summaryrefslogtreecommitdiffstats
path: root/source4/dsdb/samdb
Commit message (Collapse)AuthorAgeFilesLines
* libds: merge the UF<->ACB flag mapping functions.Günther Deschner2009-07-131-4/+4
| | | | Guenther
* libds: share UF_ flags between samba3 and 4.Günther Deschner2009-07-135-5/+5
| | | | Guenther
* s4:dsdb Allow unicodePwd to be set when adding a userAndrew Bartlett2009-07-091-85/+84
| | | | | | | | Windows 7 sets it's join password using the unicodePwd attribute (as a quoted, utf16 string), and does so during the LDAPAdd of the object. Previously, this code only handled unicodePwd for modifies. Andrew Bartlett
* Fix for schemaUpdateNow commandAnatoliy Atanasov2009-07-083-2/+10
|
* Fix some nonempty blank linesVolker Lendecke2009-07-051-78/+76
|
* we can't use the unique index code for samAccountNameAndrew Tridgell2009-07-021-7/+74
| | | | | | | | | | Using ldb unique indexes for samAccountName doesn't work with DRS as the other DC may send us a deleted record (tombstone record), which has the same samAccountName as an existing record. That would then create two records in the same partition with the same samAccountName. So we needed to put back the logic in samldb.c which explicitly checked whether a samAccountName already exists on add
* s4:ldb Allow rootdse module to build without ldb_private.hAndrew Bartlett2009-06-301-1/+2
| | | | | | | It seems quite reasonable to allow modules to re-initialise the set of cached DNs on the ldb context. Andrew Bartlett
* s4: dsdb Avoid using the internal ldb_private.h headerAndrew Bartlett2009-06-304-117/+120
| | | | | | | This job is not complete (the partition module remains a unfinished task), but now we do use the private ldb headers much less. Andrew Bartlett
* s4:dsdb Explain the parsing steps for userPrincipalName cracknames callsAndrew Bartlett2009-06-301-0/+4
|
* Correct some typos in the LDB partition moduleMatthias Dieter Wallnöfer2009-06-291-5/+5
|
* SAMDB: Don't check for "sAMAccountName" twiceMatthias Dieter Wallnöfer2009-06-291-1/+0
|
* Enhancement of "simple ldap map" with "systemFlags" attributeMatthias Dieter Wallnöfer2009-06-291-0/+22
| | | | | Enhance the simple ldap map to support also the "systemFlags" attribute in the correct way.
* Correct handling of 32-bit integer attributes in SAMBA 4Matthias Dieter Wallnöfer2009-06-191-13/+26
| | | | | | | | | | - LDB handles now all 32-bit integer attributes correctly (also with overflows) according to the schema - LDAP backends handle the attributes "groupType", "userAccountControl" and "sAMAccountType" correctly. This handling doesn't yet use the schema but the conversion file "simple_ldap.map.c" which contains them hardcoded. Did also a refactoring of the conversion function there. - Bug #6136 should be gone
* dsdb: Fix build against system ldb.Jelmer Vernooij2009-06-183-3/+3
|
* s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett2009-06-121-9/+9
| | | | | | | | | | | 904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
* Fix more unresolved symbols.Jelmer Vernooij2009-06-021-7/+7
|
* we don't need the unique checks in the samldb code nowAndrew Tridgell2009-06-011-162/+2
| | | | These attributes now use the unique indexing flag
* s4:ldb_modules: Correct typos.Andrew Kroeger2009-05-262-2/+2
|
* s4:ldb: fix extrasemi compile warningBjörn Jacke2009-04-221-1/+1
|
* s4:ldb: do talloc_free and return NULL when we have no matches to returnBjörn Jacke2009-04-221-0/+4
|
* slightly nicer output in our possibleInferiors test codeAndrew Tridgell2009-04-091-2/+2
|
* hook the new possibleInferiors calculation into the schemaAndrew Tridgell2009-04-091-14/+77
| | | | | We now generate possibleInferiors at startup, and return it when requested
* use the prepare_commit op in the partition codeAndrew Tridgell2009-03-311-14/+49
| | | | This makes multi-partition ldb's much safer
* added a --wspp optionAndrew Tridgell2009-03-271-4/+7
| | | | | Adding --wspp to possibleInferiors.py forces it to use the WSPP documented algorithm, which doesn't match windows behaviour
* fixed possibleinferiors.py so it matches windows behaviourAndrew Tridgell2009-03-261-39/+127
| | | | | | | | | | | | This test code builds the possibleInferiors for every class in the schema on a target machine, and compares it to the servers possibleInferiors attribute. The MS-ADTS spec describes how to calculate possibleInferiors for a object, but it seems to have some bugs. The spec says that we need to use AUXCLASSES, and it does not mention the use of the SUBCLASS tree. In trying to match windows behaviour, I found that I needed to ignore the AUXCLASSES and build a SUBCLASSES tree.
* the start of a possibleInferiors test suiteAndrew Tridgell2009-03-241-0/+155
| | | | | | | | | | we haven't implemented possibleInferiors yet. This test is meant to help us understand how it works. It tries to construct possibleInferiors via searches on other attributes, and compares it to the servers constructed possibleInferiors attribute for each class in the servers schema. see [MS-ADTS] section 3.1.1.4.5.21
* added support for parentGUIDAndrew Tridgell2009-03-171-5/+84
| | | | | | | | | | | | | | | This is made up of 4 parts: 1) change our schema to include the parentGUID attribute type 2) in the add hook in the objectclass module, get the objectGUID of the parent and add it to the message as parentGUID 3) in the rename hook in the objectclass module, get the objectGUID of the new parent, and insert an async modify request after the renmam is done 4) added a simple test suite
* s4:password_hash Only store the LM hash if 'lanman auth = yes'Andrew Bartlett2009-03-161-1/+2
| | | | | | | | The clients that do only lanman auth are on their way out, the passwords are case insensitive, it does not support unicode and we should not store such a poor hash of the password if we can avoid it. Andrew Bartlett
* s4: Use same function signature for convert_* as s3.Jelmer Vernooij2009-03-011-10/+7
|
* Add allow_badcharcnv argument to all conversion function, forJelmer Vernooij2009-03-011-3/+3
| | | | consistency with Samba 3.
* Fix headers, ldb_includes.h is a private header,Simo Sorce2009-02-236-3/+7
| | | | do not reference it from ldb.h
* added a workaround to the handling of unicodePwd for Win7-betaAndrew Tridgell2009-02-101-1/+30
| | | | | | | | | | | | | | | | | | The Win7-beta domain process has changed. It no longer uses SAMR for setting the password, and instead uses a ldap modify on a SASL encrypted ldap connection. We didn't handle that as the unicodePwd attribute has a dual use, holding the nt style MD4 hases for DRS replication, but holding a UTF-16 plaintext password for a LDAP modify. This patch copes with the ldap unicodePwd modify by recognising the format and creating the correct attributes on the fly. Note that this assumes we will never get a unicodePwd attribute set in NT MD4 format with the first 2 and last 2 bytes set to 0x22 0x00. Andrew Bartlett is looking at a more robust solution, possibly using a flag to say that this modify came via ldap, and not internal ldb calls.
* s4:schema_fsmo: s/class/sclassStefan Metzmacher2009-02-021-7/+7
| | | | metze
* s4:update_keytab: s/delete/do_deleteStefan Metzmacher2009-02-021-7/+7
| | | | metze
* s4:kludge_acl: s/class/sclassStefan Metzmacher2009-02-021-5/+5
| | | | metze
* s4:extended_dn_out: s/private/p s/new/nattrsStefan Metzmacher2009-02-021-40/+40
| | | | metze
* s4:repl_meta_data: fix segfault after ldb changesStefan Metzmacher2009-01-311-1/+1
| | | | metze
* Fix proxy moduleSimo Sorce2009-01-301-2/+2
|
* Fix all other modules to use ldb_module.h instead of ldb_private.hSimo Sorce2009-01-3015-555/+800
| | | | The only 2 modules escaping the rule so far are rootdse and partitions
* Fix misfiled headers.Simo Sorce2009-01-301-1/+0
| | | | | Some public functions were mistakenly put into ldb_private.h Revert all modules to only include ldb_module.h
* s4:fix the build after 380874ef863866c94c999ef53252b9d30df65e88Stefan Metzmacher2009-01-301-0/+1
| | | | metze
* Fix the mess with ldb includes.Simo Sorce2009-01-309-75/+146
| | | | | | | | Separate again the public from the private headers. Add a new header specific for modules. Also add service function for modules as now ldb_context and ldb_module are opaque structures for them.
* s4:lib/tevent: rename structsStefan Metzmacher2008-12-295-9/+9
| | | | | | | | | | | | | | | | | | | | list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
* Fix more compiler warnings in various places.Jelmer Vernooij2008-12-232-8/+8
|
* Fix more tests, improve repr() functions for various Python types.Jelmer Vernooij2008-12-211-9/+2
|
* Fix various Python-related bugs.Jelmer Vernooij2008-12-211-170/+170
|
* Fix samba3sam test after removal of dom_sid IDL file.Jelmer Vernooij2008-12-181-2/+2
|
* s4:dsdb: remove normalise moduleAndrew Bartlett2008-12-172-206/+0
| | | | | | The extended_dn_out module provides the functionality now. Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb: split extended_dn into extended_dn_in, extended_dn_out and ↵Andrew Bartlett2008-12-176-672/+1515
| | | | | | | | | | | | | | | | | | | extended_dn_store. By splitting the module, the extended_dn_in and extended_dn_store moudles can use extended_dn_out to actually get the extended DN. This avoids code duplication. The extended_dn_out module also contains a client implementation of the OpenLDAP dereference control (draft-masarati-ldap-deref-00). This also introduces a new control 'DSDB_CONTROL_DN_STORAGE_FORMAT_OID' to ask the extended_dn_out module to return whatever the 'storage format' is. This allows us to work with both OpenLDAP (which performs a dereference at run time) and LDB (which stores the GUID and SID on disk). Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb: Make the linked_attributes module set an extended dnAndrew Bartlett2008-12-171-192/+325
| | | | | | | | | | This means that linked attributes will always have the same case form as the actaul entry, as we search for that entry. We then also use the GUID and SID found on that entry to fill in the extended DN on disk. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 08:29:36 +0000