summaryrefslogtreecommitdiffstats
path: root/source4/dsdb
Commit message (Collapse)AuthorAgeFilesLines
* dsdb: make the ATTRIBUTE NOT FOUND more clearMatthieu Patou2010-09-052-0/+5
|
* dsdb: Add missing dependencies for dsdb ldb modules.Jelmer Vernooij2010-09-041-2/+2
|
* s4:dsdb/kcc: use irpc_binding_handle_by_name()Stefan Metzmacher2010-09-032-7/+40
| | | | metze
* s4-dreplsrv: Refactor drepl_replica_sync() to behave as described in MS-DRSRKamen Mazdrashki2010-09-031-8/+111
| | | | | | see: MS-DRSR - 4.1.23.2 Note: Synchronious replication not implemented yet.
* s4-dreplsrv: Helpers to locate source DSA in a partition by GUID or DNS nameKamen Mazdrashki2010-09-031-0/+40
|
* s4-dreplsrv: Helper to find NC by DN or GUID or SIDKamen Mazdrashki2010-09-031-0/+33
|
* s4-dreplsrv: Add caller-specific data parameter for dreplsrv_fsmo_callback_tKamen Mazdrashki2010-09-033-7/+14
| | | | | It is to be used when we need to preserve a state to be used in tha callback when dreplsrv_out_operation is completed
* s4:dsdb Fix attribute being searched for in dereference against Fedora DSAndrew Bartlett2010-09-021-1/+1
| | | | | | | The problem here is that these attributes are not mapped in the simple_ldap_map, and they were changed a while back. Andrew Bartlett
* s4:dsdb Make the dereference control critical if input is criticalAndrew Bartlett2010-09-021-1/+3
| | | | | | | | This helps us ensure that the backend knows about and respects the dereference control if our caller has asked that the extended DN control be considered critical. Andrew Bartlett
* s4:dsdb Don't reload the schema against OpenLDAP backendAndrew Bartlett2010-09-022-3/+13
| | | | | | | The schema should be considered read-only when we are using the OL backend, as we can't update the backend schema in real time anyway. Andrew Bartlett
* s4-kcc: Notify dreplsrv that Topology has changedKamen Mazdrashki2010-08-281-0/+29
|
* s4-dreplsrv: Implement irpc stub to be used to force dreplsrv to update ↵Kamen Mazdrashki2010-08-281-0/+20
| | | | | | | | | internal cache This IRPC calls is to be used whenever repsFrom/repsTo are changed by administrative tool or KCC (i.e. Topology changes). At present, only KCC may change topology.
* s4-dreplsrv: Move partition cache update before scheduling another set of ↵Kamen Mazdrashki2010-08-281-3/+7
| | | | replications
* s4-kcc: Assert when unexpected repsFromToBlob version is passedKamen Mazdrashki2010-08-281-2/+4
| | | | | | | At present we only support v1 structures (Win2k3 and earlier), so it is good to make it obvious. In case we start supporting v2 we will be able to notice this function should be refactored right away
* s4-dsdb: Fixed a compiler warning.Nadezhda Ivanova2010-08-271-1/+0
|
* s4:dsdb_module_find_dsheuristics - free the "DN" also on other exit casesMatthias Dieter Wallnöfer2010-08-261-0/+2
|
* s4-dsdb: Removed an unnecessary space in dsdb_module_find_dsheuristics()Nadezhda Ivanova2010-08-261-1/+1
|
* s4-dsdb: Added utility functions for retrieving dSHeuristics from the module ↵Nadezhda Ivanova2010-08-261-0/+47
| | | | | | stack Also a function to check dsHeuristics value to determine of anonymous access should be blocked
* s4-repl: load RODC partitions using msDS-hasFullReplicaNCsAndrew Tridgell2010-08-252-4/+28
| | | | | | we mark these as incoming_only Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: make more of the UF_* flags available on pydsdbAndrew Tridgell2010-08-251-0/+28
| | | | this really should be moved to IDL
* s4-dsdb: add more DS flags to the dsdb moduleAndrew Tridgell2010-08-251-0/+15
| | | | | | These are from libds/common/flags.h Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: added get_attid_from_lDAPDisplayName() on samdbAndrew Tridgell2010-08-251-0/+46
| | | | | | | This can be used to form the partial_attribute_set list for GetNCChanges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett2010-08-235-29/+26
| | | | | | | | | struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
* s4-dsdb: the RODC_JOIN control also changes samAccountNameAndrew Tridgell2010-08-201-9/+13
| | | | | | | when adding a user with the RODC_JOIN control, the samAccountName is automatically set to the krbtgt_NNNNN form Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: fixed dsdb_get_extended_dn_sid()Andrew Tridgell2010-08-201-1/+1
| | | | | | it should honor the component_name Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: implement RODC attribute filtering overrideAndrew Tridgell2010-08-201-15/+29
| | | | | | | | When a RODC uses extended getncchanges operation DRSUAPI_EXOP_REPL_SECRET it gets an override on the ability to replicate the secret attributes. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-drs: ATTIDs for deleted attributes should be based on msDs-IntId value if ↵Kamen Mazdrashki2010-08-191-2/+2
| | | | it exists
* s4-dsdb: No need for dsdb_syntax_one_DN_drsuapi_to_ldb() to be publicKamen Mazdrashki2010-08-191-3/+3
| | | | It is intended to be used in schema_syntax.c module
* s4-dsdb-syntax: ATTID should be msDs-IntId value for the attributeSchema objectKamen Mazdrashki2010-08-192-14/+55
| | | | | in case object replicated is not in Schema NC and attributeSchema object has msDs-IntId attribute value set
* s4: fix few comment typosKamen Mazdrashki2010-08-192-3/+3
|
* s4-schema_syntax.c: Fix white spaces and alignmentKamen Mazdrashki2010-08-191-55/+56
|
* s4-dsdb: Use dsdb_syntax_ctx in *_drsuapi_to_ldb functionsKamen Mazdrashki2010-08-194-57/+45
|
* s4-dsdb: Use dsdb_syntax_ctx in *_ldb_to_drsuapi functionsKamen Mazdrashki2010-08-194-55/+47
|
* s4-dsdb: Use dsdb_syntax_ctx in *_validate_ldb functionsKamen Mazdrashki2010-08-193-62/+41
|
* s4-dsdb: Add context structure for dsdb_syntax conversion functionsKamen Mazdrashki2010-08-192-0/+19
| | | | | | | | | | | This structure is intended to hold context-dependent data. Syntax-conversion and object-conversion functions need that data to convert objects and attributes from drs-to-ldb and ldb-to-drs correctly. For instance: ATTID value depends on whether we are converting object from partition different that Schema partition.
* s4:auth Change {anonymous,system}_session to use common session_info generationAndrew Bartlett2010-08-181-2/+4
| | | | | | | This also changes the primary group for anonymous to be the anonymous SID, and adds code to detect and ignore this when constructing the token. Andrew Bartlett
* s4:auth Remove system_session_anon() from python bindingsAndrew Bartlett2010-08-181-2/+1
|
* s4:security Remove use of user_sid and group_sid from struct security_tokenAndrew Bartlett2010-08-183-6/+6
| | | | This makes the structure more like Samba3's NT_USER_TOKEN
* s4:samdb_set_password/samdb_set_password_sid - make more arguments "const"Matthias Dieter Wallnöfer2010-08-171-5/+5
|
* s4:samdb_set_password/samdb_set_password_sid - make the adaptions to support ↵Matthias Dieter Wallnöfer2010-08-171-13/+27
| | | | | | the password change control And introduce parameters to pass the old password hashes.
* s4:password_hash LDB module - perform the adaptions to understand the new ↵Matthias Dieter Wallnöfer2010-08-171-8/+26
| | | | password change control
* s4:acl LDB module - support password changes over the ↵Matthias Dieter Wallnöfer2010-08-171-1/+15
| | | | | | | DSDB_CONTROL_PASSWORD_CHANGE_OID control This control is used from the SAMR and "kpasswd" password changes. It is strictly private and means "this is a password change and not a password set".
* s4:DSDB - DSDB_CONTROL_PASSWORD_CHANGE_OID - add a structure as value to the ↵Matthias Dieter Wallnöfer2010-08-171-0/+5
| | | | | | control This contains the NT and/or LM hash of the password specified by the user.
* s4:DSDB - rename the "DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID"Matthias Dieter Wallnöfer2010-08-173-10/+9
| | | | | Rename it to "DSDB_CONTROL_PASSWORD_CHANGE_OID". This control will afterwards contain a record with the specified old password as NT and/or LM hash.
* s4-tests: Added tests for acl checks on search requestsNadezhda Ivanova2010-08-171-0/+218
|
* s4-dsdb: check the type of session_info from the opaqueAndrew Tridgell2010-08-171-2/+2
| | | | | | | we saw a crash with a bad pointer here, and this may help track it down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: added support for UF_PARTIAL_SECRETS_ACCOUNTAndrew Tridgell2010-08-171-2/+9
| | | | | | | when this is in user_account_control the account is a RODC, and we need to set the primaryGroupID to be DOMAIN_RID_READONLY_DCS Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: cope with cracknames of form dnsdomain\accountAndrew Tridgell2010-08-171-2/+8
| | | | | | this is used by w2k8r2 when doing a RODC dcpromo Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumberAndrew Tridgell2010-08-171-1/+8
| | | | | | | | | msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-ldb: added LDB_FLAG_INTERNAL_DISABLE_VALIDATIONAndrew Tridgell2010-08-171-7/+9
| | | | | | | | When this flag is set on an element in an add/modify request then the normal validate_ldb() call that checks the element against schema constraints is disabled Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 00:03:08 +0000