summaryrefslogtreecommitdiffstats
path: root/source4/dsdb/samdb
Commit message (Collapse)AuthorAgeFilesLines
* s4:password_hash LDB module - return "ERR_CONSTRAINT_VIOLATION" on password ↵Matthias Dieter Wallnöfer2010-11-131-6/+9
| | | | | | | | | | conversion errors This errors can happen also on a regular basis - then we shouldn't return ERR_OPERATIONS_ERROR (this error code is reserved for very serious failures). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 13 12:37:36 UTC 2010 on sn-devel-104
* s4:objectclass LDB module - multiple "objectClass" change elements are ↵Matthias Dieter Wallnöfer2010-11-131-161/+169
| | | | | | unfortunately still allowed The test message has been compressed - therefore I've now used "modify_ldif".
* samldb: relax groupType modification checksMatthieu Patou2010-11-121-27/+32
| | | | | Allow programs with the PROVISION control to bypass groupType checks. This is needed by upgradeprovision for older alpha (11, 10 ...)
* s4:objectclass LDB module - we should not simply ignore additional ↵Matthias Dieter Wallnöfer2010-11-121-2/+16
| | | | | | | | | | "objectClass" attribute changes There first one we perform all other tentatives are terminated with ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104
* s4:repl_meta_data LDB module - convert two debug messages into error messagesMatthias Dieter Wallnöfer2010-11-121-4/+4
| | | | These regarding "objectGUID".
* s4:samldb/objectclass_attrs LDB modules - move "description" logic from ↵Matthias Dieter Wallnöfer2010-11-122-43/+81
| | | | | | "objectclass_attrs" into "samldb" This according to an answer from dochelp is SAM specific behaviour.
* s4-dsdb Remove incorrectly declared ** variable used as *.Andrew Bartlett2010-11-111-6/+3
| | | | | | | | | | | The cleartext_utf16_str variable was declared char **, but due to the cast on convert_string_talloc() and the lack of type checking here and on data_blob_const (due to void *) it was able to be used as if it was a char *. The simple solution seems to be to fill in cleartext_utf16 blob directly. Andrew Bartlett
* s4-dsdb Convert new krbtgt_xxx password into UTF16Andrew Bartlett2010-11-111-1/+12
| | | | | | | The new stricter test on clearTextPassword values caught out that we did not provide a utf16 password here. Andrew Bartlett
* s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8Andrew Bartlett2010-11-111-1/+5
| | | | | | | | The UTF16MUNGED helper will map all invalid sequences (except odd input length) to valid input sequences, per the rules. Therefore if it fails, we need to bail out, somehing serious is wrong. Andrew Bartlett
* s4:dsdb - proof against empty RDN values where expectedMatthias Dieter Wallnöfer2010-11-113-2/+23
| | | | This should prevent crashes as pointed out on the mailing list.
* s4:objectclass LDB module - allow RDNs also to come from superclassesMatthias Dieter Wallnöfer2010-11-111-11/+39
| | | | Detected by a testcase written by Zahari Zahariev.
* s4:password_hash and acl LDB modules - handle the "userPassword" attribute ↵Matthias Dieter Wallnöfer2010-11-114-12/+59
| | | | according to the "dSHeuristics"
* s4:password_hash LDB module - move "samdb_msg_find_old_and_new_ldb_val" into ↵Matthias Dieter Wallnöfer2010-11-111-16/+77
| | | | | | | | the password_hash LDB module It's only used there and so I think it doesn't really belong in "dsdb/common/util.c" (I first thought that it could be useful for ACL checking but obviously it wasn't).
* s4:local_password LDB module - remove schema checking code and fix some typosMatthias Dieter Wallnöfer2010-11-111-12/+6
| | | | This is now done by the "objectclass_attrs" LDB module.
* s4:ldb_modules/util.c - "dsHeuristics" -> "dSHeuristics"Matthias Dieter Wallnöfer2010-11-111-2/+2
|
* s4:dsdb/operational.c: use DSDB_SECRET_ATTRIBUTES_EX()Stefan Metzmacher2010-11-091-5/+2
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Nov 9 22:43:44 UTC 2010 on sn-devel-104
* s4:dsdb/local_password: use DSDB_SECRET_ATTRIBUTESStefan Metzmacher2010-11-091-7/+3
| | | | metze
* s4:password_hash LDB module - introduce a "userPassword" flag which ↵Matthias Dieter Wallnöfer2010-11-081-15/+37
| | | | | | | | | | | enables/disables the two "userPassword" behaviours - Enabled: "userPassword" password change behaviour (will later be linked to the "dSHeuristics") - Disabled: "userPassword" plain attribute behaviour (default) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 15:28:06 UTC 2010 on sn-devel-104
* s4:password_hash LDB module - deleting password attributes is a little more ↵Matthias Dieter Wallnöfer2010-11-081-6/+6
| | | | complicated
* s4:samdb_msg_find_old_and_new_ldb_val - reworkMatthias Dieter Wallnöfer2010-11-081-4/+11
| | | | | | - don't crash when no values where specified - return ERR_CONSTRAINT_VIOLATION on malformed messages - only check for flags when we are involved in a LDB modify operation
* s4:password_hash LDB module - clear the fact that a delete of password ↵Matthias Dieter Wallnöfer2010-11-081-1/+1
| | | | attributes isn't possible
* s4:acl LDB module - define the delete passwords special case a bit betterMatthias Dieter Wallnöfer2010-11-081-3/+4
|
* s4:objectguid/repl_meta_data LDB module - deny "objectGUID" updatesMatthias Dieter Wallnöfer2010-11-082-0/+17
| | | | | Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 10:36:50 UTC 2010 on sn-devel-104
* s4:objectclass LDB module - no idea why we'd need the "objectGUID" hereMatthias Dieter Wallnöfer2010-11-081-1/+1
|
* s4:objectguid LDB module - make use of "dsdb_next_callback"Matthias Dieter Wallnöfer2010-11-082-30/+6
|
* s4:objectguid LDB module - fix typo in output messageMatthias Dieter Wallnöfer2010-11-071-1/+1
|
* s4:objectguid LDB module - objectGUIDs cannot be specified on add operationsMatthias Dieter Wallnöfer2010-11-071-2/+6
|
* s4:descriptor LDB module - make the "nTSecurityDescriptor" attribute fully ↵Matthias Dieter Wallnöfer2010-11-071-47/+61
| | | | | | | | behave as in AD - fix crash when provided "nTSecurityDescriptor" attribute is empty - print out the correct error codes if it's provided multi-valued - simplify the "recalculate_sd" control handling
* s4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the ↵Matthias Dieter Wallnöfer2010-11-072-10/+20
| | | | | | | | | attribute fetch also on LDB add operations We've to completely ignore the flags in that case. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Nov 7 11:10:23 UTC 2010 on sn-devel-104
* s4:descriptor LDB module - save a pointer to the request message on the ↵Matthias Dieter Wallnöfer2010-11-071-33/+33
| | | | | | temporary "ac" context This prevents two calls of "ldb_msg_copy_shallow".
* s4:descriptor LDB module - by "dsdb_next_callback" we don't need anymore the ↵Matthias Dieter Wallnöfer2010-11-071-33/+2
| | | | | | default operation callback implementations Only customised ones still need to remain.
* s4:descriptor LDB module - remove a bit pointless memory contextMatthias Dieter Wallnöfer2010-11-071-9/+1
| | | | | For only one operation we do not need an additional "mem_ctx". "ac" should be enough (see for example the samldb LDB module).
* s4:descriptor LDB module - remove a "ldb_msg_sanity_check" callMatthias Dieter Wallnöfer2010-11-071-7/+0
| | | | | This check (the structural objectclass) is performed in the objectclass LDB module.
* s4:descriptor LDB module - don't ignore referrals if we are executing an ↵Matthias Dieter Wallnöfer2010-11-071-4/+2
| | | | | | ordinary external search operation Referrals are valid results.
* credentials: Lowercase library name,Jelmer Vernooij2010-11-071-1/+1
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
* ldbsamba: Lowercase library name.Jelmer Vernooij2010-11-071-2/+2
|
* samdb: Lowercase library name.Jelmer Vernooij2010-11-071-75/+75
|
* s4:update_keytab LDB module - we don't need to search for the ↵Matthias Dieter Wallnöfer2010-11-061-2/+2
| | | | | | | "distinguishedName" attribute Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 6 20:08:28 UTC 2010 on sn-devel-104
* s4:operational LDB module - "canonicalName" doesn't make use of the ↵Matthias Dieter Wallnöfer2010-11-061-2/+2
| | | | | | "distinguishedName" attribute It uses the DN from the returned message
* s4:password_hash LDB module - fix indentationMatthias Dieter Wallnöfer2010-11-051-10/+10
| | | | | Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Nov 5 12:31:28 UTC 2010 on sn-devel-104
* s4:dsdb/objectclass_attrs: not all objects have delete protected attributes ↵Stefan Metzmacher2010-11-041-0/+14
| | | | | | | | | | | | | | | | as must contain Before we got the following error, while starting samba after a 'samba-tool vampire': Failed to store repsFrom - objectclass_attrs: delete protected attribute 'objectSid' on entry 'DC=ForestDnsZones,DC=alpha,DC=sz,DC=salzgitter-ag,DC=lab' missing! metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Nov 4 17:01:59 UTC 2010 on sn-devel-104
* s4:dsdb/samdb: optimize samldb_prim_group_change()Stefan Metzmacher2010-11-041-60/+60
| | | | | | We should only do searches when we have to. metze
* s4-dsdb: use LDB_FLAG_MOD_REPLACE for isDeletedAndrew Tridgell2010-11-041-1/+1
| | | | | | | isDeleted could have been set to FALSE previously Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Nov 4 10:18:10 UTC 2010 on sn-devel-104
* s4-dsdb: use LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK in dsdbAndrew Tridgell2010-11-042-2/+8
| | | | | | when we are creating linked attributes with multiple values (some deleted), use LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK to disable that checking.
* Move the checking of single valued attributes back into the tdb backend.Andrew Tridgell2010-11-041-12/+0
| | | | | | | | | | | | | The backend is the only place that can do this properly. It makes no sense to do it anywhere else. As a result of it moving out of the backend we ended up with some bugs causing multiple values in single valued attributes (eg. isDeleted), which can really damage the inregrity of the database. For the override of single valued values needed for deleted linked attributes we should use attribute flags. This reverts commit 1949864417f3d10fb8996df7db259649eb777271.
* possibleinferiors: Report subunit.Jelmer Vernooij2010-11-031-4/+8
|
* possibleinferiors: Fix formatting.Jelmer Vernooij2010-11-031-15/+14
|
* s4:dsdb/samldb: avoid nested unindexed searches in samldb_member_check()Stefan Metzmacher2010-11-031-14/+31
| | | | | | With 20000 objects in the database it's no fun to add members... metze
* s4:descriptor LDB module - a bit cleanupMatthias Dieter Wallnöfer2010-11-031-13/+34
| | | | | | | | | - add more OOM checks where needed - remove message of an error which cannot happen anymore (since now the structural objectclass is always checked by the objectclass LDB module) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 3 18:30:52 UTC 2010 on sn-devel-104
* s4:samldb LDB module - improve the "get_single_valued_attr" call and move it ↵Matthias Dieter Wallnöfer2010-11-032-84/+36
| | | | | | into "ldb_modules/util.c" It will be used by other LDB modules as well.
generated by cgit (git 2.34.1) at 2026-04-01 17:31:18 +0000