summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* selftest: Add tests to verify that the named pipe proxy works.Andrew Bartlett2011-07-201-0/+7
| | | | | | | | | This verifies that for NTLM authenticated connections, named pipe forwarding works as expected, including the session keys. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* auth: Split out make_user_info_SamBaseInfo and add authenticated argumentAndrew Bartlett2011-07-204-3/+10
| | | | | | | | | This will allow the source3 auth code to call this without needing to double-parse the SIDs Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-param Handle P_CHAR and P_BOOLREV in pyparamAndrew Bartlett2011-07-201-0/+4
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-lsa: prepare dcesrv_lsa_CreateTrustedDomain_base() to deal with ↵Günther Deschner2011-07-151-15/+16
| | | | | | | | | unencrypted auth info. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Jul 15 19:57:48 CEST 2011 on sn-devel-104
* s4-smbtorture: add very basic tests for lsa_CreateTrustedDomainEx.Günther Deschner2011-07-151-21/+79
| | | | Guenther
* lsa: lsa_CreateTrustedDomainEx takes lsa_TrustDomainInfoAuthInfo, notGünther Deschner2011-07-151-1/+6
| | | | | | lsa_TrustDomainInfoAuthInfoInternal. Guenther
* lsa: rename auth info argument in lsa_CreateTrustedDomainEx2Günther Deschner2011-07-153-5/+5
| | | | Guenther
* s4:kdc: set *_strongest_*_key to true to restore the old behaviorStefan Metzmacher2011-07-151-0/+13
| | | | | | | | | TODO: check why this is needed. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Jul 15 12:26:25 CEST 2011 on sn-devel-104
* s4:auth/credentials: with the build after heimdal importStefan Metzmacher2011-07-151-0/+1
| | | | metze
* s4:heimdal_build: define HAVE_KRB5_PDU_NONE_DECLStefan Metzmacher2011-07-151-0/+1
| | | | metze
* s4:heimdal: add missing filesStefan Metzmacher2011-07-156-1/+642
| | | | metze
* s4:heimdal: import lorikeet-heimdal-201107150856 (commit ↵Stefan Metzmacher2011-07-15312-2505/+3559
| | | | 48936803fae4a2fb362c79365d31f420c917b85b)
* s4:heimdal_build: we need k5crypto and gssapi_krb5 aliases also when using ↵Stefan Metzmacher2011-07-141-13/+7
| | | | | | system libraries metze
* s4:heimdal_build: only maintain lib/gssapi/{spnego,krb5} file lists onceStefan Metzmacher2011-07-141-90/+67
| | | | | | | This also makes sure we only create private headers if we use internal heimdal. metze
* s4:heimdal_build: provide HEIMDAL_UNUSED_ATTRIBUTEStefan Metzmacher2011-07-141-0/+2
| | | | metze
* s4-winbind handle all values for server roleAndrew Bartlett2011-07-141-0/+1
| | | | | Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Jul 14 08:20:13 CEST 2011 on sn-devel-104
* s4-param finish services hooks for s4->s3 loadparm contextAndrew Bartlett2011-07-142-2/+30
|
* s4-param cope with parameters of type charAndrew Bartlett2011-07-141-0/+12
|
* Add intrasite code test switchDave Craft2011-07-142-0/+9
| | | | | | | | | | | | | | kcc_service struct gets a intrasite_code boolean that is filled in via parametric parameter kccsrv:intrasite = [true/false] in smb.conf. This will allow us to continue to utilize old simple KCC topology as continuing default while newer intra-site topology matures further. Signed-off-by: Andrew Tridgell <tridge@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Jul 14 00:19:12 CEST 2011 on sn-devel-104
* Add kccsrv_add_repsFrom() possibility of NULL res argumentDave Craft2011-07-141-2/+2
| | | | | | | | | | | | We need the ability to utilize this function in a different manner. KCC intra-site topology has already vetted the replica as being appropriate to produce a repsFrom from. We do not want kccsrv_add_repsFrom() to produce further checking as was the case for simple topology. Thus if we pass a NULL (res) parameter this extra check will be skipped. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Remove static to allow availability to other KCC filesDave Craft2011-07-141-4/+4
| | | | | | | | kccsrv_replica_flags() and kccsrv_add_repsFrom() need to be available to functions outside kcc_periodic.c Signed-off-by: Andrew Tridgell <tridge@samba.org>
* kcc_connection invocation_id added to structDave Craft2011-07-141-0/+1
| | | | | | | | | | Utilized by KCC to carry the invocation id of the NTDSDSA that we are replicating the name context from. Utilized when NTDSConnection is created (much like dsa_guid tracks the NTDSDSA objectGUID that we are replicating the name context from). Signed-off-by: Andrew Tridgell <tridge@samba.org>
* KCC NTDSConnection should utilize NTDSCONN_OPT_IS_GENERATEDDave Craft2011-07-141-1/+9
| | | | | | | Previously this set an explicit (0x1) value whereas it can now utilize NTDSCONN_OPT_IS_GENERATED from flags.h Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Standalone samdb_ntds_site_settings_options() helperDave Craft2011-07-141-0/+48
| | | | | | | A helper function for retrieving the ntds site settings via standalone function call. Used within KCC Signed-off-by: Andrew Tridgell <tridge@samba.org>
* NTDSConnection and NTDSA Site setting flagsDave Craft2011-07-141-8/+0
| | | | | | | | | Flags that were missing from flags.h or were incorrectly defined inline to the kcc_topology.c code (and thus unusable elsewhere). These are the NTDSConnection and NTDSDSA Site settings flags. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-dsdb: fixed the defaultObjectCategory to have a full GUIDAndrew Tridgell2011-07-131-0/+24
| | | | | | | | | this fixes the DN to have a full GUID for new objects Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jul 13 14:03:30 CEST 2011 on sn-devel-104
* s4-dsdb: another special case for the "member" attributeAndrew Tridgell2011-07-131-1/+6
| | | | | | thanks to Matthias for his great test suite work! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb Don't process deletion of member attributes here.Andrew Bartlett2011-07-131-0/+9
| | | | | | | We don't need to compare the delete against the primaryGroupID check here - that test is for adds. Andrew Bartlett
* dsdb: fixed special case of zero NTTIMEAndrew Tridgell2011-07-131-0/+20
| | | | | | we can't convert 0 NTTIME via a unix time_t Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* dbcheck: use samdb_schema for getting the backlinkAndrew Tridgell2011-07-131-1/+1
| | | | | | this is not available on an ldap samdb Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: use base searches for @ special DNsAndrew Tridgell2011-07-134-21/+20
| | | | | | subtree searches on these DNs don't work any more Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* dbcheck: only do the provision dbcheck if there are objects to checkAndrew Tridgell2011-07-131-13/+14
| | | | | | when in FILL_DRS mode, there are no objects to check yet Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-provision: fixed the GUIDs in the provision using dbcheckAndrew Tridgell2011-07-131-0/+16
| | | | | | | | some DNs are are not setup with GUIDs during the provision because of circular dependencies between objects. This adds a dbcheck pass to the provision to fix those DNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: fixed modify of ACLs on deleted objectsAndrew Tridgell2011-07-131-2/+4
| | | | | | this is needed for the dbcheck code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* dbcheck: only fix replPropertyMetaData if we included it in the searchAndrew Tridgell2011-07-131-11/+14
| | | | | | | if we didn't find a replPropertyMetaData attribute at all then don't try fixing it Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* dbcheck: added checks for missing and orphansed backlinksAndrew Tridgell2011-07-131-19/+18
| | | | | | | | this checks for missing backlinks or backlinks without a forward link and optionally fixes them Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: raise debug level for backlink errorsAndrew Tridgell2011-07-131-1/+1
| | | | | | | when dbcheck is fixing missing backlinks we don't want a DEBUG 0 message Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* dbcheck: fixed ldap check with no database specifiedAndrew Tridgell2011-07-131-1/+1
| | | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* dbcheck: added --reindex optionAndrew Tridgell2011-07-132-3/+20
| | | | | | | this allows you to force a reindex of the database Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* samba-tool: fixed ldapcmp to run as non-root Andrew Tridgell2011-07-131-2/+9
| | | | | | | this avoids the need for access to the secrets database Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* dbcheck: added checking of backlinksAndrew Tridgell2011-07-131-54/+92
| | | | | Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* pydsdb: added get_backlink_from_lDAPDisplayName()Andrew Tridgell2011-07-132-0/+50
| | | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* s4-dsdb: moved checking of duplicate member entries to repl_meta_data.cAndrew Tridgell2011-07-132-35/+20
| | | | | | | | | | | | the samldb checks failed to account for the possibility of a member being removed and added in the same modify operation. This happens (for example) when dbcheck is fixing a SID in a DN. The repl_meta_data.c code already has this check, it just wasn't giving the right specialised error code for the 'member' attribute Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
* s4:libcli/raw: s/SMBchkpth/SMBcheckpathStefan Metzmacher2011-07-123-3/+3
| | | | metze
* s4:winsdb: place wins.ldb in "state dir" instead of "lock dir"Stefan Metzmacher2011-07-121-1/+1
| | | | | | | | | It's not only a cache as we also support static records. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jul 12 16:16:45 CEST 2011 on sn-devel-104
* s4:provision: place the sysvol share under "state dir" instead of "lock dir"Stefan Metzmacher2011-07-121-1/+1
| | | | metze
* s4:param: add "state dir" and "cache dir" optionsStefan Metzmacher2011-07-127-1/+93
| | | | metze
* s4:libcli/raw: remove SMBkeepaliveStefan Metzmacher2011-07-121-1/+0
| | | | metze
* s4:smb_server: s/SMBkeepalive/NBSSkeepaliveStefan Metzmacher2011-07-121-3/+3
| | | | metze
* dbcheck: use get_lDAPDisplayName_by_attid()Andrew Tridgell2011-07-111-11/+3
| | | | | | | this is better than doing a schema search inside the dbcheck code Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Jul 11 07:43:18 CEST 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-25 21:08:22 +0000