summaryrefslogtreecommitdiffstats
path: root/source4/dsdb
Commit message (Collapse)AuthorAgeFilesLines
* Fix the dsdb_syntax_OID_ldb_to_drsuapi functionAnatoliy Atanasov2009-09-031-1/+51
| | | | | | This replace the dsdb_syntax_FOOBAR_ldb_to_drsuapi function, which was left as a TODO code. Implementation in both added functions is completely identical and probably should differ in the future.
* another large change to the linked_attribute moduleAndrew Tridgell2009-09-031-20/+64
| | | | | | | | | | | | | | | This one copes with deleted objects where linked attributes have been set on the module. We hit this when we do the ldb wipe at the start of a provision, which trigers linked attribute updates, but for objects that have disappeared. We need to ensure that the linked attribute updates only happen on the right object, and if the object gets re-created (as happens with a provision) then it is not the right object. To cope with this we record the GUID of the object when the operation that triggered the linked attribute update comes in, and then find the DN by suing that GUID when we apply the change in the prepare commit hook.
* hook on prepare_commit instead of transaction_endAndrew Tridgell2009-09-032-8/+11
| | | | This allows for safe transaction end aborts
* greatly simplify the transaction processing in the partition moduleAndrew Tridgell2009-09-031-51/+29
| | | | | Now that ldb is calling prepare commit separately, the job of the partition module on transaction end is much simpler (and more robust!)
* added dsdb_find_guid_by_dn()Andrew Tridgell2009-09-031-1/+21
| | | | This will be used by the linked_attribute module
* change repl_meta_data to process linked_attributes structures in end_transactionAndrew Tridgell2009-09-031-4/+276
| | | | | | | | When running at functional level 2 or above, the repl_meta_data module can receive linked attribute structures from the repl replication task. These attributes can come through DRS before the associated objects have been created. To cope with this, we need to process linked attributes in the end_transaction hook.
* fixed transaction handling in linked_attributes moduleAndrew Tridgell2009-09-031-76/+4
| | | | | | | | We need to call down to the next transaction function when we finish in linked_attributes. This also changes linked_attributes to use the common dsdb_find_dn_by_guid() function
* add the the linked attributes elements to the repl structureAndrew Tridgell2009-09-032-1/+9
| | | | This exposes the linked_attributes to the repl_meta_data module
* tell the server that we support linked attribute replicationAndrew Tridgell2009-09-031-6/+1
|
* added dsdb_find_dn_by_guid()Andrew Tridgell2009-09-031-0/+78
| | | | | | This came from the linked_attributes module, but now the repl_meta_data module needs the same functionality, so move it to a common routine.
* traverse the ac list in reverse orderAndrew Tridgell2009-09-021-1/+6
| | | | | | items are added to the linked attribute list using DLIST_ADD(), which means to commit them to the database in the same order they came from the server we need to walk the list backwards when we traverse it
* s4:dsdb rewrite the linked_atrributes code to commit in the end_transaction hookAndrew Tridgell2009-09-021-107/+281
| | | | | | | | | | | | | linked attribute changes can come in any order. This means it is possible for a forward link to come over the wire in DRS before the target even exists. To make this work this patch changed the linked attributes module to gather up all the changes it needs to make in a linked list, then execute the changes in the end_transaction hook for the module. During that commit phase we also fix up all the DNs that we got by searching for their GUID, as the objects may have moved after the linked attribute was sent, but before the end of the transaction
* add the partition_control control to replication requestsAndrew Tridgell2009-09-021-0/+22
| | | | | | We know the partition DN from the DRS objects, we need to pass this down the modules below us to ensure they operate on the right partition
* change the dsdb_control_current_partition to not include internal variablesAndrew Tridgell2009-09-022-82/+88
| | | | | | | | | | | | | This structures was used in two ways. In one way it held variables that are logically internal to the partition module, and in the other way it was used to pass the partition DN down to other modules. This change makes the structure contain just the dn which is being passed down. This change is part of the support for linked attributes. We will be passing this control down from above the partition module to force which partition a request acts upon. The partition module now only adds this control if it isn't already there.
* Display ldif formatted versions of all DRS changes at log level 4Andrew Tridgell2009-09-021-0/+18
| | | | This helps a lot with debugging the DRS replication code
* Wrap DRS changes in a transactionAndrew Tridgell2009-09-021-0/+18
| | | | | We should always apply a whole set of DRS changes or none of them. See [MS-DRSR] 3.3.2
* fixed spellingAndrew Tridgell2009-09-021-1/+1
|
* s4:schema Rework dsdb_write_prefixes_from_schema_to_ldb() to use tallocAndrew Bartlett2009-08-261-14/+20
| | | | | | | | | | | This changes dsdb_write_prefixes_from_schema_to_ldb() to use an internal talloc hirarchy, so we can safely give it a NULL context from the python. It also fixes manual construction of the ldb_message - we now use the right helper functions. Andrew Bartlett
* s4:scheam quiet a 'const' warningAndrew Bartlett2009-08-261-1/+1
|
* s4:dsdb Rework dsdb_write_prefixes_to_ldb() to take a schemaAndrew Bartlett2009-08-261-14/+13
| | | | | | | | The aim is to create a function that is more easily wrapped for python, so that we can write the updated prefixMap in an upgrade script. Andrew Bartlett
* s4:dsdb Use helper function to add 'show deleted' controlAndrew Bartlett2009-08-261-20/+10
| | | | | | | This revises tridge's commit 61ca4c491e1c13eb7d97847f743b0f540f1117c4 to use ldb_request_add_control() instead of a manual construction. Andrew Bartlett
* fixed DRS rename of deleted objectsAndrew Tridgell2009-08-251-1/+20
| | | | | | | The objectclass module checks that the target parent exists, and refuses renames if it doesn't exist. For this to work for deleted objects we have to do the search in the objectclass module with the "show deleted" control enabled.
* s4:dsdb Rework show_deleted module not to liniearise the LDAP filterAndrew Bartlett2009-08-251-72/+37
| | | | | | | | Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
* s4:dsdb Use talloc_strndup() to ensure OIDs are null terminatedAndrew Bartlett2009-08-241-8/+11
| | | | | | | | The OIDs are not NULL terminated by the python caller, in line with the LDB API, but we need them to be here, as we were casting them to a string. Andrew Bartlett
* s4:dsdb Add constAndrew Bartlett2009-08-241-2/+2
|
* s4:dsdb remove unused variableAndrew Bartlett2009-08-241-1/+0
|
* s4:dsdb use talloc_strndup() in GET_STRING_LDB() rather than walk off the endAndrew Bartlett2009-08-241-7/+17
| | | | | | | | | | The problem is that samdb_result_string() and ldb_msg_find_attr_as_string() both simply cast the string, rather than ensuring the return value is NULL terminated. This may be best regarded as a flaw in LDB, but fixing it there is going to be more difficult. Andrew Bartlett
* added basic support for rename in DRS replicationAndrew Tridgell2009-08-191-5/+9
| | | | | | | Added simple DRS rename support in replication. This should be done async, and I'm not sure if we should also do any repl data updates to indicate the rename. I'm still learning how this stuff works, but at least this allows a rename on a DC to propogate correctly
* s4: int32 handling: previous fix was not fully correctMatthias Dieter Wallnöfer2009-08-171-1/+1
|
* s4: Make the int32 problem more clear - and fix another errorMatthias Dieter Wallnöfer2009-08-172-1/+5
|
* s4: Fixed the int32 datatype supportMatthias Dieter Wallnöfer2009-08-171-1/+1
| | | | Should finally fix bug #6136 ("groupType", "sAMAccountType" ... attributes).
* make sure we update the current schema->prefixes when we add a new prefixAndrew Tridgell2009-08-171-0/+9
| | | | | | This triggered a failure in the updateNow schema test, as the current global schema was not being updated when a new schema element was added
* s4:schema Allow a schema load on an unconnected databaseAndrew Bartlett2009-08-171-5/+6
| | | | | | | This helps ensure we don't load the schema too often in the provision (allowing a reference in of the schema before the modules load). Andrew Bartlett
* s4:schema Provide a way to reference a loaded schema between ldbsAndrew Bartlett2009-08-171-11/+19
| | | | | | | | This allows us to load the schema against one ldb context, but apply it to another. This will be useful in the provision script, as we need the schema before we start the LDAP server backend. Adnrew Bartlett
* s4: Remove obsolete "samdb_password_quality_ok" function (it's just a ↵Matthias Dieter Wallnöfer2009-08-141-10/+1
| | | | one-line wrapper)
* s4: cracknames.c: Change the handling of the NT_STATUS_NO_MEMORY status resultsMatthias Dieter Wallnöfer2009-08-141-4/+6
| | | | | With the previous check I got random failures when trying to connect to the LDAP server.
* s4:operational - Remove some outdated commentsMatthias Dieter Wallnöfer2009-08-111-12/+0
|
* s4:samldb module - Remove duplicate lineMatthias Dieter Wallnöfer2009-08-111-1/+0
|
* s4:operational module - move and enhancementsMatthias Dieter Wallnöfer2009-08-112-0/+358
| | | | | | This moves the "operational" LDB module to the right place under "dsdb/samdb/ldb_modules" (suggested by abartlet) and enhances it for supporting dynamic generated "primaryGroupToken" for AD groups. This should fix bug #6466.
* use talloc with the global schema consistentlyAndrew Tridgell2009-08-071-1/+2
| | | | | | | | | | Before this change, the first opener of the sam ldb context would become the owner of the global schema, then the autofree context got a reference to the schema. Any subsequent opens of the sam ldb also got a reference. This meant that the talloc hierarchy was inconsistent between the first sam ldb open and subsequent opens. With this change the autofree context becomes the owner of the global schema, and all ldb contexts get a reference.
* fixed several places that unnecessarily take a reference to the event contextAndrew Tridgell2009-08-071-4/+0
| | | | | | | | | | | | | | | These references were triggering the ambiguous talloc_free errors from the recent talloc changes when the server is run using the 'standard' process model instead of the 'single' process model. I am aiming to move the build farm to use the 'standard' process model soon, as part of an effort to make our test environment better match the real deployment of Samba4. The references are not needed as the way that the event context is used is as the 'top parent', so when the event context is freed then all of the structures that were taking a reference to the event context were actually freed as well, thus making the references redundent.
* s4:dsdb Don't cast an ldb_val into a const char * for schema lookupsAndrew Bartlett2009-08-055-52/+129
| | | | | | | | | This removes a number of cases where we did a cast into a const char * of an ldb_val. While convention is to alway have an extra \0 at data[length] in the ldb_val, this is not required, and does not occour at least on build farm host 'svart'. Andrew Bartlett
* Return infinite time for last last logoff when last logoff = 0Matthieu Patou2009-08-031-0/+16
|
* s4: Correct renamed constantsMatthias Dieter Wallnöfer2009-07-311-2/+2
|
* [SAMBA 4] Some cosmetic changes for the LDB modulesMatthias Dieter Wallnöfer2009-07-192-12/+12
| | | | Some corrections which make the code a bit more readable (no functional changes here)
* s4:dsdb Handle dc/domain/forest functional levels properlyAndrew Bartlett2009-07-162-8/+139
| | | | | | | | | | | | Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett
* libds: merge the UF<->ACB flag mapping functions.Günther Deschner2009-07-135-155/+10
| | | | Guenther
* libds: share UF_ flags between samba3 and 4.Günther Deschner2009-07-139-145/+8
| | | | Guenther
* s4:dsdb Allow unicodePwd to be set when adding a userAndrew Bartlett2009-07-091-85/+84
| | | | | | | | Windows 7 sets it's join password using the unicodePwd attribute (as a quoted, utf16 string), and does so during the LDAPAdd of the object. Previously, this code only handled unicodePwd for modifies. Andrew Bartlett
* Add constAndrew Bartlett2009-07-091-2/+2
|
generated by cgit (git 2.34.1) at 2025-09-02 13:19:52 +0000