summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* dfsreferral: search client's site and use itMatthieu Patou2011-06-231-2/+2
| | | | | Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Thu Jun 23 01:50:39 CEST 2011 on sn-devel-104
* s4-dbcheck: fix uninitialized errstr in err_dn_target_mismatchMatthieu Patou2011-06-221-2/+3
| | | | | Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Wed Jun 22 21:22:27 CEST 2011 on sn-devel-104
* s4-dbcheck: remove unused includeMatthieu Patou2011-06-221-1/+1
|
* s4-schema: avoid segfaulting if id3.guid is NULLMatthieu Patou2011-06-221-2/+1
|
* s4-samba_dnsupdate: set environment via the env parameterMatthieu Patou2011-06-221-1/+1
| | | | | I faced a situation where the os.environ("KRB5CCNAME") = ... didn't seems to be effective
* s4-upgradeprovision: Don't forget to populate the non replicated objects, ↵Matthieu Patou2011-06-221-2/+4
| | | | and don't touch rIDPreviousAllocationPool
* dbchecker: cope with a broken link to Deleted ObjectsAndrew Tridgell2011-06-221-2/+9
| | | | | if a DN link to Deleted Objects has a bad GUID, we need to use show_deleted
* dbchecker: fixed argument error for -H and DNAndrew Tridgell2011-06-221-1/+1
|
* dbchecker: when fixing a bad GUID in a DN, search by the string DNAndrew Tridgell2011-06-221-1/+1
|
* samba-tool: added --attrs option to dbcheckAndrew Tridgell2011-06-222-8/+15
| | | | this allows checking of a specific list of attributes
* samba-tool: make the dbcheck class available outside of samba-toolAndrew Tridgell2011-06-222-285/+324
| | | | | this will be used in provision, and probably in upgradeprovision as well
* samba-tool: added --quiet option to dbcheckAndrew Tridgell2011-06-221-35/+43
| | | | | this will be used to allow for other tools (such as provision) to call into dbcheck without generating a lot of noise
* s4:winbind/wb_init_domain: use DCERPC_SCHANNEL_128 in order to work against ↵Stefan Metzmacher2011-06-221-1/+1
| | | | | | | | | w2k8r2 metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 22 19:40:47 CEST 2011 on sn-devel-104
* s4:ntvfs/cifs: add option to use S4U2ProxyStefan Metzmacher2011-06-221-0/+49
| | | | | | | | | Note: this doesn't work against a Samba4 KDC yet. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 22 18:17:43 CEST 2011 on sn-devel-104
* s4:auth/kerberos: protect kerberos_kinit_password_cc() against old KDCsStefan Metzmacher2011-06-221-1/+48
| | | | | | | If the KDC does not support S4U2Proxy, it might return a ticket for the TGT client principal. metze
* s4:auth/kerberos: add S4U2Proxy support to kerberos_kinit_password_cc()Stefan Metzmacher2011-06-223-5/+134
| | | | | | | For S4U2Proxy we need to use the ticket from the S4U2Self stage and ask the kdc for the delegated ticket for the target service. metze
* s4-dsdb: bypass validation when relax setAndrew Tridgell2011-06-221-1/+2
| | | | | | | this allows dbcheck to fix bad attributes Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jun 22 12:27:06 CEST 2011 on sn-devel-104
* samba-tool: allow for running dbcheck against a remove ldap serverAndrew Tridgell2011-06-221-5/+14
| | | | this is useful for running it against a Windows server
* samba-tool: expanded dbcheck DN checkingAndrew Tridgell2011-06-221-21/+104
| | | | | | | this now checks for bad GUID elements in DN links, and offers to fix them when possible Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: prioritise GUID in extended_dn_inAndrew Tridgell2011-06-221-8/+11
| | | | | | | if we search with a base DN that has both a GUID and a SID, then use the GUID first. This matters for the S-1-5-17 SID. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: catch duplicate matches in extended_dn_inAndrew Tridgell2011-06-221-0/+12
| | | | | | | | When searching using extended DNs, if there are multiple matches then return an object not found error. This is needed for the case of a duplicate objectSid, which happens for S-1-5-17 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:auth/kerberos: protect kerberos_kinit_password_cc() against old KDCsStefan Metzmacher2011-06-221-1/+47
| | | | | | | | | | Old KDCs may not support S4U2Self (or S4U2Proxy) and return tickets which belongs to the client principal of the TGT. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 22 09:10:55 CEST 2011 on sn-devel-104
* s4:auth/kerberos: remove one indentation level in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-94/+99
| | | | | | This will make the following changes easier to review. metze
* s4:auth/kerberos: reformat kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-32/+41
| | | | | | In order to make the following changes easier to review. metze
* s4:auth/kerberos: don't mix s4u2self creds with machine account credsStefan Metzmacher2011-06-221-24/+76
| | | | | | | | | | | It's important that we don't store the tgt for the machine account in the same krb5_ccache as the ticket for the impersonated principal. We may pass it to some krb5/gssapi functions and they may use them in the wrong way, which would grant machine account privileges to the client. metze
* s4:auth/kerberos: use better variable names in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-27/+41
| | | | | | This will make the following changes easier to review. metze
* s4:auth/kerberos: don't ignore return code in kerberos_kinit_password_cc()Stefan Metzmacher2011-06-221-0/+2
| | | | metze
* samba-tool: added missing GUID component checks to dbcheckAndrew Tridgell2011-06-221-4/+93
| | | | | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jun 22 07:59:30 CEST 2011 on sn-devel-104
* pyldb: added methods to get/set extended components on DNsAndrew Tridgell2011-06-221-0/+51
| | | | | | this will be used by the dbcheck code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* pydsdb: added get_syntax_oid_from_lDAPDisplayName()Andrew Tridgell2011-06-222-0/+45
| | | | | | this gives you access to the syntax oid of an attribute Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: added extended_str() method to pyldbAndrew Tridgell2011-06-221-0/+16
| | | | | | this gives access to ldb_dn_get_extended_linearized() from python Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: expose syntax oids to pythonAndrew Tridgell2011-06-221-0/+10
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* samba-tool: try to keep dbcheck.py in a logical orderingAndrew Tridgell2011-06-221-29/+38
| | | | keep individual error handlers together and separate from driver code
* s4-dsdb: don't add zero GUID to BINARY_DNAndrew Tridgell2011-06-221-9/+11
| | | | | | | When converting from DRS to ldb format for a BINARY_DN, don't add the GUID extended DN element if the GUID is all zeros. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-smbtorture: rework the spoolss notify test a bit.Günther Deschner2011-06-211-16/+15
| | | | Guenther
* s4-smbtorture: use ipv4 addresses for backchannel spoolss change notifyGünther Deschner2011-06-211-1/+1
| | | | | | connections for now. Guenther
* s4/auth: Trivial spelling fixes.Brad Hards2011-06-212-6/+6
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* build: move dynconfig for top level build upAndrew Bartlett2011-06-211-115/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-param Autogenerate the loadparm_globals and loadparm_service tablesAndrew Bartlett2011-06-213-153/+226
| | | | | | | | | | This makes it much easier and less error prone to add new parameters as we merge the s3 and s4 loadparm systems. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jun 21 04:41:54 CEST 2011 on sn-devel-104
* selftest: Run tests for libsmbclient and libnetapiAndrew Bartlett2011-06-212-1/+6
| | | | | | | This adds the known failure for the one test (netbios browsing) that fails. Andrew Bartlett
* s4-torture Enable libnetapi and libsmbclient tests using combined buildAndrew Bartlett2011-06-214-27/+25
| | | | | | | | | | | | | | | Because we now always build the source3 code, we can link directly against a private libnetapi and libsmbclient to test the behaviour of these important APIs. We use a private libnetapi_net_init(), and by using this interface rather than the public one, we can ensure that the correct smb.conf is loaded (as smbtorture4 is a Samba4 semantics binary). The #include of the source3 includes.h is required to do the manual lp_load(). Andrew Bartlett
* s4-cmdline: Rename popt tables to avoid symbol conflictsAndrew Bartlett2011-06-213-12/+12
| | | | | | | | These same names are use in the source3 popt code, which is called from in libsmbclient and libnet. These are then included in the smbtorture binary for testing Andrew Bartlett
* lib/util: Use common d_printf() in the whole codebaseAndrew Bartlett2011-06-211-6/+0
| | | | | | | | | This removes the lang_tdb based varient, the only user of the lang_tdb code is SWAT, which calls that directly. 'net' and 'pam_winbind' are internationalised using gettext. Andrew Bartlett
* s4-param Add my authorship to this scriptAndrew Bartlett2011-06-211-2/+3
|
* Use tevent_req_oomVolker Lendecke2011-06-204-5/+5
| | | | This fixes a few Coverity errors
* tdb2: tie it into build process if --enable-tdb2-breaks-compatRusty Russell2011-06-201-1/+1
| | | | | | | | | | | This is simplistic. We need to support making TDB2 a standalone library, but for now, we simply built it in-tree. Once we have tdb1 compatibility in tdb2, we can rename this option to --enable-tdb2. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb2: create tdb2 versions of various testing TDBs.Rusty Russell2011-06-201-2/+5
| | | | | | | Soon, TDB2 will handle tdb1 files, but until then, we substitute. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb_compat: use tdb_open_compat.Rusty Russell2011-06-203-29/+51
| | | | | | | | | This is a helper for the common case of opening a tdb with a logging function, but it doesn't do all the work, since TDB1 and TDB2's log functions are different types. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* tdb2: #ifdef out TDB_ERR_NOLOCK and TDB_ERR_LOCK_TIMEOUT.Rusty Russell2011-06-201-0/+4
| | | | | | | | These don't exist in tdb2. The former is used in one weird place in tdb1, and the latter not at all. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* ldb: replace 'struct TDB_DATA' with 'TDB_DATA'Rusty Russell2011-06-203-6/+6
| | | | | | | The typedef is TDB2 compatible, the struct isn't. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
generated by cgit (git 2.34.1) at 2025-09-25 21:09:54 +0000