayName: msDFSR-ComputerReference +attributeId: 1.2.840.113556.1.6.13.3.101 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 6c7b5785-3d21-41bf-8a8a-627941544d5a +searchFlags: 0 +linkID: 2050 + +cn: ms-DFSR-ComputerReferenceBL +ldapDisplayName: msDFSR-ComputerReferenceBL +attributeId: 1.2.840.113556.1.6.13.3.103 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 5eb526d7-d71b-44ae-8cc6-95460052e6ac +searchFlags: 0 +linkID: 2051 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DFSR-ConflictPath +ldapDisplayName: msDFSR-ConflictPath +attributeId: 1.2.840.113556.1.6.13.3.7 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5cf0bcc8-60f7-4bff-bda6-aea0344eb151 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-ConflictSizeInMb +ldapDisplayName: msDFSR-ConflictSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.8 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9ad33fc9-aacf-4299-bb3e-d1fc6ea88e49 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ContentSetGuid +ldapDisplayName: msDFSR-ContentSetGuid +attributeId: 1.2.840.113556.1.6.13.3.18 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1035a8e1-67a8-4c21-b7bb-031cdf99d7a0 +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 + +cn: Mastered-By +ldapDisplayName: masteredBy +attributeId: 1.2.840.113556.1.4.1409 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e48e64e0-12c9-11d3-9102-00c04fd91ab1 +systemOnly: TRUE +searchFlags: 0 +linkID: 77 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DFSR-DefaultCompressionExclusionFilter +ldapDisplayName: msDFSR-DefaultCompressionExclusionFilter +attributeId: 1.2.840.113556.1.6.13.3.34 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 87811bd5-cd8b-45cb-9f5d-980f3a9e0c97 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DeletedPath +ldapDisplayName: msDFSR-DeletedPath +attributeId: 1.2.840.113556.1.6.13.3.26 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 817cf0b8-db95-4914-b833-5a079ef65764 +searchFlags: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DeletedSizeInMb +ldapDisplayName: msDFSR-DeletedSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.27 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 53ed9ad1-9975-41f4-83f5-0c061a12553a +searchFlags: 0 +rangeUpper: -1 + +cn: ms-DFSR-DfsLinkTarget +ldapDisplayName: msDFSR-DfsLinkTarget +attributeId: 1.2.840.113556.1.6.13.3.24 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f7b85ba9-3bf9-428f-aab4-2eee6d56f063 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DfsPath +ldapDisplayName: msDFSR-DfsPath +attributeId: 1.2.840.113556.1.6.13.3.21 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2cc903e2-398c-443b-ac86-ff6b01eac7ba +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DirectoryFilter +ldapDisplayName: msDFSR-DirectoryFilter +attributeId: 1.2.840.113556.1.6.13.3.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 93c7b477-1f2e-4b40-b7bf-007e8d038ccf +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DisablePacketPrivacy +ldapDisplayName: msDFSR-DisablePacketPrivacy +attributeId: 1.2.840.113556.1.6.13.3.32 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 6a84ede5-741e-43fd-9dd6-aa0f61578621 +searchFlags: 0 + +cn: ms-DFSR-Enabled +ldapDisplayName: msDFSR-Enabled +attributeId: 1.2.840.113556.1.6.13.3.9 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 03726ae7-8e7d-4446-8aae-a91657c00993 +searchFlags: 0 + +cn: ms-DFSR-Extension +ldapDisplayName: msDFSR-Extension +attributeId: 1.2.840.113556.1.6.13.3.2 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 78f011ec-a766-4b19-adcf-7b81ed781a4d +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 + +cn: ms-DFSR-FileFilter +ldapDisplayName: msDFSR-FileFilter +attributeId: 1.2.840.113556.1.6.13.3.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d68270ac-a5dc-4841-a6ac-cd68be38c181 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: Max-Pwd-Age +ldapDisplayName: maxPwdAge +attributeId: 1.2.840.113556.1.4.74 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bb-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DFSR-Flags +ldapDisplayName: msDFSR-Flags +attributeId: 1.2.840.113556.1.6.13.3.16 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe515695-3f61-45c8-9bfa-19c148c57b09 +searchFlags: 0 + +cn: ms-DFSR-Keywords +ldapDisplayName: msDFSR-Keywords +attributeId: 1.2.840.113556.1.6.13.3.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 048b4692-6227-4b67-a074-c4437083e14b +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-MaxAgeInCacheInMin +ldapDisplayName: msDFSR-MaxAgeInCacheInMin +attributeId: 1.2.840.113556.1.6.13.3.31 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2ab0e48d-ac4e-4afc-83e5-a34240db6198 +searchFlags: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-MemberReference +ldapDisplayName: msDFSR-MemberReference +attributeId: 1.2.840.113556.1.6.13.3.100 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 261337aa-f1c3-44b2-bbea-c88d49e6f0c7 +searchFlags: 0 +linkID: 2052 + +cn: ms-DFSR-MemberReferenceBL +ldapDisplayName: msDFSR-MemberReferenceBL +attributeId: 1.2.840.113556.1.6.13.3.102 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: adde62c6-1880-41ed-bd3c-30b7d25e14f0 +searchFlags: 0 +linkID: 2053 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DFSR-MinDurationCacheInMin +ldapDisplayName: msDFSR-MinDurationCacheInMin +attributeId: 1.2.840.113556.1.6.13.3.30 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 4c5d607a-ce49-444a-9862-82a95f5d1fcc +searchFlags: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-OnDemandExclusionDirectoryFilter +ldapDisplayName: msDFSR-OnDemandExclusionDirectoryFilter +attributeId: 1.2.840.113556.1.6.13.3.36 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d523aff-9012-49b2-9925-f922a0018656 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-OnDemandExclusionFileFilter +ldapDisplayName: msDFSR-OnDemandExclusionFileFilter +attributeId: 1.2.840.113556.1.6.13.3.35 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a68359dc-a581-4ee6-9015-5382c60f0fb4 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-Options +ldapDisplayName: msDFSR-Options +attributeId: 1.2.840.113556.1.6.13.3.17 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d6d67084-c720-417d-8647-b696237a114c +searchFlags: 0 + +cn: ms-DFSR-Options2 +ldapDisplayName: msDFSR-Options2 +attributeId: 1.2.840.113556.1.6.13.3.37 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 11e24318-4ca6-4f49-9afe-e5eb1afa3473 +searchFlags: 0 + +cn: Max-Renew-Age +ldapDisplayName: maxRenewAge +attributeId: 1.2.840.113556.1.4.75 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bc-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DFSR-Priority +ldapDisplayName: msDFSR-Priority +attributeId: 1.2.840.113556.1.6.13.3.25 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eb20e7d6-32ad-42de-b141-16ad2631b01b +searchFlags: 0 + +cn: ms-DFSR-RdcEnabled +ldapDisplayName: msDFSR-RdcEnabled +attributeId: 1.2.840.113556.1.6.13.3.19 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e3b44e05-f4a7-4078-a730-f48670a743f8 +searchFlags: 0 + +cn: ms-DFSR-RdcMinFileSizeInKb +ldapDisplayName: msDFSR-RdcMinFileSizeInKb +attributeId: 1.2.840.113556.1.6.13.3.20 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f402a330-ace5-4dc1-8cc9-74d900bf8ae0 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ReadOnly +ldapDisplayName: msDFSR-ReadOnly +attributeId: 1.2.840.113556.1.6.13.3.28 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 5ac48021-e447-46e7-9d23-92c0c6a90dfb +searchFlags: 0 + +cn: ms-DFSR-StagingCleanupTriggerInPercent +ldapDisplayName: msDFSR-StagingCleanupTriggerInPercent +attributeId: 1.2.840.113556.1.6.13.3.40 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d64b9c23-e1fa-467b-b317-6964d744d633 +searchFlags: 0 + +cn: ms-DFSR-ReplicationGroupGuid +ldapDisplayName: msDFSR-ReplicationGroupGuid +attributeId: 1.2.840.113556.1.6.13.3.23 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2dad8796-7619-4ff8-966e-0a5cc67b287f +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 + +cn: ms-DFSR-ReplicationGroupType +ldapDisplayName: msDFSR-ReplicationGroupType +attributeId: 1.2.840.113556.1.6.13.3.10 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eeed0fc8-1001-45ed-80cc-bbf744930720 +searchFlags: 0 + +cn: ms-DFSR-RootFence +ldapDisplayName: msDFSR-RootFence +attributeId: 1.2.840.113556.1.6.13.3.22 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 51928e94-2cd8-4abe-b552-e50412444370 +searchFlags: 0 + +cn: ms-DFSR-RootPath +ldapDisplayName: msDFSR-RootPath +attributeId: 1.2.840.113556.1.6.13.3.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d7d5e8c1-e61f-464f-9fcf-20bbe0a2ec54 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-RootSizeInMb +ldapDisplayName: msDFSR-RootSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.4 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 90b769ac-4413-43cf-ad7a-867142e740a3 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: Max-Storage +ldapDisplayName: maxStorage +attributeId: 1.2.840.113556.1.4.76 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bd-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFSR-Schedule +ldapDisplayName: msDFSR-Schedule +attributeId: 1.2.840.113556.1.6.13.3.14 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 4699f15f-a71f-48e2-9ff5-5897c0759205 +searchFlags: 0 +rangeLower: 336 +rangeUpper: 336 + +cn: ms-DFSR-StagingPath +ldapDisplayName: msDFSR-StagingPath +attributeId: 1.2.840.113556.1.6.13.3.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 86b9a69e-f0a6-405d-99bb-77d977992c2a +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-StagingSizeInMb +ldapDisplayName: msDFSR-StagingSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.6 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 250a8f20-f6fc-4559-ae65-e4b24c67aebe +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-TombstoneExpiryInMin +ldapDisplayName: msDFSR-TombstoneExpiryInMin +attributeId: 1.2.840.113556.1.6.13.3.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 23e35d4c-e324-4861-a22f-e199140dae00 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-Version +ldapDisplayName: msDFSR-Version +attributeId: 1.2.840.113556.1.6.13.3.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1a861408-38c3-49ea-ba75-85481a77c655 +searchFlags: 0 +rangeUpper: 256 + +cn: MS-DRM-Identity-Certificate +ldapDisplayName: msDRM-IdentityCertificate +attributeId: 1.2.840.113556.1.4.1843 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e85e1204-3434-41ad-9b56-e2901228fff0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 10240 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Additional-Dns-Host-Name +ldapDisplayName: msDS-AdditionalDnsHostName +attributeId: 1.2.840.113556.1.4.1717 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 80863791-dbe9-4eb8-837e-7f0ab55d9ac7 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +attributeSecurityGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Additional-Sam-Account-Name +ldapDisplayName: msDS-AdditionalSamAccountName +attributeId: 1.2.840.113556.1.4.1718 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 975571df-a4d5-429a-9f59-cdc6581d91e6 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Allowed-DNS-Suffixes +ldapDisplayName: msDS-AllowedDNSSuffixes +attributeId: 1.2.840.113556.1.4.1710 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8469441b-9ac4-4e45-8205-bd219dbf672d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Allowed-To-Delegate-To +ldapDisplayName: msDS-AllowedToDelegateTo +attributeId: 1.2.840.113556.1.4.1787 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 800d94d7-b7a1-42a1-b14d-7cae1423d07f +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Max-Ticket-Age +ldapDisplayName: maxTicketAge +attributeId: 1.2.840.113556.1.4.77 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679be-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-All-Users-Trust-Quota +ldapDisplayName: msDS-AllUsersTrustQuota +attributeId: 1.2.840.113556.1.4.1789 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d3aa4a5c-4e03-4810-97aa-2b339e7a434b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Approx-Immed-Subordinates +ldapDisplayName: msDS-Approx-Immed-Subordinates +attributeId: 1.2.840.113556.1.4.1669 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e185d243-f6ce-4adb-b496-b0c005d7823c +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-AuthenticatedAt-DC +ldapDisplayName: msDS-AuthenticatedAtDC +attributeId: 1.2.840.113556.1.4.1958 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e1ee99c-6604-4489-89d9-84798a89515a +systemOnly: FALSE +searchFlags: 0 +linkID: 2112 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-AuthenticatedTo-Accountlist +ldapDisplayName: msDS-AuthenticatedToAccountlist +attributeId: 1.2.840.113556.1.4.1957 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e8b2c971-a6df-47bc-8d6f-62770d527aa5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2113 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Auxiliary-Classes +ldapDisplayName: msDS-Auxiliary-Classes +attributeId: 1.2.840.113556.1.4.1458 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: c4af1073-ee50-4be0-b8c0-89a41fe99abe +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Az-Application-Data +ldapDisplayName: msDS-AzApplicationData +attributeId: 1.2.840.113556.1.4.1819 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 503fc3e8-1cc6-461a-99a3-9eee04f402a7 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application-Name +ldapDisplayName: msDS-AzApplicationName +attributeId: 1.2.840.113556.1.4.1798 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: db5b0728-6208-4876-83b7-95d3e5695275 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application-Version +ldapDisplayName: msDS-AzApplicationVersion +attributeId: 1.2.840.113556.1.4.1817 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7184a120-3ac4-47ae-848f-fe0ab20784d4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Biz-Rule +ldapDisplayName: msDS-AzBizRule +attributeId: 1.2.840.113556.1.4.1801 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 33d41ea8-c0c9-4c92-9494-f104878413fd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Biz-Rule-Language +ldapDisplayName: msDS-AzBizRuleLanguage +attributeId: 1.2.840.113556.1.4.1802 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52994b56-0e6c-4e07-aa5c-ef9d7f5a0e25 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: May-Contain +ldapDisplayName: mayContain +attributeId: 1.2.840.113556.1.2.25 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679bf-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Az-Class-ID +ldapDisplayName: msDS-AzClassId +attributeId: 1.2.840.113556.1.4.1816 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 013a7277-5c2d-49ef-a7de-b765b36a3f6f +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 40 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Domain-Timeout +ldapDisplayName: msDS-AzDomainTimeout +attributeId: 1.2.840.113556.1.4.1795 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6448f56a-ca70-4e2e-b0af-d20e4ce653d0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Generate-Audits +ldapDisplayName: msDS-AzGenerateAudits +attributeId: 1.2.840.113556.1.4.1805 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f90abab0-186c-4418-bb85-88447c87222a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Generic-Data +ldapDisplayName: msDS-AzGenericData +attributeId: 1.2.840.113556.1.4.1950 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b5f7e349-7a5b-407c-a334-a31c3f538b98 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Last-Imported-Biz-Rule-Path +ldapDisplayName: msDS-AzLastImportedBizRulePath +attributeId: 1.2.840.113556.1.4.1803 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 665acb5c-bb92-4dbc-8c59-b3638eab09b3 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-LDAP-Query +ldapDisplayName: msDS-AzLDAPQuery +attributeId: 1.2.840.113556.1.4.1792 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5e53368b-fc94-45c8-9d7d-daf31ee7112d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 4096 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Az-Major-Version +ldapDisplayName: msDS-AzMajorVersion +attributeId: 1.2.840.113556.1.4.1824 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: cfb9adb7-c4b7-4059-9568-1ed9db6b7248 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Minor-Version +ldapDisplayName: msDS-AzMinorVersion +attributeId: 1.2.840.113556.1.4.1825 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ee85ed93-b209-4788-8165-e702f51bfbf3 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Object-Guid +ldapDisplayName: msDS-AzObjectGuid +attributeId: 1.2.840.113556.1.4.1949 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8491e548-6c38-4365-a732-af041569b02c +systemOnly: TRUE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Operation-ID +ldapDisplayName: msDS-AzOperationID +attributeId: 1.2.840.113556.1.4.1800 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a5f3b553-5d76-4cbe-ba3f-4312152cab18 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingAdvertiseScope +ldapDisplayName: meetingAdvertiseScope +attributeId: 1.2.840.113556.1.4.582 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8b-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Scope-Name +ldapDisplayName: msDS-AzScopeName +attributeId: 1.2.840.113556.1.4.1799 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 515a6b06-2617-4173-8099-d5605df043c6 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Script-Engine-Cache-Max +ldapDisplayName: msDS-AzScriptEngineCacheMax +attributeId: 1.2.840.113556.1.4.1796 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2629f66a-1f95-4bf3-a296-8e9d7b9e30c8 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Script-Timeout +ldapDisplayName: msDS-AzScriptTimeout +attributeId: 1.2.840.113556.1.4.1797 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 87d0fb41-2c8b-41f6-b972-11fdfd50d6b0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Task-Is-Role-Definition +ldapDisplayName: msDS-AzTaskIsRoleDefinition +attributeId: 1.2.840.113556.1.4.1818 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7b078544-6c82-4fe9-872f-ff48ad2b2e26 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Behavior-Version +ldapDisplayName: msDS-Behavior-Version +attributeId: 1.2.840.113556.1.4.1459 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d31a8757-2447-4545-8081-3bb610cacbf2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Byte-Array +ldapDisplayName: msDS-ByteArray +attributeId: 1.2.840.113556.1.4.1831 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: f0d8972e-dd5b-40e5-a51d-044c7c17ece7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1000000 + +cn: ms-DS-Cached-Membership +ldapDisplayName: msDS-Cached-Membership +attributeId: 1.2.840.113556.1.4.1441 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 69cab008-cdd4-4bc9-bab8-0ff37efe1b20 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Cached-Membership-Time-Stamp +ldapDisplayName: msDS-Cached-Membership-Time-Stamp +attributeId: 1.2.840.113556.1.4.1442 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 3566bf1f-beee-4dcb-8abe-ef89fcfec6c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Date-Time +ldapDisplayName: msDS-DateTime +attributeId: 1.2.840.113556.1.4.1832 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: FALSE +schemaIdGuid: 234fcbd8-fb52-4908-a328-fd9f6e58e403 +systemOnly: FALSE +searchFlags: 0 + +cn: ms-DS-Default-Quota +ldapDisplayName: msDS-DefaultQuota +attributeId: 1.2.840.113556.1.4.1846 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6818f726-674b-441b-8a3a-f40596374cea +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Machine-Architecture +ldapDisplayName: machineArchitecture +attributeId: 1.2.840.113556.1.4.68 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: FALSE +schemaIdGuid: bf9679af-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingApplication +ldapDisplayName: meetingApplication +attributeId: 1.2.840.113556.1.4.573 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc83-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-DnsRootAlias +ldapDisplayName: msDS-DnsRootAlias +attributeId: 1.2.840.113556.1.4.1719 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2143acca-eead-4d29-b591-85fa49ce9173 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Entry-Time-To-Die +ldapDisplayName: msDS-Entry-Time-To-Die +attributeId: 1.2.840.113556.1.4.1622 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: e1e9bad7-c6dd-4101-a843-794cec85b038 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-ExecuteScriptPassword +ldapDisplayName: msDS-ExecuteScriptPassword +attributeId: 1.2.840.113556.1.4.1783 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9d054a5a-d187-46c1-9d85-42dfc44a56dd +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-External-Key +ldapDisplayName: msDS-ExternalKey +attributeId: 1.2.840.113556.1.4.1833 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b92fd528-38ac-40d4-818d-0433380837c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10000 + +cn: ms-DS-External-Store +ldapDisplayName: msDS-ExternalStore +attributeId: 1.2.840.113556.1.4.1834 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 604877cd-9cdb-47c7-b03d-3daadb044910 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10000 + +cn: ms-DS-Failed-Interactive-Logon-Count +ldapDisplayName: msDS-FailedInteractiveLogonCount +attributeId: 1.2.840.113556.1.4.1972 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: dc3ca86f-70ad-4960-8425-a4d6313d93dd +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon +ldapDisplayName: msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon +attributeId: 1.2.840.113556.1.4.1973 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c5d234e5-644a-4403-a665-e26e0aef5e98 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Filter-Containers +ldapDisplayName: msDS-FilterContainers +attributeId: 1.2.840.113556.1.4.1703 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fb00dcdf-ac37-483a-9c12-ac53a6603033 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-HAB-Seniority-Index +ldapDisplayName: msDS-HABSeniorityIndex +attributeId: 1.2.840.113556.1.4.1997 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: def449f1-fd3b-4045-98cf-d9658da788b5 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 36000 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Has-Domain-NCs +ldapDisplayName: msDS-HasDomainNCs +attributeId: 1.2.840.113556.1.4.1820 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 6f17e347-a842-4498-b8b3-15e007da4fed +systemOnly: TRUE +searchFlags: 0 +rangeLower: 4 +rangeUpper: 4 +linkID: 2026 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingBandwidth +ldapDisplayName: meetingBandwidth +attributeId: 1.2.840.113556.1.4.589 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 11b6cc92-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Has-Full-Replica-NCs +ldapDisplayName: msDS-hasFullReplicaNCs +attributeId: 1.2.840.113556.1.4.1925 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1d3c2d18-42d0-4868-99fe-0eca1e6fa9f3 +systemOnly: TRUE +searchFlags: 0 +linkID: 2104 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Has-Instantiated-NCs +ldapDisplayName: msDS-HasInstantiatedNCs +attributeId: 1.2.840.113556.1.4.1709 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 11e9a5bc-4517-4049-af9c-51554fb0fc09 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 4 +rangeUpper: 4 +linkID: 2002 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Has-Master-NCs +ldapDisplayName: msDS-hasMasterNCs +attributeId: 1.2.840.113556.1.4.1836 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ae2de0e2-59d7-4d47-8d47-ed4dfe4357ad +systemOnly: TRUE +searchFlags: 0 +linkID: 2036 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Integer +ldapDisplayName: msDS-Integer +attributeId: 1.2.840.113556.1.4.1835 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 7bc64cea-c04e-4318-b102-3e0729371a65 +systemOnly: FALSE +searchFlags: 0 + +cn: ms-DS-IntId +ldapDisplayName: msDS-IntId +attributeId: 1.2.840.113556.1.4.1716 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bc60096a-1b47-4b30-8877-602c93f56532 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Is-Domain-For +ldapDisplayName: msDS-IsDomainFor +attributeId: 1.2.840.113556.1.4.1933 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ff155a2a-44e5-4de0-8318-13a58988de4f +systemOnly: TRUE +searchFlags: 0 +linkID: 2027 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Is-Full-Replica-For +ldapDisplayName: msDS-IsFullReplicaFor +attributeId: 1.2.840.113556.1.4.1932 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: c8bc72e0-a6b4-48f0-94a5-fd76a88c9987 +systemOnly: TRUE +searchFlags: 0 +linkID: 2105 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-isGC +ldapDisplayName: msDS-isGC +attributeId: 1.2.840.113556.1.4.1959 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 1df5cf33-0fe5-499e-90e1-e94b42718a46 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Is-Partial-Replica-For +ldapDisplayName: msDS-IsPartialReplicaFor +attributeId: 1.2.840.113556.1.4.1934 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 37c94ff6-c6d4-498f-b2f9-c6f7f8647809 +systemOnly: TRUE +searchFlags: 0 +linkID: 75 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-isRODC +ldapDisplayName: msDS-isRODC +attributeId: 1.2.840.113556.1.4.1960 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: a8e8aa23-3e67-4af1-9d7a-2f1a1d633ac9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingBlob +ldapDisplayName: meetingBlob +attributeId: 1.2.840.113556.1.4.590 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 11b6cc93-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-KeyVersionNumber +ldapDisplayName: msDS-KeyVersionNumber +attributeId: 1.2.840.113556.1.4.1782 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c523e9c0-33b5-4ac8-8923-b57b927f42f6 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-KrbTgt-Link +ldapDisplayName: msDS-KrbTgtLink +attributeId: 1.2.840.113556.1.4.1923 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 778ff5c9-6f4e-4b74-856a-d68383313910 +systemOnly: FALSE +searchFlags: 0 +linkID: 2100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-KrbTgt-Link-BL +ldapDisplayName: msDS-KrbTgtLinkBl +attributeId: 1.2.840.113556.1.4.1931 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 5dd68c41-bfdf-438b-9b5d-39d9618bf260 +systemOnly: TRUE +searchFlags: 0 +linkID: 2101 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Last-Failed-Interactive-Logon-Time +ldapDisplayName: msDS-LastFailedInteractiveLogonTime +attributeId: 1.2.840.113556.1.4.1971 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c7e7dafa-10c3-4b8b-9acd-54f11063742e +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Last-Successful-Interactive-Logon-Time +ldapDisplayName: msDS-LastSuccessfulInteractiveLogonTime +attributeId: 1.2.840.113556.1.4.1970 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 011929e6-8b5d-4258-b64a-00b0b4949747 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Duration +ldapDisplayName: msDS-LockoutDuration +attributeId: 1.2.840.113556.1.4.2018 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +schemaIdGuid:: 421f889a-472e-4fe4-8eb9-e1d0bc6071b2 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Threshold +ldapDisplayName: msDS-LockoutThreshold +attributeId: 1.2.840.113556.1.4.2019 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +schemaIdGuid:: b8c8c35e-4a19-4a95-99d0-69fe4446286f +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Observation-Window +ldapDisplayName: msDS-LockoutObservationWindow +attributeId: 1.2.840.113556.1.4.2017 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +schemaIdGuid:: b05bda89-76af-468a-b892-1be55558ecc8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Logon-Time-Sync-Interval +ldapDisplayName: msDS-LogonTimeSyncInterval +attributeId: 1.2.840.113556.1.4.1784 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ad7940f8-e43a-4a42-83bc-d688e59ea605 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Mastered-By +ldapDisplayName: msDs-masteredBy +attributeId: 1.2.840.113556.1.4.1837 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 60234769-4819-4615-a1b2-49d2f119acb5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2037 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingContactInfo +ldapDisplayName: meetingContactInfo +attributeId: 1.2.840.113556.1.4.578 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc87-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Maximum-Password-Age +ldapDisplayName: msDS-MaximumPasswordAge +attributeId: 1.2.840.113556.1.4.2011 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +schemaIdGuid: fdd337f5-4999-4fce-b252-8ff9c9b43875 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Max-Values +ldapDisplayName: msDs-MaxValues +attributeId: 1.2.840.113556.1.4.1842 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d1e169a4-ebe9-49bf-8fcb-8aef3874592d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Members-For-Az-Role +ldapDisplayName: msDS-MembersForAzRole +attributeId: 1.2.840.113556.1.4.1806 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: cbf7e6cd-85a4-4314-8939-8bfe80597835 +systemOnly: FALSE +searchFlags: 0 +linkID: 2016 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Members-For-Az-Role-BL +ldapDisplayName: msDS-MembersForAzRoleBL +attributeId: 1.2.840.113556.1.4.1807 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ececcd20-a7e0-4688-9ccf-02ece5e287f5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2017 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Minimum-Password-Age +ldapDisplayName: msDS-MinimumPasswordAge +attributeId: 1.2.840.113556.1.4.2012 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +schemaIdGuid: 2a74f878-4d9c-49f9-97b3-6767d1cbd9a3 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Minimum-Password-Length +ldapDisplayName: msDS-MinimumPasswordLength +attributeId: 1.2.840.113556.1.4.2013 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: b21b3439-4c3a-441c-bb5f-08f20e9b315e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Replica-Locations +ldapDisplayName: msDS-NC-Replica-Locations +attributeId: 1.2.840.113556.1.4.1661 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 97de9615-b537-46bc-ac0f-10720f3909f3 +systemOnly: FALSE +searchFlags: 0 +linkID: 1044 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-RO-Replica-Locations +ldapDisplayName: msDS-NC-RO-Replica-Locations +attributeId: 1.2.840.113556.1.4.1967 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3df793df-9858-4417-a701-735a1ecebf74 +systemOnly: FALSE +searchFlags: 0 +linkID: 2114 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-RO-Replica-Locations-BL +ldapDisplayName: msDS-NC-RO-Replica-Locations-BL +attributeId: 1.2.840.113556.1.4.1968 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f547511c-5b2a-44cc-8358-992a88258164 +systemOnly: FALSE +searchFlags: 0 +linkID: 2115 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-NC-Type +ldapDisplayName: msDS-NcType +attributeId: 1.2.840.113556.1.4.2024 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: TRUE +searchFlags: 0 +schemaIdGuid: 5a2eacd7-cc2b-48cf-9d9a-b6f1a0024de9 +showInAdvancedViewOnly: TRUE +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingDescription +ldapDisplayName: meetingDescription +attributeId: 1.2.840.113556.1.4.567 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7e-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-NC-Repl-Cursors +ldapDisplayName: msDS-NCReplCursors +attributeId: 1.2.840.113556.1.4.1704 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8a167ce4-f9e8-47eb-8d78-f7fe80abb2cc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Repl-Inbound-Neighbors +ldapDisplayName: msDS-NCReplInboundNeighbors +attributeId: 1.2.840.113556.1.4.1705 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9edba85a-3e9e-431b-9b1a-a5b6e9eda796 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Repl-Outbound-Neighbors +ldapDisplayName: msDS-NCReplOutboundNeighbors +attributeId: 1.2.840.113556.1.4.1706 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 855f2ef5-a1c5-4cc4-ba6d-32522848b61f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Never-Reveal-Group +ldapDisplayName: msDS-NeverRevealGroup +attributeId: 1.2.840.113556.1.4.1926 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 15585999-fd49-4d66-b25d-eeb96aba8174 +systemOnly: FALSE +searchFlags: 0 +linkID: 2106 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Non-Security-Group-Extra-Classes +ldapDisplayName: msDS-Non-Security-Group-Extra-Classes +attributeId: 1.2.840.113556.1.4.1689 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2de144fc-1f52-486f-bdf4-16fcc3084e54 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Non-Members +ldapDisplayName: msDS-NonMembers +attributeId: 1.2.840.113556.1.4.1793 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: cafcb1de-f23c-46b5-adf7-1e64957bd5db +systemOnly: FALSE +searchFlags: 0 +linkID: 2014 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Non-Members-BL +ldapDisplayName: msDS-NonMembersBL +attributeId: 1.2.840.113556.1.4.1794 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a8c68fc-3a7a-4e87-8720-fe77c51cbe74 +systemOnly: TRUE +searchFlags: 0 +linkID: 2015 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Object-Reference +ldapDisplayName: msDS-ObjectReference +attributeId: 1.2.840.113556.1.4.1840 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 638ec2e8-22e7-409c-85d2-11b21bee72de +systemOnly: FALSE +searchFlags: 0 +linkID: 2038 + +cn: ms-DS-Object-Reference-BL +ldapDisplayName: msDS-ObjectReferenceBL +attributeId: 1.2.840.113556.1.4.1841 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2b702515-c1f7-4b3b-b148-c0e4c6ceecb4 +systemOnly: TRUE +searchFlags: 0 +linkID: 2039 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Operations-For-Az-Role +ldapDisplayName: msDS-OperationsForAzRole +attributeId: 1.2.840.113556.1.4.1812 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 93f701be-fa4c-43b6-bc2f-4dbea718ffab +systemOnly: FALSE +searchFlags: 0 +linkID: 2022 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingEndTime +ldapDisplayName: meetingEndTime +attributeId: 1.2.840.113556.1.4.588 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: FALSE +schemaIdGuid: 11b6cc91-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Operations-For-Az-Role-BL +ldapDisplayName: msDS-OperationsForAzRoleBL +attributeId: 1.2.840.113556.1.4.1813 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f85b6228-3734-4525-b6b7-3f3bb220902c +systemOnly: TRUE +searchFlags: 0 +linkID: 2023 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Operations-For-Az-Task +ldapDisplayName: msDS-OperationsForAzTask +attributeId: 1.2.840.113556.1.4.1808 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1aacb436-2e9d-44a9-9298-ce4debeb6ebf +systemOnly: FALSE +searchFlags: 0 +linkID: 2018 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Operations-For-Az-Task-BL +ldapDisplayName: msDS-OperationsForAzTaskBL +attributeId: 1.2.840.113556.1.4.1809 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a637d211-5739-4ed1-89b2-88974548bc59 +systemOnly: TRUE +searchFlags: 0 +linkID: 2019 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Other-Settings +ldapDisplayName: msDS-Other-Settings +attributeId: 1.2.840.113556.1.4.1621 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 79d2f34c-9d7d-42bb-838f-866b3e4400e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Complexity-Enabled +ldapDisplayName: msDS-PasswordComplexityEnabled +attributeId: 1.2.840.113556.1.4.2015 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +schemaIdGuid: db68054b-c9c3-4bf0-b15b-0fb52552a610 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-History-Length +ldapDisplayName: msDS-PasswordHistoryLength +attributeId: 1.2.840.113556.1.4.2014 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +schemaIdGuid: fed81bb7-768c-4c2f-9641-2245de34794d +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Reversible-Encryption-Enabled +ldapDisplayName: msDS-PasswordReversibleEncryptionEnabled +attributeId: 1.2.840.113556.1.4.2016 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +schemaIdGuid:: 75ccdd8f-af6c-4487-bb4b-69e4d38a959c +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Settings-Precedence +ldapDisplayName: msDS-PasswordSettingsPrecedence +attributeId: 1.2.840.113556.1.4.2023 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +schemaIdGuid: 456374ac-1f0a-4617-93cf-bc55a7c9d341 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Per-User-Trust-Quota +ldapDisplayName: msDS-PerUserTrustQuota +attributeId: 1.2.840.113556.1.4.1788 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d161adf0-ca24-4993-a3aa-8b2c981302e8 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Per-User-Trust-Tombstones-Quota +ldapDisplayName: msDS-PerUserTrustTombstonesQuota +attributeId: 1.2.840.113556.1.4.1790 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8b70a6c6-50f9-4fa3-a71e-1ce03040449b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingID +ldapDisplayName: meetingID +attributeId: 1.2.840.113556.1.4.565 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7c-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Phonetic-Company-Name +ldapDisplayName: msDS-PhoneticCompanyName +attributeId: 1.2.840.113556.1.4.1945 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5bd5208d-e5f4-46ae-a514-543bc9c47659 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35985 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Phonetic-Department +ldapDisplayName: msDS-PhoneticDepartment +attributeId: 1.2.840.113556.1.4.1944 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6cd53daf-003e-49e7-a702-6fa896e7a6ef +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35984 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Phonetic-Display-Name +ldapDisplayName: msDS-PhoneticDisplayName +attributeId: 1.2.840.113556.1.4.1946 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e21a94e4-2d66-4ce5-b30d-0ef87a776ff0 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35986 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Phonetic-First-Name +ldapDisplayName: msDS-PhoneticFirstName +attributeId: 1.2.840.113556.1.4.1942 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4b1cba4e-302f-4134-ac7c-f01f6c797843 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35982 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Phonetic-Last-Name +ldapDisplayName: msDS-PhoneticLastName +attributeId: 1.2.840.113556.1.4.1943 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f217e4ec-0836-4b90-88af-2f5d4bbda2bc +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35983 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Preferred-GC-Site +ldapDisplayName: msDS-Preferred-GC-Site +attributeId: 1.2.840.113556.1.4.1444 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: d921b50a-0ab2-42cd-87f6-09cf83a91854 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Principal-Name +ldapDisplayName: msDS-PrincipalName +attributeId: 1.2.840.113556.1.4.1865 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 564e9325-d057-c143-9e3b-4f9e5ef46f93 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Promotion-Settings +ldapDisplayName: msDS-PromotionSettings +attributeId: 1.2.840.113556.1.4.1962 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c881b4e2-43c0-4ebe-b9bb-5250aa9b434c +systemOnly: TRUE +searchFlags: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-PSO-Applied +ldapDisplayName: msDS-PSOApplied +attributeId: 1.2.840.113556.1.4.2021 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: FALSE +systemOnly: TRUE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: 5e6cf031-bda8-43c8-aca4-8fee4127005b +linkID: 2119 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-PSO-Applies-To +ldapDisplayName: msDS-PSOAppliesTo +attributeId: 1.2.840.113556.1.4.2020 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: 64c80f48-cdd2-4881-a86d-4e97b6f561fc +linkID: 2118 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingIP +ldapDisplayName: meetingIP +attributeId: 1.2.840.113556.1.4.580 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc89-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Amount +ldapDisplayName: msDS-QuotaAmount +attributeId: 1.2.840.113556.1.4.1845 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fbb9a00d-3a8c-4233-9cf9-7189264903a1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Effective +ldapDisplayName: msDS-QuotaEffective +attributeId: 1.2.840.113556.1.4.1848 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6655b152-101c-48b4-b347-e1fcebc60157 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Trustee +ldapDisplayName: msDS-QuotaTrustee +attributeId: 1.2.840.113556.1.4.1844 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 16378906-4ea5-49be-a8d1-bfd41dff4f65 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 28 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Used +ldapDisplayName: msDS-QuotaUsed +attributeId: 1.2.840.113556.1.4.1849 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b5a84308-615d-4bb7-b05f-2f1746aa439f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Repl-Attribute-Meta-Data +ldapDisplayName: msDS-ReplAttributeMetaData +attributeId: 1.2.840.113556.1.4.1707 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d7c53242-724e-4c39-9d4c-2df8c9d66c7a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Replication-Notify-First-DSA-Delay +ldapDisplayName: msDS-Replication-Notify-First-DSA-Delay +attributeId: 1.2.840.113556.1.4.1663 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 85abd4f4-0a89-4e49-bdec-6f35bb2562ba +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Replication-Notify-Subsequent-DSA-Delay +ldapDisplayName: msDS-Replication-Notify-Subsequent-DSA-Delay +attributeId: 1.2.840.113556.1.4.1664 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d63db385-dd92-4b52-b1d8-0d3ecc0e86b6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-ReplicationEpoch +ldapDisplayName: msDS-ReplicationEpoch +attributeId: 1.2.840.113556.1.4.1720 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 08e3aa79-eb1c-45b5-af7b-8f94246c8e41 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Repl-Value-Meta-Data +ldapDisplayName: msDS-ReplValueMetaData +attributeId: 1.2.840.113556.1.4.1708 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2f5c8145-e1bd-410b-8957-8bfa81d5acfd +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Resultant-PSO +ldapDisplayName: msDS-ResultantPSO +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: TRUE +systemOnly: TRUE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: b77ea093-88d0-4780-9a98-911f8e8b1dca +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingIsEncrypted +ldapDisplayName: meetingIsEncrypted +attributeId: 1.2.840.113556.1.4.585 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8e-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Retired-Repl-NC-Signatures +ldapDisplayName: msDS-RetiredReplNCSignatures +attributeId: 1.2.840.113556.1.4.1826 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d5b35506-19d6-4d26-9afb-11357ac99b5e +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-DSAs +ldapDisplayName: msDS-RevealedDSAs +attributeId: 1.2.840.113556.1.4.1930 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 94f6f2ac-c76d-4b5e-b71f-f332c3e93c22 +systemOnly: TRUE +searchFlags: 0 +linkID: 2103 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-List +ldapDisplayName: msDS-RevealedList +attributeId: 1.2.840.113556.1.4.1940 +attributeSyntax: 2.5.5.14 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.12 +isSingleValued: FALSE +schemaIdGuid: cbdad11c-7fec-387b-6219-3a0627d9af81 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-List-BL +ldapDisplayName: msDS-RevealedListBL +attributeId: 1.2.840.113556.1.4.1975 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: aa1c88fd-b0f6-429f-b2ca-9d902266e808 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-Users +ldapDisplayName: msDS-RevealedUsers +attributeId: 1.2.840.113556.1.4.1924 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 185c7821-3749-443a-bd6a-288899071adb +systemOnly: TRUE +searchFlags: 0 +linkID: 2102 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Reveal-OnDemand-Group +ldapDisplayName: msDS-RevealOnDemandGroup +attributeId: 1.2.840.113556.1.4.1928 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 303d9f4a-1dd6-4b38-8fc5-33afe8c988ad +systemOnly: FALSE +searchFlags: 0 +linkID: 2110 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-ds-Schema-Extensions +ldapDisplayName: msDs-Schema-Extensions +attributeId: 1.2.840.113556.1.4.1440 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: b39a61be-ed07-4cab-9a4a-4963ed0141e1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-SD-Reference-Domain +ldapDisplayName: msDS-SDReferenceDomain +attributeId: 1.2.840.113556.1.4.1711 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 4c51e316-f628-43a5-b06b-ffb695fcb4f3 +systemOnly: FALSE +searchFlags: 0 +linkID: 2000 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Secondary-KrbTgt-Number +ldapDisplayName: msDS-SecondaryKrbTgtNumber +attributeId: 1.2.840.113556.1.4.1929 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: aa156612-2396-467e-ad6a-28d23fdb1865 +systemOnly: TRUE +searchFlags: fATTINDEX +rangeLower: 65536 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Security-Group-Extra-Classes +ldapDisplayName: msDS-Security-Group-Extra-Classes +attributeId: 1.2.840.113556.1.4.1688 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4f146ae8-a4fe-4801-a731-f51848a4f4e4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingKeyword +ldapDisplayName: meetingKeyword +attributeId: 1.2.840.113556.1.4.568 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc7f-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Settings +ldapDisplayName: msDS-Settings +attributeId: 1.2.840.113556.1.4.1697 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0e1b47d7-40a3-4b48-8d1b-4cac0c1cdf21 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1000000 + +cn: ms-DS-SiteName +ldapDisplayName: msDS-SiteName +attributeId: 1.2.840.113556.1.4.1961 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 98a7f36d-3595-448a-9e6f-6b8965baed9c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Site-Affinity +ldapDisplayName: msDS-Site-Affinity +attributeId: 1.2.840.113556.1.4.1443 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: c17c5602-bcb7-46f0-9656-6370ca884b72 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Source-Object-DN +ldapDisplayName: msDS-SourceObjectDN +attributeId: 1.2.840.113556.1.4.1879 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 773e93af-d3b4-48d4-b3f9-06457602d3d0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 10240 + +cn: ms-DS-SPN-Suffixes +ldapDisplayName: msDS-SPNSuffixes +attributeId: 1.2.840.113556.1.4.1715 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 789ee1eb-8c8e-4e4c-8cec-79b31b7617b5 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Supported-Encryption-Types +ldapDisplayName: msDS-SupportedEncryptionTypes +attributeId: 1.2.840.113556.1.4.1963 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 20119867-1d04-4ab7-9371-cfc3d5df0afd +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Tasks-For-Az-Role +ldapDisplayName: msDS-TasksForAzRole +attributeId: 1.2.840.113556.1.4.1814 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 35319082-8c4a-4646-9386-c2949d49894d +systemOnly: FALSE +searchFlags: 0 +linkID: 2024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Tasks-For-Az-Role-BL +ldapDisplayName: msDS-TasksForAzRoleBL +attributeId: 1.2.840.113556.1.4.1815 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a0dcd536-5158-42fe-8c40-c00a7ad37959 +systemOnly: TRUE +searchFlags: 0 +linkID: 2025 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Tasks-For-Az-Task +ldapDisplayName: msDS-TasksForAzTask +attributeId: 1.2.840.113556.1.4.1810 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b11c8ee2-5fcd-46a7-95f0-f38333f096cf +systemOnly: FALSE +searchFlags: 0 +linkID: 2020 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Machine-Password-Change-Interval +ldapDisplayName: machinePasswordChangeInterval +attributeId: 1.2.840.113556.1.4.520 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c9b6358e-bb38-11d0-afef-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fe-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingLanguage +ldapDisplayName: meetingLanguage +attributeId: 1.2.840.113556.1.4.574 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc84-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Tasks-For-Az-Task-BL +ldapDisplayName: msDS-TasksForAzTaskBL +attributeId: 1.2.840.113556.1.4.1811 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: df446e52-b5fa-4ca2-a42f-13f98a526c8f +systemOnly: TRUE +searchFlags: 0 +linkID: 2021 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Tombstone-Quota-Factor +ldapDisplayName: msDS-TombstoneQuotaFactor +attributeId: 1.2.840.113556.1.4.1847 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 461744d7-f3b6-45ba-8753-fb9552a5df32 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Top-Quota-Usage +ldapDisplayName: msDS-TopQuotaUsage +attributeId: 1.2.840.113556.1.4.1850 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7b7cce4f-f1f5-4bb6-b7eb-23504af19e75 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Trust-Forest-Trust-Info +ldapDisplayName: msDS-TrustForestTrustInfo +attributeId: 1.2.840.113556.1.4.1702 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 29cc866e-49d3-4969-942e-1dbc0925d183 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-UpdateScript +ldapDisplayName: msDS-UpdateScript +attributeId: 1.2.840.113556.1.4.1721 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 146eb639-bb9f-4fc1-a825-e29e00c77920 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-User-Account-Control-Computed +ldapDisplayName: msDS-User-Account-Control-Computed +attributeId: 1.2.840.113556.1.4.1460 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2cc4b836-b63f-4940-8d23-ea7acf06af56 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-User-Password-Expiry-Time-Computed +ldapDisplayName: msDS-UserPasswordExpiryTimeComputed +attributeId: 1.2.840.113556.1.4.1996 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: add5cf10-7b09-4449-9ae6-2534148f8a72 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-Exch-Assistant-Name +ldapDisplayName: msExchAssistantName +attributeId: 1.2.840.113556.1.2.444 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7394-c5ea-11d1-bbcb-0080c76670c0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +mapiID: 14896 + +cn: ms-Exch-House-Identifier +ldapDisplayName: msExchHouseIdentifier +attributeId: 1.2.840.113556.1.2.596 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7407-c5ea-11d1-bbcb-0080c76670c0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 35924 + +cn: ms-Exch-LabeledURI +ldapDisplayName: msExchLabeledURI +attributeId: 1.2.840.113556.1.2.593 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 16775820-47f3-11d1-a9c3-0000f80367c1 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35921 + +cn: meetingLocation +ldapDisplayName: meetingLocation +attributeId: 1.2.840.113556.1.4.569 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc80-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FRS-Hub-Member +ldapDisplayName: msFRS-Hub-Member +attributeId: 1.2.840.113556.1.4.1693 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 5643ff81-35b6-4ca9-9512-baf0bd0a2772 +searchFlags: 0 +linkID: 1046 + +cn: ms-FRS-Topology-Pref +ldapDisplayName: msFRS-Topology-Pref +attributeId: 1.2.840.113556.1.4.1692 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 92aa27e0-5c50-402d-9ec1-ee847def9788 +searchFlags: 0 + +cn: ms-FVE-KeyPackage +ldapDisplayName: msFVE-KeyPackage +attributeId: 1.2.840.113556.1.4.1999 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +rangeUpper: 102400 +schemaIdGuid: 1fd55ea8-88a7-47dc-8129-0daa-97186a54 +searchFlags: fRODCFilteredAttribute | fCONFIDENTIAL | fCOPY |fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-RecoveryGuid +ldapDisplayName: msFVE-RecoveryGuid +attributeId: 1.2.840.113556.1.4.1965 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: f76909bc-e678-47a0-b0b3-f86a0044c06d +searchFlags: fCOPY | fPRESERVEONDELETE | fPDNTATTINDEX | fATTINDEX +rangeUpper: 128 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-RecoveryPassword +ldapDisplayName: msFVE-RecoveryPassword +attributeId: 1.2.840.113556.1.4.1964 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +rangeUpper: 256 +schemaIdGuid: 43061ac1-c8ad-4ccc-b785-2bfac20fc60a +searchFlags: fRODCFilteredAttribute | fCONFIDENTIAL | fCOPY |fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-VolumeGuid +ldapDisplayName: msFVE-VolumeGuid +attributeId: 1.2.840.113556.1.4.1965 +attributeId: 1.2.840.113556.1.4.1998 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +searchFlags: fCOPY | fPRESERVEONDELETE | fPDNTATTINDEX | fATTINDEX +rangeUpper: 128 +schemaIdGuid: 85e5a5cf-dcee-4075-9cfd-ac9db6a2f245 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-Data +ldapDisplayName: msieee80211-Data +attributeId: 1.2.840.113556.1.4.1821 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 0e0d0938-2658-4580-a9f6-7a0ac7b566cb +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-Data-Type +ldapDisplayName: msieee80211-DataType +attributeId: 1.2.840.113556.1.4.1822 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6558b180-35da-4efe-beed-521f8f48cafb +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-ID +ldapDisplayName: msieee80211-ID +attributeId: 1.2.840.113556.1.4.1823 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7f73ef75-14c9-4c23-81de-dd07a06f9e8b +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-File-List +ldapDisplayName: msiFileList +attributeId: 1.2.840.113556.1.4.671 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7d-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingMaxParticipants +ldapDisplayName: meetingMaxParticipants +attributeId: 1.2.840.113556.1.4.576 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 11b6cc85-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-IIS-FTP-Dir +ldapDisplayName: msIIS-FTPDir +attributeId: 1.2.840.113556.1.4.1786 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8a5c99e9-2230-46eb-b8e8-e59d712eb9ee +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-IIS-FTP-Root +ldapDisplayName: msIIS-FTPRoot +attributeId: 1.2.840.113556.1.4.1785 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a7827a4-1483-49a5-9d84-52e3812156b4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script +ldapDisplayName: msiScript +attributeId: 1.2.840.113556.1.4.814 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d9e18313-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Name +ldapDisplayName: msiScriptName +attributeId: 1.2.840.113556.1.4.845 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 96a7dd62-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Path +ldapDisplayName: msiScriptPath +attributeId: 1.2.840.113556.1.4.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967937-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Size +ldapDisplayName: msiScriptSize +attributeId: 1.2.840.113556.1.4.846 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd63-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Multicast-Address +ldapDisplayName: MSMQ-MulticastAddress +attributeId: 1.2.840.113556.1.4.1714 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1d2f4412-f10d-4337-9b48-6e5b125cd265 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 9 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Recipient-FormatName +ldapDisplayName: msMQ-Recipient-FormatName +attributeId: 1.2.840.113556.1.4.1695 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3bfe6748-b544-485a-b067-1b310c4334bf +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Secured-Source +ldapDisplayName: MSMQ-SecuredSource +attributeId: 1.2.840.113556.1.4.1713 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8bf0221b-7a06-4d63-91f0-1499941813d3 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Authenticate +ldapDisplayName: mSMQAuthenticate +attributeId: 1.2.840.113556.1.4.923 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc326-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingName +ldapDisplayName: meetingName +attributeId: 1.2.840.113556.1.4.566 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7d-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Base-Priority +ldapDisplayName: mSMQBasePriority +attributeId: 1.2.840.113556.1.4.920 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc323-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Computer-Type +ldapDisplayName: mSMQComputerType +attributeId: 1.2.840.113556.1.4.933 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32e-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Computer-Type-Ex +ldapDisplayName: mSMQComputerTypeEx +attributeId: 1.2.840.113556.1.4.1417 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 18120de8-f4c4-4341-bd95-32eb5bcf7c80 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Cost +ldapDisplayName: mSMQCost +attributeId: 1.2.840.113556.1.4.946 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33a-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-CSP-Name +ldapDisplayName: mSMQCSPName +attributeId: 1.2.840.113556.1.4.940 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc334-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Dependent-Client-Service +ldapDisplayName: mSMQDependentClientService +attributeId: 1.2.840.113556.1.4.1239 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d83-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Dependent-Client-Services +ldapDisplayName: mSMQDependentClientServices +attributeId: 1.2.840.113556.1.4.1226 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d76-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Digests +ldapDisplayName: mSMQDigests +attributeId: 1.2.840.113556.1.4.948 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9a0dc33c-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Digests-Mig +ldapDisplayName: mSMQDigestsMig +attributeId: 1.2.840.113556.1.4.966 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 0f71d8e0-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Ds-Service +ldapDisplayName: mSMQDsService +attributeId: 1.2.840.113556.1.4.1238 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d82-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingOriginator +ldapDisplayName: meetingOriginator +attributeId: 1.2.840.113556.1.4.577 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc86-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Ds-Services +ldapDisplayName: mSMQDsServices +attributeId: 1.2.840.113556.1.4.1228 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d78-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Encrypt-Key +ldapDisplayName: mSMQEncryptKey +attributeId: 1.2.840.113556.1.4.936 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc331-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Foreign +ldapDisplayName: mSMQForeign +attributeId: 1.2.840.113556.1.4.934 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32f-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-In-Routing-Servers +ldapDisplayName: mSMQInRoutingServers +attributeId: 1.2.840.113556.1.4.929 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32c-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Interval1 +ldapDisplayName: mSMQInterval1 +attributeId: 1.2.840.113556.1.4.1308 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8ea825aa-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Interval2 +ldapDisplayName: mSMQInterval2 +attributeId: 1.2.840.113556.1.4.1309 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 99b88f52-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Journal +ldapDisplayName: mSMQJournal +attributeId: 1.2.840.113556.1.4.918 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc321-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Journal-Quota +ldapDisplayName: mSMQJournalQuota +attributeId: 1.2.840.113556.1.4.921 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc324-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Label +ldapDisplayName: mSMQLabel +attributeId: 1.2.840.113556.1.4.922 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc325-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 124 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Label-Ex +ldapDisplayName: mSMQLabelEx +attributeId: 1.2.840.113556.1.4.1415 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4580ad25-d407-48d2-ad24-43e6e56793d7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 124 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingOwner +ldapDisplayName: meetingOwner +attributeId: 1.2.840.113556.1.4.579 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc88-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Long-Lived +ldapDisplayName: mSMQLongLived +attributeId: 1.2.840.113556.1.4.941 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc335-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Migrated +ldapDisplayName: mSMQMigrated +attributeId: 1.2.840.113556.1.4.952 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33f-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Name-Style +ldapDisplayName: mSMQNameStyle +attributeId: 1.2.840.113556.1.4.939 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc333-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Nt4-Flags +ldapDisplayName: mSMQNt4Flags +attributeId: 1.2.840.113556.1.4.964 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eb38a158-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Nt4-Stub +ldapDisplayName: mSMQNt4Stub +attributeId: 1.2.840.113556.1.4.960 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 6f914be6-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-OS-Type +ldapDisplayName: mSMQOSType +attributeId: 1.2.840.113556.1.4.935 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc330-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Out-Routing-Servers +ldapDisplayName: mSMQOutRoutingServers +attributeId: 1.2.840.113556.1.4.928 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32b-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Owner-ID +ldapDisplayName: mSMQOwnerID +attributeId: 1.2.840.113556.1.4.925 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc328-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MSMQ-Prev-Site-Gates +ldapDisplayName: mSMQPrevSiteGates +attributeId: 1.2.840.113556.1.4.1225 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2df90d75-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Privacy-Level +ldapDisplayName: mSMQPrivacyLevel +attributeId: 1.2.840.113556.1.4.924 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: 9a0dc327-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingProtocol +ldapDisplayName: meetingProtocol +attributeId: 1.2.840.113556.1.4.570 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc81-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-QM-ID +ldapDisplayName: mSMQQMID +attributeId: 1.2.840.113556.1.4.951 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33e-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Journal-Quota +ldapDisplayName: mSMQQueueJournalQuota +attributeId: 1.2.840.113556.1.4.963 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8e441266-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Name-Ext +ldapDisplayName: mSMQQueueNameExt +attributeId: 1.2.840.113556.1.4.1243 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2df90d87-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 92 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Quota +ldapDisplayName: mSMQQueueQuota +attributeId: 1.2.840.113556.1.4.962 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3f6b8e12-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Type +ldapDisplayName: mSMQQueueType +attributeId: 1.2.840.113556.1.4.917 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc320-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Quota +ldapDisplayName: mSMQQuota +attributeId: 1.2.840.113556.1.4.919 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc322-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Routing-Service +ldapDisplayName: mSMQRoutingService +attributeId: 1.2.840.113556.1.4.1237 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d81-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Routing-Services +ldapDisplayName: mSMQRoutingServices +attributeId: 1.2.840.113556.1.4.1227 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d77-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Services +ldapDisplayName: mSMQServices +attributeId: 1.2.840.113556.1.4.950 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33d-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Service-Type +ldapDisplayName: mSMQServiceType +attributeId: 1.2.840.113556.1.4.930 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32d-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingRating +ldapDisplayName: meetingRating +attributeId: 1.2.840.113556.1.4.584 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8d-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Certificates +ldapDisplayName: mSMQSignCertificates +attributeId: 1.2.840.113556.1.4.947 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33b-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Certificates-Mig +ldapDisplayName: mSMQSignCertificatesMig +attributeId: 1.2.840.113556.1.4.967 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3881b8ea-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Key +ldapDisplayName: mSMQSignKey +attributeId: 1.2.840.113556.1.4.937 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc332-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-1 +ldapDisplayName: mSMQSite1 +attributeId: 1.2.840.113556.1.4.943 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 9a0dc337-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-2 +ldapDisplayName: mSMQSite2 +attributeId: 1.2.840.113556.1.4.944 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 9a0dc338-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Foreign +ldapDisplayName: mSMQSiteForeign +attributeId: 1.2.840.113556.1.4.961 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: FALSE +schemaIdGuid: fd129d8a-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Gates +ldapDisplayName: mSMQSiteGates +attributeId: 1.2.840.113556.1.4.945 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc339-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Gates-Mig +ldapDisplayName: mSMQSiteGatesMig +attributeId: 1.2.840.113556.1.4.1310 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e2704852-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-ID +ldapDisplayName: mSMQSiteID +attributeId: 1.2.840.113556.1.4.953 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc340-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Name +ldapDisplayName: mSMQSiteName +attributeId: 1.2.840.113556.1.4.965 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: ffadb4b2-de39-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingRecurrence +ldapDisplayName: meetingRecurrence +attributeId: 1.2.840.113556.1.4.586 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8f-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Name-Ex +ldapDisplayName: mSMQSiteNameEx +attributeId: 1.2.840.113556.1.4.1416 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 422144fa-c17f-4649-94d6-9731ed2784ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sites +ldapDisplayName: mSMQSites +attributeId: 1.2.840.113556.1.4.927 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32a-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Transactional +ldapDisplayName: mSMQTransactional +attributeId: 1.2.840.113556.1.4.926 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc329-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-User-Sid +ldapDisplayName: mSMQUserSid +attributeId: 1.2.840.113556.1.4.1337 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: c58aae32-56f9-11d2-90d0-00c04fd91ab1 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 128 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Version +ldapDisplayName: mSMQVersion +attributeId: 1.2.840.113556.1.4.942 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc336-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPAllowDialin +ldapDisplayName: msNPAllowDialin +attributeId: 1.2.840.113556.1.4.1119 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: db0c9085-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPCalledStationID +ldapDisplayName: msNPCalledStationID +attributeId: 1.2.840.113556.1.4.1123 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c9089-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPCallingStationID +ldapDisplayName: msNPCallingStationID +attributeId: 1.2.840.113556.1.4.1124 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c908a-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPSavedCallingStationID +ldapDisplayName: msNPSavedCallingStationID +attributeId: 1.2.840.113556.1.4.1130 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c908e-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Cert-Template-OID +ldapDisplayName: msPKI-Cert-Template-OID +attributeId: 1.2.840.113556.1.4.1436 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3164c36a-ba26-468c-8bda-c1e5cc256728 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingScope +ldapDisplayName: meetingScope +attributeId: 1.2.840.113556.1.4.581 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8a-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Certificate-Application-Policy +ldapDisplayName: msPKI-Certificate-Application-Policy +attributeId: 1.2.840.113556.1.4.1674 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: dbd90548-aa37-4202-9966-8c537ba5ce32 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Certificate-Name-Flag +ldapDisplayName: msPKI-Certificate-Name-Flag +attributeId: 1.2.840.113556.1.4.1432 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ea1dddc4-60ff-416e-8cc0-17cee534bce7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Certificate-Policy +ldapDisplayName: msPKI-Certificate-Policy +attributeId: 1.2.840.113556.1.4.1439 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 38942346-cc5b-424b-a7d8-6ffd12029c5f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Enrollment-Flag +ldapDisplayName: msPKI-Enrollment-Flag +attributeId: 1.2.840.113556.1.4.1430 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d15ef7d8-f226-46db-ae79-b34e560bd12c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Minimal-Key-Size +ldapDisplayName: msPKI-Minimal-Key-Size +attributeId: 1.2.840.113556.1.4.1433 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e96a63f5-417f-46d3-be52-db7703c503df +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-Attribute +ldapDisplayName: msPKI-OID-Attribute +attributeId: 1.2.840.113556.1.4.1671 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8c9e1288-5028-4f4f-a704-76d026f246ef +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-CPS +ldapDisplayName: msPKI-OID-CPS +attributeId: 1.2.840.113556.1.4.1672 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 5f49940e-a79f-4a51-bb6f-3d446a54dc6b +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-User-Notice +ldapDisplayName: msPKI-OID-User-Notice +attributeId: 1.2.840.113556.1.4.1673 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 04c4da7a-e114-4e69-88de-e293f2d3b395 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-LocalizedName +ldapDisplayName: msPKI-OIDLocalizedName +attributeId: 1.2.840.113556.1.4.1712 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7d59a816-bb05-4a72-971f-5c1331f67559 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Private-Key-Flag +ldapDisplayName: msPKI-Private-Key-Flag +attributeId: 1.2.840.113556.1.4.1431 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bab04ac2-0435-4709-9307-28380e7c7001 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Machine-Role +ldapDisplayName: machineRole +attributeId: 1.2.840.113556.1.4.71 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf9679b2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingStartTime +ldapDisplayName: meetingStartTime +attributeId: 1.2.840.113556.1.4.587 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: FALSE +schemaIdGuid: 11b6cc90-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Application-Policies +ldapDisplayName: msPKI-RA-Application-Policies +attributeId: 1.2.840.113556.1.4.1675 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3c91fbbf-4773-4ccd-a87b-85d53e7bcf6a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Policies +ldapDisplayName: msPKI-RA-Policies +attributeId: 1.2.840.113556.1.4.1438 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d546ae22-0951-4d47-817e-1c9f96faad46 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Signature +ldapDisplayName: msPKI-RA-Signature +attributeId: 1.2.840.113556.1.4.1429 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe17e04b-937d-4f7e-8e0e-9292c8d5683e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Supersede-Templates +ldapDisplayName: msPKI-Supersede-Templates +attributeId: 1.2.840.113556.1.4.1437 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9de8ae7d-7a5b-421d-b5e4-061f79dfd5d7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Template-Minor-Revision +ldapDisplayName: msPKI-Template-Minor-Revision +attributeId: 1.2.840.113556.1.4.1435 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 13f5236c-1884-46b1-b5d0-484e38990d58 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Template-Schema-Version +ldapDisplayName: msPKI-Template-Schema-Version +attributeId: 1.2.840.113556.1.4.1434 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 0c15e9f5-491d-4594-918f-32813a091da9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-AccountCredentials +ldapDisplayName: msPKIAccountCredentials +attributeId: 1.2.840.113556.1.4.1894 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: b8dfa744-31dc-4ef1-ac7c-84baf7ef9da7 +systemOnly: FALSE +searchFlags: fCONFIDENTIAL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +linkID: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-DPAPIMasterKeys +ldapDisplayName: msPKIDPAPIMasterKeys +attributeId: 1.2.840.113556.1.4.1893 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: b3f93023-9239-4f7c-b99c-6745d87adbc2 +systemOnly: FALSE +searchFlags: fCONFIDENTAIL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +linkID: 2046 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RoamingTimeStamp +ldapDisplayName: msPKIRoamingTimeStamp +attributeId: 1.2.840.113556.1.4.1892 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6617e4ac-a2f1-43ab-b60c-11fbd1facf05 +systemOnly: FALSE +searchFlags: fCONFIDENTIAL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRADIUSCallbackNumber +ldapDisplayName: msRADIUSCallbackNumber +attributeId: 1.2.840.113556.1.4.1145 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: db0c909c-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingType +ldapDisplayName: meetingType +attributeId: 1.2.840.113556.1.4.571 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc82-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedInterfaceId +ldapDisplayName: msRADIUS-FramedInterfaceId +attributeId: 1.2.840.113556.1.4.1913 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a6f24a23-d65c-4d65-a64f-35fb6873c2b9 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRADIUSFramedIPAddress +ldapDisplayName: msRADIUSFramedIPAddress +attributeId: 1.2.840.113556.1.4.1153 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90a4-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedIpv6Prefix +ldapDisplayName: msRADIUS-FramedIpv6Prefix +attributeId: 1.2.840.113556.1.4.1915 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: f63ed610-d67c-494d-87be-cd1e24359a38 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedIpv6Route +ldapDisplayName: msRADIUS-FramedIpv6Route +attributeId: 1.2.840.113556.1.4.1917 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 5a5aa804-3083-4863-94e5-018a79a22ec0 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 4096 + +cn: msRADIUSFramedRoute +ldapDisplayName: msRADIUSFramedRoute +attributeId: 1.2.840.113556.1.4.1158 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c90a9-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedInterfaceId +ldapDisplayName: msRADIUS-SavedFramedInterfaceId +attributeId: 1.2.840.113556.1.4.1914 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a4da7289-92a3-42e5-b6b6-dad16d280ac9 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedIpv6Prefix +ldapDisplayName: msRADIUS-SavedFramedIpv6Prefix +attributeId: 1.2.840.113556.1.4.1916 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 0965a062-b1e1-403b-b48d-5c0eb0e952cc +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedIpv6Route +ldapDisplayName: msRADIUS-SavedFramedIpv6Route +attributeId: 1.2.840.113556.1.4.1918 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 9666bb5c-df9d-4d41-b437-2eec7e27c9b3 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 4096 + +cn: msRADIUSServiceType +ldapDisplayName: msRADIUSServiceType +attributeId: 1.2.840.113556.1.4.1171 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90b6-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedCallbackNumber +ldapDisplayName: msRASSavedCallbackNumber +attributeId: 1.2.840.113556.1.4.1189 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: db0c90c5-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingURL +ldapDisplayName: meetingURL +attributeId: 1.2.840.113556.1.4.583 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8c-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedFramedIPAddress +ldapDisplayName: msRASSavedFramedIPAddress +attributeId: 1.2.840.113556.1.4.1190 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90c6-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedFramedRoute +ldapDisplayName: msRASSavedFramedRoute +attributeId: 1.2.840.113556.1.4.1191 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c90c7-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RRAS-Attribute +ldapDisplayName: msRRASAttribute +attributeId: 1.2.840.113556.1.4.884 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f39b98ad-938d-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RRAS-Vendor-Attribute-Entry +ldapDisplayName: msRRASVendorAttributeEntry +attributeId: 1.2.840.113556.1.4.883 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f39b98ac-938d-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msSFU-30-Aliases +ldapDisplayName: msSFU30Aliases +attributeId: 1.2.840.113556.1.6.18.1.323 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 20ebf171-c69a-4c31-b29d-dcb837d8912d +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: msSFU-30-Crypt-Method +ldapDisplayName: msSFU30CryptMethod +attributeId: 1.2.840.113556.1.6.18.1.352 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4503d2a3-3d70-41b8-b077-dff123c15865 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Domains +ldapDisplayName: msSFU30Domains +attributeId: 1.2.840.113556.1.6.18.1.340 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 93095ed3-6f30-4bdd-b734-65d569f5f7c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 256000 + +cn: msSFU-30-Field-Separator +ldapDisplayName: msSFU30FieldSeparator +attributeId: 1.2.840.113556.1.6.18.1.302 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a2e11a42-e781-4ca1-a7fa-ec307f62b6a1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 50 + +cn: msSFU-30-Intra-Field-Separator +ldapDisplayName: msSFU30IntraFieldSeparator +attributeId: 1.2.840.113556.1.6.18.1.303 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 95b2aef0-27e4-4cb9-880a-a2d9a9ea23b8 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 50 + +cn: msSFU-30-Is-Valid-Container +ldapDisplayName: msSFU30IsValidContainer +attributeId: 1.2.840.113556.1.6.18.1.350 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 0dea42f5-278d-4157-b4a7-49b59664915b +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: Member +ldapDisplayName: member +attributeId: 2.5.4.31 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf9679c0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +linkID: 2 +mapiID: 32777 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: msSFU-30-Key-Attributes +ldapDisplayName: msSFU30KeyAttributes +attributeId: 1.2.840.113556.1.6.18.1.301 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 32ecd698-ce9e-4894-a134-7ad76b082e83 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Key-Values +ldapDisplayName: msSFU30KeyValues +attributeId: 1.2.840.113556.1.6.18.1.324 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 37830235-e5e9-46f2-922b-d8d44f03e7ae +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: msSFU-30-Map-Filter +ldapDisplayName: msSFU30MapFilter +attributeId: 1.2.840.113556.1.6.18.1.306 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b16e01-024f-4e23-ad0d-71f1a406b684 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Master-Server-Name +ldapDisplayName: msSFU30MasterServerName +attributeId: 1.2.840.113556.1.6.18.1.307 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4cc908a2-9e18-410e-8459-f17cc422020a +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Max-Gid-Number +ldapDisplayName: msSFU30MaxGidNumber +attributeId: 1.2.840.113556.1.6.18.1.342 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 04ee6aa6-f83b-469a-bf5a-3c00d3634669 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: msSFU-30-Max-Uid-Number +ldapDisplayName: msSFU30MaxUidNumber +attributeId: 1.2.840.113556.1.6.18.1.343 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ec998437-d944-4a28-8500-217588adfc75 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: msSFU-30-Name +ldapDisplayName: msSFU30Name +attributeId: 1.2.840.113556.1.6.18.1.309 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 16c5d1d3-35c2-4061-a870-a5cefda804f0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Netgroup-Host-At-Domain +ldapDisplayName: msSFU30NetgroupHostAtDomain +attributeId: 1.2.840.113556.1.6.18.1.348 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 97d2bf65-0466-4852-a25a-ec20f57ee36c +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 2048 + +cn: msSFU-30-Netgroup-User-At-Domain +ldapDisplayName: msSFU30NetgroupUserAtDomain +attributeId: 1.2.840.113556.1.6.18.1.349 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: a9e84eed-e630-4b67-b4b3-cad2a82d345e +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 2048 + +cn: msSFU-30-Nis-Domain +ldapDisplayName: msSFU30NisDomain +attributeId: 1.2.840.113556.1.6.18.1.339 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 9ee3b2e3-c7f3-45f8-8c9f-1382be4984d2 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeUpper: 1024 + +cn: MemberNisNetgroup +ldapDisplayName: memberNisNetgroup +attributeId: 1.3.6.1.1.1.1.13 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 0f6a17dc-53e5-4be8-9442-8f3ce2f9012a +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: msSFU-30-NSMAP-Field-Position +ldapDisplayName: msSFU30NSMAPFieldPosition +attributeId: 1.2.840.113556.1.6.18.1.345 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 585c9d5e-f599-4f07-9cf9-4373af4b89d3 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Order-Number +ldapDisplayName: msSFU30OrderNumber +attributeId: 1.2.840.113556.1.6.18.1.308 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 02625f05-d1ee-4f9f-b366-55266becb95c +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Posix-Member +ldapDisplayName: msSFU30PosixMember +attributeId: 1.2.840.113556.1.6.18.1.346 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: c875d82d-2848-4cec-bb50-3c5486d09d57 +systemOnly: FALSE +searchFlags: 0 +linkID: 2030 + +cn: msSFU-30-Posix-Member-Of +ldapDisplayName: msSFU30PosixMemberOf +attributeId: 1.2.840.113556.1.6.18.1.347 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bd76b92-3244-438a-ada6-24f5ea34381e +systemOnly: FALSE +searchFlags: 0 +linkID: 2031 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: msSFU-30-Result-Attributes +ldapDisplayName: msSFU30ResultAttributes +attributeId: 1.2.840.113556.1.6.18.1.305 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: e167b0b6-4045-4433-ac35-53f972d45cba +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Search-Attributes +ldapDisplayName: msSFU30SearchAttributes +attributeId: 1.2.840.113556.1.6.18.1.304 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ef9a2df0-2e57-48c8-8950-0cc674004733 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Search-Container +ldapDisplayName: msSFU30SearchContainer +attributeId: 1.2.840.113556.1.6.18.1.300 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 27eebfa2-fbeb-4f8e-aad6-c50247994291 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 2048 + +cn: msSFU-30-Yp-Servers +ldapDisplayName: msSFU30YpServers +attributeId: 1.2.840.113556.1.6.18.1.341 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 084a944b-e150-4bfe-9345-40e1aedaebba +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 20480 + +cn: ms-TAPI-Conference-Blob +ldapDisplayName: msTAPI-ConferenceBlob +attributeId: 1.2.840.113556.1.4.1700 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 4cc4601e-7201-4141-abc8-3e529ae88863 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Ip-Address +ldapDisplayName: msTAPI-IpAddress +attributeId: 1.2.840.113556.1.4.1701 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: efd7d7f7-178e-4767-87fa-f8a16b840544 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Is-Member-Of-DL +ldapDisplayName: memberOf +attributeId: 1.2.840.113556.1.2.102 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967991-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fCOPY +attributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +linkID: 3 +mapiID: 32776 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-TAPI-Protocol-Id +ldapDisplayName: msTAPI-ProtocolId +attributeId: 1.2.840.113556.1.4.1699 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 89c1ebcf-7a5f-41fd-99ca-c900b32299ab +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Unique-Identifier +ldapDisplayName: msTAPI-uid +attributeId: 1.2.840.113556.1.4.1698 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 70a4e7ea-b3b9-4643-8918-e6dd2471bfd4 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TPM-OwnerInformation +ldapDisplayName: msTPM-OwnerInformation +attributeId: 1.2.840.113556.1.4.1966 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: aa4e1a6d-550d-4e05-8c35-4afcb917a9fe +searchFlags: fRODCFilteredAttribute | fCOPY | fPRESERVEONDELETE |fPDNTATTINDEX | fATTINDEX +rangeUpper: 128 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Allow-Logon +ldapDisplayName: msTSAllowLogon +attributeId: 1.2.840.113556.1.4.1979 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 3a0cd464-bc54-40e7-93ae-a646a6ecc4b4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Broken-Connection-Action +ldapDisplayName: msTSBrokenConnectionAction +attributeId: 1.2.840.113556.1.4.1985 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 1cf41bba-5604-463e-94d6-1a1287b72ca3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Connect-Client-Drives +ldapDisplayName: msTSConnectClientDrives +attributeId: 1.2.840.113556.1.4.1986 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 23572aaf-29dd-44ea-b0fa-7e8438b9a4a3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Connect-Printer-Drives +ldapDisplayName: msTSConnectPrinterDrives +attributeId: 1.2.840.113556.1.4.1987 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8ce6a937-871b-4c92-b285-d99d4036681c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Default-To-Main-Printer +ldapDisplayName: msTSDefaultToMainPrinter +attributeId: 1.2.840.113556.1.4.1988 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c0ffe2bd-cacf-4dc7-88d5-61e9e95766f6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ExpireDate +ldapDisplayName: msTSExpireDate +attributeId: 1.2.840.113556.1.4.1993 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 70004ef5-25c3-446a-97c8-996ae8566776 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MS-TS-ExpireDate2 +ldapDisplayName: msTSExpireDate2 +attributeId: 1.2.840.113556.1.4.2000 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 54dfcf71-bc3f-4f0b-9d5a-4b2476bb8925 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MemberUid +ldapDisplayName: memberUid +attributeId: 1.3.6.1.1.1.1.12 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 03dab236-672e-4f61-ab64-f77d2dc2ffab +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256000 + +cn: MS-TS-ExpireDate3 +ldapDisplayName: msTSExpireDate3 +attributeId: 1.2.840.113556.1.4.2003 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 41bc7f04-be72-4930-bd10-1f3439412387 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MS-TS-ExpireDate4 +ldapDisplayName: msTSExpireDate4 +attributeId: 1.2.840.113556.1.4.2006 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 5e11dc43-204a-4faf-a008-6863621c6f5f +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: ms-TS-Home-Directory +ldapDisplayName: msTSHomeDirectory +attributeId: 1.2.840.113556.1.4.1977 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5d3510f0-c4e7-4122-b91f-a20add90e246 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Home-Drive +ldapDisplayName: msTSHomeDrive +attributeId: 1.2.840.113556.1.4.1978 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5f0a24d9-dffa-4cd9-acbf-a0680c03731e +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Initial-Program +ldapDisplayName: msTSInitialProgram +attributeId: 1.2.840.113556.1.4.1990 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9201ac6f-1d69-4dfb-802e-d95510109599 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion +ldapDisplayName: msTSLicenseVersion +attributeId: 1.2.840.113556.1.4.1994 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0ae94a89-372f-4df2-ae8a-c64a2bc47278 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion2 +ldapDisplayName: msTSLicenseVersion2 +attributeId: 1.2.840.113556.1.4.2001 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4b0df103-8d97-45d9-ad69-85c3080ba4e7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion3 +ldapDisplayName: msTSLicenseVersion3 +attributeId: 1.2.840.113556.1.4.2004 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f8ba8f81-4cab-4973-a3c8-3a6da62a5e31 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion4 +ldapDisplayName: msTSLicenseVersion4 +attributeId: 1.2.840.113556.1.4.2007 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 70ca5d97-2304-490a-8a27-52678c8d2095 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TSLS-Property01 +ldapDisplayName: msTSLSProperty01 +attributeId: 1.2.840.113556.1.4.2009 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +schemaIdGuid: 87e53590-971d-4a52-955b-4794d15a84ae +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MHS-OR-Address +ldapDisplayName: mhsORAddress +attributeId: 1.2.840.113556.1.4.650 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c122-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TSLS-Property02 +ldapDisplayName: msTSLSProperty02 +attributeId: 1.2.840.113556.1.4.2010 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +schemaIdGuid: 47c77bb0-316e-4e2f-97f1-0d4c48fca9dd +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS +ldapDisplayName: msTSManagingLS +attributeId: 1.2.840.113556.1.4.1995 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f3bcc547-85b0-432c-9ac0-304506bf2c83 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS2 +ldapDisplayName: msTSManagingLS2 +attributeId: 1.2.840.113556.1.4.2002 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: 349f0757-51bd-4fc8-9d66-3eceea8a25be +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS3 +ldapDisplayName: msTSManagingLS3 +attributeId: 1.2.840.113556.1.4.2005 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: fad5dcc1-2130-4c87-a118-75322cd67050 +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS4 +ldapDisplayName: msTSManagingLS4 +attributeId: 1.2.840.113556.1.4.2008 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: f7a3b6a0-2107-4140-b306-75cb521731e5 +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Connection-Time +ldapDisplayName: msTSMaxConnectionTime +attributeId: 1.2.840.113556.1.4.1982 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1d960ee2-6464-4e95-a781-e3b5cd5f9588 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Disconnection-Time +ldapDisplayName: msTSMaxDisconnectionTime +attributeId: 1.2.840.113556.1.4.1981 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 326f7089-53d8-4784-b814-46d8535110d2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Idle-Time +ldapDisplayName: msTSMaxIdleTime +attributeId: 1.2.840.113556.1.4.1983 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ff739e9c-6bb7-460e-b221-e250f3de0f95 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Profile-Path +ldapDisplayName: msTSProfilePath +attributeId: 1.2.840.113556.1.4.1976 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e65c30db-316c-4060-a3a0-387b083f09cd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-Property01 +ldapDisplayName: msTSProperty01 +attributeId: 1.2.840.113556.1.4.1991 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: faaea977-9655-49d7-853d-f27bb7aaca0f +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Name +ldapDisplayName: middleName +attributeId: 2.16.840.1.113730.3.1.34 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679f2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-Property02 +ldapDisplayName: msTSProperty02 +attributeId: 1.2.840.113556.1.4.1992 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3586f6ac-51b7-4978-ab42-f936463198e7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Reconnection-Action +ldapDisplayName: msTSReconnectionAction +attributeId: 1.2.840.113556.1.4.1984 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 366ed7ca-3e18-4c7f-abae-351a01e4b4f7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Remote-Control +ldapDisplayName: msTSRemoteControl +attributeId: 1.2.840.113556.1.4.1980 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 15177226-8642-468b-8c48-03ddfd004982 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Work-Directory +ldapDisplayName: msTSWorkDirectory +attributeId: 1.2.840.113556.1.4.1989 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a744f666-3d3c-4cc8-834b-9d4f6f687b8b +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Author +ldapDisplayName: msWMI-Author +attributeId: 1.2.840.113556.1.4.1623 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6366c0c1-6972-4e66-b3a5-1d52ad0c0547 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ChangeDate +ldapDisplayName: msWMI-ChangeDate +attributeId: 1.2.840.113556.1.4.1624 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f9cdf7a0-ec44-4937-a79b-cd91522b3aa8 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Class +ldapDisplayName: msWMI-Class +attributeId: 1.2.840.113556.1.4.1676 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 90c1925f-4a24-4b07-b202-be32eb3c8b74 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ClassDefinition +ldapDisplayName: msWMI-ClassDefinition +attributeId: 1.2.840.113556.1.4.1625 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2b9c0ebc-c272-45cb-99d2-4d0e691632e0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-CreationDate +ldapDisplayName: msWMI-CreationDate +attributeId: 1.2.840.113556.1.4.1626 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 748b0a2e-3351-4b3f-b171-2f17414ea779 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Genus +ldapDisplayName: msWMI-Genus +attributeId: 1.2.840.113556.1.4.1677 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 50c8673a-8f56-4614-9308-9e1340fb9af3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Min-Pwd-Age +ldapDisplayName: minPwdAge +attributeId: 1.2.840.113556.1.4.78 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-WMI-ID +ldapDisplayName: msWMI-ID +attributeId: 1.2.840.113556.1.4.1627 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9339a803-94b8-47f7-9123-a853b9ff7e45 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-int8Default +ldapDisplayName: msWMI-Int8Default +attributeId: 1.2.840.113556.1.4.1632 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f4d8085a-8c5b-4785-959b-dc585566e445 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-int8Max +ldapDisplayName: msWMI-Int8Max +attributeId: 1.2.840.113556.1.4.1633 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: e3d8b547-003d-4946-a32b-dc7cedc96b74 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-int8Min +ldapDisplayName: msWMI-Int8Min +attributeId: 1.2.840.113556.1.4.1634 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ed1489d1-54cc-4066-b368-a00daa2664f1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-int8ValidValues +ldapDisplayName: msWMI-Int8ValidValues +attributeId: 1.2.840.113556.1.4.1635 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: FALSE +schemaIdGuid: 103519a9-c002-441b-981a-b0b3e012c803 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intDefault +ldapDisplayName: msWMI-IntDefault +attributeId: 1.2.840.113556.1.4.1628 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1b0c07f8-76dd-4060-a1e1-70084619dc90 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags1 +ldapDisplayName: msWMI-intFlags1 +attributeId: 1.2.840.113556.1.4.1678 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 18e006b9-6445-48e3-9dcf-b5ecfbc4df8e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags2 +ldapDisplayName: msWMI-intFlags2 +attributeId: 1.2.840.113556.1.4.1679 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 075a42c9-c55a-45b1-ac93-eb086b31f610 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags3 +ldapDisplayName: msWMI-intFlags3 +attributeId: 1.2.840.113556.1.4.1680 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f29fa736-de09-4be4-b23a-e734c124bacc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags4 +ldapDisplayName: msWMI-intFlags4 +attributeId: 1.2.840.113556.1.4.1681 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bd74a7ac-c493-4c9c-bdfa-5c7b119ca6b2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Machine-Wide-Policy +ldapDisplayName: machineWidePolicy +attributeId: 1.2.840.113556.1.4.459 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 80a67e4f-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Min-Pwd-Length +ldapDisplayName: minPwdLength +attributeId: 1.2.840.113556.1.4.79 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679c3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-WMI-intMax +ldapDisplayName: msWMI-IntMax +attributeId: 1.2.840.113556.1.4.1629 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fb920c2c-f294-4426-8ac1-d24b42aa2bce +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intMin +ldapDisplayName: msWMI-IntMin +attributeId: 1.2.840.113556.1.4.1630 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 68c2e3ba-9837-4c70-98e0-f0c33695d023 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intValidValues +ldapDisplayName: msWMI-IntValidValues +attributeId: 1.2.840.113556.1.4.1631 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 6af565f6-a749-4b72-9634-3c5d47e6b4e0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Mof +ldapDisplayName: msWMI-Mof +attributeId: 1.2.840.113556.1.4.1638 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6736809f-2064-443e-a145-81262b1f1366 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Name +ldapDisplayName: msWMI-Name +attributeId: 1.2.840.113556.1.4.1639 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c6c8ace5-7e81-42af-ad72-77412c5941c4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-NormalizedClass +ldapDisplayName: msWMI-NormalizedClass +attributeId: 1.2.840.113556.1.4.1640 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eaba628f-eb8e-4fe9-83fc-693be695559b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm1 +ldapDisplayName: msWMI-Parm1 +attributeId: 1.2.840.113556.1.4.1682 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 27e81485-b1b0-4a8b-bedd-ce19a837e26e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm2 +ldapDisplayName: msWMI-Parm2 +attributeId: 1.2.840.113556.1.4.1683 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0003508e-9c42-4a76-a8f4-38bf64bab0de +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm3 +ldapDisplayName: msWMI-Parm3 +attributeId: 1.2.840.113556.1.4.1684 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45958fb6-52bd-48ce-9f9f-c2712d9f2bfc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm4 +ldapDisplayName: msWMI-Parm4 +attributeId: 1.2.840.113556.1.4.1685 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3800d5a3-f1ce-4b82-a59a-1528ea795f59 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Min-Ticket-Age +ldapDisplayName: minTicketAge +attributeId: 1.2.840.113556.1.4.80 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c4-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-WMI-PropertyName +ldapDisplayName: msWMI-PropertyName +attributeId: 1.2.840.113556.1.4.1641 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ab920883-e7f8-4d72-b4a0-c0449897509d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Query +ldapDisplayName: msWMI-Query +attributeId: 1.2.840.113556.1.4.1642 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 65fff93e-35e3-45a3-85ae-876c6718297f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-QueryLanguage +ldapDisplayName: msWMI-QueryLanguage +attributeId: 1.2.840.113556.1.4.1643 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d3cfa98-c17b-4254-8bd7-4de9b932a345 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ScopeGuid +ldapDisplayName: msWMI-ScopeGuid +attributeId: 1.2.840.113556.1.4.1686 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 87b78d51-405f-4b7f-80ed-2bd28786f48d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-SourceOrganization +ldapDisplayName: msWMI-SourceOrganization +attributeId: 1.2.840.113556.1.4.1644 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 34f7ed6c-615d-418d-aa00-549a7d7be03e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-stringDefault +ldapDisplayName: msWMI-StringDefault +attributeId: 1.2.840.113556.1.4.1636 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 152e42b6-37c5-4f55-ab48-1606384a9aea +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-stringValidValues +ldapDisplayName: msWMI-StringValidValues +attributeId: 1.2.840.113556.1.4.1637 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 37609d31-a2bf-4b58-8f53-2b64e57a076d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetClass +ldapDisplayName: msWMI-TargetClass +attributeId: 1.2.840.113556.1.4.1645 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 95b6d8d6-c9e8-4661-a2bc-6a5cabc04c62 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetNameSpace +ldapDisplayName: msWMI-TargetNameSpace +attributeId: 1.2.840.113556.1.4.1646 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1c4ab61f-3420-44e5-849d-8b5dbf60feb7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetObject +ldapDisplayName: msWMI-TargetObject +attributeId: 1.2.840.113556.1.4.1647 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: c44f67a5-7de5-4a1f-92d9-662b57364b77 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Mobile-Primary +ldapDisplayName: mobile +attributeId: 0.9.2342.19200300.100.1.41 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa3-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14876 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetPath +ldapDisplayName: msWMI-TargetPath +attributeId: 1.2.840.113556.1.4.1648 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5006a79a-6bfe-4561-9f52-13cf4dd3e560 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetType +ldapDisplayName: msWMI-TargetType +attributeId: 1.2.840.113556.1.4.1649 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ca2a281e-262b-4ff7-b419-bc123352a4e9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Must-Contain +ldapDisplayName: mustContain +attributeId: 1.2.840.113556.1.2.24 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679d3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modified-Count +ldapDisplayName: modifiedCount +attributeId: 1.2.840.113556.1.4.168 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modified-Count-At-Last-Prom +ldapDisplayName: modifiedCountAtLastProm +attributeId: 1.2.840.113556.1.4.81 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c6-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modify-Time-Stamp +ldapDisplayName: modifyTimeStamp +attributeId: 2.5.18.2 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 9a7ad94a-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Moniker +ldapDisplayName: moniker +attributeId: 1.2.840.113556.1.4.82 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679c7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Moniker-Display-Name +ldapDisplayName: monikerDisplayName +attributeId: 1.2.840.113556.1.4.83 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679c8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Move-Tree-State +ldapDisplayName: moveTreeState +attributeId: 1.2.840.113556.1.4.1305 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1f2ac2c8-3b71-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-DS-Consistency-Child-Count +ldapDisplayName: mS-DS-ConsistencyChildCount +attributeId: 1.2.840.113556.1.4.1361 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 178b7bc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: E-mail-Addresses +ldapDisplayName: mail +attributeId: 0.9.2342.19200300.100.1.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967961-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14846 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-DS-Consistency-Guid +ldapDisplayName: mS-DS-ConsistencyGuid +attributeId: 1.2.840.113556.1.4.1360 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 23773dc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-DS-Creator-SID +ldapDisplayName: mS-DS-CreatorSID +attributeId: 1.2.840.113556.1.4.1410 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: c5e60132-1480-11d3-91c1-0000f87a57d4 +systemOnly: TRUE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Machine-Account-Quota +ldapDisplayName: ms-DS-MachineAccountQuota +attributeId: 1.2.840.113556.1.4.1411 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d064fb68-1480-11d3-91c1-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Replicates-NC-Reason +ldapDisplayName: mS-DS-ReplicatesNCReason +attributeId: 1.2.840.113556.1.4.1408 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 0ea12b84-08b3-11d3-91bc-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-net-ieee-80211-GP-PolicyData +ldapDisplayName: ms-net-ieee-80211-GP-PolicyData +attributeId: 1.2.840.113556.1.4.1952 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9c1495a5-4d76-468e-991e-1433b0a67855 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 4194304 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GP-PolicyGUID +ldapDisplayName: ms-net-ieee-80211-GP-PolicyGUID +attributeId: 1.2.840.113556.1.4.1951 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 35697062-1eaf-448b-ac1e-388e0be4fdee +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GP-PolicyReserved +ldapDisplayName: ms-net-ieee-80211-GP-PolicyReserved +attributeId: 1.2.840.113556.1.4.1953 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 0f69c62e-088e-4ff5-a53a-e923cec07c0a +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 4194304 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyData +ldapDisplayName: ms-net-ieee-8023-GP-PolicyData +attributeId: 1.2.840.113556.1.4.1955 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8398948b-7457-4d91-bd4d-8d7ed669c9f7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyGUID +ldapDisplayName: ms-net-ieee-8023-GP-PolicyGUID +attributeId: 1.2.840.113556.1.4.1954 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 94a7b05a-b8b2-4f59-9c25-39e69baa1684 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyReserved +ldapDisplayName: ms-net-ieee-8023-GP-PolicyReserved +attributeId: 1.2.840.113556.1.4.1956 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d3c527c7-2606-4deb-8cfd-18426feec8ce +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SMTP-Mail-Address +ldapDisplayName: mailAddress +attributeId: 1.2.840.113556.1.4.786 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 26d9736f-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-SQL-Alias +ldapDisplayName: mS-SQL-Alias +attributeId: 1.2.840.113556.1.4.1395 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e0c6baae-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowAnonymousSubscription +ldapDisplayName: mS-SQL-AllowAnonymousSubscription +attributeId: 1.2.840.113556.1.4.1394 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: db77be4a-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowImmediateUpdatingSubscription +ldapDisplayName: mS-SQL-AllowImmediateUpdatingSubscription +attributeId: 1.2.840.113556.1.4.1404 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c4186b6e-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowKnownPullSubscription +ldapDisplayName: mS-SQL-AllowKnownPullSubscription +attributeId: 1.2.840.113556.1.4.1403 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c3bb7054-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowQueuedUpdatingSubscription +ldapDisplayName: mS-SQL-AllowQueuedUpdatingSubscription +attributeId: 1.2.840.113556.1.4.1405 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c458ca80-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowSnapshotFilesFTPDownloading +ldapDisplayName: mS-SQL-AllowSnapshotFilesFTPDownloading +attributeId: 1.2.840.113556.1.4.1406 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c49b8be8-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AppleTalk +ldapDisplayName: mS-SQL-AppleTalk +attributeId: 1.2.840.113556.1.4.1378 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8fda89f4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Applications +ldapDisplayName: mS-SQL-Applications +attributeId: 1.2.840.113556.1.4.1400 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fbcda2ea-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Build +ldapDisplayName: mS-SQL-Build +attributeId: 1.2.840.113556.1.4.1368 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 603e94c4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-CharacterSet +ldapDisplayName: mS-SQL-CharacterSet +attributeId: 1.2.840.113556.1.4.1370 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 696177a6-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Managed-By +ldapDisplayName: managedBy +attributeId: 1.2.840.113556.1.4.653 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0296c120-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 72 +mapiID: 32780 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-SQL-Clustered +ldapDisplayName: mS-SQL-Clustered +attributeId: 1.2.840.113556.1.4.1373 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7778bd90-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-ConnectionURL +ldapDisplayName: mS-SQL-ConnectionURL +attributeId: 1.2.840.113556.1.4.1383 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a92d23da-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Contact +ldapDisplayName: mS-SQL-Contact +attributeId: 1.2.840.113556.1.4.1365 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4f6cbdd8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-CreationDate +ldapDisplayName: mS-SQL-CreationDate +attributeId: 1.2.840.113556.1.4.1397 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ede14754-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Database +ldapDisplayName: mS-SQL-Database +attributeId: 1.2.840.113556.1.4.1393 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d5a0dbdc-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Description +ldapDisplayName: mS-SQL-Description +attributeId: 1.2.840.113556.1.4.1390 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8386603c-ccef-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSHeight +ldapDisplayName: mS-SQL-GPSHeight +attributeId: 1.2.840.113556.1.4.1387 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bcdd4f0e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSLatitude +ldapDisplayName: mS-SQL-GPSLatitude +attributeId: 1.2.840.113556.1.4.1385 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b222ba0e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSLongitude +ldapDisplayName: mS-SQL-GPSLongitude +attributeId: 1.2.840.113556.1.4.1386 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7577c94-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-InformationDirectory +ldapDisplayName: mS-SQL-InformationDirectory +attributeId: 1.2.840.113556.1.4.1392 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: d0aedb2e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Managed-Objects +ldapDisplayName: managedObjects +attributeId: 1.2.840.113556.1.4.654 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 0296c124-40da-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 73 +mapiID: 32804 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: MS-SQL-InformationURL +ldapDisplayName: mS-SQL-InformationURL +attributeId: 1.2.840.113556.1.4.1382 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a42cd510-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Keywords +ldapDisplayName: mS-SQL-Keywords +attributeId: 1.2.840.113556.1.4.1401 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 01e9a98a-ccef-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Language +ldapDisplayName: mS-SQL-Language +attributeId: 1.2.840.113556.1.4.1389 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c57f72f4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastBackupDate +ldapDisplayName: mS-SQL-LastBackupDate +attributeId: 1.2.840.113556.1.4.1398 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f2b6abca-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastDiagnosticDate +ldapDisplayName: mS-SQL-LastDiagnosticDate +attributeId: 1.2.840.113556.1.4.1399 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f6d6dd88-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastUpdatedDate +ldapDisplayName: mS-SQL-LastUpdatedDate +attributeId: 1.2.840.113556.1.4.1381 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9fcc43d4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Location +ldapDisplayName: mS-SQL-Location +attributeId: 1.2.840.113556.1.4.1366 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 561c9644-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Memory +ldapDisplayName: mS-SQL-Memory +attributeId: 1.2.840.113556.1.4.1367 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 5b5d448c-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-MultiProtocol +ldapDisplayName: mS-SQL-MultiProtocol +attributeId: 1.2.840.113556.1.4.1375 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8157fa38-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Name +ldapDisplayName: mS-SQL-Name +attributeId: 1.2.840.113556.1.4.1363 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3532dfd8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Comment-v2 +ldapDisplayName: msDFS-Commentv2 +attributeId: 1.2.840.113556.1.4.2036 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4fb42f00-29bd-4f82-b94b-07c7fa61e449 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 + +cn: ms-DFS-Generation-GUID-v2 +ldapDisplayName: msDFS-GenerationGUIDv2 +attributeId: 1.2.840.113556.1.4.2032 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 62a45d41-424c-4905-b728-e5ef1fc4fe42 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 + +cn: ms-DFS-Last-Modified-v2 +ldapDisplayName: msDFS-LastModifiedv2 +attributeId: 1.2.840.113556.1.4.2034 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: d6147e9b-b369-4b98-9f7b-1f345bb0680a +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 + +cn: ms-DFS-Link-Identity-GUID-v2 +ldapDisplayName: msDFS-LinkIdentityGUIDv2 +attributeId: 1.2.840.113556.1.4.2041 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 19e2bd91-e8fa-49b2-be2b-7efd5ae5676d +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower:16 +rangeUpper: 16 + +cn: ms-DFS-Link-Path-v2 +ldapDisplayName: msDFS-LinkPathv2 +attributeId: 1.2.840.113556.1.4.2039 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5882bb1e-3101-4845-a21e-1516e59279f2 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 + +cn: ms-DFS-Link-Security-Descriptor-v2 +ldapDisplayName: msDFS-LinkSecurityDescriptorv2 +attributeId: 1.2.840.113556.1.4.2040 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: d780b945-3caa-4d28-975b-eb3f08e455e1 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 + +cn: ms-DFS-Namespace-Identity-GUID-v2 +ldapDisplayName: msDFS-NamespaceIdentityGUIDv2 +attributeId: 1.2.840.113556.1.4.2033 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 87011f22-e651-4c27-b55b-51daf9f9d364 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 + +cn: ms-DFS-Properties-v2 +ldapDisplayName: msDFS-Propertiesv2 +attributeId: 1.2.840.113556.1.4.2037 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1c070014-ebf6-4088-95b4-28b16cc31241 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 + +cn: ms-DFS-Schema-Major-Version +ldapDisplayName: msDFS-SchemaMajorVersion +attributeId: 1.2.840.113556.1.4.2030 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2bcf447b-39d8-4ee8-909a-bb0755cc2f8d +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 2 +rangeUpper: 2 + +cn: ms-DFS-Schema-Minor-Version +ldapDisplayName: msDFS-SchemaMinorVersion +attributeId: 1.2.840.113556.1.4.2031 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d1e1dafb-8559-4519-866e-89e775557b9c +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 0 + +cn: ms-DFS-Short-Name-Link-Path-v2 +ldapDisplayName: msDFS-ShortNameLinkPathv2 +attributeId: 1.2.840.113556.1.4.2042 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52bfc673-9713-4e9b-aafd-56ee72fd16a4 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 + +cn: ms-DFS-Target-List-v2 +ldapDisplayName: msDFS-TargetListv2 +attributeId: 1.2.840.113556.1.4.2038 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9649b643-59a7-4791-999d-79100cf871d7 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2097152 + +cn: ms-DFS-Ttl-v2 +ldapDisplayName: msDFS-Ttlv2 +attributeId: 1.2.840.113556.1.4.2035 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 81ee1500-467e-4c83-a41a-295d12bdcc23 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 + +cn: ms-DS-Is-User-Cachable-At-Rodc +ldapDisplayName: msDS-IsUserCachableAtRodc +attributeId: 1.2.840.113556.1.4.2025 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe01245a-341f-4556-951f-48c033a89050 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RDN +ldapDisplayName: name +attributeId: 1.2.840.113556.1.4.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a0e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 255 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33282 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Netboot-Initialization +ldapDisplayName: netbootInitialization +attributeId: 1.2.840.113556.1.4.358 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978920-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Key-Usage +ldapDisplayName: pKIKeyUsage +attributeId: 1.2.840.113556.1.4.1328 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: e9b0a87e-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Max-Issuing-Depth +ldapDisplayName: pKIMaxIssuingDepth +attributeId: 1.2.840.113556.1.4.1329 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0bfdefa-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Overlap-Period +ldapDisplayName: pKIOverlapPeriod +attributeId: 1.2.840.113556.1.4.1332 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1219a3ec-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKT +ldapDisplayName: pKT +attributeId: 1.2.840.113556.1.4.206 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8447f9f1-1027-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKT-Guid +ldapDisplayName: pKTGuid +attributeId: 1.2.840.113556.1.4.205 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8447f9f0-1027-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Policy-Replication-Flags +ldapDisplayName: policyReplicationFlags +attributeId: 1.2.840.113556.1.4.633 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b96-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Port-Name +ldapDisplayName: portName +attributeId: 1.2.840.113556.1.4.228 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416c4-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Possible-Inferiors +ldapDisplayName: possibleInferiors +attributeId: 1.2.840.113556.1.4.915 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94c-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Poss-Superiors +ldapDisplayName: possSuperiors +attributeId: 1.2.840.113556.1.2.8 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679fa-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Postal-Address +ldapDisplayName: postalAddress +attributeId: 2.5.4.16 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679fc-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33036 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-IntelliMirror-OSes +ldapDisplayName: netbootIntelliMirrorOSes +attributeId: 1.2.840.113556.1.4.857 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307e-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Postal-Code +ldapDisplayName: postalCode +attributeId: 2.5.4.17 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679fd-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 40 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14890 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Post-Office-Box +ldapDisplayName: postOfficeBox +attributeId: 2.5.4.18 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679fb-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 40 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14891 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Preferred-Delivery-Method +ldapDisplayName: preferredDeliveryMethod +attributeId: 2.5.4.28 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: FALSE +schemaIdGuid: bf9679fe-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33037 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: preferredLanguage +ldapDisplayName: preferredLanguage +attributeId: 2.16.840.1.113730.3.1.39 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 856be0d0-18e7-46e1-8f5f-7ee4d9020e0d +systemOnly: FALSE +searchFlags: 0 + +cn: Preferred-OU +ldapDisplayName: preferredOU +attributeId: 1.2.840.113556.1.4.97 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679ff-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Prefix-Map +ldapDisplayName: prefixMap +attributeId: 1.2.840.113556.1.4.538 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 52458022-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Presentation-Address +ldapDisplayName: presentationAddress +attributeId: 2.5.4.29 +attributeSyntax: 2.5.5.13 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.732 +isSingleValued: TRUE +schemaIdGuid: a8df744b-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Previous-CA-Certificates +ldapDisplayName: previousCACertificates +attributeId: 1.2.840.113556.1.4.692 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2739-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Previous-Parent-CA +ldapDisplayName: previousParentCA +attributeId: 1.2.840.113556.1.4.694 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273d-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Primary-Group-ID +ldapDisplayName: primaryGroupID +attributeId: 1.2.840.113556.1.4.98 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a00-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: netboot-Limit-Clients +ldapDisplayName: netbootLimitClients +attributeId: 1.2.840.113556.1.4.850 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 07383077-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Primary-Group-Token +ldapDisplayName: primaryGroupToken +attributeId: 1.2.840.113556.1.4.1412 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c0ed8738-7efd-4481-84d9-66d2db8be369 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Phone-ISDN-Primary +ldapDisplayName: primaryInternationalISDNNumber +attributeId: 1.2.840.113556.1.4.649 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0296c11f-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Telex-Primary +ldapDisplayName: primaryTelexNumber +attributeId: 1.2.840.113556.1.4.648 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0296c121-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Attributes +ldapDisplayName: printAttributes +attributeId: 1.2.840.113556.1.4.247 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416d7-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Bin-Names +ldapDisplayName: printBinNames +attributeId: 1.2.840.113556.1.4.237 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416cd-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Collate +ldapDisplayName: printCollate +attributeId: 1.2.840.113556.1.4.242 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416d2-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Color +ldapDisplayName: printColor +attributeId: 1.2.840.113556.1.4.243 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416d3-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Duplex-Supported +ldapDisplayName: printDuplexSupported +attributeId: 1.2.840.113556.1.4.1311 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416cc-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-End-Time +ldapDisplayName: printEndTime +attributeId: 1.2.840.113556.1.4.234 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416ca-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Printer-Name +ldapDisplayName: printerName +attributeId: 1.2.840.113556.1.4.300 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 244b296e-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Locally-Installed-OSes +ldapDisplayName: netbootLocallyInstalledOSes +attributeId: 1.2.840.113556.1.4.859 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 07383080-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Form-Name +ldapDisplayName: printFormName +attributeId: 1.2.840.113556.1.4.235 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416cb-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Keep-Printed-Jobs +ldapDisplayName: printKeepPrintedJobs +attributeId: 1.2.840.113556.1.4.275 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ba305f6d-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Language +ldapDisplayName: printLanguage +attributeId: 1.2.840.113556.1.4.246 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416d6-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-MAC-Address +ldapDisplayName: printMACAddress +attributeId: 1.2.840.113556.1.4.288 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f7a-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Copies +ldapDisplayName: printMaxCopies +attributeId: 1.2.840.113556.1.4.241 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416d1-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Resolution-Supported +ldapDisplayName: printMaxResolutionSupported +attributeId: 1.2.840.113556.1.4.238 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416cf-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-X-Extent +ldapDisplayName: printMaxXExtent +attributeId: 1.2.840.113556.1.4.277 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f6f-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Y-Extent +ldapDisplayName: printMaxYExtent +attributeId: 1.2.840.113556.1.4.278 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f70-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Media-Ready +ldapDisplayName: printMediaReady +attributeId: 1.2.840.113556.1.4.289 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3bcbfcf5-4d3d-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Media-Supported +ldapDisplayName: printMediaSupported +attributeId: 1.2.840.113556.1.4.299 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 244b296f-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-Machine-File-Path +ldapDisplayName: netbootMachineFilePath +attributeId: 1.2.840.113556.1.4.361 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978923-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Memory +ldapDisplayName: printMemory +attributeId: 1.2.840.113556.1.4.282 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f74-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Min-X-Extent +ldapDisplayName: printMinXExtent +attributeId: 1.2.840.113556.1.4.279 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f71-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Min-Y-Extent +ldapDisplayName: printMinYExtent +attributeId: 1.2.840.113556.1.4.280 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f72-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Network-Address +ldapDisplayName: printNetworkAddress +attributeId: 1.2.840.113556.1.4.287 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f79-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Notify +ldapDisplayName: printNotify +attributeId: 1.2.840.113556.1.4.272 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6a-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Number-Up +ldapDisplayName: printNumberUp +attributeId: 1.2.840.113556.1.4.290 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3bcbfcf4-4d3d-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Orientations-Supported +ldapDisplayName: printOrientationsSupported +attributeId: 1.2.840.113556.1.4.240 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416d0-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Owner +ldapDisplayName: printOwner +attributeId: 1.2.840.113556.1.4.271 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f69-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Pages-Per-Minute +ldapDisplayName: printPagesPerMinute +attributeId: 1.2.840.113556.1.4.631 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b97-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Rate +ldapDisplayName: printRate +attributeId: 1.2.840.113556.1.4.285 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f77-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Max-Clients +ldapDisplayName: netbootMaxClients +attributeId: 1.2.840.113556.1.4.851 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 07383078-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Rate-Unit +ldapDisplayName: printRateUnit +attributeId: 1.2.840.113556.1.4.286 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f78-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Separator-File +ldapDisplayName: printSeparatorFile +attributeId: 1.2.840.113556.1.4.230 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416c6-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Share-Name +ldapDisplayName: printShareName +attributeId: 1.2.840.113556.1.4.270 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ba305f68-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Spooling +ldapDisplayName: printSpooling +attributeId: 1.2.840.113556.1.4.274 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6c-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Stapling-Supported +ldapDisplayName: printStaplingSupported +attributeId: 1.2.840.113556.1.4.281 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ba305f73-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Start-Time +ldapDisplayName: printStartTime +attributeId: 1.2.840.113556.1.4.233 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c9-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Status +ldapDisplayName: printStatus +attributeId: 1.2.840.113556.1.4.273 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6b-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Priority +ldapDisplayName: priority +attributeId: 1.2.840.113556.1.4.231 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c7-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Prior-Set-Time +ldapDisplayName: priorSetTime +attributeId: 1.2.840.113556.1.4.99 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a01-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Prior-Value +ldapDisplayName: priorValue +attributeId: 1.2.840.113556.1.4.100 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a02-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Netboot-Mirror-Data-File +ldapDisplayName: netbootMirrorDataFile +attributeId: 1.2.840.113556.1.4.1241 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2df90d85-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Private-Key +ldapDisplayName: privateKey +attributeId: 1.2.840.113556.1.4.101 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a03-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Privilege-Attributes +ldapDisplayName: privilegeAttributes +attributeId: 1.2.840.113556.1.4.636 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b9a-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Display-Name +ldapDisplayName: privilegeDisplayName +attributeId: 1.2.840.113556.1.4.634 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 19405b98-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Holder +ldapDisplayName: privilegeHolder +attributeId: 1.2.840.113556.1.4.637 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 19405b9b-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 70 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Value +ldapDisplayName: privilegeValue +attributeId: 1.2.840.113556.1.4.635 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 19405b99-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Product-Code +ldapDisplayName: productCode +attributeId: 1.2.840.113556.1.4.818 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d9e18317-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Profile-Path +ldapDisplayName: profilePath +attributeId: 1.2.840.113556.1.4.139 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a05-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxied-Object-Name +ldapDisplayName: proxiedObjectName +attributeId: 1.2.840.113556.1.4.1249 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: TRUE +schemaIdGuid: e1aea402-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxy-Addresses +ldapDisplayName: proxyAddresses +attributeId: 1.2.840.113556.1.2.210 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a06-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 1123 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32783 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxy-Generation-Enabled +ldapDisplayName: proxyGenerationEnabled +attributeId: 1.2.840.113556.1.2.523 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 5fd424d6-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 33201 + +cn: netboot-New-Machine-Naming-Policy +ldapDisplayName: netbootNewMachineNamingPolicy +attributeId: 1.2.840.113556.1.4.855 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307c-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Proxy-Lifetime +ldapDisplayName: proxyLifetime +attributeId: 1.2.840.113556.1.4.103 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a07-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Public-Key-Policy +ldapDisplayName: publicKeyPolicy +attributeId: 1.2.840.113556.1.4.420 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 80a67e28-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Purported-Search +ldapDisplayName: purportedSearch +attributeId: 1.2.840.113556.1.4.886 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b4b54e50-943a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pwd-History-Length +ldapDisplayName: pwdHistoryLength +attributeId: 1.2.840.113556.1.4.95 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a09-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pwd-Last-Set +ldapDisplayName: pwdLastSet +attributeId: 1.2.840.113556.1.4.96 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a0a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pwd-Properties +ldapDisplayName: pwdProperties +attributeId: 1.2.840.113556.1.4.93 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Quality-Of-Service +ldapDisplayName: qualityOfService +attributeId: 1.2.840.113556.1.4.458 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80a67e4e-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Filter +ldapDisplayName: queryFilter +attributeId: 1.2.840.113556.1.4.1355 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: cbf70a26-7e78-11d2-9921-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: QueryPoint +ldapDisplayName: queryPoint +attributeId: 1.2.840.113556.1.4.680 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb86-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Policy-BL +ldapDisplayName: queryPolicyBL +attributeId: 1.2.840.113556.1.4.608 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e1aea404-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 69 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: netboot-New-Machine-OU +ldapDisplayName: netbootNewMachineOU +attributeId: 1.2.840.113556.1.4.856 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0738307d-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Policy-Object +ldapDisplayName: queryPolicyObject +attributeId: 1.2.840.113556.1.4.607 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: e1aea403-cd5b-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 68 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Range-Lower +ldapDisplayName: rangeLower +attributeId: 1.2.840.113556.1.2.34 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33043 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Range-Upper +ldapDisplayName: rangeUpper +attributeId: 1.2.840.113556.1.2.35 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33044 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RDN-Att-ID +ldapDisplayName: rDNAttID +attributeId: 1.2.840.113556.1.2.26 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967a0f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Registered-Address +ldapDisplayName: registeredAddress +attributeId: 2.5.4.26 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a10-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33049 + +cn: Remote-Server-Name +ldapDisplayName: remoteServerName +attributeId: 1.2.840.113556.1.4.105 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a12-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Source +ldapDisplayName: remoteSource +attributeId: 1.2.840.113556.1.4.107 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a14-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Source-Type +ldapDisplayName: remoteSourceType +attributeId: 1.2.840.113556.1.4.108 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a15-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Storage-GUID +ldapDisplayName: remoteStorageGUID +attributeId: 1.2.840.113556.1.4.809 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b0-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Replica-Source +ldapDisplayName: replicaSource +attributeId: 1.2.840.113556.1.4.109 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a18-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-SCP-BL +ldapDisplayName: netbootSCPBL +attributeId: 1.2.840.113556.1.4.864 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 07383082-91df-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 101 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +isSingleValued: TRUE + +cn: Repl-Interval +ldapDisplayName: replInterval +attributeId: 1.2.840.113556.1.4.1336 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 45ba9d1a-56fa-11d2-90d0-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Repl-Property-Meta-Data +ldapDisplayName: replPropertyMetaData +attributeId: 1.2.840.113556.1.4.3 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 281416c0-1968-11d0-a28f-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED + +cn: Repl-Topology-Stay-Of-Execution +ldapDisplayName: replTopologyStayOfExecution +attributeId: 1.2.840.113556.1.4.677 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb83-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Repl-UpToDate-Vector +ldapDisplayName: replUpToDateVector +attributeId: 1.2.840.113556.1.4.4 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a16-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Reps-From +ldapDisplayName: repsFrom +attributeId: 1.2.840.113556.1.2.91 +attributeSyntax: 2.5.5.10 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.6 +isSingleValued: FALSE +schemaIdGuid: bf967a1d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Reps-To +ldapDisplayName: repsTo +attributeId: 1.2.840.113556.1.2.83 +attributeSyntax: 2.5.5.10 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.6 +isSingleValued: FALSE +schemaIdGuid: bf967a1e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Required-Categories +ldapDisplayName: requiredCategories +attributeId: 1.2.840.113556.1.4.321 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7d6c0e93-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Retired-Repl-DSA-Signatures +ldapDisplayName: retiredReplDSASignatures +attributeId: 1.2.840.113556.1.4.673 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb7f-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Revision +ldapDisplayName: revision +attributeId: 1.2.840.113556.1.4.145 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a21-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Rid +ldapDisplayName: rid +attributeId: 1.2.840.113556.1.4.153 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a22-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Name-Service-Flags +ldapDisplayName: nameServiceFlags +attributeId: 1.2.840.113556.1.4.753 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80212840-4bdc-11d1-a9c4-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Server +ldapDisplayName: netbootServer +attributeId: 1.2.840.113556.1.4.860 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 07383081-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RID-Allocation-Pool +ldapDisplayName: rIDAllocationPool +attributeId: 1.2.840.113556.1.4.371 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 66171889-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Available-Pool +ldapDisplayName: rIDAvailablePool +attributeId: 1.2.840.113556.1.4.370 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 66171888-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Manager-Reference +ldapDisplayName: rIDManagerReference +attributeId: 1.2.840.113556.1.4.368 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 66171886-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Next-RID +ldapDisplayName: rIDNextRID +attributeId: 1.2.840.113556.1.4.374 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6617188c-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Previous-Allocation-Pool +ldapDisplayName: rIDPreviousAllocationPool +attributeId: 1.2.840.113556.1.4.372 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 6617188a-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Set-References +ldapDisplayName: rIDSetReferences +attributeId: 1.2.840.113556.1.4.669 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7b-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Used-Pool +ldapDisplayName: rIDUsedPool +attributeId: 1.2.840.113556.1.4.373 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 6617188b-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Rights-Guid +ldapDisplayName: rightsGuid +attributeId: 1.2.840.113556.1.4.340 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8297931c-86d3-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Role-Occupant +ldapDisplayName: roleOccupant +attributeId: 2.5.4.33 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a8df7465-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33061 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: roomNumber +ldapDisplayName: roomNumber +attributeId: 0.9.2342.19200300.100.1.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 81d7f8c2-e327-4a0d-91c6-b42d4009115f +systemOnly: FALSE +searchFlags: 0 + +cn: Netboot-SIF-File +ldapDisplayName: netbootSIFFile +attributeId: 1.2.840.113556.1.4.1240 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2df90d84-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Root-Trust +ldapDisplayName: rootTrust +attributeId: 1.2.840.113556.1.4.674 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb80-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: rpc-Ns-Annotation +ldapDisplayName: rpcNsAnnotation +attributeId: 1.2.840.113556.1.4.366 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 88611bde-8cf4-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Bindings +ldapDisplayName: rpcNsBindings +attributeId: 1.2.840.113556.1.4.113 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a23-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Codeset +ldapDisplayName: rpcNsCodeset +attributeId: 1.2.840.113556.1.4.367 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7a0ba0e0-8e98-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Entry-Flags +ldapDisplayName: rpcNsEntryFlags +attributeId: 1.2.840.113556.1.4.754 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80212841-4bdc-11d1-a9c4-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Group +ldapDisplayName: rpcNsGroup +attributeId: 1.2.840.113556.1.4.114 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a24-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Interface-ID +ldapDisplayName: rpcNsInterfaceID +attributeId: 1.2.840.113556.1.4.115 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a25-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Object-ID +ldapDisplayName: rpcNsObjectID +attributeId: 1.2.840.113556.1.4.312 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 29401c48-7a27-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Priority +ldapDisplayName: rpcNsPriority +attributeId: 1.2.840.113556.1.4.117 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf967a27-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Profile-Entry +ldapDisplayName: rpcNsProfileEntry +attributeId: 1.2.840.113556.1.4.118 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a28-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Tools +ldapDisplayName: netbootTools +attributeId: 1.2.840.113556.1.4.858 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307f-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Transfer-Syntax +ldapDisplayName: rpcNsTransferSyntax +attributeId: 1.2.840.113556.1.4.314 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 29401c4a-7a27-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SAM-Account-Name +ldapDisplayName: sAMAccountName +attributeId: 1.2.840.113556.1.4.221 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e0abfd0-126a-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SAM-Account-Type +ldapDisplayName: sAMAccountType +attributeId: 1.2.840.113556.1.4.302 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6e7b626c-64f2-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SAM-Domain-Updates +ldapDisplayName: samDomainUpdates +attributeId: 1.2.840.113556.1.4.1969 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 04d2d114-f799-4e9b-bcdc-90e8f5ba7ebe +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schedule +ldapDisplayName: schedule +attributeId: 1.2.840.113556.1.4.211 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: dd712224-10e4-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Flags-Ex +ldapDisplayName: schemaFlagsEx +attributeId: 1.2.840.113556.1.4.120 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a2b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-ID-GUID +ldapDisplayName: schemaIDGUID +attributeId: 1.2.840.113556.1.4.148 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967923-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Info +ldapDisplayName: schemaInfo +attributeId: 1.2.840.113556.1.4.1358 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: f9fb64ae-93b4-11d2-9945-0000f87a57d4 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Update +ldapDisplayName: schemaUpdate +attributeId: 1.2.840.113556.1.4.481 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 1e2d06b4-ac8f-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Schema-Version +ldapDisplayName: schemaVersion +attributeId: 1.2.840.113556.1.2.471 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf967a2c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33148 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Network-Address +ldapDisplayName: networkAddress +attributeId: 1.2.840.113556.1.2.459 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: FALSE +schemaIdGuid: bf9679d9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 256 +mapiID: 33136 + +cn: Scope-Flags +ldapDisplayName: scopeFlags +attributeId: 1.2.840.113556.1.4.1354 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16f3a4c2-7e79-11d2-9921-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Script-Path +ldapDisplayName: scriptPath +attributeId: 1.2.840.113556.1.4.62 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679a8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SD-Rights-Effective +ldapDisplayName: sDRightsEffective +attributeId: 1.2.840.113556.1.4.1304 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c3dbafa6-33df-11d2-98b2-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Search-Flags +ldapDisplayName: searchFlags +attributeId: 1.2.840.113556.1.2.334 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf967a2d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +mapiID: 33069 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Search-Guide +ldapDisplayName: searchGuide +attributeId: 2.5.4.14 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a2e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33070 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: secretary +ldapDisplayName: secretary +attributeId: 0.9.2342.19200300.100.1.21 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 01072d9a-98ad-4a53-9744-e83e287278fb +systemOnly: FALSE +searchFlags: 0 + +cn: Security-Identifier +ldapDisplayName: securityIdentifier +attributeId: 1.2.840.113556.1.4.121 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a2f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: See-Also +ldapDisplayName: seeAlso +attributeId: 2.5.4.34 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a31-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33071 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Seq-Notification +ldapDisplayName: seqNotification +attributeId: 1.2.840.113556.1.4.504 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ddac0cf2-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Serial-Number +ldapDisplayName: serialNumber +attributeId: 2.5.4.5 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: bf967a32-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +mapiID: 33072 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Next-Level-Store +ldapDisplayName: nextLevelStore +attributeId: 1.2.840.113556.1.4.214 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679da-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server-Name +ldapDisplayName: serverName +attributeId: 1.2.840.113556.1.4.223 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 09dcb7a0-165f-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Server-Reference +ldapDisplayName: serverReference +attributeId: 1.2.840.113556.1.4.515 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d9736d-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 94 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Server-Reference-BL +ldapDisplayName: serverReferenceBL +attributeId: 1.2.840.113556.1.4.516 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 26d9736e-6070-11d1-a9c6-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 95 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +isSingleValued: TRUE + +cn: Server-Role +ldapDisplayName: serverRole +attributeId: 1.2.840.113556.1.4.157 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a33-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server-State +ldapDisplayName: serverState +attributeId: 1.2.840.113556.1.4.154 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a34-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Service-Binding-Information +ldapDisplayName: serviceBindingInformation +attributeId: 1.2.840.113556.1.4.510 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b7b1311c-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-ID +ldapDisplayName: serviceClassID +attributeId: 1.2.840.113556.1.4.122 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a35-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-Info +ldapDisplayName: serviceClassInfo +attributeId: 1.2.840.113556.1.4.123 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a36-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-Name +ldapDisplayName: serviceClassName +attributeId: 1.2.840.113556.1.4.509 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b1311d-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-DNS-Name +ldapDisplayName: serviceDNSName +attributeId: 1.2.840.113556.1.4.657 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630eb8-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Next-Rid +ldapDisplayName: nextRid +attributeId: 1.2.840.113556.1.4.88 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679db-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Service-DNS-Name-Type +ldapDisplayName: serviceDNSNameType +attributeId: 1.2.840.113556.1.4.659 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630eba-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Instance-Version +ldapDisplayName: serviceInstanceVersion +attributeId: 1.2.840.113556.1.4.199 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a37-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 8 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Principal-Name +ldapDisplayName: servicePrincipalName +attributeId: 1.2.840.113556.1.4.771 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f3a64788-5306-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Setup-Command +ldapDisplayName: setupCommand +attributeId: 1.2.840.113556.1.4.325 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e97-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ShadowExpire +ldapDisplayName: shadowExpire +attributeId: 1.3.6.1.1.1.1.10 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 75159a00-1fff-4cf4-8bff-4ef2695cf643 +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowFlag +ldapDisplayName: shadowFlag +attributeId: 1.3.6.1.1.1.1.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8dfeb70d-c5db-46b6-b15e-a4389e6cee9b +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowInactive +ldapDisplayName: shadowInactive +attributeId: 1.3.6.1.1.1.1.9 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 86871d1f-3310-4312-8efd-af49dcfb2671 +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowLastChange +ldapDisplayName: shadowLastChange +attributeId: 1.3.6.1.1.1.1.5 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f8f2689c-29e8-4843-8177-e8b98e15eeac +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowMax +ldapDisplayName: shadowMax +attributeId: 1.3.6.1.1.1.1.7 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f285c952-50dd-449e-9160-3b880d99988d +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowMin +ldapDisplayName: shadowMin +attributeId: 1.3.6.1.1.1.1.6 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a76b8737-e5a1-4568-b057-dc12e04be4b2 +systemOnly: FALSE +searchFlags: 0 + +cn: NisMapEntry +ldapDisplayName: nisMapEntry +attributeId: 1.3.6.1.1.1.1.27 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4a95216e-fcc0-402e-b57f-5971626148a9 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: ShadowWarning +ldapDisplayName: shadowWarning +attributeId: 1.3.6.1.1.1.1.8 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7ae89c9c-2976-4a46-bb8a-340f88560117 +systemOnly: FALSE +searchFlags: 0 + +cn: Shell-Context-Menu +ldapDisplayName: shellContextMenu +attributeId: 1.2.840.113556.1.4.615 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 553fd039-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Shell-Property-Pages +ldapDisplayName: shellPropertyPages +attributeId: 1.2.840.113556.1.4.563 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 52458039-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Short-Server-Name +ldapDisplayName: shortServerName +attributeId: 1.2.840.113556.1.4.1209 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45b01501-c419-11d1-bbc9-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Show-In-Address-Book +ldapDisplayName: showInAddressBook +attributeId: 1.2.840.113556.1.4.644 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e74f60e-3e73-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Show-In-Advanced-View-Only +ldapDisplayName: showInAdvancedViewOnly +attributeId: 1.2.840.113556.1.2.169 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967984-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SID-History +ldapDisplayName: sIDHistory +attributeId: 1.2.840.113556.1.4.609 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 17eb4278-d167-11d0-b002-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemOnly: TRUE + +cn: Signature-Algorithms +ldapDisplayName: signatureAlgorithms +attributeId: 1.2.840.113556.1.4.824 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b2-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-GUID +ldapDisplayName: siteGUID +attributeId: 1.2.840.113556.1.4.362 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e978924-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link-List +ldapDisplayName: siteLinkList +attributeId: 1.2.840.113556.1.4.822 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdd-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 142 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NisMapName +ldapDisplayName: nisMapName +attributeId: 1.3.6.1.1.1.1.26 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 969d3c79-0e9a-4d95-b0ac-bdde7ff8f3a1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: Site-List +ldapDisplayName: siteList +attributeId: 1.2.840.113556.1.4.821 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdc-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 144 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Site-Object +ldapDisplayName: siteObject +attributeId: 1.2.840.113556.1.4.512 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 3e10944c-c354-11d0-aff8-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 46 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Site-Object-BL +ldapDisplayName: siteObjectBL +attributeId: 1.2.840.113556.1.4.513 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e10944d-c354-11d0-aff8-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 47 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Site-Server +ldapDisplayName: siteServer +attributeId: 1.2.840.113556.1.4.494 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1be8f17c-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Surname +ldapDisplayName: sn +attributeId: 2.5.4.4 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a41-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14865 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SPN-Mappings +ldapDisplayName: sPNMappings +attributeId: 1.2.840.113556.1.4.1347 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2ab0e76c-7041-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: State-Or-Province-Name +ldapDisplayName: st +attributeId: 2.5.4.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a39-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14888 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Street-Address +ldapDisplayName: street +attributeId: 2.5.4.9 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a3a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33082 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address +ldapDisplayName: streetAddress +attributeId: 1.2.840.113556.1.2.256 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff84-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14889 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Structural-Object-Class +ldapDisplayName: structuralObjectClass +attributeId: 2.5.21.9 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 3860949f-f6a8-4b38-9950-81ecb6bc2982 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NisNetgroupTriple +ldapDisplayName: nisNetgroupTriple +attributeId: 1.3.6.1.1.1.1.14 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: a8032e74-30ef-4ff5-affc-0fc217783fec +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: Sub-Class-Of +ldapDisplayName: subClassOf +attributeId: 1.2.840.113556.1.2.21 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967a3b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Sub-Refs +ldapDisplayName: subRefs +attributeId: 1.2.840.113556.1.2.7 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a3c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33083 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SubSchemaSubEntry +ldapDisplayName: subSchemaSubEntry +attributeId: 2.5.18.10 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94d-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Superior-DNS-Root +ldapDisplayName: superiorDNSRoot +attributeId: 1.2.840.113556.1.4.532 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5245801d-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Super-Scope-Description +ldapDisplayName: superScopeDescription +attributeId: 1.2.840.113556.1.4.711 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d274c-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Super-Scopes +ldapDisplayName: superScopes +attributeId: 1.2.840.113556.1.4.710 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274b-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Supplemental-Credentials +ldapDisplayName: supplementalCredentials +attributeId: 1.2.840.113556.1.4.125 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a3f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Supported-Application-Context +ldapDisplayName: supportedApplicationContext +attributeId: 2.5.4.30 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1677588f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33085 + +cn: Sync-Attributes +ldapDisplayName: syncAttributes +attributeId: 1.2.840.113556.1.4.666 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 037651e4-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-Membership +ldapDisplayName: syncMembership +attributeId: 1.2.840.113556.1.4.665 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 037651e3-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 78 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Non-Security-Member +ldapDisplayName: nonSecurityMember +attributeId: 1.2.840.113556.1.4.530 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 52458018-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 50 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-With-Object +ldapDisplayName: syncWithObject +attributeId: 1.2.840.113556.1.4.664 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 037651e2-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-With-SID +ldapDisplayName: syncWithSID +attributeId: 1.2.840.113556.1.4.667 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 037651e5-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: System-Auxiliary-Class +ldapDisplayName: systemAuxiliaryClass +attributeId: 1.2.840.113556.1.4.198 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a43-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Flags +ldapDisplayName: systemFlags +attributeId: 1.2.840.113556.1.4.375 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e0fa1e62-9b45-11d0-afdd-00c04fd930c9 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-May-Contain +ldapDisplayName: systemMayContain +attributeId: 1.2.840.113556.1.4.196 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a44-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Must-Contain +ldapDisplayName: systemMustContain +attributeId: 1.2.840.113556.1.4.197 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a45-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Only +ldapDisplayName: systemOnly +attributeId: 1.2.840.113556.1.4.170 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967a46-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Poss-Superiors +ldapDisplayName: systemPossSuperiors +attributeId: 1.2.840.113556.1.4.195 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a47-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Telephone-Number +ldapDisplayName: telephoneNumber +attributeId: 2.5.4.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a49-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14856 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Teletex-Terminal-Identifier +ldapDisplayName: teletexTerminalIdentifier +attributeId: 2.5.4.22 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a4a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33091 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NC-Name +ldapDisplayName: nCName +attributeId: 1.2.840.113556.1.2.16 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679d6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Non-Security-Member-BL +ldapDisplayName: nonSecurityMemberBL +attributeId: 1.2.840.113556.1.4.531 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 52458019-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 51 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Telex-Number +ldapDisplayName: telexNumber +attributeId: 2.5.4.21 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a4b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14892 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Template-Roots +ldapDisplayName: templateRoots +attributeId: 1.2.840.113556.1.4.1346 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ed9de9a0-7041-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Terminal-Server +ldapDisplayName: terminalServer +attributeId: 1.2.840.113556.1.4.885 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6db69a1c-9422-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 20480 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Text-Encoded-OR-Address +ldapDisplayName: textEncodedORAddress +attributeId: 0.9.2342.19200300.100.1.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7489-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35969 + +cn: Logo +ldapDisplayName: thumbnailLogo +attributeId: 2.16.840.1.113730.3.1.36 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679a9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Picture +ldapDisplayName: thumbnailPhoto +attributeId: 2.16.840.1.113730.3.1.35 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8d3bca50-1d7e-11d0-a081-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 102400 +mapiId: 35998 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Time-Refresh +ldapDisplayName: timeRefresh +attributeId: 1.2.840.113556.1.4.503 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ddac0cf1-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Time-Vol-Change +ldapDisplayName: timeVolChange +attributeId: 1.2.840.113556.1.4.502 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ddac0cf0-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Title +ldapDisplayName: title +attributeId: 2.5.4.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a55-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14871 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Token-Groups +ldapDisplayName: tokenGroups +attributeId: 1.2.840.113556.1.4.1301 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: b7c69e6d-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Additional-Information +ldapDisplayName: notes +attributeId: 1.2.840.113556.1.4.265 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6d05fb41-246b-11d0-a9c8-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Token-Groups-Global-And-Universal +ldapDisplayName: tokenGroupsGlobalAndUniversal +attributeId: 1.2.840.113556.1.4.1418 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 46a9b11d-60ae-405a-b7e8-ff8a58d456d2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Token-Groups-No-GC-Acceptable +ldapDisplayName: tokenGroupsNoGCAcceptable +attributeId: 1.2.840.113556.1.4.1303 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 040fc392-33df-11d2-98b2-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Tombstone-Lifetime +ldapDisplayName: tombstoneLifetime +attributeId: 1.2.840.113556.1.2.54 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16c3a860-1273-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 33093 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-Address-Attribute +ldapDisplayName: transportAddressAttribute +attributeId: 1.2.840.113556.1.4.895 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: c1dc867c-a261-11d1-b606-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-DLL-Name +ldapDisplayName: transportDLLName +attributeId: 1.2.840.113556.1.4.789 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 26d97372-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-Type +ldapDisplayName: transportType +attributeId: 1.2.840.113556.1.4.791 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97374-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Treat-As-Leaf +ldapDisplayName: treatAsLeaf +attributeId: 1.2.840.113556.1.4.806 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8fd044e3-771f-11d1-aeae-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Tree-Name +ldapDisplayName: treeName +attributeId: 1.2.840.113556.1.4.660 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630ebd-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Trust-Attributes +ldapDisplayName: trustAttributes +attributeId: 1.2.840.113556.1.4.470 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80a67e5a-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Auth-Incoming +ldapDisplayName: trustAuthIncoming +attributeId: 1.2.840.113556.1.4.129 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a59-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Notification-List +ldapDisplayName: notificationList +attributeId: 1.2.840.113556.1.4.303 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 19195a56-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Trust-Auth-Outgoing +ldapDisplayName: trustAuthOutgoing +attributeId: 1.2.840.113556.1.4.135 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a5f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Direction +ldapDisplayName: trustDirection +attributeId: 1.2.840.113556.1.4.132 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a5c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Parent +ldapDisplayName: trustParent +attributeId: 1.2.840.113556.1.4.471 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b000ea7a-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Partner +ldapDisplayName: trustPartner +attributeId: 1.2.840.113556.1.4.133 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a5d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Posix-Offset +ldapDisplayName: trustPosixOffset +attributeId: 1.2.840.113556.1.4.134 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a5e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Type +ldapDisplayName: trustType +attributeId: 1.2.840.113556.1.4.136 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a60-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: UAS-Compat +ldapDisplayName: uASCompat +attributeId: 1.2.840.113556.1.4.155 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a61-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: uid +ldapDisplayName: uid +attributeId: 0.9.2342.19200300.100.1.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0bb0fca0-1e89-429f-901a-1413894d9f59 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf + +cn: UidNumber +ldapDisplayName: uidNumber +attributeId: 1.3.6.1.1.1.1.0 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 850fcc8f-9c6b-47e1-b671-7c654be4d5b3 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: UNC-Name +ldapDisplayName: uNCName +attributeId: 1.2.840.113556.1.4.137 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a64-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NT-Group-Members +ldapDisplayName: nTGroupMembers +attributeId: 1.2.840.113556.1.4.89 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679df-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Unicode-Pwd +ldapDisplayName: unicodePwd +attributeId: 1.2.840.113556.1.4.90 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: uniqueIdentifier +ldapDisplayName: uniqueIdentifier +attributeId: 0.9.2342.19200300.100.1.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ba0184c7-38c5-4bed-a526-75421470580c +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: uniqueMember +ldapDisplayName: uniqueMember +attributeId: 2.5.4.50 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 8f888726-f80a-44d7-b1ee-cb9df21392c8 +systemOnly: FALSE +searchFlags: 0 + +cn: UnixHomeDirectory +ldapDisplayName: unixHomeDirectory +attributeId: 1.3.6.1.1.1.1.3 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: bc2dba12-000f-464d-bf1d-0808465d8843 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 2048 + +cn: UnixUserPassword +ldapDisplayName: unixUserPassword +attributeId: 1.2.840.113556.1.4.1910 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 612cb747-c0e8-4f92-9221-fdd5f15b550d +systemOnly: FALSE +searchFlags:fCONFIDENTIAL +rangeLower: 1 +rangeUpper: 128 + +cn: unstructuredAddress +ldapDisplayName: unstructuredAddress +attributeId: 1.2.840.113549.1.9.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 50950839-cc4c-4491-863a-fcf942d684b7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 + +cn: unstructuredName +ldapDisplayName: unstructuredName +attributeId: 1.2.840.113549.1.9.2 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 9c8ef177-41cf-45c9-9673-7716c0c8901b +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 + +cn: Upgrade-Product-Code +ldapDisplayName: upgradeProductCode +attributeId: 1.2.840.113556.1.4.813 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d9e18312-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: UPN-Suffixes +ldapDisplayName: uPNSuffixes +attributeId: 1.2.840.113556.1.4.890 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 032160bf-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: WWW-Page-Other +ldapDisplayName: url +attributeId: 1.2.840.113556.1.4.749 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a9a0221-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1 +mapiID: 33141 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NT-Mixed-Domain +ldapDisplayName: nTMixedDomain +attributeId: 1.2.840.113556.1.4.357 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3e97891f-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Account-Control +ldapDisplayName: userAccountControl +attributeId: 1.2.840.113556.1.4.8 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a68-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fPRESERVEONDELETE | fATTINDEX +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Cert +ldapDisplayName: userCert +attributeId: 1.2.840.113556.1.4.645 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a69-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14882 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: X509-Cert +ldapDisplayName: userCertificate +attributeId: 2.5.4.36 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a7f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35946 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: userClass +ldapDisplayName: userClass +attributeId: 0.9.2342.19200300.100.1.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11732a8a-e14d-4cc5-b92f-d93f51c6d8e4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: User-Parameters +ldapDisplayName: userParameters +attributeId: 1.2.840.113556.1.4.138 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a6d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Password +ldapDisplayName: userPassword +attributeId: 2.5.4.35 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a6e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 33107 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: userPKCS12 +ldapDisplayName: userPKCS12 +attributeId: 2.16.840.1.113730.3.1.216 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 23998ab5-70f8-4007-a4c1-a84a38311f9a +systemOnly: FALSE +searchFlags: 0 + +cn: User-Principal-Name +ldapDisplayName: userPrincipalName +attributeId: 1.2.840.113556.1.4.656 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630ebb-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Shared-Folder +ldapDisplayName: userSharedFolder +attributeId: 1.2.840.113556.1.4.751 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9a9a021f-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User-Shared-Folder-Other +ldapDisplayName: userSharedFolderOther +attributeId: 1.2.840.113556.1.4.752 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a9a0220-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Nt-Pwd-History +ldapDisplayName: ntPwdHistory +attributeId: 1.2.840.113556.1.4.94 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679e2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-SMIME-Certificate +ldapDisplayName: userSMIMECertificate +attributeId: 2.16.840.1.113730.3.140 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e16a9db2-403c-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14960 +isMemberOfPartialAttributeSet: TRUE + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User-Workstations +ldapDisplayName: userWorkstations +attributeId: 1.2.840.113556.1.4.86 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679d7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Changed +ldapDisplayName: uSNChanged +attributeId: 1.2.840.113556.1.2.120 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a6f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +mapiID: 32809 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Created +ldapDisplayName: uSNCreated +attributeId: 1.2.840.113556.1.2.19 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a70-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +mapiID: 33108 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-DSA-Last-Obj-Removed +ldapDisplayName: uSNDSALastObjRemoved +attributeId: 1.2.840.113556.1.2.267 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a71-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33109 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Intersite +ldapDisplayName: USNIntersite +attributeId: 1.2.840.113556.1.2.469 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a8df7498-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +mapiID: 33146 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: USN-Last-Obj-Rem +ldapDisplayName: uSNLastObjRem +attributeId: 1.2.840.113556.1.2.121 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a73-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33110 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Source +ldapDisplayName: uSNSource +attributeId: 1.2.840.113556.1.4.896 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 167758ad-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33111 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Valid-Accesses +ldapDisplayName: validAccesses +attributeId: 1.2.840.113556.1.4.1356 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 4d2fa380-7f54-11d2-992a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Vendor +ldapDisplayName: vendor +attributeId: 1.2.840.113556.1.4.255 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416df-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NT-Security-Descriptor +ldapDisplayName: nTSecurityDescriptor +attributeId: 1.2.840.113556.1.2.281 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: bf9679e3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE +rangeLower: 0 +rangeUpper: 132096 +mapiID: 32787 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: Version-Number +ldapDisplayName: versionNumber +attributeId: 1.2.840.113556.1.4.141 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a76-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Version-Number-Hi +ldapDisplayName: versionNumberHi +attributeId: 1.2.840.113556.1.4.328 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9a-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Version-Number-Lo +ldapDisplayName: versionNumberLo +attributeId: 1.2.840.113556.1.4.329 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9b-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Vol-Table-GUID +ldapDisplayName: volTableGUID +attributeId: 1.2.840.113556.1.4.336 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fd-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Vol-Table-Idx-GUID +ldapDisplayName: volTableIdxGUID +attributeId: 1.2.840.113556.1.4.334 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fb-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Volume-Count +ldapDisplayName: volumeCount +attributeId: 1.2.840.113556.1.4.507 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 34aaa217-b699-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Wbem-Path +ldapDisplayName: wbemPath +attributeId: 1.2.840.113556.1.4.301 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 244b2970-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Well-Known-Objects +ldapDisplayName: wellKnownObjects +attributeId: 1.2.840.113556.1.4.618 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 05308983-7688-11d1-aded-00c04fd8d5cd +systemOnly: TRUE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: When-Changed +ldapDisplayName: whenChanged +attributeId: 1.2.840.113556.1.2.3 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: bf967a77-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 12296 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: When-Created +ldapDisplayName: whenCreated +attributeId: 1.2.840.113556.1.2.2 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: bf967a78-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 12295 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organization-Name +ldapDisplayName: o +attributeId: 2.5.4.10 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679ef-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33025 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Winsock-Addresses +ldapDisplayName: winsockAddresses +attributeId: 1.2.840.113556.1.4.142 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a79-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: WWW-Home-Page +ldapDisplayName: wWWHomePage +attributeId: 1.2.840.113556.1.2.464 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a7a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 2048 +attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: X121-Address +ldapDisplayName: x121Address +attributeId: 2.5.4.24 +attributeSyntax: 2.5.5.6 +omSyntax: 18 +isSingleValued: FALSE +schemaIdGuid: bf967a7b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 15 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33112 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: x500uniqueIdentifier +ldapDisplayName: x500uniqueIdentifier +attributeId: 2.5.4.45 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d07da11f-8a3d-42b6-b0aa-76c962be719a +systemOnly: FALSE +searchFlags: 0 + +cn: Object-Category +ldapDisplayName: objectCategory +attributeId: 1.2.840.113556.1.4.782 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97369-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Class +ldapDisplayName: objectClass +attributeId: 2.5.4.0 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679e5-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NETBIOS-Name +ldapDisplayName: nETBIOSName +attributeId: 1.2.840.113556.1.4.87 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679d8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Class-Category +ldapDisplayName: objectClassCategory +attributeId: 1.2.840.113556.1.2.370 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf9679e6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 3 +mapiID: 33014 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Classes +ldapDisplayName: objectClasses +attributeId: 2.5.21.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94b-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Count +ldapDisplayName: objectCount +attributeId: 1.2.840.113556.1.4.506 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 34aaa216-b699-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Object-Guid +ldapDisplayName: objectGUID +attributeId: 1.2.840.113556.1.4.2 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 16 +rangeUpper: 16 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35949 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Sid +ldapDisplayName: objectSid +attributeId: 1.2.840.113556.1.4.146 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e8-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 0 +rangeUpper: 28 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +mapiID: 32807 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +systemOnly: FALSE + +cn: Object-Version +ldapDisplayName: objectVersion +attributeId: 1.2.840.113556.1.2.76 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16775848-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33015 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OEM-Information +ldapDisplayName: oEMInformation +attributeId: 1.2.840.113556.1.4.151 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679ea-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OM-Object-Class +ldapDisplayName: oMObjectClass +attributeId: 1.2.840.113556.1.2.218 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ec-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33021 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OM-Syntax +ldapDisplayName: oMSyntax +attributeId: 1.2.840.113556.1.2.231 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679ed-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +mapiID: 33022 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OMT-Guid +ldapDisplayName: oMTGuid +attributeId: 1.2.840.113556.1.4.505 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: ddac0cf3-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Allow-New-Clients +ldapDisplayName: netbootAllowNewClients +attributeId: 1.2.840.113556.1.4.849 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 07383076-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OMT-Indx-Guid +ldapDisplayName: oMTIndxGuid +attributeId: 1.2.840.113556.1.4.333 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fa-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OncRpcNumber +ldapDisplayName: oncRpcNumber +attributeId: 1.3.6.1.1.1.1.18 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 966825f5-01d9-4a5c-a011-d15ae84efa55 +systemOnly: FALSE +searchFlags: 0 + +cn: Operating-System +ldapDisplayName: operatingSystem +attributeId: 1.2.840.113556.1.4.363 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978925-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operating-System-Hotfix +ldapDisplayName: operatingSystemHotfix +attributeId: 1.2.840.113556.1.4.415 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bd951b3c-9c96-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Operating-System-Service-Pack +ldapDisplayName: operatingSystemServicePack +attributeId: 1.2.840.113556.1.4.365 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978927-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operating-System-Version +ldapDisplayName: operatingSystemVersion +attributeId: 1.2.840.113556.1.4.364 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978926-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operator-Count +ldapDisplayName: operatorCount +attributeId: 1.2.840.113556.1.4.144 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679ee-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Option-Description +ldapDisplayName: optionDescription +attributeId: 1.2.840.113556.1.4.712 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d274d-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Options +ldapDisplayName: options +attributeId: 1.2.840.113556.1.4.307 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19195a53-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Options-Location +ldapDisplayName: optionsLocation +attributeId: 1.2.840.113556.1.4.713 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274e-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Answer-Only-Valid-Clients +ldapDisplayName: netbootAnswerOnlyValidClients +attributeId: 1.2.840.113556.1.4.854 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 0738307b-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: organizationalStatus +ldapDisplayName: organizationalStatus +attributeId: 0.9.2342.19200300.100.1.45 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 28596019-7349-4d2f-adff-5a629961f942 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Original-Display-Table +ldapDisplayName: originalDisplayTable +attributeId: 1.2.840.113556.1.2.445 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424ce-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33027 + +cn: Original-Display-Table-MSDOS +ldapDisplayName: originalDisplayTableMSDOS +attributeId: 1.2.840.113556.1.2.214 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424cf-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33028 + +cn: Phone-Fax-Other +ldapDisplayName: otherFacsimileTelephoneNumber +attributeId: 1.2.840.113556.1.4.646 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c11d-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Home-Other +ldapDisplayName: otherHomePhone +attributeId: 1.2.840.113556.1.2.277 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa2-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14895 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Ip-Other +ldapDisplayName: otherIpPhone +attributeId: 1.2.840.113556.1.4.722 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4d146e4b-48d4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Login-Workstations +ldapDisplayName: otherLoginWorkstations +attributeId: 1.2.840.113556.1.4.91 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679f1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Mailbox +ldapDisplayName: otherMailbox +attributeId: 1.2.840.113556.1.4.651 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c123-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 + +cn: Phone-Mobile-Other +ldapDisplayName: otherMobile +attributeId: 1.2.840.113556.1.4.647 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c11e-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Pager-Other +ldapDisplayName: otherPager +attributeId: 1.2.840.113556.1.2.118 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa4-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35950 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Answer-Requests +ldapDisplayName: netbootAnswerRequests +attributeId: 1.2.840.113556.1.4.853 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 0738307a-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 + +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Office-Other +ldapDisplayName: otherTelephone +attributeId: 1.2.840.113556.1.2.18 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa5-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14875 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Well-Known-Objects +ldapDisplayName: otherWellKnownObjects +attributeId: 1.2.840.113556.1.4.1359 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 1ea64e5d-ac0f-11d2-90df-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Organizational-Unit-Name +ldapDisplayName: ou +attributeId: 2.5.4.11 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679f0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33026 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Owner +ldapDisplayName: owner +attributeId: 2.5.4.32 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679f3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +linkID: 44 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Exch-Owner-BL +ldapDisplayName: ownerBL +attributeId: 1.2.840.113556.1.2.104 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf9679f4-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 45 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Package-Flags +ldapDisplayName: packageFlags +attributeId: 1.2.840.113556.1.4.327 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e99-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Name +ldapDisplayName: packageName +attributeId: 1.2.840.113556.1.4.326 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e98-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Type +ldapDisplayName: packageType +attributeId: 1.2.840.113556.1.4.324 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e96-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Pager-Primary +ldapDisplayName: pager +attributeId: 0.9.2342.19200300.100.1.42 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa6-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14881 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-CA +ldapDisplayName: parentCA +attributeId: 1.2.840.113556.1.4.557 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 5245801b-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Current-Client-Count +ldapDisplayName: netbootCurrentClientCount +attributeId: 1.2.840.113556.1.4.852 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 07383079-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-CA-Certificate-Chain +ldapDisplayName: parentCACertificateChain +attributeId: 1.2.840.113556.1.4.685 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2733-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-GUID +ldapDisplayName: parentGUID +attributeId: 1.2.840.113556.1.4.1224 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2df90d74-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Partial-Attribute-Deletion-List +ldapDisplayName: partialAttributeDeletionList +attributeId: 1.2.840.113556.1.4.663 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 28630ec0-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Partial-Attribute-Set +ldapDisplayName: partialAttributeSet +attributeId: 1.2.840.113556.1.4.640 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 19405b9e-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pek-Key-Change-Interval +ldapDisplayName: pekKeyChangeInterval +attributeId: 1.2.840.113556.1.4.866 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 07383084-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pek-List +ldapDisplayName: pekList +attributeId: 1.2.840.113556.1.4.865 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 07383083-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pending-CA-Certificates +ldapDisplayName: pendingCACertificates +attributeId: 1.2.840.113556.1.4.693 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d273c-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pending-Parent-CA +ldapDisplayName: pendingParentCA +attributeId: 1.2.840.113556.1.4.695 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273e-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Per-Msg-Dialog-Display-Table +ldapDisplayName: perMsgDialogDisplayTable +attributeId: 1.2.840.113556.1.2.325 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424d3-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33032 + +cn: Per-Recip-Dialog-Display-Table +ldapDisplayName: perRecipDialogDisplayTable +attributeId: 1.2.840.113556.1.2.326 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424d4-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33033 + +cn: Netboot-GUID +ldapDisplayName: netbootGUID +attributeId: 1.2.840.113556.1.4.359 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e978921-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Personal-Title +ldapDisplayName: personalTitle +attributeId: 1.2.840.113556.1.2.615 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775858-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35947 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: photo +ldapDisplayName: photo +attributeId: 0.9.2342.19200300.100.1.7 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9c979768-ba1a-4c08-9632-c6a5c1ed649a +systemOnly: FALSE +searchFlags: 0 + +cn: Physical-Delivery-Office-Name +ldapDisplayName: physicalDeliveryOfficeName +attributeId: 2.5.4.19 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679f7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14873 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Physical-Location-Object +ldapDisplayName: physicalLocationObject +attributeId: 1.2.840.113556.1.4.514 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7b13119-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Critical-Extensions +ldapDisplayName: pKICriticalExtensions +attributeId: 1.2.840.113556.1.4.1330 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fc5a9106-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Default-CSPs +ldapDisplayName: pKIDefaultCSPs +attributeId: 1.2.840.113556.1.4.1334 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 1ef6336e-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Default-Key-Spec +ldapDisplayName: pKIDefaultKeySpec +attributeId: 1.2.840.113556.1.4.1327 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 426cae6e-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Enrollment-Access +ldapDisplayName: pKIEnrollmentAccess +attributeId: 1.2.840.113556.1.4.1335 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: FALSE +schemaIdGuid: 926be278-56f9-11d2-90d0-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Expiration-Period +ldapDisplayName: pKIExpirationPeriod +attributeId: 1.2.840.113556.1.4.1331 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 041570d2-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Extended-Key-Usage +ldapDisplayName: pKIExtendedKeyUsage +attributeId: 1.2.840.113556.1.4.1333 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 18976af6-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + diff --git a/source4/setup/ad-schema/MS-AD_Schema_Classes_v20080618.txt b/source4/setup/ad-schema/MS-AD_Schema_Classes_v20080618.txt new file mode 100644 index 0000000000..cd784edfc3 --- /dev/null +++ b/source4/setup/ad-schema/MS-AD_Schema_Classes_v20080618.txt @@ -0,0 +1,3418 @@ +# © 2008 Microsoft Corporation. All rights reserved +# +# Intellectual Property Rights Notice for Protocol Documentation +# +# Copyrights. +# This protocol documentation is covered by Microsoft +# copyrights. Regardless of any other terms that are contained in the +# terms of use for the Microsoft website that hosts this documentation, +# you may make copies of it in order to develop implementations of the +# protocols, and may distribute portions of it in your implementations +# of the protocols or your documentation as necessary to properly +# document the implementation. You may also distribute in your +# implementation, with or without modification, any schema, IDL's, or +# code samples that are included in the documentation. This permission +# also applies to any documents that are referenced in the protocol +# documentation. +# +# No Trade Secrets. +# Microsoft does not claim any trade secret rights in this documentation. +# +# Patents. +# Microsoft has patents that may cover your implementations of the +# protocols. Neither this notice nor Microsoft's delivery of the +# documentation grants any licenses under those or any other Microsoft +# patents. However, the protocols may be covered by MicrosoftÂ’s Open +# Specification Promise (available here: +# http://www.microsoft.com/interop/osp). If you would prefer a written +# license, or if the protocols are not covered by the OSP, patent +# licenses are available by contacting protocol@microsoft.com. +# +# Trademarks. +# The names of companies and products contained in this documentation +# may be covered by trademarks or similar intellectual property +# rights. This notice does not grant any licenses under those +# rights.Reservation of Rights. All other rights are reserved, and this +# notice does not grant any rights other than specifically described +# above, whether by implication, estoppel, or otherwise. +# +# Tools. +# This protocol documentation is intended for use in conjunction with +# publicly available standard specifications and network programming +# art, and assumes that the reader either is familiar with the +# aforementioned material or has immediate access to it. A protocol +# specification does not require the use of Microsoft programming tools +# or programming environments in order for you to develop an +# implementation. If you have access to Microsoft programming tools and +# environments you are free to take advantage of them. + +cn: account +ldapDisplayName: account +governsId: 0.9.2342.19200300.100.4.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: uid, host, ou, o, l, seeAlso, description +possSuperiors: organizationalUnit, container +schemaIdGuid:2628a46a-a6ad-4ae0-b854-2b12d9fe6f9e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=account,CN=Schema,CN=Configuration, + +cn: Application-Site-Settings +ldapDisplayName: applicationSiteSettings +governsId: 1.2.840.113556.1.5.68 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, applicationName +systemPossSuperiors: site +schemaIdGuid:19195a5c-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Site-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFSR-ReplicationGroup +ldapDisplayName: msDFSR-ReplicationGroup +governsId: 1.2.840.113556.1.6.13.4.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ReplicationGroupType +mayContain: msDFSR-Options2, msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter,msDFSR-DefaultCompressionExclusionFilter, msDFSR-DeletedSizeInMb,msDFSR-DirectoryFilter, msDFSR-FileFilter, msDFSR-ConflictSizeInMb,msDFSR-StagingSizeInMb, msDFSR-RootSizeInMb, description,msDFSR-TombstoneExpiryInMin, msDFSR-Flags, msDFSR-Options,msDFSR-Extension, msDFSR-Schedule, msDFSR-Version +possSuperiors: msDFSR-GlobalSettings +schemaIdGuid:1c332fe0-0c2a-4f32-afca-23c5e45a9e77 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-ReplicationGroup,CN=Schema,CN=Configuration, + +cn: ms-DFSR-Subscriber +ldapDisplayName: msDFSR-Subscriber +governsId: 1.2.840.113556.1.6.13.4.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-MemberReference, msDFSR-ReplicationGroupGuid +mayContain: msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-LocalSettings +schemaIdGuid:e11505d7-92c4-43e7-bf5c-295832ffc896 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Subscriber,CN=Schema,CN=Configuration, + +cn: ms-DFSR-Subscription +ldapDisplayName: msDFSR-Subscription +governsId: 1.2.840.113556.1.6.13.4.3 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ContentSetGuid, msDFSR-ReplicationGroupGuid +mayContain: msDFSR-StagingCleanupTriggerInPercent, msDFSR-Options2,msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter, msDFSR-MaxAgeInCacheInMin,msDFSR-MinDurationCacheInMin, msDFSR-CachePolicy, msDFSR-ReadOnly,msDFSR-DeletedSizeInMb, msDFSR-DeletedPath, msDFSR-RootPath,msDFSR-RootSizeInMb, msDFSR-StagingPath, msDFSR-StagingSizeInMb,msDFSR-ConflictPath, msDFSR-ConflictSizeInMb, msDFSR-Enabled,msDFSR-RootFence, msDFSR-DfsLinkTarget, msDFSR-Flags,msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Subscriber +schemaIdGuid:67212414-7bcc-4609-87e0-088dad8abdee +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Subscription,CN=Schema,CN=Configuration, + +cn: ms-DFSR-Topology +ldapDisplayName: msDFSR-Topology +governsId: 1.2.840.113556.1.6.13.4.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-ReplicationGroup +schemaIdGuid:04828aa9-6e42-4e80-b962-e2fe00754d17 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Topology,CN=Schema,CN=Configuration, + +cn: ms-DS-App-Configuration +ldapDisplayName: msDS-App-Configuration +governsId: 1.2.840.113556.1.5.220 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, msDS-ObjectReference, msDS-Integer, msDS-DateTime,msDS-ByteArray, managedBy, keywords +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:90df3c3e-1854-4455-a5d7-cad40d56657a +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-App-Configuration,CN=Schema,CN=Configuration, + +cn: ms-DS-App-Data +ldapDisplayName: msDS-AppData +governsId: 1.2.840.113556.1.5.241 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, msDS-ObjectReference, msDS-Integer, msDS-DateTime,msDS-ByteArray, managedBy, keywords +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:9e67d761-e327-4d55-bc95-682f875e2f8e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-App-Data,CN=Schema,CN=Configuration, + +cn: ms-DS-Az-Admin-Manager +ldapDisplayName: msDS-AzAdminManager +governsId: 1.2.840.113556.1.5.234 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzMinorVersion, msDS-AzMajorVersion, msDS-AzApplicationData,msDS-AzGenerateAudits, msDS-AzScriptTimeout,msDS-AzScriptEngineCacheMax, msDS-AzDomainTimeout, description +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:cfee1051-5f28-4bae-a863-5d0cc18a8ed1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Admin-Manager,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application +ldapDisplayName: msDS-AzApplication +governsId: 1.2.840.113556.1.5.235 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, msDS-AzGenerateAudits,msDS-AzApplicationVersion, msDS-AzClassId, msDS-AzApplicationName,description +systemPossSuperiors: msDS-AzAdminManager +schemaIdGuid:ddf8de9b-cba5-4e12-842e-28d8b66f75ec +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Application,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Operation +ldapDisplayName: msDS-AzOperation +governsId: 1.2.840.113556.1.5.236 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-AzOperationID +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, description +systemPossSuperiors: container, msDS-AzApplication +schemaIdGuid:860abe37-9a9b-4fa4-b3d2-b8ace5df9ec5 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Operation,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Role +ldapDisplayName: msDS-AzRole +governsId: 1.2.840.113556.1.5.239 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, msDS-TasksForAzRole,msDS-OperationsForAzRole, msDS-MembersForAzRole, description +systemPossSuperiors: container, msDS-AzScope, msDS-AzApplication +schemaIdGuid:8213eac9-9d55-44dc-925c-e9a52b927644 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Role,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Version +ldapDisplayName: applicationVersion +governsId: 1.2.840.113556.1.5.216 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, managedBy, keywords, versionNumberLo,versionNumberHi, versionNumber, vendor, appSchemaVersion +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:ddc790ac-af4d-442a-8f0f-a1d4caa7dd92 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Version,CN=Schema,CN=Configuration, + +cn: ms-DS-Az-Scope +ldapDisplayName: msDS-AzScope +governsId: 1.2.840.113556.1.5.237 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-AzScopeName +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, description +systemPossSuperiors: msDS-AzApplication +schemaIdGuid:4feae054-ce55-47bb-860e-5b12063a51de +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Scope,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Task +ldapDisplayName: msDS-AzTask +governsId: 1.2.840.113556.1.5.238 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-TasksForAzTask, msDS-OperationsForAzTask,msDS-AzApplicationData, msDS-AzTaskIsRoleDefinition,msDS-AzLastImportedBizRulePath, msDS-AzBizRuleLanguage,msDS-AzBizRule, description +systemPossSuperiors: container, msDS-AzScope, msDS-AzApplication +schemaIdGuid:1ed3a473-9b1b-418a-bfa0-3a37b95a5306 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Task,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Password-Settings +ldapDisplayName: msDS-PasswordSettings +governsId: 1.2.840.113556.1.5.255 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-MaximumPasswordAge, msDS-MinimumPasswordAge,msDS-MinimumPasswordLength, msDS-PasswordComplexityEnabled,msDS-LockoutObservationWindow, msDS-LockoutDuration,msDS-LockoutThreshold, msDS-PasswordReversibleEncryptionEnabled,msDS-PasswordSettingsPrecedence, msDS-PasswordHistoryLength +systemMayContain: msDS-PSOAppliesTo +systemPossSuperiors: msDS-PasswordSettingsContainer +schemaIdGuid:: 3bcd9db8-f84b-451c-952f-6c52b81f9ec6 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Password-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Password-Settings +ldapDisplayName: msDS-PasswordSettingsContainer +governsId: 1.2.840.113556.1.5.256 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: Container +schemaIdGuid:: 5b06b06a-4cf3-44c0-bd16-43bc10a987da +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Password-Settings-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Container +ldapDisplayName: msDS-QuotaContainer +governsId: 1.2.840.113556.1.5.242 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: msDS-TopQuotaUsage, msDS-QuotaUsed,msDS-QuotaEffective, msDS-TombstoneQuotaFactor, msDS-DefaultQuota +systemPossSuperiors: configuration, domainDNS +schemaIdGuid:da83fc4f-076f-4aea-b4dc-8f4dab9b5993 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;BA)(OA;;CR;4ecc03fe-ffc0-4947-b630-eb672a8a9dbc;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Quota-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Control +ldapDisplayName: msDS-QuotaControl +governsId: 1.2.840.113556.1.5.243 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-QuotaAmount, msDS-QuotaTrustee, cn +systemPossSuperiors: msDS-QuotaContainer +schemaIdGuid:de91fc26-bd02-4b52-ae26-795999e96fc7 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;BA) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Quota-Control,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Exch-Configuration-Container +ldapDisplayName: msExchConfigurationContainer +governsId: 1.2.840.113556.1.5.176 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: templateRoots, addressBookRoots, globalAddressList,templateRoots2, addressBookRoots2, globalAddressList2 +schemaIdGuid:d03d6858-06f4-11d2-aa53-00c04fd7d83a +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Exch-Configuration-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-RecoveryInformation +ldapDisplayName: msFVE-RecoveryInformation +governsId: 1.2.840.113556.1.5.253 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msFVE-RecoveryPassword, msFVE-RecoveryGuid +mayContain: msFVE-KeyPackage, msFVE-VolumeGuid +systemPossSuperiors: computer +schemaIdGuid:ea715d30-8f53-40d0-bd1e-6109186d782c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-FVE-RecoveryInformation,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-Policy +ldapDisplayName: msieee80211-Policy +governsId: 1.2.840.113556.1.5.240 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msieee80211-ID, msieee80211-DataType,msieee80211-Data +systemPossSuperiors: organizationalUnit, container, computer +schemaIdGuid:7b9a2d92-b7eb-4382-9772-c3e0f9baaf94 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-ieee-80211-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Custom-Recipient +ldapDisplayName: msMQ-Custom-Recipient +governsId: 1.2.840.113556.1.5.218 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msMQ-Recipient-FormatName +systemPossSuperiors: organizationalUnit, domainDNS, container +schemaIdGuid:876d6817-35cc-436c-acea-5ef7174dd9be +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Custom-Recipient,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Attribute-Schema +ldapDisplayName: attributeSchema +governsId: 1.2.840.113556.1.3.14 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: schemaIDGUID, oMSyntax, lDAPDisplayName,isSingleValued, cn, attributeSyntax, attributeID +systemMayContain: systemOnly, searchFlags, schemaFlagsEx,rangeUpper, rangeLower, oMObjectClass, msDs-Schema-Extensions,msDS-IntId, mAPIID, linkID, isMemberOfPartialAttributeSet,isEphemeral, isDefunct, extendedCharsAllowed, classDisplayName,attributeSecurityGUID +systemPossSuperiors: dMD +schemaIdGuid:bf967a80-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Group +ldapDisplayName: msMQ-Group +governsId: 1.2.840.113556.1.5.219 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: member +systemPossSuperiors: organizationalUnit +schemaIdGuid:46b27aac-aafa-4ffb-b773-e5bf621ee87b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Group,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Configuration +ldapDisplayName: mSMQConfiguration +governsId: 1.2.840.113556.1.5.162 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQSites, mSMQSignKey, mSMQServiceType,mSMQRoutingServices, mSMQQuota, mSMQOwnerID, mSMQOutRoutingServers,mSMQOSType, mSMQJournalQuota, mSMQInRoutingServers, mSMQForeign,mSMQEncryptKey, mSMQDsServices, mSMQDependentClientServices,mSMQComputerTypeEx, mSMQComputerType +systemPossSuperiors: computer +schemaIdGuid:9a0dc344-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Configuration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Enterprise-Settings +ldapDisplayName: mSMQEnterpriseSettings +governsId: 1.2.840.113556.1.5.163 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQVersion, mSMQNameStyle, mSMQLongLived,mSMQInterval2, mSMQInterval1, mSMQCSPName +systemPossSuperiors: container +schemaIdGuid:9a0dc345-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Enterprise-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Migrated-User +ldapDisplayName: mSMQMigratedUser +governsId: 1.2.840.113556.1.5.179 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQUserSid, mSMQSignCertificatesMig,mSMQSignCertificates, mSMQDigestsMig, mSMQDigests, objectSid +systemPossSuperiors: organizationalUnit, domainDNS, builtinDomain +schemaIdGuid:50776997-3c3d-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Migrated-User,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue +ldapDisplayName: mSMQQueue +governsId: 1.2.840.113556.1.5.161 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQTransactional, MSMQ-SecuredSource,mSMQQueueType, mSMQQueueQuota, mSMQQueueNameExt,mSMQQueueJournalQuota, mSMQPrivacyLevel, mSMQOwnerID,MSMQ-MulticastAddress, mSMQLabelEx, mSMQLabel, mSMQJournal,mSMQBasePriority, mSMQAuthenticate +systemPossSuperiors: mSMQConfiguration +schemaIdGuid:9a0dc343-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Queue,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Settings +ldapDisplayName: mSMQSettings +governsId: 1.2.840.113556.1.5.165 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQSiteNameEx, mSMQSiteName, mSMQServices,mSMQRoutingService, mSMQQMID, mSMQOwnerID, mSMQNt4Flags,mSMQMigrated, mSMQDsService, mSMQDependentClientService +systemPossSuperiors: server +schemaIdGuid:9a0dc347-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Link +ldapDisplayName: mSMQSiteLink +governsId: 1.2.840.113556.1.5.164 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: mSMQSite2, mSMQSite1, mSMQCost +systemMayContain: mSMQSiteGatesMig, mSMQSiteGates +systemPossSuperiors: mSMQEnterpriseSettings +schemaIdGuid:9a0dc346-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Site-Link,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Enterprise-Oid +ldapDisplayName: msPKI-Enterprise-Oid +governsId: 1.2.840.113556.1.5.196 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msPKI-OID-User-Notice, msPKI-OIDLocalizedName,msPKI-OID-CPS, msPKI-OID-Attribute, msPKI-Cert-Template-OID +systemPossSuperiors: msPKI-Enterprise-Oid, container +schemaIdGuid:37cfd85c-6719-4ad8-8f9e-8678ba627563 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Enterprise-Oid,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Key-Recovery-Agent +ldapDisplayName: msPKI-Key-Recovery-Agent +governsId: 1.2.840.113556.1.5.195 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +systemPossSuperiors: container +schemaIdGuid:26ccf238-a08e-4b86-9a82-a8c9ac7ee5cb +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Key-Recovery-Agent,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Private-Key-Recovery-Agent +ldapDisplayName: msPKI-PrivateKeyRecoveryAgent +governsId: 1.2.840.113556.1.5.223 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: userCertificate +systemPossSuperiors: container +schemaIdGuid:1562a632-44b9-4a7e-a2d3-e426c96a3acc +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Private-Key-Recovery-Agent,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: BootableDevice +ldapDisplayName: bootableDevice +governsId: 1.3.6.1.1.1.2.12 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, bootParameter, bootFile +schemaIdGuid:4bcb2477-4bb3-4545-a9fc-fb66e136b435 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=BootableDevice,CN=Schema,CN=Configuration, + +cn: ms-Print-ConnectionPolicy +ldapDisplayName: msPrint-ConnectionPolicy +governsId: 1.2.840.113556.1.6.23.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: printerName, printAttributes, serverName, uNCName +possSuperiors: container +schemaIdGuid:a16f33c7-7fd6-4828-9364-435138fda08d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Print-ConnectionPolicy,CN=Schema,CN=Configuration, + +cn: msSFU-30-Domain-Info +ldapDisplayName: msSFU30DomainInfo +governsId: 1.2.840.113556.1.6.18.2.215 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30Domains, msSFU30YpServers, msSFU30SearchContainer,msSFU30IsValidContainer, msSFU30MasterServerName,msSFU30OrderNumber, msSFU30MaxGidNumber, msSFU30MaxUidNumber,msSFU30CryptMethod +possSuperiors: container +schemaIdGuid:36297dce-656b-4423-ab65-dabb2770819e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Domain-Info,CN=Schema,CN=Configuration, + +cn: msSFU-30-Mail-Aliases +ldapDisplayName: msSFU30MailAliases +governsId: 1.2.840.113556.1.6.18.2.211 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30Name, msSFU30NisDomain, msSFU30Aliases, nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:d6710785-86ff-44b7-85b5-f1f8689522ce +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Mail-Aliases,CN=Schema,CN=Configuration, + +cn: msSFU-30-Net-Id +ldapDisplayName: msSFU30NetId +governsId: 1.2.840.113556.1.6.18.2.212 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyValues, msSFU30Name, msSFU30NisDomain,nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:e263192c-2a02-48df-9792-94f2328781a0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Net-Id,CN=Schema,CN=Configuration, + +cn: msSFU-30-Network-User +ldapDisplayName: msSFU30NetworkUser +governsId: 1.2.840.113556.1.6.18.2.216 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyValues, msSFU30Name, msSFU30NisDomain,nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:e15334a3-0bf0-4427-b672-11f5d84acc92 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Network-User,CN=Schema,CN=Configuration, + +cn: msSFU-30-NIS-Map-Config +ldapDisplayName: msSFU30NISMapConfig +governsId: 1.2.840.113556.1.6.18.2.217 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyAttributes, msSFU30FieldSeparator,msSFU30NSMAPFieldPosition, msSFU30IntraFieldSeparator,msSFU30SearchAttributes, msSFU30ResultAttributes, msSFU30MapFilter +possSuperiors: container +schemaIdGuid:faf733d0-f8eb-4dcf-8d75-f1753af6a50b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-NIS-Map-Config,CN=Schema,CN=Configuration, + +cn: ms-TAPI-Rt-Conference +ldapDisplayName: msTAPI-RtConference +governsId: 1.2.840.113556.1.5.221 +objectClassCategory: 1 +rdnAttId: msTAPI-uid +subClassOf: top +systemMustContain: msTAPI-uid +systemMayContain: msTAPI-ConferenceBlob, msTAPI-ProtocolId +systemPossSuperiors: organizationalUnit +schemaIdGuid:ca7b9735-4b2a-4e49-89c3-99025334dc94 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-TAPI-Rt-Conference,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Rt-Person +ldapDisplayName: msTAPI-RtPerson +governsId: 1.2.840.113556.1.5.222 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msTAPI-uid, msTAPI-IpAddress +systemPossSuperiors: organization, organizationalUnit +schemaIdGuid:53ea1cb5-b704-4df9-818f-5cb4ec86cac1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-TAPI-Rt-Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-IntRangeParam +ldapDisplayName: msWMI-IntRangeParam +governsId: 1.2.840.113556.1.5.205 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntMax, msWMI-IntMin +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:50ca5d7d-5c8b-4ef3-b9df-5b66d491e526 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-IntRangeParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-IntSetParam +ldapDisplayName: msWMI-IntSetParam +governsId: 1.2.840.113556.1.5.206 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:292f0d9a-cf76-42b0-841f-b650f331df62 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-IntSetParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Builtin-Domain +ldapDisplayName: builtinDomain +governsId: 1.2.840.113556.1.5.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: samDomainBase +systemPossSuperiors: domainDNS +schemaIdGuid:bf967a81-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-MergeablePolicyTemplate +ldapDisplayName: msWMI-MergeablePolicyTemplate +governsId: 1.2.840.113556.1.5.202 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-PolicyTemplate +systemPossSuperiors: container +schemaIdGuid:07502414-fdca-4851-b04a-13645b11d226 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-MergeablePolicyTemplate,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ObjectEncoding +ldapDisplayName: msWMI-ObjectEncoding +governsId: 1.2.840.113556.1.5.217 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-Class, msWMI-ScopeGuid, msWMI-Parm1,msWMI-Parm2, msWMI-Parm3, msWMI-Parm4, msWMI-Genus, msWMI-intFlags1,msWMI-intFlags2, msWMI-intFlags3, msWMI-intFlags4, msWMI-ID,msWMI-TargetObject +systemPossSuperiors: container +schemaIdGuid:55dd81c9-c312-41f9-a84d-c6adbdf1e8e1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-ObjectEncoding,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-PolicyTemplate +ldapDisplayName: msWMI-PolicyTemplate +governsId: 1.2.840.113556.1.5.200 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-NormalizedClass, msWMI-TargetPath,msWMI-TargetClass, msWMI-TargetNameSpace, msWMI-Name, msWMI-ID +systemMayContain: msWMI-TargetType, msWMI-SourceOrganization,msWMI-Parm4, msWMI-Parm3, msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4,msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1,msWMI-CreationDate, msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:e2bc80f1-244a-4d59-acc6-ca5c4f82e6e1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-PolicyTemplate,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-PolicyType +ldapDisplayName: msWMI-PolicyType +governsId: 1.2.840.113556.1.5.211 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetObject, msWMI-ID +systemMayContain: msWMI-SourceOrganization, msWMI-Parm4,msWMI-Parm3, msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4,msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1,msWMI-CreationDate, msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:595b2613-4109-4e77-9013-a3bb4ef277c7 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-PolicyType,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-RangeParam +ldapDisplayName: msWMI-RangeParam +governsId: 1.2.840.113556.1.5.203 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetType, msWMI-TargetClass,msWMI-PropertyName +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:45fb5a57-5018-4d0f-9056-997c8c9122d9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-RangeParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-RealRangeParam +ldapDisplayName: msWMI-RealRangeParam +governsId: 1.2.840.113556.1.5.209 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-Int8Default +systemMayContain: msWMI-Int8Max, msWMI-Int8Min +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:6afe8fe2-70bc-4cce-b166-a96f7359c514 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-RealRangeParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Rule +ldapDisplayName: msWMI-Rule +governsId: 1.2.840.113556.1.5.214 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-QueryLanguage, msWMI-TargetNameSpace,msWMI-Query +systemPossSuperiors: msWMI-Som, container +schemaIdGuid:3c7e6f83-dd0e-481b-a0c2-74cd96ef2a66 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-Rule,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ShadowObject +ldapDisplayName: msWMI-ShadowObject +governsId: 1.2.840.113556.1.5.212 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetObject +systemPossSuperiors: msWMI-PolicyType +schemaIdGuid:f1e44bdf-8dd3-4235-9c86-f91f31f5b569 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-ShadowObject,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-SimplePolicyTemplate +ldapDisplayName: msWMI-SimplePolicyTemplate +governsId: 1.2.840.113556.1.5.201 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-PolicyTemplate +systemMustContain: msWMI-TargetObject +systemPossSuperiors: container +schemaIdGuid:6cc8b2b5-12df-44f6-8307-e74f5cdee369 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-SimplePolicyTemplate,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Som +ldapDisplayName: msWMI-Som +governsId: 1.2.840.113556.1.5.213 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-Name, msWMI-ID +systemMayContain: msWMI-SourceOrganization, msWMI-Parm4, msWMI-Parm3,msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4, msWMI-intFlags3,msWMI-intFlags2, msWMI-intFlags1, msWMI-CreationDate,msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:ab857078-0142-4406-945b-34c9b6b13372 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-Som,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Category-Registration +ldapDisplayName: categoryRegistration +governsId: 1.2.840.113556.1.5.74 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: managedBy, localizedDescription, localeID,categoryId +systemPossSuperiors: classStore +schemaIdGuid:7d6c0e9d-7e20-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Category-Registration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-StringSetParam +ldapDisplayName: msWMI-StringSetParam +governsId: 1.2.840.113556.1.5.210 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-StringDefault +systemMayContain: msWMI-StringValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:0bc579a2-1da7-4cea-b699-807f3b9d63a4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-StringSetParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UintRangeParam +ldapDisplayName: msWMI-UintRangeParam +governsId: 1.2.840.113556.1.5.207 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntMax, msWMI-IntMin +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:d9a799b2-cef3-48b3-b5ad-fb85f8dd3214 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UintRangeParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UintSetParam +ldapDisplayName: msWMI-UintSetParam +governsId: 1.2.840.113556.1.5.208 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:8f4beb31-4e19-46f5-932e-5fa03c339b1d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UintSetParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UnknownRangeParam +ldapDisplayName: msWMI-UnknownRangeParam +governsId: 1.2.840.113556.1.5.204 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-TargetObject, msWMI-NormalizedClass +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:b82ac26b-c6db-4098-92c6-49c18a3336e1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UnknownRangeParam,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-WMIGPO +ldapDisplayName: msWMI-WMIGPO +governsId: 1.2.840.113556.1.5.215 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetClass +systemMayContain: msWMI-Parm4, msWMI-Parm3, msWMI-Parm2, msWMI-Parm1,msWMI-intFlags4, msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1 +systemPossSuperiors: container +schemaIdGuid:05630000-3927-4ede-bf27-ca91f275c26f +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-WMIGPO,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NisMap +ldapDisplayName: nisMap +governsId: 1.3.6.1.1.1.2.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, nisMapName +mayContain: description +possSuperiors: domainDNS, container, organizationalUnit +schemaIdGuid:7672666c-02c1-4f33-9ecf-f649c1dd9b7c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisMap,CN=Schema,CN=Configuration, + +cn: NisNetgroup +ldapDisplayName: nisNetgroup +governsId: 1.3.6.1.1.1.2.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: description, memberNisNetgroup, nisNetgroupTriple,msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30NetgroupHostAtDomain, msSFU30NetgroupUserAtDomain +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:72efbf84-6e7b-4a5c-a8db-8a75a7cad254 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisNetgroup,CN=Schema,CN=Configuration, + +cn: NisObject +ldapDisplayName: nisObject +governsId: 1.3.6.1.1.1.2.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, nisMapName, nisMapEntry +mayContain: description, msSFU30Name, msSFU30NisDomain +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:904f8a93-4954-4c5f-b1e1-53c097a31e13 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisObject,CN=Schema,CN=Configuration, + +cn: NTDS-Connection +ldapDisplayName: nTDSConnection +governsId: 1.2.840.113556.1.5.71 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMustContain: options, fromServer, enabledConnection +systemMayContain: transportType, schedule, mS-DS-ReplicatesNCReason,generatedConnection +systemPossSuperiors: nTFRSMember, nTFRSReplicaSet, nTDSDSA +schemaIdGuid:19195a60-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Connection,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-DSA +ldapDisplayName: nTDSDSA +governsId: 1.2.840.113556.1.5.7000.47 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +systemMayContain: msDS-IsUserCachableAtRodc, msDS-Sitename,msDS-isRODC, msDS-isGC, msDS-RevealedUsers,msDS-NeverRevealGroup, msDS-RevealOnDemandGroup,msDS-hasFullReplicaNCs, serverReference,msDS-RetiredReplNCSignatures, retiredReplDSASignatures,queryPolicyObject, options, networkAddress, msDS-ReplicationEpoch,msDS-HasInstantiatedNCs, msDS-hasMasterNCs, msDS-HasDomainNCs,msDS-Behavior-Version, managedBy, lastBackupRestorationTime,invocationId, hasPartialReplicaNCs, hasMasterNCs, fRSRootPath,dMDLocation +systemPossSuperiors: organization, server +schemaIdGuid:f0f8ffab-1191-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certification-Authority +ldapDisplayName: certificationAuthority +governsId: 2.5.6.16 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: cn, certificateRevocationList, cACertificate,authorityRevocationList +systemMayContain: teletexTerminalIdentifier,supportedApplicationContext, signatureAlgorithms, searchGuide,previousParentCA, previousCACertificates, pendingParentCA,pendingCACertificates, parentCACertificateChain, parentCA,enrollmentProviders, domainPolicyObject, domainID, dNSHostName,deltaRevocationList, currentParentCA, crossCertificatePair,cRLObject, certificateTemplates, cAWEBURL, cAUsages, cAConnect,cACertificateDN +systemPossSuperiors: container +schemaIdGuid:3fdfee50-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Certification-Authority,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-DSA-RO +ldapDisplayName: nTDSDSARO +governsId: 1.2.840.113556.1.5.254 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: nTDSDSA +systemPossSuperiors: server, organization +schemaIdGuid:85d16ec1-0791-4bc8-8ab3-70980602ff8c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=NTDS-DSA-RO,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-Service +ldapDisplayName: nTDSService +governsId: 1.2.840.113556.1.5.72 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: tombstoneLifetime, sPNMappings,replTopologyStayOfExecution, msDS-Other-Settings, garbageCollPeriod,dSHeuristics +systemPossSuperiors: container +schemaIdGuid:19195a5f-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-Site-Settings +ldapDisplayName: nTDSSiteSettings +governsId: 1.2.840.113556.1.5.69 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSiteSettings +systemMayContain: schedule, queryPolicyObject, options,msDS-Preferred-GC-Site, managedBy, interSiteTopologyRenew,interSiteTopologyGenerator, interSiteTopologyFailover +systemPossSuperiors: site +schemaIdGuid:19195a5d-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Site-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Member +ldapDisplayName: nTFRSMember +governsId: 1.2.840.113556.1.5.153 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: serverReference, fRSUpdateTimeout,fRSServiceCommand, fRSRootSecurity, fRSPartnerAuthLevel, fRSFlags,fRSExtensions, fRSControlOutboundBacklog, fRSControlInboundBacklog,fRSControlDataCreation, frsComputerReference +systemPossSuperiors: nTFRSReplicaSet +schemaIdGuid:2a132586-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Member,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Replica-Set +ldapDisplayName: nTFRSReplicaSet +governsId: 1.2.840.113556.1.5.102 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: schedule, msFRS-Topology-Pref, msFRS-Hub-Member,managedBy, fRSVersionGUID, fRSServiceCommand, fRSRootSecurity,fRSReplicaSetType, fRSReplicaSetGUID, fRSPrimaryMember,fRSPartnerAuthLevel, fRSLevelLimit, fRSFlags, fRSFileFilter,fRSExtensions, fRSDSPoll, fRSDirectoryFilter +systemPossSuperiors: nTFRSSettings +schemaIdGuid:5245803a-ca6a-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Replica-Set,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Settings +ldapDisplayName: nTFRSSettings +governsId: 1.2.840.113556.1.5.89 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +systemMayContain: managedBy, fRSExtensions +systemPossSuperiors: nTFRSSettings, container, organizationalUnit,organization +schemaIdGuid:f780acc2-56f0-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Subscriber +ldapDisplayName: nTFRSSubscriber +governsId: 1.2.840.113556.1.5.155 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: fRSStagingPath, fRSRootPath +systemMayContain: schedule, fRSUpdateTimeout,fRSTimeLastConfigChange, fRSTimeLastCommand,fRSServiceCommandStatus, fRSServiceCommand, fRSMemberReference,fRSFlags, fRSFaultCondition, fRSExtensions +systemPossSuperiors: nTFRSSubscriptions +schemaIdGuid:2a132588-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Subscriber,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Subscriptions +ldapDisplayName: nTFRSSubscriptions +governsId: 1.2.840.113556.1.5.154 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: fRSWorkingPath, fRSVersion, fRSExtensions +systemPossSuperiors: user, computer, nTFRSSubscriptions +schemaIdGuid:2a132587-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Subscriptions,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OncRpc +ldapDisplayName: oncRpc +governsId: 1.3.6.1.1.1.2.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, oncRpcNumber +mayContain: description, msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:cadd1e5e-fefc-4f3f-b5a9-70e994204303 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=OncRpc,CN=Schema,CN=Configuration, + +cn: Organization +ldapDisplayName: organization +governsId: 2.5.6.4 +objectClassCategory: 1 +rdnAttId: o +subClassOf: top +systemMustContain: o +systemMayContain: x121Address, userPassword, telexNumber,teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso,searchGuide, registeredAddress, preferredDeliveryMethod, postalCode,postalAddress, postOfficeBox, physicalDeliveryOfficeName, l,internationalISDNNumber, facsimileTelephoneNumber,destinationIndicator, businessCategory +systemPossSuperiors: locality, country, domainDNS +schemaIdGuid:bf967aa3-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Organization,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Registration +ldapDisplayName: classRegistration +governsId: 1.2.840.113556.1.5.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: requiredCategories, managedBy,implementedCategories, cOMTreatAsClassId, cOMProgID,cOMOtherProgId, cOMInterfaceID, cOMCLSID +systemPossSuperiors: classStore +schemaIdGuid:bf967a82-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Registration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Person +ldapDisplayName: organizationalPerson +governsId: 2.5.6.7 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: person +mayContain: msDS-HABSeniorityIndex, msDS-PhoneticDisplayName,msDS-PhoneticCompanyName, msDS-PhoneticDepartment,msDS-PhoneticLastName, msDS-PhoneticFirstName, houseIdentifier,msExchHouseIdentifier, homePostalAddress +systemMayContain: x121Address, comment, title, co,primaryTelexNumber, telexNumber, teletexTerminalIdentifier, street,st, registeredAddress, preferredDeliveryMethod, postalCode,postalAddress, postOfficeBox, thumbnailPhoto,physicalDeliveryOfficeName, pager, otherPager, otherTelephone,mobile, otherMobile, primaryInternationalISDNNumber, ipPhone,otherIpPhone, otherHomePhone, homePhone,otherFacsimileTelephoneNumber, personalTitle, middleName,otherMailbox, ou, o, mhsORAddress, msDS-AllowedToDelegateTo,manager, thumbnailLogo, l, internationalISDNNumber, initials,givenName, generationQualifier, facsimileTelephoneNumber,employeeID, mail, division, destinationIndicator, department, c,countryCode, company, assistant, streetAddress +systemPossSuperiors: organizationalUnit, organization, container +schemaIdGuid:bf967aa4-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Role +ldapDisplayName: organizationalRole +governsId: 2.5.6.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: x121Address, telexNumber,teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso,roleOccupant, registeredAddress, preferredDeliveryMethod,postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, ou, l, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator +systemPossSuperiors: organizationalUnit, organization, container +schemaIdGuid:a8df74bf-c5ea-11d1-bbcb-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Organizational-Role,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Unit +ldapDisplayName: organizationalUnit +governsId: 2.5.6.5 +objectClassCategory: 1 +rdnAttId: ou +subClassOf: top +systemMustContain: ou +systemMayContain: x121Address, userPassword, uPNSuffixes, co,telexNumber, teletexTerminalIdentifier, telephoneNumber, street, st,seeAlso, searchGuide, registeredAddress, preferredDeliveryMethod,postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, msCOM-UserPartitionSetLink, managedBy,thumbnailLogo, l, internationalISDNNumber, gPOptions, gPLink,facsimileTelephoneNumber, destinationIndicator, desktopProfile,defaultGroup, countryCode, c, businessCategory +systemPossSuperiors: country, organization, organizationalUnit,domainDNS +schemaIdGuid:bf967aa5-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(OA;;CCDC;bf967a86-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aba-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967a9c-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED)(OA;;CCDC;4828CC14-1437-45bc-9B07-AD6F015E5F28;;AO) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Registration +ldapDisplayName: packageRegistration +governsId: 1.2.840.113556.1.5.49 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: versionNumberLo, versionNumberHi, vendor,upgradeProductCode, setupCommand, productCode, packageType,packageName, packageFlags, msiScriptSize, msiScriptPath,msiScriptName, msiScript, msiFileList, managedBy,machineArchitecture, localeID, lastUpdateSequence, installUiLevel,iconPath, fileExtPriority, cOMTypelibId, cOMProgID, cOMInterfaceID,cOMClassID, categories, canUpgradeScript +systemPossSuperiors: classStore +schemaIdGuid:bf967aa6-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Package-Registration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Person +ldapDisplayName: person +governsId: 2.5.6.6 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: attributeCertificateAttribute +systemMayContain: userPassword, telephoneNumber, sn, serialNumber,seeAlso +systemPossSuperiors: organizationalUnit, container +schemaIdGuid:bf967aa7-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Physical-Location +ldapDisplayName: physicalLocation +governsId: 1.2.840.113556.1.5.97 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: locality +systemMayContain: managedBy +systemPossSuperiors: physicalLocation, configuration +schemaIdGuid:b7b13122-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Physical-Location,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Certificate-Template +ldapDisplayName: pKICertificateTemplate +governsId: 1.2.840.113556.1.5.177 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: pKIOverlapPeriod, pKIMaxIssuingDepth, pKIKeyUsage,pKIExtendedKeyUsage, pKIExpirationPeriod, pKIEnrollmentAccess,pKIDefaultCSPs, pKIDefaultKeySpec, pKICriticalExtensions,msPKI-RA-Signature, msPKI-RA-Policies,msPKI-RA-Application-Policies, msPKI-Template-Schema-Version,msPKI-Template-Minor-Revision, msPKI-Supersede-Templates,msPKI-Private-Key-Flag, msPKI-Minimal-Key-Size,msPKI-Enrollment-Flag, msPKI-Certificate-Policy,msPKI-Certificate-Name-Flag, msPKI-Certificate-Application-Policy,msPKI-Cert-Template-OID, flags, displayName +systemPossSuperiors: container +schemaIdGuid:e5209ca2-3bba-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PKI-Certificate-Template,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Enrollment-Service +ldapDisplayName: pKIEnrollmentService +governsId: 1.2.840.113556.1.5.178 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: signatureAlgorithms, enrollmentProviders,dNSHostName, certificateTemplates, cACertificateDN, cACertificate +systemPossSuperiors: container +schemaIdGuid:ee4aa692-3bba-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PKI-Enrollment-Service,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PosixAccount +ldapDisplayName: posixAccount +governsId: 1.3.6.1.1.1.2.0 +objectClassCategory: 3 +rdnAttId: uid +subClassOf: top +mayContain: uid, cn, uidNumber, gidNumber, unixHomeDirectory,homeDirectory, userPassword, unixUserPassword, loginShell, gecos,description +schemaIdGuid:ad44bb41-67d5-4d88-b575-7b20674e76d8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PosixAccount,CN=Schema,CN=Configuration, + +cn: PosixGroup +ldapDisplayName: posixGroup +governsId: 1.3.6.1.1.1.2.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, userPassword, unixUserPassword, description,gidNumber, memberUid +schemaIdGuid:2a9350b8-062c-4ed0-9903-dde10d06deba +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PosixGroup,CN=Schema,CN=Configuration, + +cn: Class-Schema +ldapDisplayName: classSchema +governsId: 1.2.840.113556.1.3.13 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: subClassOf, schemaIDGUID, objectClassCategory,governsID, defaultObjectCategory, cn +systemMayContain: systemPossSuperiors, systemOnly, systemMustContain,systemMayContain, systemAuxiliaryClass, schemaFlagsEx, rDNAttID,possSuperiors, mustContain, msDs-Schema-Extensions, msDS-IntId,mayContain, lDAPDisplayName, isDefunct, defaultSecurityDescriptor,defaultHidingValue, classDisplayName, auxiliaryClass +systemPossSuperiors: dMD +schemaIdGuid:bf967a83-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Schema,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Queue +ldapDisplayName: printQueue +governsId: 1.2.840.113556.1.5.23 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: versionNumber, uNCName, shortServerName,serverName, printerName +systemMayContain: priority, printStatus, printStartTime,printStaplingSupported, printSpooling, printShareName,printSeparatorFile, printRateUnit, printRate, printPagesPerMinute,printOwner, printOrientationsSupported, printNumberUp, printNotify,printNetworkAddress, printMinYExtent, printMinXExtent, printMemory,printMediaSupported, printMediaReady, printMaxYExtent,printMaxXExtent, printMaxResolutionSupported, printMaxCopies,printMACAddress, printLanguage, printKeepPrintedJobs, printFormName,printEndTime, printDuplexSupported, printColor, printCollate,printBinNames, printAttributes, portName, physicalLocationObject,operatingSystemVersion, operatingSystemServicePack,operatingSystemHotfix, operatingSystem, location, driverVersion,driverName, defaultPriority, bytesPerMinute, assetNumber +systemPossSuperiors: organizationalUnit, domainDNS, container,computer +schemaIdGuid:bf967aa8-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;PO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Print-Queue,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Policy +ldapDisplayName: queryPolicy +governsId: 1.2.840.113556.1.5.106 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: lDAPIPDenyList, lDAPAdminLimits +systemPossSuperiors: container +schemaIdGuid:83cc7075-cca7-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Query-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Mail-Recipient +ldapDisplayName: remoteMailRecipient +governsId: 1.2.840.113556.1.5.24 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: mailRecipient +systemMayContain: remoteSourceType, remoteSource, managedBy +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:bf967aa9-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Remote-Mail-Recipient,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Storage-Service-Point +ldapDisplayName: remoteStorageServicePoint +governsId: 1.2.840.113556.1.5.146 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: remoteStorageGUID +systemPossSuperiors: computer +schemaIdGuid:2a39c5bd-8960-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Remote-Storage-Service-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Residential-Person +ldapDisplayName: residentialPerson +governsId: 2.5.6.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: person +systemMayContain: x121Address, title, telexNumber,teletexTerminalIdentifier, street, st, registeredAddress,preferredDeliveryMethod, postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, ou, l, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator, businessCategory +systemPossSuperiors: locality, container +schemaIdGuid:a8df74d6-c5ea-11d1-bbcb-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Residential-Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rFC822LocalPart +ldapDisplayName: rFC822LocalPart +governsId: 0.9.2342.19200300.100.4.14 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: domain +mayContain: x121Address, telexNumber, teletexTerminalIdentifier,telephoneNumber, street, sn, seeAlso, registeredAddress,preferredDeliveryMethod, postOfficeBox, postalCode, postalAddress,physicalDeliveryOfficeName, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator, description, cn +possSuperiors: organizationalUnit, container +schemaIdGuid:b93e3a78-cbae-485e-a07b-5ef4ae505686 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rFC822LocalPart,CN=Schema,CN=Configuration, + +cn: RID-Manager +ldapDisplayName: rIDManager +governsId: 1.2.840.113556.1.5.83 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: rIDAvailablePool +systemPossSuperiors: container +schemaIdGuid:6617188d-8f3c-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)S:(AU;SA;CRWP;;;WD) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=RID-Manager,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RID-Set +ldapDisplayName: rIDSet +governsId: 1.2.840.113556.1.5.129 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: rIDUsedPool, rIDPreviousAllocationPool,rIDNextRID, rIDAllocationPool +systemPossSuperiors: user, container, computer +schemaIdGuid:7bfdcb89-4807-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=RID-Set,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: room +ldapDisplayName: room +governsId: 0.9.2342.19200300.100.4.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: location, telephoneNumber, seeAlso, description,roomNumber +possSuperiors: organizationalUnit, container +schemaIdGuid:7860e5d2-c8b0-4cbb-bd45-d9455beb9206 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=room,CN=Schema,CN=Configuration, + +cn: Rpc-Container +ldapDisplayName: rpcContainer +governsId: 1.2.840.113556.1.5.136 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: nameServiceFlags +systemPossSuperiors: container +schemaIdGuid:80212842-4bdc-11d1-a9c4-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Rpc-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Store +ldapDisplayName: classStore +governsId: 1.2.840.113556.1.5.44 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: versionNumber, nextLevelStore, lastUpdateSequence,appSchemaVersion +systemPossSuperiors: domainPolicy, computer, group, user, classStore,organizationalUnit, domainDNS, container +schemaIdGuid:bf967a84-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Store,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Entry +ldapDisplayName: rpcEntry +governsId: 1.2.840.113556.1.5.27 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: connectionPoint +systemPossSuperiors: container +schemaIdGuid:bf967aac-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Entry,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Group +ldapDisplayName: rpcGroup +governsId: 1.2.840.113556.1.5.80 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMayContain: rpcNsObjectID, rpcNsGroup +systemPossSuperiors: container +schemaIdGuid:88611bdf-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Group,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Profile +ldapDisplayName: rpcProfile +governsId: 1.2.840.113556.1.5.82 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemPossSuperiors: container +schemaIdGuid:88611be1-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Profile,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Profile-Element +ldapDisplayName: rpcProfileElement +governsId: 1.2.840.113556.1.5.26 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMustContain: rpcNsPriority, rpcNsInterfaceID +systemMayContain: rpcNsProfileEntry, rpcNsAnnotation +systemPossSuperiors: rpcProfile +schemaIdGuid:f29653cf-7ad0-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Profile-Element,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Server +ldapDisplayName: rpcServer +governsId: 1.2.840.113556.1.5.81 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMayContain: rpcNsObjectID, rpcNsEntryFlags, rpcNsCodeset +systemPossSuperiors: container +schemaIdGuid:88611be0-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Server,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Server-Element +ldapDisplayName: rpcServerElement +governsId: 1.2.840.113556.1.5.73 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMustContain: rpcNsTransferSyntax, rpcNsInterfaceID,rpcNsBindings +systemPossSuperiors: rpcServer +schemaIdGuid:f29653d0-7ad0-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Server-Element,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RRAS-Administration-Connection-Point +ldapDisplayName: rRASAdministrationConnectionPoint +governsId: 1.2.840.113556.1.5.150 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: msRRASAttribute +systemPossSuperiors: computer +schemaIdGuid:2a39c5be-8960-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=RRAS-Administration-Connection-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RRAS-Administration-Dictionary +ldapDisplayName: rRASAdministrationDictionary +governsId: 1.2.840.113556.1.5.156 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msRRASVendorAttributeEntry +systemPossSuperiors: container +schemaIdGuid:f39b98ae-938d-11d1-aebd-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=RRAS-Administration-Dictionary,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Domain +ldapDisplayName: samDomain +governsId: 1.2.840.113556.1.5.3 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: samDomainBase +systemMayContain: treeName, rIDManagerReference, replicaSource,pwdProperties, pwdHistoryLength, privateKey, pekList,pekKeyChangeInterval, nTMixedDomain, nextRid, nETBIOSName,msDS-PerUserTrustTombstonesQuota, msDS-PerUserTrustQuota,ms-DS-MachineAccountQuota, msDS-LogonTimeSyncInterval,msDS-AllUsersTrustQuota, modifiedCountAtLastProm, minPwdLength,minPwdAge, maxPwdAge, lSAModifiedCount, lSACreationTime,lockoutThreshold, lockoutDuration, lockOutObservationWindow,gPOptions, gPLink, eFSPolicy, domainPolicyObject, desktopProfile,description, defaultLocalPolicyObject, creationTime,controlAccessRights, cACertificate, builtinModifiedCount,builtinCreationTime, auditingPolicy +schemaIdGuid:bf967a90-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;CIIO;CRRPWP;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;RO)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Domain,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Domain-Base +ldapDisplayName: samDomainBase +governsId: 1.2.840.113556.1.5.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMayContain: uASCompat, serverState, serverRole, revision,pwdProperties, pwdHistoryLength, oEMInformation, objectSid,nTSecurityDescriptor, nextRid, modifiedCountAtLastProm,modifiedCount, minPwdLength, minPwdAge, maxPwdAge, lockoutThreshold,lockoutDuration, lockOutObservationWindow, forceLogoff,domainReplica, creationTime +schemaIdGuid:bf967a91-0de6-11d0-a285-00aa003049e2 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Domain-Base,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Policy +ldapDisplayName: aCSPolicy +governsId: 1.2.840.113556.1.5.137 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSTotalNoOfFlows, aCSTimeOfDay, aCSServiceType,aCSPriority, aCSPermissionBits, aCSMinimumDelayVariation,aCSMinimumLatency, aCSMaximumSDUSize, aCSMinimumPolicedSize,aCSMaxTokenRatePerFlow, aCSMaxTokenBucketPerFlow,aCSMaxPeakBandwidthPerFlow, aCSMaxDurationPerFlow,aCSMaxAggregatePeakRatePerUser, aCSIdentityName, aCSDirection,aCSAggregateTokenRatePerUser +systemPossSuperiors: container +schemaIdGuid:7f561288-5301-11d1-a9c5-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Com-Connection-Point +ldapDisplayName: comConnectionPoint +governsId: 1.2.840.113556.1.5.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: cn +systemMayContain: monikerDisplayName, moniker, marshalledInterface +systemPossSuperiors: container +schemaIdGuid:bf967a85-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Com-Connection-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Server +ldapDisplayName: samServer +governsId: 1.2.840.113556.1.5.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: securityObject +systemMayContain: samDomainUpdates +systemPossSuperiors: domainDNS +schemaIdGuid:bf967aad-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPLCLORC;;;RU)(OA;;CR;91d67418-0135-4acc-8d79-c08e857cfbec;;AU)(OA;;CR;91d67418-0135-4acc-8d79-c08e857cfbec;;RU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Server,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Secret +ldapDisplayName: secret +governsId: 1.2.840.113556.1.5.28 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: priorValue, priorSetTime, lastSetTime, currentValue +systemPossSuperiors: container +schemaIdGuid:bf967aae-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Secret,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Security-Object +ldapDisplayName: securityObject +governsId: 1.2.840.113556.1.5.1 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemPossSuperiors: container +schemaIdGuid:bf967aaf-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Security-Object,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Security-Principal +ldapDisplayName: securityPrincipal +governsId: 1.2.840.113556.1.5.6 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMustContain: sAMAccountName, objectSid +systemMayContain: supplementalCredentials, sIDHistory,securityIdentifier, sAMAccountType, rid, tokenGroupsNoGCAcceptable,tokenGroupsGlobalAndUniversal, tokenGroups, nTSecurityDescriptor,msDS-KeyVersionNumber, altSecurityIdentities, accountNameHistory +schemaIdGuid:bf967ab0-0de6-11d0-a285-00aa003049e2 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Security-Principal,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server +ldapDisplayName: server +governsId: 1.2.840.113556.1.5.17 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-IsUserCachableAtRodc, msDS-SiteName,msDS-isRODC, msDS-isGC, mailAddress, serverReference, serialNumber,managedBy, dNSHostName, bridgeheadTransportList +systemPossSuperiors: serversContainer +schemaIdGuid:bf967a92-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Server,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Servers-Container +ldapDisplayName: serversContainer +governsId: 1.2.840.113556.1.5.7000.48 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: site +schemaIdGuid:f780acc0-56f0-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;CC;;;BA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Servers-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Administration-Point +ldapDisplayName: serviceAdministrationPoint +governsId: 1.2.840.113556.1.5.94 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemPossSuperiors: computer +schemaIdGuid:b7b13123-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Administration-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class +ldapDisplayName: serviceClass +governsId: 1.2.840.113556.1.5.29 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMustContain: serviceClassID, displayName +systemMayContain: serviceClassInfo +systemPossSuperiors: container +schemaIdGuid:bf967ab1-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Class,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Connection-Point +ldapDisplayName: serviceConnectionPoint +governsId: 1.2.840.113556.1.5.126 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMayContain: versionNumberLo, versionNumberHi, versionNumber,vendor, serviceDNSNameType, serviceDNSName, serviceClassName,serviceBindingInformation, appSchemaVersion +systemPossSuperiors: organizationalUnit, container, computer +schemaIdGuid:28630ec1-41d5-11d1-a9c1-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Connection-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Instance +ldapDisplayName: serviceInstance +governsId: 1.2.840.113556.1.5.30 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: serviceClassID, displayName +systemMayContain: winsockAddresses, serviceInstanceVersion +systemPossSuperiors: container +schemaIdGuid:bf967ab2-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Instance,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Computer +ldapDisplayName: computer +governsId: 1.2.840.113556.1.3.30 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +auxiliaryClass: ipHost +mayContain: msSFU30Aliases, msSFU30NisDomain, nisMapName,msSFU30Name +systemMayContain: msDS-IsUserCachableAtRodc, msTSProperty02,msTSProperty01, msTPM-OwnerInformation, msDS-RevealOnDemandGroup,msDS-NeverRevealGroup, msDS-PromotionSettings, msDS-SiteName,msDS-isRODC, msDS-isGC, msDS-AuthenticatedAtDC, msDS-RevealedList,msDS-RevealedUsers, msDS-ExecuteScriptPassword, msDS-KrbTgtLink,volumeCount, siteGUID, rIDSetReferences, policyReplicationFlags,physicalLocationObject, operatingSystemVersion,operatingSystemServicePack, operatingSystemHotfix, operatingSystem,networkAddress, netbootSIFFile, netbootMirrorDataFile,netbootMachineFilePath, netbootInitialization, netbootGUID,msDS-AdditionalSamAccountName, msDS-AdditionalDnsHostName,managedBy, machineRole, location, localPolicyFlags, dNSHostName,defaultLocalPolicyObject, cn, catalogs +systemPossSuperiors: container, organizationalUnit, domainDNS +schemaIdGuid:bf967a86-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(A;;CCDC;;;PS)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Computer,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ShadowAccount +ldapDisplayName: shadowAccount +governsId: 1.3.6.1.1.1.2.1 +objectClassCategory: 3 +rdnAttId: uid +subClassOf: top +mayContain: uid, userPassword, description, shadowLastChange,shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire,shadowFlag +schemaIdGuid:5b6d8467-1a18-4174-b350-9cc6e7b4ac8d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ShadowAccount,CN=Schema,CN=Configuration, + +cn: simpleSecurityObject +ldapDisplayName: simpleSecurityObject +governsId: 0.9.2342.19200300.100.4.19 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: userPassword +schemaIdGuid:5fe69b0b-e146-4f15-b0ab-c1e5d488e094 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=simpleSecurityObject,CN=Schema,CN=Configuration, + +cn: Site +ldapDisplayName: site +governsId: 1.2.840.113556.1.5.31 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, mSMQSiteID, mSMQSiteForeign,mSMQNt4Stub, mSMQInterval2, mSMQInterval1, managedBy, location,gPOptions, gPLink, msDS-BridgeHeadServersUsed +systemPossSuperiors: sitesContainer +schemaIdGuid:bf967ab3-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Site,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link +ldapDisplayName: siteLink +governsId: 1.2.840.113556.1.5.147 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: siteList +systemMayContain: schedule, replInterval, options, cost +systemPossSuperiors: interSiteTransport +schemaIdGuid:d50c2cde-8951-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Site-Link,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link-Bridge +ldapDisplayName: siteLinkBridge +governsId: 1.2.840.113556.1.5.148 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: siteLinkList +systemPossSuperiors: interSiteTransport +schemaIdGuid:d50c2cdf-8951-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Site-Link-Bridge,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sites-Container +ldapDisplayName: sitesContainer +governsId: 1.2.840.113556.1.5.107 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: configuration +schemaIdGuid:7a4117da-cd67-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sites-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Storage +ldapDisplayName: storage +governsId: 1.2.840.113556.1.5.33 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMayContain: monikerDisplayName, moniker, iconPath +systemPossSuperiors: container +schemaIdGuid:bf967ab5-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Storage,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Subnet +ldapDisplayName: subnet +governsId: 1.2.840.113556.1.5.96 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: siteObject, physicalLocationObject, location +systemPossSuperiors: subnetContainer +schemaIdGuid:b7b13124-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Subnet,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Subnet-Container +ldapDisplayName: subnetContainer +governsId: 1.2.840.113556.1.5.95 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: sitesContainer +schemaIdGuid:b7b13125-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Subnet-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SubSchema +ldapDisplayName: subSchema +governsId: 2.5.20.1 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: objectClasses, modifyTimeStamp, extendedClassInfo,extendedAttributeInfo, dITContentRules, attributeTypes +systemPossSuperiors: dMD +schemaIdGuid:5a8b3261-c38d-11d1-bbc9-0080c76670c0 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=SubSchema,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Configuration +ldapDisplayName: configuration +governsId: 1.2.840.113556.1.5.12 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: gPOptions, gPLink +systemPossSuperiors: domainDNS +schemaIdGuid:bf967a87-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Configuration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Top +ldapDisplayName: top +governsId: 2.5.6.0 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMustContain: objectClass, objectCategory, nTSecurityDescriptor,instanceType +mayContain: msSFU30PosixMemberOf, msDFSR-ComputerReferenceBL,msDFSR-MemberReferenceBL, msDS-ObjectReferenceBL +systemMayContain: msDS-NcType, msDS-PSOApplied, msDS-PrincipalName,msDS-RevealedListBL, msDS-AuthenticatedToAccountlist,msDS-IsPartialReplicaFor, msDS-IsDomainFor, msDS-IsFullReplicaFor,msDS-RevealedDSAs, msDS-KrbTgtLinkBl, url, wWWHomePage, whenCreated,whenChanged, wellKnownObjects, wbemPath, uSNSource, uSNLastObjRem,USNIntersite, uSNDSALastObjRemoved, uSNCreated, uSNChanged,systemFlags, subSchemaSubEntry, subRefs, structuralObjectClass,siteObjectBL, serverReferenceBL, sDRightsEffective, revision,repsTo, repsFrom, directReports, replUpToDateVector,replPropertyMetaData, name, queryPolicyBL, proxyAddresses,proxiedObjectName, possibleInferiors, partialAttributeSet,partialAttributeDeletionList, otherWellKnownObjects, objectVersion,objectGUID, distinguishedName, nonSecurityMemberBL, netbootSCPBL,ownerBL, msDS-ReplValueMetaData, msDS-ReplAttributeMetaData,msDS-NonMembersBL, msDS-NCReplOutboundNeighbors,msDS-NCReplInboundNeighbors, msDS-NCReplCursors,msDS-TasksForAzRoleBL, msDS-TasksForAzTaskBL,msDS-OperationsForAzRoleBL, msDS-OperationsForAzTaskBL,msDS-MembersForAzRoleBL, msDs-masteredBy, mS-DS-ConsistencyGuid,mS-DS-ConsistencyChildCount, msDS-Approx-Immed-Subordinates,msCOM-PartitionSetLink, msCOM-UserLink, modifyTimeStamp, masteredBy,managedObjects, lastKnownParent, isPrivilegeHolder, memberOf,isDeleted, isCriticalSystemObject, showInAdvancedViewOnly,fSMORoleOwner, fRSMemberReferenceBL, frsComputerReferenceBL,fromEntry, flags, extensionName, dSASignature,dSCorePropagationData, displayNamePrintable, displayName,description, createTimeStamp, cn, canonicalName,bridgeheadServerListBL, allowedChildClassesEffective,allowedChildClasses, allowedAttributesEffective, allowedAttributes,adminDisplayName, adminDescription, msDS-NC-RO-Replica-Locations-BL +systemPossSuperiors: lostAndFound +schemaIdGuid:bf967ab7-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Top,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Trusted-Domain +ldapDisplayName: trustedDomain +governsId: 1.2.840.113556.1.5.34 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: msDS-SupportedEncryptionTypes, trustType,trustPosixOffset, trustPartner, trustDirection, trustAuthOutgoing,trustAuthIncoming, trustAttributes, securityIdentifier,msDS-TrustForestTrustInfo, mS-DS-CreatorSID, initialAuthOutgoing,initialAuthIncoming, flatName, domainIdentifier, domainCrossRef,additionalTrustedServiceNames +systemPossSuperiors: container +schemaIdGuid:bf967ab8-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;WP;736e4812-af31-11d2-b7df-00805f48caeb;bf967ab8-0de6-11d0-a285-00aa003049e2;CO)(A;;SD;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Trusted-Domain,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Type-Library +ldapDisplayName: typeLibrary +governsId: 1.2.840.113556.1.5.53 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: cOMUniqueLIBID, cOMInterfaceID, cOMClassID +systemPossSuperiors: classStore +schemaIdGuid:281416e2-1968-11d0-a28f-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Type-Library,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User +ldapDisplayName: user +governsId: 1.2.840.113556.1.5.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: organizationalPerson +auxiliaryClass: shadowAccount, posixAccount +systemAuxiliaryClass: securityPrincipal, mailRecipient +mayContain: msSFU30NisDomain, msSFU30Name, msDS-SourceObjectDN,x500uniqueIdentifier, userSMIMECertificate, userPKCS12, uid,secretary, roomNumber, preferredLanguage, photo, labeledURI,jpegPhoto, homePostalAddress, givenName, employeeType,employeeNumber, displayName, departmentNumber, carLicense, audio +systemMayContain: msDS-ResultantPSO, MSTSLSProperty01,MSTSLSProperty02, msTSManagingLS2, msTSManagingLS3, msTSManagingLS4,msTSLicenseVersion2, msTSLicenseVersion3, msTSLicenseVersion4,msTSExpireDate2, msTSExpireDate3, msTSExpireDate4,msDS-AuthenticatedAtDC, msDS-UserPasswordExpiryTimeComputed,msTSManagingLS, msTSLicenseVersion, msTSExpireDate, msTSProperty02,msTSProperty01, msTSInitialProgram, msTSWorkDirectory,msTSDefaultToMainPrinter, msTSConnectPrinterDrives,msTSConnectClientDrives, msTSBrokenConnectionAction,msTSReconnectionAction, msTSMaxIdleTime, msTSMaxConnectionTime,msTSMaxDisconnectionTime, msTSRemoteControl, msTSAllowLogon,msTSHomeDrive, msTSHomeDirectory, msTSProfilePath,msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon,msDS-FailedInteractiveLogonCount,msDS-LastFailedInteractiveLogonTime,msDS-LastSuccessfulInteractiveLogonTime,msRADIUS-SavedFramedIpv6Route, msRADIUS-FramedIpv6Route,msRADIUS-SavedFramedIpv6Prefix, msRADIUS-FramedIpv6Prefix,msRADIUS-SavedFramedInterfaceId, msRADIUS-FramedInterfaceId,msPKIAccountCredentials, msPKIDPAPIMasterKeys,msPKIRoamingTimeStamp, msDS-SupportedEncryptionTypes,msDS-SecondaryKrbTgtNumber, pager, o, mobile, manager, mail,initials, homePhone, businessCategory, userCertificate,userWorkstations, userSharedFolderOther, userSharedFolder,userPrincipalName, userParameters, userAccountControl, unicodePwd,terminalServer, servicePrincipalName, scriptPath, pwdLastSet,profilePath, primaryGroupID, preferredOU, otherLoginWorkstations,operatorCount, ntPwdHistory, networkAddress, msRASSavedFramedRoute,msRASSavedFramedIPAddress, msRASSavedCallbackNumber,msRADIUSServiceType, msRADIUSFramedRoute, msRADIUSFramedIPAddress,msRADIUSCallbackNumber, msNPSavedCallingStationID,msNPCallingStationID, msNPAllowDialin, mSMQSignCertificatesMig,mSMQSignCertificates, mSMQDigestsMig, mSMQDigests, msIIS-FTPRoot,msIIS-FTPDir, msDS-User-Account-Control-Computed,msDS-Site-Affinity, mS-DS-CreatorSID,msDS-Cached-Membership-Time-Stamp, msDS-Cached-Membership,msDRM-IdentityCertificate, msCOM-UserPartitionSetLink, maxStorage,logonWorkstation, logonHours, logonCount, lockoutTime, localeID,lmPwdHistory, lastLogonTimestamp, lastLogon, lastLogoff, homeDrive,homeDirectory, groupsToIgnore, groupPriority, groupMembershipSAM,dynamicLDAPServer, desktopProfile, defaultClassStore, dBCSPwd,controlAccessRights, codePage, badPwdCount, badPasswordTime,adminCount, aCSPolicyName, accountExpires +schemaIdGuid:bf967aba-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561) +systemPossSuperiors: builtinDomain, organizationalUnit, domainDNS +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Volume +ldapDisplayName: volume +governsId: 1.2.840.113556.1.5.36 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: uNCName +systemMayContain: lastContentIndexed, contentIndexingAllowed +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:bf967abb-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Volume,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Connection-Point +ldapDisplayName: connectionPoint +governsId: 1.2.840.113556.1.5.14 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: leaf +systemMustContain: cn +systemMayContain: msDS-Settings, managedBy, keywords +systemPossSuperiors: container, computer +schemaIdGuid:5cb41ecf-0e4c-11d0-a286-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Connection-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Contact +ldapDisplayName: contact +governsId: 1.2.840.113556.1.5.15 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: organizationalPerson +systemAuxiliaryClass: mailRecipient +systemMustContain: cn +mayContain: msDS-SourceObjectDN +systemMayContain: notes +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:5cb41ed0-0e4c-11d0-a286-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Container +ldapDisplayName: container +governsId: 1.2.840.113556.1.3.23 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: msDS-ObjectReference +systemMayContain: schemaVersion, defaultClassStore +systemPossSuperiors: msDS-AzScope, msDS-AzApplication,msDS-AzAdminManager, subnet, server, nTDSService, domainDNS,organization, configuration, container, organizationalUnit +schemaIdGuid:bf967a8b-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Control-Access-Right +ldapDisplayName: controlAccessRight +governsId: 1.2.840.113556.1.5.77 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: validAccesses, rightsGuid, localizationDisplayId,appliesTo +systemPossSuperiors: container +schemaIdGuid:8297931e-86d3-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Control-Access-Right,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Country +ldapDisplayName: country +governsId: 2.5.6.2 +objectClassCategory: 0 +rdnAttId: c +subClassOf: top +systemMustContain: c +systemMayContain: co, searchGuide +systemPossSuperiors: domainDNS, organization +schemaIdGuid:bf967a8c-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Country,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Distribution-Point +ldapDisplayName: cRLDistributionPoint +governsId: 2.5.6.19 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: deltaRevocationList, cRLPartitionedRevocationList,certificateRevocationList, certificateAuthorityObject,authorityRevocationList +systemPossSuperiors: container +schemaIdGuid:167758ca-47f3-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=CRL-Distribution-Point,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Ref +ldapDisplayName: crossRef +governsId: 1.2.840.113556.1.3.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: nCName, dnsRoot, cn +systemMayContain: msDS-NC-RO-Replica-Locations, trustParent,superiorDNSRoot, rootTrust, nTMixedDomain, nETBIOSName, Enabled,msDS-SDReferenceDomain,msDS-Replication-Notify-Subsequent-DSA-Delay,msDS-Replication-Notify-First-DSA-Delay, msDS-NC-Replica-Locations,msDS-DnsRootAlias, msDS-Behavior-Version +systemPossSuperiors: crossRefContainer +schemaIdGuid:bf967a8d-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Resource-Limits +ldapDisplayName: aCSResourceLimits +governsId: 1.2.840.113556.1.5.191 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSMaxTokenRatePerFlow, aCSServiceType,aCSMaxPeakBandwidthPerFlow, aCSMaxPeakBandwidth,aCSAllocableRSVPBandwidth +systemPossSuperiors: container +schemaIdGuid:2e899b04-2834-11d3-91d4-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Resource-Limits,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Ref-Container +ldapDisplayName: crossRefContainer +governsId: 1.2.840.113556.1.5.7000.53 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-SPNSuffixes, uPNSuffixes, msDS-UpdateScript,msDS-ExecuteScriptPassword, msDS-Behavior-Version +systemPossSuperiors: configuration +schemaIdGuid:ef9e60e0-56f7-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;GA;;;SY) +defaultHidingValue: FALSE +systemOnly: TRUE +defaultObjectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Device +ldapDisplayName: device +governsId: 2.5.6.14 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +auxiliaryClass: ipHost, ieee802Device, bootableDevice +systemMustContain: cn +mayContain: msSFU30Name, msSFU30NisDomain, nisMapName, msSFU30Aliases +systemMayContain: serialNumber, seeAlso, owner, ou, o, l +systemPossSuperiors: domainDNS, organizationalUnit, organization,container +schemaIdGuid:bf967a8e-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Device,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dfs-Configuration +ldapDisplayName: dfsConfiguration +governsId: 1.2.840.113556.1.5.42 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: container, domainDNS +schemaIdGuid:8447f9f2-1027-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dfs-Configuration,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DHCP-Class +ldapDisplayName: dHCPClass +governsId: 1.2.840.113556.1.5.132 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: dhcpUniqueKey, dhcpType, dhcpIdentification,dhcpFlags +systemMayContain: superScopes, superScopeDescription,optionsLocation, optionDescription, networkAddress, mscopeId,dhcpUpdateTime, dhcpSubnets, dhcpState, dhcpSites, dhcpServers,dhcpReservations, dhcpRanges, dhcpProperties, dhcpOptions,dhcpObjName, dhcpObjDescription, dhcpMaxKey, dhcpMask, dhcpClasses +systemPossSuperiors: container +schemaIdGuid:963d2756-48be-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DHCP-Class,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Display-Specifier +ldapDisplayName: displaySpecifier +governsId: 1.2.840.113556.1.5.84 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: treatAsLeaf, shellPropertyPages, shellContextMenu,scopeFlags, queryFilter, iconPath, extraColumns, creationWizard,createWizardExt, createDialog, contextMenu, classDisplayName,attributeDisplayNames, adminPropertyPages,adminMultiselectPropertyPages, adminContextMenu +systemPossSuperiors: container +schemaIdGuid:e0fa1e8a-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Display-Specifier,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Display-Template +ldapDisplayName: displayTemplate +governsId: 1.2.840.113556.1.3.59 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: originalDisplayTableMSDOS, originalDisplayTable,helpFileName, helpData32, helpData16, addressEntryDisplayTableMSDOS,addressEntryDisplayTable +systemPossSuperiors: container +schemaIdGuid:5fd4250c-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Display-Template,CN=Schema,CN=Configuration, + +cn: DMD +ldapDisplayName: dMD +governsId: 1.2.840.113556.1.3.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: schemaUpdate, schemaInfo, prefixMap,msDs-Schema-Extensions, msDS-IntId, dmdName +systemPossSuperiors: configuration +schemaIdGuid:bf967a8f-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=DMD,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Node +ldapDisplayName: dnsNode +governsId: 1.2.840.113556.1.5.86 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemMayContain: dNSTombstoned, dnsRecord, dNSProperty +systemPossSuperiors: dnsZone +schemaIdGuid:e0fa1e8c-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;ED)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dns-Node,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Zone +ldapDisplayName: dnsZone +governsId: 1.2.840.113556.1.5.85 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemMayContain: managedBy, dnsSecureSecondaries, dNSProperty,dnsNotifySecondaries, dnsAllowXFR, dnsAllowDynamic +systemPossSuperiors: container +schemaIdGuid:e0fa1e8b-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;ED)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;CC;;;AU)(A;;RPLCLORC;;;WD)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dns-Zone,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: document +ldapDisplayName: document +governsId: 0.9.2342.19200300.100.4.6 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: documentIdentifier, documentPublisher, documentLocation,documentAuthor, documentVersion, documentTitle, ou, o, l, seeAlso,description, cn +possSuperiors: organizationalUnit, container +schemaIdGuid:39bad96d-c2d6-4baf-88ab-7e4207600117 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=document,CN=Schema,CN=Configuration, + +cn: ACS-Subnet +ldapDisplayName: aCSSubnet +governsId: 1.2.840.113556.1.5.138 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSServerList, aCSRSVPLogFilesLocation,aCSRSVPAccountFilesLocation, aCSNonReservedTxSize,aCSNonReservedTxLimit, aCSNonReservedTokenSize,aCSNonReservedPeakRate, aCSNonReservedMinPolicedSize,aCSNonReservedMaxSDUSize, aCSMaxTokenRatePerFlow,aCSMaxSizeOfRSVPLogFile, aCSMaxSizeOfRSVPAccountFile,aCSMaxPeakBandwidthPerFlow, aCSMaxPeakBandwidth, aCSMaxNoOfLogFiles,aCSMaxNoOfAccountFiles, aCSMaxDurationPerFlow, aCSEventLogLevel,aCSEnableRSVPMessageLogging, aCSEnableRSVPAccounting,aCSEnableACSService, aCSDSBMRefresh, aCSDSBMPriority,aCSDSBMDeadTime, aCSCacheTimeout, aCSAllocableRSVPBandwidth +systemPossSuperiors: container +schemaIdGuid:7f561289-5301-11d1-a9c5-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Subnet,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: documentSeries +ldapDisplayName: documentSeries +governsId: 0.9.2342.19200300.100.4.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: telephoneNumber, ou, o, l, seeAlso, description +possSuperiors: organizationalUnit, container +schemaIdGuid:7a2be07c-302f-4b96-bc90-0795d66885f8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=documentSeries,CN=Schema,CN=Configuration, + +cn: Domain +ldapDisplayName: domain +governsId: 1.2.840.113556.1.5.66 +objectClassCategory: 2 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemPossSuperiors: domain, organization +schemaIdGuid:19195a5a-6da0-11d0-afd3-00c04fd930c9 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-DNS +ldapDisplayName: domainDNS +governsId: 1.2.840.113556.1.5.67 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: domain +systemAuxiliaryClass: samDomain +systemMayContain: msDS-Behavior-Version, msDS-AllowedDNSSuffixes,managedBy +systemPossSuperiors: domainDNS +schemaIdGuid:19195a5b-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;CIIO;CRRPWP;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;RO)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy +ldapDisplayName: domainPolicy +governsId: 1.2.840.113556.1.5.18 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: qualityOfService, pwdProperties, pwdHistoryLength,publicKeyPolicy, proxyLifetime, minTicketAge, minPwdLength,minPwdAge, maxTicketAge, maxRenewAge, maxPwdAge, managedBy,lockoutThreshold, lockoutDuration, lockOutObservationWindow,ipsecPolicyReference, forceLogoff, eFSPolicy, domainWidePolicy,domainPolicyReference, domainCAs, defaultLocalPolicyObject,authenticationOptions +systemPossSuperiors: organizationalUnit, domainDNS, container +schemaIdGuid:bf967a99-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: domainRelatedObject +ldapDisplayName: domainRelatedObject +governsId: 0.9.2342.19200300.100.4.17 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: associatedDomain +schemaIdGuid:8bfd2d3d-efda-4549-852c-f85e137aedc6 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=domainRelatedObject,CN=Schema,CN=Configuration, + +cn: DSA +ldapDisplayName: dSA +governsId: 2.5.6.13 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationEntity +systemMayContain: knowledgeInformation +systemPossSuperiors: server, computer +schemaIdGuid:3fdfee52-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DSA,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Settings +ldapDisplayName: dSUISettings +governsId: 1.2.840.113556.1.5.183 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-Non-Security-Group-Extra-Classes,msDS-Security-Group-Extra-Classes, msDS-FilterContainers,dSUIShellMaximum, dSUIAdminNotification, dSUIAdminMaximum +systemPossSuperiors: container +schemaIdGuid:09b10f14-6f93-11d2-9905-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DS-UI-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dynamic-Object +ldapDisplayName: dynamicObject +governsId: 1.3.6.1.4.1.1466.101.119.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-Entry-Time-To-Die, entryTTL +schemaIdGuid:66d51249-3355-4c1f-b24e-81f252aca23b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dynamic-Object,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Link-Tracking +ldapDisplayName: fileLinkTracking +governsId: 1.2.840.113556.1.5.52 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: container +schemaIdGuid:dd712229-10e4-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=File-Link-Tracking,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Link-Tracking-Entry +ldapDisplayName: fileLinkTrackingEntry +governsId: 1.2.840.113556.1.5.59 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: fileLinkTracking +schemaIdGuid:8e4eb2ed-4712-11d0-a1a0-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=File-Link-Tracking-Entry,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Address-Book-Container +ldapDisplayName: addressBookContainer +governsId: 1.2.840.113556.1.5.125 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: displayName +systemMayContain: purportedSearch +systemPossSuperiors: addressBookContainer, configuration +schemaIdGuid:3e74f60f-3e73-11d1-a9c0-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;CR;a1990816-4298-11d1-ade2-00c04fd8d5cd;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Address-Book-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Foreign-Security-Principal +ldapDisplayName: foreignSecurityPrincipal +governsId: 1.2.840.113556.1.5.76 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: objectSid +systemMayContain: foreignIdentifier +systemPossSuperiors: container +schemaIdGuid:89e31c12-8530-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: friendlyCountry +ldapDisplayName: friendlyCountry +governsId: 0.9.2342.19200300.100.4.18 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: country +mustContain: co +schemaIdGuid:c498f152-dc6b-474a-9f52-7cdba3d7d351 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=friendlyCountry,CN=Schema,CN=Configuration, + +cn: FT-Dfs +ldapDisplayName: fTDfs +governsId: 1.2.840.113556.1.5.43 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: remoteServerName, pKTGuid, pKT +systemMayContain: uNCName, managedBy, keywords +systemPossSuperiors: dfsConfiguration +schemaIdGuid:8447f9f3-1027-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=FT-Dfs,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group +ldapDisplayName: group +governsId: 1.2.840.113556.1.5.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +auxiliaryClass: posixGroup +systemAuxiliaryClass: mailRecipient, securityPrincipal +systemMustContain: groupType +mayContain: msSFU30Name, msSFU30NisDomain, msSFU30PosixMember +systemMayContain: msDS-AzApplicationData,msDS-AzLastImportedBizRulePath, msDS-AzBizRuleLanguage,msDS-AzBizRule, msDS-AzGenericData, msDS-AzObjectGuid,primaryGroupToken, operatorCount, nTGroupMembers, nonSecurityMember,msDS-NonMembers, msDS-AzLDAPQuery, member, managedBy,groupMembershipSAM, groupAttributes, mail, desktopProfile,controlAccessRights, adminCount +systemPossSuperiors: msDS-AzScope, msDS-AzApplication,msDS-AzAdminManager, container, builtinDomain, organizationalUnit,domainDNS +schemaIdGuid:bf967a9c-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Group,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Of-Names +ldapDisplayName: groupOfNames +governsId: 2.5.6.9 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: member, cn +systemMayContain: seeAlso, owner, ou, o, businessCategory +systemPossSuperiors: organizationalUnit, locality, organization,container +schemaIdGuid:bf967a9d-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Group-Of-Names,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: groupOfUniqueNames +ldapDisplayName: groupOfUniqueNames +governsId: 2.5.6.17 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: uniqueMember, cn +mayContain: seeAlso, owner, ou, o, description, businessCategory +possSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:0310a911-93a3-4e21-a7a3-55d85ab2c48b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=groupOfUniqueNames,CN=Schema,CN=Configuration, + +cn: Group-Policy-Container +ldapDisplayName: groupPolicyContainer +governsId: 1.2.840.113556.1.5.157 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: versionNumber, gPCWQLFilter, gPCUserExtensionNames,gPCMachineExtensionNames, gPCFunctionalityVersion, gPCFileSysPath,flags +schemaIdGuid:f30e3bc2-9ff0-11d1-b603-0000f80367c1 +defaultSecurityDescriptor: D:P(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;DA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;EA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;LCRPLORC;;;ED) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Group-Policy-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IEEE802Device +ldapDisplayName: ieee802Device +governsId: 1.3.6.1.1.1.2.11 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, macAddress +schemaIdGuid:a699e529-a637-4b7d-a0fb-5dc466a0b8a7 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IEEE802Device,CN=Schema,CN=Configuration, + +cn: Index-Server-Catalog +ldapDisplayName: indexServerCatalog +governsId: 1.2.840.113556.1.5.130 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: creator +systemMayContain: uNCName, queryPoint, indexedScopes, friendlyNames +systemPossSuperiors: organizationalUnit, container +schemaIdGuid:7bfdcb8a-4807-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Index-Server-Catalog,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: inetOrgPerson +ldapDisplayName: inetOrgPerson +governsId: 2.16.840.1.113730.3.2.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +mayContain: x500uniqueIdentifier, userSMIMECertificate, userPKCS12,userCertificate, uid, secretary, roomNumber, preferredLanguage,photo, pager, o, mobile, manager, mail, labeledURI, jpegPhoto,initials, homePostalAddress, homePhone, givenName, employeeType,employeeNumber, displayName, departmentNumber, carLicense,businessCategory, audio +possSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:4828cc14-1437-45bc-9b07-ad6f015e5f28 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration, + +cn: Address-Template +ldapDisplayName: addressTemplate +governsId: 1.2.840.113556.1.3.58 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: displayTemplate +systemMustContain: displayName +systemMayContain: proxyGenerationEnabled, perRecipDialogDisplayTable,perMsgDialogDisplayTable, addressType, addressSyntax +systemPossSuperiors: container +schemaIdGuid:5fd4250a-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Address-Template,CN=Schema,CN=Configuration, + +cn: Infrastructure-Update +ldapDisplayName: infrastructureUpdate +governsId: 1.2.840.113556.1.5.175 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: dNReferenceUpdate +systemPossSuperiors: infrastructureUpdate, domain +schemaIdGuid:2df90d89-009f-11d2-aa4c-00c04fd7d83a +defaultSecurityDescriptor: D:(A;;GA;;;SY) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Intellimirror-Group +ldapDisplayName: intellimirrorGroup +governsId: 1.2.840.113556.1.5.152 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:07383086-91df-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;CCDC;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Intellimirror-Group,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Intellimirror-SCP +ldapDisplayName: intellimirrorSCP +governsId: 1.2.840.113556.1.5.151 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: netbootTools, netbootServer, netbootNewMachineOU,netbootNewMachineNamingPolicy, netbootMaxClients,netbootMachineFilePath, netbootLocallyInstalledOSes,netbootLimitClients, netbootIntelliMirrorOSes,netbootCurrentClientCount, netbootAnswerRequests,netbootAnswerOnlyValidClients, netbootAllowNewClients +systemPossSuperiors: computer, intellimirrorGroup +schemaIdGuid:07383085-91df-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Intellimirror-SCP,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Transport +ldapDisplayName: interSiteTransport +governsId: 1.2.840.113556.1.5.141 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: transportDLLName, transportAddressAttribute +systemMayContain: replInterval, options +systemPossSuperiors: interSiteTransportContainer +schemaIdGuid:26d97376-6070-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Inter-Site-Transport,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Transport-Container +ldapDisplayName: interSiteTransportContainer +governsId: 1.2.840.113556.1.5.140 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: sitesContainer +schemaIdGuid:26d97375-6070-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Inter-Site-Transport-Container,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpHost +ldapDisplayName: ipHost +governsId: 1.3.6.1.1.1.2.6 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: manager, cn, description, ipHostNumber, uid, l +schemaIdGuid:ab911646-8827-4f95-8780-5a8f008eb68f +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpHost,CN=Schema,CN=Configuration, + +cn: IpNetwork +ldapDisplayName: ipNetwork +governsId: 1.3.6.1.1.1.2.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, ipNetworkNumber +mayContain: manager, description, ipNetmaskNumber, uid, l,msSFU30Name, msSFU30NisDomain, nisMapName, msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:d95836c3-143e-43fb-992a-b057f1ecadf9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpNetwork,CN=Schema,CN=Configuration, + +cn: IpProtocol +ldapDisplayName: ipProtocol +governsId: 1.3.6.1.1.1.2.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, ipProtocolNumber +mayContain: description, msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:9c2dcbd2-fbf0-4dc7-ace0-8356dcd0f013 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpProtocol,CN=Schema,CN=Configuration, + +cn: Ipsec-Base +ldapDisplayName: ipsecBase +governsId: 1.2.840.113556.1.5.7000.56 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: ipsecOwnersReference, ipsecName, ipsecID,ipsecDataType, ipsecData +schemaIdGuid:b40ff825-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Base,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Filter +ldapDisplayName: ipsecFilter +governsId: 1.2.840.113556.1.5.118 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b40ff826-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Filter,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Entity +ldapDisplayName: applicationEntity +governsId: 2.5.6.12 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: presentationAddress, cn +systemMayContain: supportedApplicationContext, seeAlso, ou, o, l +systemPossSuperiors: applicationProcess, organizationalUnit,container +schemaIdGuid:3fdfee4f-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Entity,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ISAKMP-Policy +ldapDisplayName: ipsecISAKMPPolicy +governsId: 1.2.840.113556.1.5.120 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemPossSuperiors: container, computer, organizationalUnit +schemaIdGuid:b40ff828-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-ISAKMP-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Negotiation-Policy +ldapDisplayName: ipsecNegotiationPolicy +governsId: 1.2.840.113556.1.5.119 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: iPSECNegotiationPolicyType,iPSECNegotiationPolicyAction +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b40ff827-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Negotiation-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-NFA +ldapDisplayName: ipsecNFA +governsId: 1.2.840.113556.1.5.121 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: ipsecNegotiationPolicyReference,ipsecFilterReference +systemPossSuperiors: container, computer, organizationalUnit +schemaIdGuid:b40ff829-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-NFA,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Policy +ldapDisplayName: ipsecPolicy +governsId: 1.2.840.113556.1.5.98 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: ipsecNFAReference, ipsecISAKMPReference +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b7b13121-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Policy,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpService +ldapDisplayName: ipService +governsId: 1.3.6.1.1.1.2.3 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: ipServiceProtocol, ipServicePort, cn +mayContain: description, msSFU30Name, msSFU30NisDomain,msSFU30Aliases, nisMapName +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:2517fadf-fa97-48ad-9de6-79ac5721f864 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpService,CN=Schema,CN=Configuration, + +cn: Leaf +ldapDisplayName: leaf +governsId: 1.2.840.113556.1.5.20 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +schemaIdGuid:bf967a9e-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Leaf,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Licensing-Site-Settings +ldapDisplayName: licensingSiteSettings +governsId: 1.2.840.113556.1.5.78 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSiteSettings +systemMayContain: siteServer +systemPossSuperiors: site +schemaIdGuid:1be8f17d-a9ff-11d0-afe2-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Licensing-Site-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Object-Move-Table +ldapDisplayName: linkTrackObjectMoveTable +governsId: 1.2.840.113556.1.5.91 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: fileLinkTracking +systemPossSuperiors: fileLinkTracking +schemaIdGuid:ddac0cf5-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Object-Move-Table,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-OMT-Entry +ldapDisplayName: linkTrackOMTEntry +governsId: 1.2.840.113556.1.5.93 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: timeRefresh, oMTIndxGuid, oMTGuid, currentLocation,birthLocation +systemPossSuperiors: linkTrackObjectMoveTable +schemaIdGuid:ddac0cf7-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-OMT-Entry,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Vol-Entry +ldapDisplayName: linkTrackVolEntry +governsId: 1.2.840.113556.1.5.92 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: volTableIdxGUID, volTableGUID, timeVolChange,timeRefresh, seqNotification, objectCount, linkTrackSecret,currMachineId +systemPossSuperiors: linkTrackVolumeTable +schemaIdGuid:ddac0cf6-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Vol-Entry,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Process +ldapDisplayName: applicationProcess +governsId: 2.5.6.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: seeAlso, ou, l +systemPossSuperiors: organizationalUnit, organization, container,computer +schemaIdGuid:5fd4250b-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Application-Process,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Volume-Table +ldapDisplayName: linkTrackVolumeTable +governsId: 1.2.840.113556.1.5.90 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: fileLinkTracking +systemPossSuperiors: fileLinkTracking +schemaIdGuid:ddac0cf4-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Volume-Table,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Locality +ldapDisplayName: locality +governsId: 2.5.6.3 +objectClassCategory: 1 +rdnAttId: l +subClassOf: top +systemMustContain: l +systemMayContain: street, st, seeAlso, searchGuide +systemPossSuperiors: domainDNS, country, organizationalUnit,organization, locality +schemaIdGuid:bf967aa0-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Locality,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lost-And-Found +ldapDisplayName: lostAndFound +governsId: 1.2.840.113556.1.5.139 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: moveTreeState +systemPossSuperiors: configuration, domainDNS, dMD +schemaIdGuid:52ab8671-5709-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Lost-And-Found,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Mail-Recipient +ldapDisplayName: mailRecipient +governsId: 1.2.840.113556.1.3.46 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: msDS-PhoneticDisplayName, userSMIMECertificate,secretary, msExchLabeledURI, msExchAssistantName, labeledURI +systemMayContain: userCertificate, userCert, textEncodedORAddress,telephoneNumber, showInAddressBook, legacyExchangeDN,garbageCollPeriod, info +systemPossSuperiors: container +schemaIdGuid:bf967aa1-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Mail-Recipient,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Meeting +ldapDisplayName: meeting +governsId: 1.2.840.113556.1.5.104 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: meetingName +systemMayContain: meetingURL, meetingType, meetingStartTime,meetingScope, meetingRecurrence, meetingRating, meetingProtocol,meetingOwner, meetingOriginator, meetingMaxParticipants,meetingLocation, meetingLanguage, meetingKeyword,meetingIsEncrypted, meetingIP, meetingID, meetingEndTime,meetingDescription, meetingContactInfo, meetingBlob,meetingBandwidth, meetingApplication, meetingAdvertiseScope +systemPossSuperiors: container +schemaIdGuid:11b6cc94-48c4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Meeting,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-OLAPCube +ldapDisplayName: mS-SQL-OLAPCube +governsId: 1.2.840.113556.1.5.190 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-InformationURL, mS-SQL-Status, mS-SQL-LastUpdatedDate,mS-SQL-Size, mS-SQL-Description, mS-SQL-Contact, mS-SQL-Name +systemPossSuperiors: mS-SQL-OLAPDatabase +schemaIdGuid:09f0506a-cd28-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPCube,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-OLAPDatabase +ldapDisplayName: mS-SQL-OLAPDatabase +governsId: 1.2.840.113556.1.5.189 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-ConnectionURL, mS-SQL-InformationURL, mS-SQL-Status,mS-SQL-Applications, mS-SQL-LastBackupDate, mS-SQL-LastUpdatedDate,mS-SQL-Size, mS-SQL-Type, mS-SQL-Description, mS-SQL-Contact,mS-SQL-Name +systemPossSuperiors: mS-SQL-OLAPServer +schemaIdGuid:20af031a-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPDatabase,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-OLAPServer +ldapDisplayName: mS-SQL-OLAPServer +governsId: 1.2.840.113556.1.5.185 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-InformationURL, mS-SQL-Status, mS-SQL-Language,mS-SQL-ServiceAccount, mS-SQL-Contact, mS-SQL-RegisteredOwner,mS-SQL-Build, mS-SQL-Version, mS-SQL-Name +systemPossSuperiors: serviceConnectionPoint +schemaIdGuid:0c7e18ea-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPServer,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLDatabase +ldapDisplayName: mS-SQL-SQLDatabase +governsId: 1.2.840.113556.1.5.188 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-InformationURL,mS-SQL-Status, mS-SQL-Applications, mS-SQL-LastDiagnosticDate,mS-SQL-LastBackupDate, mS-SQL-CreationDate, mS-SQL-Size,mS-SQL-Contact, mS-SQL-Alias, mS-SQL-Description, mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:1d08694a-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLDatabase,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLPublication +ldapDisplayName: mS-SQL-SQLPublication +governsId: 1.2.840.113556.1.5.187 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-ThirdParty,mS-SQL-AllowSnapshotFilesFTPDownloading,mS-SQL-AllowQueuedUpdatingSubscription,mS-SQL-AllowImmediateUpdatingSubscription,mS-SQL-AllowKnownPullSubscription, mS-SQL-Publisher,mS-SQL-AllowAnonymousSubscription, mS-SQL-Database, mS-SQL-Type,mS-SQL-Status, mS-SQL-Description, mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:17c2f64e-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLPublication,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Settings +ldapDisplayName: applicationSettings +governsId: 1.2.840.113556.1.5.7000.49 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, msDS-Settings, applicationName +systemPossSuperiors: server +schemaIdGuid:f780acc1-56f0-11d1-a9c6-0000f80367c1 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Settings,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLRepository +ldapDisplayName: mS-SQL-SQLRepository +governsId: 1.2.840.113556.1.5.186 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-InformationDirectory, mS-SQL-Version,mS-SQL-Description, mS-SQL-Status, mS-SQL-Build, mS-SQL-Contact,mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:11d43c5c-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLRepository,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLServer +ldapDisplayName: mS-SQL-SQLServer +governsId: 1.2.840.113556.1.5.184 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemMayContain: mS-SQL-Keywords, mS-SQL-GPSHeight,mS-SQL-GPSLongitude, mS-SQL-GPSLatitude, mS-SQL-InformationURL,mS-SQL-LastUpdatedDate, mS-SQL-Status, mS-SQL-Vines,mS-SQL-AppleTalk, mS-SQL-TCPIP, mS-SQL-SPX, mS-SQL-MultiProtocol,mS-SQL-NamedPipe, mS-SQL-Clustered, mS-SQL-UnicodeSortOrder,mS-SQL-SortOrder, mS-SQL-CharacterSet, mS-SQL-ServiceAccount,mS-SQL-Build, mS-SQL-Memory, mS-SQL-Location, mS-SQL-Contact,mS-SQL-RegisteredOwner, mS-SQL-Name +systemPossSuperiors: serviceConnectionPoint +schemaIdGuid:05f6c878-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLServer,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-Partition +ldapDisplayName: msCOM-Partition +governsId: 1.2.840.113556.1.5.193 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msCOM-ObjectId +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:c9010e74-4e58-49f7-8a89-5e3e2340fcf8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-COM-Partition,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionSet +ldapDisplayName: msCOM-PartitionSet +governsId: 1.2.840.113556.1.5.194 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msCOM-PartitionLink, msCOM-DefaultPartitionLink,msCOM-ObjectId +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:250464ab-c417-497a-975a-9e0d459a7ca1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-COM-PartitionSet,CN=Schema,CN=Configuration, +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFSR-Connection +ldapDisplayName: msDFSR-Connection +governsId: 1.2.840.113556.1.6.13.4.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: fromServer +mayContain: msDFSR-Options2, msDFSR-DisablePacketPrivacy,msDFSR-Priority, msDFSR-Enabled, msDFSR-RdcEnabled,msDFSR-RdcMinFileSizeInKb, msDFSR-Keywords, msDFSR-Schedule,msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Member +schemaIdGuid:e58f972e-64b5-46ef-8d8b-bbc3e1897eab +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Connection,CN=Schema,CN=Configuration, + +cn: ms-DFSR-Content +ldapDisplayName: msDFSR-Content +governsId: 1.2.840.113556.1.6.13.4.6 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-ReplicationGroup +schemaIdGuid:64759b35-d3a1-42e4-b5f1-a3de162109b3 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Content,CN=Schema,CN=Configuration, + +cn: ms-DFSR-ContentSet +ldapDisplayName: msDFSR-ContentSet +governsId: 1.2.840.113556.1.6.13.4.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Options2, msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter,msDFSR-DefaultCompressionExclusionFilter, msDFSR-DeletedSizeInMb,msDFSR-Priority, msDFSR-ConflictSizeInMb, msDFSR-StagingSizeInMb,msDFSR-RootSizeInMb, description, msDFSR-DfsPath, msDFSR-FileFilter,msDFSR-DirectoryFilter, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: msDFSR-Content +schemaIdGuid:4937f40d-a6dc-4d48-97ca-06e5fbfd3f16 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-ContentSet,CN=Schema,CN=Configuration, + +cn: ms-DFSR-GlobalSettings +ldapDisplayName: msDFSR-GlobalSettings +governsId: 1.2.840.113556.1.6.13.4.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: container +schemaIdGuid:7b35dbad-b3ec-486a-aad4-2fec9d6ea6f6 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-GlobalSettings,CN=Schema,CN=Configuration, + +cn: ms-DFSR-LocalSettings +ldapDisplayName: msDFSR-LocalSettings +governsId: 1.2.840.113556.1.6.13.4.1 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Version, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: computer +schemaIdGuid:fa85c591-197f-477e-83bd-ea5a43df2239 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-LocalSettings,CN=Schema,CN=Configuration, + +cn: ms-DFSR-Member +ldapDisplayName: msDFSR-Member +governsId: 1.2.840.113556.1.6.13.4.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ComputerReference +mayContain: serverReference, msDFSR-Keywords, msDFSR-Flags,msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Topology +schemaIdGuid:4229c897-c211-437c-a5ae-dbf705b696e5 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Member,CN=Schema,CN=Configuration, + diff --git a/source4/setup/ad-schema/licence.txt b/source4/setup/ad-schema/licence.txt new file mode 100644 index 0000000000..9db966461b --- /dev/null +++ b/source4/setup/ad-schema/licence.txt @@ -0,0 +1,54 @@ +NOTE: + +The licence on these schema files is not GPL, or a standard Open +Source licence. Be careful to redistribute thes files as part of +Samba or 'your implementation', but not alone. + +-- + +Intellectual Property Rights Notice for Protocol Documentation + +Copyrights. +This protocol documentation is covered by Microsoft +copyrights. Regardless of any other terms that are contained in the +terms of use for the Microsoft website that hosts this documentation, +you may make copies of it in order to develop implementations of the +protocols, and may distribute portions of it in your implementations +of the protocols or your documentation as necessary to properly +document the implementation. You may also distribute in your +implementation, with or without modification, any schema, IDL's, or +code samples that are included in the documentation. This permission +also applies to any documents that are referenced in the protocol +documentation. + +No Trade Secrets. +Microsoft does not claim any trade secret rights in this documentation. + +Patents. +Microsoft has patents that may cover your implementations of the +protocols. Neither this notice nor Microsoft's delivery of the +documentation grants any licenses under those or any other Microsoft +patents. However, the protocols may be covered by Microsoft’s Open +Specification Promise (available here: +http://www.microsoft.com/interop/osp). If you would prefer a written +license, or if the protocols are not covered by the OSP, patent +licenses are available by contacting protocol@microsoft.com. + +Trademarks. +The names of companies and products contained in this documentation +may be covered by trademarks or similar intellectual property +rights. This notice does not grant any licenses under those +rights.Reservation of Rights. All other rights are reserved, and this +notice does not grant any rights other than specifically described +above, whether by implication, estoppel, or otherwise. + +Tools. +This protocol documentation is intended for use in conjunction with +publicly available standard specifications and network programming +art, and assumes that the reader either is familiar with the +aforementioned material or has immediate access to it. A protocol +specification does not require the use of Microsoft programming tools +or programming environments in order for you to develop an +implementation. If you have access to Microsoft programming tools and +environments you are free to take advantage of them. + -- cgit From 5903206bab97bb694a8689692d9381747246c5ba Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:50:46 +0100 Subject: netlogon: fill in netr_ServerGetTrustInfo IDL. Guenther --- librpc/idl/netlogon.idl | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index cf4da7adfa..f09e51e30f 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -1500,5 +1500,23 @@ interface netlogon /****************/ /* Function 0x2e */ - [todo] WERROR netr_NETRSERVERGETTRUSTINFO(); + + typedef struct { + uint32 count; + [size_is(count)] uint32 *data; + uint32 entry_count; + [size_is(count)] lsa_String *entries; + } netr_TrustInfo; + + NTSTATUS netr_ServerGetTrustInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *account_name, + [in] netr_SchannelType secure_channel_type, + [in,ref] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *new_owf_password, + [out,ref] samr_Password *old_owf_password, + [out,ref] netr_TrustInfo **trust_info + ); } -- cgit From 9fa4dfc4ea1c27aecd74cd89d50e674c4614ebd3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:51:16 +0100 Subject: s4-netlogon: fix the build of netlogon server. Guenther --- source4/rpc_server/netlogon/dcerpc_netlogon.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 2806802e63..a2367c8a9b 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -1427,11 +1427,11 @@ static WERROR dcesrv_netr_GetForestTrustInformation(struct dcesrv_call_state *dc } -/* - netr_NETRSERVERGETTRUSTINFO +/* + netr_ServerGetTrustInfo */ -static WERROR dcesrv_netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct netr_NETRSERVERGETTRUSTINFO *r) +static NTSTATUS dcesrv_netr_ServerGetTrustInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct netr_ServerGetTrustInfo *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } -- cgit From c4a5788e821ddcba125464ef0fc8172c0100d959 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:51:49 +0100 Subject: s4-smbtorture: add simple netr_ServerGetTrustInfo test. Guenther --- source4/torture/rpc/netlogon.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 5fb36079d6..306c271511 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -2051,6 +2051,47 @@ static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx, return true; } +static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx, + struct dcerpc_pipe *p, + struct cli_credentials *machine_credentials) +{ + NTSTATUS status; + struct netr_ServerGetTrustInfo r; + + struct netr_Authenticator a; + struct netr_Authenticator return_authenticator; + struct samr_Password new_owf_password; + struct samr_Password old_owf_password; + struct netr_TrustInfo *trust_info; + + struct creds_CredentialState *creds; + + if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, + machine_credentials, &creds)) { + return false; + } + + creds_client_authenticator(creds, &a); + + r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); + r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); + r.in.secure_channel_type = SEC_CHAN_BDC; + r.in.computer_name = TEST_MACHINE_NAME; + r.in.credential = &a; + + r.out.return_authenticator = &return_authenticator; + r.out.new_owf_password = &new_owf_password; + r.out.old_owf_password = &old_owf_password; + r.out.trust_info = &trust_info; + + status = dcerpc_netr_ServerGetTrustInfo(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "failed"); + torture_assert(tctx, creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed"); + + return true; +} + + static bool test_GetDomainInfo(struct torture_context *tctx, struct dcerpc_pipe *p, struct cli_credentials *machine_credentials) @@ -2317,6 +2358,7 @@ struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx) torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW); torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW); torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW); + torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo); return suite; } -- cgit From e5804204901c7b376516e42a3a86d685236fd198 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:53:36 +0100 Subject: s3-build: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/cli_netlogon.c | 32 +++- source3/librpc/gen_ndr/cli_netlogon.h | 15 +- source3/librpc/gen_ndr/ndr_netlogon.c | 344 ++++++++++++++++++++++++++++++++-- source3/librpc/gen_ndr/ndr_netlogon.h | 5 +- source3/librpc/gen_ndr/netlogon.h | 21 ++- source3/librpc/gen_ndr/srv_netlogon.c | 41 +++- source3/librpc/gen_ndr/srv_netlogon.h | 2 +- 7 files changed, 427 insertions(+), 33 deletions(-) diff --git a/source3/librpc/gen_ndr/cli_netlogon.c b/source3/librpc/gen_ndr/cli_netlogon.c index 1af3249473..a1bcb2cb38 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.c +++ b/source3/librpc/gen_ndr/cli_netlogon.c @@ -2296,23 +2296,37 @@ NTSTATUS rpccli_netr_LogonSamLogonWithFlags(struct rpc_pipe_client *cli, return r.out.result; } -NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - WERROR *werror) +NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name /* [in] [unique,charset(UTF16)] */, + const char *account_name /* [in] [ref,charset(UTF16)] */, + enum netr_SchannelType secure_channel_type /* [in] */, + const char *computer_name /* [in] [ref,charset(UTF16)] */, + struct netr_Authenticator *credential /* [in] [ref] */, + struct netr_Authenticator *return_authenticator /* [out] [ref] */, + struct samr_Password *new_owf_password /* [out] [ref] */, + struct samr_Password *old_owf_password /* [out] [ref] */, + struct netr_TrustInfo **trust_info /* [out] [ref] */, + WERROR *werror) { - struct netr_NETRSERVERGETTRUSTINFO r; + struct netr_ServerGetTrustInfo r; NTSTATUS status; /* In parameters */ + r.in.server_name = server_name; + r.in.account_name = account_name; + r.in.secure_channel_type = secure_channel_type; + r.in.computer_name = computer_name; + r.in.credential = credential; if (DEBUGLEVEL >= 10) { - NDR_PRINT_IN_DEBUG(netr_NETRSERVERGETTRUSTINFO, &r); + NDR_PRINT_IN_DEBUG(netr_ServerGetTrustInfo, &r); } status = cli_do_rpc_ndr(cli, mem_ctx, &ndr_table_netlogon, - NDR_NETR_NETRSERVERGETTRUSTINFO, + NDR_NETR_SERVERGETTRUSTINFO, &r); if (!NT_STATUS_IS_OK(status)) { @@ -2320,7 +2334,7 @@ NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, } if (DEBUGLEVEL >= 10) { - NDR_PRINT_OUT_DEBUG(netr_NETRSERVERGETTRUSTINFO, &r); + NDR_PRINT_OUT_DEBUG(netr_ServerGetTrustInfo, &r); } if (NT_STATUS_IS_ERR(status)) { @@ -2328,6 +2342,10 @@ NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, } /* Return variables */ + *return_authenticator = *r.out.return_authenticator; + *new_owf_password = *r.out.new_owf_password; + *old_owf_password = *r.out.old_owf_password; + *trust_info = *r.out.trust_info; /* Return result */ if (werror) { diff --git a/source3/librpc/gen_ndr/cli_netlogon.h b/source3/librpc/gen_ndr/cli_netlogon.h index 9f5eac15b2..7a2d43b3c1 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.h +++ b/source3/librpc/gen_ndr/cli_netlogon.h @@ -356,7 +356,16 @@ NTSTATUS rpccli_netr_LogonSamLogonWithFlags(struct rpc_pipe_client *cli, union netr_Validation *validation /* [out] [ref,switch_is(validation_level)] */, uint8_t *authoritative /* [out] [ref] */, uint32_t *flags /* [in,out] [ref] */); -NTSTATUS rpccli_netr_NETRSERVERGETTRUSTINFO(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - WERROR *werror); +NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name /* [in] [unique,charset(UTF16)] */, + const char *account_name /* [in] [ref,charset(UTF16)] */, + enum netr_SchannelType secure_channel_type /* [in] */, + const char *computer_name /* [in] [ref,charset(UTF16)] */, + struct netr_Authenticator *credential /* [in] [ref] */, + struct netr_Authenticator *return_authenticator /* [out] [ref] */, + struct samr_Password *new_owf_password /* [out] [ref] */, + struct samr_Password *old_owf_password /* [out] [ref] */, + struct netr_TrustInfo **trust_info /* [out] [ref] */, + WERROR *werror); #endif /* __CLI_NETLOGON__ */ diff --git a/source3/librpc/gen_ndr/ndr_netlogon.c b/source3/librpc/gen_ndr/ndr_netlogon.c index c4102eba6e..af8228cd5a 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.c +++ b/source3/librpc/gen_ndr/ndr_netlogon.c @@ -8617,6 +8617,145 @@ _PUBLIC_ void ndr_print_DcSitesCtr(struct ndr_print *ndr, const char *name, cons ndr->depth--; } +static enum ndr_err_code ndr_push_netr_TrustInfo(struct ndr_push *ndr, int ndr_flags, const struct netr_TrustInfo *r) +{ + uint32_t cntr_data_1; + uint32_t cntr_entries_1; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->data)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->entry_count)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->entries)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->data) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + for (cntr_data_1 = 0; cntr_data_1 < r->count; cntr_data_1++) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->data[cntr_data_1])); + } + } + if (r->entries) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count)); + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + } + } + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_netr_TrustInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_TrustInfo *r) +{ + uint32_t _ptr_data; + uint32_t cntr_data_1; + TALLOC_CTX *_mem_save_data_0; + TALLOC_CTX *_mem_save_data_1; + uint32_t _ptr_entries; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->count)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_data)); + if (_ptr_data) { + NDR_PULL_ALLOC(ndr, r->data); + } else { + r->data = NULL; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->entry_count)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_entries)); + if (_ptr_entries) { + NDR_PULL_ALLOC(ndr, r->entries); + } else { + r->entries = NULL; + } + } + if (ndr_flags & NDR_BUFFERS) { + if (r->data) { + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); + _mem_save_data_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + for (cntr_data_1 = 0; cntr_data_1 < r->count; cntr_data_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->data[cntr_data_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_1, 0); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->entries) { + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); + NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } + for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); + } + if (r->data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->data, r->count)); + } + if (r->entries) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->entries, r->count)); + } + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_netr_TrustInfo(struct ndr_print *ndr, const char *name, const struct netr_TrustInfo *r) +{ + uint32_t cntr_data_1; + uint32_t cntr_entries_1; + ndr_print_struct(ndr, name, "netr_TrustInfo"); + ndr->depth++; + ndr_print_uint32(ndr, "count", r->count); + ndr_print_ptr(ndr, "data", r->data); + ndr->depth++; + if (r->data) { + ndr->print(ndr, "%s: ARRAY(%d)", "data", (int)r->count); + ndr->depth++; + for (cntr_data_1=0;cntr_data_1count;cntr_data_1++) { + char *idx_1=NULL; + if (asprintf(&idx_1, "[%d]", cntr_data_1) != -1) { + ndr_print_uint32(ndr, "data", r->data[cntr_data_1]); + free(idx_1); + } + } + ndr->depth--; + } + ndr->depth--; + ndr_print_uint32(ndr, "entry_count", r->entry_count); + ndr_print_ptr(ndr, "entries", r->entries); + ndr->depth++; + if (r->entries) { + ndr->print(ndr, "%s: ARRAY(%d)", "entries", (int)r->count); + ndr->depth++; + for (cntr_entries_1=0;cntr_entries_1count;cntr_entries_1++) { + char *idx_1=NULL; + if (asprintf(&idx_1, "[%d]", cntr_entries_1) != -1) { + ndr_print_lsa_String(ndr, "entries", &r->entries[cntr_entries_1]); + free(idx_1); + } + } + ndr->depth--; + } + ndr->depth--; + ndr->depth--; +} + static enum ndr_err_code ndr_push_netr_LogonUasLogon(struct ndr_push *ndr, int flags, const struct netr_LogonUasLogon *r) { if (flags & NDR_IN) { @@ -15424,41 +15563,224 @@ _PUBLIC_ void ndr_print_netr_LogonSamLogonWithFlags(struct ndr_print *ndr, const ndr->depth--; } -static enum ndr_err_code ndr_push_netr_NETRSERVERGETTRUSTINFO(struct ndr_push *ndr, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r) +static enum ndr_err_code ndr_push_netr_ServerGetTrustInfo(struct ndr_push *ndr, int flags, const struct netr_ServerGetTrustInfo *r) { if (flags & NDR_IN) { + NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.server_name)); + if (r->in.server_name) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.server_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.server_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.server_name, ndr_charset_length(r->in.server_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + } + if (r->in.account_name == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.account_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.account_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.account_name, ndr_charset_length(r->in.account_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_push_netr_SchannelType(ndr, NDR_SCALARS, r->in.secure_channel_type)); + if (r->in.computer_name == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.computer_name, CH_UTF16))); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.computer_name, CH_UTF16))); + NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.computer_name, ndr_charset_length(r->in.computer_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); + if (r->in.credential == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_netr_Authenticator(ndr, NDR_SCALARS, r->in.credential)); } if (flags & NDR_OUT) { + if (r->out.return_authenticator == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_netr_Authenticator(ndr, NDR_SCALARS, r->out.return_authenticator)); + if (r->out.new_owf_password == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, r->out.new_owf_password)); + if (r->out.old_owf_password == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, r->out.old_owf_password)); + if (r->out.trust_info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_unique_ptr(ndr, *r->out.trust_info)); + if (*r->out.trust_info) { + NDR_CHECK(ndr_push_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); + } NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_netr_NETRSERVERGETTRUSTINFO(struct ndr_pull *ndr, int flags, struct netr_NETRSERVERGETTRUSTINFO *r) +static enum ndr_err_code ndr_pull_netr_ServerGetTrustInfo(struct ndr_pull *ndr, int flags, struct netr_ServerGetTrustInfo *r) { + uint32_t _ptr_server_name; + uint32_t _ptr_trust_info; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_new_owf_password_0; + TALLOC_CTX *_mem_save_old_owf_password_0; + TALLOC_CTX *_mem_save_trust_info_0; + TALLOC_CTX *_mem_save_trust_info_1; if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_name)); + if (_ptr_server_name) { + NDR_PULL_ALLOC(ndr, r->in.server_name); + } else { + r->in.server_name = NULL; + } + if (r->in.server_name) { + _mem_save_server_name_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); + if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); + if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); + if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); + } + NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); + NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } + _mem_save_credential_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.credential, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, r->in.credential)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_credential_0, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_ALLOC(ndr, r->out.return_authenticator); + ZERO_STRUCTP(r->out.return_authenticator); + NDR_PULL_ALLOC(ndr, r->out.new_owf_password); + ZERO_STRUCTP(r->out.new_owf_password); + NDR_PULL_ALLOC(ndr, r->out.old_owf_password); + ZERO_STRUCTP(r->out.old_owf_password); + NDR_PULL_ALLOC(ndr, r->out.trust_info); + ZERO_STRUCTP(r->out.trust_info); } if (flags & NDR_OUT) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.return_authenticator); + } + _mem_save_return_authenticator_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.return_authenticator, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, r->out.return_authenticator)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_return_authenticator_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.new_owf_password); + } + _mem_save_new_owf_password_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.new_owf_password, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, r->out.new_owf_password)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_new_owf_password_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.old_owf_password); + } + _mem_save_old_owf_password_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.old_owf_password, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, r->out.old_owf_password)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_old_owf_password_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.trust_info); + } + _mem_save_trust_info_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.trust_info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_trust_info)); + if (_ptr_trust_info) { + NDR_PULL_ALLOC(ndr, *r->out.trust_info); + } else { + *r->out.trust_info = NULL; + } + if (*r->out.trust_info) { + _mem_save_trust_info_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.trust_info, 0); + NDR_CHECK(ndr_pull_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_netr_NETRSERVERGETTRUSTINFO(struct ndr_print *ndr, const char *name, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r) +_PUBLIC_ void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const char *name, int flags, const struct netr_ServerGetTrustInfo *r) { - ndr_print_struct(ndr, name, "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, name, "netr_ServerGetTrustInfo"); ndr->depth++; if (flags & NDR_SET_VALUES) { ndr->flags |= LIBNDR_PRINT_SET_VALUES; } if (flags & NDR_IN) { - ndr_print_struct(ndr, "in", "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, "in", "netr_ServerGetTrustInfo"); + ndr->depth++; + ndr_print_ptr(ndr, "server_name", r->in.server_name); ndr->depth++; + if (r->in.server_name) { + ndr_print_string(ndr, "server_name", r->in.server_name); + } + ndr->depth--; + ndr_print_ptr(ndr, "account_name", r->in.account_name); + ndr->depth++; + ndr_print_string(ndr, "account_name", r->in.account_name); + ndr->depth--; + ndr_print_netr_SchannelType(ndr, "secure_channel_type", r->in.secure_channel_type); + ndr_print_ptr(ndr, "computer_name", r->in.computer_name); + ndr->depth++; + ndr_print_string(ndr, "computer_name", r->in.computer_name); + ndr->depth--; + ndr_print_ptr(ndr, "credential", r->in.credential); + ndr->depth++; + ndr_print_netr_Authenticator(ndr, "credential", r->in.credential); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { - ndr_print_struct(ndr, "out", "netr_NETRSERVERGETTRUSTINFO"); + ndr_print_struct(ndr, "out", "netr_ServerGetTrustInfo"); ndr->depth++; + ndr_print_ptr(ndr, "return_authenticator", r->out.return_authenticator); + ndr->depth++; + ndr_print_netr_Authenticator(ndr, "return_authenticator", r->out.return_authenticator); + ndr->depth--; + ndr_print_ptr(ndr, "new_owf_password", r->out.new_owf_password); + ndr->depth++; + ndr_print_samr_Password(ndr, "new_owf_password", r->out.new_owf_password); + ndr->depth--; + ndr_print_ptr(ndr, "old_owf_password", r->out.old_owf_password); + ndr->depth++; + ndr_print_samr_Password(ndr, "old_owf_password", r->out.old_owf_password); + ndr->depth--; + ndr_print_ptr(ndr, "trust_info", r->out.trust_info); + ndr->depth++; + ndr_print_ptr(ndr, "trust_info", *r->out.trust_info); + ndr->depth++; + if (*r->out.trust_info) { + ndr_print_netr_TrustInfo(ndr, "trust_info", *r->out.trust_info); + } + ndr->depth--; + ndr->depth--; ndr_print_WERROR(ndr, "result", r->out.result); ndr->depth--; } @@ -15835,11 +16157,11 @@ static const struct ndr_interface_call netlogon_calls[] = { false, }, { - "netr_NETRSERVERGETTRUSTINFO", - sizeof(struct netr_NETRSERVERGETTRUSTINFO), - (ndr_push_flags_fn_t) ndr_push_netr_NETRSERVERGETTRUSTINFO, - (ndr_pull_flags_fn_t) ndr_pull_netr_NETRSERVERGETTRUSTINFO, - (ndr_print_function_t) ndr_print_netr_NETRSERVERGETTRUSTINFO, + "netr_ServerGetTrustInfo", + sizeof(struct netr_ServerGetTrustInfo), + (ndr_push_flags_fn_t) ndr_push_netr_ServerGetTrustInfo, + (ndr_pull_flags_fn_t) ndr_pull_netr_ServerGetTrustInfo, + (ndr_print_function_t) ndr_print_netr_ServerGetTrustInfo, false, }, { NULL, 0, NULL, NULL, NULL, false } diff --git a/source3/librpc/gen_ndr/ndr_netlogon.h b/source3/librpc/gen_ndr/ndr_netlogon.h index be20448636..5858906c1c 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.h +++ b/source3/librpc/gen_ndr/ndr_netlogon.h @@ -104,7 +104,7 @@ extern const struct ndr_interface_table ndr_table_netlogon; #define NDR_NETR_LOGONSAMLOGONWITHFLAGS (0x2d) -#define NDR_NETR_NETRSERVERGETTRUSTINFO (0x2e) +#define NDR_NETR_SERVERGETTRUSTINFO (0x2e) #define NDR_NETLOGON_CALL_COUNT (47) void ndr_print_netr_UasInfo(struct ndr_print *ndr, const char *name, const struct netr_UasInfo *r); @@ -226,6 +226,7 @@ void ndr_print_netr_DomainTrust(struct ndr_print *ndr, const char *name, const s void ndr_print_netr_DomainTrustList(struct ndr_print *ndr, const char *name, const struct netr_DomainTrustList *r); void ndr_print_netr_DsRAddressToSitenamesExWCtr(struct ndr_print *ndr, const char *name, const struct netr_DsRAddressToSitenamesExWCtr *r); void ndr_print_DcSitesCtr(struct ndr_print *ndr, const char *name, const struct DcSitesCtr *r); +void ndr_print_netr_TrustInfo(struct ndr_print *ndr, const char *name, const struct netr_TrustInfo *r); void ndr_print_netr_LogonUasLogon(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonUasLogon *r); void ndr_print_netr_LogonUasLogoff(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonUasLogoff *r); void ndr_print_netr_LogonSamLogon(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonSamLogon *r); @@ -276,5 +277,5 @@ void ndr_print_netr_ServerTrustPasswordsGet(struct ndr_print *ndr, const char *n void ndr_print_netr_DsRGetForestTrustInformation(struct ndr_print *ndr, const char *name, int flags, const struct netr_DsRGetForestTrustInformation *r); void ndr_print_netr_GetForestTrustInformation(struct ndr_print *ndr, const char *name, int flags, const struct netr_GetForestTrustInformation *r); void ndr_print_netr_LogonSamLogonWithFlags(struct ndr_print *ndr, const char *name, int flags, const struct netr_LogonSamLogonWithFlags *r); -void ndr_print_netr_NETRSERVERGETTRUSTINFO(struct ndr_print *ndr, const char *name, int flags, const struct netr_NETRSERVERGETTRUSTINFO *r); +void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const char *name, int flags, const struct netr_ServerGetTrustInfo *r); #endif /* _HEADER_NDR_netlogon */ diff --git a/source3/librpc/gen_ndr/netlogon.h b/source3/librpc/gen_ndr/netlogon.h index 4d9b549e75..02a4a447e0 100644 --- a/source3/librpc/gen_ndr/netlogon.h +++ b/source3/librpc/gen_ndr/netlogon.h @@ -964,6 +964,13 @@ struct DcSitesCtr { struct lsa_String *sites;/* [unique,size_is(num_sites)] */ }; +struct netr_TrustInfo { + uint32_t count; + uint32_t *data;/* [unique,size_is(count)] */ + uint32_t entry_count; + struct lsa_String *entries;/* [unique,size_is(count)] */ +}; + struct netr_LogonUasLogon { struct { @@ -1706,8 +1713,20 @@ struct netr_LogonSamLogonWithFlags { }; -struct netr_NETRSERVERGETTRUSTINFO { +struct netr_ServerGetTrustInfo { + struct { + const char *server_name;/* [unique,charset(UTF16)] */ + const char *account_name;/* [ref,charset(UTF16)] */ + enum netr_SchannelType secure_channel_type; + const char *computer_name;/* [ref,charset(UTF16)] */ + struct netr_Authenticator *credential;/* [ref] */ + } in; + struct { + struct netr_Authenticator *return_authenticator;/* [ref] */ + struct samr_Password *new_owf_password;/* [ref] */ + struct samr_Password *old_owf_password;/* [ref] */ + struct netr_TrustInfo **trust_info;/* [ref] */ WERROR result; } out; diff --git a/source3/librpc/gen_ndr/srv_netlogon.c b/source3/librpc/gen_ndr/srv_netlogon.c index 2cb2978af2..8cb461e94d 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.c +++ b/source3/librpc/gen_ndr/srv_netlogon.c @@ -3733,18 +3733,18 @@ static bool api_netr_LogonSamLogonWithFlags(pipes_struct *p) return true; } -static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) +static bool api_netr_ServerGetTrustInfo(pipes_struct *p) { const struct ndr_interface_call *call; struct ndr_pull *pull; struct ndr_push *push; enum ndr_err_code ndr_err; DATA_BLOB blob; - struct netr_NETRSERVERGETTRUSTINFO *r; + struct netr_ServerGetTrustInfo *r; - call = &ndr_table_netlogon.calls[NDR_NETR_NETRSERVERGETTRUSTINFO]; + call = &ndr_table_netlogon.calls[NDR_NETR_SERVERGETTRUSTINFO]; - r = talloc(talloc_tos(), struct netr_NETRSERVERGETTRUSTINFO); + r = talloc(talloc_tos(), struct netr_ServerGetTrustInfo); if (r == NULL) { return false; } @@ -3768,10 +3768,35 @@ static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) } if (DEBUGLEVEL >= 10) { - NDR_PRINT_IN_DEBUG(netr_NETRSERVERGETTRUSTINFO, r); + NDR_PRINT_IN_DEBUG(netr_ServerGetTrustInfo, r); } - r->out.result = _netr_NETRSERVERGETTRUSTINFO(p, r); + ZERO_STRUCT(r->out); + r->out.return_authenticator = talloc_zero(r, struct netr_Authenticator); + if (r->out.return_authenticator == NULL) { + talloc_free(r); + return false; + } + + r->out.new_owf_password = talloc_zero(r, struct samr_Password); + if (r->out.new_owf_password == NULL) { + talloc_free(r); + return false; + } + + r->out.old_owf_password = talloc_zero(r, struct samr_Password); + if (r->out.old_owf_password == NULL) { + talloc_free(r); + return false; + } + + r->out.trust_info = talloc_zero(r, struct netr_TrustInfo *); + if (r->out.trust_info == NULL) { + talloc_free(r); + return false; + } + + r->out.result = _netr_ServerGetTrustInfo(p, r); if (p->rng_fault_state) { talloc_free(r); @@ -3780,7 +3805,7 @@ static bool api_netr_NETRSERVERGETTRUSTINFO(pipes_struct *p) } if (DEBUGLEVEL >= 10) { - NDR_PRINT_OUT_DEBUG(netr_NETRSERVERGETTRUSTINFO, r); + NDR_PRINT_OUT_DEBUG(netr_ServerGetTrustInfo, r); } push = ndr_push_init_ctx(r, NULL); @@ -3856,7 +3881,7 @@ static struct api_struct api_netlogon_cmds[] = {"NETR_DSRGETFORESTTRUSTINFORMATION", NDR_NETR_DSRGETFORESTTRUSTINFORMATION, api_netr_DsRGetForestTrustInformation}, {"NETR_GETFORESTTRUSTINFORMATION", NDR_NETR_GETFORESTTRUSTINFORMATION, api_netr_GetForestTrustInformation}, {"NETR_LOGONSAMLOGONWITHFLAGS", NDR_NETR_LOGONSAMLOGONWITHFLAGS, api_netr_LogonSamLogonWithFlags}, - {"NETR_NETRSERVERGETTRUSTINFO", NDR_NETR_NETRSERVERGETTRUSTINFO, api_netr_NETRSERVERGETTRUSTINFO}, + {"NETR_SERVERGETTRUSTINFO", NDR_NETR_SERVERGETTRUSTINFO, api_netr_ServerGetTrustInfo}, }; void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns) diff --git a/source3/librpc/gen_ndr/srv_netlogon.h b/source3/librpc/gen_ndr/srv_netlogon.h index 1fe16c603b..3bbe4d02fa 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.h +++ b/source3/librpc/gen_ndr/srv_netlogon.h @@ -47,7 +47,7 @@ NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, struct netr_ServerTrustP WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, struct netr_DsRGetForestTrustInformation *r); WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, struct netr_NETRSERVERGETTRUSTINFO *r); +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns); NTSTATUS rpc_netlogon_init(void); #endif /* __SRV_NETLOGON__ */ -- cgit From b431406357a7c9580e797a3d4f96d9b1fe9f2e86 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 02:54:06 +0100 Subject: s3-netlogon: fix netlogon server build. Guenther --- source3/include/proto.h | 4 ++-- source3/rpc_server/srv_netlog_nt.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 2ba01b30ed..4feedcdb04 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6859,8 +6859,8 @@ WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, - struct netr_NETRSERVERGETTRUSTINFO *r); +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r); /* The following definitions come from rpc_server/srv_ntsvcs.c */ diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 45acd3ed48..46450059f4 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -1402,8 +1402,8 @@ NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, /**************************************************************** ****************************************************************/ -WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, - struct netr_NETRSERVERGETTRUSTINFO *r) +WERROR _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r) { p->rng_fault_state = true; return WERR_NOT_SUPPORTED; -- cgit From 9ea4b5aac254bbe689c00c613db2b2288046be78 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 10 Dec 2008 12:47:05 +0100 Subject: s4-smbtorture: skip ServerGetTrustInfo for samba4. Guenther --- source4/selftest/knownfail | 1 + 1 file changed, 1 insertion(+) diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index abc69785cb..92c6ff0f91 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -34,6 +34,7 @@ rpc.netlogon.*.DsRAddressToSitenamesExW rpc.netlogon.*.GetPassword rpc.netlogon.*.GetTrustPasswords rpc.netlogon.*.DatabaseRedo +rpc.netlogon.*.ServerGetTrustInfo base.charset.*.Testing partial surrogate .*net.api.delshare.* # DelShare isn't implemented yet rap.*netservergetinfo -- cgit From 6bb2fff0c14bd886a1d7995e5ce01f5938689372 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Dec 2008 13:40:41 +0100 Subject: Rename "scan_directory" to "get_real_filename" --- source3/smbd/filename.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 392264bfc0..9f2fe60f47 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,8 +26,9 @@ #include "includes.h" -static bool scan_directory(connection_struct *conn, const char *path, - char *name, char **found_name); +static bool get_real_filename(connection_struct *conn, const char *path, + char *name, TALLOC_CTX *mem_ctx, + char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -433,8 +434,8 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - !scan_directory(conn, dirpath, - start, &found_name)) { + !get_real_filename(conn, dirpath, start, + talloc_tos(), &found_name)) { char *unmangled; if (end) { @@ -768,15 +769,15 @@ static bool fname_equal(const char *name1, const char *name2, If the name looks like a mangled name then try via the mangling functions ****************************************************************************/ -static bool scan_directory(connection_struct *conn, const char *path, - char *name, char **found_name) +static bool get_real_filename(connection_struct *conn, const char *path, + char *name, TALLOC_CTX *mem_ctx, + char **found_name) { struct smb_Dir *cur_dir; const char *dname; bool mangled; char *unmangled_name = NULL; long curpos; - TALLOC_CTX *ctx = talloc_tos(); mangled = mangle_is_mangled(name, conn->params); @@ -810,10 +811,9 @@ static bool scan_directory(connection_struct *conn, const char *path, */ if (mangled && !conn->case_sensitive) { - mangled = !mangle_lookup_name_from_8_3(ctx, - name, - &unmangled_name, - conn->params); + mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name, + &unmangled_name, + conn->params); if (!mangled) { /* Name is now unmangled. */ name = unmangled_name; @@ -850,7 +850,7 @@ static bool scan_directory(connection_struct *conn, const char *path, if ((mangled && mangled_equal(name,dname,conn->params)) || fname_equal(name, dname, conn->case_sensitive)) { /* we've found the file, change it's name and return */ - *found_name = talloc_strdup(ctx,dname); + *found_name = talloc_strdup(mem_ctx, dname); TALLOC_FREE(unmangled_name); TALLOC_FREE(cur_dir); if (!*found_name) { -- cgit From c7521b25e9f364ced3fbdee3ccb463e93e97a1c3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Dec 2008 13:50:22 +0100 Subject: Apply some const --- source3/smbd/filename.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 9f2fe60f47..a5800aa85b 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -27,7 +27,7 @@ #include "includes.h" static bool get_real_filename(connection_struct *conn, const char *path, - char *name, TALLOC_CTX *mem_ctx, + const char *name, TALLOC_CTX *mem_ctx, char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, @@ -770,7 +770,7 @@ static bool fname_equal(const char *name1, const char *name2, ****************************************************************************/ static bool get_real_filename(connection_struct *conn, const char *path, - char *name, TALLOC_CTX *mem_ctx, + const char *name, TALLOC_CTX *mem_ctx, char **found_name) { struct smb_Dir *cur_dir; -- cgit From 31543640e6227e8dc808e365ba0bf6d2d5b08727 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:03:51 +0100 Subject: Change get_real_filename() to unix syscall conventions, make it non-static It sets errno, so it might as well return 0/-1. --- source3/smbd/filename.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index a5800aa85b..c803e40649 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,9 +26,9 @@ #include "includes.h" -static bool get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); +static int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -434,8 +434,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - !get_real_filename(conn, dirpath, start, - talloc_tos(), &found_name)) { + (get_real_filename( + conn, dirpath, start, + talloc_tos(), &found_name) == -1)) { char *unmangled; if (end) { @@ -769,9 +770,9 @@ static bool fname_equal(const char *name1, const char *name2, If the name looks like a mangled name then try via the mangling functions ****************************************************************************/ -static bool get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name) +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name) { struct smb_Dir *cur_dir; const char *dname; @@ -792,7 +793,7 @@ static bool get_real_filename(connection_struct *conn, const char *path, */ if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) { errno = ENOENT; - return False; + return -1; } /* @@ -824,7 +825,7 @@ static bool get_real_filename(connection_struct *conn, const char *path, if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) { DEBUG(3,("scan dir didn't open dir [%s]\n",path)); TALLOC_FREE(unmangled_name); - return(False); + return -1; } /* now scan for matching names */ @@ -855,16 +856,16 @@ static bool get_real_filename(connection_struct *conn, const char *path, TALLOC_FREE(cur_dir); if (!*found_name) { errno = ENOMEM; - return False; + return -1; } - return(True); + return 0; } } TALLOC_FREE(unmangled_name); TALLOC_FREE(cur_dir); errno = ENOENT; - return False; + return -1; } static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, -- cgit From 21b9dec990b08a104600bf8e408e64e805a02835 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:17:19 +0100 Subject: Pass the get_real_filename operation through the VFS This is done to help file systems that can tell us about the real upper/lower case combination given a case-insensitive file name. The sample I will soon push is the gpfs module (recent gpfs has a get_real_filename function), others might have a similar function to help alleviate the 1million files in a single directory problem. Jeremy, please comment! Thanks, Volker --- source3/include/vfs.h | 8 ++++++++ source3/include/vfs_macros.h | 3 +++ source3/modules/vfs_default.c | 12 ++++++++++++ source3/smbd/filename.c | 5 +---- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 383cd327ae..d02d14b854 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -210,6 +210,7 @@ typedef enum _vfs_op_type { SMB_VFS_OP_CHFLAGS, SMB_VFS_OP_FILE_ID_CREATE, SMB_VFS_OP_STREAMINFO, + SMB_VFS_OP_GET_REAL_FILENAME, /* NT ACL operations. */ @@ -375,6 +376,12 @@ struct vfs_ops { unsigned int *num_streams, struct stream_struct **streams); + int (*get_real_filename)(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name); + /* NT ACL operations. */ NTSTATUS (*fget_nt_acl)(struct vfs_handle_struct *handle, @@ -510,6 +517,7 @@ struct vfs_ops { struct vfs_handle_struct *chflags; struct vfs_handle_struct *file_id_create; struct vfs_handle_struct *streaminfo; + struct vfs_handle_struct *get_real_filename; /* NT ACL operations. */ diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index fa5dad8781..b008d86b3c 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -85,6 +85,7 @@ #define SMB_VFS_CHFLAGS(conn, path, flags) ((conn)->vfs.ops.chflags((conn)->vfs.handles.chflags, (path), (flags))) #define SMB_VFS_FILE_ID_CREATE(conn, dev, inode) ((conn)->vfs.ops.file_id_create((conn)->vfs.handles.file_id_create, (dev), (inode))) #define SMB_VFS_STREAMINFO(conn, fsp, fname, mem_ctx, num_streams, streams) ((conn)->vfs.ops.streaminfo((conn)->vfs.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs.ops.get_real_filename((conn)->vfs.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs.ops.fget_nt_acl((fsp)->conn->vfs.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) @@ -211,6 +212,7 @@ #define SMB_VFS_OPAQUE_CHFLAGS(conn, path, flags) ((conn)->vfs_opaque.ops.chflags((conn)->vfs_opaque.handles.chflags, (path), (flags))) #define SMB_VFS_OPAQUE_FILE_ID_CREATE(conn, dev, inode) ((conn)->vfs.ops_opaque.file_id_create((conn)->vfs_opaque.handles.file_id_create, (dev), (inode))) #define SMB_VFS_OPAQUE_STREAMINFO(conn, fsp, fname, mem_ctx, num_streams, streams) ((conn)->vfs_opaque.ops.streaminfo((conn)->vfs_opaque.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_OPAQUE_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs_opaque.ops.get_real_filename((conn)->vfs_opaque.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_OPAQUE_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs_opaque.ops.fget_nt_acl((fsp)->conn->vfs_opaque.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) @@ -338,6 +340,7 @@ #define SMB_VFS_NEXT_CHFLAGS(handle, path, flags) ((handle)->vfs_next.ops.chflags((handle)->vfs_next.handles.chflags, (path), (flags))) #define SMB_VFS_NEXT_FILE_ID_CREATE(handle, dev, inode) ((handle)->vfs_next.ops.file_id_create((handle)->vfs_next.handles.file_id_create, (dev), (inode))) #define SMB_VFS_NEXT_STREAMINFO(handle, fsp, fname, mem_ctx, num_streams, streams) ((handle)->vfs_next.ops.streaminfo((handle)->vfs_next.handles.streaminfo, (fsp), (fname), (mem_ctx), (num_streams), (streams))) +#define SMB_VFS_NEXT_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name) ((conn)->vfs_next.ops.get_real_filename((conn)->vfs_next.handles.get_real_filename, (path), (name), (mem_ctx), (found_name))) /* NT ACL operations. */ #define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc) ((handle)->vfs_next.ops.fget_nt_acl((handle)->vfs_next.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 6d8d8f8065..8fa8f6ae06 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1038,6 +1038,16 @@ static NTSTATUS vfswrap_streaminfo(vfs_handle_struct *handle, return NT_STATUS_OK; } +static int vfswrap_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + return get_real_filename(handle->conn, path, name, mem_ctx, + found_name); +} + static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) @@ -1459,6 +1469,8 @@ static vfs_op_tuple vfs_default_ops[] = { SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_streaminfo), SMB_VFS_OP_STREAMINFO, SMB_VFS_LAYER_OPAQUE}, + {SMB_VFS_OP(vfswrap_get_real_filename), SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE}, /* NT ACL operations. */ diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index c803e40649..d240ecfa64 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -26,9 +26,6 @@ #include "includes.h" -static int get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx, connection_struct *conn, const char *orig_path, @@ -434,7 +431,7 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, */ if (name_has_wildcard || - (get_real_filename( + (SMB_VFS_GET_REAL_FILENAME( conn, dirpath, start, talloc_tos(), &found_name) == -1)) { char *unmangled; -- cgit From a0efc4cffbd84898c454d27eaf946d073dfdad0f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:10:03 +0100 Subject: Fix some merge omissions for GPFS --- packaging/RHEL-CTDB/configure.rpm | 67 +++++++++++++++++++++++++-------------- source3/modules/gpfs.c | 10 +++--- source3/modules/vfs_gpfs.c | 13 ++++++-- 3 files changed, 60 insertions(+), 30 deletions(-) diff --git a/packaging/RHEL-CTDB/configure.rpm b/packaging/RHEL-CTDB/configure.rpm index 7596040205..358b40db10 100755 --- a/packaging/RHEL-CTDB/configure.rpm +++ b/packaging/RHEL-CTDB/configure.rpm @@ -1,37 +1,56 @@ +#!/bin/sh case `uname -m` in - x86_64) - libdir=/usr/lib64/samba - ;; - *) - libdir=/usr/lib/samba - ;; + x86_64) + _libarch=lib64 + ;; + *) + _libarch=lib + ;; esac -CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure \ - --prefix=/usr \ - --localstatedir=/var \ - --with-configdir=/etc/samba \ - --with-libdir=$libdir \ - --with-lockdir=/var/lib/samba \ - --with-logfilebase=/var/log/samba \ - --with-mandir=/usr/man \ - --with-piddir=/var/run \ - --with-privatedir=/etc/samba \ - --with-sambabook=/usr/share/swat/using_samba \ - --with-swatdir=/usr/share/swat \ +_libarchdir=/usr/${_libarch} + +_prefix=/usr +_sysconfdir=/etc +_mandir=/usr/man +_datadir=/usr/share + +# check for ccache +ccache -h 2>&1 > /dev/null +if [ $? -eq 0 ]; then + CC="ccache gcc" +else + CC="gcc" +fi + +./autogen.sh + +CC="$CC" CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure -C \ + --prefix=${_prefix} \ + --localstatedir=/var \ + --with-configdir=${_sysconfdir}/samba \ + --with-libdir=${_libarchdir}/samba \ + --with-pammodulesdir=/${_libarch}/security \ + --with-lockdir=/var/lib/samba \ + --with-logfilebase=/var/log/samba \ + --with-mandir=${_mandir} \ + --with-piddir=/var/run \ + --with-privatedir=${_sysconfdir}/samba \ + --with-sambabook=${_datadir}/swat/using_samba \ + --with-swatdir=${_datadir}/swat \ --disable-cups \ - --with-acl-support \ + --with-acl-support \ --with-ads \ - --with-automount \ - --with-fhs \ + --with-automount \ + --with-fhs \ --with-pam_smbpass \ --with-libsmbclient \ --with-libsmbsharemodes \ - --without-smbwrapper \ + --without-smbwrapper \ --with-pam \ --with-quotas \ - --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \ + --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2,vfs_gpfs \ --with-syslog \ --with-utmp \ --with-cluster-support \ @@ -40,3 +59,5 @@ CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure \ --without-dnsupdate \ --with-aio-support \ $* + +make showlayout diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 4e76b97ccf..c4b2518e02 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 @@ -143,7 +143,7 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **fn_pointer = (void **)pfn_pointer; if (*libhandle_pointer == NULL) { - *libhandle_pointer = dlopen(libname, RTLD_LAZY); + *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; } if (*libhandle_pointer == NULL) { @@ -151,12 +151,12 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, return false; } - *fn_pointer = dlsym(*libhandle_pointer, fn_name); + *fn_pointer = sys_dlsym(*libhandle_pointer, fn_name); if (*fn_pointer == NULL) { DEBUG(10, ("Did not find symbol %s in lib %s\n", fn_name, libname)); if (did_open_here) { - dlclose(*libhandle_pointer); + sys_dlclose(*libhandle_pointer); *libhandle_pointer = NULL; } return false; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fa0b4e97a5..a9e7a84249 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -365,7 +365,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -386,7 +386,12 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +{ + return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); +} + +static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } @@ -834,6 +839,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_set_nt_acl), + SMB_VFS_OP_SET_NT_ACL, + SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From a4b52118d44906882677ed1234428d8025134036 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:22:04 +0100 Subject: Fix nonempty blank lines in vfs_gpfs.c --- source3/modules/vfs_gpfs.c | 105 +++++++++++++++++++++------------------------ 1 file changed, 50 insertions(+), 55 deletions(-) diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index a9e7a84249..5cadce9e1d 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,26 +1,24 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . - - */ #include "includes.h" @@ -55,14 +53,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -301,13 +299,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -323,9 +321,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -483,7 +481,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -502,7 +500,6 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type) { @@ -562,7 +559,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -617,7 +614,6 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, - const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -644,7 +640,6 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, - const char *path) { errno = ENOTSUP; @@ -666,11 +661,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -683,10 +678,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -698,30 +693,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -740,35 +735,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -779,11 +774,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -799,7 +794,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -818,27 +813,27 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, @@ -846,27 +841,27 @@ static vfs_op_tuple gpfs_op_tuples[] = { { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -880,7 +875,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From b37684ffcec4ba0beada55d37bcaf4f5e79bcd58 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 12:32:24 +0100 Subject: Make use of smbd_gpfs_get_realfilename_path in unix_convert --- source3/modules/gpfs.c | 25 +++++++++++++++++++ source3/modules/vfs_gpfs.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index c4b2518e02..92aecb9fb6 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,6 +31,8 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); +static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, + int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -134,6 +136,17 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } +int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, + int *buflen) +{ + if (gpfs_get_realfilename_path_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); +} + static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -142,6 +155,9 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; + DEBUG(10, ("trying to load name %s from %s\n", + fn_name, libname)); + if (*libhandle_pointer == NULL) { *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -187,6 +203,8 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); + init_gpfs_function(&gpfs_get_realfilename_path_fn, + "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -226,6 +244,13 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } +int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, + int *buflen) +{ + errno = ENOSYS; + return -1; +} + void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 5cadce9e1d..780bd9b8a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,7 +72,64 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } +static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + int result; + char *full_path; + char real_pathname[PATH_MAX+1]; + int buflen; + + full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); + if (full_path == NULL) { + errno = ENOMEM; + return -1; + } + + buflen = sizeof(real_pathname) - 1; + + result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, + &buflen); + + TALLOC_FREE(full_path); + + if (result == -1) { + DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", + strerror(errno))); + return -1; + } + + /* + * GPFS does not necessarily null-terminate the returned path + * but instead returns the buffer length in buflen. + */ + if (buflen < sizeof(real_pathname)) { + real_pathname[buflen] = '\0'; + } else { + real_pathname[sizeof(real_pathname)-1] = '\0'; + } + + DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", + path, name, real_pathname)); + + name = strrchr_m(real_pathname, '/'); + if (name == NULL) { + errno = ENOENT; + return -1; + } + + *found_name = talloc_strdup(mem_ctx, name+1); + if (*found_name == NULL) { + errno = ENOMEM; + return -1; + } + + return 0; +} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -822,6 +879,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(vfs_gpfs_get_real_filename), + SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 3c93c96fd0fe362c35fe8127058f94868abc9342 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:17:59 +0100 Subject: Also search for -lgpfs which is available as GPL in GPFS PTF8 --- source3/configure.in | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/source3/configure.in b/source3/configure.in index 40e78e89d9..b90b1b3f60 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,6 +1052,20 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" +printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " +save_LIBS="$LIBS" +LIBS="$LIBS -lgpfs" +AC_TRY_LINK([#include ], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x"$samba_cv_HAVE_GPFS" = x"yes"; then + AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) + default_shared_modules="$default_shared_modules vfs_gpfs" +fi +LIBS="$save_LIBS" + ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From c044b09572631cbdd686e5dbbdfbcc731145533a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 16:58:40 +0100 Subject: Fix the build Crap, too many trees and no instant, infinitely fast rebuild --- source3/include/proto.h | 4 ++++ source3/modules/vfs_gpfs.c | 9 --------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 4feedcdb04..7fa6266910 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,6 +7896,10 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); + /* The following definitions come from smbd/files.c */ diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 780bd9b8a5..fae08dd252 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -446,11 +446,6 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } -static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); -} - static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) { SMB_ACL_T result; @@ -895,10 +890,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 7ad9676864a70366c3165c6f35e5c8665bc6468d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:13:34 +0100 Subject: Revert "Fix the build" This reverts commit c044b09572631cbdd686e5dbbdfbcc731145533a. --- source3/include/proto.h | 4 ---- source3/modules/vfs_gpfs.c | 9 +++++++++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 7fa6266910..4feedcdb04 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,10 +7896,6 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); -int get_real_filename(connection_struct *conn, const char *path, - const char *name, TALLOC_CTX *mem_ctx, - char **found_name); - /* The following definitions come from smbd/files.c */ diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fae08dd252..780bd9b8a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -446,6 +446,11 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } +static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) +{ + return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); +} + static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) { SMB_ACL_T result; @@ -890,6 +895,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_set_nt_acl), + SMB_VFS_OP_SET_NT_ACL, + SMB_VFS_LAYER_TRANSPARENT }, + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 0114cb52ca552bc8c70d6f8160ca5a481e41154d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:13:48 +0100 Subject: Revert "Also search for -lgpfs which is available as GPL in GPFS PTF8" This reverts commit 3c93c96fd0fe362c35fe8127058f94868abc9342. --- source3/configure.in | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/source3/configure.in b/source3/configure.in index b90b1b3f60..40e78e89d9 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,20 +1052,6 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" -printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " -save_LIBS="$LIBS" -LIBS="$LIBS -lgpfs" -AC_TRY_LINK([#include ], - [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], - samba_cv_HAVE_GPFS=yes, - samba_cv_HAVE_GPFS=no) -echo $samba_cv_HAVE_GPFS -if test x"$samba_cv_HAVE_GPFS" = x"yes"; then - AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) - default_shared_modules="$default_shared_modules vfs_gpfs" -fi -LIBS="$save_LIBS" - ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From 1896ccb24732fc9a3407224209d741640dd602d3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:01 +0100 Subject: Revert "Make use of smbd_gpfs_get_realfilename_path in unix_convert" This reverts commit b37684ffcec4ba0beada55d37bcaf4f5e79bcd58. --- source3/modules/gpfs.c | 25 ------------------- source3/modules/vfs_gpfs.c | 61 ---------------------------------------------- 2 files changed, 86 deletions(-) diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 92aecb9fb6..c4b2518e02 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,8 +31,6 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); -static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, - int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -136,17 +134,6 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } -int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, - int *buflen) -{ - if (gpfs_get_realfilename_path_fn == NULL) { - errno = ENOSYS; - return -1; - } - - return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); -} - static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -155,9 +142,6 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; - DEBUG(10, ("trying to load name %s from %s\n", - fn_name, libname)); - if (*libhandle_pointer == NULL) { *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -203,8 +187,6 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); - init_gpfs_function(&gpfs_get_realfilename_path_fn, - "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -244,13 +226,6 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } -int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, - int *buflen) -{ - errno = ENOSYS; - return -1; -} - void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 780bd9b8a5..5cadce9e1d 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,64 +72,7 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } -static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, - const char *path, - const char *name, - TALLOC_CTX *mem_ctx, - char **found_name) -{ - int result; - char *full_path; - char real_pathname[PATH_MAX+1]; - int buflen; - - full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); - if (full_path == NULL) { - errno = ENOMEM; - return -1; - } - - buflen = sizeof(real_pathname) - 1; - - result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, - &buflen); - - TALLOC_FREE(full_path); - - if (result == -1) { - DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", - strerror(errno))); - return -1; - } - - /* - * GPFS does not necessarily null-terminate the returned path - * but instead returns the buffer length in buflen. - */ - if (buflen < sizeof(real_pathname)) { - real_pathname[buflen] = '\0'; - } else { - real_pathname[sizeof(real_pathname)-1] = '\0'; - } - - DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", - path, name, real_pathname)); - - name = strrchr_m(real_pathname, '/'); - if (name == NULL) { - errno = ENOENT; - return -1; - } - - *found_name = talloc_strdup(mem_ctx, name+1); - if (*found_name == NULL) { - errno = ENOMEM; - return -1; - } - - return 0; -} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -879,10 +822,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - { SMB_VFS_OP(vfs_gpfs_get_real_filename), - SMB_VFS_OP_GET_REAL_FILENAME, - SMB_VFS_LAYER_OPAQUE }, - { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 8d641826595e3be8864097d4aea7a76879c173d6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:16 +0100 Subject: Revert "Fix nonempty blank lines in vfs_gpfs.c" This reverts commit a4b52118d44906882677ed1234428d8025134036. --- source3/modules/vfs_gpfs.c | 105 ++++++++++++++++++++++++--------------------- 1 file changed, 55 insertions(+), 50 deletions(-) diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 5cadce9e1d..a9e7a84249 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,24 +1,26 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . + + */ #include "includes.h" @@ -53,14 +55,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -299,13 +301,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -321,9 +323,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -481,7 +483,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -500,6 +502,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, + const char *path_p, SMB_ACL_TYPE_T type) { @@ -559,7 +562,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -614,6 +617,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, + const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -640,6 +644,7 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, + const char *path) { errno = ENOTSUP; @@ -661,11 +666,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -678,10 +683,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -693,30 +698,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -735,35 +740,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -774,11 +779,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -794,7 +799,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -813,27 +818,27 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, @@ -841,27 +846,27 @@ static vfs_op_tuple gpfs_op_tuples[] = { { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -875,7 +880,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From 7c2bdead9e3e4436e427668a16df367e14885cbc Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 23:14:46 +0100 Subject: Revert "Fix some merge omissions for GPFS" This reverts commit a0efc4cffbd84898c454d27eaf946d073dfdad0f. This one should have been done with careful cherry-picks, sorry. Volker --- packaging/RHEL-CTDB/configure.rpm | 67 ++++++++++++++------------------------- source3/modules/gpfs.c | 10 +++--- source3/modules/vfs_gpfs.c | 13 ++------ 3 files changed, 30 insertions(+), 60 deletions(-) diff --git a/packaging/RHEL-CTDB/configure.rpm b/packaging/RHEL-CTDB/configure.rpm index 358b40db10..7596040205 100755 --- a/packaging/RHEL-CTDB/configure.rpm +++ b/packaging/RHEL-CTDB/configure.rpm @@ -1,56 +1,37 @@ -#!/bin/sh case `uname -m` in - x86_64) - _libarch=lib64 - ;; - *) - _libarch=lib - ;; + x86_64) + libdir=/usr/lib64/samba + ;; + *) + libdir=/usr/lib/samba + ;; esac -_libarchdir=/usr/${_libarch} - -_prefix=/usr -_sysconfdir=/etc -_mandir=/usr/man -_datadir=/usr/share - -# check for ccache -ccache -h 2>&1 > /dev/null -if [ $? -eq 0 ]; then - CC="ccache gcc" -else - CC="gcc" -fi - -./autogen.sh - -CC="$CC" CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure -C \ - --prefix=${_prefix} \ - --localstatedir=/var \ - --with-configdir=${_sysconfdir}/samba \ - --with-libdir=${_libarchdir}/samba \ - --with-pammodulesdir=/${_libarch}/security \ - --with-lockdir=/var/lib/samba \ - --with-logfilebase=/var/log/samba \ - --with-mandir=${_mandir} \ - --with-piddir=/var/run \ - --with-privatedir=${_sysconfdir}/samba \ - --with-sambabook=${_datadir}/swat/using_samba \ - --with-swatdir=${_datadir}/swat \ +CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure \ + --prefix=/usr \ + --localstatedir=/var \ + --with-configdir=/etc/samba \ + --with-libdir=$libdir \ + --with-lockdir=/var/lib/samba \ + --with-logfilebase=/var/log/samba \ + --with-mandir=/usr/man \ + --with-piddir=/var/run \ + --with-privatedir=/etc/samba \ + --with-sambabook=/usr/share/swat/using_samba \ + --with-swatdir=/usr/share/swat \ --disable-cups \ - --with-acl-support \ + --with-acl-support \ --with-ads \ - --with-automount \ - --with-fhs \ + --with-automount \ + --with-fhs \ --with-pam_smbpass \ --with-libsmbclient \ --with-libsmbsharemodes \ - --without-smbwrapper \ + --without-smbwrapper \ --with-pam \ --with-quotas \ - --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2,vfs_gpfs \ + --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \ --with-syslog \ --with-utmp \ --with-cluster-support \ @@ -59,5 +40,3 @@ CC="$CC" CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure -C \ --without-dnsupdate \ --with-aio-support \ $* - -make showlayout diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index c4b2518e02..4e76b97ccf 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 @@ -143,7 +143,7 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **fn_pointer = (void **)pfn_pointer; if (*libhandle_pointer == NULL) { - *libhandle_pointer = sys_dlopen(libname, RTLD_LAZY); + *libhandle_pointer = dlopen(libname, RTLD_LAZY); did_open_here = true; } if (*libhandle_pointer == NULL) { @@ -151,12 +151,12 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, return false; } - *fn_pointer = sys_dlsym(*libhandle_pointer, fn_name); + *fn_pointer = dlsym(*libhandle_pointer, fn_name); if (*fn_pointer == NULL) { DEBUG(10, ("Did not find symbol %s in lib %s\n", fn_name, libname)); if (did_open_here) { - sys_dlclose(*libhandle_pointer); + dlclose(*libhandle_pointer); *libhandle_pointer = NULL; } return false; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index a9e7a84249..fa0b4e97a5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -365,7 +365,7 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) return True; } -static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { struct gpfs_acl *acl; NTSTATUS result = NT_STATUS_ACCESS_DENIED; @@ -386,12 +386,7 @@ static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_i return result; } -static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) -{ - return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); -} - -static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) +static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd) { return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } @@ -839,10 +834,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 94c44fcb6b9c67d3fac39b290c05c718b2980443 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 9 Dec 2008 13:18:06 +0100 Subject: Move the doxygen comments of wbclient to the header file. So that a developer who wants to use the wbclient api can read the documentation in the header file. Signed-off-by: Andreas Schneider Signed-off-by: Michael Adam --- source3/nsswitch/libwbclient/wbc_guid.c | 18 +- source3/nsswitch/libwbclient/wbc_idmap.c | 131 +-------- source3/nsswitch/libwbclient/wbc_pam.c | 96 +----- source3/nsswitch/libwbclient/wbc_pwd.c | 99 +------ source3/nsswitch/libwbclient/wbc_sid.c | 61 +--- source3/nsswitch/libwbclient/wbc_util.c | 78 +---- source3/nsswitch/libwbclient/wbclient.c | 8 +- source3/nsswitch/libwbclient/wbclient.h | 488 +++++++++++++++++++++++++++++-- 8 files changed, 524 insertions(+), 455 deletions(-) diff --git a/source3/nsswitch/libwbclient/wbc_guid.c b/source3/nsswitch/libwbclient/wbc_guid.c index 0cb33e9868..c343e24351 100644 --- a/source3/nsswitch/libwbclient/wbc_guid.c +++ b/source3/nsswitch/libwbclient/wbc_guid.c @@ -24,14 +24,7 @@ #include "libwbclient.h" -/** @brief Convert a binary GUID to a character string - * - * @param guid Binary Guid - * @param **guid_string Resulting character string - * - * @return #wbcErr - **/ - +/* Convert a binary GUID to a character string */ wbcErr wbcGuidToString(const struct wbcGuid *guid, char **guid_string) { @@ -59,14 +52,7 @@ done: return wbc_status; } -/** @brief Convert a character string to a binary GUID - * - * @param *str Character string - * @param guid Resulting binary GUID - * - * @return #wbcErr - **/ - +/* @brief Convert a character string to a binary GUID */ wbcErr wbcStringToGuid(const char *str, struct wbcGuid *guid) { diff --git a/source3/nsswitch/libwbclient/wbc_idmap.c b/source3/nsswitch/libwbclient/wbc_idmap.c index 81b369c87c..5b2ab875f6 100644 --- a/source3/nsswitch/libwbclient/wbc_idmap.c +++ b/source3/nsswitch/libwbclient/wbc_idmap.c @@ -24,15 +24,7 @@ #include "libwbclient.h" -/** @brief Convert a Windows SID to a Unix uid, allocating an uid if needed - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ - +/* Convert a Windows SID to a Unix uid, allocating an uid if needed */ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) { struct winbindd_request request; @@ -71,30 +63,14 @@ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid) return wbc_status; } -/** @brief Convert a Windows SID to a Unix uid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *puid Pointer to the resolved uid_t value - * - * @return #wbcErr - * - **/ - +/* Convert a Windows SID to a Unix uid if there already is a mapping */ wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, uid_t *puid) { return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Convert a Unix uid to a Windows SID, allocating a SID if needed - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix uid to a Windows SID, allocating a SID if needed */ wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -127,15 +103,7 @@ done: return wbc_status; } -/** @brief Convert a Unix uid to a Windows SID if there already is a mapping - * - * @param uid Unix uid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix uid to a Windows SID if there already is a mapping */ wbcErr wbcQueryUidToSid(uid_t uid, struct wbcDomainSid *sid) { @@ -189,14 +157,7 @@ wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid) return wbc_status; } -/** @brief Convert a Windows SID to a Unix gid if there already is a mapping - * - * @param *sid Pointer to the domain SID to be resolved - * @param *pgid Pointer to the resolved gid_t value - * - * @return #wbcErr - * - **/ +/* Convert a Windows SID to a Unix gid if there already is a mapping */ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, gid_t *pgid) @@ -204,15 +165,7 @@ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Convert a Unix gid to a Windows SID, allocating a SID if needed - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix gid to a Windows SID, allocating a SID if needed */ wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid) { struct winbindd_request request; @@ -245,28 +198,14 @@ done: return wbc_status; } -/** @brief Convert a Unix gid to a Windows SID if there already is a mapping - * - * @param gid Unix gid to be resolved - * @param *sid Pointer to the resolved domain SID - * - * @return #wbcErr - * - **/ - +/* Convert a Unix gid to a Windows SID if there already is a mapping */ wbcErr wbcQueryGidToSid(gid_t gid, struct wbcDomainSid *sid) { return WBC_ERR_NOT_IMPLEMENTED; } -/** @brief Obtain a new uid from Winbind - * - * @param *puid *pointer to the allocated uid - * - * @return #wbcErr - **/ - +/* Obtain a new uid from Winbind */ wbcErr wbcAllocateUid(uid_t *puid) { struct winbindd_request request; @@ -296,13 +235,7 @@ wbcErr wbcAllocateUid(uid_t *puid) return wbc_status; } -/** @brief Obtain a new gid from Winbind - * - * @param *pgid Pointer to the allocated gid - * - * @return #wbcErr - **/ - +/* Obtain a new gid from Winbind */ wbcErr wbcAllocateGid(gid_t *pgid) { struct winbindd_request request; @@ -336,13 +269,7 @@ wbcErr wbcAllocateGid(gid_t *pgid) #define _ID_TYPE_UID 1 #define _ID_TYPE_GID 2 -/** @brief Set an user id mapping - * - * @param uid Uid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ +/* Set an user id mapping */ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -379,13 +306,7 @@ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Set a group id mapping - * - * @param gid Gid of the desired mapping. - * @param *sid Pointer to the sid of the diresired mapping. - * - * @return #wbcErr - **/ +/* Set a group id mapping */ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -422,13 +343,7 @@ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Remove a user id mapping - * - * @param uid Uid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ +/* Remove a user id mapping */ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -465,13 +380,7 @@ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Remove a group id mapping - * - * @param gid Gid of the mapping to remove. - * @param *sid Pointer to the sid of the mapping to remove. - * - * @return #wbcErr - **/ +/* Remove a group id mapping */ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) { struct winbindd_request request; @@ -508,12 +417,7 @@ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid) return wbc_status; } -/** @brief Set the highwater mark for allocated uids. - * - * @param uid_hwm The new uid highwater mark value - * - * @return #wbcErr - **/ +/* Set the highwater mark for allocated uids. */ wbcErr wbcSetUidHwm(uid_t uid_hwm) { struct winbindd_request request; @@ -538,12 +442,7 @@ wbcErr wbcSetUidHwm(uid_t uid_hwm) return wbc_status; } -/** @brief Set the highwater mark for allocated gids. - * - * @param gid_hwm The new gid highwater mark value - * - * @return #wbcErr - **/ +/* Set the highwater mark for allocated gids. */ wbcErr wbcSetGidHwm(gid_t gid_hwm) { struct winbindd_request request; diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c index 401d2ad2c3..92c6643631 100644 --- a/source3/nsswitch/libwbclient/wbc_pam.c +++ b/source3/nsswitch/libwbclient/wbc_pam.c @@ -24,14 +24,7 @@ #include "libwbclient.h" -/** @brief Authenticate a username/password pair - * - * @param username Name of user to authenticate - * @param password Clear text password os user - * - * @return #wbcErr - **/ - +/* Authenticate a username/password pair */ wbcErr wbcAuthenticateUser(const char *username, const char *password) { @@ -305,16 +298,7 @@ done: return wbc_status; } -/** @brief Authenticate with more detailed information - * - * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH - * is not supported yet - * @param info Output details on WBC_ERR_SUCCESS - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - **/ - +/* Authenticate with more detailed information */ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error) @@ -496,16 +480,7 @@ done: return wbc_status; } -/** @brief Trigger a verification of the trust credentials of a specific domain - * - * @param *domain The name of the domain, only NULL for the default domain is - * supported yet. Other values than NULL will result in - * WBC_ERR_NOT_IMPLEMENTED. - * @param error Output details on WBC_ERR_AUTH_ERROR - * - * @return #wbcErr - * - **/ +/* Trigger a verification of the trust credentials of a specific domain */ wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error) { @@ -547,15 +522,7 @@ wbcErr wbcCheckTrustCredentials(const char *domain, return wbc_status; } -/** @brief Trigger an extended logoff notification to Winbind for a specific user - * - * @param params A wbcLogoffUserParams structure - * @param error User output details on error - * - * @return #wbcErr - * - **/ - +/* Trigger an extended logoff notification to Winbind for a specific user */ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, struct wbcAuthErrorInfo **error) { @@ -642,18 +609,7 @@ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, return wbc_status; } -/** @brief Trigger a logoff notification to Winbind for a specific user - * - * @param username Name of user to remove from Winbind's list of - * logged on users. - * @param uid Uid assigned to the username - * @param ccfilename Absolute path to the Krb5 credentials cache to - * be removed - * - * @return #wbcErr - * - **/ - +/* Trigger a logoff notification to Winbind for a specific user */ wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename) @@ -693,16 +649,7 @@ wbcErr wbcLogoffUser(const char *username, return wbc_status; } -/** @brief Change a password for a user with more detailed information upon - * failure - * @param params Input parameters - * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED - * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED - * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED - * - * @return #wbcErr - **/ - +/* Change a password for a user with more detailed information upon failure */ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, struct wbcAuthErrorInfo **error, enum wbcPasswordChangeRejectReason *reject_reason, @@ -907,15 +854,7 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, return wbc_status; } -/** @brief Change a password for a user - * - * @param username Name of user to authenticate - * @param old_password Old clear text password of user - * @param new_password New clear text password of user - * - * @return #wbcErr - **/ - +/* Change a password for a user */ wbcErr wbcChangeUserPassword(const char *username, const char *old_password, const char *new_password) @@ -940,17 +879,7 @@ done: return wbc_status; } -/** @brief Logon a User - * - * @param[in] params Pointer to a wbcLogonUserParams structure - * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure - * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure - * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure - * - * @return #wbcErr - * - **/ - +/* Logon a User */ wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, struct wbcLogonUserInfo **info, struct wbcAuthErrorInfo **error, @@ -1096,14 +1025,7 @@ done: return wbc_status; } -/** @brief Authenticate a user with cached credentials - * - * @param *params Pointer to a wbcCredentialCacheParams structure - * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure - * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure - * - * @return #wbcErr - **/ +/* Authenticate a user with cached credentials */ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, struct wbcCredentialCacheInfo **info, struct wbcAuthErrorInfo **error) diff --git a/source3/nsswitch/libwbclient/wbc_pwd.c b/source3/nsswitch/libwbclient/wbc_pwd.c index d54a5af4fc..cd945996c8 100644 --- a/source3/nsswitch/libwbclient/wbc_pwd.c +++ b/source3/nsswitch/libwbclient/wbc_pwd.c @@ -126,15 +126,7 @@ done: return grp; } -/** @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on username */ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -167,15 +159,7 @@ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param uid Uid to lookup - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on uid */ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -206,15 +190,7 @@ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on username - * - * @param *name Username to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on username */ wbcErr wbcGetgrnam(const char *name, struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -251,15 +227,7 @@ wbcErr wbcGetgrnam(const char *name, struct group **grp) return wbc_status; } -/** @brief Fill in a struct passwd* for a domain user based - * on uid - * - * @param gid Uid to lookup - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Fill in a struct passwd* for a domain user based on uid */ wbcErr wbcGetgrgid(gid_t gid, struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -309,11 +277,7 @@ static uint32_t pw_cache_idx; */ static struct winbindd_response pw_response; -/** @brief Reset the passwd iterator - * - * @return #wbcErr - **/ - +/* Reset the passwd iterator */ wbcErr wbcSetpwent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -335,11 +299,7 @@ wbcErr wbcSetpwent(void) return wbc_status; } -/** @brief Close the passwd iterator - * - * @return #wbcErr - **/ - +/* Close the passwd iterator */ wbcErr wbcEndpwent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -359,13 +319,7 @@ wbcErr wbcEndpwent(void) return wbc_status; } -/** @brief Return the next struct passwd* entry from the pwent iterator - * - * @param **pwd Pointer to resulting struct passwd* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct passwd* entry from the pwent iterator */ wbcErr wbcGetpwent(struct passwd **pwd) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -425,11 +379,7 @@ static uint32_t gr_cache_idx; */ static struct winbindd_response gr_response; -/** @brief Reset the group iterator - * - * @return #wbcErr - **/ - +/* Reset the group iterator */ wbcErr wbcSetgrent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -451,11 +401,7 @@ wbcErr wbcSetgrent(void) return wbc_status; } -/** @brief Close the group iterator - * - * @return #wbcErr - **/ - +/* Close the group iterator */ wbcErr wbcEndgrent(void) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -475,13 +421,7 @@ wbcErr wbcEndgrent(void) return wbc_status; } -/** @brief Return the next struct group* entry from the pwent iterator - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct group* entry from the pwent iterator */ wbcErr wbcGetgrent(struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -531,15 +471,7 @@ done: return wbc_status; } -/** @brief Return the next struct group* entry from the pwent iterator - * - * This is similar to #wbcGetgrent, just that the member list is empty - * - * @param **grp Pointer to resulting struct group* from the query. - * - * @return #wbcErr - **/ - +/* Return the next struct group* entry from the pwent iterator */ wbcErr wbcGetgrlist(struct group **grp) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -584,14 +516,7 @@ done: return wbc_status; } -/** @brief Return the unix group array belonging to the given user - * - * @param *account The given user name - * @param *num_groups Number of elements returned in the groups array - * @param **_groups Pointer to resulting gid_t array. - * - * @return #wbcErr - **/ +/* Return the unix group array belonging to the given user */ wbcErr wbcGetGroups(const char *account, uint32_t *num_groups, gid_t **_groups) diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index 92de22e901..e2157b9609 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -25,14 +25,7 @@ #include "libwbclient.h" -/** @brief Convert a binary SID to a character string - * - * @param sid Binary Security Identifier - * @param **sid_string Resulting character string - * - * @return #wbcErr - **/ - +/* Convert a binary SID to a character string */ wbcErr wbcSidToString(const struct wbcDomainSid *sid, char **sid_string) { @@ -73,14 +66,7 @@ done: return wbc_status; } -/** @brief Convert a character string to a binary SID - * - * @param *str Character string in the form of S-... - * @param sid Resulting binary SID - * - * @return #wbcErr - **/ - +/* Convert a character string to a binary SID */ wbcErr wbcStringToSid(const char *str, struct wbcDomainSid *sid) { @@ -163,17 +149,7 @@ done: } -/** @brief Convert a domain and name to SID - * - * @param domain Domain name (possibly "") - * @param name User or group name - * @param *sid Pointer to the resolved domain SID - * @param *name_type Pointer to the SID type - * - * @return #wbcErr - * - **/ - +/* Convert a domain and name to SID */ wbcErr wbcLookupName(const char *domain, const char *name, struct wbcDomainSid *sid, @@ -216,17 +192,7 @@ wbcErr wbcLookupName(const char *domain, return wbc_status; } -/** @brief Convert a SID to a domain and name - * - * @param *sid Pointer to the domain SID to be resolved - * @param pdomain Resolved Domain name (possibly "") - * @param pname Resolved User or group name - * @param *pname_type Pointer to the resolved SID type - * - * @return #wbcErr - * - **/ - +/* Convert a SID to a domain and name */ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **pdomain, char **pname, @@ -310,9 +276,7 @@ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, return wbc_status; } -/** @brief Translate a collection of RIDs within a domain to names - * - **/ +/* Translate a collection of RIDs within a domain to names */ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, int num_rids, @@ -448,10 +412,7 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, return wbc_status; } -/** @brief Get the groups a user belongs to - * - **/ - +/* Get the groups a user belongs to */ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, bool domain_groups_only, uint32_t *num_sids, @@ -530,10 +491,7 @@ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, return wbc_status; } -/** @brief Lists Users - * - **/ - +/* Lists Users */ wbcErr wbcListUsers(const char *domain_name, uint32_t *_num_users, const char ***_users) @@ -601,10 +559,7 @@ wbcErr wbcListUsers(const char *domain_name, return wbc_status; } -/** @brief Lists Groups - * - **/ - +/* Lists Groups */ wbcErr wbcListGroups(const char *domain_name, uint32_t *_num_groups, const char ***_groups) diff --git a/source3/nsswitch/libwbclient/wbc_util.c b/source3/nsswitch/libwbclient/wbc_util.c index b4868748ae..7cfb64b87e 100644 --- a/source3/nsswitch/libwbclient/wbc_util.c +++ b/source3/nsswitch/libwbclient/wbc_util.c @@ -119,16 +119,7 @@ done: } -/** @brief Lookup the current status of a trusted domain - * - * @param domain Domain to query - * @param *dinfo Pointer to returned domain_info struct - * - * @return #wbcErr - * - **/ - - +/* Lookup the current status of a trusted domain */ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) { struct winbindd_request request; @@ -189,14 +180,7 @@ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **dinfo) } -/** @brief Resolve a NetbiosName via WINS - * - * @param name Name to resolve - * @param *ip Pointer to the ip address string - * - * @return #wbcErr - * - **/ +/* Resolve a NetbiosName via WINS */ wbcErr wbcResolveWinsByName(const char *name, char **ip) { struct winbindd_request request; @@ -229,14 +213,7 @@ wbcErr wbcResolveWinsByName(const char *name, char **ip) return wbc_status; } -/** @brief Resolve an IP address via WINS into a NetbiosName - * - * @param ip The ip address string - * @param *name Pointer to the name - * - * @return #wbcErr - * - **/ +/* Resolve an IP address via WINS into a NetbiosName */ wbcErr wbcResolveWinsByIP(const char *ip, char **name) { struct winbindd_request request; @@ -401,14 +378,7 @@ static wbcErr process_domain_info_string(TALLOC_CTX *ctx, return wbc_status; } -/** @brief Enumerate the domain trusts known by Winbind - * - * @param **domains Pointer to the allocated domain list array - * @param *num_domains Pointer to number of domains returned - * - * @return #wbcErr - * - **/ +/* Enumerate the domain trusts known by Winbind */ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) { struct winbindd_response response; @@ -493,18 +463,7 @@ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains) return wbc_status; } -/** @brief Enumerate the domain trusts known by Winbind - * - * @param domain Name of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned domain controller information - * - * @return #wbcErr - * - **/ - - - +/* Enumerate the domain trusts known by Winbind */ wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, struct wbcDomainControllerInfo **dc_info) @@ -617,18 +576,7 @@ done: return wbc_status; } -/** @brief Get extended domain controller information - * - * @param domain Name of the domain to query for a DC - * @param guid Guid of the domain to query for a DC - * @param site Site of the domain to query for a DC - * @param flags Bit flags used to control the domain location query - * @param *dc_info Pointer to the returned extended domain controller information - * - * @return #wbcErr - * - **/ - +/* Get extended domain controller information */ wbcErr wbcLookupDomainControllerEx(const char *domain, struct wbcGuid *guid, const char *site, @@ -690,19 +638,7 @@ done: return wbc_status; } -/** @brief Initialize a named blob and add to list of blobs - * - * @param[in,out] num_blobs Pointer to the number of blobs - * @param[in,out] blobs Pointer to an array of blobs - * @param[in] name Name of the new named blob - * @param[in] flags Flags of the new named blob - * @param[in] data Blob data of new blob - * @param[in] length Blob data length of new blob - * - * @return #wbcErr - * - **/ - +/* Initialize a named blob and add to list of blobs */ wbcErr wbcAddNamedBlob(size_t *num_blobs, struct wbcNamedBlob **blobs, const char *name, diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c index c0b7e0675a..3a9afad15d 100644 --- a/source3/nsswitch/libwbclient/wbclient.c +++ b/source3/nsswitch/libwbclient/wbclient.c @@ -123,13 +123,7 @@ const char *wbcErrorString(wbcErr error) return "unknown wbcErr value"; } -/** @brief Free library allocated memory - * - * @param *p Pointer to free - * - * @return void - **/ - +/* Free library allocated memory */ void wbcFreeMemory(void *p) { if (p) diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h index cb31360407..fcad3ff69b 100644 --- a/source3/nsswitch/libwbclient/wbclient.h +++ b/source3/nsswitch/libwbclient/wbclient.h @@ -486,10 +486,17 @@ struct wbcDomainControllerInfoEx { const char *client_site_name; }; -/* +/********************************************************** * Memory Management - */ + **********************************************************/ +/** + * @brief Free library allocated memory + * + * @param *p Pointer to free + * + * @return void + **/ void wbcFreeMemory(void*); @@ -497,9 +504,25 @@ void wbcFreeMemory(void*); * Utility functions for dealing with SIDs */ +/** + * @brief Convert a binary SID to a character string + * + * @param sid Binary Security Identifier + * @param **sid_string Resulting character string + * + * @return #wbcErr + **/ wbcErr wbcSidToString(const struct wbcDomainSid *sid, char **sid_string); +/** + * @brief Convert a character string to a binary SID + * + * @param *str Character string in the form of S-... + * @param sid Resulting binary SID + * + * @return #wbcErr + **/ wbcErr wbcStringToSid(const char *sid_string, struct wbcDomainSid *sid); @@ -507,32 +530,76 @@ wbcErr wbcStringToSid(const char *sid_string, * Utility functions for dealing with GUIDs */ +/** + * @brief Convert a binary GUID to a character string + * + * @param guid Binary Guid + * @param **guid_string Resulting character string + * + * @return #wbcErr + **/ wbcErr wbcGuidToString(const struct wbcGuid *guid, char **guid_string); +/** + * @brief Convert a character string to a binary GUID + * + * @param *str Character string + * @param guid Resulting binary GUID + * + * @return #wbcErr + **/ wbcErr wbcStringToGuid(const char *guid_string, struct wbcGuid *guid); +/** + * @brief Ping winbindd to see if the daemon is running + * + * @return #wbcErr + **/ wbcErr wbcPing(void); wbcErr wbcLibraryDetails(struct wbcLibraryDetails **details); wbcErr wbcInterfaceDetails(struct wbcInterfaceDetails **details); -/* +/********************************************************** * Name/SID conversion - */ + **********************************************************/ +/** + * @brief Convert a domain and name to SID + * + * @param domain Domain name (possibly "") + * @param name User or group name + * @param *sid Pointer to the resolved domain SID + * @param *name_type Pointer to the SID type + * + * @return #wbcErr + **/ wbcErr wbcLookupName(const char *dom_name, const char *name, struct wbcDomainSid *sid, enum wbcSidType *name_type); +/** + * @brief Convert a SID to a domain and name + * + * @param *sid Pointer to the domain SID to be resolved + * @param pdomain Resolved Domain name (possibly "") + * @param pname Resolved User or group name + * @param *pname_type Pointer to the resolved SID type + * + * @return #wbcErr + **/ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, char **domain, char **name, enum wbcSidType *name_type); +/** + * @brief Translate a collection of RIDs within a domain to names + */ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, int num_rids, uint32_t *rids, @@ -540,15 +607,24 @@ wbcErr wbcLookupRids(struct wbcDomainSid *dom_sid, const char ***names, enum wbcSidType **types); +/* + * @brief Get the groups a user belongs to + **/ wbcErr wbcLookupUserSids(const struct wbcDomainSid *user_sid, bool domain_groups_only, uint32_t *num_sids, struct wbcDomainSid **sids); +/** + * @brief Lists Users + **/ wbcErr wbcListUsers(const char *domain_name, uint32_t *num_users, const char ***users); +/** + * @brief Lists Groups + **/ wbcErr wbcListGroups(const char *domain_name, uint32_t *num_groups, const char ***groups); @@ -558,88 +634,324 @@ wbcErr wbcGetDisplayName(const struct wbcDomainSid *sid, char **pfullname, enum wbcSidType *pname_type); -/* +/********************************************************** * SID/uid/gid Mappings - */ + **********************************************************/ +/** + * @brief Convert a Windows SID to a Unix uid, allocating an uid if needed + * + * @param *sid Pointer to the domain SID to be resolved + * @param *puid Pointer to the resolved uid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid); +/** + * @brief Convert a Windows SID to a Unix uid if there already is a mapping + * + * @param *sid Pointer to the domain SID to be resolved + * @param *puid Pointer to the resolved uid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid, uid_t *puid); +/** + * @brief Convert a Unix uid to a Windows SID, allocating a SID if needed + * + * @param uid Unix uid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcUidToSid(uid_t uid, struct wbcDomainSid *sid); +/** + * @brief Convert a Unix uid to a Windows SID if there already is a mapping + * + * @param uid Unix uid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcQueryUidToSid(uid_t uid, struct wbcDomainSid *sid); +/** + * @brief Convert a Windows SID to a Unix gid, allocating a gid if needed + * + * @param *sid Pointer to the domain SID to be resolved + * @param *pgid Pointer to the resolved gid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid); +/** + * @brief Convert a Windows SID to a Unix gid if there already is a mapping + * + * @param *sid Pointer to the domain SID to be resolved + * @param *pgid Pointer to the resolved gid_t value + * + * @return #wbcErr + * + **/ wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid, gid_t *pgid); +/** + * @brief Convert a Unix gid to a Windows SID, allocating a SID if needed + * + * @param gid Unix gid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcGidToSid(gid_t gid, struct wbcDomainSid *sid); +/** + * @brief Convert a Unix gid to a Windows SID if there already is a mapping + * + * @param gid Unix gid to be resolved + * @param *sid Pointer to the resolved domain SID + * + * @return #wbcErr + * + **/ wbcErr wbcQueryGidToSid(gid_t gid, struct wbcDomainSid *sid); +/** + * @brief Obtain a new uid from Winbind + * + * @param *puid *pointer to the allocated uid + * + * @return #wbcErr + **/ wbcErr wbcAllocateUid(uid_t *puid); +/** + * @brief Obtain a new gid from Winbind + * + * @param *pgid Pointer to the allocated gid + * + * @return #wbcErr + **/ wbcErr wbcAllocateGid(gid_t *pgid); +/** + * @brief Set an user id mapping + * + * @param uid Uid of the desired mapping. + * @param *sid Pointer to the sid of the diresired mapping. + * + * @return #wbcErr + **/ wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid); +/** + * @brief Set a group id mapping + * + * @param gid Gid of the desired mapping. + * @param *sid Pointer to the sid of the diresired mapping. + * + * @return #wbcErr + **/ wbcErr wbcSetGidMapping(gid_t gid, const struct wbcDomainSid *sid); +/** + * @brief Remove a user id mapping + * + * @param uid Uid of the mapping to remove. + * @param *sid Pointer to the sid of the mapping to remove. + * + * @return #wbcErr + **/ wbcErr wbcRemoveUidMapping(uid_t uid, const struct wbcDomainSid *sid); +/** + * @brief Remove a group id mapping + * + * @param gid Gid of the mapping to remove. + * @param *sid Pointer to the sid of the mapping to remove. + * + * @return #wbcErr + **/ wbcErr wbcRemoveGidMapping(gid_t gid, const struct wbcDomainSid *sid); +/** + * @brief Set the highwater mark for allocated uids. + * + * @param uid_hwm The new uid highwater mark value + * + * @return #wbcErr + **/ wbcErr wbcSetUidHwm(uid_t uid_hwm); +/** + * @brief Set the highwater mark for allocated gids. + * + * @param gid_hwm The new gid highwater mark value + * + * @return #wbcErr + **/ wbcErr wbcSetGidHwm(gid_t gid_hwm); -/* +/********************************************************** * NSS Lookup User/Group details - */ + **********************************************************/ +/** + * @brief Fill in a struct passwd* for a domain user based + * on username + * + * @param *name Username to lookup + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwnam(const char *name, struct passwd **pwd); +/** + * @brief Fill in a struct passwd* for a domain user based + * on uid + * + * @param uid Uid to lookup + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd); +/** + * @brief Fill in a struct passwd* for a domain user based + * on username + * + * @param *name Username to lookup + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrnam(const char *name, struct group **grp); +/** + * @brief Fill in a struct passwd* for a domain user based + * on uid + * + * @param gid Uid to lookup + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrgid(gid_t gid, struct group **grp); +/** + * @brief Reset the passwd iterator + * + * @return #wbcErr + **/ wbcErr wbcSetpwent(void); +/** + * @brief Close the passwd iterator + * + * @return #wbcErr + **/ wbcErr wbcEndpwent(void); +/** + * @brief Return the next struct passwd* entry from the pwent iterator + * + * @param **pwd Pointer to resulting struct passwd* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetpwent(struct passwd **pwd); +/** + * @brief Reset the group iterator + * + * @return #wbcErr + **/ wbcErr wbcSetgrent(void); +/** + * @brief Close the group iterator + * + * @return #wbcErr + **/ wbcErr wbcEndgrent(void); +/** + * @brief Return the next struct group* entry from the pwent iterator + * + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrent(struct group **grp); +/** + * @brief Return the next struct group* entry from the pwent iterator + * + * This is similar to #wbcGetgrent, just that the member list is empty + * + * @param **grp Pointer to resulting struct group* from the query. + * + * @return #wbcErr + **/ wbcErr wbcGetgrlist(struct group **grp); +/** + * @brief Return the unix group array belonging to the given user + * + * @param *account The given user name + * @param *num_groups Number of elements returned in the groups array + * @param **_groups Pointer to resulting gid_t array. + * + * @return #wbcErr + **/ wbcErr wbcGetGroups(const char *account, uint32_t *num_groups, gid_t **_groups); -/* +/********************************************************** * Lookup Domain information - */ + **********************************************************/ +/** + * @brief Lookup the current status of a trusted domain + * + * @param domain Domain to query + * @param *dinfo Pointer to returned domain_info struct + * + * @return #wbcErr + **/ wbcErr wbcDomainInfo(const char *domain, struct wbcDomainInfo **info); +/** + * @brief Enumerate the domain trusts known by Winbind + * + * @param **domains Pointer to the allocated domain list array + * @param *num_domains Pointer to number of domains returned + * + * @return #wbcErr + **/ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, size_t *num_domains); @@ -665,66 +977,206 @@ wbcErr wbcListTrusts(struct wbcDomainInfo **domains, #define WBC_LOOKUP_DC_RETURN_DNS_NAME 0x40000000 #define WBC_LOOKUP_DC_RETURN_FLAT_NAME 0x80000000 +/** + * @brief Enumerate the domain trusts known by Winbind + * + * @param domain Name of the domain to query for a DC + * @param flags Bit flags used to control the domain location query + * @param *dc_info Pointer to the returned domain controller information + * + * @return #wbcErr + **/ wbcErr wbcLookupDomainController(const char *domain, uint32_t flags, struct wbcDomainControllerInfo **dc_info); +/** + * @brief Get extended domain controller information + * + * @param domain Name of the domain to query for a DC + * @param guid Guid of the domain to query for a DC + * @param site Site of the domain to query for a DC + * @param flags Bit flags used to control the domain location query + * @param *dc_info Pointer to the returned extended domain controller information + * + * @return #wbcErr + **/ wbcErr wbcLookupDomainControllerEx(const char *domain, struct wbcGuid *guid, const char *site, uint32_t flags, struct wbcDomainControllerInfoEx **dc_info); -/* +/********************************************************** * Athenticate functions - */ + **********************************************************/ +/** + * @brief Authenticate a username/password pair + * + * @param username Name of user to authenticate + * @param password Clear text password os user + * + * @return #wbcErr + **/ wbcErr wbcAuthenticateUser(const char *username, const char *password); +/** + * @brief Authenticate with more detailed information + * + * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH + * is not supported yet + * @param info Output details on WBC_ERR_SUCCESS + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + **/ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, struct wbcAuthUserInfo **info, struct wbcAuthErrorInfo **error); +/** + * @brief Logon a User + * + * @param[in] params Pointer to a wbcLogonUserParams structure + * @param[out] info Pointer to a pointer to a wbcLogonUserInfo structure + * @param[out] error Pointer to a pointer to a wbcAuthErrorInfo structure + * @param[out] policy Pointer to a pointer to a wbcUserPasswordPolicyInfo structure + * + * @return #wbcErr + **/ wbcErr wbcLogonUser(const struct wbcLogonUserParams *params, struct wbcLogonUserInfo **info, struct wbcAuthErrorInfo **error, struct wbcUserPasswordPolicyInfo **policy); +/** + * @brief Trigger a logoff notification to Winbind for a specific user + * + * @param username Name of user to remove from Winbind's list of + * logged on users. + * @param uid Uid assigned to the username + * @param ccfilename Absolute path to the Krb5 credentials cache to + * be removed + * + * @return #wbcErr + **/ wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename); +/** + * @brief Trigger an extended logoff notification to Winbind for a specific user + * + * @param params A wbcLogoffUserParams structure + * @param error User output details on error + * + * @return #wbcErr + **/ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, struct wbcAuthErrorInfo **error); +/** + * @brief Change a password for a user + * + * @param username Name of user to authenticate + * @param old_password Old clear text password of user + * @param new_password New clear text password of user + * + * @return #wbcErr + **/ wbcErr wbcChangeUserPassword(const char *username, const char *old_password, const char *new_password); +/** + * @brief Change a password for a user with more detailed information upon + * failure + * + * @param params Input parameters + * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED + * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED + * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED + * + * @return #wbcErr + **/ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, struct wbcAuthErrorInfo **error, enum wbcPasswordChangeRejectReason *reject_reason, struct wbcUserPasswordPolicyInfo **policy); +/** + * @brief Authenticate a user with cached credentials + * + * @param *params Pointer to a wbcCredentialCacheParams structure + * @param **info Pointer to a pointer to a wbcCredentialCacheInfo structure + * @param **error Pointer to a pointer to a wbcAuthErrorInfo structure + * + * @return #wbcErr + **/ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, struct wbcCredentialCacheInfo **info, struct wbcAuthErrorInfo **error); -/* +/********************************************************** * Resolve functions - */ + **********************************************************/ + +/** + * @brief Resolve a NetbiosName via WINS + * + * @param name Name to resolve + * @param *ip Pointer to the ip address string + * + * @return #wbcErr + **/ wbcErr wbcResolveWinsByName(const char *name, char **ip); + +/** + * @brief Resolve an IP address via WINS into a NetbiosName + * + * @param ip The ip address string + * @param *name Pointer to the name + * + * @return #wbcErr + * + **/ wbcErr wbcResolveWinsByIP(const char *ip, char **name); -/* +/********************************************************** * Trusted domain functions - */ + **********************************************************/ + +/** + * @brief Trigger a verification of the trust credentials of a specific domain + * + * @param *domain The name of the domain, only NULL for the default domain is + * supported yet. Other values than NULL will result in + * WBC_ERR_NOT_IMPLEMENTED. + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + **/ wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error); -/* + +/********************************************************** * Helper functions - */ + **********************************************************/ + +/** + * @brief Initialize a named blob and add to list of blobs + * + * @param[in,out] num_blobs Pointer to the number of blobs + * @param[in,out] blobs Pointer to an array of blobs + * @param[in] name Name of the new named blob + * @param[in] flags Flags of the new named blob + * @param[in] data Blob data of new blob + * @param[in] length Blob data length of new blob + * + * @return #wbcErr + **/ wbcErr wbcAddNamedBlob(size_t *num_blobs, struct wbcNamedBlob **blobs, const char *name, -- cgit From e0a0b0a0cb3db426d05b641e1fa43d9e7f28ab71 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 18 Sep 2008 05:02:14 +0200 Subject: packaging(RHEL-CTDB): adapt configure.rpm to changes to the spec file Michael (cherry picked from commit d249a9ca2a1761f20655cbcfe39fbc942547974d) Signed-off-by: Michael Adam --- packaging/RHEL-CTDB/configure.rpm | 66 ++++++++++++++++++++++++++------------- 1 file changed, 44 insertions(+), 22 deletions(-) diff --git a/packaging/RHEL-CTDB/configure.rpm b/packaging/RHEL-CTDB/configure.rpm index 7596040205..444d3e2a8c 100755 --- a/packaging/RHEL-CTDB/configure.rpm +++ b/packaging/RHEL-CTDB/configure.rpm @@ -1,34 +1,53 @@ +#!/bin/sh case `uname -m` in - x86_64) - libdir=/usr/lib64/samba - ;; - *) - libdir=/usr/lib/samba - ;; + x86_64) + _libarch=lib64 + ;; + *) + _libarch=lib + ;; esac -CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure \ - --prefix=/usr \ - --localstatedir=/var \ - --with-configdir=/etc/samba \ - --with-libdir=$libdir \ - --with-lockdir=/var/lib/samba \ - --with-logfilebase=/var/log/samba \ - --with-mandir=/usr/man \ - --with-piddir=/var/run \ - --with-privatedir=/etc/samba \ - --with-sambabook=/usr/share/swat/using_samba \ - --with-swatdir=/usr/share/swat \ +_libarchdir=/usr/${_libarch} + +_prefix=/usr +_sysconfdir=/etc +_mandir=/usr/man +_datadir=/usr/share + +# check for ccache +ccache -h 2>&1 > /dev/null +if [ $? -eq 0 ]; then + CC="ccache gcc" +else + CC="gcc" +fi + +./autogen.sh + +CC="$CC" CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure -C \ + --prefix=${_prefix} \ + --localstatedir=/var \ + --with-configdir=${_sysconfdir}/samba \ + --with-libdir=${_libarchdir}/samba \ + --with-pammodulesdir=/${_libarch}/security \ + --with-lockdir=/var/lib/samba \ + --with-logfilebase=/var/log/samba \ + --with-mandir=${_mandir} \ + --with-piddir=/var/run \ + --with-privatedir=${_sysconfdir}/samba \ + --with-sambabook=${_datadir}/swat/using_samba \ + --with-swatdir=${_datadir}/swat \ --disable-cups \ - --with-acl-support \ + --with-acl-support \ --with-ads \ - --with-automount \ - --with-fhs \ + --with-automount \ + --with-fhs \ --with-pam_smbpass \ --with-libsmbclient \ --with-libsmbsharemodes \ - --without-smbwrapper \ + --without-smbwrapper \ --with-pam \ --with-quotas \ --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \ @@ -40,3 +59,6 @@ CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure \ --without-dnsupdate \ --with-aio-support \ $* + +make showlayout + -- cgit From f4f477f4320835245d5d45546a7dee8dc1f4100c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 1 Dec 2008 03:05:40 +0100 Subject: packaging(RHEL-CTDB): explicitly build the gpfs module to prevent potetential problems on PTF8 systems where there is no valid autodetecting configure check yet. Michael (cherry picked from commit 37039d345e9a25654bef038f2b8bb4b891cfa6f0) Signed-off-by: Michael Adam --- packaging/RHEL-CTDB/configure.rpm | 2 +- packaging/RHEL-CTDB/samba.spec.tmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/RHEL-CTDB/configure.rpm b/packaging/RHEL-CTDB/configure.rpm index 444d3e2a8c..b9a1ee12c2 100755 --- a/packaging/RHEL-CTDB/configure.rpm +++ b/packaging/RHEL-CTDB/configure.rpm @@ -50,7 +50,7 @@ CC="$CC" CFLAGS="-Wall -g -D_GNU_SOURCE" ./configure -C \ --without-smbwrapper \ --with-pam \ --with-quotas \ - --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \ + --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2,vfs_gpfs \ --with-syslog \ --with-utmp \ --with-cluster-support \ diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index b34f01f659..910fe37f34 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -167,7 +167,7 @@ CFLAGS="$RPM_OPT_FLAGS $EXTRA -D_GNU_SOURCE" ./configure \ --without-smbwrapper \ --with-pam \ --with-quotas \ - --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2 \ + --with-shared-modules=idmap_rid,idmap_ad,idmap_tdb2,vfs_gpfs \ --with-syslog \ --with-utmp \ --with-cluster-support \ -- cgit From 8e0cce5b38c4d12ff490eadecb028155b6eb5dce Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 1 Oct 2008 12:26:55 +0200 Subject: s3:modules/gpfs: Fix nonempty blank lines --- source3/modules/gpfs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 4e76b97ccf..7caa810c49 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -43,7 +43,7 @@ bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, if (!gpfs_share_modes) { return True; } - + if (gpfs_set_share_fn == NULL) { return False; } @@ -104,7 +104,7 @@ int set_gpfs_lease(int fd, int leasetype) if (leasetype == F_WRLCK) { gpfs_type = GPFS_LEASE_WRITE; } - + /* we unconditionally set CAP_LEASE, rather than looking for -1/EACCES as there is a bug in some versions of libgpfs_gpl.so which results in a leaked fd on /dev/ss0 -- cgit From de8bb1725540d7fd12fe76b6b0da719309b41d69 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 03:22:04 +0100 Subject: Fix nonempty blank lines in vfs_gpfs.c Signed-off-by: Michael Adam --- source3/modules/vfs_gpfs.c | 105 +++++++++++++++++++++------------------------ 1 file changed, 50 insertions(+), 55 deletions(-) diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index fa0b4e97a5..187c13b009 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1,26 +1,24 @@ /* Unix SMB/CIFS implementation. Wrap gpfs calls in vfs functions. - + Copyright (C) Christian Ambach 2006 - + Major code contributions by Chetan Shringarpure and Gomati Mohanan - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . - - */ #include "includes.h" @@ -55,14 +53,14 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, int leasetype) { int ret; - + START_PROFILE(syscall_linux_setlease); - + if ( linux_set_lease_sighandler(fsp->fh->fd) == -1) return -1; ret = set_gpfs_lease(fsp->fh->fd,leasetype); - + if ( ret < 0 ) { /* This must have come from GPFS not being available */ /* or some other error, hence call the default */ @@ -301,13 +299,13 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) gace->aceType = aceprop->aceType; gace->aceFlags = aceprop->aceFlags; gace->aceMask = aceprop->aceMask; - + /* * GPFS can't distinguish between WRITE and APPEND on * files, so one being set without the other is an * error. Sorry for the many ()'s :-) */ - + if (!fsp->is_directory && ((((gace->aceMask & ACE4_MASK_WRITE) == 0) @@ -323,9 +321,9 @@ static bool gpfsacl_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl) fsp->fsp_name)); gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND; } - + gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0; - + if (aceprop->flags&SMB_ACE4_ID_SPECIAL) { switch(aceprop->who.special_id) @@ -478,7 +476,7 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) errno = EINVAL; goto done; } - + DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n", pacl->acl_len, pacl->acl_level, pacl->acl_version, pacl->acl_nace)); @@ -497,7 +495,6 @@ static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type) } SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle, - const char *path_p, SMB_ACL_TYPE_T type) { @@ -557,7 +554,7 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, for (i=0; icount; i++) { const struct smb_acl_entry *ace = &pacl->acl[i]; struct gpfs_ace_v1 *g_ace = &result->ace_v1[i]; - + DEBUG(10, ("Converting type %d perm %x\n", (int)ace->a_type, (int)ace->a_perm)); @@ -612,7 +609,6 @@ static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl, } int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, - const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) @@ -639,7 +635,6 @@ int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, } int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle, - const char *path) { errno = ENOTSUP; @@ -661,11 +656,11 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) uint32_t posix_mask = 0x01; uint32_t posix_bit; uint32_t nfs4_bits; - + for(i=0; i<3; i++) { nfs4_bits = posix_nfs4map[i]; posix_bit = rwx & posix_mask; - + if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { if (posix_bit) aceMask |= nfs4_bits; @@ -678,10 +673,10 @@ static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx) else aceMask &= ~nfs4_bits; } /* other ace types are unexpected */ - + posix_mask <<= 1; } - + return aceMask; } @@ -693,30 +688,30 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) int i; files_struct fake_fsp; /* TODO: rationalize parametrization */ SMB4ACE_T *smbace; - + DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode)); - + result = gpfs_get_nfs4_acl(path, &pacl); if (result) return result; - + if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) { DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path)); } - + for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) { SMB_ACE4PROP_T *ace = smb_get_ace4(smbace); uint32_t specid = ace->who.special_id; - + if (ace->flags&SMB_ACE4_ID_SPECIAL && ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE && specid <= SMB_ACE4_WHO_EVERYONE) { - + uint32_t newMask; - + if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) haveAllowEntry[specid] = True; - + /* mode >> 6 for @owner, mode >> 3 for @group, * mode >> 0 for @everyone */ newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask, @@ -735,35 +730,35 @@ static int gpfsacl_emu_chmod(const char *path, mode_t mode) */ for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) { SMB_ACE4PROP_T ace; - + if (haveAllowEntry[i]==True) continue; - + ZERO_STRUCT(ace); ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE; ace.flags |= SMB_ACE4_ID_SPECIAL; ace.who.special_id = i; - + if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */ ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - + ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask, mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3)); - + /* don't add unnecessary aces */ if (!ace.aceMask) continue; - + /* we add it to the END - as windows expects allow aces */ smb_add_ace4(pacl, &ace); DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n", path, mode, i, ace.aceMask)); } - + /* don't add complementary DENY ACEs here */ ZERO_STRUCT(fake_fsp); fake_fsp.fsp_name = (char *)path; /* no file_new is needed here */ - + /* put the acl */ if (gpfsacl_process_smbacl(&fake_fsp, pacl) == False) return -1; @@ -774,11 +769,11 @@ static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mo { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_STAT(handle, path, &st) != 0) { return -1; } - + /* avoid chmod() if possible, to preserve acls */ if ((st.st_mode & ~S_IFMT) == mode) { return 0; @@ -794,7 +789,7 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t { SMB_STRUCT_STAT st; int rc; - + if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) { return -1; } @@ -813,51 +808,51 @@ static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t /* VFS operations structure */ static vfs_op_tuple gpfs_op_tuples[] = { - + { SMB_VFS_OP(vfs_gpfs_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(vfs_gpfs_setlease), SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, - + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(gpfsacl_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_chmod), SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT }, - + { SMB_VFS_OP(vfs_gpfs_fchmod), SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT }, @@ -871,7 +866,7 @@ NTSTATUS vfs_gpfs_init(void); NTSTATUS vfs_gpfs_init(void) { init_gpfs(); - + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs", gpfs_op_tuples); } -- cgit From 110bb2244931d0979461e75e5ff83b2ba21e2fc4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 12:32:24 +0100 Subject: Make use of smbd_gpfs_get_realfilename_path in unix_convert (cherry picked from commit b37684ffcec4ba0beada55d37bcaf4f5e79bcd58) Signed-off-by: Michael Adam --- source3/modules/gpfs.c | 25 +++++++++++++++++++ source3/modules/vfs_gpfs.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c index 7caa810c49..16599005b9 100644 --- a/source3/modules/gpfs.c +++ b/source3/modules/gpfs.c @@ -31,6 +31,8 @@ static int (*gpfs_set_share_fn)(int fd, unsigned int allow, unsigned int deny); static int (*gpfs_set_lease_fn)(int fd, unsigned int leaseType); static int (*gpfs_getacl_fn)(char *pathname, int flags, void *acl); static int (*gpfs_putacl_fn)(char *pathname, int flags, void *acl); +static int (*gpfs_get_realfilename_path_fn)(char *pathname, char *filenamep, + int *buflen); bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask, @@ -134,6 +136,17 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return gpfs_putacl_fn(pathname, flags, acl); } +int smbd_gpfs_get_realfilename_path(char *pathname, char *filenamep, + int *buflen) +{ + if (gpfs_get_realfilename_path_fn == NULL) { + errno = ENOSYS; + return -1; + } + + return gpfs_get_realfilename_path_fn(pathname, filenamep, buflen); +} + static bool init_gpfs_function_lib(void *plibhandle_pointer, const char *libname, void *pfn_pointer, const char *fn_name) @@ -142,6 +155,9 @@ static bool init_gpfs_function_lib(void *plibhandle_pointer, void **libhandle_pointer = (void **)plibhandle_pointer; void **fn_pointer = (void **)pfn_pointer; + DEBUG(10, ("trying to load name %s from %s\n", + fn_name, libname)); + if (*libhandle_pointer == NULL) { *libhandle_pointer = dlopen(libname, RTLD_LAZY); did_open_here = true; @@ -187,6 +203,8 @@ void init_gpfs(void) init_gpfs_function(&gpfs_set_lease_fn, "gpfs_set_lease"); init_gpfs_function(&gpfs_getacl_fn, "gpfs_getacl"); init_gpfs_function(&gpfs_putacl_fn, "gpfs_putacl"); + init_gpfs_function(&gpfs_get_realfilename_path_fn, + "gpfs_get_realfilename_path"); gpfs_share_modes = lp_parm_bool(-1, "gpfs", "sharemodes", True); gpfs_leases = lp_parm_bool(-1, "gpfs", "leases", True); @@ -226,6 +244,13 @@ int smbd_gpfs_putacl(char *pathname, int flags, void *acl) return -1; } +int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep, + int *buflen) +{ + errno = ENOSYS; + return -1; +} + void init_gpfs(void) { return; diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 187c13b009..1d7cdba014 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -72,7 +72,64 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp, return ret; } +static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + int result; + char *full_path; + char real_pathname[PATH_MAX+1]; + int buflen; + + full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name); + if (full_path == NULL) { + errno = ENOMEM; + return -1; + } + + buflen = sizeof(real_pathname) - 1; + + result = smbd_gpfs_get_realfilename_path(full_path, real_pathname, + &buflen); + + TALLOC_FREE(full_path); + + if (result == -1) { + DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n", + strerror(errno))); + return -1; + } + + /* + * GPFS does not necessarily null-terminate the returned path + * but instead returns the buffer length in buflen. + */ + if (buflen < sizeof(real_pathname)) { + real_pathname[buflen] = '\0'; + } else { + real_pathname[sizeof(real_pathname)-1] = '\0'; + } + + DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n", + path, name, real_pathname)); + + name = strrchr_m(real_pathname, '/'); + if (name == NULL) { + errno = ENOENT; + return -1; + } + + *found_name = talloc_strdup(mem_ctx, name+1); + if (*found_name == NULL) { + errno = ENOMEM; + return -1; + } + + return 0; +} static void gpfs_dumpacl(int level, struct gpfs_acl *gacl) { @@ -817,6 +874,10 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(vfs_gpfs_get_real_filename), + SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_OPAQUE }, + { SMB_VFS_OP(gpfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, -- cgit From 57a9380f7b4ec25fe7bc7a8da73310ce8969e8d1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 18:17:59 +0100 Subject: Also search for -lgpfs which is available as GPL in GPFS PTF8 (cherry picked from commit 3c93c96fd0fe362c35fe8127058f94868abc9342) Signed-off-by: Michael Adam --- source3/configure.in | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/source3/configure.in b/source3/configure.in index 40e78e89d9..b90b1b3f60 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1052,6 +1052,20 @@ if test x"$samba_cv_HAVE_GPFS" = x"yes"; then fi LIBS="$save_LIBS" +printf "%s" "checking for GPFS libs (with 3.2.1 PTF8 available as GPL)... " +save_LIBS="$LIBS" +LIBS="$LIBS -lgpfs" +AC_TRY_LINK([#include ], + [gpfs_set_share(0,GPFS_SHARE_READ,GPFS_DENY_NONE)], + samba_cv_HAVE_GPFS=yes, + samba_cv_HAVE_GPFS=no) +echo $samba_cv_HAVE_GPFS +if test x"$samba_cv_HAVE_GPFS" = x"yes"; then + AC_DEFINE(HAVE_GPFS,1,[Whether GPFS GPL libs are available]) + default_shared_modules="$default_shared_modules vfs_gpfs" +fi +LIBS="$save_LIBS" + ############################################# # check if building on Isilon OneFS printf "%s" "checking for Isilon OneFS... " -- cgit From 1c6a87604f535f3e78f0798bb8b2a6408f2c93d9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 10 Dec 2008 16:58:40 +0100 Subject: Fix the build Crap, too many trees and no instant, infinitely fast rebuild Signed-off-by: Michael Adam --- source3/include/proto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source3/include/proto.h b/source3/include/proto.h index 4feedcdb04..4028f6de52 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7896,6 +7896,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char **pp_saved_last_component, SMB_STRUCT_STAT *pst); NTSTATUS check_name(connection_struct *conn, const char *name); +int get_real_filename(connection_struct *conn, const char *path, + const char *name, TALLOC_CTX *mem_ctx, + char **found_name); /* The following definitions come from smbd/files.c */ -- cgit From c4c6e1e463fe5ab8bb0e3e649d76ac5ec80900de Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Dec 2008 15:29:14 -0800 Subject: Fix usrmgr opening a user object as non-root. Jeremy. --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 25bbc6eeac..f942476fe5 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2636,7 +2636,7 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p, return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(info->acc_granted, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + SAMR_USER_ACCESS_GET_ATTRIBUTES, "_samr_QueryUserInfo"); if (!NT_STATUS_IS_OK(status)) { return status; -- cgit From d7d525bc9d8bf2f3dffbbc568254c3e774944268 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Dec 2008 17:03:53 -0800 Subject: Make the LookupRid access check match LookupName until we know the correct bits to use here. Jeremy. --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index f942476fe5..342f432c4e 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2079,7 +2079,7 @@ NTSTATUS _samr_LookupRids(pipes_struct *p, return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(acc_granted, - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, + 0, /* Don't know the acc_bits yet */ "_samr_LookupRids"); if (!NT_STATUS_IS_OK(status)) { return status; -- cgit From 138283c7c1f35b77ae773aca04cd499276df96ef Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 11 Dec 2008 11:25:45 +0100 Subject: s3-libnet: fix DEBUG statement in libnet_keytab. Guenther --- source3/libnet/libnet_keytab.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index 990f6f6a63..81956942ca 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -324,7 +324,7 @@ struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *c ret = krb5_kt_start_seq_get(ctx->context, ctx->keytab, &cursor); if (ret) { - DEBUG(10, ("krb5_kt_start_seq_get failed: %s", + DEBUG(10, ("krb5_kt_start_seq_get failed: %s\n", error_message(ret))); return NULL; } -- cgit From 1ad04b031902aa6d89365f839178b6fb23bfdb2a Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 10 Sep 2008 23:06:28 +0200 Subject: packaging(RHEL-CTDB): fix installation of pam modules use configure parameter to specify the pam modules dir. Michael (cherry picked from commit 24282daa5e293ef9362a69f7f70a684587d6763a) --- packaging/RHEL-CTDB/samba.spec.tmpl | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index 910fe37f34..306ef34c3d 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -149,6 +149,7 @@ CFLAGS="$RPM_OPT_FLAGS $EXTRA -D_GNU_SOURCE" ./configure \ --with-configdir=%{_sysconfdir}/samba \ --libdir=%{_libarchdir} \ --with-modulesdir=%{_libarchdir}/samba \ + --with-pammodulesdir=%{_libarch}/security \ --with-lockdir=/var/lib/samba \ --with-logfilebase=/var/log/samba \ --with-mandir=%{_mandir} \ @@ -230,8 +231,7 @@ make DESTDIR=$RPM_BUILD_ROOT \ install cd .. -# NSS & PAM winbind support -install -m 755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_winbind.so +# NSS winbind support install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so.2 ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_winbind.so.2 libnss_winbind.so ) @@ -242,8 +242,6 @@ install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/lib #install -m 755 source/nsswitch/libnss_wins.so $RPM_BUILD_ROOT/%{_libarch}/libnss_wins.so # ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_wins.so libnss_wins.so.2 ) -# Install pam_smbpass.so -install -m755 source/bin/pam_smbpass.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_smbpass.so ## cleanup /bin/rm -rf $RPM_BUILD_ROOT/usr/lib*/samba/security -- cgit From 9ecb169debbdfea03036dc293366bf2063be1448 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 12 Sep 2008 15:50:33 +0200 Subject: packaging(RHEL-CTDB): refactor creation of spec file from template out into new script makespec.sh Michael (cherry picked from commit d49a9d1c67e4d98017ce5f7d1351bca1366e1a8d) (cherry picked from commit 086873f00de96ca48717b05dddb71e776c74ca7d) --- packaging/RHEL-CTDB/makerpms.sh | 25 ++++++------------------- packaging/RHEL-CTDB/makespec.sh | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 19 deletions(-) create mode 100755 packaging/RHEL-CTDB/makespec.sh diff --git a/packaging/RHEL-CTDB/makerpms.sh b/packaging/RHEL-CTDB/makerpms.sh index 219982fda9..c85b865f79 100755 --- a/packaging/RHEL-CTDB/makerpms.sh +++ b/packaging/RHEL-CTDB/makerpms.sh @@ -25,8 +25,6 @@ RPMSRCDIR=`rpm --eval %_sourcedir` DIRNAME=$(dirname $0) TOPDIR=${DIRNAME}/../.. -SRCDIR=${TOPDIR}/source -VERSION_H=${SRCDIR}/include/version.h SPECFILE="samba.spec" DOCS="docs.tar.bz2" @@ -49,25 +47,14 @@ esac ## ## determine the samba version and create the SPEC file ## -pushd ${SRCDIR} -./script/mkversion.sh -popd -if [ ! -f ${VERSION_H} ] ; then - echo "Error creating version.h" - exit 1 +${DIRNAME}/makespec.sh +RC=$? +if [ $RC -ne 0 ]; then + exit ${RC} fi -VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING ${VERSION_H} | awk '{print $3}'` -vendor_version=`grep SAMBA_VERSION_VENDOR_SUFFIX ${VERSION_H} | awk '{print $3}'` -if test "x${vendor_version}" != "x" ; then - VERSION="${VERSION}-${vendor_version}" -fi -VERSION=`echo ${VERSION} | sed 's/-/_/g'` -VERSION=`echo ${VERSION} | sed 's/\"//g'` -echo "VERSION: ${VERSION}" -sed -e s/PVERSION/${VERSION}/g \ - < ${DIRNAME}/${SPECFILE}.tmpl \ - > ${DIRNAME}/${SPECFILE} +RELEASE=$(grep ^Release ${DIRNAME}${SPECFILE} | sed -e 's/^Release:\ \+//') +VERSION=$(grep ^Version ${DIRNAME}${SPECFILE} | sed -e 's/^Version:\ \+//') ## ## create the tarball diff --git a/packaging/RHEL-CTDB/makespec.sh b/packaging/RHEL-CTDB/makespec.sh new file mode 100755 index 0000000000..7d10d55ab4 --- /dev/null +++ b/packaging/RHEL-CTDB/makespec.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Copyright (C) Michael Adam 2008 +# +# Script to determine the samba version and create the SPEC file from template + +DIRNAME=$(dirname $0) +TOPDIR=${DIRNAME}/../.. +SRCDIR=${TOPDIR}/source +VERSION_H=${SRCDIR}/include/version.h +SPECFILE=${DIRNAME}/samba.spec + +## +## determine the samba version and create the SPEC file +## +pushd ${SRCDIR} +./script/mkversion.sh +popd +if [ ! -f ${VERSION_H} ] ; then + echo "Error creating version.h" + exit 1 +fi + +VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING ${VERSION_H} | awk '{print $3}'` +vendor_version=`grep SAMBA_VERSION_VENDOR_SUFFIX ${VERSION_H} | awk '{print +$3}'` +if test "x${vendor_version}" != "x" ; then + VERSION="${VERSION}-${vendor_version}" +fi +VERSION=`echo ${VERSION} | sed 's/-/_/g'` +VERSION=`echo ${VERSION} | sed 's/\"//g'` +echo "VERSION: ${VERSION}" +sed -e s/PVERSION/${VERSION}/g \ + < ${SPECFILE}.tmpl \ + > ${SPECFILE} + -- cgit From 0c9d433f9ec98471b52c2c65130602a393e8bbb0 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Sep 2008 16:15:42 +0200 Subject: packaging(RHEL-CTDB): fix typo in makerpms.sh Michael (cherry picked from commit 5fc5e82d4c2c386894fde95f94992171620c7853) (cherry picked from commit 0e35ff0b46be2f9deab6e539c34970c85c3b58ce) --- packaging/RHEL-CTDB/makerpms.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/RHEL-CTDB/makerpms.sh b/packaging/RHEL-CTDB/makerpms.sh index c85b865f79..50fa96c2b1 100755 --- a/packaging/RHEL-CTDB/makerpms.sh +++ b/packaging/RHEL-CTDB/makerpms.sh @@ -53,8 +53,8 @@ if [ $RC -ne 0 ]; then exit ${RC} fi -RELEASE=$(grep ^Release ${DIRNAME}${SPECFILE} | sed -e 's/^Release:\ \+//') -VERSION=$(grep ^Version ${DIRNAME}${SPECFILE} | sed -e 's/^Version:\ \+//') +RELEASE=$(grep ^Release ${DIRNAME}/${SPECFILE} | sed -e 's/^Release:\ \+//') +VERSION=$(grep ^Version ${DIRNAME}/${SPECFILE} | sed -e 's/^Version:\ \+//') ## ## create the tarball -- cgit From 0acddd96d92bd229650190f498b5782d1b96fac7 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 11 Nov 2008 13:45:40 +0100 Subject: packaging(RHEL-CTDB): add the cifs.upcall binary to the client package. Michael (cherry picked from commit 1875b373a319ac9494fdc907793e59804c577a4d) (cherry picked from commit e1dca5f1870975b7d9a57869357c971d559afdfe) --- packaging/RHEL-CTDB/samba.spec.tmpl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index 306ef34c3d..8df6becd94 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -417,6 +417,8 @@ exit 0 /sbin/mount.cifs /sbin/umount.cifs +%{_sbindir}/cifs.upcall + %{_bindir}/rpcclient %{_bindir}/smbcacls %{_bindir}/findsmb -- cgit From 9e4a95c928d023a3b253bbf7d9056aa91d5c278a Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 11 Nov 2008 13:47:37 +0100 Subject: packaging(RHEL-CTDB): move the cifs.upcall manpage to the client package Michael (cherry picked from commit 16f23eb27467ace9751ef2d1fbb6c4d3a5ae9550) (cherry picked from commit 9538e3130f33ffde1d68eaea303b2b2dd9ddd71d) --- packaging/RHEL-CTDB/samba.spec.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index 8df6becd94..efcd2ed580 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -432,6 +432,7 @@ exit 0 %{_mandir}/man8/mount.cifs.8.* %{_mandir}/man8/umount.cifs.8.* +%{_mandir}/man8/cifs.upcall.8* %{_mandir}/man8/smbspool.8* %{_mandir}/man1/smbget.1* %{_mandir}/man5/smbgetrc.5* @@ -512,7 +513,6 @@ exit 0 %{_mandir}/man1/ldbedit.1* %{_mandir}/man1/ldbmodify.1* %{_mandir}/man1/ldbsearch.1* -%{_mandir}/man8/cifs.upcall.8* %ifarch i386 i486 i586 i686 ppc s390 %files winbind-32bit -- cgit From 05c9766cef9d0bba1b7ab496f06e976a6bcc2dae Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 1 Dec 2008 03:07:19 +0100 Subject: packaging(RHEL-CTDB): use ccache if available Michael (cherry picked from commit 36ca917a63f23126536e786bed845dee48fbf61c) (cherry picked from commit 05b51bc176f87e7dc1b65adf3d866e797159d953) --- packaging/RHEL-CTDB/samba.spec.tmpl | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index efcd2ed580..f67cab68b9 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -133,12 +133,12 @@ cd source # RPM_OPT_FLAGS="$RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64" ## check for ccache -# ccache -h 2>&1 > /dev/null -#if [ $? -eq 0 ]; then -# CC="ccache gcc" -#else +ccache -h 2>&1 > /dev/null +if [ $? -eq 0 ]; then + CC="ccache gcc" +else CC="gcc" -#fi +fi ## always run autogen.sh ./autogen.sh -- cgit From 2ef0fc467a33e1b448853273316a72c3e7e72c47 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 1 Dec 2008 23:03:38 +0100 Subject: packaging(RHEL-CTDB): fix the build when ccache is not found. Michael (cherry picked from commit c98fb34ef933944a96a286d2d276cf2adc99e25e) (cherry picked from commit 7d929d9fa363a1f1c67926678524f338e84b3535) --- packaging/RHEL-CTDB/samba.spec.tmpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index f67cab68b9..e1eee81e45 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -133,8 +133,7 @@ cd source # RPM_OPT_FLAGS="$RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64" ## check for ccache -ccache -h 2>&1 > /dev/null -if [ $? -eq 0 ]; then +if ccache -h 2>&1 > /dev/null ; then CC="ccache gcc" else CC="gcc" -- cgit From dfff610b464cb08a07bf235c161c242d16684972 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 1 Dec 2008 23:19:02 +0100 Subject: packaging(RHEL-CTDB): don't show failure messages in check for ccache by fixing the order of "> /dev/null 2>&1" Michael (cherry picked from commit 0e9d5638a7c375b3b18f19f83f97924ab45ad382) (cherry picked from commit 6e51f250c5d38e973948aa1d53222bcccdcca365) --- packaging/RHEL-CTDB/samba.spec.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl index e1eee81e45..8a583a9bde 100644 --- a/packaging/RHEL-CTDB/samba.spec.tmpl +++ b/packaging/RHEL-CTDB/samba.spec.tmpl @@ -133,7 +133,7 @@ cd source # RPM_OPT_FLAGS="$RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64" ## check for ccache -if ccache -h 2>&1 > /dev/null ; then +if ccache -h >/dev/null 2>&1 ; then CC="ccache gcc" else CC="gcc" -- cgit From 4a3ae3831d41bd7cb1d7efae7b2eb031d1fabbb8 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 11 Dec 2008 15:43:47 +0100 Subject: s4:libcli/resolve: add resolve_name_all*() which return all addresses not only the first one metze --- source4/libcli/resolve/bcast.c | 9 ++--- source4/libcli/resolve/host.c | 24 ++++++++----- source4/libcli/resolve/nbtlist.c | 36 +++++++++---------- source4/libcli/resolve/resolve.c | 72 +++++++++++++++++++++++++++++++------- source4/libcli/resolve/resolve.h | 11 ++++-- source4/libcli/resolve/testsuite.c | 2 +- source4/libcli/resolve/wins.c | 10 +++--- 7 files changed, 115 insertions(+), 49 deletions(-) diff --git a/source4/libcli/resolve/bcast.c b/source4/libcli/resolve/bcast.c index ca78a2ce43..0a71ebed99 100644 --- a/source4/libcli/resolve/bcast.c +++ b/source4/libcli/resolve/bcast.c @@ -73,9 +73,10 @@ struct composite_context *resolve_name_bcast_send(TALLOC_CTX *mem_ctx, broadcast name resolution method - recv side */ NTSTATUS resolve_name_bcast_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { - NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, addrs); if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { /* this makes much more sense for a bcast name resolution timeout */ @@ -92,7 +93,7 @@ NTSTATUS resolve_name_bcast(struct nbt_name *name, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout, - const char **reply_addr) + struct socket_address ***addrs) { struct resolve_bcast_data *data = talloc(mem_ctx, struct resolve_bcast_data); struct composite_context *c; @@ -101,7 +102,7 @@ NTSTATUS resolve_name_bcast(struct nbt_name *name, data->nbt_timeout = nbt_timeout; c = resolve_name_bcast_send(mem_ctx, NULL, data, name); - return resolve_name_bcast_recv(c, mem_ctx, reply_addr); + return resolve_name_bcast_recv(c, mem_ctx, addrs); } bool resolve_context_add_bcast_method(struct resolve_context *ctx, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout) diff --git a/source4/libcli/resolve/host.c b/source4/libcli/resolve/host.c index 7d779b0678..7b1aef803e 100644 --- a/source4/libcli/resolve/host.c +++ b/source4/libcli/resolve/host.c @@ -32,13 +32,14 @@ #include "lib/events/events.h" #include "system/network.h" #include "system/filesys.h" +#include "lib/socket/socket.h" #include "libcli/composite/composite.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "libcli/resolve/resolve.h" struct host_state { struct nbt_name name; - const char *reply_addr; + struct socket_address **addrs; pid_t child; int child_fd; struct fd_event *fde; @@ -95,7 +96,6 @@ static void pipe_handler(struct event_context *ev, struct fd_event *fde, struct host_state *state = talloc_get_type(c->private_data, struct host_state); char address[128]; int ret; - pid_t child = state->child; int status; /* if we get any event from the child then we know that we @@ -125,8 +125,15 @@ static void pipe_handler(struct event_context *ev, struct fd_event *fde, return; } - state->reply_addr = talloc_strdup(state, address); - if (composite_nomem(state->reply_addr, c)) return; + state->addrs = talloc_array(state, struct socket_address *, 2); + if (composite_nomem(state->addrs, c)) return; + + state->addrs[0] = socket_address_from_strings(state->addrs, + "ipv4", + address, + 0); + if (composite_nomem(state->addrs[0], c)) return; + state->addrs[1] = NULL; composite_done(c); } @@ -200,7 +207,8 @@ struct composite_context *resolve_name_host_send(TALLOC_CTX *mem_ctx, gethostbyname name resolution method - recv side */ NTSTATUS resolve_name_host_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -208,7 +216,7 @@ NTSTATUS resolve_name_host_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct host_state *state = talloc_get_type(c->private_data, struct host_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -220,10 +228,10 @@ NTSTATUS resolve_name_host_recv(struct composite_context *c, */ NTSTATUS resolve_name_host(struct nbt_name *name, TALLOC_CTX *mem_ctx, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c = resolve_name_host_send(mem_ctx, NULL, NULL, name); - return resolve_name_host_recv(c, mem_ctx, reply_addr); + return resolve_name_host_recv(c, mem_ctx, addrs); } bool resolve_context_add_host_method(struct resolve_context *ctx) diff --git a/source4/libcli/resolve/nbtlist.c b/source4/libcli/resolve/nbtlist.c index ec4cfb81b4..9c53fcb7ec 100644 --- a/source4/libcli/resolve/nbtlist.c +++ b/source4/libcli/resolve/nbtlist.c @@ -26,6 +26,7 @@ #include "includes.h" #include "libcli/composite/composite.h" #include "system/network.h" +#include "lib/socket/socket.h" #include "lib/socket/netif.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "../libcli/nbt/libnbt.h" @@ -38,7 +39,7 @@ struct nbtlist_state { int num_queries; struct nbt_name_request **queries; struct nbt_name_query *io_queries; - const char *reply_addr; + struct socket_address **addrs; struct interface *ifaces; }; @@ -71,25 +72,23 @@ static void nbtlist_handler(struct nbt_name_request *req) talloc_free(state->nbtsock); if (!composite_is_ok(c)) return; - if (state->io_queries[i].out.num_addrs < 1) { + if (q->out.num_addrs < 1) { composite_error(c, NT_STATUS_UNEXPECTED_NETWORK_ERROR); return; } - /* favor a local address if possible */ - state->reply_addr = NULL; - for (i=0;iout.num_addrs;i++) { - if (iface_is_local(state->ifaces, q->out.reply_addrs[i])) { - state->reply_addr = talloc_steal(state, - q->out.reply_addrs[i]); - break; - } - } + state->addrs = talloc_array(state, struct socket_address *, + q->out.num_addrs + 1); + if (composite_nomem(state->addrs, c)) return; - if (state->reply_addr == NULL) { - state->reply_addr = talloc_steal(state, - q->out.reply_addrs[0]); + for (i=0;iout.num_addrs;i++) { + state->addrs[i] = socket_address_from_strings(state->addrs, + "ipv4", + q->out.reply_addrs[i], + 0); + if (composite_nomem(state->addrs[i], c)) return; } + state->addrs[i] = NULL; composite_done(c); } @@ -180,7 +179,8 @@ struct composite_context *resolve_name_nbtlist_send(TALLOC_CTX *mem_ctx, nbt list of addresses name resolution method - recv side */ NTSTATUS resolve_name_nbtlist_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -188,7 +188,7 @@ NTSTATUS resolve_name_nbtlist_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct nbtlist_state *state = talloc_get_type(c->private_data, struct nbtlist_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -205,13 +205,13 @@ NTSTATUS resolve_name_nbtlist(struct nbt_name *name, uint16_t nbt_port, int nbt_timeout, bool broadcast, bool wins_lookup, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c = resolve_name_nbtlist_send(mem_ctx, NULL, name, address_list, ifaces, nbt_port, nbt_timeout, broadcast, wins_lookup); - return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + return resolve_name_nbtlist_recv(c, mem_ctx, addrs); } diff --git a/source4/libcli/resolve/resolve.c b/source4/libcli/resolve/resolve.c index f57f231bc0..7d1c48cbee 100644 --- a/source4/libcli/resolve/resolve.c +++ b/source4/libcli/resolve/resolve.c @@ -26,6 +26,7 @@ #include "libcli/resolve/resolve.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "system/network.h" +#include "lib/socket/socket.h" #include "../lib/util/dlinklist.h" struct resolve_state { @@ -33,7 +34,7 @@ struct resolve_state { struct resolve_method *method; struct nbt_name name; struct composite_context *creq; - const char *reply_addr; + struct socket_address **addrs; }; static struct composite_context *setup_next_method(struct composite_context *c); @@ -83,7 +84,7 @@ static void resolve_handler(struct composite_context *creq) struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state); const struct resolve_method *method = state->method; - c->status = method->recv_fn(creq, state, &state->reply_addr); + c->status = method->recv_fn(creq, state, &state->addrs); if (!NT_STATUS_IS_OK(c->status)) { state->method = state->method->next; @@ -128,9 +129,9 @@ static struct composite_context *setup_next_method(struct composite_context *c) /* general name resolution - async send */ -struct composite_context *resolve_name_send(struct resolve_context *ctx, - struct nbt_name *name, - struct event_context *event_ctx) +struct composite_context *resolve_name_all_send(struct resolve_context *ctx, + struct nbt_name *name, + struct event_context *event_ctx) { struct composite_context *c; struct resolve_state *state; @@ -157,8 +158,13 @@ struct composite_context *resolve_name_send(struct resolve_context *ctx, if (is_ipaddress(state->name.name) || strcasecmp(state->name.name, "localhost") == 0) { struct in_addr ip = interpret_addr2(state->name.name); - state->reply_addr = talloc_strdup(state, inet_ntoa(ip)); - if (composite_nomem(state->reply_addr, c)) return c; + + state->addrs = talloc_array(state, struct socket_address *, 2); + if (composite_nomem(state->addrs, c)) return c; + state->addrs[0] = socket_address_from_strings(state->addrs, "ipv4", + inet_ntoa(ip), 0); + if (composite_nomem(state->addrs[0], c)) return c; + state->addrs[1] = NULL; composite_done(c); return c; } @@ -177,8 +183,9 @@ struct composite_context *resolve_name_send(struct resolve_context *ctx, /* general name resolution method - recv side */ -NTSTATUS resolve_name_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) +NTSTATUS resolve_name_all_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -186,7 +193,7 @@ NTSTATUS resolve_name_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -196,9 +203,50 @@ NTSTATUS resolve_name_recv(struct composite_context *c, /* general name resolution - sync call */ -NTSTATUS resolve_name(struct resolve_context *ctx, struct nbt_name *name, TALLOC_CTX *mem_ctx, const char **reply_addr, struct event_context *ev) +NTSTATUS resolve_all_name(struct resolve_context *ctx, + struct nbt_name *name, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs, + struct event_context *ev) +{ + struct composite_context *c = resolve_name_all_send(ctx, name, ev); + return resolve_name_all_recv(c, mem_ctx, addrs); +} + +struct composite_context *resolve_name_send(struct resolve_context *ctx, + struct nbt_name *name, + struct event_context *event_ctx) +{ + return resolve_name_all_send(ctx, name, event_ctx); +} + +NTSTATUS resolve_name_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + const char **reply_addr) +{ + NTSTATUS status; + struct socket_address **addrs = NULL; + + status = resolve_name_all_recv(c, mem_ctx, &addrs); + + if (NT_STATUS_IS_OK(status)) { + *reply_addr = talloc_steal(mem_ctx, addrs[0]->addr); + talloc_free(addrs); + } + + return status; +} + +/* + general name resolution - sync call + */ +NTSTATUS resolve_name(struct resolve_context *ctx, + struct nbt_name *name, + TALLOC_CTX *mem_ctx, + const char **reply_addr, + struct event_context *ev) { - struct composite_context *c = resolve_name_send(ctx, name, ev); + struct composite_context *c = resolve_name_send(ctx, name, ev); return resolve_name_recv(c, mem_ctx, reply_addr); } diff --git a/source4/libcli/resolve/resolve.h b/source4/libcli/resolve/resolve.h index 22de146c99..01fc930fce 100644 --- a/source4/libcli/resolve/resolve.h +++ b/source4/libcli/resolve/resolve.h @@ -22,9 +22,16 @@ #ifndef __RESOLVE_H__ #define __RESOLVE_H__ +struct socket_address; + #include "../libcli/nbt/libnbt.h" -typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx, struct event_context *, void *privdata, struct nbt_name *); -typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *, TALLOC_CTX *, const char **); +typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx, + struct event_context *, + void *privdata, + struct nbt_name *); +typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *creq, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs); #include "libcli/resolve/proto.h" struct interface; #include "libcli/resolve/lp_proto.h" diff --git a/source4/libcli/resolve/testsuite.c b/source4/libcli/resolve/testsuite.c index 73a8c841bb..34de1158a5 100644 --- a/source4/libcli/resolve/testsuite.c +++ b/source4/libcli/resolve/testsuite.c @@ -43,7 +43,7 @@ static bool test_async_resolve(struct torture_context *tctx) torture_comment(tctx, "Testing async resolve of '%s' for %d seconds\n", host, timelimit); while (timeval_elapsed(&tv) < timelimit) { - const char *s; + struct socket_address **s; struct composite_context *c = resolve_name_host_send(mem_ctx, ev, NULL, &n); torture_assert(tctx, c != NULL, "resolve_name_host_send"); torture_assert_ntstatus_ok(tctx, resolve_name_host_recv(c, mem_ctx, &s), diff --git a/source4/libcli/resolve/wins.c b/source4/libcli/resolve/wins.c index f787d52d31..ae142f7054 100644 --- a/source4/libcli/resolve/wins.c +++ b/source4/libcli/resolve/wins.c @@ -23,6 +23,7 @@ #include "../libcli/nbt/libnbt.h" #include "libcli/resolve/resolve.h" #include "param/param.h" +#include "lib/socket/socket.h" #include "lib/socket/netif.h" struct resolve_wins_data { @@ -50,9 +51,10 @@ struct composite_context *resolve_name_wins_send( wins name resolution method - recv side */ NTSTATUS resolve_name_wins_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { - return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + return resolve_name_nbtlist_recv(c, mem_ctx, addrs); } /* @@ -64,7 +66,7 @@ NTSTATUS resolve_name_wins(struct nbt_name *name, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c; struct resolve_wins_data *wins_data = talloc(mem_ctx, struct resolve_wins_data); @@ -73,7 +75,7 @@ NTSTATUS resolve_name_wins(struct nbt_name *name, wins_data->nbt_port = nbt_port; wins_data->nbt_timeout = nbt_timeout; c = resolve_name_wins_send(mem_ctx, NULL, wins_data, name); - return resolve_name_wins_recv(c, mem_ctx, reply_addr); + return resolve_name_wins_recv(c, mem_ctx, addrs); } bool resolve_context_add_wins_method(struct resolve_context *ctx, const char **address_list, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout) -- cgit From 2026b34ebf4ebf06bdbbc0e5e114acde5b42ea4d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 11 Dec 2008 17:54:38 +0100 Subject: s4:selftest: samba4 fails the changed delete test metze --- source4/selftest/knownfail | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 92c6ff0f91..b05cc1e39d 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -5,8 +5,10 @@ # a successful run for any of these tests an error. local.resolve.*.async local.iconv.*.next_codepoint() +base.delete.*.deltest17 base.delete.*.deltest20a base.delete.*.deltest20b +base.delete.*.deltest21 rpc.winreg.*security samba4.local.registry.(dir|ldb).check hive security samba4.local.registry.local.security -- cgit From b4a4e635246b88277b235fa343eda48bd4bb4ce3 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Thu, 11 Dec 2008 18:08:29 +0100 Subject: Samba3-HOWTO: Fix usage of 'net idmap restore'. This fixes bug #5883. Karolin --- docs-xml/Samba3-HOWTO/TOSHARG-TheNetCommand.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-TheNetCommand.xml b/docs-xml/Samba3-HOWTO/TOSHARG-TheNetCommand.xml index b2b3ebd5b1..d1895829a9 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-TheNetCommand.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-TheNetCommand.xml @@ -1850,7 +1850,7 @@ net idmap dump /var/lib/samba/winbindd_idmap.tdb > idmap_dump.txt The IDMAP dump file can be restored using the following command: -net idmap restore <full_path_and_tdb_filename> < dumpfile.txt +net idmap restore idmap_dump.txt Where the Samba run-time tdb files are stored in the /var/lib/samba directory the following command can be used to restore the data to the tdb file: -- cgit From 792f769e969da156bbc6330118e200f2eae19d7c Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 11 Dec 2008 18:20:18 +0100 Subject: Build python modules by default in merged build (required for provision). --- source3/samba4.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/samba4.mk b/source3/samba4.mk index 032a3d9c35..7631112684 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -161,7 +161,7 @@ modules:: $(PLUGINS) pythonmods:: $(PYTHON_PYS) $(PYTHON_SO) -all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 +all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods torture:: bin/smbtorture4 everything:: $(patsubst %,%4,$(BINARIES)) -- cgit From 52571a0333d50c58675e858774c6d5eb68a48658 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 11 Dec 2008 18:51:28 +0100 Subject: Add interactive flag to setup/provision (also the default when no arguments are given). --- source4/setup/provision | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/source4/setup/provision b/source4/setup/provision index 7bd61fc1d8..882a92ad48 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -24,7 +24,8 @@ import getopt import optparse -import os, sys +import os +import sys # Find right directory when running from source tree sys.path.insert(0, "bin/python") @@ -46,6 +47,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("--interactive", help="Ask for names") parser.add_option("--setupdir", type="string", metavar="DIR", help="directory with setup files") parser.add_option("--realm", type="string", metavar="REALM", help="set realm") @@ -108,7 +110,10 @@ def message(text): if not opts.quiet: print text -if opts.realm is None or opts.domain is None: +if len(sys.argv) == 1: + opts.interactive = True + +if not opts.interactive and (opts.realm is None or opts.domain is None): if opts.realm is None: print >>sys.stderr, "No realm set" if opts.domain is None: @@ -116,6 +121,26 @@ if opts.realm is None or opts.domain is None: parser.print_usage() sys.exit(1) +if opts.interactive: + from getpass import getpass + import readline + import socket + def ask(prompt, default=None): + if default is not None: + print "%s [%s]: " % (prompt,default), + else: + print "%s: " % (prompt,), + return sys.stdin.readline().rstrip("\n") or default + opts.realm = ask("Realm", socket.gethostname().split(".", 1)[1]) + opts.domain = ask("Domain", opts.realm) + opts.server_role = ask("Server Role (dc, member, standalone)", "dc") + for i in range(3): + opts.adminpass = getpass("Administrator password: ") + if not opts.adminpass: + print >>sys.stderr, "Invalid administrator password." + else: + break + lp = sambaopts.get_loadparm() smbconf = lp.configfile() -- cgit From 9f69a13de7bf192a3a6fe06b5dee51e9971b59b9 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 11 Dec 2008 19:07:50 +0100 Subject: Install symlink for convenience for the samba4 setup directory. --- source3/samba4.mk | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source3/samba4.mk b/source3/samba4.mk index 7631112684..38d1ec2e19 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -161,9 +161,11 @@ modules:: $(PLUGINS) pythonmods:: $(PYTHON_PYS) $(PYTHON_SO) -all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods +all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4 pythonmods setup torture:: bin/smbtorture4 everything:: $(patsubst %,%4,$(BINARIES)) +setup: + @ln -sf ../source4/setup setup SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \ --builddir=$(builddir) --srcdir=$(samba4srcdir) \ -- cgit From 3a45779f546ac0e7ca1871cdd2573bd84f952524 Mon Sep 17 00:00:00 2001 From: Dan Sledz Date: Mon, 8 Dec 2008 14:52:14 -0800 Subject: s3: Use strtoul since id types are unsigned --- source3/nsswitch/wbinfo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index d14cfe94b7..c85e210cc0 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -146,8 +146,8 @@ static bool parse_mapping_arg(char *arg, int *id, char **sid) return false; /* Because atoi() can return 0 on invalid input, which would be a valid - * UID/GID we must use strtol() and do error checking */ - *id = strtol(tmp, &endptr, 10); + * UID/GID we must use strtoul() and do error checking */ + *id = strtoul(tmp, &endptr, 10); if (endptr[0] != '\0') return false; -- cgit From 370cc9c776bcde683b9cc9704a781b093cf3bdaa Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 12 Dec 2008 09:51:44 +0100 Subject: s4:fix segfault in rpc-server, when client binds to unsupported service. Signed-off-by: Michael Adam --- source4/rpc_server/dcerpc_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 2c218bdc8d..5f055ae342 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -648,7 +648,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags; pkt.u.bind_ack.max_xmit_frag = 0x2000; pkt.u.bind_ack.max_recv_frag = 0x2000; - pkt.u.bind_ack.assoc_group_id = call->context->assoc_group_id; + pkt.u.bind_ack.assoc_group_id = iface?call->context->assoc_group_id:0; if (iface) { /* FIXME: Use pipe name as specified by endpoint instead of interface name */ pkt.u.bind_ack.secondary_address = talloc_asprintf(call, "\\PIPE\\%s", iface->name); -- cgit From 076479aac3485180812eccf4c7ef8cc50eca9575 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 10:30:13 +0100 Subject: Remove EJS backend for PIDL, as we don't have EJS anymore. --- pidl/lib/Parse/Pidl/Samba4/EJS.pm | 874 -------------------------------------- pidl/tests/samba-ejs.pl | 37 -- 2 files changed, 911 deletions(-) delete mode 100644 pidl/lib/Parse/Pidl/Samba4/EJS.pm delete mode 100755 pidl/tests/samba-ejs.pl diff --git a/pidl/lib/Parse/Pidl/Samba4/EJS.pm b/pidl/lib/Parse/Pidl/Samba4/EJS.pm deleted file mode 100644 index efb3f2858d..0000000000 --- a/pidl/lib/Parse/Pidl/Samba4/EJS.pm +++ /dev/null @@ -1,874 +0,0 @@ -################################################### -# EJS function wrapper generator -# Copyright jelmer@samba.org 2005 -# Copyright Andrew Tridgell 2005 -# released under the GNU GPL - -package Parse::Pidl::Samba4::EJS; - -use Exporter; -@ISA = qw(Exporter); -@EXPORT_OK = qw(check_null_pointer fn_declare TypeFunctionName); - -use strict; -use Parse::Pidl::Typelist qw(typeHasBody); -use Parse::Pidl::CUtil qw(get_pointer_to get_value_of); -use Parse::Pidl::Util qw(has_property ParseExpr); -use Parse::Pidl::NDR qw(GetPrevLevel GetNextLevel); -use Parse::Pidl::Samba4::Header qw(GenerateStructEnv GenerateFunctionInEnv - GenerateFunctionOutEnv); - -use vars qw($VERSION); -$VERSION = '0.01'; - -sub new($) { - my ($class) = @_; - my $self = { res => "", res_hdr => "", tabs => "", constants => {}}; - bless($self, $class); -} - -sub pidl_hdr ($$) -{ - my $self = shift; - $self->{res_hdr} .= shift; -} - -sub pidl($$) -{ - my ($self, $d) = @_; - if ($d) { - $self->{res} .= $self->{tabs}; - $self->{res} .= $d; - } - $self->{res} .= "\n"; -} - -sub indent($) -{ - my ($self) = @_; - $self->{tabs} .= "\t"; -} - -sub deindent($) -{ - my ($self) = @_; - $self->{tabs} = substr($self->{tabs}, 0, -1); -} - -##################################################################### -# check that a variable we get from ParseExpr isn't a null pointer -sub check_null_pointer($$) -{ - my ($self, $size) = @_; - if ($size =~ /^\*/) { - my $size2 = substr($size, 1); - $self->pidl("if ($size2 == NULL) return NT_STATUS_INVALID_PARAMETER_MIX;"); - } -} - -##################################################################### -# work out is a parse function should be declared static or not -sub fn_declare($$$) -{ - my ($self,$fn,$decl) = @_; - - if (has_property($fn, "public")) { - $self->pidl_hdr("$decl;\n"); - $self->pidl("_PUBLIC_ $decl"); - } else { - $self->pidl("static $decl"); - } -} - -########################### -# pull a scalar element -sub EjsPullScalar($$$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - - return if (has_property($e, "value")); - - if (ref($e->{TYPE}) eq "HASH" and not defined($e->{TYPE}->{NAME})) { - $self->EjsTypePull($e->{TYPE}, $var); - } else { - my $pl = Parse::Pidl::NDR::GetPrevLevel($e, $l); - $var = get_pointer_to($var); - # have to handle strings specially :( - if (Parse::Pidl::Typelist::scalar_is_reference($e->{TYPE}) - and (defined($pl) and $pl->{TYPE} eq "POINTER")) { - $var = get_pointer_to($var); - } - - my $t; - if (ref($e->{TYPE}) eq "HASH") { - $t = "$e->{TYPE}->{TYPE}_$e->{TYPE}->{NAME}"; - } else { - $t = $e->{TYPE}; - } - $self->pidl("EJS_CHECK(ejs_pull_$t(ejs, v, $name, $var));"); - } -} - -########################### -# pull a pointer element -sub EjsPullPointer($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - $self->pidl("if (ejs_pull_null(ejs, v, $name)) {"); - $self->indent; - if ($l->{POINTER_TYPE} eq "ref") { - $self->pidl("return NT_STATUS_INVALID_PARAMETER_MIX;"); - } else { - $self->pidl("$var = NULL;"); - } - $self->deindent; - $self->pidl("} else {"); - $self->indent; - $self->pidl("EJS_ALLOC(ejs, $var);"); - $var = get_value_of($var); - $self->EjsPullElement($e, GetNextLevel($e, $l), $var, $name, $env); - $self->deindent; - $self->pidl("}"); -} - -########################### -# pull a string element -sub EjsPullString($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $pl = GetPrevLevel($e, $l); - $var = get_pointer_to($var); - if (defined($pl) and $pl->{TYPE} eq "POINTER") { - $var = get_pointer_to($var); - } - $self->pidl("EJS_CHECK(ejs_pull_string(ejs, v, $name, $var));"); -} - -########################### -# pull an array element -sub EjsPullArray($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $nl = GetNextLevel($e, $l); - my $length = ParseExpr($l->{LENGTH_IS}, $env, $e); - my $size = ParseExpr($l->{SIZE_IS}, $env, $e); - my $pl = GetPrevLevel($e, $l); - if ($pl && $pl->{TYPE} eq "POINTER") { - $var = get_pointer_to($var); - } - # uint8 arrays are treated as data blobs - if ($nl->{TYPE} eq 'DATA' && $e->{TYPE} eq 'uint8') { - if (!$l->{IS_FIXED}) { - $self->check_null_pointer($size); - $self->pidl("EJS_ALLOC_N(ejs, $var, $size);"); - } - $self->check_null_pointer($length); - $self->pidl("ejs_pull_array_uint8(ejs, v, $name, $var, $length);"); - return; - } - my $avar = $var . "[i]"; - $self->pidl("{"); - $self->indent; - $self->pidl("uint32_t i;"); - if (!$l->{IS_FIXED}) { - $self->pidl("EJS_ALLOC_N(ejs, $var, $size);"); - } - $self->pidl("for (i=0;i<$length;i++) {"); - $self->indent; - $self->pidl("char *id = talloc_asprintf(ejs, \"%s.%u\", $name, i);"); - $self->EjsPullElement($e, $nl, $avar, "id", $env); - $self->pidl("talloc_free(id);"); - $self->deindent; - $self->pidl("}"); - $self->pidl("ejs_push_uint32(ejs, v, $name \".length\", &i);"); - $self->deindent; - $self->pidl("}"); -} - -########################### -# pull a switch element -sub EjsPullSwitch($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $switch_var = ParseExpr($l->{SWITCH_IS}, $env, $e); - $self->pidl("ejs_set_switch(ejs, $switch_var);"); - $self->EjsPullElement($e, GetNextLevel($e, $l), $var, $name, $env); -} - -########################### -# pull a structure element -sub EjsPullElement($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - if (($l->{TYPE} eq "POINTER")) { - $self->EjsPullPointer($e, $l, $var, $name, $env); - } elsif (has_property($e, "charset")) { - $self->EjsPullString($e, $l, $var, $name, $env); - } elsif ($l->{TYPE} eq "ARRAY") { - $self->EjsPullArray($e, $l, $var, $name, $env); - } elsif ($l->{TYPE} eq "DATA") { - $self->EjsPullScalar($e, $l, $var, $name, $env); - } elsif (($l->{TYPE} eq "SWITCH")) { - $self->EjsPullSwitch($e, $l, $var, $name, $env); - } else { - $self->pidl("return ejs_panic(ejs, \"unhandled pull type $l->{TYPE}\");"); - } -} - -############################################# -# pull a structure/union element at top level -sub EjsPullElementTop($$$) -{ - my ($self, $e, $env) = @_; - my $l = $e->{LEVELS}[0]; - my $var = ParseExpr($e->{NAME}, $env, $e); - my $name = "\"$e->{NAME}\""; - $self->EjsPullElement($e, $l, $var, $name, $env); -} - -########################### -# pull a struct -sub EjsStructPull($$$) -{ - my ($self, $d, $varname) = @_; - my $env = GenerateStructEnv($d, $varname); - $self->pidl("EJS_CHECK(ejs_pull_struct_start(ejs, &v, name));"); - foreach my $e (@{$d->{ELEMENTS}}) { - $self->EjsPullElementTop($e, $env); - } -} - -########################### -# pull a union -sub EjsUnionPull($$$) -{ - my ($self, $d, $varname) = @_; - my $have_default = 0; - $self->pidl("EJS_CHECK(ejs_pull_struct_start(ejs, &v, name));"); - $self->pidl("switch (ejs->switch_var) {"); - $self->indent; - foreach my $e (@{$d->{ELEMENTS}}) { - if ($e->{CASE} eq "default") { - $have_default = 1; - } - $self->pidl("$e->{CASE}:"); - $self->indent; - if ($e->{TYPE} ne "EMPTY") { - $self->EjsPullElementTop($e, { $e->{NAME} => "$varname->$e->{NAME}"}); - } - $self->pidl("break;"); - $self->deindent; - } - if (! $have_default) { - $self->pidl("default:"); - $self->indent; - $self->pidl("return ejs_panic(ejs, \"Bad switch value\");"); - $self->deindent; - } - $self->deindent; - $self->pidl("}"); -} - -############################################## -# put the enum elements in the constants array -sub EjsEnumConstant($$) -{ - my ($self, $d) = @_; - return unless (defined($d->{ELEMENTS})); - my $v = 0; - foreach my $e (@{$d->{ELEMENTS}}) { - my $el = $e; - chomp $el; - if ($el =~ /^(.*)=\s*(.*)\s*$/) { - $el = $1; - $v = $2; - } - $self->{constants}->{$el} = $v; - $v++; - } -} - -########################### -# pull a enum -sub EjsEnumPull($$$) -{ - my ($self, $d, $varname) = @_; - $self->EjsEnumConstant($d); - $self->pidl("unsigned e;"); - $self->pidl("EJS_CHECK(ejs_pull_enum(ejs, v, name, &e));"); - $self->pidl("*$varname = e;"); -} - -########################### -# pull a bitmap -sub EjsBitmapPull($$$) -{ - my ($self, $d, $varname) = @_; - my $type_fn = $d->{BASE_TYPE}; - $self->pidl("EJS_CHECK(ejs_pull_$type_fn(ejs, v, name, $varname));"); -} - -sub EjsTypePullFunction($$$) -{ - sub EjsTypePullFunction($$$); - my ($self, $d, $name) = @_; - return if (has_property($d, "noejs")); - - if ($d->{TYPE} eq "TYPEDEF") { - $self->EjsTypePullFunction($d->{DATA}, $name); - return; - } - - if ($d->{TYPE} eq "STRUCT") { - $self->fn_declare($d, "NTSTATUS ejs_pull_$name(struct ejs_rpc *ejs, struct MprVar *v, const char *name, struct $name *r)"); - } elsif ($d->{TYPE} eq "UNION") { - $self->fn_declare($d, "NTSTATUS ejs_pull_$name(struct ejs_rpc *ejs, struct MprVar *v, const char *name, union $name *r)"); - } elsif ($d->{TYPE} eq "ENUM") { - $self->fn_declare($d, "NTSTATUS ejs_pull_$name(struct ejs_rpc *ejs, struct MprVar *v, const char *name, enum $name *r)"); - } elsif ($d->{TYPE} eq "BITMAP") { - my($type_decl) = Parse::Pidl::Typelist::mapTypeName($d->{BASE_TYPE}); - $self->fn_declare($d, "NTSTATUS ejs_pull_$name(struct ejs_rpc *ejs, struct MprVar *v, const char *name, $type_decl *r)"); - } - $self->pidl("{"); - $self->indent; - - $self->EjsTypePull($d, "r"); - - $self->pidl("return NT_STATUS_OK;"); - $self->deindent; - $self->pidl("}\n"); -} - -sub EjsTypePull($$$) -{ - my ($self, $d, $varname) = @_; - if ($d->{TYPE} eq 'STRUCT') { - $self->EjsStructPull($d, $varname); - } elsif ($d->{TYPE} eq 'UNION') { - $self->EjsUnionPull($d, $varname); - } elsif ($d->{TYPE} eq 'ENUM') { - $self->EjsEnumPull($d, $varname); - } elsif ($d->{TYPE} eq 'BITMAP') { - $self->EjsBitmapPull($d, $varname); - } else { - warn "Unhandled pull $varname of type $d->{TYPE}"; - } -} - -##################### -# generate a function -sub EjsPullFunction($$) -{ - my ($self, $d) = @_; - my $env = GenerateFunctionInEnv($d); - my $name = $d->{NAME}; - - $self->pidl("\nstatic NTSTATUS ejs_pull_$name(struct ejs_rpc *ejs, struct MprVar *v, struct $name *r)"); - $self->pidl("{"); - $self->indent; - $self->pidl("EJS_CHECK(ejs_pull_struct_start(ejs, &v, \"input\"));"); - - # we pull non-array elements before array elements as arrays - # may have length_is() or size_is() properties that depend - # on the non-array elements - foreach my $e (@{$d->{ELEMENTS}}) { - next unless (grep(/in/, @{$e->{DIRECTION}})); - next if (has_property($e, "length_is") || has_property($e, "size_is")); - $self->EjsPullElementTop($e, $env); - } - - foreach my $e (@{$d->{ELEMENTS}}) { - next unless (grep(/in/, @{$e->{DIRECTION}})); - next unless (has_property($e, "length_is") || has_property($e, "size_is")); - $self->EjsPullElementTop($e, $env); - } - - $self->pidl("return NT_STATUS_OK;"); - $self->deindent; - $self->pidl("}\n"); -} - -########################### -# push a scalar element -sub EjsPushScalar($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - - if (ref($e->{TYPE}) eq "HASH" and not defined($e->{TYPE}->{NAME})) { - $self->EjsTypePush($e->{TYPE}, get_pointer_to($var)); - } else { - # have to handle strings specially :( - my $pl = GetPrevLevel($e, $l); - - if ((not Parse::Pidl::Typelist::scalar_is_reference($e->{TYPE})) - or (defined($pl) and $pl->{TYPE} eq "POINTER")) { - $var = get_pointer_to($var); - } - - $self->pidl("EJS_CHECK(".TypeFunctionName("ejs_push", $e->{TYPE})."(ejs, v, $name, $var));"); - } -} - -########################### -# push a string element -sub EjsPushString($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $pl = GetPrevLevel($e, $l); - if (defined($pl) and $pl->{TYPE} eq "POINTER") { - $var = get_pointer_to($var); - } - $self->pidl("EJS_CHECK(ejs_push_string(ejs, v, $name, $var));"); -} - -########################### -# push a pointer element -sub EjsPushPointer($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - $self->pidl("if (NULL == $var) {"); - $self->indent; - if ($l->{POINTER_TYPE} eq "ref") { - $self->pidl("return NT_STATUS_INVALID_PARAMETER_MIX;"); - } else { - $self->pidl("EJS_CHECK(ejs_push_null(ejs, v, $name));"); - } - $self->deindent; - $self->pidl("} else {"); - $self->indent; - $var = get_value_of($var); - $self->EjsPushElement($e, GetNextLevel($e, $l), $var, $name, $env); - $self->deindent; - $self->pidl("}"); -} - -########################### -# push a switch element -sub EjsPushSwitch($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $switch_var = ParseExpr($l->{SWITCH_IS}, $env, $e); - $self->pidl("ejs_set_switch(ejs, $switch_var);"); - $self->EjsPushElement($e, GetNextLevel($e, $l), $var, $name, $env); -} - -########################### -# push an array element -sub EjsPushArray($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - my $nl = GetNextLevel($e, $l); - my $length = ParseExpr($l->{LENGTH_IS}, $env, $e); - my $pl = GetPrevLevel($e, $l); - if ($pl && $pl->{TYPE} eq "POINTER") { - $var = get_pointer_to($var); - } - # uint8 arrays are treated as data blobs - if ($nl->{TYPE} eq 'DATA' && $e->{TYPE} eq 'uint8') { - $self->check_null_pointer($length); - $self->pidl("ejs_push_array_uint8(ejs, v, $name, $var, $length);"); - return; - } - my $avar = $var . "[i]"; - $self->pidl("{"); - $self->indent; - $self->pidl("uint32_t i;"); - $self->pidl("for (i=0;i<$length;i++) {"); - $self->indent; - $self->pidl("const char *id = talloc_asprintf(ejs, \"%s.%u\", $name, i);"); - $self->EjsPushElement($e, $nl, $avar, "id", $env); - $self->deindent; - $self->pidl("}"); - $self->pidl("ejs_push_uint32(ejs, v, $name \".length\", &i);"); - $self->deindent; - $self->pidl("}"); -} - -################################ -# push a structure/union element -sub EjsPushElement($$$$$$) -{ - my ($self, $e, $l, $var, $name, $env) = @_; - if (($l->{TYPE} eq "POINTER")) { - $self->EjsPushPointer($e, $l, $var, $name, $env); - } elsif (has_property($e, "charset")) { - $self->EjsPushString($e, $l, $var, $name, $env); - } elsif ($l->{TYPE} eq "ARRAY") { - $self->EjsPushArray($e, $l, $var, $name, $env); - } elsif ($l->{TYPE} eq "DATA") { - $self->EjsPushScalar($e, $l, $var, $name, $env); - } elsif (($l->{TYPE} eq "SWITCH")) { - $self->EjsPushSwitch($e, $l, $var, $name, $env); - } else { - $self->pidl("return ejs_panic(ejs, \"unhandled push type $l->{TYPE}\");"); - } -} - -############################################# -# push a structure/union element at top level -sub EjsPushElementTop($$$) -{ - my ($self, $e, $env) = @_; - my $l = $e->{LEVELS}[0]; - my $var = ParseExpr($e->{NAME}, $env, $e); - my $name = "\"$e->{NAME}\""; - $self->EjsPushElement($e, $l, $var, $name, $env); -} - -########################### -# push a struct -sub EjsStructPush($$$) -{ - my ($self, $d, $varname) = @_; - my $env = GenerateStructEnv($d, $varname); - $self->pidl("EJS_CHECK(ejs_push_struct_start(ejs, &v, name));"); - foreach my $e (@{$d->{ELEMENTS}}) { - $self->EjsPushElementTop($e, $env); - } -} - -########################### -# push a union -sub EjsUnionPush($$$) -{ - my ($self, $d, $varname) = @_; - my $have_default = 0; - $self->pidl("EJS_CHECK(ejs_push_struct_start(ejs, &v, name));"); - $self->pidl("switch (ejs->switch_var) {"); - $self->indent; - foreach my $e (@{$d->{ELEMENTS}}) { - if ($e->{CASE} eq "default") { - $have_default = 1; - } - $self->pidl("$e->{CASE}:"); - $self->indent; - if ($e->{TYPE} ne "EMPTY") { - $self->EjsPushElementTop($e, { $e->{NAME} => "$varname->$e->{NAME}"} ); - } - $self->pidl("break;"); - $self->deindent; - } - if (! $have_default) { - $self->pidl("default:"); - $self->indent; - $self->pidl("return ejs_panic(ejs, \"Bad switch value\");"); - $self->deindent; - } - $self->deindent; - $self->pidl("}"); -} - -########################### -# push a enum -sub EjsEnumPush($$$) -{ - my ($self, $d, $varname) = @_; - $self->EjsEnumConstant($d); - $self->pidl("unsigned e = ".get_value_of($varname).";"); - $self->pidl("EJS_CHECK(ejs_push_enum(ejs, v, name, &e));"); -} - -########################### -# push a bitmap -sub EjsBitmapPush($$$) -{ - my ($self, $d, $varname) = @_; - return unless (defined($d->{ELEMENTS})); - my $type_fn = $d->{BASE_TYPE}; - # put the bitmap elements in the constants array - foreach my $e (@{$d->{ELEMENTS}}) { - if ($e =~ /^(\w*)\s*(.*)\s*$/) { - my $bname = $1; - my $v = $2; - $self->{constants}->{$bname} = $v; - } - } - $self->pidl("EJS_CHECK(ejs_push_$type_fn(ejs, v, name, $varname));"); -} - -sub EjsTypePushFunction($$$) -{ - sub EjsTypePushFunction($$$); - my ($self, $d, $name) = @_; - return if (has_property($d, "noejs")); - - my $var = undef; - my $dt = $d; - if ($dt->{TYPE} eq "TYPEDEF") { - $dt = $dt->{DATA}; - } - if ($dt->{TYPE} eq "STRUCT") { - $var = "const struct $name *r"; - } elsif ($dt->{TYPE} eq "UNION") { - $var = "const union $name *r"; - } elsif ($dt->{TYPE} eq "ENUM") { - $var = "const enum $name *r"; - } elsif ($dt->{TYPE} eq "BITMAP") { - my($type_decl) = Parse::Pidl::Typelist::mapTypeName($dt->{BASE_TYPE}); - $var = "const $type_decl *r"; - } - $self->fn_declare($d, "NTSTATUS ".TypeFunctionName("ejs_push", $d) . "(struct ejs_rpc *ejs, struct MprVar *v, const char *name, $var)"); - $self->pidl("{"); - $self->indent; - $self->EjsTypePush($d, "r"); - $self->pidl("return NT_STATUS_OK;"); - $self->deindent; - $self->pidl("}\n"); -} - -sub EjsTypePush($$$) -{ - sub EjsTypePush($$$); - my ($self, $d, $varname) = @_; - - if ($d->{TYPE} eq 'STRUCT') { - $self->EjsStructPush($d, $varname); - } elsif ($d->{TYPE} eq 'UNION') { - $self->EjsUnionPush($d, $varname); - } elsif ($d->{TYPE} eq 'ENUM') { - $self->EjsEnumPush($d, $varname); - } elsif ($d->{TYPE} eq 'BITMAP') { - $self->EjsBitmapPush($d, $varname); - } elsif ($d->{TYPE} eq 'TYPEDEF') { - $self->EjsTypePush($d->{DATA}, $varname); - } else { - warn "Unhandled push $varname of type $d->{TYPE}"; - } -} - -##################### -# generate a function -sub EjsPushFunction($$) -{ - my ($self, $d) = @_; - my $env = GenerateFunctionOutEnv($d); - - $self->pidl("\nstatic NTSTATUS ejs_push_$d->{NAME}(struct ejs_rpc *ejs, struct MprVar *v, const struct $d->{NAME} *r)"); - $self->pidl("{"); - $self->indent; - $self->pidl("EJS_CHECK(ejs_push_struct_start(ejs, &v, \"output\"));"); - - foreach my $e (@{$d->{ELEMENTS}}) { - next unless (grep(/out/, @{$e->{DIRECTION}})); - $self->EjsPushElementTop($e, $env); - } - - if ($d->{RETURN_TYPE}) { - $self->pidl("EJS_CHECK(".TypeFunctionName("ejs_push", $d->{RETURN_TYPE})."(ejs, v, \"result\", &r->out.result));"); - } - - $self->pidl("return NT_STATUS_OK;"); - $self->deindent; - $self->pidl("}\n"); -} - -################################# -# generate a ejs mapping function -sub EjsFunction($$$) -{ - my ($self, $d, $iface) = @_; - my $name = $d->{NAME}; - my $callnum = uc("NDR_$name"); - my $table = "&ndr_table_$iface"; - - $self->pidl("static int ejs_$name(int eid, int argc, struct MprVar **argv)"); - $self->pidl("{"); - $self->indent; - $self->pidl("return ejs_rpc_call(eid, argc, argv, $table, $callnum, (ejs_pull_function_t)ejs_pull_$name, (ejs_push_function_t)ejs_push_$name);"); - $self->deindent; - $self->pidl("}\n"); -} - -################### -# handle a constant -sub EjsConst($$) -{ - my ($self, $const) = @_; - $self->{constants}->{$const->{NAME}} = $const->{VALUE}; -} - -sub EjsImport -{ - my $self = shift; - my @imports = @_; - foreach (@imports) { - s/\.idl\"$//; - s/^\"//; - $self->pidl_hdr("#include \"librpc/gen_ndr/ndr_$_\_ejs\.h\"\n"); - } -} - -##################################################################### -# parse the interface definitions -sub EjsInterface($$$) -{ - my($self,$interface,$needed) = @_; - my @fns = (); - my $name = $interface->{NAME}; - - $self->pidl_hdr("#ifndef _HEADER_EJS_$interface->{NAME}\n"); - $self->pidl_hdr("#define _HEADER_EJS_$interface->{NAME}\n\n"); - - $self->pidl_hdr("\n"); - - foreach my $d (@{$interface->{TYPES}}) { - next unless (typeHasBody($d)); - ($needed->{TypeFunctionName("ejs_push", $d)}) && $self->EjsTypePushFunction($d, $d->{NAME}); - ($needed->{TypeFunctionName("ejs_pull", $d)}) && $self->EjsTypePullFunction($d, $d->{NAME}); - } - - foreach my $d (@{$interface->{FUNCTIONS}}) { - next if not defined($d->{OPNUM}); - next if has_property($d, "noejs"); - - $self->EjsPullFunction($d); - $self->EjsPushFunction($d); - $self->EjsFunction($d, $name); - - push (@fns, $d->{NAME}); - } - - foreach my $d (@{$interface->{CONSTS}}) { - $self->EjsConst($d); - } - - $self->pidl("static int ejs_$name\_init(int eid, int argc, struct MprVar **argv)"); - $self->pidl("{"); - $self->indent; - $self->pidl("struct MprVar *obj = mprInitObject(eid, \"$name\", argc, argv);"); - foreach (@fns) { - $self->pidl("mprSetCFunction(obj, \"$_\", ejs_$_);"); - } - foreach my $v (keys %{$self->{constants}}) { - my $value = $self->{constants}->{$v}; - if (substr($value, 0, 1) eq "\"") { - $self->pidl("mprSetVar(obj, \"$v\", mprString($value));"); - } else { - $self->pidl("mprSetVar(obj, \"$v\", mprCreateNumberVar($value));"); - } - } - $self->pidl("return ejs_rpc_init(obj, \"$name\");"); - $self->deindent; - $self->pidl("}\n"); - - $self->pidl("NTSTATUS ejs_init_$name(void)"); - $self->pidl("{"); - $self->indent; - $self->pidl("ejsDefineCFunction(-1, \"$name\_init\", ejs_$name\_init, NULL, MPR_VAR_SCRIPT_HANDLE);"); - $self->pidl("return NT_STATUS_OK;"); - $self->deindent; - $self->pidl("}"); - - $self->pidl_hdr("\n"); - $self->pidl_hdr("#endif /* _HEADER_EJS_$interface->{NAME} */\n"); -} - -##################################################################### -# parse a parsed IDL into a C header -sub Parse($$$) -{ - my($self,$ndr,$hdr) = @_; - - my $ejs_hdr = $hdr; - $ejs_hdr =~ s/.h$/_ejs.h/; - - $self->pidl_hdr("/* header auto-generated by pidl */\n\n"); - - $self->pidl(" -/* EJS wrapper functions auto-generated by pidl */ -#include \"includes.h\" -#include \"librpc/rpc/dcerpc.h\" -#include \"lib/appweb/ejs/ejs.h\" -#include \"scripting/ejs/ejsrpc.h\" -#include \"scripting/ejs/smbcalls.h\" -#include \"librpc/gen_ndr/ndr_misc_ejs.h\" -#include \"$hdr\" -#include \"$ejs_hdr\" - -"); - - my %needed = (); - - foreach my $x (@{$ndr}) { - ($x->{TYPE} eq "INTERFACE") && NeededInterface($x, \%needed); - } - - foreach my $x (@$ndr) { - ($x->{TYPE} eq "INTERFACE") && $self->EjsInterface($x, \%needed); - ($x->{TYPE} eq "IMPORT") && $self->EjsImport(@{$x->{PATHS}}); - } - - return ($self->{res_hdr}, $self->{res}); -} - -sub NeededFunction($$) -{ - my ($fn,$needed) = @_; - - $needed->{"ejs_pull_$fn->{NAME}"} = 1; - $needed->{"ejs_push_$fn->{NAME}"} = 1; - - foreach (@{$fn->{ELEMENTS}}) { - next if (has_property($_, "subcontext")); #FIXME: Support subcontexts - if (grep(/in/, @{$_->{DIRECTION}})) { - $needed->{TypeFunctionName("ejs_pull", $_->{TYPE})} = 1; - } - if (grep(/out/, @{$_->{DIRECTION}})) { - $needed->{TypeFunctionName("ejs_push", $_->{TYPE})} = 1; - } - } -} - -sub NeededType($$$) -{ - sub NeededType($$$); - my ($t,$needed,$req) = @_; - - NeededType($t->{DATA}, $needed, $req) if ($t->{TYPE} eq "TYPEDEF"); - - return unless (($t->{TYPE} eq "STRUCT") or ($t->{TYPE} eq "UNION")); - - return unless(typeHasBody($t)); - - foreach (@{$t->{ELEMENTS}}) { - next if (has_property($_, "subcontext")); #FIXME: Support subcontexts - my $n; - if (ref($_->{TYPE}) ne "HASH" or defined($_->{TYPE}->{NAME})) { - $needed->{TypeFunctionName("ejs_$req", $_->{TYPE})} = 1; - } - NeededType($_->{TYPE}, $needed, $req) if (ref($_->{TYPE}) eq "HASH"); - } -} - -##################################################################### -# work out what parse functions are needed -sub NeededInterface($$) -{ - my ($interface,$needed) = @_; - - NeededFunction($_, $needed) foreach (@{$interface->{FUNCTIONS}}); - - foreach (reverse @{$interface->{TYPES}}) { - if (has_property($_, "public")) { - $needed->{TypeFunctionName("ejs_pull", $_)} = not has_property($_, "noejs"); - $needed->{TypeFunctionName("ejs_push", $_)} = not has_property($_, "noejs"); - } - - NeededType($_, $needed, "pull") if ($needed->{TypeFunctionName("ejs_pull", $_)}); - NeededType($_, $needed, "push") if ($needed->{TypeFunctionName("ejs_push", $_)}); - } -} - -sub TypeFunctionName($$) -{ - my ($prefix, $t) = @_; - - return "$prefix\_$t->{NAME}" if (ref($t) eq "HASH" and - $t->{TYPE} eq "TYPEDEF"); - return "$prefix\_$t->{TYPE}_$t->{NAME}" if (ref($t) eq "HASH"); - return "$prefix\_$t"; -} - - - -1; diff --git a/pidl/tests/samba-ejs.pl b/pidl/tests/samba-ejs.pl deleted file mode 100755 index 094d37a103..0000000000 --- a/pidl/tests/samba-ejs.pl +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/perl -# (C) 2007 Jelmer Vernooij -# Published under the GNU General Public License -use strict; -use warnings; - -use Test::More tests => 10; -use FindBin qw($RealBin); -use lib "$RealBin"; -use Util; -use Parse::Pidl::Util qw(MyDumper); -use Parse::Pidl::Samba4::EJS qw(check_null_pointer - fn_declare TypeFunctionName); - -my $ejs = new Parse::Pidl::Samba4::EJS(); - -$ejs->check_null_pointer("bla"); -is($ejs->{res}, ""); - -$ejs = new Parse::Pidl::Samba4::EJS(); -$ejs->check_null_pointer("*bla"); -is($ejs->{res}, "if (bla == NULL) return NT_STATUS_INVALID_PARAMETER_MIX;\n"); - -$ejs = new Parse::Pidl::Samba4::EJS(); -$ejs->fn_declare({ PROPERTIES => { public => 1 } }, "myproto(int x)"); -is($ejs->{res}, "_PUBLIC_ myproto(int x)\n"); -is($ejs->{res_hdr}, "myproto(int x);\n"); - -$ejs = new Parse::Pidl::Samba4::EJS(); -$ejs->fn_declare({ PROPERTIES => {} }, "mybla(int foo)"); -is($ejs->{res}, "static mybla(int foo)\n"); -is($ejs->{res_hdr}, ""); - -is(TypeFunctionName("ejs_pull", "uint32"), "ejs_pull_uint32"); -is(TypeFunctionName("ejs_pull", {TYPE => "ENUM", NAME => "bar"}), "ejs_pull_ENUM_bar"); -is(TypeFunctionName("ejs_pull", {TYPE => "TYPEDEF", NAME => "bar", DATA => undef}), "ejs_pull_bar"); -is(TypeFunctionName("ejs_push", {TYPE => "STRUCT", NAME => "bar"}), "ejs_push_STRUCT_bar"); -- cgit From 0f8d749144b60c62bbc9e0b934aecc2825d5d0d5 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 11:16:36 +0100 Subject: Add convenience function for determining if an array should be allocated with talloc. --- pidl/lib/Parse/Pidl/Samba4.pm | 14 +++++++++++--- pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 6 +++--- pidl/lib/Parse/Pidl/Samba4/Python.pm | 3 ++- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/pidl/lib/Parse/Pidl/Samba4.pm b/pidl/lib/Parse/Pidl/Samba4.pm index d42e01cdb0..5bdb91ee25 100644 --- a/pidl/lib/Parse/Pidl/Samba4.pm +++ b/pidl/lib/Parse/Pidl/Samba4.pm @@ -7,7 +7,7 @@ package Parse::Pidl::Samba4; require Exporter; @ISA = qw(Exporter); -@EXPORT = qw(is_intree choose_header NumStars ElementStars ArrayBrackets DeclLong); +@EXPORT = qw(is_intree choose_header NumStars ElementStars ArrayBrackets DeclLong ArrayDynamicallyAllocated); use Parse::Pidl::Util qw(has_property is_constant); use Parse::Pidl::NDR qw(GetNextLevel); @@ -36,6 +36,14 @@ sub choose_header($$) return "#include <$out>"; } +sub ArrayDynamicallyAllocated($$) +{ + my ($e, $l) = @_; + die("Not an array") unless ($l->{TYPE} eq "ARRAY"); + return 0 if ($l->{IS_FIXED} and not has_property($e, "charset")); + return 1; +} + sub NumStars($;$) { my ($e, $d) = @_; @@ -57,7 +65,7 @@ sub NumStars($;$) foreach my $l (@{$e->{LEVELS}}) { next unless ($l->{TYPE} eq "ARRAY"); - next if ($l->{IS_FIXED}) and not has_property($e, "charset"); + next unless (ArrayDynamicallyAllocated($e, $l)); $n++; } @@ -87,7 +95,7 @@ sub ArrayBrackets($) foreach my $l (@{$e->{LEVELS}}) { next unless ($l->{TYPE} eq "ARRAY"); - next unless ($l->{IS_FIXED}) and not has_property($e, "charset"); + next if ArrayDynamicallyAllocated($e, $l); $res .= "[$l->{SIZE_IS}]"; } diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm index fb73075f1a..ee81e51f25 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm @@ -16,7 +16,7 @@ use Parse::Pidl::Typelist qw(hasType getType mapTypeName typeHasBody); use Parse::Pidl::Util qw(has_property ParseExpr ParseExprExt print_uuid unmake_str); use Parse::Pidl::CUtil qw(get_pointer_to get_value_of get_array_element); use Parse::Pidl::NDR qw(GetPrevLevel GetNextLevel ContainsDeferred is_charset_array); -use Parse::Pidl::Samba4 qw(is_intree choose_header); +use Parse::Pidl::Samba4 qw(is_intree choose_header ArrayDynamicallyAllocated); use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv EnvSubstituteValue GenerateStructEnv); use Parse::Pidl qw(warning); @@ -376,7 +376,7 @@ sub ParseArrayPullHeader($$$$$$) $self->defer("}"); } - if (not $l->{IS_FIXED} and not is_charset_array($e, $l)) { + if (ArrayDynamicallyAllocated($e,$l) and not is_charset_array($e,$l)) { $self->AllocateArrayLevel($e,$l,$ndr,$var_name,$size); } @@ -917,7 +917,7 @@ sub ParseMemCtxPullFlags($$$$) return undef unless ($l->{TYPE} eq "POINTER" or $l->{TYPE} eq "ARRAY"); - return undef if ($l->{TYPE} eq "ARRAY" and $l->{IS_FIXED}); + return undef unless ($l->{TYPE} ne "ARRAY" or ArrayDynamicallyAllocated($e,$l)); return undef if has_fast_array($e, $l); return undef if is_charset_array($e, $l); diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index a3107d4672..90dcba0780 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -14,6 +14,7 @@ use Parse::Pidl::Typelist qw(hasType resolveType getType mapTypeName expandAlias use Parse::Pidl::Util qw(has_property ParseExpr unmake_str); use Parse::Pidl::NDR qw(GetPrevLevel GetNextLevel ContainsDeferred is_charset_array); use Parse::Pidl::CUtil qw(get_value_of get_pointer_to); +use Parse::Pidl::Samba4 qw(ArrayDynamicallyAllocated); use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv EnvSubstituteValue GenerateStructEnv); use vars qw($VERSION); @@ -942,7 +943,7 @@ sub ConvertObjectFromPythonLevel($$$$$$$$) $self->pidl("{"); $self->indent; $self->pidl("int $counter;"); - if (!$l->{IS_FIXED}) { + if (ArrayDynamicallyAllocated($e, $l)) { $self->pidl("$var_name = talloc_array_ptrtype($mem_ctx, $var_name, PyList_Size($py_var));"); } $self->pidl("for ($counter = 0; $counter < PyList_Size($py_var); $counter++) {"); -- cgit From d1101dba79d65b0991668069b91946198f343ead Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 11:48:42 +0100 Subject: Remove noejs property, which is no longer used. --- librpc/idl/lsa.idl | 2 +- librpc/idl/misc.idl | 2 +- librpc/idl/winreg.idl | 2 +- pidl/lib/Parse/Pidl/Compat.pm | 1 - pidl/lib/Parse/Pidl/NDR.pm | 1 - source4/librpc/idl/dom_sid.idl | 2 +- source4/librpc/idl/irpc.idl | 8 ++++---- 7 files changed, 8 insertions(+), 10 deletions(-) diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl index 003641d97a..db5ca31720 100644 --- a/librpc/idl/lsa.idl +++ b/librpc/idl/lsa.idl @@ -16,7 +16,7 @@ import "misc.idl", "security.idl"; typedef bitmap security_secinfo security_secinfo; typedef bitmap kerb_EncTypes kerb_EncTypes; - typedef [public,noejs] struct { + typedef [public] struct { [value(2*strlen_m(string))] uint16 length; [value(2*strlen_m(string))] uint16 size; [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string; diff --git a/librpc/idl/misc.idl b/librpc/idl/misc.idl index 1907195252..1ef0d913b9 100644 --- a/librpc/idl/misc.idl +++ b/librpc/idl/misc.idl @@ -7,7 +7,7 @@ ] interface misc { - typedef [public,noprint,gensize,noejs] struct { + typedef [public,noprint,gensize] struct { uint32 time_low; uint16 time_mid; uint16 time_hi_and_version; diff --git a/librpc/idl/winreg.idl b/librpc/idl/winreg.idl index 9216f9893b..2f108a090b 100644 --- a/librpc/idl/winreg.idl +++ b/librpc/idl/winreg.idl @@ -40,7 +40,7 @@ import "lsa.idl", "security.idl"; REG_QWORD = 11 } winreg_Type; - typedef [public,noejs] struct { + typedef [public] struct { [value(strlen_m_term(name)*2)] uint16 name_len; [value(strlen_m_term(name)*2)] uint16 name_size; [string,charset(UTF16)] uint16 *name; diff --git a/pidl/lib/Parse/Pidl/Compat.pm b/pidl/lib/Parse/Pidl/Compat.pm index 7519021144..1b49c439c4 100644 --- a/pidl/lib/Parse/Pidl/Compat.pm +++ b/pidl/lib/Parse/Pidl/Compat.pm @@ -44,7 +44,6 @@ my %supported_properties = ( "nopush" => ["FUNCTION", "TYPEDEF"], "nopull" => ["FUNCTION", "TYPEDEF"], "noprint" => ["FUNCTION", "TYPEDEF"], - "noejs" => ["FUNCTION", "TYPEDEF"], # union "switch_is" => ["ELEMENT"], diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm index 9b61a370e2..3daad24c5d 100644 --- a/pidl/lib/Parse/Pidl/NDR.pm +++ b/pidl/lib/Parse/Pidl/NDR.pm @@ -890,7 +890,6 @@ my %property_list = ( "nopull" => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", "ENUM", "BITMAP"], "nosize" => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", "ENUM", "BITMAP"], "noprint" => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", "ENUM", "BITMAP", "ELEMENT"], - "noejs" => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", "ENUM", "BITMAP"], "todo" => ["FUNCTION"], # union diff --git a/source4/librpc/idl/dom_sid.idl b/source4/librpc/idl/dom_sid.idl index 80df11dbfe..1fc8ee2165 100644 --- a/source4/librpc/idl/dom_sid.idl +++ b/source4/librpc/idl/dom_sid.idl @@ -24,7 +24,7 @@ interface dom_sid { /* a domain SID. Note that unlike Samba3 this contains a pointer, so you can't copy them using assignment */ - typedef [public,gensize,noprint,noejs,nosize] struct { + typedef [public,gensize,noprint,nosize] struct { uint8 sid_rev_num; /**< SID revision number */ [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ uint8 id_auth[6]; /**< Identifier Authority */ diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl index e3ea7e55e1..41787355a9 100644 --- a/source4/librpc/idl/irpc.idl +++ b/source4/librpc/idl/irpc.idl @@ -14,7 +14,7 @@ import "misc.idl", "security.idl", "nbt.idl"; IRPC_FLAG_REPLY = 0x0001 } irpc_flags; - typedef [public,noejs] struct { + typedef [public] struct { GUID uuid; uint32 if_version; uint32 callnum; @@ -65,17 +65,17 @@ import "misc.idl", "security.idl", "nbt.idl"; [out,unique] astring *dcname ); - typedef [noejs] struct { + typedef struct { ipv4address addr; } nbtd_proxy_wins_addr; - [noejs] void nbtd_proxy_wins_challenge( + void nbtd_proxy_wins_challenge( [in] nbt_name name, [in,out] uint32 num_addrs, [in,out] nbtd_proxy_wins_addr addrs[num_addrs] ); - [noejs] void nbtd_proxy_wins_release_demand( + void nbtd_proxy_wins_release_demand( [in] nbt_name name, [in] uint32 num_addrs, [in] nbtd_proxy_wins_addr addrs[num_addrs] -- cgit From 850abaffbe057f504d47ae91ea6f3ad544d39ebe Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 12:40:11 +0100 Subject: Support pyhelper property to allow additional methods to be tucked onto a pidl-generated type. --- pidl/lib/Parse/Pidl/NDR.pm | 1 + pidl/lib/Parse/Pidl/Samba4/Python.pm | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm index 3daad24c5d..5ee26d16b6 100644 --- a/pidl/lib/Parse/Pidl/NDR.pm +++ b/pidl/lib/Parse/Pidl/NDR.pm @@ -855,6 +855,7 @@ my %property_list = ( "endpoint" => ["INTERFACE"], "pointer_default" => ["INTERFACE"], "helper" => ["INTERFACE"], + "pyhelper" => ["INTERFACE"], "authservice" => ["INTERFACE"], "restricted" => ["INTERFACE"], diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index 90dcba0780..2c64f06aa4 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -280,6 +280,11 @@ sub PythonStruct($$$$$$) $self->indent; $self->pidl("{ \"__ndr_pack__\", (PyCFunction)py_$name\_ndr_pack, METH_NOARGS, \"S.pack() -> blob\\nNDR pack\" },"); $self->pidl("{ \"__ndr_unpack__\", (PyCFunction)py_$name\_ndr_unpack, METH_VARARGS, \"S.unpack(blob) -> None\\nNDR unpack\" },"); + $self->deindent; + $self->pidl("#ifdef ".uc("py_$name\_extra_methods")); + $self->pidl("\t" .uc("py_$name\_extra_methods")); + $self->pidl("#endif"); + $self->indent; $self->pidl("{ NULL, NULL, 0, NULL }"); $self->deindent; $self->pidl("};"); @@ -624,6 +629,10 @@ sub Interface($$$) $self->pidl_hdr("\n"); + if (has_property($interface, "pyhelper")) { + $self->pidl("#include \"".unmake_str($interface->{PROPERTIES}->{pyhelper})."\"\n"); + } + $self->Const($_) foreach (@{$interface->{CONSTS}}); foreach my $d (@{$interface->{TYPES}}) { -- cgit From 9069c849074bc13dda505d461be97dd6357637aa Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Fri, 12 Dec 2008 07:00:38 -0500 Subject: mount.cifs: allow mounts to ipv6 capable servers The current name resolution scheme in mount.cifs is IPv4 only. Expand it to be protocol-independent. Also take advantage of the fact that getaddrinfo() returns a list of addresses and have mount.cifs try each in turn until it hits one that's reachable and allows the socket to connect. Signed-off-by: Jeff Layton --- source3/client/mount.cifs.c | 221 ++++++++++++++++++++++++-------------------- 1 file changed, 120 insertions(+), 101 deletions(-) diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index 0bc61ae38f..9f4d1d3fd0 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -80,6 +80,9 @@ #define MOUNT_PASSWD_SIZE 64 #define DOMAIN_SIZE 64 +/* currently maximum length of IPv6 address string */ +#define MAX_ADDRESS_LEN INET6_ADDRSTRLEN + const char *thisprogram; int verboseflag = 0; static int got_password = 0; @@ -189,12 +192,6 @@ static char * getusername(void) { return username; } -static char * parse_cifs_url(char * unc_name) -{ - printf("\nMounting cifs URL not implemented yet. Attempt to mount %s\n",unc_name); - return NULL; -} - static int open_cred_file(char * file_name) { char * line_buf; @@ -494,7 +491,7 @@ static int parse_options(char ** optionsp, int * filesys_flags) } else if (strncmp(data, "ip", 2) == 0) { if (!value || !*value) { printf("target ip address argument missing"); - } else if (strnlen(value, 35) < 35) { + } else if (strnlen(value, MAX_ADDRESS_LEN) <= MAX_ADDRESS_LEN) { if(verboseflag) printf("ip address %s override specified\n",value); got_ip = 1; @@ -882,23 +879,23 @@ static void replace_char(char *string, char from, char to, int maxlen) } /* Note that caller frees the returned buffer if necessary */ -static char * parse_server(char ** punc_name) +static struct addrinfo * +parse_server(char ** punc_name) { char * unc_name = *punc_name; int length = strnlen(unc_name, MAX_UNC_LEN); char * share; - char * ipaddress_string = NULL; - struct hostent * host_entry = NULL; - struct in_addr server_ipaddr; + struct addrinfo *addrlist; + int rc; if(length > (MAX_UNC_LEN - 1)) { printf("mount error: UNC name too long"); return NULL; } - if (strncasecmp("cifs://",unc_name,7) == 0) - return parse_cifs_url(unc_name+7); - if (strncasecmp("smb://",unc_name,6) == 0) { - return parse_cifs_url(unc_name+6); + if ((strncasecmp("cifs://", unc_name, 7) == 0) || + (strncasecmp("smb://", unc_name, 6) == 0)) { + printf("\nMounting cifs URL not implemented yet. Attempt to mount %s\n", unc_name); + return NULL; } if(length < 3) { @@ -939,7 +936,12 @@ continue_unc_parsing: *share = 0; /* temporarily terminate the string */ share += 1; if(got_ip == 0) { - host_entry = gethostbyname(unc_name); + rc = getaddrinfo(unc_name, NULL, NULL, &addrlist); + if (rc != 0) { + printf("mount error: could not resolve address for %s: %s\n", + unc_name, gai_strerror(rc)); + addrlist = NULL; + } } *(share - 1) = '/'; /* put delimiter back */ @@ -954,23 +956,9 @@ continue_unc_parsing: printf("ip address specified explicitly\n"); return NULL; } - if(host_entry == NULL) { - printf("mount error: could not find target server. TCP name %s not found\n", unc_name); - return NULL; - } else { - /* BB should we pass an alternate version of the share name as Unicode */ - /* BB what about ipv6? BB */ - /* BB add retries with alternate servers in list */ + /* BB should we pass an alternate version of the share name as Unicode */ - memcpy(&server_ipaddr.s_addr, host_entry->h_addr, 4); - - ipaddress_string = inet_ntoa(server_ipaddr); - if(ipaddress_string == NULL) { - printf("mount error: could not get valid ip address for target server\n"); - return NULL; - } - return ipaddress_string; - } + return addrlist; } else { /* BB add code to find DFS root (send null path on get DFS Referral to specified server here */ printf("Mounting the DFS root for a particular server not implemented yet\n"); @@ -1034,10 +1022,11 @@ int main(int argc, char ** argv) int flags = MS_MANDLOCK; /* no need to set legacy MS_MGC_VAL */ char * orgoptions = NULL; char * share_name = NULL; - char * ipaddr = NULL; + const char * ipaddr = NULL; char * uuid = NULL; char * mountpoint = NULL; char * options = NULL; + char * optionstail; char * resolved_path = NULL; char * temp; char * dev_name; @@ -1050,10 +1039,14 @@ int main(int argc, char ** argv) int optlen = 0; int orgoptlen = 0; size_t options_size = 0; + size_t current_len; int retry = 0; /* set when we have to retry mount with uppercase */ + struct addrinfo *addrhead = NULL, *addr; struct stat statbuf; struct utsname sysinfo; struct mntent mountent; + struct sockaddr_in *addr4; + struct sockaddr_in6 *addr6; FILE * pmntfile; /* setlocale(LC_ALL, ""); @@ -1245,8 +1238,8 @@ int main(int argc, char ** argv) rc = EX_USAGE; goto mount_exit; } - ipaddr = parse_server(&share_name); - if((ipaddr == NULL) && (got_ip == 0)) { + addrhead = addr = parse_server(&share_name); + if((addrhead == NULL) && (got_ip == 0)) { printf("No ip address specified and hostname not found\n"); rc = EX_USAGE; goto mount_exit; @@ -1316,7 +1309,6 @@ int main(int argc, char ** argv) } /* FIXME launch daemon (handles dfs name resolution and credential change) remember to clear parms and overwrite password field before launching */ -mount_retry: if(orgoptions) { optlen = strlen(orgoptions); orgoptlen = optlen; @@ -1331,10 +1323,10 @@ mount_retry: } if(user_name) optlen += strlen(user_name) + 6; - if(ipaddr) - optlen += strlen(ipaddr) + 4; + optlen += MAX_ADDRESS_LEN + 4; if(mountpassword) optlen += strlen(mountpassword) + 6; +mount_retry: SAFE_FREE(options); options_size = optlen + 10 + DOMAIN_SIZE; options = (char *)malloc(options_size /* space for commas in password */ + 8 /* space for domain= , domain name itself was counted as part of the length username string above */); @@ -1344,18 +1336,12 @@ mount_retry: exit(EX_SYSERR); } - options[0] = 0; - strlcpy(options,"unc=",options_size); + strlcpy(options, "unc=", options_size); strlcat(options,share_name,options_size); /* scan backwards and reverse direction of slash */ temp = strrchr(options, '/'); if(temp > options + 6) *temp = '\\'; - if(ipaddr) { - strlcat(options,",ip=",options_size); - strlcat(options,ipaddr,options_size); - } - if(user_name) { /* check for syntax like user=domain\user */ if(got_domain == 0) @@ -1397,11 +1383,42 @@ mount_retry: /* convert all '\\' to '/' in share portion so that /proc/mounts looks pretty */ replace_char(dev_name, '\\', '/', strlen(share_name)); - if(mount(dev_name, mountpoint, "cifs", flags, options)) { - /* remember to kill daemon on error */ + if (!got_ip && addr) { + strlcat(options, ",ip=", options_size); + current_len = strnlen(options, options_size); + optionstail = options + current_len; + switch (addr->ai_addr->sa_family) { + case AF_INET6: + addr6 = (struct sockaddr_in6 *) addr->ai_addr; + ipaddr = inet_ntop(AF_INET6, &addr6->sin6_addr, optionstail, + options_size - current_len); + break; + case AF_INET: + addr4 = (struct sockaddr_in *) addr->ai_addr; + ipaddr = inet_ntop(AF_INET, &addr4->sin_addr, optionstail, + options_size - current_len); + break; + } + + /* if the address looks bogus, try the next one */ + if (!ipaddr) { + addr = addr->ai_next; + if (addr) + goto mount_retry; + rc = EX_SYSERR; + goto mount_exit; + } + } + + if (mount(dev_name, mountpoint, "cifs", flags, options)) { switch (errno) { - case 0: - printf("mount failed but no error number set\n"); + case ECONNREFUSED: + case EHOSTUNREACH: + if (addr) { + addr = addr->ai_next; + if (addr) + goto mount_retry; + } break; case ENODEV: printf("mount error: cifs filesystem not supported by the system\n"); @@ -1416,64 +1433,64 @@ mount_retry: goto mount_retry; } } - default: - printf("mount error %d = %s\n",errno,strerror(errno)); } + printf("mount error(%d): %s\n", errno, strerror(errno)); printf("Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)\n"); rc = EX_FAIL; - } else { - atexit(unlock_mtab); - rc = lock_mtab(); - if (rc) { - printf("cannot lock mtab"); - goto mount_exit; - } - pmntfile = setmntent(MOUNTED, "a+"); - if (!pmntfile) { - printf("could not update mount table\n"); - unlock_mtab(); - rc = EX_FILEIO; - goto mount_exit; - } - mountent.mnt_fsname = dev_name; - mountent.mnt_dir = mountpoint; - mountent.mnt_type = CONST_DISCARD(char *,"cifs"); - mountent.mnt_opts = (char *)malloc(220); - if(mountent.mnt_opts) { - char * mount_user = getusername(); - memset(mountent.mnt_opts,0,200); - if(flags & MS_RDONLY) - strlcat(mountent.mnt_opts,"ro",220); - else - strlcat(mountent.mnt_opts,"rw",220); - if(flags & MS_MANDLOCK) - strlcat(mountent.mnt_opts,",mand",220); - if(flags & MS_NOEXEC) - strlcat(mountent.mnt_opts,",noexec",220); - if(flags & MS_NOSUID) - strlcat(mountent.mnt_opts,",nosuid",220); - if(flags & MS_NODEV) - strlcat(mountent.mnt_opts,",nodev",220); - if(flags & MS_SYNCHRONOUS) - strlcat(mountent.mnt_opts,",sync",220); - if(mount_user) { - if(getuid() != 0) { - strlcat(mountent.mnt_opts, - ",user=", 220); - strlcat(mountent.mnt_opts, - mount_user, 220); - } + goto mount_exit; + } + + atexit(unlock_mtab); + rc = lock_mtab(); + if (rc) { + printf("cannot lock mtab"); + goto mount_exit; + } + pmntfile = setmntent(MOUNTED, "a+"); + if (!pmntfile) { + printf("could not update mount table\n"); + unlock_mtab(); + rc = EX_FILEIO; + goto mount_exit; + } + mountent.mnt_fsname = dev_name; + mountent.mnt_dir = mountpoint; + mountent.mnt_type = CONST_DISCARD(char *,"cifs"); + mountent.mnt_opts = (char *)malloc(220); + if(mountent.mnt_opts) { + char * mount_user = getusername(); + memset(mountent.mnt_opts,0,200); + if(flags & MS_RDONLY) + strlcat(mountent.mnt_opts,"ro",220); + else + strlcat(mountent.mnt_opts,"rw",220); + if(flags & MS_MANDLOCK) + strlcat(mountent.mnt_opts,",mand",220); + if(flags & MS_NOEXEC) + strlcat(mountent.mnt_opts,",noexec",220); + if(flags & MS_NOSUID) + strlcat(mountent.mnt_opts,",nosuid",220); + if(flags & MS_NODEV) + strlcat(mountent.mnt_opts,",nodev",220); + if(flags & MS_SYNCHRONOUS) + strlcat(mountent.mnt_opts,",sync",220); + if(mount_user) { + if(getuid() != 0) { + strlcat(mountent.mnt_opts, + ",user=", 220); + strlcat(mountent.mnt_opts, + mount_user, 220); } } - mountent.mnt_freq = 0; - mountent.mnt_passno = 0; - rc = addmntent(pmntfile,&mountent); - endmntent(pmntfile); - unlock_mtab(); - SAFE_FREE(mountent.mnt_opts); - if (rc) - rc = EX_FILEIO; } + mountent.mnt_freq = 0; + mountent.mnt_passno = 0; + rc = addmntent(pmntfile,&mountent); + endmntent(pmntfile); + unlock_mtab(); + SAFE_FREE(mountent.mnt_opts); + if (rc) + rc = EX_FILEIO; mount_exit: if(mountpassword) { int len = strlen(mountpassword); @@ -1481,6 +1498,8 @@ mount_exit: SAFE_FREE(mountpassword); } + if (addrhead) + freeaddrinfo(addrhead); SAFE_FREE(options); SAFE_FREE(orgoptions); SAFE_FREE(resolved_path); -- cgit From 3e2c070395d2fef232ab60d075194091f7b46b35 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 13:31:42 +0100 Subject: Allow overriding repr function for pidl-defined types. --- pidl/lib/Parse/Pidl/Samba4/Python.pm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index 2c64f06aa4..2664275934 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -295,6 +295,10 @@ sub PythonStruct($$$$$$) $self->pidl_hdr("#define $name\_Check(op) PyObject_TypeCheck(op, &$name\_Type)\n"); $self->pidl_hdr("#define $name\_CheckExact(op) ((op)->ob_type == &$name\_Type)\n"); $self->pidl_hdr("\n"); + $self->pidl("#ifndef ".uc("py_$name\_repr")); + $self->pidl("#define ".uc("py_$name\_repr") . " py_talloc_default_repr"); + $self->pidl("#endif"); + $self->pidl(""); my $docstring = ($self->DocString($d, $name) or "NULL"); my $typeobject = "$name\_Type"; $self->pidl("PyTypeObject $typeobject = {"); @@ -304,7 +308,7 @@ sub PythonStruct($$$$$$) $self->pidl(".tp_basicsize = sizeof(py_talloc_Object),"); $self->pidl(".tp_dealloc = py_talloc_dealloc,"); $self->pidl(".tp_getset = $getsetters,"); - $self->pidl(".tp_repr = py_talloc_default_repr,"); + $self->pidl(".tp_repr = ".uc("py_$name\_repr").","); $self->pidl(".tp_doc = $docstring,"); $self->pidl(".tp_methods = $py_methods,"); $self->pidl(".tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,"); -- cgit From 19beef0dd9354296ae79d32077c58fbacf570c85 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Fri, 12 Dec 2008 14:30:01 +0100 Subject: docs: Add hint that "socket address" usually don't need to be set. This fixes bug #5950. Thanks to the Debian Samba package maintainers for reporting! Karolin --- docs-xml/smbdotconf/misc/socketaddress.xml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/docs-xml/smbdotconf/misc/socketaddress.xml b/docs-xml/smbdotconf/misc/socketaddress.xml index 7566380e70..17018efd40 100644 --- a/docs-xml/smbdotconf/misc/socketaddress.xml +++ b/docs-xml/smbdotconf/misc/socketaddress.xml @@ -4,12 +4,14 @@ developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option allows you to control what - address Samba will listen for connections on. This is used to - support multiple virtual interfaces on the one server, each + This option allows you to control what + address Samba will listen for connections on. This is used to + support multiple virtual interfaces on the one server, each with a different configuration. - - By default Samba will accept connections on any + Setting this option should never be necessary on usual Samba + servers running only one nmbd. + + By default Samba will accept connections on any address. -- cgit From 01a444b42255a98e892f4cbb29b88796285c6d36 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 12 Dec 2008 16:51:34 +0100 Subject: s3 sesssetup.c: Add missing line break to debug message. Karolin --- source3/smbd/sesssetup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 24a201013a..a24843ff64 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -915,7 +915,7 @@ static void reply_spnego_auth(struct smb_request *req, DEBUG(3,("reply_spnego_auth: network " "misconfiguration, client sent us a " "krb5 ticket and kerberos security " - "not enabled")); + "not enabled\n")); reply_nterror(req, nt_status_squash( NT_STATUS_LOGON_FAILURE)); SAFE_FREE(kerb_mech); -- cgit From 9391dad85d08bb0939f4db1472c6cf063ebea892 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 12 Dec 2008 13:47:41 +0100 Subject: Fix error code when smbclient puts a file over an existing directory Windows returns NT_STATUS_FILE_IS_A_DIRECTORY, as does Samba 3.0. 3.2 and following returned NT_STATUS_INVALID_PARAMETER which is wrong. Before I converted reply_open_and_X to create_file() we called open_file_ntcreate directly. Passing through open&X for a filename that exists as a directory ends up in open_directory after having tried open_file_ntcreate. Some check in there returns NT_STATUS_INVALID_PARAMETER. With this additional FILE_NON_DIRECTORY_FILE flag we get the correct error message back from create_file_unixpath before trying open_directory(). Survives make test, but as this also touches the other open variants I would like others to review this. Volker --- source3/smbd/open.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 77ad1664ef..1e988f65ec 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1048,7 +1048,7 @@ bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func uint32 access_mask; uint32 share_mode; uint32 create_disposition; - uint32 create_options = 0; + uint32 create_options = FILE_NON_DIRECTORY_FILE; DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, " "open_func = 0x%x\n", -- cgit From d46c1907fceea6f9738251d35db6ffd5c1f77d0f Mon Sep 17 00:00:00 2001 From: SATOH Fumiyasu Date: Fri, 12 Dec 2008 17:43:51 +0100 Subject: winbindd: vars for signals must be volatile sig_atomic_t --- source3/winbindd/winbindd.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 1dcc70adae..0ecf11d0e5 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -173,35 +173,35 @@ static void terminate(bool is_parent) exit(0); } -static bool do_sigterm; +static SIG_ATOMIC_T do_sigterm = 0; static void termination_handler(int signum) { - do_sigterm = True; + do_sigterm = 1; sys_select_signal(signum); } -static bool do_sigusr2; +static SIG_ATOMIC_T do_sigusr2 = 0; static void sigusr2_handler(int signum) { - do_sigusr2 = True; + do_sigusr2 = 1; sys_select_signal(SIGUSR2); } -static bool do_sighup; +static SIG_ATOMIC_T do_sighup = 0; static void sighup_handler(int signum) { - do_sighup = True; + do_sighup = 1; sys_select_signal(SIGHUP); } -static bool do_sigchld; +static SIG_ATOMIC_T do_sigchld = 0; static void sigchld_handler(int signum) { - do_sigchld = True; + do_sigchld = 1; sys_select_signal(SIGCHLD); } @@ -224,7 +224,7 @@ static void msg_shutdown(struct messaging_context *msg, struct server_id server_id, DATA_BLOB *data) { - do_sigterm = True; + do_sigterm = 1; } @@ -802,7 +802,7 @@ void winbind_check_sighup(const char *lfile) flush_caches(); reload_services_file(lfile); - do_sighup = False; + do_sighup = 0; } } @@ -977,13 +977,13 @@ static void process_loop(void) if (do_sigusr2) { print_winbindd_status(); - do_sigusr2 = False; + do_sigusr2 = 0; } if (do_sigchld) { pid_t pid; - do_sigchld = False; + do_sigchld = 0; while ((pid = sys_waitpid(-1, NULL, WNOHANG)) > 0) { winbind_child_died(pid); -- cgit From 0727fbe87d0016a3b18dbdfedcd417126e1aa514 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 19:01:40 +0100 Subject: Don't allow specifying arguments to pidl object constructors, as they'll be ignored anyway atm. --- pidl/lib/Parse/Pidl/Samba4/Python.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index 2664275934..4c598b3ca0 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -224,7 +224,10 @@ sub PythonStruct($$$$$$) $self->pidl("static PyObject *py_$name\_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)"); $self->pidl("{"); $self->indent; + $self->pidl("char *kwlist[] = {NULL};"); $self->pidl("$cname *ret = talloc_zero(NULL, $cname);"); + $self->pidl("if (!PyArg_ParseTupleAndKeywords(args, kwargs, \"\", kwlist))"); + $self->pidl("\treturn NULL;"); $self->pidl("return py_talloc_import(&$name\_Type, ret);"); $self->deindent; $self->pidl("}"); -- cgit From c4fc0b49f05f56174dc904a19d9e4dfc6d3ef523 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 19:52:06 +0100 Subject: Manually marshall dom_sid, so we can use a fixed size array for dom_sid.sub_auths rather than a dynamically allocated one. This makes it possible to use the same DCE/RPC object code for Samba 3 and Samba 4's DCE/RPC parsers and allows copying sids more easily (since they no longer contain any pointers). The cost of having additional manual marshalling code is limited (~35 additional lines of C code). --- source4/libcli/security/dom_sid.c | 17 +------------ source4/libcli/security/sddl.c | 1 - source4/libcli/security/security_descriptor.c | 20 --------------- source4/librpc/idl/dom_sid.idl | 8 ++---- source4/librpc/ndr/ndr_dom_sid.c | 35 +++++++++++++++++++++++++-- source4/torture/unix/whoami.c | 5 ---- 6 files changed, 36 insertions(+), 50 deletions(-) diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c index 1a7519e362..d8a83f2abb 100644 --- a/source4/libcli/security/dom_sid.c +++ b/source4/libcli/security/dom_sid.c @@ -122,11 +122,6 @@ struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr) return NULL; } - ret->sub_auths = talloc_array(ret, uint32_t, num_sub_auths); - if (!ret->sub_auths) { - return NULL; - } - ret->sid_rev_num = rev; ret->id_auth[0] = 0; ret->id_auth[1] = 0; @@ -183,11 +178,6 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid) return NULL; } - ret->sub_auths = talloc_array(ret, uint32_t, dom_sid->num_auths); - if (!ret->sub_auths) { - return NULL; - } - ret->sid_rev_num = dom_sid->sid_rev_num; ret->id_auth[0] = dom_sid->id_auth[0]; ret->id_auth[1] = dom_sid->id_auth[1]; @@ -206,7 +196,7 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid) /* add a rid to a domain dom_sid to make a full dom_sid. This function - returns a new sid in the suppplied memory context + returns a new sid in the supplied memory context */ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *domain_sid, @@ -219,11 +209,6 @@ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, *sid = *domain_sid; - sid->sub_auths = talloc_array(sid, uint32_t, sid->num_auths+1); - if (!sid->sub_auths) { - return NULL; - } - memcpy(sid->sub_auths, domain_sid->sub_auths, sid->num_auths*sizeof(uint32_t)); sid->sub_auths[sid->num_auths] = rid; sid->num_auths++; diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c index 09522f182a..a8d893f085 100644 --- a/source4/libcli/security/sddl.c +++ b/source4/libcli/security/sddl.c @@ -249,7 +249,6 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char return false; } ace->trustee = *sid; - talloc_steal(mem_ctx, sid->sub_auths); talloc_free(sid); return true; diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c index 882284dd9b..2bce8e8b08 100644 --- a/source4/libcli/security/security_descriptor.c +++ b/source4/libcli/security/security_descriptor.c @@ -65,18 +65,6 @@ static struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx, goto failed; } - /* remapping array in trustee dom_sid from old acl to new acl */ - - for (i = 0; i < oacl->num_aces; i++) { - nacl->aces[i].trustee.sub_auths = - (uint32_t *)talloc_memdup(nacl->aces, nacl->aces[i].trustee.sub_auths, - sizeof(uint32_t) * nacl->aces[i].trustee.num_auths); - - if ((nacl->aces[i].trustee.sub_auths == NULL) && (nacl->aces[i].trustee.num_auths > 0)) { - goto failed; - } - } - nacl->revision = oacl->revision; nacl->size = oacl->size; nacl->num_aces = oacl->num_aces; @@ -175,14 +163,6 @@ static NTSTATUS security_descriptor_acl_add(struct security_descriptor *sd, } acl->aces[acl->num_aces] = *ace; - acl->aces[acl->num_aces].trustee.sub_auths = - (uint32_t *)talloc_memdup(acl->aces, - acl->aces[acl->num_aces].trustee.sub_auths, - sizeof(uint32_t) * - acl->aces[acl->num_aces].trustee.num_auths); - if (acl->aces[acl->num_aces].trustee.sub_auths == NULL) { - return NT_STATUS_NO_MEMORY; - } switch (acl->aces[acl->num_aces].type) { case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: diff --git a/source4/librpc/idl/dom_sid.idl b/source4/librpc/idl/dom_sid.idl index 1fc8ee2165..40712fc371 100644 --- a/source4/librpc/idl/dom_sid.idl +++ b/source4/librpc/idl/dom_sid.idl @@ -22,13 +22,11 @@ cpp_quote("#define dom_sid0 dom_sid") ] interface dom_sid { - /* a domain SID. Note that unlike Samba3 this contains a pointer, - so you can't copy them using assignment */ - typedef [public,gensize,noprint,nosize] struct { + typedef [public,gensize,noprint,nosize,nopull,nopush] struct { uint8 sid_rev_num; /**< SID revision number */ [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ uint8 id_auth[6]; /**< Identifier Authority */ - uint32 sub_auths[num_auths]; + uint32 sub_auths[15]; } dom_sid; /* id used to identify a endpoint, possibly in a cluster */ @@ -37,6 +35,4 @@ interface dom_sid uint32 id2; uint32 node; } server_id; - } - diff --git a/source4/librpc/ndr/ndr_dom_sid.c b/source4/librpc/ndr/ndr_dom_sid.c index b986231b4f..9b2118f56a 100644 --- a/source4/librpc/ndr/ndr_dom_sid.c +++ b/source4/librpc/ndr/ndr_dom_sid.c @@ -137,8 +137,7 @@ enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct /* handle a w2k bug which send random data in the buffer */ ZERO_STRUCTP(sid); } else if (sid->num_auths == 0 && sid->sub_auths) { - talloc_free(sid->sub_auths); - sid->sub_auths = NULL; + ZERO_STRUCT(sid->sub_auths); } return NDR_ERR_SUCCESS; @@ -215,3 +214,35 @@ enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const s return ndr_push_dom_sid(ndr, ndr_flags, sid); } +_PUBLIC_ enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r) +{ + uint32_t cntr_sub_auths_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num)); + NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); + } + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) +{ + uint32_t cntr_sub_auths_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); + NDR_CHECK(ndr_pull_int8(ndr, NDR_SCALARS, &r->num_auths)); + if (r->num_auths < 0 || r->num_auths > 15) { + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0])); + } + } + return NDR_ERR_SUCCESS; +} diff --git a/source4/torture/unix/whoami.c b/source4/torture/unix/whoami.c index 5e5a5e81cd..b72b9fcb09 100644 --- a/source4/torture/unix/whoami.c +++ b/source4/torture/unix/whoami.c @@ -127,11 +127,6 @@ static bool sid_parse(void *mem_ctx, torture_assert(torture, (*psid)->num_auths <= 15, "invalid sub_auth value"); - (*psid)->sub_auths = talloc_array(mem_ctx, uint32_t, - (*psid)->num_auths); - torture_assert(torture, (*psid)->sub_auths != NULL, - "out of memory"); - for (i = 0; i < (*psid)->num_auths; i++) { (*psid)->sub_auths[i] = IVAL(data->data, *offset); (*offset) += 4; -- cgit From cd25b6245f8185e36a365dcf4c28e7df13090d3e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 12 Dec 2008 20:20:01 +0100 Subject: Move dom_sid to the Samba 3 IDL file, remove the old definition. --- librpc/idl/security.idl | 29 ++++ librpc/ndr/ndr_sec_helper.c | 224 ++++++++++++++++++++++++++++++ source3/include/proto.h | 8 -- source3/include/smb.h | 13 +- source3/librpc/gen_ndr/lsa.h | 2 +- source3/librpc/gen_ndr/misc.h | 2 +- source3/librpc/gen_ndr/ndr_drsblobs.c | 10 +- source3/librpc/gen_ndr/ndr_security.c | 21 ++- source3/librpc/gen_ndr/ndr_security.h | 4 + source3/librpc/gen_ndr/ndr_srvsvc.c | 8 +- source3/librpc/gen_ndr/ndr_srvsvc.h | 4 + source3/librpc/gen_ndr/security.h | 10 ++ source3/librpc/gen_ndr/srvsvc.h | 4 +- source3/librpc/gen_ndr/winreg.h | 2 +- source3/librpc/ndr/sid.c | 224 ------------------------------ source4/librpc/config.mk | 13 +- source4/librpc/idl/dom_sid.idl | 26 ---- source4/librpc/ndr/ndr_dom_sid.c | 248 ---------------------------------- 18 files changed, 296 insertions(+), 556 deletions(-) delete mode 100644 source4/librpc/ndr/ndr_dom_sid.c diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 3f70e2c36e..d88931fc69 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -7,12 +7,40 @@ import "misc.idl"; import "dom_sid.idl"; +/* + use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really + just a dom sid, but with the sub_auths represented as a conformant + array. As with all in-structure conformant arrays, the array length + is placed before the start of the structure. That's what gives rise + to the extra num_auths elemenent. We don't want the Samba code to + have to bother with such esoteric NDR details, so its easier to just + define it as a dom_sid and use pidl magic to make it all work. It + just means you need to mark a sid as a "dom_sid2" in the IDL when you + know it is of the conformant array variety +*/ +cpp_quote("#define dom_sid2 dom_sid") + +/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */ +cpp_quote("#define dom_sid28 dom_sid") + +/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */ +cpp_quote("#define dom_sid0 dom_sid") + + + [ helper("librpc/gen_ndr/ndr_dom_sid.h"), pointer_default(unique) ] interface security { + + typedef [public,gensize,noprint,nosize,nopull,nopush] struct { + uint8 sid_rev_num; /**< SID revision number */ + [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ + uint8 id_auth[6]; /**< Identifier Authority */ + uint32 sub_auths[15]; + } dom_sid; /* access masks are divided up like this: 0xabccdddd @@ -388,4 +416,5 @@ interface security KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008, KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010 } kerb_EncTypes; + } diff --git a/librpc/ndr/ndr_sec_helper.c b/librpc/ndr/ndr_sec_helper.c index 4b135505d8..898a4287ea 100644 --- a/librpc/ndr/ndr_sec_helper.c +++ b/librpc/ndr/ndr_sec_helper.c @@ -23,6 +23,9 @@ #include "includes.h" #include "librpc/gen_ndr/ndr_security.h" +#if _SAMBA_BUILD_ == 4 +#include "libcli/security/security.h" +#endif /* return the wire size of a security_ace @@ -116,3 +119,224 @@ size_t ndr_size_security_descriptor(const struct security_descriptor *sd, int fl return ret; } +/* + return the wire size of a dom_sid +*/ +size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) +{ + if (!sid) return 0; + return 8 + 4*sid->num_auths; +} + +size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags) +{ + struct dom_sid zero_sid; + + if (!sid) return 0; + + ZERO_STRUCT(zero_sid); + + if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { + return 0; + } + + return 8 + 4*sid->num_auths; +} + +size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags) +{ + return ndr_size_dom_sid28(sid, flags); +} + +/* + print a dom_sid +*/ +void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid)); +} + +void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + +void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + +void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + + +/* + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field +*/ +enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + uint32_t num_auths; + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); + NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); + if (sid->num_auths != num_auths) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "Bad array size %u should exceed %u", + num_auths, sid->num_auths); + } + return NDR_ERR_SUCCESS; +} + +/* + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field +*/ +enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); + return ndr_push_dom_sid(ndr, ndr_flags, sid); +} + +/* + parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth +*/ +enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + enum ndr_err_code status; + struct ndr_pull *subndr; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + subndr = talloc_zero(ndr, struct ndr_pull); + NDR_ERR_HAVE_NO_MEMORY(subndr); + subndr->flags = ndr->flags; + subndr->current_mem_ctx = ndr->current_mem_ctx; + + subndr->data = ndr->data + ndr->offset; + subndr->data_size = 28; + subndr->offset = 0; + + NDR_CHECK(ndr_pull_advance(ndr, 28)); + + status = ndr_pull_dom_sid(subndr, ndr_flags, sid); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + /* handle a w2k bug which send random data in the buffer */ + ZERO_STRUCTP(sid); + } else if (sid->num_auths == 0 && sid->sub_auths) { + ZERO_STRUCT(sid->sub_auths); + } + + return NDR_ERR_SUCCESS; +} + +/* + push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer +*/ +enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + uint32_t old_offset; + uint32_t padding; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (sid->num_auths > 5) { + return ndr_push_error(ndr, NDR_ERR_RANGE, + "dom_sid28 allows only upto 5 sub auth [%u]", + sid->num_auths); + } + + old_offset = ndr->offset; + NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); + + padding = 28 - (ndr->offset - old_offset); + + if (padding > 0) { + NDR_CHECK(ndr_push_zero(ndr, padding)); + } + + return NDR_ERR_SUCCESS; +} + +/* + parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty +*/ +enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (ndr->data_size == ndr->offset) { + ZERO_STRUCTP(sid); + return NDR_ERR_SUCCESS; + } + + return ndr_pull_dom_sid(ndr, ndr_flags, sid); +} + +/* + push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty +*/ +enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + struct dom_sid zero_sid; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (!sid) { + return NDR_ERR_SUCCESS; + } + + ZERO_STRUCT(zero_sid); + + if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { + return NDR_ERR_SUCCESS; + } + + return ndr_push_dom_sid(ndr, ndr_flags, sid); +} + +_PUBLIC_ enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r) +{ + uint32_t cntr_sub_auths_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num)); + NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); + } + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) +{ + uint32_t cntr_sub_auths_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); + NDR_CHECK(ndr_pull_int8(ndr, NDR_SCALARS, &r->num_auths)); + if (r->num_auths < 0 || r->num_auths > 15) { + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); + for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0])); + } + } + return NDR_ERR_SUCCESS; +} diff --git a/source3/include/proto.h b/source3/include/proto.h index 4028f6de52..c813fafff5 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2315,15 +2315,7 @@ void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct do /* The following definitions come from librpc/ndr/sid.c */ -enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r); -enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r); char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); -enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); -enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); /* The following definitions come from librpc/rpc/binding.c */ diff --git a/source3/include/smb.h b/source3/include/smb.h index 112b4e0f91..891bd4aaf7 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -209,18 +209,7 @@ typedef uint32 codepoint_t; * * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp **/ -typedef struct dom_sid { - uint8 sid_rev_num; /**< SID revision number */ - uint8 num_auths; /**< Number of sub-authorities */ - uint8 id_auth[6]; /**< Identifier Authority */ - /* - * Pointer to sub-authorities. - * - * @note The values in these uint32's are in *native* byteorder, not - * neccessarily little-endian...... JRA. - */ - uint32 sub_auths[MAXSUBAUTHS]; -} DOM_SID; +typedef struct dom_sid DOM_SID; enum id_mapping { ID_UNKNOWN = 0, diff --git a/source3/librpc/gen_ndr/lsa.h b/source3/librpc/gen_ndr/lsa.h index 0ccbcdf5b0..ee8a31138d 100644 --- a/source3/librpc/gen_ndr/lsa.h +++ b/source3/librpc/gen_ndr/lsa.h @@ -17,7 +17,7 @@ struct lsa_String { uint16_t length;/* [value(2*strlen_m(string))] */ uint16_t size;/* [value(2*strlen_m(string))] */ const char *string;/* [unique,charset(UTF16),length_is(length/2),size_is(size/2)] */ -}/* [public,noejs] */; +}/* [public] */; struct lsa_StringLarge { uint16_t length;/* [value(2*strlen_m(string))] */ diff --git a/source3/librpc/gen_ndr/misc.h b/source3/librpc/gen_ndr/misc.h index d1cf64e0eb..de4abdcae5 100644 --- a/source3/librpc/gen_ndr/misc.h +++ b/source3/librpc/gen_ndr/misc.h @@ -11,7 +11,7 @@ struct GUID { uint16_t time_hi_and_version; uint8_t clock_seq[2]; uint8_t node[6]; -}/* [noprint,gensize,public,noejs] */; +}/* [noprint,gensize,public] */; struct ndr_syntax_id { struct GUID uuid; diff --git a/source3/librpc/gen_ndr/ndr_drsblobs.c b/source3/librpc/gen_ndr/ndr_drsblobs.c index dd8d77ea15..d965e40bd2 100644 --- a/source3/librpc/gen_ndr/ndr_drsblobs.c +++ b/source3/librpc/gen_ndr/ndr_drsblobs.c @@ -2351,7 +2351,6 @@ static enum ndr_err_code ndr_push_AuthInfoNT4Owf(struct ndr_push *ndr, int ndr_f NDR_CHECK(ndr_push_samr_Password(ndr, NDR_SCALARS, &r->password)); } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_push_samr_Password(ndr, NDR_BUFFERS, &r->password)); } return NDR_ERR_SUCCESS; } @@ -2364,7 +2363,6 @@ static enum ndr_err_code ndr_pull_AuthInfoNT4Owf(struct ndr_pull *ndr, int ndr_f NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_SCALARS, &r->password)); } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_pull_samr_Password(ndr, NDR_BUFFERS, &r->password)); } return NDR_ERR_SUCCESS; } @@ -2477,7 +2475,6 @@ static enum ndr_err_code ndr_push_AuthInfo(struct ndr_push *ndr, int ndr_flags, break; case TRUST_AUTH_TYPE_NT4OWF: - NDR_CHECK(ndr_push_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf)); break; case TRUST_AUTH_TYPE_CLEAR: @@ -2525,7 +2522,6 @@ static enum ndr_err_code ndr_pull_AuthInfo(struct ndr_pull *ndr, int ndr_flags, break; case TRUST_AUTH_TYPE_NT4OWF: - NDR_CHECK(ndr_pull_AuthInfoNT4Owf(ndr, NDR_BUFFERS, &r->nt4owf)); break; case TRUST_AUTH_TYPE_CLEAR: @@ -2584,7 +2580,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_AuthenticationInformation(struct ndr_push *n } } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_push_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo)); } return NDR_ERR_SUCCESS; } @@ -2605,7 +2600,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_AuthenticationInformation(struct ndr_pull *n } } if (ndr_flags & NDR_BUFFERS) { - NDR_CHECK(ndr_pull_AuthInfo(ndr, NDR_BUFFERS, &r->AuthInfo)); } return NDR_ERR_SUCCESS; } @@ -2641,7 +2635,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_trustCurrentPasswords(struct ndr_push *ndr, for (cntr_current_0 = 0; cntr_current_0 < r->count; cntr_current_0++) { if (r->current[cntr_current_0]) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->current[cntr_current_0])); - NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0])); + NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0])); } } } @@ -2681,7 +2675,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_trustCurrentPasswords(struct ndr_pull *ndr, NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->current[cntr_current_0])); _mem_save_current_1 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->current[cntr_current_0], 0); - NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->current[cntr_current_0])); + NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS, r->current[cntr_current_0])); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_current_1, 0); ndr->offset = _relative_save_offset; } diff --git a/source3/librpc/gen_ndr/ndr_security.c b/source3/librpc/gen_ndr/ndr_security.c index 108f2f689c..8339a40d40 100644 --- a/source3/librpc/gen_ndr/ndr_security.c +++ b/source3/librpc/gen_ndr/ndr_security.c @@ -427,7 +427,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_ace(struct ndr_push *ndr, int ndr_f } if (ndr_flags & NDR_BUFFERS) { NDR_CHECK(ndr_push_security_ace_object_ctr(ndr, NDR_BUFFERS, &r->object)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_BUFFERS, &r->trustee)); } return NDR_ERR_SUCCESS; } @@ -621,11 +620,11 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_descriptor(struct ndr_push *ndr, in if (ndr_flags & NDR_BUFFERS) { if (r->owner_sid) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->owner_sid)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->owner_sid)); } if (r->group_sid) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->group_sid)); - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid)); } if (r->sacl) { NDR_CHECK(ndr_push_relative_ptr2(ndr, r->sacl)); @@ -694,7 +693,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->owner_sid)); _mem_save_owner_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->owner_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->owner_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->owner_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_owner_sid_0, 0); ndr->offset = _relative_save_offset; } @@ -704,7 +703,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_descriptor(struct ndr_pull *ndr, in NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->group_sid)); _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0); ndr->offset = _relative_save_offset; } @@ -855,14 +854,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_token(struct ndr_push *ndr, int ndr } if (ndr_flags & NDR_BUFFERS) { if (r->user_sid) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->user_sid)); } if (r->group_sid) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->group_sid)); } for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) { if (r->sids[cntr_sids_0]) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0])); + NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0])); } } } @@ -916,13 +915,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr if (r->user_sid) { _mem_save_user_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->user_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->user_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->user_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_sid_0, 0); } if (r->group_sid) { _mem_save_group_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->group_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->group_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0); } _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); @@ -931,7 +930,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr if (r->sids[cntr_sids_0]) { _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->sids[cntr_sids_0], 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->sids[cntr_sids_0])); + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS, r->sids[cntr_sids_0])); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); } } diff --git a/source3/librpc/gen_ndr/ndr_security.h b/source3/librpc/gen_ndr/ndr_security.h index bddf1bd2b7..f8cbf4afa8 100644 --- a/source3/librpc/gen_ndr/ndr_security.h +++ b/source3/librpc/gen_ndr/ndr_security.h @@ -8,6 +8,10 @@ #include "librpc/gen_ndr/ndr_dom_sid.h" #define NDR_SECURITY_CALL_COUNT (0) +enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r); +enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r); +void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *r); +size_t ndr_size_dom_sid(const struct dom_sid *r, int flags); enum ndr_err_code ndr_push_security_ace_flags(struct ndr_push *ndr, int ndr_flags, uint8_t r); enum ndr_err_code ndr_pull_security_ace_flags(struct ndr_pull *ndr, int ndr_flags, uint8_t *r); void ndr_print_security_ace_flags(struct ndr_print *ndr, const char *name, uint8_t r); diff --git a/source3/librpc/gen_ndr/ndr_srvsvc.c b/source3/librpc/gen_ndr/ndr_srvsvc.c index 9ac3aa82c9..125542d14a 100644 --- a/source3/librpc/gen_ndr/ndr_srvsvc.c +++ b/source3/librpc/gen_ndr/ndr_srvsvc.c @@ -6358,7 +6358,7 @@ _PUBLIC_ void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *nam ndr_print_enum(ndr, name, "ENUM", val, r); } -static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r) +_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); @@ -6376,7 +6376,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r) +_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r) { uint32_t _ptr_server_name; TALLOC_CTX *_mem_save_server_name_0; @@ -6421,7 +6421,7 @@ _PUBLIC_ void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char * ndr->depth--; } -static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r) +_PUBLIC_ enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r) { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); @@ -6449,7 +6449,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int return NDR_ERR_SUCCESS; } -static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r) +_PUBLIC_ enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r) { uint32_t _ptr_server_name; TALLOC_CTX *_mem_save_server_name_0; diff --git a/source3/librpc/gen_ndr/ndr_srvsvc.h b/source3/librpc/gen_ndr/ndr_srvsvc.h index 33569d1870..126680cad0 100644 --- a/source3/librpc/gen_ndr/ndr_srvsvc.h +++ b/source3/librpc/gen_ndr/ndr_srvsvc.h @@ -186,7 +186,11 @@ void ndr_print_srvsvc_NetShareInfoCtr(struct ndr_print *ndr, const char *name, c enum ndr_err_code ndr_push_srvsvc_PlatformId(struct ndr_push *ndr, int ndr_flags, enum srvsvc_PlatformId r); enum ndr_err_code ndr_pull_srvsvc_PlatformId(struct ndr_pull *ndr, int ndr_flags, enum srvsvc_PlatformId *r); void ndr_print_srvsvc_PlatformId(struct ndr_print *ndr, const char *name, enum srvsvc_PlatformId r); +enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo100 *r); +enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r); void ndr_print_srvsvc_NetSrvInfo100(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo100 *r); +enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int ndr_flags, const struct srvsvc_NetSrvInfo101 *r); +enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r); void ndr_print_srvsvc_NetSrvInfo101(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo101 *r); void ndr_print_srvsvc_NetSrvInfo102(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo102 *r); void ndr_print_srvsvc_NetSrvInfo402(struct ndr_print *ndr, const char *name, const struct srvsvc_NetSrvInfo402 *r); diff --git a/source3/librpc/gen_ndr/security.h b/source3/librpc/gen_ndr/security.h index fe23347fdf..99e1f4b1c9 100644 --- a/source3/librpc/gen_ndr/security.h +++ b/source3/librpc/gen_ndr/security.h @@ -4,6 +4,9 @@ #include "librpc/gen_ndr/misc.h" #include "librpc/gen_ndr/dom_sid.h" +#define dom_sid2 dom_sid +#define dom_sid28 dom_sid +#define dom_sid0 dom_sid #ifndef _HEADER_security #define _HEADER_security @@ -129,6 +132,13 @@ #define DOMAIN_RID_ENTERPRISE_ADMINS ( 519 ) #define NT4_ACL_REVISION ( SECURITY_ACL_REVISION_NT4 ) #define SD_REVISION ( SECURITY_DESCRIPTOR_REVISION_1 ) +struct dom_sid { + uint8_t sid_rev_num; + int8_t num_auths;/* [range(0,15)] */ + uint8_t id_auth[6]; + uint32_t sub_auths[15]; +}/* [noprint,gensize,nopull,public,nopush,nosize] */; + enum sec_privilege #ifndef USE_UINT_ENUMS { diff --git a/source3/librpc/gen_ndr/srvsvc.h b/source3/librpc/gen_ndr/srvsvc.h index b50213bb96..6467f72a5b 100644 --- a/source3/librpc/gen_ndr/srvsvc.h +++ b/source3/librpc/gen_ndr/srvsvc.h @@ -431,7 +431,7 @@ enum srvsvc_PlatformId struct srvsvc_NetSrvInfo100 { enum srvsvc_PlatformId platform_id; const char *server_name;/* [unique,charset(UTF16)] */ -}; +}/* [public] */; struct srvsvc_NetSrvInfo101 { enum srvsvc_PlatformId platform_id; @@ -440,7 +440,7 @@ struct srvsvc_NetSrvInfo101 { uint32_t version_minor; uint32_t server_type; const char *comment;/* [unique,charset(UTF16)] */ -}; +}/* [public] */; struct srvsvc_NetSrvInfo102 { enum srvsvc_PlatformId platform_id; diff --git a/source3/librpc/gen_ndr/winreg.h b/source3/librpc/gen_ndr/winreg.h index fbbab33c8d..a98120ccf5 100644 --- a/source3/librpc/gen_ndr/winreg.h +++ b/source3/librpc/gen_ndr/winreg.h @@ -54,7 +54,7 @@ struct winreg_String { uint16_t name_len;/* [value(strlen_m_term(name)*2)] */ uint16_t name_size;/* [value(strlen_m_term(name)*2)] */ const char *name;/* [unique,charset(UTF16)] */ -}/* [public,noejs] */; +}/* [public] */; struct KeySecurityData { uint8_t *data;/* [unique,length_is(len),size_is(size)] */ diff --git a/source3/librpc/ndr/sid.c b/source3/librpc/ndr/sid.c index 39b7e3cd59..252da85929 100644 --- a/source3/librpc/ndr/sid.c +++ b/source3/librpc/ndr/sid.c @@ -21,72 +21,6 @@ #include "includes.h" -/* - return the wire size of a dom_sid -*/ -size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) -{ - if (!sid) return 0; - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags) -{ - struct dom_sid zero_sid; - - if (!sid) return 0; - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return 0; - } - - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags) -{ - return ndr_size_dom_sid28(sid, flags); -} - -enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num)); - NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); - NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); - } - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->num_auths)); - if (r->num_auths > 15) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); - } - NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0])); - } - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - /* convert a dom_sid to a string */ @@ -123,161 +57,3 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid) return ret; } - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - uint32_t num_auths; - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); - NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); - if (sid->num_auths != num_auths) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, - "Bad array size %u should exceed %u", - num_auths, sid->num_auths); - } - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth -*/ -enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - enum ndr_err_code status; - struct ndr_pull *subndr; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - subndr = talloc_zero(ndr, struct ndr_pull); - NDR_ERR_HAVE_NO_MEMORY(subndr); - subndr->flags = ndr->flags; - subndr->current_mem_ctx = ndr->current_mem_ctx; - - subndr->data = ndr->data + ndr->offset; - subndr->data_size = 28; - subndr->offset = 0; - - NDR_CHECK(ndr_pull_advance(ndr, 28)); - - status = ndr_pull_dom_sid(subndr, ndr_flags, sid); - if (!NDR_ERR_CODE_IS_SUCCESS(status)) { - /* handle a w2k bug which send random data in the buffer */ - ZERO_STRUCTP(sid); - } - - return NDR_ERR_SUCCESS; -} - -/* - push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer -*/ -enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - uint32_t old_offset; - uint32_t padding; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (sid->num_auths > 5) { - return ndr_push_error(ndr, NDR_ERR_RANGE, - "dom_sid28 allows only upto 5 sub auth [%u]", - sid->num_auths); - } - - old_offset = ndr->offset; - NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); - - padding = 28 - (ndr->offset - old_offset); - - if (padding > 0) { - NDR_CHECK(ndr_push_zero(ndr, padding)); - } - - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (ndr->data_size == ndr->offset) { - ZERO_STRUCTP(sid); - return NDR_ERR_SUCCESS; - } - - return ndr_pull_dom_sid(ndr, ndr_flags, sid); -} - -/* - push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - struct dom_sid zero_sid; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (!sid) { - return NDR_ERR_SUCCESS; - } - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return NDR_ERR_SUCCESS; - } - - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - print a dom_sid -*/ -void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid)); -} - -void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk index adea071185..65c473779f 100644 --- a/source4/librpc/config.mk +++ b/source4/librpc/config.mk @@ -54,10 +54,9 @@ PUBLIC_DEPENDENCIES = LIBNDR LIBSECURITY NDR_SECURITY_OBJ_FILES = $(gen_ndrsrcdir)/ndr_security.o \ ../librpc/ndr/ndr_sec_helper.o \ - $(gen_ndrsrcdir)/ndr_dom_sid.o \ - $(ndrsrcdir)/ndr_dom_sid.o + $(gen_ndrsrcdir)/ndr_dom_sid.o -PUBLIC_HEADERS += $(addprefix $(gen_ndrsrcdir)/, security.h dom_sid.h) +PUBLIC_HEADERS += $(addprefix $(gen_ndrsrcdir)/, security.h) [SUBSYSTEM::NDR_AUDIOSRV] @@ -737,15 +736,9 @@ PRIVATE_DEPENDENCIES = RPC_NDR_DRSUAPI PYTALLOC param swig_credentials python_dc python_drsuapi_OBJ_FILES = $(gen_ndrsrcdir)/py_drsuapi.o -[PYTHON::python_dcerpc_dom_sid] -LIBRARY_REALNAME = samba/dcerpc/dom_sid.$(SHLIBEXT) -PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc - -python_dcerpc_dom_sid_OBJ_FILES = $(gen_ndrsrcdir)/py_dom_sid.o - [PYTHON::python_dcerpc_security] LIBRARY_REALNAME = samba/dcerpc/security.$(SHLIBEXT) -PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc_dom_sid python_dcerpc +PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc python_dcerpc_security_OBJ_FILES = $(gen_ndrsrcdir)/py_security.o diff --git a/source4/librpc/idl/dom_sid.idl b/source4/librpc/idl/dom_sid.idl index 40712fc371..172dda4fae 100644 --- a/source4/librpc/idl/dom_sid.idl +++ b/source4/librpc/idl/dom_sid.idl @@ -1,34 +1,8 @@ -/* - use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really - just a dom sid, but with the sub_auths represented as a conformant - array. As with all in-structure conformant arrays, the array length - is placed before the start of the structure. That's what gives rise - to the extra num_auths elemenent. We don't want the Samba code to - have to bother with such esoteric NDR details, so its easier to just - define it as a dom_sid and use pidl magic to make it all work. It - just means you need to mark a sid as a "dom_sid2" in the IDL when you - know it is of the conformant array variety -*/ -cpp_quote("#define dom_sid2 dom_sid") - -/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */ -cpp_quote("#define dom_sid28 dom_sid") - -/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */ -cpp_quote("#define dom_sid0 dom_sid") - [ pointer_default(unique) ] interface dom_sid { - typedef [public,gensize,noprint,nosize,nopull,nopush] struct { - uint8 sid_rev_num; /**< SID revision number */ - [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ - uint8 id_auth[6]; /**< Identifier Authority */ - uint32 sub_auths[15]; - } dom_sid; - /* id used to identify a endpoint, possibly in a cluster */ typedef [public] struct { hyper id; diff --git a/source4/librpc/ndr/ndr_dom_sid.c b/source4/librpc/ndr/ndr_dom_sid.c deleted file mode 100644 index 9b2118f56a..0000000000 --- a/source4/librpc/ndr/ndr_dom_sid.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - fast routines for getting the wire size of security objects - - Copyright (C) Andrew Tridgell 2003 - Copyright (C) Stefan Metzmacher 2006-2008 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - - -#include "includes.h" -#include "librpc/gen_ndr/ndr_security.h" -#include "libcli/security/security.h" - -/* - return the wire size of a dom_sid -*/ -size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) -{ - if (!sid) return 0; - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags) -{ - struct dom_sid zero_sid; - - if (!sid) return 0; - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return 0; - } - - return 8 + 4*sid->num_auths; -} - -size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags) -{ - return ndr_size_dom_sid28(sid, flags); -} - -/* - print a dom_sid -*/ -void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid)); -} - -void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - -void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) -{ - ndr_print_dom_sid(ndr, name, sid); -} - - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - uint32_t num_auths; - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); - NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); - if (sid->num_auths != num_auths) { - return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, - "Bad array size %u should exceed %u", - num_auths, sid->num_auths); - } - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field -*/ -enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -/* - parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth -*/ -enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - enum ndr_err_code status; - struct ndr_pull *subndr; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - subndr = talloc_zero(ndr, struct ndr_pull); - NDR_ERR_HAVE_NO_MEMORY(subndr); - subndr->flags = ndr->flags; - subndr->current_mem_ctx = ndr->current_mem_ctx; - - subndr->data = ndr->data + ndr->offset; - subndr->data_size = 28; - subndr->offset = 0; - - NDR_CHECK(ndr_pull_advance(ndr, 28)); - - status = ndr_pull_dom_sid(subndr, ndr_flags, sid); - if (!NDR_ERR_CODE_IS_SUCCESS(status)) { - /* handle a w2k bug which send random data in the buffer */ - ZERO_STRUCTP(sid); - } else if (sid->num_auths == 0 && sid->sub_auths) { - ZERO_STRUCT(sid->sub_auths); - } - - return NDR_ERR_SUCCESS; -} - -/* - push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer -*/ -enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - uint32_t old_offset; - uint32_t padding; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (sid->num_auths > 5) { - return ndr_push_error(ndr, NDR_ERR_RANGE, - "dom_sid28 allows only upto 5 sub auth [%u]", - sid->num_auths); - } - - old_offset = ndr->offset; - NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); - - padding = 28 - (ndr->offset - old_offset); - - if (padding > 0) { - NDR_CHECK(ndr_push_zero(ndr, padding)); - } - - return NDR_ERR_SUCCESS; -} - -/* - parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) -{ - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (ndr->data_size == ndr->offset) { - ZERO_STRUCTP(sid); - return NDR_ERR_SUCCESS; - } - - return ndr_pull_dom_sid(ndr, ndr_flags, sid); -} - -/* - push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty -*/ -enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) -{ - struct dom_sid zero_sid; - - if (!(ndr_flags & NDR_SCALARS)) { - return NDR_ERR_SUCCESS; - } - - if (!sid) { - return NDR_ERR_SUCCESS; - } - - ZERO_STRUCT(zero_sid); - - if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { - return NDR_ERR_SUCCESS; - } - - return ndr_push_dom_sid(ndr, ndr_flags, sid); -} - -_PUBLIC_ enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->sid_rev_num)); - NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); - NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); - } - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *r) -{ - uint32_t cntr_sub_auths_0; - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); - NDR_CHECK(ndr_pull_int8(ndr, NDR_SCALARS, &r->num_auths)); - if (r->num_auths < 0 || r->num_auths > 15) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); - } - NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); - for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sub_auths[cntr_sub_auths_0])); - } - } - return NDR_ERR_SUCCESS; -} -- cgit From fb6803119c76b88d4ade1550fca884014b18be19 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:13:02 +0100 Subject: s3: remove duplicate prototypes in proto.h. Guenther --- source3/include/proto.h | 778 ------------------------------------------------ 1 file changed, 778 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 4028f6de52..09ebaa799e 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6521,70 +6521,6 @@ bool svcctl_io_r_query_service_config2(const char *desc, SVCCTL_R_QUERY_SERVICE_ bool svcctl_io_q_query_service_status_ex(const char *desc, SVCCTL_Q_QUERY_SERVICE_STATUSEX *q_u, prs_struct *ps, int depth); bool svcctl_io_r_query_service_status_ex(const char *desc, SVCCTL_R_QUERY_SERVICE_STATUSEX *r_u, prs_struct *ps, int depth); -/* The following definitions come from rpc_server/srv_dfs_nt.c */ - -void _dfs_GetManagerVersion(pipes_struct *p, struct dfs_GetManagerVersion *r); -WERROR _dfs_Add(pipes_struct *p, struct dfs_Add *r); -WERROR _dfs_Remove(pipes_struct *p, struct dfs_Remove *r); -WERROR _dfs_Enum(pipes_struct *p, struct dfs_Enum *r); -WERROR _dfs_GetInfo(pipes_struct *p, struct dfs_GetInfo *r); -WERROR _dfs_SetInfo(pipes_struct *p, struct dfs_SetInfo *r); -WERROR _dfs_Rename(pipes_struct *p, struct dfs_Rename *r); -WERROR _dfs_Move(pipes_struct *p, struct dfs_Move *r); -WERROR _dfs_ManagerGetConfigInfo(pipes_struct *p, struct dfs_ManagerGetConfigInfo *r); -WERROR _dfs_ManagerSendSiteInfo(pipes_struct *p, struct dfs_ManagerSendSiteInfo *r); -WERROR _dfs_AddFtRoot(pipes_struct *p, struct dfs_AddFtRoot *r); -WERROR _dfs_RemoveFtRoot(pipes_struct *p, struct dfs_RemoveFtRoot *r); -WERROR _dfs_AddStdRoot(pipes_struct *p, struct dfs_AddStdRoot *r); -WERROR _dfs_RemoveStdRoot(pipes_struct *p, struct dfs_RemoveStdRoot *r); -WERROR _dfs_ManagerInitialize(pipes_struct *p, struct dfs_ManagerInitialize *r); -WERROR _dfs_AddStdRootForced(pipes_struct *p, struct dfs_AddStdRootForced *r); -WERROR _dfs_GetDcAddress(pipes_struct *p, struct dfs_GetDcAddress *r); -WERROR _dfs_SetDcAddress(pipes_struct *p, struct dfs_SetDcAddress *r); -WERROR _dfs_FlushFtTable(pipes_struct *p, struct dfs_FlushFtTable *r); -WERROR _dfs_Add2(pipes_struct *p, struct dfs_Add2 *r); -WERROR _dfs_Remove2(pipes_struct *p, struct dfs_Remove2 *r); -WERROR _dfs_EnumEx(pipes_struct *p, struct dfs_EnumEx *r); -WERROR _dfs_SetInfo2(pipes_struct *p, struct dfs_SetInfo2 *r); - -/* The following definitions come from rpc_server/srv_dssetup_nt.c */ - -WERROR _dssetup_DsRoleGetPrimaryDomainInformation(pipes_struct *p, - struct dssetup_DsRoleGetPrimaryDomainInformation *r); -WERROR _dssetup_DsRoleDnsNameToFlatName(pipes_struct *p, - struct dssetup_DsRoleDnsNameToFlatName *r); -WERROR _dssetup_DsRoleDcAsDc(pipes_struct *p, - struct dssetup_DsRoleDcAsDc *r); -WERROR _dssetup_DsRoleDcAsReplica(pipes_struct *p, - struct dssetup_DsRoleDcAsReplica *r); -WERROR _dssetup_DsRoleDemoteDc(pipes_struct *p, - struct dssetup_DsRoleDemoteDc *r); -WERROR _dssetup_DsRoleGetDcOperationProgress(pipes_struct *p, - struct dssetup_DsRoleGetDcOperationProgress *r); -WERROR _dssetup_DsRoleGetDcOperationResults(pipes_struct *p, - struct dssetup_DsRoleGetDcOperationResults *r); -WERROR _dssetup_DsRoleCancel(pipes_struct *p, - struct dssetup_DsRoleCancel *r); -WERROR _dssetup_DsRoleServerSaveStateForUpgrade(pipes_struct *p, - struct dssetup_DsRoleServerSaveStateForUpgrade *r); -WERROR _dssetup_DsRoleUpgradeDownlevelServer(pipes_struct *p, - struct dssetup_DsRoleUpgradeDownlevelServer *r); -WERROR _dssetup_DsRoleAbortDownlevelServerUpgrade(pipes_struct *p, - struct dssetup_DsRoleAbortDownlevelServerUpgrade *r); - -/* The following definitions come from rpc_server/srv_echo_nt.c */ - -void _echo_AddOne(pipes_struct *p, struct echo_AddOne *r ); -void _echo_EchoData(pipes_struct *p, struct echo_EchoData *r); -void _echo_SinkData(pipes_struct *p, struct echo_SinkData *r); -void _echo_SourceData(pipes_struct *p, struct echo_SourceData *r); -void _echo_TestCall(pipes_struct *p, struct echo_TestCall *r); -NTSTATUS _echo_TestCall2(pipes_struct *p, struct echo_TestCall2 *r); -uint32 _echo_TestSleep(pipes_struct *p, struct echo_TestSleep *r); -void _echo_TestEnum(pipes_struct *p, struct echo_TestEnum *r); -void _echo_TestSurrounding(pipes_struct *p, struct echo_TestSurrounding *r); -uint16 _echo_TestDoublePointer(pipes_struct *p, struct echo_TestDoublePointer *r); - /* The following definitions come from rpc_server/srv_eventlog.c */ NTSTATUS rpc_eventlog2_init(void); @@ -6605,43 +6541,9 @@ bool parse_logentry( char *line, Eventlog_entry * entry, bool * eor ); /* The following definitions come from rpc_server/srv_eventlog_nt.c */ -NTSTATUS _eventlog_OpenEventLogW(pipes_struct *p, - struct eventlog_OpenEventLogW *r); -NTSTATUS _eventlog_ClearEventLogW(pipes_struct *p, - struct eventlog_ClearEventLogW *r); -NTSTATUS _eventlog_CloseEventLog( pipes_struct * p, struct eventlog_CloseEventLog *r ); NTSTATUS _eventlog_read_eventlog( pipes_struct * p, EVENTLOG_Q_READ_EVENTLOG * q_u, EVENTLOG_R_READ_EVENTLOG * r_u ); -NTSTATUS _eventlog_GetOldestRecord(pipes_struct *p, - struct eventlog_GetOldestRecord *r); -NTSTATUS _eventlog_GetNumRecords(pipes_struct *p, - struct eventlog_GetNumRecords *r); -NTSTATUS _eventlog_BackupEventLogW(pipes_struct *p, struct eventlog_BackupEventLogW *r); -NTSTATUS _eventlog_DeregisterEventSource(pipes_struct *p, struct eventlog_DeregisterEventSource *r); -NTSTATUS _eventlog_ChangeNotify(pipes_struct *p, struct eventlog_ChangeNotify *r); -NTSTATUS _eventlog_RegisterEventSourceW(pipes_struct *p, struct eventlog_RegisterEventSourceW *r); -NTSTATUS _eventlog_OpenBackupEventLogW(pipes_struct *p, struct eventlog_OpenBackupEventLogW *r); -NTSTATUS _eventlog_ReadEventLogW(pipes_struct *p, struct eventlog_ReadEventLogW *r); -NTSTATUS _eventlog_ReportEventW(pipes_struct *p, struct eventlog_ReportEventW *r); -NTSTATUS _eventlog_ClearEventLogA(pipes_struct *p, struct eventlog_ClearEventLogA *r); -NTSTATUS _eventlog_BackupEventLogA(pipes_struct *p, struct eventlog_BackupEventLogA *r); -NTSTATUS _eventlog_OpenEventLogA(pipes_struct *p, struct eventlog_OpenEventLogA *r); -NTSTATUS _eventlog_RegisterEventSourceA(pipes_struct *p, struct eventlog_RegisterEventSourceA *r); -NTSTATUS _eventlog_OpenBackupEventLogA(pipes_struct *p, struct eventlog_OpenBackupEventLogA *r); -NTSTATUS _eventlog_ReadEventLogA(pipes_struct *p, struct eventlog_ReadEventLogA *r); -NTSTATUS _eventlog_ReportEventA(pipes_struct *p, struct eventlog_ReportEventA *r); -NTSTATUS _eventlog_RegisterClusterSvc(pipes_struct *p, struct eventlog_RegisterClusterSvc *r); -NTSTATUS _eventlog_DeregisterClusterSvc(pipes_struct *p, struct eventlog_DeregisterClusterSvc *r); -NTSTATUS _eventlog_WriteClusterEvents(pipes_struct *p, struct eventlog_WriteClusterEvents *r); -NTSTATUS _eventlog_GetLogIntormation(pipes_struct *p, struct eventlog_GetLogIntormation *r); -NTSTATUS _eventlog_FlushEventLog(pipes_struct *p, struct eventlog_FlushEventLog *r); - -/* The following definitions come from rpc_server/srv_initshutdown_nt.c */ - -WERROR _initshutdown_Init(pipes_struct *p, struct initshutdown_Init *r); -WERROR _initshutdown_InitEx(pipes_struct *p, struct initshutdown_InitEx *r); -WERROR _initshutdown_Abort(pipes_struct *p, struct initshutdown_Abort *r); /* The following definitions come from rpc_server/srv_lsa_hnd.c */ @@ -6652,216 +6554,6 @@ bool close_policy_hnd(pipes_struct *p, POLICY_HND *hnd); void close_policy_by_pipe(pipes_struct *p); bool pipe_access_check(pipes_struct *p); -/* The following definitions come from rpc_server/srv_lsa_nt.c */ - -NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, - struct lsa_OpenPolicy2 *r); -NTSTATUS _lsa_OpenPolicy(pipes_struct *p, - struct lsa_OpenPolicy *r); -NTSTATUS _lsa_EnumTrustDom(pipes_struct *p, - struct lsa_EnumTrustDom *r); -NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p, - struct lsa_QueryInfoPolicy *r); -NTSTATUS _lsa_LookupSids(pipes_struct *p, - struct lsa_LookupSids *r); -NTSTATUS _lsa_LookupSids2(pipes_struct *p, - struct lsa_LookupSids2 *r); -NTSTATUS _lsa_LookupSids3(pipes_struct *p, - struct lsa_LookupSids3 *r); -NTSTATUS _lsa_LookupNames(pipes_struct *p, - struct lsa_LookupNames *r); -NTSTATUS _lsa_LookupNames2(pipes_struct *p, - struct lsa_LookupNames2 *r); -NTSTATUS _lsa_LookupNames3(pipes_struct *p, - struct lsa_LookupNames3 *r); -NTSTATUS _lsa_LookupNames4(pipes_struct *p, - struct lsa_LookupNames4 *r); -NTSTATUS _lsa_Close(pipes_struct *p, struct lsa_Close *r); -NTSTATUS _lsa_OpenSecret(pipes_struct *p, struct lsa_OpenSecret *r); -NTSTATUS _lsa_OpenTrustedDomain(pipes_struct *p, struct lsa_OpenTrustedDomain *r); -NTSTATUS _lsa_CreateTrustedDomain(pipes_struct *p, struct lsa_CreateTrustedDomain *r); -NTSTATUS _lsa_CreateSecret(pipes_struct *p, struct lsa_CreateSecret *r); -NTSTATUS _lsa_SetSecret(pipes_struct *p, struct lsa_SetSecret *r); -NTSTATUS _lsa_DeleteObject(pipes_struct *p, - struct lsa_DeleteObject *r); -NTSTATUS _lsa_EnumPrivs(pipes_struct *p, - struct lsa_EnumPrivs *r); -NTSTATUS _lsa_LookupPrivDisplayName(pipes_struct *p, - struct lsa_LookupPrivDisplayName *r); -NTSTATUS _lsa_EnumAccounts(pipes_struct *p, - struct lsa_EnumAccounts *r); -NTSTATUS _lsa_GetUserName(pipes_struct *p, - struct lsa_GetUserName *r); -NTSTATUS _lsa_CreateAccount(pipes_struct *p, - struct lsa_CreateAccount *r); -NTSTATUS _lsa_OpenAccount(pipes_struct *p, - struct lsa_OpenAccount *r); -NTSTATUS _lsa_EnumPrivsAccount(pipes_struct *p, - struct lsa_EnumPrivsAccount *r); -NTSTATUS _lsa_GetSystemAccessAccount(pipes_struct *p, - struct lsa_GetSystemAccessAccount *r); -NTSTATUS _lsa_SetSystemAccessAccount(pipes_struct *p, - struct lsa_SetSystemAccessAccount *r); -NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, - struct lsa_AddPrivilegesToAccount *r); -NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, - struct lsa_RemovePrivilegesFromAccount *r); -NTSTATUS _lsa_QuerySecurity(pipes_struct *p, - struct lsa_QuerySecurity *r); -NTSTATUS _lsa_AddAccountRights(pipes_struct *p, - struct lsa_AddAccountRights *r); -NTSTATUS _lsa_RemoveAccountRights(pipes_struct *p, - struct lsa_RemoveAccountRights *r); -NTSTATUS _lsa_EnumAccountRights(pipes_struct *p, - struct lsa_EnumAccountRights *r); -NTSTATUS _lsa_LookupPrivValue(pipes_struct *p, - struct lsa_LookupPrivValue *r); -NTSTATUS _lsa_Delete(pipes_struct *p, struct lsa_Delete *r); -NTSTATUS _lsa_SetSecObj(pipes_struct *p, struct lsa_SetSecObj *r); -NTSTATUS _lsa_ChangePassword(pipes_struct *p, struct lsa_ChangePassword *r); -NTSTATUS _lsa_SetInfoPolicy(pipes_struct *p, struct lsa_SetInfoPolicy *r); -NTSTATUS _lsa_ClearAuditLog(pipes_struct *p, struct lsa_ClearAuditLog *r); -NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r); -NTSTATUS _lsa_SetQuotasForAccount(pipes_struct *p, struct lsa_SetQuotasForAccount *r); -NTSTATUS _lsa_QueryTrustedDomainInfo(pipes_struct *p, struct lsa_QueryTrustedDomainInfo *r); -NTSTATUS _lsa_SetInformationTrustedDomain(pipes_struct *p, struct lsa_SetInformationTrustedDomain *r); -NTSTATUS _lsa_QuerySecret(pipes_struct *p, struct lsa_QuerySecret *r); -NTSTATUS _lsa_LookupPrivName(pipes_struct *p, struct lsa_LookupPrivName *r); -NTSTATUS _lsa_EnumAccountsWithUserRight(pipes_struct *p, struct lsa_EnumAccountsWithUserRight *r); -NTSTATUS _lsa_QueryTrustedDomainInfoBySid(pipes_struct *p, struct lsa_QueryTrustedDomainInfoBySid *r); -NTSTATUS _lsa_SetTrustedDomainInfo(pipes_struct *p, struct lsa_SetTrustedDomainInfo *r); -NTSTATUS _lsa_DeleteTrustedDomain(pipes_struct *p, struct lsa_DeleteTrustedDomain *r); -NTSTATUS _lsa_StorePrivateData(pipes_struct *p, struct lsa_StorePrivateData *r); -NTSTATUS _lsa_RetrievePrivateData(pipes_struct *p, struct lsa_RetrievePrivateData *r); -NTSTATUS _lsa_QueryInfoPolicy2(pipes_struct *p, struct lsa_QueryInfoPolicy2 *r); -NTSTATUS _lsa_SetInfoPolicy2(pipes_struct *p, struct lsa_SetInfoPolicy2 *r); -NTSTATUS _lsa_QueryTrustedDomainInfoByName(pipes_struct *p, struct lsa_QueryTrustedDomainInfoByName *r); -NTSTATUS _lsa_SetTrustedDomainInfoByName(pipes_struct *p, struct lsa_SetTrustedDomainInfoByName *r); -NTSTATUS _lsa_EnumTrustedDomainsEx(pipes_struct *p, struct lsa_EnumTrustedDomainsEx *r); -NTSTATUS _lsa_CreateTrustedDomainEx(pipes_struct *p, struct lsa_CreateTrustedDomainEx *r); -NTSTATUS _lsa_CloseTrustedDomainEx(pipes_struct *p, struct lsa_CloseTrustedDomainEx *r); -NTSTATUS _lsa_QueryDomainInformationPolicy(pipes_struct *p, struct lsa_QueryDomainInformationPolicy *r); -NTSTATUS _lsa_SetDomainInformationPolicy(pipes_struct *p, struct lsa_SetDomainInformationPolicy *r); -NTSTATUS _lsa_OpenTrustedDomainByName(pipes_struct *p, struct lsa_OpenTrustedDomainByName *r); -NTSTATUS _lsa_TestCall(pipes_struct *p, struct lsa_TestCall *r); -NTSTATUS _lsa_CreateTrustedDomainEx2(pipes_struct *p, struct lsa_CreateTrustedDomainEx2 *r); -NTSTATUS _lsa_CREDRWRITE(pipes_struct *p, struct lsa_CREDRWRITE *r); -NTSTATUS _lsa_CREDRREAD(pipes_struct *p, struct lsa_CREDRREAD *r); -NTSTATUS _lsa_CREDRENUMERATE(pipes_struct *p, struct lsa_CREDRENUMERATE *r); -NTSTATUS _lsa_CREDRWRITEDOMAINCREDENTIALS(pipes_struct *p, struct lsa_CREDRWRITEDOMAINCREDENTIALS *r); -NTSTATUS _lsa_CREDRREADDOMAINCREDENTIALS(pipes_struct *p, struct lsa_CREDRREADDOMAINCREDENTIALS *r); -NTSTATUS _lsa_CREDRDELETE(pipes_struct *p, struct lsa_CREDRDELETE *r); -NTSTATUS _lsa_CREDRGETTARGETINFO(pipes_struct *p, struct lsa_CREDRGETTARGETINFO *r); -NTSTATUS _lsa_CREDRPROFILELOADED(pipes_struct *p, struct lsa_CREDRPROFILELOADED *r); -NTSTATUS _lsa_CREDRGETSESSIONTYPES(pipes_struct *p, struct lsa_CREDRGETSESSIONTYPES *r); -NTSTATUS _lsa_LSARREGISTERAUDITEVENT(pipes_struct *p, struct lsa_LSARREGISTERAUDITEVENT *r); -NTSTATUS _lsa_LSARGENAUDITEVENT(pipes_struct *p, struct lsa_LSARGENAUDITEVENT *r); -NTSTATUS _lsa_LSARUNREGISTERAUDITEVENT(pipes_struct *p, struct lsa_LSARUNREGISTERAUDITEVENT *r); -NTSTATUS _lsa_lsaRQueryForestTrustInformation(pipes_struct *p, struct lsa_lsaRQueryForestTrustInformation *r); -NTSTATUS _lsa_LSARSETFORESTTRUSTINFORMATION(pipes_struct *p, struct lsa_LSARSETFORESTTRUSTINFORMATION *r); -NTSTATUS _lsa_CREDRRENAME(pipes_struct *p, struct lsa_CREDRRENAME *r); -NTSTATUS _lsa_LSAROPENPOLICYSCE(pipes_struct *p, struct lsa_LSAROPENPOLICYSCE *r); -NTSTATUS _lsa_LSARADTREGISTERSECURITYEVENTSOURCE(pipes_struct *p, struct lsa_LSARADTREGISTERSECURITYEVENTSOURCE *r); -NTSTATUS _lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(pipes_struct *p, struct lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE *r); -NTSTATUS _lsa_LSARADTREPORTSECURITYEVENT(pipes_struct *p, struct lsa_LSARADTREPORTSECURITYEVENT *r); - -/* The following definitions come from rpc_server/srv_netlog_nt.c */ - -WERROR _netr_LogonControl(pipes_struct *p, - struct netr_LogonControl *r); -WERROR _netr_LogonControl2(pipes_struct *p, - struct netr_LogonControl2 *r); -WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, - struct netr_NetrEnumerateTrustedDomains *r); -NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, - struct netr_ServerReqChallenge *r); -NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, - struct netr_ServerAuthenticate *r); -NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, - struct netr_ServerAuthenticate2 *r); -NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, - struct netr_ServerPasswordSet *r); -NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, - struct netr_LogonSamLogoff *r); -NTSTATUS _netr_LogonSamLogon(pipes_struct *p, - struct netr_LogonSamLogon *r); -NTSTATUS _netr_LogonSamLogonEx(pipes_struct *p, - struct netr_LogonSamLogonEx *r); -WERROR _netr_LogonUasLogon(pipes_struct *p, - struct netr_LogonUasLogon *r); -WERROR _netr_LogonUasLogoff(pipes_struct *p, - struct netr_LogonUasLogoff *r); -NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, - struct netr_DatabaseDeltas *r); -NTSTATUS _netr_DatabaseSync(pipes_struct *p, - struct netr_DatabaseSync *r); -NTSTATUS _netr_AccountDeltas(pipes_struct *p, - struct netr_AccountDeltas *r); -NTSTATUS _netr_AccountSync(pipes_struct *p, - struct netr_AccountSync *r); -WERROR _netr_GetDcName(pipes_struct *p, - struct netr_GetDcName *r); -WERROR _netr_GetAnyDCName(pipes_struct *p, - struct netr_GetAnyDCName *r); -NTSTATUS _netr_DatabaseSync2(pipes_struct *p, - struct netr_DatabaseSync2 *r); -NTSTATUS _netr_DatabaseRedo(pipes_struct *p, - struct netr_DatabaseRedo *r); -WERROR _netr_LogonControl2Ex(pipes_struct *p, - struct netr_LogonControl2Ex *r); -WERROR _netr_DsRGetDCName(pipes_struct *p, - struct netr_DsRGetDCName *r); -WERROR _netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p, - struct netr_NETRLOGONDUMMYROUTINE1 *r); -WERROR _netr_NETRLOGONSETSERVICEBITS(pipes_struct *p, - struct netr_NETRLOGONSETSERVICEBITS *r); -WERROR _netr_LogonGetTrustRid(pipes_struct *p, - struct netr_LogonGetTrustRid *r); -WERROR _netr_NETRLOGONCOMPUTESERVERDIGEST(pipes_struct *p, - struct netr_NETRLOGONCOMPUTESERVERDIGEST *r); -WERROR _netr_NETRLOGONCOMPUTECLIENTDIGEST(pipes_struct *p, - struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r); -NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, - struct netr_ServerAuthenticate3 *r); -WERROR _netr_DsRGetDCNameEx(pipes_struct *p, - struct netr_DsRGetDCNameEx *r); -WERROR _netr_DsRGetSiteName(pipes_struct *p, - struct netr_DsRGetSiteName *r); -NTSTATUS _netr_LogonGetDomainInfo(pipes_struct *p, - struct netr_LogonGetDomainInfo *r); -NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, - struct netr_ServerPasswordSet2 *r); -WERROR _netr_ServerPasswordGet(pipes_struct *p, - struct netr_ServerPasswordGet *r); -WERROR _netr_NETRLOGONSENDTOSAM(pipes_struct *p, - struct netr_NETRLOGONSENDTOSAM *r); -WERROR _netr_DsRAddressToSitenamesW(pipes_struct *p, - struct netr_DsRAddressToSitenamesW *r); -WERROR _netr_DsRGetDCNameEx2(pipes_struct *p, - struct netr_DsRGetDCNameEx2 *r); -WERROR _netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(pipes_struct *p, - struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r); -WERROR _netr_NetrEnumerateTrustedDomainsEx(pipes_struct *p, - struct netr_NetrEnumerateTrustedDomainsEx *r); -WERROR _netr_DsRAddressToSitenamesExW(pipes_struct *p, - struct netr_DsRAddressToSitenamesExW *r); -WERROR _netr_DsrGetDcSiteCoverageW(pipes_struct *p, - struct netr_DsrGetDcSiteCoverageW *r); -WERROR _netr_DsrEnumerateDomainTrusts(pipes_struct *p, - struct netr_DsrEnumerateDomainTrusts *r); -WERROR _netr_DsrDeregisterDNSHostRecords(pipes_struct *p, - struct netr_DsrDeregisterDNSHostRecords *r); -NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, - struct netr_ServerTrustPasswordsGet *r); -WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, - struct netr_DsRGetForestTrustInformation *r); -WERROR _netr_GetForestTrustInformation(pipes_struct *p, - struct netr_GetForestTrustInformation *r); -NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, - struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, - struct netr_ServerGetTrustInfo *r); - /* The following definitions come from rpc_server/srv_ntsvcs.c */ void ntsvcs2_get_pipe_fns( struct api_struct **fns, int *n_fns ); @@ -6869,137 +6561,7 @@ NTSTATUS rpc_ntsvcs2_init(void); /* The following definitions come from rpc_server/srv_ntsvcs_nt.c */ -WERROR _PNP_GetVersion(pipes_struct *p, - struct PNP_GetVersion *r); -WERROR _PNP_GetDeviceListSize(pipes_struct *p, - struct PNP_GetDeviceListSize *r); WERROR _ntsvcs_get_device_list( pipes_struct *p, NTSVCS_Q_GET_DEVICE_LIST *q_u, NTSVCS_R_GET_DEVICE_LIST *r_u ); -WERROR _PNP_ValidateDeviceInstance(pipes_struct *p, - struct PNP_ValidateDeviceInstance *r); -WERROR _PNP_GetHwProfInfo(pipes_struct *p, - struct PNP_GetHwProfInfo *r); -WERROR _PNP_HwProfFlags(pipes_struct *p, - struct PNP_HwProfFlags *r); -WERROR _PNP_Disconnect(pipes_struct *p, - struct PNP_Disconnect *r); -WERROR _PNP_Connect(pipes_struct *p, - struct PNP_Connect *r); -WERROR _PNP_GetGlobalState(pipes_struct *p, - struct PNP_GetGlobalState *r); -WERROR _PNP_InitDetection(pipes_struct *p, - struct PNP_InitDetection *r); -WERROR _PNP_ReportLogOn(pipes_struct *p, - struct PNP_ReportLogOn *r); -WERROR _PNP_GetRootDeviceInstance(pipes_struct *p, - struct PNP_GetRootDeviceInstance *r); -WERROR _PNP_GetRelatedDeviceInstance(pipes_struct *p, - struct PNP_GetRelatedDeviceInstance *r); -WERROR _PNP_EnumerateSubKeys(pipes_struct *p, - struct PNP_EnumerateSubKeys *r); -WERROR _PNP_GetDeviceList(pipes_struct *p, - struct PNP_GetDeviceList *r); -WERROR _PNP_GetDepth(pipes_struct *p, - struct PNP_GetDepth *r); -WERROR _PNP_GetDeviceRegProp(pipes_struct *p, - struct PNP_GetDeviceRegProp *r); -WERROR _PNP_SetDeviceRegProp(pipes_struct *p, - struct PNP_SetDeviceRegProp *r); -WERROR _PNP_GetClassInstance(pipes_struct *p, - struct PNP_GetClassInstance *r); -WERROR _PNP_CreateKey(pipes_struct *p, - struct PNP_CreateKey *r); -WERROR _PNP_DeleteRegistryKey(pipes_struct *p, - struct PNP_DeleteRegistryKey *r); -WERROR _PNP_GetClassCount(pipes_struct *p, - struct PNP_GetClassCount *r); -WERROR _PNP_GetClassName(pipes_struct *p, - struct PNP_GetClassName *r); -WERROR _PNP_DeleteClassKey(pipes_struct *p, - struct PNP_DeleteClassKey *r); -WERROR _PNP_GetInterfaceDeviceAlias(pipes_struct *p, - struct PNP_GetInterfaceDeviceAlias *r); -WERROR _PNP_GetInterfaceDeviceList(pipes_struct *p, - struct PNP_GetInterfaceDeviceList *r); -WERROR _PNP_GetInterfaceDeviceListSize(pipes_struct *p, - struct PNP_GetInterfaceDeviceListSize *r); -WERROR _PNP_RegisterDeviceClassAssociation(pipes_struct *p, - struct PNP_RegisterDeviceClassAssociation *r); -WERROR _PNP_UnregisterDeviceClassAssociation(pipes_struct *p, - struct PNP_UnregisterDeviceClassAssociation *r); -WERROR _PNP_GetClassRegProp(pipes_struct *p, - struct PNP_GetClassRegProp *r); -WERROR _PNP_SetClassRegProp(pipes_struct *p, - struct PNP_SetClassRegProp *r); -WERROR _PNP_CreateDevInst(pipes_struct *p, - struct PNP_CreateDevInst *r); -WERROR _PNP_DeviceInstanceAction(pipes_struct *p, - struct PNP_DeviceInstanceAction *r); -WERROR _PNP_GetDeviceStatus(pipes_struct *p, - struct PNP_GetDeviceStatus *r); -WERROR _PNP_SetDeviceProblem(pipes_struct *p, - struct PNP_SetDeviceProblem *r); -WERROR _PNP_DisableDevInst(pipes_struct *p, - struct PNP_DisableDevInst *r); -WERROR _PNP_UninstallDevInst(pipes_struct *p, - struct PNP_UninstallDevInst *r); -WERROR _PNP_AddID(pipes_struct *p, - struct PNP_AddID *r); -WERROR _PNP_RegisterDriver(pipes_struct *p, - struct PNP_RegisterDriver *r); -WERROR _PNP_QueryRemove(pipes_struct *p, - struct PNP_QueryRemove *r); -WERROR _PNP_RequestDeviceEject(pipes_struct *p, - struct PNP_RequestDeviceEject *r); -WERROR _PNP_IsDockStationPresent(pipes_struct *p, - struct PNP_IsDockStationPresent *r); -WERROR _PNP_RequestEjectPC(pipes_struct *p, - struct PNP_RequestEjectPC *r); -WERROR _PNP_AddEmptyLogConf(pipes_struct *p, - struct PNP_AddEmptyLogConf *r); -WERROR _PNP_FreeLogConf(pipes_struct *p, - struct PNP_FreeLogConf *r); -WERROR _PNP_GetFirstLogConf(pipes_struct *p, - struct PNP_GetFirstLogConf *r); -WERROR _PNP_GetNextLogConf(pipes_struct *p, - struct PNP_GetNextLogConf *r); -WERROR _PNP_GetLogConfPriority(pipes_struct *p, - struct PNP_GetLogConfPriority *r); -WERROR _PNP_AddResDes(pipes_struct *p, - struct PNP_AddResDes *r); -WERROR _PNP_FreeResDes(pipes_struct *p, - struct PNP_FreeResDes *r); -WERROR _PNP_GetNextResDes(pipes_struct *p, - struct PNP_GetNextResDes *r); -WERROR _PNP_GetResDesData(pipes_struct *p, - struct PNP_GetResDesData *r); -WERROR _PNP_GetResDesDataSize(pipes_struct *p, - struct PNP_GetResDesDataSize *r); -WERROR _PNP_ModifyResDes(pipes_struct *p, - struct PNP_ModifyResDes *r); -WERROR _PNP_DetectResourceLimit(pipes_struct *p, - struct PNP_DetectResourceLimit *r); -WERROR _PNP_QueryResConfList(pipes_struct *p, - struct PNP_QueryResConfList *r); -WERROR _PNP_SetHwProf(pipes_struct *p, - struct PNP_SetHwProf *r); -WERROR _PNP_QueryArbitratorFreeData(pipes_struct *p, - struct PNP_QueryArbitratorFreeData *r); -WERROR _PNP_QueryArbitratorFreeSize(pipes_struct *p, - struct PNP_QueryArbitratorFreeSize *r); -WERROR _PNP_RunDetection(pipes_struct *p, - struct PNP_RunDetection *r); -WERROR _PNP_RegisterNotification(pipes_struct *p, - struct PNP_RegisterNotification *r); -WERROR _PNP_UnregisterNotification(pipes_struct *p, - struct PNP_UnregisterNotification *r); -WERROR _PNP_GetCustomDevProp(pipes_struct *p, - struct PNP_GetCustomDevProp *r); -WERROR _PNP_GetVersionInternal(pipes_struct *p, - struct PNP_GetVersionInternal *r); -WERROR _PNP_GetBlockedDriverInfo(pipes_struct *p, - struct PNP_GetBlockedDriverInfo *r); -WERROR _PNP_GetServerSideDeviceInstallFlags(pipes_struct *p, - struct PNP_GetServerSideDeviceInstallFlags *r); /* The following definitions come from rpc_server/srv_pipe.c */ @@ -7036,145 +6598,6 @@ NTSTATUS np_write(struct files_struct *fsp, const uint8_t *data, size_t len, NTSTATUS np_read(struct files_struct *fsp, uint8_t *data, size_t len, ssize_t *nread, bool *is_data_outstanding); - -/* The following definitions come from rpc_server/srv_samr_nt.c */ - -NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r); -NTSTATUS _samr_OpenDomain(pipes_struct *p, - struct samr_OpenDomain *r); -NTSTATUS _samr_GetUserPwInfo(pipes_struct *p, - struct samr_GetUserPwInfo *r); -NTSTATUS _samr_SetSecurity(pipes_struct *p, - struct samr_SetSecurity *r); -NTSTATUS _samr_QuerySecurity(pipes_struct *p, - struct samr_QuerySecurity *r); -NTSTATUS _samr_EnumDomainUsers(pipes_struct *p, - struct samr_EnumDomainUsers *r); -NTSTATUS _samr_EnumDomainGroups(pipes_struct *p, - struct samr_EnumDomainGroups *r); -NTSTATUS _samr_EnumDomainAliases(pipes_struct *p, - struct samr_EnumDomainAliases *r); -NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p, - struct samr_QueryDisplayInfo *r); -NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p, - struct samr_QueryDisplayInfo2 *r); -NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p, - struct samr_QueryDisplayInfo3 *r); -NTSTATUS _samr_QueryAliasInfo(pipes_struct *p, - struct samr_QueryAliasInfo *r); -NTSTATUS _samr_LookupNames(pipes_struct *p, - struct samr_LookupNames *r); -NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p, - struct samr_ChangePasswordUser2 *r); -NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p, - struct samr_ChangePasswordUser3 *r); -NTSTATUS _samr_LookupRids(pipes_struct *p, - struct samr_LookupRids *r); -NTSTATUS _samr_OpenUser(pipes_struct *p, - struct samr_OpenUser *r); -NTSTATUS _samr_QueryUserInfo(pipes_struct *p, - struct samr_QueryUserInfo *r); -NTSTATUS _samr_GetGroupsForUser(pipes_struct *p, - struct samr_GetGroupsForUser *r); -NTSTATUS _samr_QueryDomainInfo(pipes_struct *p, - struct samr_QueryDomainInfo *r); -NTSTATUS _samr_CreateUser2(pipes_struct *p, - struct samr_CreateUser2 *r); -NTSTATUS _samr_Connect(pipes_struct *p, - struct samr_Connect *r); -NTSTATUS _samr_Connect2(pipes_struct *p, - struct samr_Connect2 *r); -NTSTATUS _samr_Connect4(pipes_struct *p, - struct samr_Connect4 *r); -NTSTATUS _samr_Connect5(pipes_struct *p, - struct samr_Connect5 *r); -NTSTATUS _samr_LookupDomain(pipes_struct *p, - struct samr_LookupDomain *r); -NTSTATUS _samr_EnumDomains(pipes_struct *p, - struct samr_EnumDomains *r); -NTSTATUS _samr_OpenAlias(pipes_struct *p, - struct samr_OpenAlias *r); -NTSTATUS _samr_SetUserInfo(pipes_struct *p, - struct samr_SetUserInfo *r); -NTSTATUS _samr_SetUserInfo2(pipes_struct *p, - struct samr_SetUserInfo2 *r); -NTSTATUS _samr_GetAliasMembership(pipes_struct *p, - struct samr_GetAliasMembership *r); -NTSTATUS _samr_GetMembersInAlias(pipes_struct *p, - struct samr_GetMembersInAlias *r); -NTSTATUS _samr_QueryGroupMember(pipes_struct *p, - struct samr_QueryGroupMember *r); -NTSTATUS _samr_AddAliasMember(pipes_struct *p, - struct samr_AddAliasMember *r); -NTSTATUS _samr_DeleteAliasMember(pipes_struct *p, - struct samr_DeleteAliasMember *r); -NTSTATUS _samr_AddGroupMember(pipes_struct *p, - struct samr_AddGroupMember *r); -NTSTATUS _samr_DeleteGroupMember(pipes_struct *p, - struct samr_DeleteGroupMember *r); -NTSTATUS _samr_DeleteUser(pipes_struct *p, - struct samr_DeleteUser *r); -NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p, - struct samr_DeleteDomainGroup *r); -NTSTATUS _samr_DeleteDomAlias(pipes_struct *p, - struct samr_DeleteDomAlias *r); -NTSTATUS _samr_CreateDomainGroup(pipes_struct *p, - struct samr_CreateDomainGroup *r); -NTSTATUS _samr_CreateDomAlias(pipes_struct *p, - struct samr_CreateDomAlias *r); -NTSTATUS _samr_QueryGroupInfo(pipes_struct *p, - struct samr_QueryGroupInfo *r); -NTSTATUS _samr_SetGroupInfo(pipes_struct *p, - struct samr_SetGroupInfo *r); -NTSTATUS _samr_SetAliasInfo(pipes_struct *p, - struct samr_SetAliasInfo *r); -NTSTATUS _samr_GetDomPwInfo(pipes_struct *p, - struct samr_GetDomPwInfo *r); -NTSTATUS _samr_OpenGroup(pipes_struct *p, - struct samr_OpenGroup *r); -NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p, - struct samr_RemoveMemberFromForeignDomain *r); -NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p, - struct samr_QueryDomainInfo2 *r); -NTSTATUS _samr_SetDomainInfo(pipes_struct *p, - struct samr_SetDomainInfo *r); -NTSTATUS _samr_GetDisplayEnumerationIndex(pipes_struct *p, - struct samr_GetDisplayEnumerationIndex *r); -NTSTATUS _samr_GetDisplayEnumerationIndex2(pipes_struct *p, - struct samr_GetDisplayEnumerationIndex2 *r); -NTSTATUS _samr_Shutdown(pipes_struct *p, - struct samr_Shutdown *r); -NTSTATUS _samr_CreateUser(pipes_struct *p, - struct samr_CreateUser *r); -NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p, - struct samr_SetMemberAttributesOfGroup *r); -NTSTATUS _samr_ChangePasswordUser(pipes_struct *p, - struct samr_ChangePasswordUser *r); -NTSTATUS _samr_TestPrivateFunctionsDomain(pipes_struct *p, - struct samr_TestPrivateFunctionsDomain *r); -NTSTATUS _samr_TestPrivateFunctionsUser(pipes_struct *p, - struct samr_TestPrivateFunctionsUser *r); -NTSTATUS _samr_QueryUserInfo2(pipes_struct *p, - struct samr_QueryUserInfo2 *r); -NTSTATUS _samr_AddMultipleMembersToAlias(pipes_struct *p, - struct samr_AddMultipleMembersToAlias *r); -NTSTATUS _samr_RemoveMultipleMembersFromAlias(pipes_struct *p, - struct samr_RemoveMultipleMembersFromAlias *r); -NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p, - struct samr_OemChangePasswordUser2 *r); -NTSTATUS _samr_SetBootKeyInformation(pipes_struct *p, - struct samr_SetBootKeyInformation *r); -NTSTATUS _samr_GetBootKeyInformation(pipes_struct *p, - struct samr_GetBootKeyInformation *r); -NTSTATUS _samr_Connect3(pipes_struct *p, - struct samr_Connect3 *r); -NTSTATUS _samr_RidToSid(pipes_struct *p, - struct samr_RidToSid *r); -NTSTATUS _samr_SetDsrmPassword(pipes_struct *p, - struct samr_SetDsrmPassword *r); -NTSTATUS _samr_ValidatePassword(pipes_struct *p, - struct samr_ValidatePassword *r); - /* The following definitions come from rpc_server/srv_samr_util.c */ void copy_id20_to_sam_passwd(struct samu *to, @@ -7334,79 +6757,7 @@ WERROR _spoolss_xcvdataport(pipes_struct *p, SPOOL_Q_XCVDATAPORT *q_u, SPOOL_R_X /* The following definitions come from rpc_server/srv_srvsvc_nt.c */ -WERROR _srvsvc_NetFileEnum(pipes_struct *p, - struct srvsvc_NetFileEnum *r); -WERROR _srvsvc_NetSrvGetInfo(pipes_struct *p, - struct srvsvc_NetSrvGetInfo *r); -WERROR _srvsvc_NetSrvSetInfo(pipes_struct *p, - struct srvsvc_NetSrvSetInfo *r); -WERROR _srvsvc_NetConnEnum(pipes_struct *p, - struct srvsvc_NetConnEnum *r); -WERROR _srvsvc_NetSessEnum(pipes_struct *p, - struct srvsvc_NetSessEnum *r); -WERROR _srvsvc_NetSessDel(pipes_struct *p, - struct srvsvc_NetSessDel *r); -WERROR _srvsvc_NetShareEnumAll(pipes_struct *p, - struct srvsvc_NetShareEnumAll *r); -WERROR _srvsvc_NetShareEnum(pipes_struct *p, - struct srvsvc_NetShareEnum *r); -WERROR _srvsvc_NetShareGetInfo(pipes_struct *p, - struct srvsvc_NetShareGetInfo *r); char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname); -WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, - struct srvsvc_NetShareSetInfo *r); -WERROR _srvsvc_NetShareAdd(pipes_struct *p, - struct srvsvc_NetShareAdd *r); -WERROR _srvsvc_NetShareDel(pipes_struct *p, - struct srvsvc_NetShareDel *r); -WERROR _srvsvc_NetShareDelSticky(pipes_struct *p, - struct srvsvc_NetShareDelSticky *r); -WERROR _srvsvc_NetRemoteTOD(pipes_struct *p, - struct srvsvc_NetRemoteTOD *r); -WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, - struct srvsvc_NetGetFileSecurity *r); -WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, - struct srvsvc_NetSetFileSecurity *r); -WERROR _srvsvc_NetDiskEnum(pipes_struct *p, - struct srvsvc_NetDiskEnum *r); -WERROR _srvsvc_NetNameValidate(pipes_struct *p, - struct srvsvc_NetNameValidate *r); -WERROR _srvsvc_NetFileClose(pipes_struct *p, struct srvsvc_NetFileClose *r); -WERROR _srvsvc_NetCharDevEnum(pipes_struct *p, struct srvsvc_NetCharDevEnum *r); -WERROR _srvsvc_NetCharDevGetInfo(pipes_struct *p, struct srvsvc_NetCharDevGetInfo *r); -WERROR _srvsvc_NetCharDevControl(pipes_struct *p, struct srvsvc_NetCharDevControl *r); -WERROR _srvsvc_NetCharDevQEnum(pipes_struct *p, struct srvsvc_NetCharDevQEnum *r); -WERROR _srvsvc_NetCharDevQGetInfo(pipes_struct *p, struct srvsvc_NetCharDevQGetInfo *r); -WERROR _srvsvc_NetCharDevQSetInfo(pipes_struct *p, struct srvsvc_NetCharDevQSetInfo *r); -WERROR _srvsvc_NetCharDevQPurge(pipes_struct *p, struct srvsvc_NetCharDevQPurge *r); -WERROR _srvsvc_NetCharDevQPurgeSelf(pipes_struct *p, struct srvsvc_NetCharDevQPurgeSelf *r); -WERROR _srvsvc_NetFileGetInfo(pipes_struct *p, struct srvsvc_NetFileGetInfo *r); -WERROR _srvsvc_NetShareCheck(pipes_struct *p, struct srvsvc_NetShareCheck *r); -WERROR _srvsvc_NetServerStatisticsGet(pipes_struct *p, struct srvsvc_NetServerStatisticsGet *r); -WERROR _srvsvc_NetTransportAdd(pipes_struct *p, struct srvsvc_NetTransportAdd *r); -WERROR _srvsvc_NetTransportEnum(pipes_struct *p, struct srvsvc_NetTransportEnum *r); -WERROR _srvsvc_NetTransportDel(pipes_struct *p, struct srvsvc_NetTransportDel *r); -WERROR _srvsvc_NetSetServiceBits(pipes_struct *p, struct srvsvc_NetSetServiceBits *r); -WERROR _srvsvc_NetPathType(pipes_struct *p, struct srvsvc_NetPathType *r); -WERROR _srvsvc_NetPathCanonicalize(pipes_struct *p, struct srvsvc_NetPathCanonicalize *r); -WERROR _srvsvc_NetPathCompare(pipes_struct *p, struct srvsvc_NetPathCompare *r); -WERROR _srvsvc_NETRPRNAMECANONICALIZE(pipes_struct *p, struct srvsvc_NETRPRNAMECANONICALIZE *r); -WERROR _srvsvc_NetPRNameCompare(pipes_struct *p, struct srvsvc_NetPRNameCompare *r); -WERROR _srvsvc_NetShareDelStart(pipes_struct *p, struct srvsvc_NetShareDelStart *r); -WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommit *r); -WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r); -WERROR _srvsvc_NetServerSetServiceBitsEx(pipes_struct *p, struct srvsvc_NetServerSetServiceBitsEx *r); -WERROR _srvsvc_NETRDFSGETVERSION(pipes_struct *p, struct srvsvc_NETRDFSGETVERSION *r); -WERROR _srvsvc_NETRDFSCREATELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSCREATELOCALPARTITION *r); -WERROR _srvsvc_NETRDFSDELETELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSDELETELOCALPARTITION *r); -WERROR _srvsvc_NETRDFSSETLOCALVOLUMESTATE(pipes_struct *p, struct srvsvc_NETRDFSSETLOCALVOLUMESTATE *r); -WERROR _srvsvc_NETRDFSSETSERVERINFO(pipes_struct *p, struct srvsvc_NETRDFSSETSERVERINFO *r); -WERROR _srvsvc_NETRDFSCREATEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSCREATEEXITPOINT *r); -WERROR _srvsvc_NETRDFSDELETEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSDELETEEXITPOINT *r); -WERROR _srvsvc_NETRDFSMODIFYPREFIX(pipes_struct *p, struct srvsvc_NETRDFSMODIFYPREFIX *r); -WERROR _srvsvc_NETRDFSFIXLOCALVOLUME(pipes_struct *p, struct srvsvc_NETRDFSFIXLOCALVOLUME *r); -WERROR _srvsvc_NETRDFSMANAGERREPORTSITEINFO(pipes_struct *p, struct srvsvc_NETRDFSMANAGERREPORTSITEINFO *r); -WERROR _srvsvc_NETRSERVERTRANSPORTDELEX(pipes_struct *p, struct srvsvc_NETRSERVERTRANSPORTDELEX *r); /* The following definitions come from rpc_server/srv_svcctl.c */ @@ -7416,138 +6767,9 @@ NTSTATUS rpc_svcctl2_init(void); /* The following definitions come from rpc_server/srv_svcctl_nt.c */ bool init_service_op_table( void ); -WERROR _svcctl_OpenSCManagerW(pipes_struct *p, - struct svcctl_OpenSCManagerW *r); -WERROR _svcctl_OpenServiceW(pipes_struct *p, - struct svcctl_OpenServiceW *r); -WERROR _svcctl_CloseServiceHandle(pipes_struct *p, struct svcctl_CloseServiceHandle *r); -WERROR _svcctl_GetServiceDisplayNameW(pipes_struct *p, - struct svcctl_GetServiceDisplayNameW *r); -WERROR _svcctl_QueryServiceStatus(pipes_struct *p, - struct svcctl_QueryServiceStatus *r); WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STATUS *q_u, SVCCTL_R_ENUM_SERVICES_STATUS *r_u); -WERROR _svcctl_StartServiceW(pipes_struct *p, - struct svcctl_StartServiceW *r); -WERROR _svcctl_ControlService(pipes_struct *p, - struct svcctl_ControlService *r); -WERROR _svcctl_EnumDependentServicesW(pipes_struct *p, - struct svcctl_EnumDependentServicesW *r); WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_STATUSEX *q_u, SVCCTL_R_QUERY_SERVICE_STATUSEX *r_u ); WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CONFIG2 *q_u, SVCCTL_R_QUERY_SERVICE_CONFIG2 *r_u ); -WERROR _svcctl_LockServiceDatabase(pipes_struct *p, - struct svcctl_LockServiceDatabase *r); -WERROR _svcctl_UnlockServiceDatabase(pipes_struct *p, - struct svcctl_UnlockServiceDatabase *r); -WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p, - struct svcctl_QueryServiceObjectSecurity *r); -WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p, - struct svcctl_SetServiceObjectSecurity *r); -WERROR _svcctl_DeleteService(pipes_struct *p, struct svcctl_DeleteService *r); -WERROR _svcctl_SetServiceStatus(pipes_struct *p, struct svcctl_SetServiceStatus *r); -WERROR _svcctl_NotifyBootConfigStatus(pipes_struct *p, struct svcctl_NotifyBootConfigStatus *r); -WERROR _svcctl_SCSetServiceBitsW(pipes_struct *p, struct svcctl_SCSetServiceBitsW *r); -WERROR _svcctl_ChangeServiceConfigW(pipes_struct *p, struct svcctl_ChangeServiceConfigW *r); -WERROR _svcctl_CreateServiceW(pipes_struct *p, struct svcctl_CreateServiceW *r); -WERROR _svcctl_EnumServicesStatusW(pipes_struct *p, struct svcctl_EnumServicesStatusW *r); -WERROR _svcctl_QueryServiceConfigW(pipes_struct *p, struct svcctl_QueryServiceConfigW *r); -WERROR _svcctl_QueryServiceLockStatusW(pipes_struct *p, struct svcctl_QueryServiceLockStatusW *r); -WERROR _svcctl_GetServiceKeyNameW(pipes_struct *p, struct svcctl_GetServiceKeyNameW *r); -WERROR _svcctl_SCSetServiceBitsA(pipes_struct *p, struct svcctl_SCSetServiceBitsA *r); -WERROR _svcctl_ChangeServiceConfigA(pipes_struct *p, struct svcctl_ChangeServiceConfigA *r); -WERROR _svcctl_CreateServiceA(pipes_struct *p, struct svcctl_CreateServiceA *r); -WERROR _svcctl_EnumDependentServicesA(pipes_struct *p, struct svcctl_EnumDependentServicesA *r); -WERROR _svcctl_EnumServicesStatusA(pipes_struct *p, struct svcctl_EnumServicesStatusA *r); -WERROR _svcctl_OpenSCManagerA(pipes_struct *p, struct svcctl_OpenSCManagerA *r); -WERROR _svcctl_OpenServiceA(pipes_struct *p, struct svcctl_OpenServiceA *r); -WERROR _svcctl_QueryServiceConfigA(pipes_struct *p, struct svcctl_QueryServiceConfigA *r); -WERROR _svcctl_QueryServiceLockStatusA(pipes_struct *p, struct svcctl_QueryServiceLockStatusA *r); -WERROR _svcctl_StartServiceA(pipes_struct *p, struct svcctl_StartServiceA *r); -WERROR _svcctl_GetServiceDisplayNameA(pipes_struct *p, struct svcctl_GetServiceDisplayNameA *r); -WERROR _svcctl_GetServiceKeyNameA(pipes_struct *p, struct svcctl_GetServiceKeyNameA *r); -WERROR _svcctl_GetCurrentGroupeStateW(pipes_struct *p, struct svcctl_GetCurrentGroupeStateW *r); -WERROR _svcctl_EnumServiceGroupW(pipes_struct *p, struct svcctl_EnumServiceGroupW *r); -WERROR _svcctl_ChangeServiceConfig2A(pipes_struct *p, struct svcctl_ChangeServiceConfig2A *r); -WERROR _svcctl_ChangeServiceConfig2W(pipes_struct *p, struct svcctl_ChangeServiceConfig2W *r); -WERROR _svcctl_QueryServiceConfig2A(pipes_struct *p, struct svcctl_QueryServiceConfig2A *r); -WERROR _svcctl_QueryServiceConfig2W(pipes_struct *p, struct svcctl_QueryServiceConfig2W *r); -WERROR _svcctl_QueryServiceStatusEx(pipes_struct *p, struct svcctl_QueryServiceStatusEx *r); -WERROR _EnumServicesStatusExA(pipes_struct *p, struct EnumServicesStatusExA *r); -WERROR _EnumServicesStatusExW(pipes_struct *p, struct EnumServicesStatusExW *r); -WERROR _svcctl_SCSendTSMessage(pipes_struct *p, struct svcctl_SCSendTSMessage *r); - -/* The following definitions come from rpc_server/srv_winreg_nt.c */ - -WERROR _winreg_CloseKey(pipes_struct *p, struct winreg_CloseKey *r); -WERROR _winreg_OpenHKLM(pipes_struct *p, struct winreg_OpenHKLM *r); -WERROR _winreg_OpenHKPD(pipes_struct *p, struct winreg_OpenHKPD *r); -WERROR _winreg_OpenHKPT(pipes_struct *p, struct winreg_OpenHKPT *r); -WERROR _winreg_OpenHKCR(pipes_struct *p, struct winreg_OpenHKCR *r); -WERROR _winreg_OpenHKU(pipes_struct *p, struct winreg_OpenHKU *r); -WERROR _winreg_OpenHKCU(pipes_struct *p, struct winreg_OpenHKCU *r); -WERROR _winreg_OpenHKCC(pipes_struct *p, struct winreg_OpenHKCC *r); -WERROR _winreg_OpenHKDD(pipes_struct *p, struct winreg_OpenHKDD *r); -WERROR _winreg_OpenHKPN(pipes_struct *p, struct winreg_OpenHKPN *r); -WERROR _winreg_OpenKey(pipes_struct *p, struct winreg_OpenKey *r); -WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r); -WERROR _winreg_QueryInfoKey(pipes_struct *p, struct winreg_QueryInfoKey *r); -WERROR _winreg_GetVersion(pipes_struct *p, struct winreg_GetVersion *r); -WERROR _winreg_EnumKey(pipes_struct *p, struct winreg_EnumKey *r); -WERROR _winreg_EnumValue(pipes_struct *p, struct winreg_EnumValue *r); -WERROR _winreg_InitiateSystemShutdown(pipes_struct *p, struct winreg_InitiateSystemShutdown *r); -WERROR _winreg_InitiateSystemShutdownEx(pipes_struct *p, struct winreg_InitiateSystemShutdownEx *r); -WERROR _winreg_AbortSystemShutdown(pipes_struct *p, struct winreg_AbortSystemShutdown *r); -WERROR _winreg_RestoreKey(pipes_struct *p, struct winreg_RestoreKey *r); -WERROR _winreg_SaveKey(pipes_struct *p, struct winreg_SaveKey *r); -WERROR _winreg_SaveKeyEx(pipes_struct *p, struct winreg_SaveKeyEx *r); -WERROR _winreg_CreateKey( pipes_struct *p, struct winreg_CreateKey *r); -WERROR _winreg_SetValue(pipes_struct *p, struct winreg_SetValue *r); -WERROR _winreg_DeleteKey(pipes_struct *p, struct winreg_DeleteKey *r); -WERROR _winreg_DeleteValue(pipes_struct *p, struct winreg_DeleteValue *r); -WERROR _winreg_GetKeySecurity(pipes_struct *p, struct winreg_GetKeySecurity *r); -WERROR _winreg_SetKeySecurity(pipes_struct *p, struct winreg_SetKeySecurity *r); -WERROR _winreg_FlushKey(pipes_struct *p, struct winreg_FlushKey *r); -WERROR _winreg_UnLoadKey(pipes_struct *p, struct winreg_UnLoadKey *r); -WERROR _winreg_ReplaceKey(pipes_struct *p, struct winreg_ReplaceKey *r); -WERROR _winreg_LoadKey(pipes_struct *p, struct winreg_LoadKey *r); -WERROR _winreg_NotifyChangeKeyValue(pipes_struct *p, struct winreg_NotifyChangeKeyValue *r); -WERROR _winreg_QueryMultipleValues(pipes_struct *p, struct winreg_QueryMultipleValues *r); -WERROR _winreg_QueryMultipleValues2(pipes_struct *p, struct winreg_QueryMultipleValues2 *r); - -/* The following definitions come from rpc_server/srv_wkssvc_nt.c */ - -WERROR _wkssvc_NetWkstaGetInfo(pipes_struct *p, struct wkssvc_NetWkstaGetInfo *r); -WERROR _wkssvc_NetWkstaSetInfo(pipes_struct *p, struct wkssvc_NetWkstaSetInfo *r); -WERROR _wkssvc_NetWkstaEnumUsers(pipes_struct *p, struct wkssvc_NetWkstaEnumUsers *r); -WERROR _wkssvc_NetrWkstaUserGetInfo(pipes_struct *p, struct wkssvc_NetrWkstaUserGetInfo *r); -WERROR _wkssvc_NetrWkstaUserSetInfo(pipes_struct *p, struct wkssvc_NetrWkstaUserSetInfo *r); -WERROR _wkssvc_NetWkstaTransportEnum(pipes_struct *p, struct wkssvc_NetWkstaTransportEnum *r); -WERROR _wkssvc_NetrWkstaTransportAdd(pipes_struct *p, struct wkssvc_NetrWkstaTransportAdd *r); -WERROR _wkssvc_NetrWkstaTransportDel(pipes_struct *p, struct wkssvc_NetrWkstaTransportDel *r); -WERROR _wkssvc_NetrUseAdd(pipes_struct *p, struct wkssvc_NetrUseAdd *r); -WERROR _wkssvc_NetrUseGetInfo(pipes_struct *p, struct wkssvc_NetrUseGetInfo *r); -WERROR _wkssvc_NetrUseDel(pipes_struct *p, struct wkssvc_NetrUseDel *r); -WERROR _wkssvc_NetrUseEnum(pipes_struct *p, struct wkssvc_NetrUseEnum *r); -WERROR _wkssvc_NetrMessageBufferSend(pipes_struct *p, struct wkssvc_NetrMessageBufferSend *r); -WERROR _wkssvc_NetrWorkstationStatisticsGet(pipes_struct *p, struct wkssvc_NetrWorkstationStatisticsGet *r) ; -WERROR _wkssvc_NetrLogonDomainNameAdd(pipes_struct *p, struct wkssvc_NetrLogonDomainNameAdd *r); -WERROR _wkssvc_NetrLogonDomainNameDel(pipes_struct *p, struct wkssvc_NetrLogonDomainNameDel *r); -WERROR _wkssvc_NetrJoinDomain(pipes_struct *p, struct wkssvc_NetrJoinDomain *r); -WERROR _wkssvc_NetrUnjoinDomain(pipes_struct *p, struct wkssvc_NetrUnjoinDomain *r); -WERROR _wkssvc_NetrRenameMachineInDomain(pipes_struct *p, struct wkssvc_NetrRenameMachineInDomain *r); -WERROR _wkssvc_NetrValidateName(pipes_struct *p, struct wkssvc_NetrValidateName *r); -WERROR _wkssvc_NetrGetJoinInformation(pipes_struct *p, struct wkssvc_NetrGetJoinInformation *r); -WERROR _wkssvc_NetrGetJoinableOus(pipes_struct *p, struct wkssvc_NetrGetJoinableOus *r); -WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, - struct wkssvc_NetrJoinDomain2 *r); -WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p, - struct wkssvc_NetrUnjoinDomain2 *r); -WERROR _wkssvc_NetrRenameMachineInDomain2(pipes_struct *p, struct wkssvc_NetrRenameMachineInDomain2 *r); -WERROR _wkssvc_NetrValidateName2(pipes_struct *p, struct wkssvc_NetrValidateName2 *r); -WERROR _wkssvc_NetrGetJoinableOus2(pipes_struct *p, struct wkssvc_NetrGetJoinableOus2 *r); -WERROR _wkssvc_NetrAddAlternateComputerName(pipes_struct *p, struct wkssvc_NetrAddAlternateComputerName *r); -WERROR _wkssvc_NetrRemoveAlternateComputerName(pipes_struct *p, struct wkssvc_NetrRemoveAlternateComputerName *r); -WERROR _wkssvc_NetrSetPrimaryComputername(pipes_struct *p, struct wkssvc_NetrSetPrimaryComputername *r); -WERROR _wkssvc_NetrEnumerateComputerNames(pipes_struct *p, struct wkssvc_NetrEnumerateComputerNames *r); /* The following definitions come from rpcclient/cmd_dfs.c */ -- cgit From a1aef939cf026e2a191f0bc7434e7857b7b330ec Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:24:02 +0100 Subject: s3: re-run make samba3-idl. Guenther --- source3/librpc/gen_ndr/cli_netlogon.c | 9 ++------- source3/librpc/gen_ndr/cli_netlogon.h | 3 +-- source3/librpc/gen_ndr/ndr_netlogon.c | 6 +++--- source3/librpc/gen_ndr/netlogon.h | 2 +- source3/librpc/gen_ndr/srv_netlogon.h | 2 +- 5 files changed, 8 insertions(+), 14 deletions(-) diff --git a/source3/librpc/gen_ndr/cli_netlogon.c b/source3/librpc/gen_ndr/cli_netlogon.c index a1bcb2cb38..1ce4e67c56 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.c +++ b/source3/librpc/gen_ndr/cli_netlogon.c @@ -2306,8 +2306,7 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, struct netr_Authenticator *return_authenticator /* [out] [ref] */, struct samr_Password *new_owf_password /* [out] [ref] */, struct samr_Password *old_owf_password /* [out] [ref] */, - struct netr_TrustInfo **trust_info /* [out] [ref] */, - WERROR *werror) + struct netr_TrustInfo **trust_info /* [out] [ref] */) { struct netr_ServerGetTrustInfo r; NTSTATUS status; @@ -2348,10 +2347,6 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, *trust_info = *r.out.trust_info; /* Return result */ - if (werror) { - *werror = r.out.result; - } - - return werror_to_ntstatus(r.out.result); + return r.out.result; } diff --git a/source3/librpc/gen_ndr/cli_netlogon.h b/source3/librpc/gen_ndr/cli_netlogon.h index 7a2d43b3c1..3fbc00e9da 100644 --- a/source3/librpc/gen_ndr/cli_netlogon.h +++ b/source3/librpc/gen_ndr/cli_netlogon.h @@ -366,6 +366,5 @@ NTSTATUS rpccli_netr_ServerGetTrustInfo(struct rpc_pipe_client *cli, struct netr_Authenticator *return_authenticator /* [out] [ref] */, struct samr_Password *new_owf_password /* [out] [ref] */, struct samr_Password *old_owf_password /* [out] [ref] */, - struct netr_TrustInfo **trust_info /* [out] [ref] */, - WERROR *werror); + struct netr_TrustInfo **trust_info /* [out] [ref] */); #endif /* __CLI_NETLOGON__ */ diff --git a/source3/librpc/gen_ndr/ndr_netlogon.c b/source3/librpc/gen_ndr/ndr_netlogon.c index af8228cd5a..81f8ddcab9 100644 --- a/source3/librpc/gen_ndr/ndr_netlogon.c +++ b/source3/librpc/gen_ndr/ndr_netlogon.c @@ -15613,7 +15613,7 @@ static enum ndr_err_code ndr_push_netr_ServerGetTrustInfo(struct ndr_push *ndr, if (*r->out.trust_info) { NDR_CHECK(ndr_push_netr_TrustInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.trust_info)); } - NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r->out.result)); + NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; } @@ -15721,7 +15721,7 @@ static enum ndr_err_code ndr_pull_netr_ServerGetTrustInfo(struct ndr_pull *ndr, NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_1, 0); } NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trust_info_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); + NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; } @@ -15781,7 +15781,7 @@ _PUBLIC_ void ndr_print_netr_ServerGetTrustInfo(struct ndr_print *ndr, const cha } ndr->depth--; ndr->depth--; - ndr_print_WERROR(ndr, "result", r->out.result); + ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; } ndr->depth--; diff --git a/source3/librpc/gen_ndr/netlogon.h b/source3/librpc/gen_ndr/netlogon.h index 02a4a447e0..7fb253446a 100644 --- a/source3/librpc/gen_ndr/netlogon.h +++ b/source3/librpc/gen_ndr/netlogon.h @@ -1727,7 +1727,7 @@ struct netr_ServerGetTrustInfo { struct samr_Password *new_owf_password;/* [ref] */ struct samr_Password *old_owf_password;/* [ref] */ struct netr_TrustInfo **trust_info;/* [ref] */ - WERROR result; + NTSTATUS result; } out; }; diff --git a/source3/librpc/gen_ndr/srv_netlogon.h b/source3/librpc/gen_ndr/srv_netlogon.h index 3bbe4d02fa..cd68d12f1e 100644 --- a/source3/librpc/gen_ndr/srv_netlogon.h +++ b/source3/librpc/gen_ndr/srv_netlogon.h @@ -47,7 +47,7 @@ NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, struct netr_ServerTrustP WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, struct netr_DsRGetForestTrustInformation *r); WERROR _netr_GetForestTrustInformation(pipes_struct *p, struct netr_GetForestTrustInformation *r); NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, struct netr_LogonSamLogonWithFlags *r); -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); +NTSTATUS _netr_ServerGetTrustInfo(pipes_struct *p, struct netr_ServerGetTrustInfo *r); void netlogon_get_pipe_fns(struct api_struct **fns, int *n_fns); NTSTATUS rpc_netlogon_init(void); #endif /* __SRV_NETLOGON__ */ -- cgit From 3c66ba0b3cfe9114f28368c30305103ffec68f57 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 13 Dec 2008 00:27:25 +0100 Subject: s3: fix netlogon rpc_server build after idl change. Guenther --- source3/rpc_server/srv_netlog_nt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 46450059f4..038690d0f1 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -1402,10 +1402,10 @@ NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, /**************************************************************** ****************************************************************/ -WERROR _netr_ServerGetTrustInfo(pipes_struct *p, - struct netr_ServerGetTrustInfo *r) +NTSTATUS _netr_ServerGetTrustInfo(pipes_struct *p, + struct netr_ServerGetTrustInfo *r) { p->rng_fault_state = true; - return WERR_NOT_SUPPORTED; + return NT_STATUS_NOT_IMPLEMENTED; } -- cgit From fd2bac966783a9aa3f278cc67219920384bc0981 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 19 Nov 2008 22:55:06 +0100 Subject: For read&x replies, check the offset --- source3/libsmb/clireadwrite.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index ecf49396d1..1c2a0d56c4 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -109,6 +109,7 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, uint16_t *vwv; uint16_t num_bytes; uint8_t *bytes; + uint8_t *buf; NTSTATUS status; size_t size; @@ -136,6 +137,24 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, return NT_STATUS_UNEXPECTED_IO_ERROR; } + /* + * bcc field must be valid for small reads, for large reads the 16-bit + * bcc field can't be correct. + */ + + if ((size < 0xffff) && (size > num_bytes)) { + DEBUG(5, ("server announced more bytes than sent\n")); + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + buf = (uint8_t *)smb_base(cli_req->inbuf) + SVAL(vwv+6, 0); + + if (trans_oob(smb_len(cli_req->inbuf), SVAL(vwv+6, 0), size) + || (buf < bytes)) { + DEBUG(5, ("server returned invalid read&x data offset\n")); + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + *rcvbuf = (uint8_t *)(smb_base(cli_req->inbuf) + SVAL(vwv + 6, 0)); *received = size; return NT_STATUS_OK; -- cgit From 627c844a13caf869ae3c68ec780a8eded7cb181d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 10:31:11 +0100 Subject: Fix a valgrind error in get_relative_fid_filename It doesn't really make sense to check the length of a not-yet-allocated string :-) Volker --- source3/smbd/open.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 1e988f65ec..d22eda2bb5 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3067,7 +3067,7 @@ NTSTATUS get_relative_fid_filename(connection_struct *conn, files_struct *dir_fsp; char *parent_fname = NULL; - if (root_dir_fid == 0 || !fname || !new_fname || !*new_fname) { + if (root_dir_fid == 0 || !fname || !new_fname) { return NT_STATUS_INTERNAL_ERROR; } -- cgit From 588f5aae669910fee6da7f807f330163496b4170 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 22 Oct 2008 10:36:21 +0200 Subject: s3: correctly detect if the current dc is the closest one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ads->config.tried_closest_dc was never set. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3) --- source3/include/ads.h | 1 - source3/libads/ndr.c | 1 - source3/utils/net_ads.c | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/source3/include/ads.h b/source3/include/ads.h index b72d250940..abff9eaa8c 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -80,7 +80,6 @@ typedef struct ads_struct { char *server_site_name; char *client_site_name; time_t current_time; - int tried_closest_dc; char *schema_path; char *config_path; } config; diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c index 6324a22041..6ada66ca40 100644 --- a/source3/libads/ndr.c +++ b/source3/libads/ndr.c @@ -75,7 +75,6 @@ void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ndr_print_string(ndr, "server_site_name", r->config.server_site_name); ndr_print_string(ndr, "client_site_name", r->config.client_site_name); ndr_print_time_t(ndr, "current_time", r->config.current_time); - ndr_print_bool(ndr, "tried_closest_dc", r->config.tried_closest_dc); ndr_print_string(ndr, "schema_path", r->config.schema_path); ndr_print_string(ndr, "config_path", r->config.config_path); ndr->depth--; diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index b03fefe14a..27d534665c 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -293,7 +293,7 @@ retry: tried_closest_dc = true; /* avoid loop */ - if (!ads->config.tried_closest_dc) { + if (!ads_closest_dc(ads)) { namecache_delete(ads->server.realm, 0x1C); namecache_delete(ads->server.workgroup, 0x1C); -- cgit From 7f779450cb0b0d9f36665c56c4acd0950daaeab2 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 22 Oct 2008 11:14:10 +0200 Subject: s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) --- source3/libads/ldap.c | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 932e42e076..31feea50c7 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -310,11 +310,35 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) realm = c_realm; + /* + * In case of LDAP we use get_dc_name() as that + * creates the custom krb5.conf file + */ + if (!(ads->auth.flags & ADS_AUTH_NO_BIND)) { + fstring srv_name; + struct sockaddr_storage ip_out; + + DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", + (got_realm ? "realm" : "domain"), realm)); + + if (get_dc_name(realm, realm, srv_name, &ip_out)) { + /* + * we call ads_try_connect() to fill in the + * ads->config details + */ + if (ads_try_connect(ads, srv_name, false)) { + return NT_STATUS_OK; + } + } + + return NT_STATUS_NO_LOGON_SERVERS; + } + sitename = sitename_fetch(realm); again: - DEBUG(6,("ads_find_dc: looking for %s '%s'\n", + DEBUG(6,("ads_find_dc: (cldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); status = get_sorted_dc_list(realm, sitename, &ip_list, &count, got_realm); -- cgit From 0c43f96330f2935805ba4f0f8f858a027a90bc4c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 09:40:25 +0100 Subject: s3: libsmb/namequery: fallback to returning all dcs, when none is available in the requested site MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It could happen that all dcs in a site are unavailable (some sites have only one dc) and then we need to fallback to get all dcs. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit c127367b1dd622eeceb1f47de0a047c297dda222) --- source3/libsmb/namequery.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index bcf849b795..87ed5af14c 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -2098,6 +2098,15 @@ NTSTATUS get_sorted_dc_list( const char *domain, status = get_dc_list(domain, sitename, ip_list, count, lookup_type, &ordered); + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_LOGON_SERVERS) + && sitename) { + DEBUG(3,("get_sorted_dc_list: no server for name %s available" + " in site %s, fallback to all servers\n", + domain, sitename)); + status = get_dc_list(domain, NULL, ip_list, + count, lookup_type, &ordered); + } + if (!NT_STATUS_IS_OK(status)) { SAFE_FREE(*ip_list); *count = 0; -- cgit From 895c40d03a07182c054a6fd857e7dd6838e698f4 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:31:30 +0100 Subject: s3:libsmb/namequery.c: add saf_join_store() function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit saf_join_store() should be called after a successful domain join, the affinity to the dc used at join time has a larger ttl, to avoid problems with delayed replication. metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit 80e74a27c55c01221091e3eec930c2ac4433c22c) --- source3/include/proto.h | 1 + source3/libsmb/namequery.c | 68 ++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 66 insertions(+), 3 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 09ebaa799e..69194ec6b2 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2984,6 +2984,7 @@ bool namecache_status_fetch(const char *keyname, /* The following definitions come from libsmb/namequery.c */ bool saf_store( const char *domain, const char *servername ); +bool saf_join_store( const char *domain, const char *servername ); bool saf_delete( const char *domain ); char *saf_fetch( const char *domain ); NODE_STATUS_STRUCT *node_status_query(int fd, diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 87ed5af14c..05679570d4 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -34,6 +34,8 @@ bool global_in_nmbd = False; ****************************************************************************/ #define SAFKEY_FMT "SAF/DOMAIN/%s" #define SAF_TTL 900 +#define SAFJOINKEY_FMT "SAFJOIN/DOMAIN/%s" +#define SAFJOIN_TTL 3600 static char *saf_key(const char *domain) { @@ -44,6 +46,15 @@ static char *saf_key(const char *domain) return keystr; } +static char *saf_join_key(const char *domain) +{ + char *keystr; + + asprintf_strupper_m(&keystr, SAFJOINKEY_FMT, domain); + + return keystr; +} + /**************************************************************************** ****************************************************************************/ @@ -69,7 +80,7 @@ bool saf_store( const char *domain, const char *servername ) return False; key = saf_key( domain ); - expire = time( NULL ) + SAF_TTL; + expire = time( NULL ) + lp_parm_int(-1, "saf","ttl", SAF_TTL); DEBUG(10,("saf_store: domain = [%s], server = [%s], expire = [%u]\n", domain, servername, (unsigned int)expire )); @@ -81,6 +92,38 @@ bool saf_store( const char *domain, const char *servername ) return ret; } +bool saf_join_store( const char *domain, const char *servername ) +{ + char *key; + time_t expire; + bool ret = False; + + if ( !domain || !servername ) { + DEBUG(2,("saf_join_store: Refusing to store empty domain or servername!\n")); + return False; + } + + if ( (strlen(domain) == 0) || (strlen(servername) == 0) ) { + DEBUG(0,("saf_join_store: refusing to store 0 length domain or servername!\n")); + return False; + } + + if ( !gencache_init() ) + return False; + + key = saf_join_key( domain ); + expire = time( NULL ) + lp_parm_int(-1, "saf","join ttl", SAFJOIN_TTL); + + DEBUG(10,("saf_join_store: domain = [%s], server = [%s], expire = [%u]\n", + domain, servername, (unsigned int)expire )); + + ret = gencache_set( key, servername, expire ); + + SAFE_FREE( key ); + + return ret; +} + bool saf_delete( const char *domain ) { char *key; @@ -94,15 +137,22 @@ bool saf_delete( const char *domain ) if ( !gencache_init() ) return False; + key = saf_join_key(domain); + ret = gencache_del(key); + SAFE_FREE(key); + + if (ret) { + DEBUG(10,("saf_delete[join]: domain = [%s]\n", domain )); + } + key = saf_key(domain); ret = gencache_del(key); + SAFE_FREE(key); if (ret) { DEBUG(10,("saf_delete: domain = [%s]\n", domain )); } - SAFE_FREE( key ); - return ret; } @@ -124,6 +174,18 @@ char *saf_fetch( const char *domain ) if ( !gencache_init() ) return False; + key = saf_join_key( domain ); + + ret = gencache_get( key, &server, &timeout ); + + SAFE_FREE( key ); + + if ( ret ) { + DEBUG(5,("saf_fetch[join]: Returning \"%s\" for \"%s\" domain\n", + server, domain )); + return server; + } + key = saf_key( domain ); ret = gencache_get( key, &server, &timeout ); -- cgit From 2f27ffc4a2ba745341a5961b8f04e62da3fb089a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:36:25 +0100 Subject: s3:libads/ldap.c: pass the real workgroup name to get_dc_name() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc) --- source3/libads/ldap.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 31feea50c7..61e04d1e7c 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -267,10 +267,12 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) static NTSTATUS ads_find_dc(ADS_STRUCT *ads) { + const char *c_domain; const char *c_realm; int count, i=0; struct ip_service *ip_list; const char *realm; + const char *domain; bool got_realm = False; bool use_own_domain = False; char *sitename; @@ -308,7 +310,14 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) return NT_STATUS_INVALID_PARAMETER; /* rather need MISSING_PARAMETER ... */ } + if ( use_own_domain ) { + c_domain = lp_workgroup(); + } else { + c_domain = ads->server.workgroup; + } + realm = c_realm; + domain = c_domain; /* * In case of LDAP we use get_dc_name() as that @@ -321,7 +330,7 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads) DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n", (got_realm ? "realm" : "domain"), realm)); - if (get_dc_name(realm, realm, srv_name, &ip_out)) { + if (get_dc_name(domain, realm, srv_name, &ip_out)) { /* * we call ads_try_connect() to fill in the * ads->config details -- cgit From a8040d59659e58c5cb92c1107a7ff012eff12729 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:38:15 +0100 Subject: s3:libads/ldap.c: if the client belongs to no site at all any dc is the closest MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b) --- source3/libads/ldap.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 61e04d1e7c..c0bb9c7e2d 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -162,6 +162,11 @@ bool ads_closest_dc(ADS_STRUCT *ads) return True; } + if (ads->config.client_site_name == NULL) { + DEBUG(10,("ads_closest_dc: client belongs to no site\n")); + return True; + } + DEBUG(10,("ads_closest_dc: %s is not the closest DC\n", ads->config.ldap_server_name)); -- cgit From 17efebde11eafd065c2cac39cdbe55b8d40d40be Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:39:30 +0100 Subject: s3:libads/ldap.c: store the dc name in the saf cache as in all other places MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59) --- source3/libads/ldap.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index c0bb9c7e2d..cf8a7ebb1b 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -651,9 +651,8 @@ got_connection: /* cache the successful connection for workgroup and realm */ if (ads_closest_dc(ads)) { - print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); - saf_store( ads->server.workgroup, addr); - saf_store( ads->server.realm, addr); + saf_store( ads->server.workgroup, ads->config.ldap_server_name); + saf_store( ads->server.realm, ads->config.ldap_server_name); } ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version); -- cgit From 6a993cb333675f4079d439fa334edee2df604933 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 19:40:23 +0100 Subject: s3:libnet_join: call saf_join_store() after a the join. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Stefan Metzmacher Signed-off-by: Günther Deschner (similar to commit feef594d275881466e2c3f59c0ff54609a9cc53b) --- source3/libnet/libnet_join.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 908fb78ab4..fb8bc1948f 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1521,7 +1521,10 @@ static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx, return WERR_OK; } - saf_store(r->in.domain_name, r->in.dc_name); + saf_join_store(r->out.netbios_domain_name, r->in.dc_name); + if (r->out.dns_domain_name) { + saf_join_store(r->out.dns_domain_name, r->in.dc_name); + } #ifdef WITH_ADS if (r->out.domain_is_ad) { -- cgit From 2bb91392b46e347fe3b6803d10b10d8b40e4a4a6 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 21 Nov 2008 08:22:38 +0100 Subject: s3:libnet_join: use DS_FORCE_REDISCOVERY metze --- source3/libnet/libnet_join.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index fb8bc1948f..691f6ff8eb 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1755,6 +1755,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, r->in.domain_name, NULL, NULL, + DS_FORCE_REDISCOVERY | DS_DIRECTORY_SERVICE_REQUIRED | DS_WRITABLE_REQUIRED | DS_RETURN_DNS_NAME, -- cgit From 1b7b0e924f3064a9774fd5d46bedc3d342b39ddb Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 21 Nov 2008 08:28:13 +0100 Subject: s3:dsgetdcname: retry with the clients site metze --- source3/libsmb/dsgetdcname.c | 49 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 43 insertions(+), 6 deletions(-) diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index d8c2b70175..3491544175 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -1119,6 +1119,27 @@ static NTSTATUS dsgetdcname_rediscover(TALLOC_CTX *mem_ctx, num_dcs, info); } +static bool is_closest_site(struct netr_DsRGetDCNameInfo *info) +{ + if (info->dc_flags & DS_SERVER_CLOSEST) { + return true; + } + + if (!info->client_site_name) { + return true; + } + + if (!info->dc_site_name) { + return false; + } + + if (strcmp(info->client_site_name, info->dc_site_name) == 0) { + return true; + } + + return false; +} + /******************************************************************** dsgetdcname. @@ -1136,6 +1157,8 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND; struct netr_DsRGetDCNameInfo *myinfo = NULL; char *query_site = NULL; + bool first = true; + struct netr_DsRGetDCNameInfo *first_info = NULL; DEBUG(10,("dsgetdcname: domain_name: %s, " "domain_guid: %s, site_name: %s, flags: 0x%08x\n", @@ -1163,7 +1186,6 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, status = dsgetdcname_cached(mem_ctx, msg_ctx, domain_name, domain_guid, flags, query_site, &myinfo); if (NT_STATUS_IS_OK(status)) { - *info = myinfo; goto done; } @@ -1176,12 +1198,27 @@ NTSTATUS dsgetdcname(TALLOC_CTX *mem_ctx, domain_guid, flags, query_site, &myinfo); - if (NT_STATUS_IS_OK(status)) { - *info = myinfo; - } - done: SAFE_FREE(query_site); - return status; + if (!NT_STATUS_IS_OK(status)) { + if (!first) { + *info = first_info; + return NT_STATUS_OK; + } + return status; + } + + if (!first) { + TALLOC_FREE(first_info); + } else if (!is_closest_site(myinfo)) { + first = false; + first_info = myinfo; + /* TODO: may use the next_closest_site here */ + query_site = SMB_STRDUP(myinfo->client_site_name); + goto rediscover; + } + + *info = myinfo; + return NT_STATUS_OK; } -- cgit From b04d00744efb2189c37c01b2c57cc3899db1e482 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 16:53:17 +0100 Subject: Micro-Optimize cliconnect.c In this form, the prots array is fully read-only in the text segment and thus can be shared between processes. Probably pointless, but I had fun doing it :-) --- source3/libsmb/cliconnect.c | 49 +++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index d33775fbb8..8194a36941 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -22,19 +22,18 @@ static const struct { int prot; - const char *name; -} prots[] = { - {PROTOCOL_CORE,"PC NETWORK PROGRAM 1.0"}, - {PROTOCOL_COREPLUS,"MICROSOFT NETWORKS 1.03"}, - {PROTOCOL_LANMAN1,"MICROSOFT NETWORKS 3.0"}, - {PROTOCOL_LANMAN1,"LANMAN1.0"}, - {PROTOCOL_LANMAN2,"LM1.2X002"}, - {PROTOCOL_LANMAN2,"DOS LANMAN2.1"}, - {PROTOCOL_LANMAN2,"LANMAN2.1"}, - {PROTOCOL_LANMAN2,"Samba"}, - {PROTOCOL_NT1,"NT LANMAN 1.0"}, - {PROTOCOL_NT1,"NT LM 0.12"}, - {-1,NULL} + const char name[24]; +} prots[10] = { + {PROTOCOL_CORE, "PC NETWORK PROGRAM 1.0"}, + {PROTOCOL_COREPLUS, "MICROSOFT NETWORKS 1.03"}, + {PROTOCOL_LANMAN1, "MICROSOFT NETWORKS 3.0"}, + {PROTOCOL_LANMAN1, "LANMAN1.0"}, + {PROTOCOL_LANMAN2, "LM1.2X002"}, + {PROTOCOL_LANMAN2, "DOS LANMAN2.1"}, + {PROTOCOL_LANMAN2, "LANMAN2.1"}, + {PROTOCOL_LANMAN2, "Samba"}, + {PROTOCOL_NT1, "NT LANMAN 1.0"}, + {PROTOCOL_NT1, "NT LM 0.12"}, }; static const char *star_smbserver_name = "*SMBSERVER"; @@ -1221,9 +1220,10 @@ void cli_negprot_send(struct cli_state *cli) cli_set_message(cli->outbuf,0,0,True); p = smb_buf(cli->outbuf); - for (numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) { + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } *p++ = 2; p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE); } @@ -1252,18 +1252,23 @@ bool cli_negprot(struct cli_state *cli) memset(cli->outbuf,'\0',smb_size); + plength = 0; + /* setup the protocol strings */ - for (plength=0,numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } plength += strlen(prots[numprots].name)+2; + } cli_set_message(cli->outbuf,0,plength,True); p = smb_buf(cli->outbuf); - for (numprots=0; - prots[numprots].name && prots[numprots].prot<=cli->protocol; - numprots++) { + for (numprots=0; numprots < ARRAY_SIZE(prots); numprots++) { + if (prots[numprots].prot > cli->protocol) { + break; + } *p++ = 2; p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE); } -- cgit From da6be4102ed1e3d4e20f08dd8944f062d13c759a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 17:04:12 +0100 Subject: Remove a static variable Derrell, please check! Thanks, Volker --- source3/libsmb/libsmb_dir.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c index aa313f2c05..d12e7487f6 100644 --- a/source3/libsmb/libsmb_dir.c +++ b/source3/libsmb/libsmb_dir.c @@ -1193,8 +1193,6 @@ SMBC_mkdir_ctx(SMBCCTX *context, * Our list function simply checks to see if a directory is not empty */ -static int smbc_rmdir_dirempty = True; - static void rmdir_list_fn(const char *mnt, file_info *finfo, @@ -1203,7 +1201,8 @@ rmdir_list_fn(const char *mnt, { if (strncmp(finfo->name, ".", 1) != 0 && strncmp(finfo->name, "..", 2) != 0) { - smbc_rmdir_dirempty = False; + bool *smbc_rmdir_dirempty = (bool *)state; + *smbc_rmdir_dirempty = false; } } @@ -1292,8 +1291,7 @@ SMBC_rmdir_ctx(SMBCCTX *context, /* Local storage to avoid buffer overflows */ char *lpath; - - smbc_rmdir_dirempty = True; /* Make this so ... */ + bool smbc_rmdir_dirempty = true; lpath = talloc_asprintf(frame, "%s\\*", targetpath); @@ -1305,7 +1303,8 @@ SMBC_rmdir_ctx(SMBCCTX *context, if (cli_list(targetcli, lpath, aDIR | aSYSTEM | aHIDDEN, - rmdir_list_fn, NULL) < 0) { + rmdir_list_fn, + &smbc_rmdir_dirempty) < 0) { /* Fix errno to ignore latest error ... */ DEBUG(5, ("smbc_rmdir: " -- cgit From be3d9990635fa31e4110285842b1ca98ed4ce53c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Dec 2008 16:40:25 +0100 Subject: Remove a pointless static variable Every sane compiler will only allocate "*SMBSERVER" once --- source3/libsmb/cliconnect.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 8194a36941..125345fccb 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -36,7 +36,7 @@ static const struct { {PROTOCOL_NT1, "NT LM 0.12"}, }; -static const char *star_smbserver_name = "*SMBSERVER"; +#define STAR_SMBSERVER "*SMBSERVER" /** * Set the user session key for a connection @@ -862,7 +862,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, if (principal == NULL && !is_ipaddress(cli->desthost) && - !strequal(star_smbserver_name, + !strequal(STAR_SMBSERVER, cli->desthost)) { char *realm = NULL; char *machine = NULL; @@ -1500,7 +1500,7 @@ NTSTATUS cli_connect(struct cli_state *cli, /* reasonable default hostname */ if (!host) { - host = star_smbserver_name; + host = STAR_SMBSERVER; } fstrcpy(cli->desthost, host); @@ -1648,8 +1648,8 @@ again: *p = 0; goto again; } - if (strcmp(called.name, star_smbserver_name)) { - make_nmb_name(&called , star_smbserver_name, 0x20); + if (strcmp(called.name, STAR_SMBSERVER)) { + make_nmb_name(&called , STAR_SMBSERVER, 0x20); goto again; } return NT_STATUS_BAD_NETWORK_NAME; @@ -1779,7 +1779,7 @@ bool attempt_netbios_session_request(struct cli_state **ppcli, const char *srcho */ if(is_ipaddress(desthost)) { - make_nmb_name(&called, star_smbserver_name, 0x20); + make_nmb_name(&called, STAR_SMBSERVER, 0x20); } else { make_nmb_name(&called, desthost, 0x20); } @@ -1788,7 +1788,7 @@ bool attempt_netbios_session_request(struct cli_state **ppcli, const char *srcho NTSTATUS status; struct nmb_name smbservername; - make_nmb_name(&smbservername, star_smbserver_name, 0x20); + make_nmb_name(&smbservername, STAR_SMBSERVER, 0x20); /* * If the name wasn't *SMBSERVER then -- cgit From c689d75c27c9fb0a0b3ae05fc75d38671055cd8e Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Sat, 13 Dec 2008 11:31:20 -0800 Subject: don't return 0 on error - bad for scripts --- source3/utils/smbcacls.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 1bfc4757da..f7f1272215 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -735,6 +735,8 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, if (!cli_set_secdesc(cli, fnum, sd)) { printf("ERROR: secdesc set failed: %s\n", cli_errstr(cli)); + cli_close(cli, fnum); + return EXIT_FAILED; } cli_close(cli, fnum); -- cgit From 3c5c3aaa74c1023f01236d6f572587264834a097 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Dec 2008 13:10:48 -0800 Subject: Added torture test for doing an openX over a directory to ensure we get the correct error message. Jeremy. --- source4/torture/raw/open.c | 47 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c index ef0fa5138a..9f35aae4d0 100644 --- a/source4/torture/raw/open.c +++ b/source4/torture/raw/open.c @@ -1422,6 +1422,52 @@ done: return ret; } +/* + test RAW_OPEN_OPENX against an existing directory to + ensure it returns NT_STATUS_FILE_IS_A_DIRECTORY. + Samba 3.2.0 - 3.2.6 are known to fail this. + +*/ +static bool test_openx_over_dir(struct smbcli_state *cli, TALLOC_CTX *tctx) +{ + union smb_open io; + const char *fname = BASEDIR "\\openx_over_dir"; + NTSTATUS status; + int d_fnum = -1; + int fnum = -1; + bool ret = true; + + printf("Checking RAW_OPEN_OPENX over an existing directory\n"); + smbcli_unlink(cli->tree, fname); + + /* Create the Directory */ + status = create_directory_handle(cli->tree, fname, &d_fnum); + smbcli_close(cli->tree, d_fnum); + + /* Prepare to open the file over the directory. */ + io.openx.level = RAW_OPEN_OPENX; + io.openx.in.fname = fname; + io.openx.in.flags = OPENX_FLAGS_ADDITIONAL_INFO; + io.openx.in.open_mode = OPENX_MODE_ACCESS_RDWR; + io.openx.in.open_func = OPENX_OPEN_FUNC_OPEN; + io.openx.in.search_attrs = 0; + io.openx.in.file_attrs = 0; + io.openx.in.write_time = 0; + io.openx.in.size = 1024*1024; + io.openx.in.timeout = 0; + + status = smb_raw_open(cli->tree, tctx, &io); + CHECK_STATUS(status, NT_STATUS_FILE_IS_A_DIRECTORY); + fnum = io.openx.out.file.fnum; + +done: + smbcli_close(cli->tree, fnum); + smbcli_unlink(cli->tree, fname); + + return ret; +} + + /* A little torture test to expose a race condition in Samba 3.0.20 ... :-) */ static bool test_raw_open_multi(struct torture_context *tctx) @@ -1624,6 +1670,7 @@ bool torture_raw_open(struct torture_context *torture, struct smbcli_state *cli) ret &= test_ctemp(cli, torture); ret &= test_chained(cli, torture); ret &= test_no_leading_slash(cli, torture); + ret &= test_openx_over_dir(cli, torture); ret &= test_open_for_delete(cli, torture); smb_raw_exit(cli->session); -- cgit From 5887857a247622cff80d2fff9ef2d45cd7516dfb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 12:30:04 +0100 Subject: Remove a pointless static variable --- source3/lib/display_sec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c index a0d93d6fe7..636639c11d 100644 --- a/source3/lib/display_sec.c +++ b/source3/lib/display_sec.c @@ -240,7 +240,7 @@ void display_sec_acl(SEC_ACL *sec_acl) void display_acl_type(uint16 type) { - static fstring typestr=""; + fstring typestr=""; typestr[0] = 0; -- cgit From 31f157a04b2f26537c9da4aa39bdcdde7b41e64b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 13:11:41 +0100 Subject: Move 128 bytes from the data to the text segment --- source3/include/smb_macros.h | 2 +- source3/lib/util_str.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 119ceeb158..5149da0cb3 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -333,7 +333,7 @@ do { \ /* Warning - this must only be called with 0 <= c < 128. IT WILL * GIVE GARBAGE if c > 128 or c < 0. JRA. */ -extern char toupper_ascii_fast_table[]; +extern const char toupper_ascii_fast_table[]; #define toupper_ascii_fast(c) toupper_ascii_fast_table[(unsigned int)(c)]; #endif diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index fde4f825e8..9358061797 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -24,7 +24,7 @@ #include "includes.h" -char toupper_ascii_fast_table[128] = { +const char toupper_ascii_fast_table[128] = { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xa, 0xb, 0xc, 0xd, 0xe, 0xf, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, -- cgit From daeb3a190d16a5bc05be63b2b136ebe65d6f6cf7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Dec 2008 13:06:19 +0100 Subject: Remove the global "cmdline_auth_info" from source3/lib/util.c This involves changing all our clients, that's why it's so large. --- source3/client/client.c | 40 +++++++---- source3/include/proto.h | 41 +++++++----- source3/lib/popt_common.c | 59 +++++++++++------ source3/lib/util.c | 143 +++++++++++++++++++++++----------------- source3/librpc/rpc/dcerpc.c | 6 ++ source3/libsmb/clidfs.c | 13 ++-- source3/libsmb/libsmb_context.c | 18 +++-- source3/rpcclient/cmd_spoolss.c | 10 +-- source3/rpcclient/rpcclient.c | 50 ++++++++------ source3/utils/smbcacls.c | 34 ++++++---- source3/utils/smbcquotas.c | 32 +++++---- source3/utils/smbtree.c | 22 ++++--- 12 files changed, 284 insertions(+), 184 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index da789161c9..c88b918dc8 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -218,13 +218,12 @@ static int readfile(char *b, int n, XFILE *f) Send a message. ****************************************************************************/ -static void send_message(void) +static void send_message(const char *username) { int total_len = 0; int grp_id; - if (!cli_message_start(cli, desthost, - get_cmdline_auth_info_username(), &grp_id)) { + if (!cli_message_start(cli, desthost, username, &grp_id)) { d_printf("message start: %s\n", cli_errstr(cli)); return; } @@ -4607,7 +4606,7 @@ static int do_tar_op(const char *base_directory) Handle a message operation. ****************************************************************************/ -static int do_message_op(void) +static int do_message_op(struct user_auth_info *auth_info) { struct sockaddr_storage ss; struct nmb_name called, calling; @@ -4648,7 +4647,7 @@ static int do_message_op(void) return 1; } - send_message(); + send_message(get_cmdline_auth_info_username(auth_info)); cli_cm_shutdown(); return 0; @@ -4695,6 +4694,7 @@ static int do_message_op(void) POPT_TABLEEND }; TALLOC_CTX *frame = talloc_stackframe(); + struct user_auth_info *auth_info; if (!client_set_cur_dir("\\")) { exit(ENOMEM); @@ -4724,6 +4724,12 @@ static int do_message_op(void) load_case_tables(); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + /* skip argv(0) */ pc = poptGetContext("smbclient", argc, (const char **) argv, long_options, 0); poptSetOtherOptionHelp(pc, "service "); @@ -4751,8 +4757,11 @@ static int do_message_op(void) } /* if the service has already been retrieved then check if we have also a password */ - if (service_opt && (!get_cmdline_auth_info_got_pass()) && poptPeekArg(pc)) { - set_cmdline_auth_info_password(poptGetArg(pc)); + if (service_opt + && (!get_cmdline_auth_info_got_pass(auth_info)) + && poptPeekArg(pc)) { + set_cmdline_auth_info_password(auth_info, + poptGetArg(pc)); } switch (opt) { @@ -4858,8 +4867,11 @@ static int do_message_op(void) } /* if the service has already been retrieved then check if we have also a password */ - if (service_opt && !get_cmdline_auth_info_got_pass() && poptPeekArg(pc)) { - set_cmdline_auth_info_password(poptGetArg(pc)); + if (service_opt + && !get_cmdline_auth_info_got_pass(auth_info) + && poptPeekArg(pc)) { + set_cmdline_auth_info_password(auth_info, + poptGetArg(pc)); } /* check for the -P option */ @@ -4893,8 +4905,8 @@ static int do_message_op(void) argv[0], get_dyn_CONFIGFILE()); } - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { exit(-1); } @@ -4929,7 +4941,7 @@ static int do_message_op(void) calling_name = talloc_strdup(frame, global_myname() ); } - smb_encrypt = get_cmdline_auth_info_smb_encrypt(); + smb_encrypt = get_cmdline_auth_info_smb_encrypt(auth_info); if (!init_names()) { fprintf(stderr, "init_names() failed\n"); exit(1); @@ -4947,7 +4959,7 @@ static int do_message_op(void) /* Store the username and password for dfs support */ - cli_cm_set_credentials(); + cli_cm_set_credentials(auth_info); DEBUG(3,("Client started (version %s).\n", SAMBA_VERSION_STRING)); @@ -4980,7 +4992,7 @@ static int do_message_op(void) } if (message) { - return do_message_op(); + return do_message_op(auth_info); } if (process(base_directory)) { diff --git a/source3/include/proto.h b/source3/include/proto.h index 69194ec6b2..2a8f83847f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -637,6 +637,7 @@ void pidfile_create(const char *program_name); /* The following definitions come from lib/popt_common.c */ +void popt_common_set_auth_info(struct user_auth_info *auth_info); /* The following definitions come from lib/privileges.c */ @@ -1139,22 +1140,28 @@ void gfree_all( void ); const char *my_netbios_names(int i); bool set_netbios_aliases(const char **str_array); bool init_names(void); -const char *get_cmdline_auth_info_username(void); -void set_cmdline_auth_info_username(const char *username); -const char *get_cmdline_auth_info_password(void); -void set_cmdline_auth_info_password(const char *password); -bool set_cmdline_auth_info_signing_state(const char *arg); -int get_cmdline_auth_info_signing_state(void); -void set_cmdline_auth_info_use_kerberos(bool b); -bool get_cmdline_auth_info_use_kerberos(void); -void set_cmdline_auth_info_use_krb5_ticket(void); -void set_cmdline_auth_info_smb_encrypt(void); -void set_cmdline_auth_info_use_machine_account(void); -bool get_cmdline_auth_info_got_pass(void); -bool get_cmdline_auth_info_smb_encrypt(void); -bool get_cmdline_auth_info_use_machine_account(void); -bool get_cmdline_auth_info_copy(struct user_auth_info *info); -bool set_cmdline_auth_info_machine_account_creds(void); +struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx); +const char *get_cmdline_auth_info_username(struct user_auth_info *auth_info); +void set_cmdline_auth_info_username(struct user_auth_info *auth_info, + const char *username); +void set_cmdline_auth_info_password(struct user_auth_info *auth_info, + const char *password); +const char *get_cmdline_auth_info_password(struct user_auth_info *auth_info); +bool set_cmdline_auth_info_signing_state(struct user_auth_info *auth_info, + const char *arg); +int get_cmdline_auth_info_signing_state(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info, + bool b); +bool get_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info); +void set_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info); +void set_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_got_pass(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info); +bool get_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info); +struct user_auth_info *get_cmdline_auth_info_copy(TALLOC_CTX *mem_ctx, + struct user_auth_info *info); +bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info); bool add_gid_to_array_unique(TALLOC_CTX *mem_ctx, gid_t gid, gid_t **gids, size_t *num_gids); const char *get_numlist(const char *p, uint32 **num, int *count); @@ -2419,7 +2426,7 @@ struct cli_state *cli_cm_open(TALLOC_CTX *ctx, bool force_encrypt); void cli_cm_shutdown(void); void cli_cm_display(void); -void cli_cm_set_credentials(void); +void cli_cm_set_credentials(struct user_auth_info *auth_info); void cli_cm_set_port(int port_number); void cli_cm_set_dest_name_type(int type); void cli_cm_set_signing_state(int state); diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 9e67c5257d..cad14ec493 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -318,7 +318,7 @@ const struct poptOption popt_common_dynconfig[] = { * exit on failure * ****************************************************************************/ -static void get_password_file(void) +static void get_password_file(struct user_auth_info *auth_info) { int fd = -1; char *p; @@ -377,13 +377,14 @@ static void get_password_file(void) } SAFE_FREE(spec); - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); if (close_it) { close(fd); } } -static void get_credentials_file(const char *file) +static void get_credentials_file(struct user_auth_info *auth_info, + const char *file) { XFILE *auth; fstring buf; @@ -426,9 +427,9 @@ static void get_credentials_file(const char *file) val++; if (strwicmp("password", param) == 0) { - set_cmdline_auth_info_password(val); + set_cmdline_auth_info_password(auth_info, val); } else if (strwicmp("username", param) == 0) { - set_cmdline_auth_info_username(val); + set_cmdline_auth_info_username(auth_info, val); } else if (strwicmp("domain", param) == 0) { set_global_myworkgroup(val); } @@ -453,13 +454,16 @@ static void popt_common_credentials_callback(poptContext con, const struct poptOption *opt, const char *arg, const void *data) { + struct user_auth_info *auth_info = talloc_get_type_abort( + *((const char **)data), struct user_auth_info); char *p; if (reason == POPT_CALLBACK_REASON_PRE) { - set_cmdline_auth_info_username("GUEST"); + set_cmdline_auth_info_username(auth_info, "GUEST"); if (getenv("LOGNAME")) { - set_cmdline_auth_info_username(getenv("LOGNAME")); + set_cmdline_auth_info_username(auth_info, + getenv("LOGNAME")); } if (getenv("USER")) { @@ -467,24 +471,25 @@ static void popt_common_credentials_callback(poptContext con, if (!puser) { exit(ENOMEM); } - set_cmdline_auth_info_username(puser); + set_cmdline_auth_info_username(auth_info, puser); if ((p = strchr_m(puser,'%'))) { size_t len; *p = 0; len = strlen(p+1); - set_cmdline_auth_info_password(p+1); + set_cmdline_auth_info_password(auth_info, p+1); memset(strchr_m(getenv("USER"),'%')+1,'X',len); } SAFE_FREE(puser); } if (getenv("PASSWD")) { - set_cmdline_auth_info_password(getenv("PASSWD")); + set_cmdline_auth_info_password(auth_info, + getenv("PASSWD")); } if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) { - get_password_file(); + get_password_file(auth_info); } return; @@ -499,19 +504,22 @@ static void popt_common_credentials_callback(poptContext con, if ((lp=strchr_m(puser,'%'))) { size_t len; *lp = 0; - set_cmdline_auth_info_username(puser); - set_cmdline_auth_info_password(lp+1); + set_cmdline_auth_info_username(auth_info, + puser); + set_cmdline_auth_info_password(auth_info, + lp+1); len = strlen(lp+1); memset(strchr_m(arg,'%')+1,'X',len); } else { - set_cmdline_auth_info_username(puser); + set_cmdline_auth_info_username(auth_info, + puser); } SAFE_FREE(puser); } break; case 'A': - get_credentials_file(arg); + get_credentials_file(auth_info, arg); break; case 'k': @@ -519,31 +527,40 @@ static void popt_common_credentials_callback(poptContext con, d_printf("No kerberos support compiled in\n"); exit(1); #else - set_cmdline_auth_info_use_krb5_ticket(); + set_cmdline_auth_info_use_krb5_ticket(auth_info); #endif break; case 'S': - if (!set_cmdline_auth_info_signing_state(arg)) { + if (!set_cmdline_auth_info_signing_state(auth_info, arg)) { fprintf(stderr, "Unknown signing option %s\n", arg ); exit(1); } break; case 'P': - set_cmdline_auth_info_use_machine_account(); + set_cmdline_auth_info_use_machine_account(auth_info); break; case 'N': - set_cmdline_auth_info_password(""); + set_cmdline_auth_info_password(auth_info, ""); break; case 'e': - set_cmdline_auth_info_smb_encrypt(); + set_cmdline_auth_info_smb_encrypt(auth_info); break; } } +static struct user_auth_info *global_auth_info; + +void popt_common_set_auth_info(struct user_auth_info *auth_info) +{ + global_auth_info = auth_info; +} + struct poptOption popt_common_credentials[] = { - { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_credentials_callback }, + { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, + (void *)popt_common_credentials_callback, 0, + (const char *)&global_auth_info }, { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" }, { "no-pass", 'N', POPT_ARG_NONE, NULL, 'N', "Don't ask for a password" }, { "kerberos", 'k', POPT_ARG_NONE, NULL, 'k', "Use kerberos (active directory) authentication" }, diff --git a/source3/lib/util.c b/source3/lib/util.c index 074b523ae0..dd23d547b5 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -280,135 +280,154 @@ bool init_names(void) Used mainly in client tools. ****************************************************************************/ -static struct user_auth_info cmdline_auth_info = { - NULL, /* username */ - NULL, /* password */ - false, /* got_pass */ - false, /* use_kerberos */ - Undefined, /* signing state */ - false, /* smb_encrypt */ - false /* use machine account */ -}; - -const char *get_cmdline_auth_info_username(void) -{ - if (!cmdline_auth_info.username) { +struct user_auth_info *user_auth_info_init(TALLOC_CTX *mem_ctx) +{ + struct user_auth_info *result; + + result = TALLOC_ZERO_P(mem_ctx, struct user_auth_info); + if (result == NULL) { + return NULL; + } + + result->signing_state = Undefined; + return result; +} + +const char *get_cmdline_auth_info_username(struct user_auth_info *auth_info) +{ + if (!auth_info->username) { return ""; } - return cmdline_auth_info.username; + return auth_info->username; } -void set_cmdline_auth_info_username(const char *username) +void set_cmdline_auth_info_username(struct user_auth_info *auth_info, + const char *username) { - SAFE_FREE(cmdline_auth_info.username); - cmdline_auth_info.username = SMB_STRDUP(username); - if (!cmdline_auth_info.username) { + TALLOC_FREE(auth_info->username); + auth_info->username = talloc_strdup(auth_info, username); + if (!auth_info->username) { exit(ENOMEM); } } -const char *get_cmdline_auth_info_password(void) +const char *get_cmdline_auth_info_password(struct user_auth_info *auth_info) { - if (!cmdline_auth_info.password) { + if (!auth_info->password) { return ""; } - return cmdline_auth_info.password; + return auth_info->password; } -void set_cmdline_auth_info_password(const char *password) +void set_cmdline_auth_info_password(struct user_auth_info *auth_info, + const char *password) { - SAFE_FREE(cmdline_auth_info.password); - cmdline_auth_info.password = SMB_STRDUP(password); - if (!cmdline_auth_info.password) { + TALLOC_FREE(auth_info->password); + auth_info->password = talloc_strdup(auth_info, password); + if (!auth_info->password) { exit(ENOMEM); } - cmdline_auth_info.got_pass = true; + auth_info->got_pass = true; } -bool set_cmdline_auth_info_signing_state(const char *arg) +bool set_cmdline_auth_info_signing_state(struct user_auth_info *auth_info, + const char *arg) { - cmdline_auth_info.signing_state = -1; + auth_info->signing_state = -1; if (strequal(arg, "off") || strequal(arg, "no") || strequal(arg, "false")) { - cmdline_auth_info.signing_state = false; + auth_info->signing_state = false; } else if (strequal(arg, "on") || strequal(arg, "yes") || strequal(arg, "true") || strequal(arg, "auto")) { - cmdline_auth_info.signing_state = true; + auth_info->signing_state = true; } else if (strequal(arg, "force") || strequal(arg, "required") || strequal(arg, "forced")) { - cmdline_auth_info.signing_state = Required; + auth_info->signing_state = Required; } else { return false; } return true; } -int get_cmdline_auth_info_signing_state(void) +int get_cmdline_auth_info_signing_state(struct user_auth_info *auth_info) { - return cmdline_auth_info.signing_state; + return auth_info->signing_state; } -void set_cmdline_auth_info_use_kerberos(bool b) +void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info, + bool b) { - cmdline_auth_info.use_kerberos = b; + auth_info->use_kerberos = b; } -bool get_cmdline_auth_info_use_kerberos(void) +bool get_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info) { - return cmdline_auth_info.use_kerberos; + return auth_info->use_kerberos; } /* This should only be used by lib/popt_common.c JRA */ -void set_cmdline_auth_info_use_krb5_ticket(void) +void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info) { - cmdline_auth_info.use_kerberos = true; - cmdline_auth_info.got_pass = true; + auth_info->use_kerberos = true; + auth_info->got_pass = true; } /* This should only be used by lib/popt_common.c JRA */ -void set_cmdline_auth_info_smb_encrypt(void) +void set_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info) { - cmdline_auth_info.smb_encrypt = true; + auth_info->smb_encrypt = true; } -void set_cmdline_auth_info_use_machine_account(void) +void set_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info) { - cmdline_auth_info.use_machine_account = true; + auth_info->use_machine_account = true; } -bool get_cmdline_auth_info_got_pass(void) +bool get_cmdline_auth_info_got_pass(struct user_auth_info *auth_info) { - return cmdline_auth_info.got_pass; + return auth_info->got_pass; } -bool get_cmdline_auth_info_smb_encrypt(void) +bool get_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info) { - return cmdline_auth_info.smb_encrypt; + return auth_info->smb_encrypt; } -bool get_cmdline_auth_info_use_machine_account(void) +bool get_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info) { - return cmdline_auth_info.use_machine_account; + return auth_info->use_machine_account; } -bool get_cmdline_auth_info_copy(struct user_auth_info *info) +struct user_auth_info *get_cmdline_auth_info_copy(TALLOC_CTX *mem_ctx, + struct user_auth_info *src) { - *info = cmdline_auth_info; - /* Now re-alloc the strings. */ - info->username = SMB_STRDUP(get_cmdline_auth_info_username()); - info->password = SMB_STRDUP(get_cmdline_auth_info_password()); - if (!info->username || !info->password) { - return false; + struct user_auth_info *result; + + result = user_auth_info_init(mem_ctx); + if (result == NULL) { + return NULL; } - return true; + + *result = *src; + + result->username = talloc_strdup( + result, get_cmdline_auth_info_username(src)); + result->password = talloc_strdup( + result, get_cmdline_auth_info_password(src)); + if ((result->username == NULL) || (result->password == NULL)) { + TALLOC_FREE(result); + return NULL; + } + + return result; } -bool set_cmdline_auth_info_machine_account_creds(void) +bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info) { char *pass = NULL; char *account = NULL; - if (!get_cmdline_auth_info_use_machine_account()) { + if (!get_cmdline_auth_info_use_machine_account(auth_info)) { return false; } @@ -430,8 +449,8 @@ bool set_cmdline_auth_info_machine_account_creds(void) return false; } - set_cmdline_auth_info_username(account); - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_username(auth_info, account); + set_cmdline_auth_info_password(auth_info, pass); SAFE_FREE(account); SAFE_FREE(pass); diff --git a/source3/librpc/rpc/dcerpc.c b/source3/librpc/rpc/dcerpc.c index 77bb7b33a2..69bfc6f329 100644 --- a/source3/librpc/rpc/dcerpc.c +++ b/source3/librpc/rpc/dcerpc.c @@ -117,6 +117,10 @@ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req) return NT_STATUS_OK; } +#if 0 + +Completely unfinished and unused -- vl :-) + /** * Connect to a DCE/RPC interface. * @@ -178,3 +182,5 @@ _PUBLIC_ NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx, struct dcerpc_pipe return nt_status; } + +#endif diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 35922b13e9..f0ac39fed0 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -471,18 +471,19 @@ static void cm_set_password(const char *newpass) /**************************************************************************** ****************************************************************************/ -void cli_cm_set_credentials(void) +void cli_cm_set_credentials(struct user_auth_info *auth_info) { SAFE_FREE(cm_creds.username); - cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username()); + cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username( + auth_info)); - if (get_cmdline_auth_info_got_pass()) { - cm_set_password(get_cmdline_auth_info_password()); + if (get_cmdline_auth_info_got_pass(auth_info)) { + cm_set_password(get_cmdline_auth_info_password(auth_info)); } - cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos(); + cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info); cm_creds.fallback_after_kerberos = false; - cm_creds.signing_state = get_cmdline_auth_info_signing_state(); + cm_creds.signing_state = get_cmdline_auth_info_signing_state(auth_info); } /**************************************************************************** diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c index 19843383de..becee17f65 100644 --- a/source3/libsmb/libsmb_context.c +++ b/source3/libsmb/libsmb_context.c @@ -633,13 +633,19 @@ smbc_set_credentials(char *workgroup, smbc_bool use_kerberos, char *signing_state) { - - set_cmdline_auth_info_username(user); - set_cmdline_auth_info_password(password); - set_cmdline_auth_info_use_kerberos(use_kerberos); - if (! set_cmdline_auth_info_signing_state(signing_state)) { + struct user_auth_info *auth_info; + + auth_info = user_auth_info_init(talloc_tos()); + if (auth_info == NULL) { + return; + } + set_cmdline_auth_info_username(auth_info, user); + set_cmdline_auth_info_password(auth_info, password); + set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos); + if (! set_cmdline_auth_info_signing_state(auth_info, signing_state)) { DEBUG(0, ("Invalid signing state: %s", signing_state)); } set_global_myworkgroup(workgroup); - cli_cm_set_credentials(); + cli_cm_set_credentials(auth_info); + TALLOC_FREE(auth_info); } diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 26a73203b9..038acfbcdc 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -2641,6 +2641,8 @@ done: /**************************************************************************** ****************************************************************************/ +extern struct user_auth_info *rpcclient_auth_info; + static WERROR cmd_spoolss_printercmp(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2671,11 +2673,11 @@ static WERROR cmd_spoolss_printercmp(struct rpc_pipe_client *cli, nt_status = cli_full_connection(&cli_server2, global_myname(), servername2, NULL, 0, "IPC$", "IPC", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(rpcclient_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), - get_cmdline_auth_info_use_kerberos() ? CLI_FULL_CONNECTION_USE_KERBEROS : 0, - get_cmdline_auth_info_signing_state(), NULL); + get_cmdline_auth_info_password(rpcclient_auth_info), + get_cmdline_auth_info_use_kerberos(rpcclient_auth_info) ? CLI_FULL_CONNECTION_USE_KERBEROS : 0, + get_cmdline_auth_info_signing_state(rpcclient_auth_info), NULL); if ( !NT_STATUS_IS_OK(nt_status) ) return WERR_GENERAL_FAILURE; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index e8ffddb6dc..dc125007e3 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -28,6 +28,8 @@ static enum pipe_auth_type pipe_default_auth_type = PIPE_AUTH_TYPE_NONE; static enum pipe_auth_level pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE; static unsigned int timeout = 0; +struct user_auth_info *rpcclient_auth_info; + /* List to hold groups of commands. * * Commands are defined in a list of arrays: arrays are easy to @@ -560,6 +562,7 @@ static void add_command_set(struct cmd_set *cmd_set) * @param cmd Command to run, as a single string. **/ static NTSTATUS do_cmd(struct cli_state *cli, + struct user_auth_info *auth_info, struct cmd_set *cmd_entry, int argc, char **argv) { @@ -589,8 +592,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, cli, cmd_entry->interface, pipe_default_auth_level, lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_NTLMSSP: @@ -598,8 +601,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, cli, cmd_entry->interface, pipe_default_auth_level, lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_SCHANNEL: @@ -687,7 +690,8 @@ static NTSTATUS do_cmd(struct cli_state *cli, * * @returns The NTSTATUS from running the command. **/ -static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) +static NTSTATUS process_cmd(struct user_auth_info *auth_info, + struct cli_state *cli, char *cmd) { struct cmd_list *temp_list; NTSTATUS result = NT_STATUS_OK; @@ -713,7 +717,8 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) goto out_free; } - result = do_cmd(cli, temp_set, argc, argv); + result = do_cmd(cli, auth_info, temp_set, + argc, argv); goto out_free; } @@ -784,6 +789,12 @@ out_free: facilities. See lib/debug.c */ setup_logging("rpcclient", True); + rpcclient_auth_info = user_auth_info_init(frame); + if (rpcclient_auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(rpcclient_auth_info); + /* Parse options */ pc = poptGetContext("rpcclient", argc, (const char **) argv, @@ -850,16 +861,16 @@ out_free: * from stdin if necessary */ - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(rpcclient_auth_info) && + !set_cmdline_auth_info_machine_account_creds(rpcclient_auth_info)) { result = 1; goto done; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(rpcclient_auth_info)) { char *pass = getpass("Password:"); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(rpcclient_auth_info, pass); } } @@ -868,7 +879,7 @@ out_free: server += 2; } - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } @@ -877,11 +888,12 @@ out_free: nt_status = cli_full_connection(&cli, global_myname(), server, opt_ipaddr ? &server_ss : NULL, opt_port, "IPC$", "IPC", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(rpcclient_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(rpcclient_auth_info), flags, - get_cmdline_auth_info_signing_state(),NULL); + get_cmdline_auth_info_signing_state(rpcclient_auth_info), + NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status))); @@ -889,10 +901,10 @@ out_free: goto done; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(rpcclient_auth_info)) { nt_status = cli_cm_force_encryption(cli, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(rpcclient_auth_info), + get_cmdline_auth_info_password(rpcclient_auth_info), lp_workgroup(), "IPC$"); if (!NT_STATUS_IS_OK(nt_status)) { @@ -927,7 +939,7 @@ out_free: result = 0; while((cmd=next_command(&p)) != NULL) { - NTSTATUS cmd_result = process_cmd(cli, cmd); + NTSTATUS cmd_result = process_cmd(rpcclient_auth_info, cli, cmd); SAFE_FREE(cmd); result = NT_STATUS_IS_ERR(cmd_result); } @@ -946,7 +958,7 @@ out_free: break; if (line[0] != '\n') - process_cmd(cli, line); + process_cmd(rpcclient_auth_info, cli, line); SAFE_FREE(line); } diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index f7f1272215..f07b5011c8 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -951,7 +951,8 @@ static int cacl_set(struct cli_state *cli, char *filename, /***************************************************** Return a connection to a server. *******************************************************/ -static struct cli_state *connect_one(const char *server, const char *share) +static struct cli_state *connect_one(struct user_auth_info *auth_info, + const char *server, const char *share) { struct cli_state *c = NULL; struct sockaddr_storage ss; @@ -960,41 +961,41 @@ static struct cli_state *connect_one(const char *server, const char *share) zero_sockaddr(&ss); - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { return NULL; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); } } nt_status = cli_full_connection(&c, global_myname(), server, &ss, 0, share, "?????", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(auth_info), flags, - get_cmdline_auth_info_signing_state(), + get_cmdline_auth_info_signing_state(auth_info), NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(auth_info)) { nt_status = cli_cm_force_encryption(c, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(auth_info), + get_cmdline_auth_info_password(auth_info), lp_workgroup(), share); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1040,6 +1041,7 @@ static struct cli_state *connect_one(const char *server, const char *share) TALLOC_CTX *frame = talloc_stackframe(); const char *owner_username = ""; char *server; + struct user_auth_info *auth_info; load_case_tables(); @@ -1055,6 +1057,12 @@ static struct cli_state *connect_one(const char *server, const char *share) lp_load(get_dyn_CONFIGFILE(),True,False,False,True); load_interfaces(); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + pc = poptGetContext("smbcacls", argc, argv, long_options, 0); poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: " @@ -1131,7 +1139,7 @@ static struct cli_state *connect_one(const char *server, const char *share) share++; if (!test_args) { - cli = connect_one(server, share); + cli = connect_one(auth_info, server, share); if (!cli) { exit(EXIT_FAILED); } diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 8938cc5e65..a95394b125 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -37,6 +37,7 @@ static struct cli_state *cli_ipc; static struct rpc_pipe_client *global_pipe_hnd; static POLICY_HND pol; static bool got_policy_hnd; +static struct user_auth_info *smbcquotas_auth_info; static struct cli_state *connect_one(const char *share); @@ -373,42 +374,42 @@ static struct cli_state *connect_one(const char *share) zero_sockaddr(&ss); - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) && + !set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) { return NULL; } - if (get_cmdline_auth_info_use_kerberos()) { + if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(smbcquotas_auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(smbcquotas_auth_info, pass); } } nt_status = cli_full_connection(&c, global_myname(), server, &ss, 0, share, "?????", - get_cmdline_auth_info_username(), + get_cmdline_auth_info_username(smbcquotas_auth_info), lp_workgroup(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_password(smbcquotas_auth_info), flags, - get_cmdline_auth_info_signing_state(), + get_cmdline_auth_info_signing_state(smbcquotas_auth_info), NULL); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } - if (get_cmdline_auth_info_smb_encrypt()) { + if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) { nt_status = cli_cm_force_encryption(c, - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), + get_cmdline_auth_info_username(smbcquotas_auth_info), + get_cmdline_auth_info_password(smbcquotas_auth_info), lp_workgroup(), share); if (!NT_STATUS_IS_OK(nt_status)) { @@ -475,6 +476,12 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" }, lp_load(get_dyn_CONFIGFILE(),True,False,False,True); load_interfaces(); + smbcquotas_auth_info = user_auth_info_init(frame); + if (smbcquotas_auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(smbcquotas_auth_info); + pc = poptGetContext("smbcquotas", argc, argv, long_options, 0); poptSetOtherOptionHelp(pc, "//server1/share1"); @@ -537,7 +544,8 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" }, todo = USER_QUOTA; if (!fix_user) { - username_str = talloc_strdup(frame, get_cmdline_auth_info_username()); + username_str = talloc_strdup( + frame, get_cmdline_auth_info_username(smbcquotas_auth_info)); if (!username_str) { exit(EXIT_PARSE_ERROR); } diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c index 9fc02bac13..6c69300e85 100644 --- a/source3/utils/smbtree.c +++ b/source3/utils/smbtree.c @@ -272,7 +272,7 @@ static bool print_tree(struct user_auth_info *user_info) int main(int argc,char *argv[]) { TALLOC_CTX *frame = talloc_stackframe(); - struct user_auth_info local_auth_info; + struct user_auth_info *auth_info; struct poptOption long_options[] = { POPT_AUTOHELP { "broadcast", 'b', POPT_ARG_VAL, &use_bcast, True, "Use broadcast instead of using the master browser" }, @@ -293,6 +293,12 @@ static bool print_tree(struct user_auth_info *user_info) setup_logging(argv[0],True); + auth_info = user_auth_info_init(frame); + if (auth_info == NULL) { + exit(1); + } + popt_common_set_auth_info(auth_info); + pc = poptGetContext("smbtree", argc, (const char **)argv, long_options, POPT_CONTEXT_KEEP_FIRST); while(poptGetNextOpt(pc) != -1); @@ -303,26 +309,22 @@ static bool print_tree(struct user_auth_info *user_info) /* Parse command line args */ - if (get_cmdline_auth_info_use_machine_account() && - !set_cmdline_auth_info_machine_account_creds()) { + if (get_cmdline_auth_info_use_machine_account(auth_info) && + !set_cmdline_auth_info_machine_account_creds(auth_info)) { TALLOC_FREE(frame); return 1; } - if (!get_cmdline_auth_info_got_pass()) { + if (!get_cmdline_auth_info_got_pass(auth_info)) { char *pass = getpass("Password: "); if (pass) { - set_cmdline_auth_info_password(pass); + set_cmdline_auth_info_password(auth_info, pass); } } /* Now do our stuff */ - if (!get_cmdline_auth_info_copy(&local_auth_info)) { - return 1; - } - - if (!print_tree(&local_auth_info)) { + if (!print_tree(auth_info)) { TALLOC_FREE(frame); return 1; } -- cgit From 1e419cd31bea64c664c36dee10fa9e843b6f76d6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 14 Dec 2008 19:08:22 +0100 Subject: Rename ldap.h to ldap-util.h to avoid clashing with the system ldap.h --- source4/headermap.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/headermap.txt b/source4/headermap.txt index b6edaac414..c906282a31 100644 --- a/source4/headermap.txt +++ b/source4/headermap.txt @@ -50,7 +50,7 @@ rpc_server/dcerpc_server.h: dcerpc_server.h rpc_server/common/common.h: dcerpc_server/common.h libcli/auth/credentials.h: domain_credentials.h ../lib/util/charset/charset.h: charset.h -libcli/ldap/ldap.h: ldap.h +libcli/ldap/ldap.h: ldap-util.h ../lib/torture/torture.h: torture.h libcli/libcli.h: client.h librpc/gen_ndr/nbt.h: gen_ndr/nbt.h -- cgit From 07a21dbfa5b9dc3cc6fa7417b64e4963f111fe1a Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 11:32:45 +0100 Subject: s3:fix build of pam_winbind.so on older Linux systems. Older pam implementations on Linux define PAM_AUTHTOK_RECOVER_ERR instead of PAM_AUTHTOK_RECOVERY_ERR. We have always defined and are using PAM_AUTHTOK_RECOVER_ERR in all other places. Michael --- source3/nsswitch/pam_winbind.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index be22ff3f5e..d049bdb1e7 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -93,8 +93,8 @@ static const char *_pam_error_code_str(int err) return "PAM_CONV_ERR"; case PAM_AUTHTOK_ERR: return "PAM_AUTHTOK_ERR"; - case PAM_AUTHTOK_RECOVERY_ERR: - return "PAM_AUTHTOK_RECOVERY_ERR"; + case PAM_AUTHTOK_RECOVER_ERR: + return "PAM_AUTHTOK_RECOVER_ERR"; case PAM_AUTHTOK_LOCK_BUSY: return "PAM_AUTHTOK_LOCK_BUSY"; case PAM_AUTHTOK_DISABLE_AGING: -- cgit From 606abdceacfcad19735cd80f59aad975a9e97b7c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 13:33:24 +0100 Subject: s3:loadparm: fix newly introduced leading whitespaces to tabs Michael --- source3/param/loadparm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 7e7a1e505e..c74246c98e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -425,7 +425,7 @@ struct service { bool bHideUnReadable; bool bHideUnWriteableFiles; bool bBrowseable; - bool bAccessBasedShareEnum; + bool bAccessBasedShareEnum; bool bAvailable; bool bRead_only; bool bNo_set_dir; @@ -569,7 +569,7 @@ static struct service sDefault = { False, /* bHideUnReadable */ False, /* bHideUnWriteableFiles */ True, /* bBrowseable */ - False, /* bAccessBasedShareEnum */ + False, /* bAccessBasedShareEnum */ True, /* bAvailable */ True, /* bRead_only */ True, /* bNo_set_dir */ -- cgit From 91c543f0b5a539da4194f14dee8cad0f980a117e Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:16:06 +0100 Subject: s3:loadparm: rename lp_local_ptr() to lp_local_ptr_by_snum() Michael --- source3/include/proto.h | 2 +- source3/param/loadparm.c | 6 +++--- source3/web/swat.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 2a8f83847f..9d86f16e69 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4260,7 +4260,7 @@ const char *lp_ldap_machine_suffix(void); const char *lp_ldap_user_suffix(void); const char *lp_ldap_group_suffix(void); const char *lp_ldap_idmap_suffix(void); -void *lp_local_ptr(int snum, void *ptr); +void *lp_local_ptr_by_snum(int snum, void *ptr); bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue); void init_locals(void); bool lp_is_default(int snum, struct parm_struct *parm); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c74246c98e..3600266310 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4599,7 +4599,7 @@ static void free_parameter(int snum, struct parm_struct parm) } else if (parm.p_class != P_LOCAL) { return; } else { - parm_ptr = lp_local_ptr(snum, parm.ptr); + parm_ptr = lp_local_ptr_by_snum(snum, parm.ptr); } if ((parm.type == P_STRING) || @@ -7171,7 +7171,7 @@ static void init_copymap(struct service *pservice) pointer into the default structure. ***************************************************************************/ -void *lp_local_ptr(int snum, void *ptr) +void *lp_local_ptr_by_snum(int snum, void *ptr) { return (void *)(((char *)ServicePtrs[snum]) + PTR_DIFF(ptr, &sDefault)); } @@ -7225,7 +7225,7 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue pszParmName)); return (True); } - parm_ptr = lp_local_ptr(snum, def_ptr); + parm_ptr = lp_local_ptr_by_snum(snum, def_ptr); } if (snum >= 0) { diff --git a/source3/web/swat.c b/source3/web/swat.c index 27c4b54e2f..b729e3b241 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -232,7 +232,7 @@ static void show_parameter(int snum, struct parm_struct *parm) TALLOC_CTX *ctx = talloc_stackframe(); if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr(snum, ptr); + ptr = lp_local_ptr_by_snum(snum, ptr); } printf("%s", get_parm_translated(ctx, @@ -375,7 +375,7 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte void *ptr = parm->ptr; if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr(snum, ptr); + ptr = lp_local_ptr_by_snum(snum, ptr); } switch (parm->type) { -- cgit From 6244194265f7f1027c16664b2701ce114435a59b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:20:16 +0100 Subject: s3:loadparm: add lp_local_ptr() that operates on a service struct and use this in lp_local_ptr_by_snum(). Michael --- source3/param/loadparm.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 3600266310..43fd9d9d3a 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -671,6 +671,8 @@ static void set_server_role(void); static void set_default_server_announce_type(void); static void set_allowed_client_auth(void); +static void *lp_local_ptr(struct service *service, void *ptr); + static const struct enum_list enum_protocol[] = { {PROTOCOL_NT1, "NT1"}, {PROTOCOL_LANMAN2, "LANMAN2"}, @@ -7166,6 +7168,16 @@ static void init_copymap(struct service *pservice) bitmap_set(pservice->copymap, i); } +/*************************************************************************** + Return the local pointer to a parameter given a service struct and the + pointer into the default structure. +***************************************************************************/ + +static void *lp_local_ptr(struct service *service, void *ptr) +{ + return (void *)(((char *)service) + PTR_DIFF(ptr, &sDefault)); +} + /*************************************************************************** Return the local pointer to a parameter given the service number and the pointer into the default structure. @@ -7173,7 +7185,7 @@ static void init_copymap(struct service *pservice) void *lp_local_ptr_by_snum(int snum, void *ptr) { - return (void *)(((char *)ServicePtrs[snum]) + PTR_DIFF(ptr, &sDefault)); + return lp_local_ptr(ServicePtrs[snum], ptr); } /*************************************************************************** -- cgit From 0b0dc506d4b709b6373a19795276351285679eb3 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:28:03 +0100 Subject: s3:loadparm: rename free_parameter() to free_one_parameter_by_snum() Michael --- source3/param/loadparm.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 43fd9d9d3a..580136446b 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4585,10 +4585,12 @@ static void init_printer_values(struct service *pService) } } + /** - * Free the allocated data for one parameter for a given share. + * Free the allocated data for one parameter for a given share + * specified by an snum. */ -static void free_parameter(int snum, struct parm_struct parm) +static void free_one_parameter_by_snum(int snum, struct parm_struct parm) { void *parm_ptr; @@ -4621,7 +4623,7 @@ static void free_parameters(int snum) uint32_t i; for (i=0; parm_table[i].label; i++) { - free_parameter(snum, parm_table[i]); + free_one_parameter_by_snum(snum, parm_table[i]); } } -- cgit From 03f19dad795c247878918de95a8c1f63ec259d13 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:29:34 +0100 Subject: s3:loadparm: rename free_parameters() to free_parameters_by_snum() Michael --- source3/param/loadparm.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 580136446b..d44d04a7a7 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4616,9 +4616,10 @@ static void free_one_parameter_by_snum(int snum, struct parm_struct parm) } /** - * Free the allocated parameter data for a share. + * Free the allocated parameter data for a share specified + * by an snum. */ -static void free_parameters(int snum) +static void free_parameters_by_snum(int snum) { uint32_t i; @@ -4632,7 +4633,7 @@ static void free_parameters(int snum) */ static void free_global_parameters(void) { - free_parameters(GLOBAL_SECTION_SNUM); + free_parameters_by_snum(GLOBAL_SECTION_SNUM); } /*************************************************************************** @@ -5743,7 +5744,7 @@ static void free_service(struct service *pservice) DEBUG(5, ("free_service: Freeing service %s\n", pservice->szService)); - free_parameters(getservicebyname(pservice->szService, NULL)); + free_parameters_by_snum(getservicebyname(pservice->szService, NULL)); string_free(&pservice->szService); bitmap_free(pservice->copymap); -- cgit From c2bd88f145d73e9a8613d32d313954e3ecdcacd2 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:38:51 +0100 Subject: s3:loadparm: add service-struct based variants of the free-parameter routines and use the abstracted free_one_parameter_common() in old free_one_parameter_by_snum() as well as in new free_one_parameter() Michael --- source3/param/loadparm.c | 53 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 46 insertions(+), 7 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index d44d04a7a7..f2a39d12de 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4585,6 +4585,51 @@ static void init_printer_values(struct service *pService) } } +/** + * Common part of freeing allocated data for one parameter. + */ +static void free_one_parameter_common(void *parm_ptr, + struct parm_struct parm) +{ + if ((parm.type == P_STRING) || + (parm.type == P_USTRING)) + { + string_free((char**)parm_ptr); + } else if (parm.type == P_LIST) { + TALLOC_FREE(*((char***)parm_ptr)); + } +} + +/** + * Free the allocated data for one parameter for a share + * given as a service struct. + */ +static void free_one_parameter(struct service *service, + struct parm_struct parm) +{ + void *parm_ptr; + + if (parm.p_class != P_LOCAL) { + return; + } + + parm_ptr = lp_local_ptr(service, parm.ptr); + + free_one_parameter_common(parm_ptr, parm); +} + +/** + * Free the allocated parameter data of a share given + * as a service struct. + */ +static void free_parameters(struct service *service) +{ + uint32_t i; + + for (i=0; parm_table[i].label; i++) { + free_one_parameter(service, parm_table[i]); + } +} /** * Free the allocated data for one parameter for a given share @@ -4606,13 +4651,7 @@ static void free_one_parameter_by_snum(int snum, struct parm_struct parm) parm_ptr = lp_local_ptr_by_snum(snum, parm.ptr); } - if ((parm.type == P_STRING) || - (parm.type == P_USTRING)) - { - string_free((char**)parm_ptr); - } else if (parm.type == P_LIST) { - TALLOC_FREE(*((char***)parm_ptr)); - } + free_one_parameter_common(parm_ptr, parm); } /** -- cgit From 51118b1974fd91d7f60ed1a68e1eb5717690362b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 15 Dec 2008 14:42:13 +0100 Subject: s3:loadparm: fix copy service error (canonicalize_servicename: NULL source name) this was introduced by commit 3358a139d2dc77eb4c842d41722b1acc24bd2cb2. Michael --- source3/param/loadparm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index f2a39d12de..9a55067b01 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -5783,7 +5783,7 @@ static void free_service(struct service *pservice) DEBUG(5, ("free_service: Freeing service %s\n", pservice->szService)); - free_parameters_by_snum(getservicebyname(pservice->szService, NULL)); + free_parameters(pservice); string_free(&pservice->szService); bitmap_free(pservice->copymap); -- cgit From 530758dc2a6dd6dce083789b328e16e51ba6573d Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 16 Dec 2008 00:16:02 +0100 Subject: Add python extensions for dom_sid. --- librpc/idl/security.idl | 3 +-- source4/librpc/ndr/py_security.c | 58 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 source4/librpc/ndr/py_security.c diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index d88931fc69..4c6aa235d7 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -26,10 +26,9 @@ cpp_quote("#define dom_sid28 dom_sid") /* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */ cpp_quote("#define dom_sid0 dom_sid") - - [ helper("librpc/gen_ndr/ndr_dom_sid.h"), + pyhelper("librpc/ndr/py_security.c"), pointer_default(unique) ] interface security diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c new file mode 100644 index 0000000000..6888f14375 --- /dev/null +++ b/source4/librpc/ndr/py_security.c @@ -0,0 +1,58 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + Copyright (C) Jelmer Vernooij 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ +#include "libcli/security/security.h" + +static PyObject *py_dom_sid_eq(PyObject *self, PyObject *args) +{ + struct dom_sid *this = py_talloc_get_ptr(self), *other; + PyObject *py_other; + + if (!PyArg_ParseTuple(args, "O", &py_other)) + return NULL; + + other = py_talloc_get_type(py_other, struct dom_sid); + if (other == NULL) + return Py_False; + + return dom_sid_equal(this, other)?Py_True:Py_False; +} + +static PyObject *py_dom_sid_str(PyObject *self) +{ + struct dom_sid *this = py_talloc_get_ptr(self); + char *str = dom_sid_string(NULL, this); + PyObject *ret = PyString_FromString(str); + talloc_free(str); + return ret; +} + +static PyObject *py_dom_sid_repr(PyObject *self) +{ + struct dom_sid *this = py_talloc_get_ptr(self); + char *str = dom_sid_string(NULL, this); + PyObject *ret = PyString_FromFormat("dom_sid('%s')", str); + talloc_free(str); + return ret; +} + +#define PY_DOM_SID_REPR py_dom_sid_repr + +#define PY_DOM_SID_EXTRA_METHODS \ + { "__eq__", (PyCFunction)py_dom_sid_eq, METH_VARARGS, "S.__eq__(x) -> S == x" }, \ + { "__str__", (PyCFunction)py_dom_sid_str, METH_NOARGS, "S.__str__() -> str(S)" }, \ -- cgit